On Thu, 25 Jun 2009 11:43:03 -0400, Stocker, Herman <[email protected]> wrote:
>I have a SAS job that I run without any problems. However, when I had a >co-worker run it he has been getting errors. > >First he got error when starting the job: > >ICH408I USER(IMSSB ) GROUP(@UNIXAPP) NAME(BARKEY, STEVE ) 609 > /u/imssb CL(DIRSRCH ) FID(01E3E2D6D4F0F9001627000000000003) > INSUFFICIENT AUTHORITY TO CHDIR > ACCESS INTENT(--X) ACCESS ALLOWED(OTHER ---) > EFFECTIVE UID(0000007096) EFFECTIVE GID(0000007000) The message should be reasonably self-explanatory to those who understands UNIX access control, and if you have such persons at your shop I suggest contating them for assistance. Alternatively, I would hope that the SAS folks could help you. But in a nutshell, either /, /u, or /u/IMSBB has the wrong permissions or the wrong ownership (probably permissions). UNIX users need eXecute authority to traverse directories, and your user is neither the owner of the directory in question, nor is any of his groups the owning group for the directory in question, and so he is using the permissions for "other" (sort of like UACC in RACF profiles). You need to find that directory, and either change its ownership, or change its permission bits to grant eXecute to "other", or connect the user to the right group that owns the directory, or create an ACL (access list) on that directory that grants the user or one of his groups eXecute acess. The UNIX "ls" command can tell you the permissions of each of those directories. Or there's an AUDITID tool on the UNIX Tools and Toys web page that can perhaps tell you directly based on that FID value. I would guess it's the IMSBB directory that's setup incorrectly, though. You probably want it to have permissions 755 (Read/Write/eXecute for owner, R-X for owning group, R-X for other), which the UNIX "chmod" command can set for you. For any extended discussion of how this all works (UNIX and file security not SAS specifically), the MVS-OE mailing list is probably a better place. -- Walt Farrell, CISSP IBM STSM, z/OS Security Design ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
