Contents


Machines

A complete list of machine names is stored on skye: /etc/hosts

Overall setup

  • skye carries /home, /usr/local and other services for internal use. [Single password system on almost all linux machines]
  • wol is now a linux server serving www [No users have accounts on wol. Root password on wol is a different one from skye et al]
  • orkney is now a second server serving wiki (and used to be talks.cam)
  • There are also /data directories on other machines, accessible as /data/xxxx.
  • IEEE Transactions on Information Theory (1953-1997) (whenever it says "load CDROM number x", just hit OK).
    mount /mnt/cdrom/
    chmod -R 755 /data/eigg/ieeetit/; yes n | cp -r /mnt/cdrom/* /data/eigg/ieeetit/
  • all machines also mount the mraos home disc at /ra/home
  • The mraos machines all can mount skyes's /home at /skye/home

  • suggested usage:
    mraos:> ln -s /coll/home/USERNAME coll
  • skye distributes several common files (/etc/hosts,services,passwd...) to the other machines each night. This means that to change a password, the passwd program must be run on skye. Other machines catch up overnight.
  • laptops

    Our four machine names are yell, lewis, kerrera, islaptop. We use the four ip addresses shared between several laptops. Please be aware of the potential clashes and avoid connecting two "identical" machines at once.

    Files with local user knowledge

    Topic
    Yell (old laptop) yell.html
    Uist (dual-boot) uist.html
    latex posters latex directory / README
    cdwriter cdwriter

    Files with local sysadmin knowledge

    Topic
    Setting up machines, TeX, metapost, ghostview, pdfTeX Sanjoy | More from Sanjoy about the old red-hat procedures, some of which may still be helpful
    Matlab

    Sysadmin jobs

    Task Experts
    Linux security patchesPhil
    Windows machine security upgrades Keith V
    Local disc backup system Phil
    Removable disc backup Phil
    Mail server
    Web server Phil C, Carl
    Wiki Phil C, Carl
    Setting up machines Phil C, Philip S, Christian
    Daily propagation (passwords etc) Phil C
    Making new users Phil C, Christian
    Printers Phil C
    TeX, metapost, ghostview, pdfTeX Sanjoy
    magicpoint Seb
    Official liasonPhil C
    Matlab
    google desktop Christian
    webcam, videoconference Carl S

    How to run google desktop

    once only, on skye, run gdlinux. Eventually (2 days later) kill that process, then run gdlinux on local machine, whenever logging in (which gnome may do for you automatically) (put this in your xsession otherwise). You'll access in firefox via a URL like url. Or With danish dates http://127.0.0.1:36671/?hl=en_DK&s=FiORwfVrVWjBQu78-eKDX0evBFw .

    Essential packages for all machines

    Package Notes
    tcsh
    twm
    xv Not GPL. DJCM loves this image program
    xfigDrawing package
    acroreadpdf viewer
    xpdffree pdf viewer
    metapost professional drawing
    octavemultiple versions of octave needed (2.0, 2.1, 2.2)
    gnuplotmultiple versions may be needed
    ups ancient beautiful graphical debugger for C, (sadly not C++), f90
    python with scipy, tkinter, visual-python (python-visual) and python-gnuplot
    idle idle is a python editing environment
    eclipse I think we have some people using eclipse
    image magick
    perl-libraries for doing image things, image size - eg, see ~mackay/bin/size.p
    perl-libraries for doing unicode stuff; convert between unicode formats - eg, see ~mackay/bin/decompose.pl
    dasher!
    mgp
    tcl
    gv and ghostview and gsDJCM likes gv
    tex
    latex, pdftex
    Lesser packages Notes
    kdbg C debugger
    cgdb
    The scripts /usr/local/sbin/install_core_packages and /usr/local/sbin/install_core_packages_everywhere might be useful. These use the file /home/admin/core-debian-packages as the definition of 'essential packages' for Debian and Ubuntu machines.

    Recent changes

    Resources

    machine Ram     Speed Mhz
    
    WARNING - this info is out of date. Please use the "specs"
    command to find out what machine specs (and loads) are
    
    
    arran   512M     1700
    barra    ?        900
    coll   1024M     1500 
    eor      24M     
    harris  256M      200
    islay   128M       75
    jura    384M      300
    lewis    64M      166
    mull    256M      200
    orkney  512M     1000 
    rum      64M      400
    skye    384M      400
    tiree   256M     1000
    uist    256M      700
    wol     128M     
    yell     64M      500
    
    
    

    Serial numbers

    Sun sparcstation 5 (S5 FX1-70-32-P44)
    Serial number 521 M 3192
    Name: wol.ra.phy.cam.ac.uk (131.111.48.24)
    
    rum
    DELL latitude CPt Model number PPX
    DELL LBL P/N 0376P
    Serial number
    0002257D-40550-996-R060  Rev A01
    Service tag R8QL9, express service code 45757341
    
    lewis
    Gateway Solo, Model no: SOLO 2100.
    Serial No: BC096495553. Additional sticker reads "488419"
    
    yell
    Make: Sony Vaio   Model PCG 3192
    Serial number:   28311550  510  1236
    
    
    

    Details

    Click on a machines name for specific information Much of this is out of date too - use the specs command to get up to date details
    Name IP Number Computer Description Computer Location
    arran.ra.phy.cam.ac.uk 131.111.48.251 Linux machine
    Hardware: WOC Pentium III 1.7Ghz 512M
    Software: Linux RedHat 7.1 (Seawolf)
    966
    barra.ra.phy.cam.ac.uk 131.111.48.193 Windows/Linux machine
    Hardware:
    Software: Linux RedHat 7.1 (Seawolf), Windows 98, Windows 2000 Professional
    898
    coll.ra.phy.cam.ac.uk 131.111.48.250 Linux machine
    Hardware: WOC Pentium III 1.5Ghz 1GB RAM
    Software: Linux RedHat 7.1 (Seawolf)
    935A
    eigg.ra.phy.cam.ac.uk 131.111.48.198 Linux machine
    Hardware: dual processor
    Software: Linux DEBIAN
    935A
    eor.ra.phy.cam.ac.uk 131.111.48.48 Sparc Classic (~ Sparc 2) 935
    harris.ra.phy.cam.ac.uk 131.111.48.121 Linux machine
    Hardware: Viglen Genie Pro, PPro/200 256M/2G, 82440FX, Diamond Stealth 64 VRAM (2Mb)
    Software: Linux RedHat 5.1, Windows 95, Windows NT
    898
    islay.ra.phy.cam.ac.uk  131.111.48.119 Linux machine
    Hardware: Viglen Genie PCI, P5/75 128M/2G, 82430FX, Diamond Stealth 64 VRAM (2Mb), SB16 On-board Sound 
    Software: Linux RedHat 5.1, Windows 95, Windows NT
    935A
    jura.ra.phy.cam.ac.uk 131.111.48.120 Linux machine
    Hardware: Dell Pentium II 300 384M
    Software: Linux RedHat 7.1
    966
    lewis.ra.phy.cam.ac.uk 131.111.48.133 Linux
    Hardware: Gateway Solo, P5/150 32M/1.2G, 
    Software: Linux RedHat 4.0, Windows 95
    (961)
    mull.ra.phy.cam.ac.uk 131.111.48.152 Linux machine (currently switched off owing to problem)
    Hardware: Viglen Genie Pro, PPro/200 256M/2G, 82440FX, Diamond Stealth 64 VRAM (2Mb)
    Software: Linux RedHat 5.1, Windows 95, Windows NT
    935
    orkney.ra.phy.cam.ac.uk 131.111.48.168 Linux machine
    Hardware: WOC Pentium III 1Ghz 512M
    Software: Linux RedHat 7.1 (Zoot)
    966
    rum.ra.phy.cam.ac.uk 131.111.48.123 Linux machine
    Hardware: Dell Latitude, Pentium II 400 64M
    Software: Linux RedHat 6.0
    (961)
    skye.ra.phy.cam.ac.uk 131.111.48.158 Linux machine
    Hardware: Dell Pentium II 400 384M
    Software: Linux RedHat 5.1
    961
    tiree.ra.phy.cam.ac.uk 131.111.48.169 Linux machine
    Hardware: WOC Pentium III 1GHz 256M
    Software: Linux RedHat 7.1 (Zoot)
    966
    uist.ra.phy.cam.ac.uk 131.111.48.232 Windows/Linux machine, usually running Win2000
    Hardware: WOC Pentium III 700Mhz 256M
    Software: Linux RedHat 7.1 (Seawolf), Windows 98, Windows 2000 Professional
    935A
    wol.ra.phy.cam.ac.uk 131.111.48.24 Sparc 5 898
    yell.ra.phy.cam.ac.uk 131.111.48.229 Redhat Linux 7.2, Windows 2000 Pro
    Hardware: Sony Vaio SR1K
    (961/6)


    Printers

    We have three laser printers, two of which can do double-sided printing. To print to the printers, use, for example,

    lpr -Pxxxxxx filename.ps

    where xxxxx is a printer name and filename.ps is a Postscript file.

    The printer names are constructed as follows:

    All the printer names begin with the two characters "is".

    The third character specifies which printer it is:

    Mnemonic: they are numbered in order of acquisition.

    If you just use a 3 character name (e.g. "is3") you will get the default behaviour for the printer, i.e. duplex if the printer is capable of it.

    You can also add a 4th character to the printer name to control the output format:

    s = simplex
    d = duplex
    b = "bulk" (2-up (also duplex where possible))
    c = "complex" (uses ghostscript to convert postscript to PCL, for complex jobs which don't print out right)
    e = "efficient" (as bulk, but reduces margins intelligently to produce bigger text)

    Finally, if you used a 'b' as the 4th character, you can optionally add 's' as a 5th character, which indicates that the duplexing should be arranged in a way suitable for binding the printout along the short edge of the paper. By default long-edge binding is used. Examples: for everyday use, you might just use "is1" "is2" or "is3". If you want to force simplex mode on a duplex printer, append "s" to the printer name (e.g. "is3s"), and if you want to use bulk mode (2-up), append "b".

    There are various MRAO printers available, including a colour laser printer. The colour laser is in the small room off the MNOO, and is available as 'xclaser'. The MNOO laser printer is 'hplaser'. There are also print queues for 'phlaser', 'phtrans', etc.


    Jobs

    It has been suggested that users of the IS machines should follow some rudimentary etiquette when running jobs. We propose the following.

    1. All jobs likely to take more than 15 minutes should be 'nice'd to the default. Jobs that will run for a long time (several hours) should be niced at 19. This ensures that things like latexing, postscript viewing, compiling, etc. don't get sluggish.
    2. Run jobs on machines with small load. You can check machine load with 'uptime', 'uptimes', 'specs' or use 'xload' for a continuous trace.
    Whenever possible, choose a machine with load less than 1. Use the script 'uptimes' (/usr/local/bin/uptimes).

    Note that uist, yell, rum are not up all of the time. See the hardware section for details on each machine.

    The "uptimes" and "specs" commands are useful for deciding where to run jobs.


    General usage tips

    Data partitions

    Most machines have a data partition, which is an area of hard disk for storing large data which it isn't appropriate to keep in /home. All the data partitions can be accessed from all machines: for example, the data partition on jura can be accessed (on jura or elsewhere) as /data/jura. Obviously it is most efficient to use the machine where the data is actually stored to avoid relatively slow network access. A single backup 'mirror' of each data partition is kept (see below). Since this offers only moderate protection from disaster, you should make your own backups on DVD-R of important data.

    To list disk usage for all the data partitions, use the command data.

    Passwordless ssh

    It is very convenient to be able to ssh between all the machines in the cluster without having to keep entering your password. Unfortunately a bug in the current version of ssh (?) seems to prevent us from allowing this by a global setting, but you can set it up individually as follows:

    ssh-keygen -t rsa
    (accept the default location, and just press enter when asked for a passphrase)
    cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys2


    Software

    Operating Systems

    SunOS 4.1.3_U1
    Debian Linux
    Linux is run on all the other machines except uist (windows), which is intended to run Windows2000 most of the time.
    Windows 95/98/NT/2000
    barra, rum, yell and uist are able to run Microsoft Windows. When they are running linux the windows partition of the disc can be accessed. e.g.
       /dosc /dosd /win95 /win98 /win2k
    Astrophysics Windows Terminal Server
    It is possible to connect to the MRAO Windows 2003 Server from an X-terminal or from a computer running X (e.g. to run Microsoft Office applications). Contact HLB for an RA account. To connect, simply run the command windows or the command winserv. If that doesn't work, or you want to specify different options, use the rdesktop command directly, e.g. rdesktop -g 1152x865 -a 24 -k en-gb winserv

    Major software programs

    An incomplete list of software and where it is

    Minor utilities

    GIMP
    GNU Image Manipulation Package, on harris and jura. It looks quite good for doing things like Photoshop. Documentation available from the GIMP Homepage
    Image Magick
    See 'man convert'
    xbin:
    Undoes binhex files that come from evil Macintoshes.
    locate - for finding a file by partial name. Will report files on all the data partitions, /home and /usr/local, as well as on the local machine you run it on. (powered from skye's /etc/cron.daily/custom-slocate, and /usr/local/bin/locate)
    NetPBM Package (sun, linux, mrao)
    Netpbm is a toolkit for conversion of images between a variety of different formats, as well as to allow a few basic image operations, build on the PBMPlus package. Documentation can be found using man pbm, pgm, or pnm or via html on NetPBM or PBMPlus.

    WWW and FTP

    wol is a very active web server and ftp server, which servers content from the main /home/ftp area accessible on all machines (wol accesses it via NFS). Users can put stuff into /home/ftp/pub/ or .../pub/www. The ftp server lets "anonymous" in at /home/ftp and they should then cd to pub/username or to pub/incoming if they wish to deposit a file. The latter is the entry point for the web server, so it is the recommended location, and you can put a pointer from /home/ftp/pub/you to .../pub/www/you if you want. To avoid clogging local communications please avoid image-intensive web pages.

    gzip seems to be a good compression algm for ps files. Note that many web browsers seem to behave differently if a .ps.gz file is pointed to as an ftp resource rather than an http resource -- in the former case, ghostview is launched, in the latter, it's not -- weird, so choose an appropriate pointer.

    I'd prefer for wol to remain a web server which just gives out directory listings and files. -- i.e. I don't want fancy cgi-bin stuff that might pose a security risk. But that's open to negotiation.

    httpd and ftpd

    logs are in /var/apache/logs and /var/adm/xferlog on wol.

    CGI

    Please only put up cgi scripts if you understand the security implications. Poorly written cgi scripts are a very common cause of breakins.

    www.inference.phy.cam.ac.uk/cgi-bin maps to /home/webcgi/cgi-bin (imported readonly by wol). If your script needs to read from data files, they should live in /home/webcgi/inputs, since wol deliberately doesn't have any access to ordinary home areas. If your script needs to write to files, it should write to /home/webcgi/outputs, which is the only location which wol can write to which is also accessible on all the other machines.


    Logging in remotely

    Terminal logins

    Use SSH

    Please use ssh (secure shell) and sftp (secure FTP) or scp (secure copy) where possible (telnet and FTP transmit passwords in cleartext).

    From a windows machine, you could use PuTTY, a simple ssh client which you can download from here. For file transfers to/from a windows machine, try WinSCP (google for it) or the command-line pscp and psftp tools (which come with putty).

    SSH via Java

    If you do not have convenient access to an ssh client but do have access to a web browser with java enabled, you can log in securely using these SSH java applets.

    Graphical logins

    VNC

    VNC allows a VNC client (clients are available for linux, windows, Java applet) to interact with a remote desktop (e.g. a unix 'X' desktop or a Windows desktop) on a machine running the VNC server.

    To start the VNC server, you need to be logged in as yourself, not as root. The first time you do this, you need to run vncpasswd. Then run vncserver (which is a script you can customize if you want to change the resolution/colour depth) to create a new 'display' (desktop) on your machine (e.g. jura:1) which can only be viewed via VNC. At this point you will be told the number of the new (virtual) display which has been created. You can then connect from another machine using the windows/linux vnc client (e.g. 'vncclient' on linux).

    You can also connect from any java-enabled web browser by going to the URL http://host.address:580x where x is the display number, e.g. http://jura.ra.phy.cam.ac.uk:5802

    LBX

    Low Bandwith X (LBX) can be used to interact with X programs over a slow connection. Ed knows about this...

    Sysadmin

    IP address management

    Is done by our IT operatives (David, Carl, Oli) at ipregister
    How to add a machine.
    Find its MAC address
    ifconfig eth0
    
    Enter name such as kerrera.inf.phy.
    Enter Mac address, DNS action: ready; Live: true
    Edit /etc/network/interfaces and /etc/hosts.
    * NFS performs really badly if it's routed between subnets, so skye really needs to have two IP addresses, one public and one private. * The IPP/CUPS printer autodiscovery also only works on one subnet, so for this to work tiree (with printer [with failed ethernet interface] attached) also needs two IP addresses. Printing will work fine if it only has one, but machines won't be able to configure themselves automatically to use the printers.

    How to fix a debian installation

    The files are in /home/httpd/html/is/computers/debian-fix/

    Definitions

    The file /usr/local/etc/definitions (a bash script which can be sourced by other admin scripts) is a definitive list of properties like names of machine in the cluster, list of data partitions, etc. So it's a bit like /home/admin/machinenames but bash not csh and "more official". (So, for example, changing the list of data partitions in that file will now add them to the list of slocate databases generated and to the corresponding list of databases the (s)locate command looks in.)

    Root

    The following people are active superusers:

    How to add a user

    Updated 2/6/04 by Seb.

    That's it! The configuration will use gnome by default, but they can choose "Xsession" from the gnome login Session menu to start whatever window manager their .xsession says. This can be made the default, so they wouldn't have to choose that each time.

    Shutdown

    linux: /sbin/shutdown now
    sun: shutdown now

    Building a new machine

    Ask DJT for an IP address

    If you're installing windows, do this first. You can dual boot linux/windows with lilo. If its Win95/98, lilo can go in the MBR. If its NT/2000, then put lilo in the root partition and use fdisk to set the active partition to the linux root partition.

    Look at /etc/apt/sources.list on an existing machine to see what to enter for the Cambridge debian mirror.

    Post-install

    Copy /etc/passwd from skye (it will eventually be rsynced when ssh is set up correctly). Or, you can do the whole hog of postinstall stuff that Sanjoy wrote.

    Mounts

    Mount /home /winxx

    /etc/fstab
    .......
    /dev/hda1               /win98                  vfat    default 0 0
    skye:/home              /home                   nfs     defaults,rsize=8192,wsize=8192
    .......
    

    Exports

    edit /etc/exports on skye and run exportfs. Note that laptops are different to permanently networked machines.

    skye:/etc/exports
    .....
    /usr/local lewis(rw) jura(rw,no_root_squash) mull(rw,no_root_squash)
    harris(rw,no_root_squash) islay(rw,no_root_squash) uist(rw,no_root_squash) 
    .....
    

    Autofs (automounter)

    The config is very simple. See /etc/auto.master and /etc/auto.import on the Linux machines.

    /etc/auto.master
    
    /import /etc/auto.import --timeout 60

    /etc/auto.import
    
    usr-local -rw,intr,nosuid,grpid skye.ra.phy.cam.ac.uk:/usr/local
    mail -rw,intr,noquota,noac skye:/var/mail
    ra-home -rw,intr,noquota mraos:/export/home

    Backups

    Backups (updated July 2006)

    /home

    /home is mirrored nightly onto various other disks. Run 'backups' for more information. /home and /usr/local are also backed up onto two external USB disks every couple of weeks by Seb (done with /usr/local/sbin/backup_to_external_disks)

    /data partitions

    All the /data partitions are mirrored weekly to dedicated hard disks in flotta and pabbay (one copy of each data partition). The mirrored data is accessed as /mnt/datamirror on flotta/pabbay (it's not nfs exported). Check /mnt/datamirror/LOG for details of the last backup, and see /usr/local/sbin/mirror-data-partitions.pl (or ask Seb) for how it works. The script checks for the (uncorrupted) presence of DATA_MIRRORING_MARKER in each data directory before doing the mirror, in an attempt to avoid erasing the mirrored data in the event that one of the data drives fails. So if you suspect a /data partition has become corrupted and you want to avoid overwriting the mirror with that corrupted data, you can either remove DATA_MIRRORING_MARKER from the data partition in question, or alter the line in the script which sets which data partitions are backed up.

    Dat drive on skye

    The drive seems to be able to take everything on one tape. The tapes are labelled, we use 20 tapes in rotation (3 week cycle, 5 tapes per cycles, plus some leeway). The recover program will tell you which tape you need.

    There's a nice networked restore service, too. You can run it from any machine (as root) and it communicates with a server on skye. Run /usr/local/sbin/amrecover. It's got an online index of files that have been backed up, and you can easily select what disk/partition you want to restore from, browse/add files, then extract. If you aren't in the root of the selected partition, it'll warn you, and create the directory structure from your current directory. It's all very easy, use `help' to get a list of commands.

    The configuration files are in skye:/usr/local/etc/amanda/IS-Daily. The index of backed up files, etc. are in skye:/var/log/amanda/IS-Daily/. Each machine keeps logs of how the backups went in /tmp/amanda.

    The system is pretty powerful, and has lots of features I haven't mentioned. For instance running /usr/local/sbin/amoverview (on skye) gives a list of what filesystems have been backed up, when, and at what level. Try `man amanda' for further details.

    Dat drive on wol

    The wol external disc is backed up nightly by the DEC system in the West cambridge computer area. Files can be recovered on wol using the command recover. This service has not been reliable.

  • Elementary operations with wol's dat drive

  • Miscellaneous

    List of random suggestions, rules and regulations

    MRAO Dial-up_lines

    New dial-up line

    EZ-Pointe Touchpad

    This is as a simple as the this webpage would make it out. Plug it in as a Microsoft Mouse (with 3-button emulation under X) and it works. Try xset m 4 20 as a good acceleration setting.