Hot fix I8G006 addresses the issue(s) in Base SAS 9.4_M7 as documented
in the Issue(s) Addressed section of the hot fix download page:
https://tshf.sas.com/techsup/download/hotfix/HF2/I9R.html#I8G006
I8G006 is a "container" hot fix that contains the following "member" hot fixes which will update the software components
as needed.
I8E025 updates SAS Threaded Kernel Core Routines 9.4_M7
I8F004 updates SAS Threaded Kernel Secure 9.4_M7
Before applying this hot fix, follow the instructions in SAS Note 35968 to
generate a SAS Deployment Registry report, then verify that the appropriate product releases are installed on your system. The
release number information in the Registry report should match the 'member' release number information provided above for the
software components installed on each machine in your deployment.
The hot fix downloaded, I8G006pt.zip, includes the updates required for all components listed above on all applicable operating systems. To apply this hot fix on multiple machines, you can either save I8G006pt.zip on each machine or save it in a network location that is accessible to all machines.
Do NOT extract the contents of I8G006pt.zip. The hot fix installation process will extract the contents as needed.
The hot fix will be applied using the SAS Deployment Manager. By default, the SAS Deployment Manager will search in the <SASHOME>/InstallMisc/HotFixes/New directory for hot fixes to be applied, but will also prompt for a location if you have downloaded hot fixes to a different directory.
After downloading I8G006pt.zip, follow the instructions for applying hot fixes in the SAS Deployment Wizard and SAS Deployment Manager 9.4: User's Guide.
Please review the CONFIGURATION Important Note above concerning proper selection of the "Configure SAS Hot Fix" option in the SAS Deployment Manager.
The hot fix installation process generates the log file
<!SASHOME>/InstallMisc/InstallLogs/IT_date-and-time-stamp.logfor example, IT_2011-10-31-13.18.21.log. Each attempt to apply a hot fix results in the creation of a new log file giving detailed information regarding the installation process.
Postexec log files are created after the installation is completed and identifies the files that were added, backed up, changed and removed. These log files include the 'member' hot fix id in the name of the file and are also written to the <!SASHOME>/InstallMisc/InstallLogs directory. There is one postexec log for each 'member' hot fix applied (member hot fixes are listed at the top of these instructions).
The content of this hot fix is listed in the hot fix manifest.
MIT Kerberos 1.11.6 or later is required. If the operating system does not provide a supported version, the source code can be
downloaded from
https://web.mit.edu/kerberos/dist/index.html.
This will require building the source code and installing the new libraries. Build and install instructions can be found under
the "Documentation" link on the release page for the chosen version.
Heimdal and Quest are currently not supported.
To fully enforce constrained delegation, additional configuration steps are required in Active Directory. This must be completed by a Domain Administrator with the "Active Directory Users and Computers" tool. Each Kerberos protected resource (e.g., Microsoft SQL Server) that a SAS Workspace Server can connect to must be defined against the account being configured for constrained delegation. If the SAS Object Spawner is running under the "Local System" account, then the services are defined under the Computer Object for the SAS Object Spawner Server. If the SAS Object Spawner is running under a Domain Account, then the services are defined under this account. In the Delegation tab of the account properties in "Active Directory Users and Computers", select "Trust this computer for delegation to specified services only" and "Use any authentication protocol", then add each service the SAS Workspace Server can connect to.
Post Installation InstructionsSAS_CONSTRAINED_DELEG_ENABLED=1 export SAS_CONSTRAINED_DELEG_ENABLED
SAS_SERVICE_PRINCIPAL=MYSAS/my_sas_server.com export SAS_SERVICE_PRINCIPAL
SAS_SERVICE_PRINCIPAL=sas-services@REALM.COM export SAS_SERVICE_PRINCIPAL
<SASCONFIG>/Lev#/sas.servers restart
For each product installed, click the link to be redirected to post-installation instructions.
I8E025 updates SAS Threaded Kernel Core Routines 9.4_M7
I8F004 updates SAS Threaded Kernel Secure 9.4_M7
I8E025 updates SAS Threaded Kernel Core Routines 9.4_M7
After applying this hot fix you must run the setuid.sh script with sudo or be logged in as the root user as shown below.
Enter the following command:
sudo SAS-installation-directory/SASFoundation/9.4/utilities/bin/setuid.sh
Output similar to the following indicates that setuid.sh ran successfully:
Performing the User Authentication setup step required by SAS.
Attempting to setuid bit and change ownership of files:
sasperm sasauth elssrv, to root
User Authentication setup has successfully completed.
For more information about the setuid command see the SAS® 9.4 Foundation and Related Software Installation Guide for UNIX.
I8F004 updates SAS Threaded Kernel Secure 9.4_M7
NONE
This completes the installation of hot fix I8G006 on Linux for x64.
Copyright 2024 SAS Institute Inc. All Rights Reserved.