This is a follow-up to my prior post on Getting SAS® Software running on Arch Linux 64-bit. In my quest for a new Linux distro the next stop was CrunchBang Linux. I like the look of CrunchBang because it’s lightweight, based on Debian, and uses Openbox by default. Being Debian based, like Ubuntu, I get to re-use the knowledge I gained from using Ubuntu over the last few years (it’s hard not to automatically type apt-get whenever I want to install something!). CrunchBang is not a rolling release distro like Arch or Gentoo but it’s other attributes make it well worth a look. I’ve seen a disclaimer on the web site where they say it “… could possibly make your computer go CRUNCH! BANG!” but from everything else I’ve read it sounds pretty stable. Anyway, I like my (own) computers to go crunch bang every now and then – it’s a great opportunity to learn something new 😉
I installed the CrunchBang 11 “Waldorf” 64-bit testing image in a multi-boot configuration, alongside Arch and Ubuntu, to test it with our existing SAS deployments. These are the steps I needed to take to get the existing SAS software installation running on CrunchBang 64-bit. As with Arch, no changes were needed to the SAS deployments, it just required a few minor changes and additional libraries for the CrunchBang installation.
After CrunchBang had been installed and I’d mounted the SAS installation volume, I tried to run SAS 9.3 M2 first and got the following error: Continue reading “Getting SAS Software running on CrunchBang Linux 64-bit”
A little while ago, as part of the work on our recent Metacoda Plug-ins 3.0 R2 release, I used SAS® 9.3 M2 to set up a metadata bound library by following the useful instructions in the Setting Up a Metadata-Bound Library section of the SAS® 9.3 Guide to Metadata-Bound Libraries document. This post is about verifying that, post-setup, I no longer had direct access to the tables in the library.
Metadata bound libraries allow you to force clients to visit the SAS Metadata Server first, before they can gain access to the contents of the tables in the library. This gives the metadata server the opportunity to verify appropriate metadata access permissions. Direct access to those secured libraries and tables from Base SAS, without a visit to the metadata server, will be blocked. I first heard about metadata bound libraries at the SAS Global Forum in April this year and had been looking forward to trying them out. If you’re interested in them as well I recommend reading the documentation. Andy Ratcliffe wrote a NOTE: blog post about them recently too. If you don’t yet read Andy’s NOTE: blog I’d definitely recommend adding it to your RSS reader, and he also wrote a post last week about RSS in How Do You Read?.
This is the code I use to configure the metadata bound library (not the real pwencoded password):
libname hr '/opt/sas93m2/config/Lev3/SASApp/Data/HR';
proc authlib library=hr;
securedfolder='/System/Secured Libraries/HR Secured Data'
After configuring the metadata bound library I wanted to verify that it had worked and that I hadn’t missed any steps. I wanted to check that the physical tables had been modified in such a way to prevent direct access from SAS processes that attempted to bypass the metadata server and go direct to the tables themselves. Continue reading “Testing Direct Access to SAS Metadata Bound Libraries and Tables”
Recently, I’ve been looking to switch from Ubuntu to an alternative distro as the primary Linux platform for our Metacoda development/testing environments, where we also run SAS® software. I’ve run quite a few distros in my time including Slackware, RedHat (pre-Fedora), Fedora, Gentoo & Ubuntu. Ideally I’d like something lighter and perhaps a rolling release too: lighter, so more resources go to SAS; rolling release, because given the choice I prefer regular small upgrades to occasional big upgrades. One of the potential candidates is Arch Linux and so I’ve recently installed it, in a multi-boot configuration with the existing Ubuntu installation, to test it with our existing SAS installations. This is one of the things I love about running SAS on Linux. The SAS software gets installed and configured once and the underlying operating system can be completely upgraded or replaced without having to re-install SAS. It might just take the installation of a few libraries to get everything working again but that’s not much compared to the effort of re-installing and configuring our SAS 9.3 M2, SAS 9.3 M0, SAS 9.2 and SAS 9.1.3 SP4 dev/test environments.
These are the steps I needed to take to get the existing SAS software installation running on Arch Linux 64-bit. No changes were needed to the SAS deployments, it just required a few additional libraries to be added to the Arch installation. If you’re wondering why several SAS versions?, it’s because we need to test our Metacoda software with each of them. The SAS 9.3 and 9.2 installations are 64-bit and the older SAS 9.1.3 installation is 32-bit (so takes a bit more work).
SAS 9.3 (and 9.2)
After Arch had been installed and I’d mounted the SAS installation volume, I tried to run SAS 9.3 M2 first and got the following error: Continue reading “Getting SAS Software running on Arch Linux 64-bit”
We recently released an update to our Metacoda Security Plug-ins (V3.0 R2) with support for use with SAS® 9.3 M2. This of course required testing with a variety of SAS Metadata Server versions and different versions of SAS Management Console clients too. We could rule out SAS 9.1.3 because our V3 plug-ins are only supported for use with SAS versions 9.2 and 9.3 but that still leaves SAS 9.2 M3, SAS 9.3 M0 and SAS 9.3 M2 because there are small SAS metadata model differences between all of these. For example SAS 9.3 M0 has new metadata model types CalculatedMember, FavoritesContainer, NamedSet, and Search, which are not present in SAS 9.2. SAS 9.3 M2 also has new metadata model types SecuredLibrary and SecuredTable not present in SAS 9.3 M0.
The obvious combinations to test are the matching SAS Management Console and SAS Metadata Server versions, 9.2 to 9.2, 9.3 M0 to 9.3 M0, and 9.3 M2 to 9.3 M2. However we also need to test mismatched client and server versions because some mixed combinations are allowed. I’m sure you can imagine situations where the SAS Metadata Server version is upgraded but a few client workstations still have older SAS Management Console versions installed. Or perhaps someone is using a newer SAS Management Console version but accidentally connects to an older SAS Metadata Server in the middle of a migration project.
The following table shows the combinations of client and server versions where we have tested connections (to see if we need to test our plug-ins): Continue reading “SAS Management Console: Client and Server Versions”
I ran into a tricky issue today whilst migrating some Access Control Templates (ACTs) from an old SAS® 9.3 M0 deployment to a new SAS 9.3 M2 deployment. I’d seen it before and I initially forgot how I resolved it. It took a little while to rediscover the method that worked so I’m blogging it in the hope I won’t forget it in future. Perhaps it will help others too.
As you may know, SAS 9.3 has virtual folders that allow you to export security metadata like users, groups, roles and ACTs. It’s quite handy. We use it at Metacoda to migrate some security metadata we carry over from version to version for testing and demonstrating our Metacoda Security Plug-ins. You can find more information about migrating security metadata on the SAS web site in the Promotion Details for Specific Object Types section of the SAS 9.3 Intelligence Platform: System Administration Guide, Second Edition.
I had successfully exported a package of ACTs from my source 9.3 M0 environment, but when I tried to import them into my target 9.3 M2 environment I saw the following error message:
It was quite puzzling. It said I had to import ACTs into a specific folder, but that was the very same folder I was trying to import into. I had a feeling of deja-vu. I realized I’d seen this back when I first set up our SAS 9.3 M0 environment and was testing migration of security metadata between levels for the same SAS version. Continue reading “Migrating SAS Access Control Templates”