Skip to content

Carleton Astronet Admin Log Posts

Changes to Algol

Published by admin-joel on 2006-05-02

OUT OF DATE as of 2008-11-01.

Modified Algol:

  1. Added to /etc/hosts:
    137.22.1.23 boston-ac.its.carleton.edu boston-ac boston
    137.22.6.48 rigel.physics.carleton.edu rigel
    137.22.6.10 alcor.physics.carleton.edu alcor
    137.22.6.11 mizar.physics.carleton.edu mizar
    137.22.6.12 castor.physics.carleton.edu castor
    137.22.6.13 pollux.physics.carleton.edu pollux
    137.22.6.15 canopus.physics.carleton.edu canopus
    137.22.6.13 pollux.physics.carleton.edu pollux
    137.22.6.72 sirius.physics.carleton.edu sirius
    137.22.6.89 mirzam.physics.carleton.edu mirzam
    137.22.6.71 deneb.physics.carleton.edu deneb
  2. Add line to /etc/exports:
    /home @physics(rw,sync,no_root_squash)
  3. Using system-config-services, enable and start nfs daemon

Configure hosts.allow & hosts.deny

Published by admin-joel on 2006-04-25

hosts.allow:

#
# hosts.allow This file describes the names of the hosts which are
# allowed to use the local INET services, as decided
# by the ‘/usr/sbin/tcpd’ server.
#
sshd: ALL
ALL: .physics.carleton.edu
ALL: LOCAL
ALL: 127.0.0.1

hosts.deny

#
# hosts.deny This file describes the names of the hosts which are
# *not* allowed to use the local INET services, as decided
# by the ‘/usr/sbin/tcpd’ server.
#
# The portmap line is redundant, but it is left to remind you that
# the new secure portmap uses hosts.deny and hosts.allow. In particular
# you should know that NFS uses portmap!
ALL: ALL

Set up group, passwd, shadow

Published by admin-joel on 2006-04-25

OUT OF DATE as of 2008-11-01.

Put script in cron.daily on Algol:
#!/bin/bash
# Copy /etc/passwd /etc/shadow /etc/groups to /etc/secret directory
# Created by:
# Mark Knight
# 4/25/06
/bin/cp /etc/shadow /etc/secret/
/bin/cp /etc/passwd /etc/secret/
/bin/cp /etc/group /etc/secret/
/bin/chmod -R u=r,go= /etc/secret/
exit 0

Copy script to local /etc/ folder on clients:

#!/bin/bash
# Copy /etc/passwd /etc/shadow /etc/groups from /etc/secret directory
# Created by:
# Mark Knight
# 4/25/06

/bin/cp /etc/secret/shadow /etc/
/bin/cp /etc/secret/passwd /etc/
/bin/cp /etc/secret/group /etc/

/bin/chmod u=rw,go=r /etc/group
/bin/chmod u=rw,go=r /etc/passwd
/bin/chmod u=r,go= /etc/shadow

exit 0
Include client computer in Algol’s /etc/exports, and put /etc/secret in client computer’s NFS mounts in /etc/fstab.

Old system logs, old backup lists, old hints

Published by jweisber on 2006-04-20

To access the old system log, which still has useful info, go to /docs/sysinfo/sulog. New entries should NOT be placed there but rather here on this blog that you are reading.

(For much of May and until June 7, it was on algols /data/arcturus/doks/sysinfo/sulog.–jmw)

(note that even earlier sulogs are in /docs/thuban-doks/sysinfo)

(other old gems like backup lists are under /docs/thuban-doks, like ourhints and dumps)

IDL Goddard Library updated 2018

Published by jweisber on 2006-04-20

Updated 2018 June: for  idl 6.3 on canopus and deneb , goddard libe is now at

/usr/local/exelis/idl83/lib/goddard/pro

It was never installed on mirzam idl 8.6 but when it is (soon) it will be in a similar place except replace “excelis” with “harris”.  –jmw

 

Drew and Joel brought in the IDL NASA GSFC Library, as the Heiles tutorial uses a routine from it to enable reading columns from a table. There are many other excellent IDL astro routines in it.

We gunzipped and untarred the download into

algols /usr/local/rsi/idl_6.3/lib/goddard as of May 2006,

(((((((on original post said we put it into:/space/share/astro/idl/idl_6.2/lib/goddard))))))
and after adding Sirius and Mirzam licenses we had to go to algols /usr/local/rsi/idl_6.3/lib/ as root and

scp -r goddard root@mirzam:/usr/local/rsi/idl_6.3/lib/

and

scp -r goddard root@sirius:/usr/local/rsi/idl_6.3/lib/

Note that inside ~.idlstartup, one has
!path = expand_path(‘+/gig1/usr4/OH/wapp03/philstuff/gen’)+’:’+ !path

which (because of the “+”) takes all subdirectories containing files ending in .pro or .sav from the above directories. I believe that the above is operating also on the unix path as well, though the parenthesis would suggest no. Maybe !path is an already expand_path-ed version of unix path.

anyway this works. we can access the Goddard library from inside IDL. But also note that its location suggests we may need/want to move it once we upgrade to next version of IDL.

NOTE ADDED JUNE 2008: DONT CONFUSE GODDARD LIBS WITH GBTIDL!

AS FAR AS I KNOW, WE USE STD GODDARD LIBS WITHOUT MODS.

(We DID have to mod GBTIDL – see above posts.)

Create a new shared directory

Published by admin-joel on 2006-04-20

To create the directory “test” in /home, execute as root:

  1. mkdir /home/test
  2. chmod -vcR u=rwx,g=rwxs,o=- /home/test
    OR
    chmod -R 2770 /home/test
    (these two commands both do the same thing)
  3. groupadd testgrp
    (create a new group.)
  4. chgrp -vcR testgrp /home/test
  5. usermod -a -G testgrp knightm
    (add user knightm to the group so he has permissions. Repeat for all users in group. To check, run “groups knightm”)

Adding quotas

Published by admin-joel on 2006-04-13

OUT OF DATE as of 2008-11-01.

Steps: (from http://www.redhat.com/docs/manuals/linux/RHL-8.0-Manual/admin-primer/s1-storage-quotas.html)

  1. Modified /etc/fstab entry for /home and rebooted:
    /dev/md0 /home ext3 defaults,usrquota,grpquota 1 2
  2. Run:
    quotacheck -avug

    If that fails, can try:
    quotacheck -avugcm

  3. Added the quotacheck command to /etc/cron.weekly with the script:#!/bin/bash
    # Update the database that keeps track of quotas
    # Created by Mark Knight (4.13.06)
    # Modified by Mark Knight (5.06.06)
    quotaoff -a
    quotacheck -agum
    quotaon -a

    exit 0

  4. Set user quotas:
    1. Command:
      edquota knightm
    2. Disk quotas for user knightm (uid 500):
      Filesystem blocks soft hard inodes soft hard
      /dev/md0 1420 512000 1000000 126 0 0
      This sets a soft limit of 512 MB on the user “knightm,” with a hard limit of 1 gig.
  5. Check limits on quotas with
    repquota /home