Usage Note 69977: Executing scripts with superuser (sudo) permissions from SAS® 9.4 Environment Manager produces an exit value of 1 and no output
 |  |  |  |
When you execute scripts on a UNIX based OS as the superuser with the sudo command, a consistent exit value of 1 might be reported. When this behavior occurs, no output or execution of the script called is apparent.
This issue commonly occurs when an administrator configures SAS Environment Manager to execute the CLEANWORK script in response to an alert condition. The CLEANWORK script is recommended to be run as sudo or root so that the SASWORK directories that are owned by other users can be removed. The behavior is not exclusive to the CLEANWORK script and might occur in any scenario where you call the sudo command from SAS Environment Manager.
When SAS Environment Manager runs a script, it does not have access to an interactive shell. The script is executed directly on the OS in a non-interactive shell.
In the default configuration of some Linux or UNIX vendors, the sudo command is prevented from running without an attached terminal tty (interactive shell) as a security measure. If tty is configured, SAS Environment Manager is unable to execute scripts with sudo. Attempting to do so always results in an exit value of 1. In order to run sudo from SAS Environment Manager, this setting must be configured to allow sudo with no tty attached.
Modifications to this setting should be discussed with your system administrators. However, it is generally considered to result in no lessened security because the setting can be easily circumvented with a pseudo tty flag. For example, in Red Hat Enterprise Linux 6 and 7, this was the default configuration, but it was later flagged as a bug and revised due to breaking valid use cases. For more information about this example, refer to Red Hat Bugzilla – Bug 1196451.
To check the configuration of your OS or make the required change, complete the following steps.
- Open a terminal.
- Connect to the SAS Environment Manager Server host.
- Edit the /etc/sudoers file (which requires root user permissions).
- Check for the following line:
Defaults requiretty
If this line occurs, the sudo command is configured to require a valid tty. This requirement prevents the SAS Environment Manager Server from executing a script as sudo. Continue to the next step to change this setting and enable this functionality.
- Modify the Defaults requiretty line to the following:
Defaults !requiretty
- Save the /etc/sudoers file. These steps set sudo to allow execution even if no tty is attached to the shell calling the command.
The changes take effect on next shell logon, so you must restart the machine to ensure that SAS Environment Manager is able to use the updated setting.
Operating System and Release Information
| Product Family | Product | System | SAS Release | |
| Reported | Fixed* | |||
| SAS System | SAS Environment Manager | 64-bit Enabled AIX | 9.4 TS1M0 | |
| 64-bit Enabled Solaris | 9.4 TS1M0 | |||
| HP-UX IPF | 9.4 TS1M0 | |||
| Linux for x64 | 9.4 TS1M0 | |||
| Solaris for x64 | 9.4 TS1M0 | |||
| Type: | Usage Note |
| Priority: |
| Date Modified: | 2023-04-06 09:19:31 |
| Date Created: | 2023-03-27 15:34:15 |