Website:FAQs
FAQs about UGCS 4.0
Contents |
General Questions
Where is UGCS?
UGCS is in the basement of Winnett, room 2C. It has a South Master lock on it. To get to the basement, go down the stairs on the west side of the building. Go down the corridor and go through the door that's half-way down, and then you'll see the door to UGCS.
Am I allowed to do <something> on UGCS?
Depends what <something> is. Use of UGCS is subject to our Acceptable Use Policy. If you have any questions about it, please ask a sysadmin about your use before you try it.
I get "Permission denied" when trying to access files I should (and used to earlier) have permissions on
Your Kerberos auth expired. Log out and back in again, or run 'kinit && aklog'. To keep your tokens from expiring, run kinit -R && aklog BEFORE they expire.
I forgot my password
See our Password Reset help page
How can I get an account?
See New Account
I don't own my files
Your home directory is on an AFS volume. The ownership does not matter - you have full read/write/administer AFS ACL's on your public directory. In AFS, with a few limited exceptions, file ownership does not matter; the ACL on the directory governs file access. If you're getting permission denied errors, make sure that you've either logged on recently, or that you've refreshed your AFS tickets using 'kinit && aklog' (this will prompt you for your password again).
How can I create a Mailman mailing list?
Log into the cluster and run create_mailinglist.
Can I forward my email elsewhere?
Yes. Log in to the cluster and run mail_forward. It will ask you questions, and use your answers to update your ldap delivery settings.
What settings should I use for POP / IMAP / SMTP?
How do I access Webmail?
SquirrelMail (simple, fast, light interface): https://webmail.ugcs.caltech.edu/squirrelmail/
Roundcube (more complex, drag-and-drop, desktop style interface): https://webmail.ugcs.caltech.edu/
How can I make Pine/Alpine work?
See Pine setup
How can I make Mutt work?
Mutt should work out of the box. If not, make sure you mail directory is set to ~/Maildir.
How do I process my mail using procmail?
Because of the fact that the mail daemon has unlimited read/write privileges on users' mail directories but does not have access to user home directories, automatic invocation of procmail upon delivery of each piece of mail is both a security risk as well as being inefficient. However, you may add something like the following to your .bashrc or similar script run on login to rearrange your mail using your own AFS tokens and permissions.
Note: use this script at your own risk.
#!/bin/sh # ensure that .procmailrc targets are of the format ~/Maildir/<directory>/ # rather than ~/Maildir/<file> in order to ensure delivery in Maildir format # which will result in availability via IMAP. cat ~/Maildir/new/* | formail -s procmail
Shell
How can I connect to UGCS?
You can come in the lab and login at a machine, or SSH to to.caltech.edu (you can just use "to" if you're on campus )
Where can I find ssh utilities for Windows?
We recommend Putty for getting a shell (ssh), and WinSCP or FileZilla for transfering files.
There are other programs as well, some will even let you pay for them.
How can I connect to UGCS from unix machines (Mac OS X, BSD, Linux, etc)?
Just open a terminal and type ssh username@to.caltech.edu
Can I use UGCS as a network disk?
On Linux, you can install the program sshfs, then type sshfs username@to.caltech.edu: mountpoint. If you get permission denied, try sudo adduser <your local username> fuse and restarting X.
When you're done, fusermount -u mountpoint will unmount it.
You can also set up your computer to access AFS remotely
There are AFS clients for Windows and OS X
How do I get out of the job listing screen when I first connect?
Type 'q'
Webhosting
Where's my website?
/afs/ugcs/user/<username>/public/html, or at http://www.ugcs.caltech.edu/~username
What about SQL Databases?
Every UGCS account comes standard with a Postgresql 8.2 database. The host name is postgres, your username is <username>_cgi, and the database name is the same as your username. You must not specify a password (not even a blank one). You can access your database from cluster machines by running 'psql -h postgres' More information is available here
We have a MySQL server running on poseidon. As we do not have an automated MySQL database creation system, you must ask us for a MySQL database.
How can I set up MediaWiki/Wordpress/Drupal/etc
If you want to use PostGres, you will need to select Kerberos authentication. If your application doesn't support this, you likely could patch it by changing the pg_connect in the code to not send a password.
Alternatively, most of these applications support MySQL, so email sysadmins@ugcs.caltech.edu to get a MySQL database set up for your account, then use your username as the database name and username, and poseidon.ugcs.caltech.edu for the server. When we create the database we will create a file .mysqlpw in your home directory containing the MySQL database's password.
Security
Where can I find the UGCS CA key/SSL cert/SSH Hostkeys/PGP keys?
Why does my mail client/browser complain that your certificate can't be trusted
Most browsers and mail clients ship with a "preapproved" list of certificate authorities that can be used to validate sites. In addition to being critically flawed due to its reliance on a central (corporate) authority, signing standards vary from company to company. The only constant is that it costs a lot of money for a site to get signed, and this does nothing to assist the security of the user.
To this end, UGCS publishes its own CA key. If you care enough about security, you can verify it as being legitimate through the PGP web of trust through the sysadmin's keys. If you are not willing to put forth the effort, you should download it now and be very concerned should it ever change.
Acceptable Use Policy and Copyright Infringement
What is the UGCS acceptable use policy?
Don't break the law, don't violate IMSS's policies, don't violate others' privacy, don't monopolize limited resources, don't crack our systems (though if you know a way, we'd love to have you let us know). Official wording: UGCS Acceptable Use Policy
How does UGCS deal with claims of copyright infringement?
Those making the claim are required to provide us with all the usual information, and sufficient proof that a particular user is responsible. Since UGCS is a multiuser environment, a timestamp and IP address alone are not sufficient proof of infringing behavior. We provide encrypted hashes with all incoming and outgoing connections that we can use to identify the user responsible. Unfortunately, without this information there is no proof of infringing behavior and we are not able to take action. For our official policy, or to report a violation, please see our Copyrighted Material and DMCA Policy.
How does UGCS protect users from frivolous IP lawsuits?
As noted above, in addition to all the other information required we additionally require an identd hash to trace activity back to the user. If claimants fail to provide this information, we cannot necessarily determine which of the users on the machine at that time was responsible for the activity.
