FAQ

From Compute
Revision as of 21:47, 5 October 2009 by Anderson (talk | contribs)
Jump to navigationJump to search

Under Construction

About our Linux system

  1. Where is there more information about Linux?

    Check out the Linux Document Project.

  2. Is there a User manual?

    There is extensive documentation under /usr/doc, /usr/share/doc and /usr/doc/HOWTO. In addition, of course, there are the standard UNIX man pages and info pages. The KDE desktop environment provides a help tool. Also, Google is your friend.

  3. Do We have ZZZ?

    Try `which ZZZ`, `man ZZZ` or `man -k ZZZ`

  4. How is our system configured?

    There are several specialized servers and a set of workstations, See here for more details.

  5. How do I connect from home?

    Most users have a commercial ISP, then connect to our system via ssh. If you have a PC/MAC and an account with an internet service provider you should be able to connect via ssh.

  6. Which shell should I use?.

    Only the bash shell is supported locally. This is the default shell for new accounts. Non-experts are strongly advised not to use other shells as no hand-holding is available for users of them. If you use another shell, you may have to edit your initialization files to, for example, fix your path.

  7. My disk quota is exceeded.

    There are two reasons why quotas exist. Space in /home is backed up and therefore the files are stored several times. Quotas prevent a single user from filling up (possibly by accident) the whole file system which would make the whole system unusable. If you are short of space, here are some suggestions:

    • Use the /scratch (or /scratch-local on a workstation) area for temporary storage, for example you can put temporary data files or binaries there.
    • Clean up your files, get rid of ones that can be regenerated trivially, such .dvi or stuff downloaded from the WEB. Use gzip to compress files that you are keeping for archival reasons. Do not keep duplicates of system files in your own area.
    • Reduce the size of firefox's disk cache or try putting the firefox cache files in one of the scratch areas or in /tmp. To do this, under firefox preferances you will find a menu about the cache. First clear the current disk cache and then create a new one in /tmp/yourusername/.netscape, i.e. change /home to /tmp.
    • If all else fails, send mail to root and ask for more quota. Your request will not be granted if your file system is badly organized or you appear to have lots of junk files.
  8. How do I tell where my disk space is being used?

    Use the command du from your main directory. It lists your directories and the total space used in each of them. The command quota shows your disk quota and total usage.

  9. What desktop environments are available?

    When you are presented with the graphical logon screen there will be a dropdown listbox labeled "Session Type."

    The default desktop environment is whatever you got the last time you logged in. If you have never logged in before you get the system default, which is KDE. There are several other window managers available. There is GNOME which is similar in appearance to KDE, but has a different set of default applications and slightly different desktop behavior, and twm (EXTREMELY minimal, this is not recommended. twm is what you get if you choose Failsafe). If you find that KDE and GNOME are too slow on the computer you are using, you may wish to try icewm. It is minimal but does not require much memory.

  10. Whom do I complain to?

    Send mail to root(at)thsrv.lbl.gov with as much detail as possible. Minimum information must include the complete error message given by the failed process. Comments such as "I got some error message that I cannot understand" are not helpful and will be ignored.

  11. Postscript Issues

    If you have a postscript file that will not print, or that you cannot view with ghostview, run ps2pdf on the .ps file to produce a .pdf file then view it with acroread. Some office applications produce postscript that will not print or view properly. The program ps2pdf is a Linux hack that undoes the corruption to produce a good pdf file.

  12. How is the file system structured?

    Anything that came with the Scientific Linux system is in /usr. /usr/local and /opt are used for other system installed software. /home is NFS mounted from a server and is visible on all the workstations. The global /scratch is visible from all of the nodes. Each of the workstations has a private scratch area called /scratch-local. None of these scratch areas are backed up, but nor are any of them auto-cleaned.

  13. Can I read an Office file?

    Openoffice.org is installed on all of the workstations. There should be an icon under the K menu (look in the "Office" folder). You can also start openoffice by typing 'ooffice'

  14. How do I use Mathematica?

    Currently, we have Mathematica 7 available on three servers: thmath, thmath2 and thmath3. Versions 6, 5.2 and 4.0 are also installed on some of these servers. If you need an old version, have a look in /usr/local/bin to find the names of the commands for the old versions. At any given time, only 2 users may use a version of Mathematica. http://phyweb.lbl.gov/cgi-bin/mathematica.pl will show you what licenses are currently in use. To start the program, you may ssh to thmath, thmath2 or thmath3 and execute 'mathematica' On thmath, the default version of Mathematica is 5.2. If you want to run the 4.0 version, you will need to use the command "mathematica.40". Unfortunately, Mathematica fonts for version 5.2 do not seem to work with version 4.0 or 4.1. To use the older versions of Mathematica you may add old fonts to your font path with the command: "xset fp+ /misc/sw/local/Math-Fonts/BDF"

  15. Mathematica takes forever.

    Usually this is because it has expanded a large expression and it is now thrashing about. Use top to see if your Mathematica Kernel is using a huge amount of memory. Please kill your process if this has happened. You will have to get smarter, try removing sub-expressions. Maple occasionally does better on this type of thing, but the version of Maple we have is quite old now. Otherwise you can try form which was designed to handle the huge expressions that appear in Feynman diagrams.

  16. My workstation seems unusually sluggish.
    This is usually caused by processes in the background eating up tons of CPU. Firefox is the most common culprit. Use "top" to see what's running and how much CPU time it's taking up. If you own the process you can kill it. Type "kill -9 PID" where PID is the process ID number reported by "top" or "ps" If the process belongs to someone else, ask him or her to kill it (if it's not legitimate). If you can't find him, send mail to root asking him to kill it.
    Screensavers may use large amounts of CPU also. If you are sitting at the console, of course you don't notice because you are not doing anything while the screensaver is running. But if you login remotely, or are running jobs in the backgrougn, you may find that your screensaver is competing with you. If this turns out to be the case, try a less CPU intensive screensaver, or simple screen blanking.
  17. Is there a scanner I can use?.

    There is a color scanner connected to thmath3 located in 50A-5101A. Run 'xsane' or 'kooka' to use it.

    The Kyocera Copy machine located in 50A-5101 has a scan function. You can scan documents to an email address (the image will arrive in PDF format), or directly to any Mac or Windows computer that has the (free) client software installed. See the Scanner_HOWTO for more detailed instructions. This machine is black and white only

  18. Can I listen to RealAudio format lectures on my workstion?

    All of the workstations have sound capability. If sound is not enabled on your workstation and you need it, please ask management. We try to keep all the workstations up to date, but sometimes things break, and we have no way of knowing unless users ask for help. So if something does not work on your workstation, please ask for assistance.

Printing Information

  1. How do I print?
    Standard unix lpr works.
    See man lpr, the printer theory2 is the double sided printer in 50a-5101
    lpr -Ptheory2 file.ps
    sends the file.ps to it. There is a filter that determines file types. If you get no output, the odds are that your file is not printable. The printer theory3 is in 50-5056.
    If the printer is not specified the file goes to your default printer, which is theory2. You may change your default printer by putting this in your .bashrc file.
    export PRINTER=theory3
  2. How do I print single-sided?
    To print single-sided output on theory2 and theory3, append /single to the printer name.
    E.g., lpr -Ptheory2/single myfile.ps
    The other group printers are all single-sided by default.
  3. How do I make Mathematica Print Properly?
    If mathematica notebooks do not print properly, you may need to check the box that says "Include Mathematica fonts in document" in the Mathematica print dialog box.

Mail Information

  1. What do I do about mail?

    It is required that you register with the LBL EPO (Electronic Post Office). This will give you a YourName@lbl.gov email address.

    On the application you must tell the EPO where to deliver your mail. It is preferred that you apply for an IMAP account on the lab's main email server. You may do this at the same time as you apply for you EPO address.
    Do not tell the EPO or your correspondents to send mail directly to your workstation. The private workstations do not receive email directly.
    You should learn one of the unix mail agents, which one is a matter of taste. Do not use more than one agent.
    The simplest, but not most feature-rich way to read email is to use the lab's IMAP web interface. Simply visit http://www.lbl.gov/mail from any web browser.
    If you are using thunderbird go to "Edit->Account Settings" and choose to add an account. The incoming mail server should be "imap4.lbl.gov" and the outgoing mail server is smtp.lbl.gov. SSL must be enabled to read mail.
    If you're using pine, enter "Setup" then "Config." Make sure that "inbox-path" is set to {imap4.lbl.gov/ssl/novalidate-cert/user=YOURUSERNAME}inbox, where YOURUSERNAME is your IMAP username.
    Whichever mail agent you use, it is strongly recommended that you configure it so that it automatically sets the "Reply-To: " field to your address in the central mail server.
    In pine, choose "SET UP", then Config and set the "customized-hdrs" entry to Reply-To:your-address@lbl.gov
    eg Reply-To:JQPublic@lbl.gov
    Anyone who replies to your mail will then have it sent via the central server.
    Basic usage of the Lab's IMAP server is free, but there is a 3GB quota for mail storage. Exceeding this quota can incur very large costs for the group (up to $300 per month). Please read the IMAP FAQ for more details and tips on how to responsibly manage your email usage.

  2. Which mail agent should I use
    For simplicity you cannot beat the Web Gateway, but this method has a few disadvantages. It is difficult to sort mail if you have many messages in your inbox, and you cannot make local folders. Any folders you create with the web gateway will also be located on the IMAP server, so this cannot be used to manage quota problems. Still, it is simple and requires no configuration, and can be used from any web browser. Even if you usually use a different client, you will probably find yourself checking email from the web gateway at some point (on vacation, at a relative's house, etc.)
    The web gateway also offers the simplest interface to set vacation forwarding.
    Thunderbird is probably the simplest modern email client.
    You may want to try kmail, the KDE mail client, or evolution, the GNOME mail client.
    pine is not too bad and works on all terminals. mutt is similar.
    If you use EMACS for editing then you can use it to deal with mail. Make sure that you understand what format your mail reader is using; mail read and stored in one mail reader may not be readable from another. Before using ``reply in any mailer make sure that you understand the difference between reply and Reply.
  3. How do I have my mail redirected?

    If you are using the lab's IMAP server for your mail, as recommended, this is quite simple. Go to the mail web gateway at http://www.lbl.gov/mail Login and go to the "Options" tab. Push the "Settings" button. At the bottom you can enter any number of addresses to have copies of your mail forwarded to.

  4. What about mail if I am incommunicado?

    If you are using the lab's IMAP server for your mail, as recommended, this is quite simple. Go to the mail web gateway at http://www.lbl.gov/mail Login and go to the "Options" tab. Push the "Vacation Message" button. This will allow you to set a time window for your vacation, and to enter an away message.

TeX Stuff

  1. Do we have an LBL Letterhead or Campus?

    Copy the file /usr/local/share/texmf/tex/latex/generic/localmacros/lbl_letter_example.tex and use that.

For the campus letterhead copy the file /usr/local/share/texmf/tex/latex/generic/localmacros/UCBsample.tex.

Questions about the LBL letter head to rncahn(at)lbl.gov, Bob Cahn, H_Murayama(at)lbl.gov, Hitoshi Murayama for the campus version.

WWW stuff

  1. Personal home (WWW) pages?

    Create a directory immediately below your home directory called public_html. A file called file.html in there has the address http://www-theory.lbl.gov/~yourusername/file.html. If you create a file named index.html in this directory, it will be taken as your default homepage, accessible by #:http://www-theory.lbl.gov/~yourusername.

    Note that the full path to any file must be readable by all (chmod o+r). Note that these personal WEB pages are a potential security hole. Anything in this directory and directories beneath it is public. There should be no links of any type in this tree as these are potential trouble. Here is the link to the LBL policy on Web Pages

Collider Physics Tools

  1. How do I run root?
    ROOT should be installed on all workstations. You should be able to start it by typing 'root' in a terminal. The system automatically defines the environment variables $ROOTSYS and $PATH to have appropriate values. If you are unable to start root, check to see if you have inadvertently overridden these values.
  2. Where is CERNLIB?
    CERNLIB 2004 is installed on all the workstations. The environment variables $CERN, $CERNBIN, $CERNLIB and $PATH are automatically set to appropriate values
  3. How do I start comphep?
    comphep 4.4.3 is currently installed under /usr/local/HEPsoft/comphep-4.4.3. Before you can use it you need to setup your personal working space. Do this by executing the following command:
    make -C /usr/local/HEPsoft/comphep-4.4.3 setup WDIR=PERSONAL_WORKDIR
    where 'PERSONAL_WORKDIR' should be replaced by some directory where you have write access. Then you start the program via:
    PERSONAL_WORKDIR/comphep
  4. What other tools are available?
    Other software packages/libraries are available under /usr/local/HEPsoft. Currently these include herwig65, pythia, jimmy, MC@NLO, geant4 and RunMC.
    If you need additional packages installed, ask management.

Disaster has struck

  1. XXYY won't run.
    Check your PATH environment (in bash the command is echo $PATH). Then type 'which xxyy'. If the application is not in a directory in your path, change your PATH environment. If you are trying to execute a program in your current directory, remember that you must prepend ./ to the command name. E.g., './myprogram' The technical reason for this is that your current directory is not include in your path by default. This is a security feature.
  2. XXYY doesn't work properly.
    If the response to this from "root" is "It looks fine to me", then your account is messed up. You have probably redefined some system variables. Move all of your startup files to some other location and logout and back in. If the problem has gone away, you can then figure out which of your files is at fault.
  3. I get a ``Cannot Open Display Message.
    These days this is almost always because you are connecting via ssh, but have not enabled ssh-X-forwarding. Log out of your ssh session and reconnect using 'ssh -X' If the error persists, logout of the ssh session and try 'ssh -Y' (this is almost the same as -X but relaxes certain requirements that may cause problems when different versions of ssh are interacting).
  4. How do I get back the file that I deleted by mistake?
    Send a suitable message to root. The message must state the names of the files or directories that you want restored and the date when the files were last present. All of this information is needed to determine which backup set is to be used. Note that a restoration may result in more recent files of the same name being overwritten. In order to protect against this, requests for a few files will be met by sending the files to you via e-mail.
    Please remamber that only your home directory area is backed up. Files on /scratch, /archive or /scratch-local are not backed up and cannot be restored if accidentally deleted.
  5. How do I get the current startup files?
    The default setup on Scientific Linux requires no startup files. The system defaults all provide a usable environment. Your desktop manager (KDE or GNOME) will create any startup files it needs the first time you start X.
  6. I cannot login at a workstation.
    Try logging in via ssh from a laptop. If you can get in this way, type 'quota'. If you have no available disk space, see the item above and clean up.
  7. How do I archive old stuff?
    If you have a lot of old files that you are using for archival purposes, i.e. they are not changing, You can move them from your home file system to the scratch areas. If do not want to run the risk of losing them due to a disk crash, you have two options. If you have a workstation, put them on your local scratch and put a backup copy made with tar on the system wide scratch area (/scratch). You can make your own backups by burning a CD. Most of the workstations have cd burners. You should also be able to copy them to an external USB device (memory stick or hard drive).
  8. Is there any scratch space?
    /scratch is visible from all of the nodes. Each of the workstations has a private scratch area called /scratch-local These private areas cannot be accessed from other nodes, but are much faster to access than /scratch since they are local. If you always work on the same workstation, it makes sense for you to use the local scratch space. If you log in from several workstations, the convenience of using the global /scratch may outweigh its slowness.
    None of these scratch areas are backed up. make sure that you understand file protection (man chmod ) otherwise some other user maybe able to read and or delete your files. At present files in the scratch areas are not removed automatically; they stay there until you delete them.

Security Issues

What should I use as a password?

Do not use any easily guessed thing. The passwords are checked on a regular basis, if yours fails some simple tests you will be forced to change it. Use at least 8 characters; a mixture of letters, numbers and non alphanumeric characters (such as # or %) is best. Do not use the same passwords on different machines. Do not reuse passwords. Good passwords can often be generated by choosing a phrase, and using the first letter from each word. The password will be easily remembered, but very hard to guess. For example, "Don't use this as your password, silly", would generate the password dutayp,s. Note that I've included the comma to make it harder to guess. You may also want to include some simple, easy to remember substitutions, like du7ayp,s, where I've replaced the t with a 7 because they kind of look alike to me. What is our group's security policy?

Advisory: Do not leave yourself logged in for extended periods. Any open network slot is a temptation to crackers. Mandatory: Follow the password policy outlined above.

Do not share your password with anyone. 
Do not let anyone else use your account. (this was how the BaBar machine was broken into) 
Change your password often ( at least every 30 days) if you connect from public terminals or from computers that you do not have good reason to trust (e.g. your brother-in-law's Windows computer). This particularly applies if you connect  from .edu sites (including berkeley) 

Anyone whose actions compromise the security of the system may have their computing privileges revoked. If the security breach is caused by someone breaking the mandatory rules, that person's account will be terminated: NO EXCEPTIONS. Why does some network package not work?

Anonymous ftp, pop servers and certain other network tools are potential security holes and are therefore not available. rlogin is restricted to connections from other machines in our farm . Use ssh if you are coming from another site. Why should I avoid telnet and ftp?

Your password is sent over the network "in the clear". If there is a network sniffer running somewhere, you could be in trouble. I believe that one member of our group fell victim to this. You should minimize use of ftp and telnet (or better use ssh and scp) . ssh are faster than telnet and ftp if you use compression. How do I use ssh?

Both the client and the server need to be running ssh. The Mac version of ssh is available from the workstation group server at LBL. Most unix machines have it running. Once you have all of the software, there are two ways to connect using it. Method B is preferable, if you use it properly as it means that you type your password less often. Method A -- Type ssh instead of telnet . You will then have to enter your password. Method B -- You need a public and a private key. You make the key on the machine that you are logging in from (the client). You run a command like ssh-keygen This will ask for a "pass phrase". Do not use your password, but rather some phrase that you can remember (it can be quite long) It will make two files in your $HOME/.ssh/ directory called identity and identity.pub. Neither of these should be readable by anyone but you. (Make sure that you have this right). Login to the remote machine (server) and put the identity.pub into a file called authorized_keys in the directory $HOME/.ssh/ using ftp. Do not move identity to the server. If you want to login from more than one client, you must append each client's public key to the server's authorized_keys file. You then connect from the client to the server using the command ssh instead of telnet. You will then be challenged for the passphrase. If this fails it will ask for your password. In this method, a cracker needs both your private key (which is why the file should not be readable by anyone but you) and the "pass phrase". In either method, note that all transmission is encrypted, so that anything that you type cannot be read by a cracker using a network sniffer. Also all of the paths necessary for X connections are made automatically, so you do not need to export display, use xhost, or any of those nuisances. ssh makes network computing safer and more convenient. The snag is that ssh is needed on your client. It exists and is free for almost all UNIX flavors. The client license for MAC and Windows is not free. LBL has a site license for the MAC version and windows versions here . The mac version needs power mac and more than 16 MB of memory to function properly. You are strongly encouraged to use these on your MAC/PC either at LBL or home. There is a replacement for ftp called scp that also uses encryption; here is the command scp localfile remote.host.domain:/home/your_directory/file This copies the localfile to the remote machine, you will be prompted for your passphrase or password. If you are on a heavily loaded network or are running over a slow line (modem), you can use compression to speed things up. The command is ssh -C host or scp -C. The latter is equivalent to gzip, ftp and then gunzip, but its easier. You may also use sftp, which is a drop-in replacement for ftp, with encryption built in. Link to LBL security pages




What to do in an emergency One of the workstations is dead/locked up?

This is considered an emergency. During working hours, you are should phone Jeff at 4208 or have Olga call Bryan Abshier. During nights and weekends send e-mail to JDAnderson(at)lbl.gov, and BAbshier(at)lbl.gov. If the machine crashed while you were using it, include a description of what you were doing in the mail message. Under no circumstances should you attempt to reboot a machine yourself. Put a sign on the workstation so that no-one else will try to use it. THSRV is dead.

Same as above but you should contact Jeff, and Bryan and send e-mail. Other Theory Computing MAC questions


How do I get help for a Macinosh?

You can call the help desk. 

Do we have Ghostview for a mac?

Ghostview, emacs, and most other standard UNIX tools are available for Mac OSX. Google is an excellent starting place to find them. 

What about software upgrades?

Users are strongly recommended to keep the operating system up to date. This will minimize crashes and other troubles.