Linux Teaching Lab at the Department of Computer Science

    CSIC Logo


Introduction

    The Computer Science Linux Lab in the new Computer Science Instructional Center is meant as a teaching resource for Computer Science majors.  The Lab is composed of 25 lab machines running a modifed Redhat Enterprise Linux v.3 distribution.  There are also 4 remote login machines that can be accessed from anywhere on the internet. They can be accessed by ssh'ing to linuxlab.csic.umd.edu.  The lab machines will be available as stated in the lab hours page.  The main lab is located in 3107 CSIC (the building next to AV Williams).

Basics

    Linux is a UNIX-like operating system that provides a robust computing environment which is free and provides all the tools necessary to teach good programing concepts.
    The lab also utilizes AFS as a underlying distributed filesystem. This provides security and reliability that is need for the lab.  We use a modified version of AFS that supports Kerberos V as its authentication scheme to provide more features than the original Kerberos IV that AFS is implemented with.
    When you log into the one of the machines, either in the lab or the remote login nodes, you will recieve Kerberos V credentials and AFS tokens.  The Kerberos V tokens give you access to the machine but then are not as important. The AFS tokens are what give you access to your home directory and other parts of the global AFS filesystem.  If you lose your tokens (by choice or accidentily) then you will lose access to your home directory and other parts of the filesystem that are restricted.
   
    You can check your Kerberos credentials by typing klist.


derek@wasa:~> klist
Ticket cache: FILE:/tmp/krb5cc_2174_WfeUHj
Default principal: derek@CSIC.CS.UMD.EDU

Valid starting     Expires            Service principal
09/03/02 20:15:52  09/04/02 06:15:21  krbtgt/CSIC.CS.UMD.EDU@CSIC.CS.UMD.EDU
        renew until 09/04/02 06:15:21


Kerberos 4 ticket cache: /tmp/tkt2174_CRcdh8
Principal: derek@CSIC.CS.UMD.EDU

  Issued              Expires             Principal
09/03/02 20:15:21  09/04/02 06:15:21  krbtgt.CSIC.CS.UMD.EDU@CSIC.CS.UMD.EDU
09/03/02 20:15:21  09/04/02 06:15:21  afs@CSIC.CS.UMD.EDU


    You can check your AFS tokens by typing tokens.


derek@wasa:~> tokens

Tokens held by the Cache Manager:

Tokens for afs@csic.cs.umd.edu [Expires Sep  4 06:15]
   --End of list--



   
    You can note that the expire time is very important. When your AFS tokens expire you will no longer be able to access your home directory.  To regain privaliges you can use the csiclogin utility which will prompt you for your Kerberos V password and then will get you your AFS tokens. (for reference this utility lives in /usr/local/bin)

    Programs under Linux like most UNIX's are bunched in a tree and accessed by paths.  To find out what paths are checked first you can try typing, echo $PATH in your shell. This should show you a list of paths to where the shell will search for the application that you are running.


derek@squeamish:~> echo $PATH
/afs/csic/staff/derek/bin:/afs/csic/staff/derek/bin/i686:/usr/kerberos/bin:/usr/local/bin:
/usr/local/sbin:/usr/bin/X11:/usr/X11R6/bin:/bin:/sbin:/usr/bin:/usr/sbin:/usr/games:
/usr/kerberos/sbin:.



   
    To see if a program exists you can use the utility, where and the utilty which. Where will show you all the possible locations that the application exists that are under your path. It will not check outside of your path for the program.  Which will show you which one of the available versions that it will run. This depends on your path and which will report the first instance that is found by traversing your different paths. For example,


derek@squeamish:~> where perl
/usr/local/bin/perl
/usr/bin/perl
derek@squeamish:~> which perl
/usr/local/bin/perl



   
    If you need to find out more information about a command, you can try the unix man command.  So for example you could try to man gcc to find out more about the GCC compiler.  Note that this will show you the documentation for the version of gcc that is first in the MANPATH. For more information about MANPATH and man try man man.

First Login

    You will recieve a username/password from your instructor that you should login right away and change the password.  You can do this throught kpasswd utility.  It will prompt you for your current password, then for a new password and to confirm it.  For more information on choosing a good password please look here.  Your password can take up to 10 mins to propagate to all kerberos servers.
    The default shell is /bin/tcsh. If you need more information about the tcsh shell, you can find it by typing man tcsh at the command prompt or here.  To change your default shell you will need to go here.
    You can also change your finger information via the web, located here.

E-Mail

    Sending and recieving mail from the cluster is done by default by pine.  Pine is a command line semi-graphical e-mail reader.  Many of you will already be familiar with pine because it is also the default mail client on WAM.  For more information about how to use pine, you can type man pine or check out WAM's pine documentation here.  Also supported is mutt.

    Your email address is your username@csic.umd.edu.

    All email access is done through SSL IMAP, the default pine and mutt setups are configured for this.  Users can use any graphical email client to read their email, including Outlook Express, Netscape/Mozilla, Mail.app.  Just point your client to the server imap.csic.umd.edu. (not imap.csic.cs.umd.edu)

    Forwarding your mail is also possible, please see the man page for forward by typing man forward at a command line. Essentially, create a .forward file in your home directory that contains the email address to which you want your email forwarded.

X11

    The graphical user interface is the X Windows environment on Linux.  The default window manager that each user recieves is via twm.  To change to another window manager you can go to the Session menu on the login screen and choose one available window mangers.  A user can also utilize their .xsession file in their home directory, then choose the default session, and will be able to run other window managers that are not listed in the Session menu.  For more information on the X window system, and your .xsession file, man X then look for the xdm section.
    X11 forwarding is enabled by default on the cluster, some clients do not have this enabled by default. If it is a openssh-like command line ssh, you can use the -X option to force client side X11 forwarding.  If you are coming from wam/glue you should not need to specify and command line arguments.
    Do not use xhost +. This is very insecure and should not be used. SSH provides the ssh tunnel for you by default on the server side, on the client side if you are using a openssh deriviant then if it is not on by default (like OS X) then give the -X option as stated above.

AFS

    AFS is the base filesystem for the cluster as stated above, it allows for a unique home directory across all of the csic machines.  This includes both remote login nodes (linuxlab.csic.cs.umd.edu) and all the machine in 3107 in CSIC.  
    Each user has a home directory that they own.  The ownership is done through AFS acl's.  To see a list of acl's for a users home directory you can use the command, fs listacl ~


derek@squeamish:~> fs listacl ~
Access list for /afs/csic/staff/derek is
Normal rights:
  system:administrators rlidwka
  derek rlidwka

    To modify the acl's on a directory you continue to use the fs comand. Instead of fs listacl, you will use fs setacl, for example.


derek@squeamish:~> fs setacl ~ geoffr rl
derek@squeamish:~> fs la ~
Access list for /afs/csic/staff/derek is
Normal rights:
  system:administrators rlidwka
  derek rlidwka
  geoffr rl
  
    This command fs setacl ~ geoffr rl gives the user geoffr, read and lookup permissions. You need lookup permissions to do anything in the directory.  This will give the user geoffr effectivly read-only access to this directory.  These permissions will propagate to any new directories that are created in that directory, they will not propagate to any directories that existed at the time that the acl was changed.  For more information please see the openafs users guide on acls.

Printing

    There are no printing resources available for the Linux Lab at this time.