Installation Instructions for Hot Fix F61007

64-bit Enabled Solaris


Hot fix F61007 addresses the issue(s) in SAS Scalable Performance Data Server 4.53 on 64-bit Enabled Solaris as documented in the Issue(s) Addressed section of the hot fix download page:

https://tshf.sas.com/techsup/download/hotfix/HF2/F61.html#F61007


The hot fix downloaded, F61007pt.zip, contains the updated files required to address the documented issues.
Do NOT extract the contents of F61007pt.zip. The hot fix installation process will extract the contents as needed.


IMPORTANT NOTES

  1. You must have SAS Scalable Performance Data Server 4.53 installed on your system before applying this hot fix. Refer to SN-35968 for instructions on how to determine which product releases you have installed.

  2. Files delivered in this hot fix will be backed up during the installation process. However, it is good general practice to back up your system before applying updates to software.

  3. You must have Administrator Privileges on your CLIENT or SERVER machine.

  4. All currently active SAS sessions, daemons, spawners and servers must be terminated before applying this hot fix.

  5. This hot fix should be installed using the same userid who performed the initial software installation.


INSTALLATION

The F61007 hot fix for SAS Scalable Performance Data Server 4.53 will be installed using the SAS Deployment Manager. By default, the SAS Deployment Manager will search in the <SASHOME>/InstallMisc/HotFixes/New directory for hot fixes to be applied, but will also prompt for a location if you have downloaded hot fixes to a different directory.

After downloading F61007pt.zip, follow the instructions for applying hot fixes in the SAS Deployment Wizard and SAS Deployment Manager 9.3: User's Guide.

The content of this hot fix is listed in the hot fix manifest.


POST-INSTALLATION INSTRUCTIONS

Password Database Audit Logging onto the System Log

This feature will log changes to the SPD Server psmgr database to a system log that is secure from all users except the system administer.

The feature is enabled by the system administrator (root access) on the host where SPD Server is installed as follows:

  1. Create a file called /etc/spds.rc containing the line

    SYSLOG=YES

  2. The /etc/spds.rc file must be read-only by the SPD Server (the uid who started up the server).
  3. Enable system logging of user.notice messages.

An example of enabling user.notice messages on a 64-bit Solaris system is to add an entry to the /etc/syslog.conf file to indicate where the user.notice messages will be sent. The following entry in /etc/syslog.conf will send the user.notice messages to file /var/adm/messages:

	user.notice                    /var/adm/messages
Enabling system logging on Linux systems vary based on the type and version of the Linux operating system.

You should consult the syslog.conf(5) and syslog(3) man page for detailed information on how to enable user.notice system messages and direct their output to a file.

You can validate user.notice messages are configured correctly by issuing the following command: logger -p user.notice "This is a test of the user.notice syslog entry". You can then check the configured log file for the test message to determine if the syslog setup is correct.



When psmgr database auditing is enabled, changes to the psmgr database by the psmgr utility and by the SPDS SMC Password Manager panel will be logged to the system log as user.notice messages.

Messages are logged when the SPD Server password database is updated by

opuser is the userid of:

opuser is SPDSSMC if the change was made by the SPDS SMC

Messages sent to the syslog are:

   "SPDS AUDIT opuser ADD userid "

   "SPDS AUDIT opuser GROUPDEF newgroupname"

   "SPDS AUDIT opuser AUTHORIZE username"

   "SPDS AUDIT opuser DELETE username"

   "SPDS AUDIT opuser GROUPDEL groupname"

   "SPDS AUDIT opuser RESET username"

   "SPDS AUDIT opuser CHGPASS username"

   "SPDS AUDIT opuser GROUPMEM group1 ... group5"

   "SPDS AUDIT opuser CHGAUTH userid"

   "SPDS AUDIT opuser CHGEXPIRE userid"

   "SPDS AUDIT opuser CHGTIMEOUT userid"

   "SPDS AUDIT opuser CHGFAIL userid"

   "SPDS AUDIT opuser CHGPERFCLASS userid"

   "SPDS AUDIT opuser EXPORT"



This completes the installation of hot fix F61007 on 64-bit Enabled Solaris.

Copyright 2015 SAS Institute Inc. All Rights Reserved.