Website:FAQs
(→I get "Permission denied" when trying to access files I should (and used to earlier) have permissions on) |
|||
| (43 intermediate revisions by 3 users not shown) | |||
| Line 2: | Line 2: | ||
__TOC__ | __TOC__ | ||
| − | == | + | ==General Questions== |
| − | + | ||
| − | + | ||
| − | === | + | ===Where is UGCS?=== |
| − | + | UGCS is in the basement of Winnett, room 2C. It has a South Master lock on it. To get to the basement, go down the stairs on the west side of the building. Go down the corridor and go through the door that's half-way down, and then you'll see the door to UGCS. | |
| − | === | + | ===Am I allowed to do <something> on UGCS?=== |
| − | + | Depends what <something> is. Use of UGCS is subject to our [[Website:Acceptable_Use_Policy|Acceptable Use Policy]]. If you have any questions about it, please [[Website:Contact|ask a sysadmin]] about your use before you try it. | |
| − | ===What settings should I use for IMAP?=== | + | ===I forgot my password=== |
| − | See [[ | + | See our [[Documentation:Password_Resets|Password Reset]] help page |
| + | |||
| + | ===How can I get an account?=== | ||
| + | See [[Documentation:Create_Account| New Account]] | ||
| + | |||
| + | ===I get "Permission denied" when trying to access files I should (and used to earlier) have permissions on=== | ||
| + | Your Kerberos auth expired. Log out and back in again, or run 'kinit && aklog'. To keep your tokens from expiring, run kinit -R && aklog BEFORE they expire. If this is related to screen sessions, see the section on screen below. | ||
| + | |||
| + | ==Email== | ||
| + | ===How can I create a Mailman mailing list?=== | ||
| + | Log into the cluster and run "mailman create listname". See [[Documentation:Mailing_Lists|Mailman documentation]] for more information. | ||
| + | |||
| + | ===Can I forward my email elsewhere?=== | ||
| + | Yes. Log in to the cluster and run [[Documentation:Email_Forwarding| mail_forward]]. It will ask you questions, and use your answers to update your ldap delivery settings. | ||
| + | |||
| + | ===What settings should I use for POP / IMAP / SMTP?=== | ||
| + | See [[Documentation:Email_Basics| Email Server Settings]] | ||
===How do I access Webmail?=== | ===How do I access Webmail?=== | ||
SquirrelMail (simple, fast, light interface): | SquirrelMail (simple, fast, light interface): | ||
| − | https:// | + | https://webmail.ugcs.caltech.edu/squirrelmail/ |
Roundcube (more complex, drag-and-drop, desktop style interface): | Roundcube (more complex, drag-and-drop, desktop style interface): | ||
| − | https:// | + | https://webmail.ugcs.caltech.edu/ |
===How can I make Pine/Alpine work?=== | ===How can I make Pine/Alpine work?=== | ||
| − | See [[ | + | See [[Documentation:Alpine| Pine setup]] |
===How can I make Mutt work?=== | ===How can I make Mutt work?=== | ||
| − | Mutt should work out of the box. If not, make sure you mail directory is set to ~/Maildir | + | Mutt should work out of the box. If not, make sure you mail directory is set to ~/Maildir. |
===How do I process my mail using procmail?=== | ===How do I process my mail using procmail?=== | ||
| − | + | We do not currently support procmail. If you want, you can run this script as a [[Documentation:Cron|cron script]] | |
| − | + | ||
Note: use this script at your own risk. | Note: use this script at your own risk. | ||
<pre> | <pre> | ||
| Line 42: | Line 55: | ||
</pre> | </pre> | ||
| − | == | + | ==Shell== |
| − | === | + | ===How can I connect to UGCS?=== |
| − | + | You can come in the lab and login at a machine, or SSH to to.caltech.edu (you can just use "to" if you're on campus ) | |
| − | === | + | ===How do I get out of the job listing screen when I first connect?=== |
| − | + | Type 'q' | |
| − | + | ===Where can I find ssh utilities for Windows?=== | |
| + | We recommend [http://www.chiark.greenend.org.uk/~sgtatham/putty/ Putty] for getting a shell (ssh), and | ||
| + | [http://winscp.net/eng/download.php WinSCP] or [http://filezilla-project.org/ FileZilla] for transfering files. | ||
| − | + | There are other programs as well, some will even let you pay for them. Lucky you;) | |
| − | + | ||
| − | + | ||
| − | + | ===How can I connect to UGCS from unix machines (Mac OS X, BSD, Linux, etc)?=== | |
| + | Just open a terminal and type ssh username@to.caltech.edu | ||
| + | |||
| + | ===Can I use UGCS as a network disk?=== | ||
| + | On Linux, you can install the program sshfs, then type sshfs username@to.caltech.edu: mountpoint. If you get permission denied, try sudo adduser <your local username> fuse and restarting X. | ||
| + | |||
| + | When you're done, fusermount -u mountpoint will unmount it. | ||
| + | |||
| + | You can also set up your computer to [[Documentation:AFS#Accessing AFS from home|access AFS remotely]] | ||
| + | |||
| + | There are AFS clients for [http://www.openafs.org/windows.html Windows] and [http://www.openafs.org/macos.html OS X] | ||
| + | |||
| + | ===How can I leave a job running in screen and retain filesystem permissions?=== | ||
| + | To prevent your screen sessions from losing filesystem permissions as soon as you logout, run "kinit -r 1d" in the screen BEFORE detaching and logging out. Use this with caution, as it will allow the screen session to keep your credentials for up to a year. Note that changing your password will invalidate all current tokens (this is a feature, not a bug). | ||
| + | |||
| + | ==Webhosting== | ||
| + | |||
| + | ===Where's my website?=== | ||
| + | /afs/ugcs/user/<username>/public/html, or at http://www.ugcs.caltech.edu/~username | ||
| − | |||
| − | |||
===What about SQL Databases?=== | ===What about SQL Databases?=== | ||
| − | + | Every UGCS account comes standard with a Postgresql 8.3 database. See [[Documentation:Postgres|Postgres on UGCS]] for more information. | |
| − | + | We have a MySQL server running on poseidon. As we do not have an automated MySQL database creation system, you must [[Website:Contact| ask us]] for a MySQL database. | |
| − | + | ||
| − | + | ||
| − | ===I | + | ===How can I set up MediaWiki/Wordpress/Drupal/etc=== |
| − | + | We fully support mediawiki and have some tools to help work with it- see [[Documentation:Mediawiki|UGCS Mediawiki support]] | |
| − | + | Wordpress does not support Postgres, so you will need a MySQL database- [[Website:Contact|ask us]] for to get one set up. | |
| − | + | ||
| − | === | + | ==Security== |
| − | + | ===Where can I find the UGCS CA key/SSL cert/SSH Hostkeys/PGP keys?=== | |
| + | http://ca.ugcs.caltech.edu | ||
| + | |||
| + | ===Why does my mail client/browser complain that your certificate can't be trusted=== | ||
| + | Most browsers and mail clients ship with a "preapproved" list of certificate authorities that can be used to validate sites. In addition to being critically flawed due to its reliance on a central (corporate) authority, signing standards vary from company to company. The only constant is that it costs a lot of money for a site to get signed, and this does nothing to assist the security of the user. | ||
| + | |||
| + | To this end, UGCS publishes its own CA key. If you care enough about security, you can verify it as being legitimate through the PGP web of trust through the sysadmin's keys. If you are not willing to put forth the effort, you should download it now and be very concerned should it ever change without a good explanation. (For example, we might have to issue a new certificate if part or all of UGCS were to be compromised.) | ||
| − | === | + | ==Acceptable Use Policy and Copyright Infringement== |
| − | + | ===What is the UGCS acceptable use policy?=== | |
| + | Don't break the law, don't violate IMSS's policies, don't violate others' privacy, don't monopolize limited resources, don't crack our systems (though if you know a way, we'd love to have you let us know). Official wording: [[Website:Acceptable_Use_Policy| UGCS Acceptable Use Policy]] | ||
| − | + | ===How does UGCS deal with claims of copyright infringement?=== | |
| + | Those making the claim are required to provide us with all the usual information, and sufficient proof that a particular user is responsible. Since UGCS is a multiuser environment, a timestamp and IP address alone are not sufficient proof of infringing behavior. We provide encrypted hashes with all incoming and outgoing connections that we can use to identify the user responsible. Unfortunately, without this information there is no proof of infringing behavior and we are not able to take action. For our official policy, or to report a violation, please see our [[Website:Copyright|Copyrighted Material and DMCA Policy]]. | ||
| − | If | + | ===How does UGCS protect users from frivolous IP lawsuits?=== |
| − | + | As noted above, in addition to all the other information required we additionally require an identd hash to trace activity back to the user. If claimants fail to provide this information, we cannot necessarily determine which of the users on the machine at that time was responsible for the activity. | |
Latest revision as of 19:37, 7 June 2011
FAQs about UGCS 4.0
General Questions
Where is UGCS?
UGCS is in the basement of Winnett, room 2C. It has a South Master lock on it. To get to the basement, go down the stairs on the west side of the building. Go down the corridor and go through the door that's half-way down, and then you'll see the door to UGCS.
Am I allowed to do <something> on UGCS?
Depends what <something> is. Use of UGCS is subject to our Acceptable Use Policy. If you have any questions about it, please ask a sysadmin about your use before you try it.
I forgot my password
See our Password Reset help page
How can I get an account?
See New Account
I get "Permission denied" when trying to access files I should (and used to earlier) have permissions on
Your Kerberos auth expired. Log out and back in again, or run 'kinit && aklog'. To keep your tokens from expiring, run kinit -R && aklog BEFORE they expire. If this is related to screen sessions, see the section on screen below.
How can I create a Mailman mailing list?
Log into the cluster and run "mailman create listname". See Mailman documentation for more information.
Can I forward my email elsewhere?
Yes. Log in to the cluster and run mail_forward. It will ask you questions, and use your answers to update your ldap delivery settings.
What settings should I use for POP / IMAP / SMTP?
How do I access Webmail?
SquirrelMail (simple, fast, light interface): https://webmail.ugcs.caltech.edu/squirrelmail/
Roundcube (more complex, drag-and-drop, desktop style interface): https://webmail.ugcs.caltech.edu/
How can I make Pine/Alpine work?
See Pine setup
How can I make Mutt work?
Mutt should work out of the box. If not, make sure you mail directory is set to ~/Maildir.
How do I process my mail using procmail?
We do not currently support procmail. If you want, you can run this script as a cron script Note: use this script at your own risk.
#!/bin/sh # ensure that .procmailrc targets are of the format ~/Maildir/<directory>/ # rather than ~/Maildir/<file> in order to ensure delivery in Maildir format # which will result in availability via IMAP. cat ~/Maildir/new/* | formail -s procmail
Shell
How can I connect to UGCS?
You can come in the lab and login at a machine, or SSH to to.caltech.edu (you can just use "to" if you're on campus )
How do I get out of the job listing screen when I first connect?
Type 'q'
Where can I find ssh utilities for Windows?
We recommend Putty for getting a shell (ssh), and WinSCP or FileZilla for transfering files.
There are other programs as well, some will even let you pay for them. Lucky you;)
How can I connect to UGCS from unix machines (Mac OS X, BSD, Linux, etc)?
Just open a terminal and type ssh username@to.caltech.edu
Can I use UGCS as a network disk?
On Linux, you can install the program sshfs, then type sshfs username@to.caltech.edu: mountpoint. If you get permission denied, try sudo adduser <your local username> fuse and restarting X.
When you're done, fusermount -u mountpoint will unmount it.
You can also set up your computer to access AFS remotely
There are AFS clients for Windows and OS X
How can I leave a job running in screen and retain filesystem permissions?
To prevent your screen sessions from losing filesystem permissions as soon as you logout, run "kinit -r 1d" in the screen BEFORE detaching and logging out. Use this with caution, as it will allow the screen session to keep your credentials for up to a year. Note that changing your password will invalidate all current tokens (this is a feature, not a bug).
Webhosting
Where's my website?
/afs/ugcs/user/<username>/public/html, or at http://www.ugcs.caltech.edu/~username
What about SQL Databases?
Every UGCS account comes standard with a Postgresql 8.3 database. See Postgres on UGCS for more information.
We have a MySQL server running on poseidon. As we do not have an automated MySQL database creation system, you must ask us for a MySQL database.
How can I set up MediaWiki/Wordpress/Drupal/etc
We fully support mediawiki and have some tools to help work with it- see UGCS Mediawiki support
Wordpress does not support Postgres, so you will need a MySQL database- ask us for to get one set up.
Security
Where can I find the UGCS CA key/SSL cert/SSH Hostkeys/PGP keys?
Why does my mail client/browser complain that your certificate can't be trusted
Most browsers and mail clients ship with a "preapproved" list of certificate authorities that can be used to validate sites. In addition to being critically flawed due to its reliance on a central (corporate) authority, signing standards vary from company to company. The only constant is that it costs a lot of money for a site to get signed, and this does nothing to assist the security of the user.
To this end, UGCS publishes its own CA key. If you care enough about security, you can verify it as being legitimate through the PGP web of trust through the sysadmin's keys. If you are not willing to put forth the effort, you should download it now and be very concerned should it ever change without a good explanation. (For example, we might have to issue a new certificate if part or all of UGCS were to be compromised.)
Acceptable Use Policy and Copyright Infringement
What is the UGCS acceptable use policy?
Don't break the law, don't violate IMSS's policies, don't violate others' privacy, don't monopolize limited resources, don't crack our systems (though if you know a way, we'd love to have you let us know). Official wording: UGCS Acceptable Use Policy
How does UGCS deal with claims of copyright infringement?
Those making the claim are required to provide us with all the usual information, and sufficient proof that a particular user is responsible. Since UGCS is a multiuser environment, a timestamp and IP address alone are not sufficient proof of infringing behavior. We provide encrypted hashes with all incoming and outgoing connections that we can use to identify the user responsible. Unfortunately, without this information there is no proof of infringing behavior and we are not able to take action. For our official policy, or to report a violation, please see our Copyrighted Material and DMCA Policy.
How does UGCS protect users from frivolous IP lawsuits?
As noted above, in addition to all the other information required we additionally require an identd hash to trace activity back to the user. If claimants fail to provide this information, we cannot necessarily determine which of the users on the machine at that time was responsible for the activity.
