Lab Info & Etiquette

some of this information is a little outdated. if you have any questions email me, Hyun Joo.

  1. Computer Policies
  2. Laptop Policies
  3. Computer Etiquette
  4. Backup Procedure
  5. Network Layout

Computer Policies

The following items will help to maintain a safe and productive computing environment.

  • Good Passwords. Select good passwords and do not write them down or share them with others. RPG.pl can also be used to generate a list of good passwords.
  • No Viruses. Exercise safe computing by not opening unknown attachments and other preventative measures. This will be tolerated only once.
  • No Hacking. The security systems in place on the computers are there for a reason.
    Anyone trying to subvert them will incur the wrath of the System Administrator and the PI, depending on who gets to them first.
  • If there is a problem, let someone know. The only way to get things fixed is ask someone who has the power to fix it.
  • Life is better with a happy System Administrator. The more time spent fixing problems (recovering deleted files, getting rid of viruses, etc) the less time is available to make things easier for the users. You want things to be easy, right?

In addition, the computers and network connections are governed by the University of the Pacific
IT policies Computing..

Laptop Policies

The following things will help to maintain a healthy and productive
lab environment. Remember, the science comes first.

  • Reference Material. Several reference books and journals are
    available for use. If you need one of the reference materials outside of
    the lab, please check it out so we can keep track of things.
  • Documentation. Lab notebooks, documented code and README files make
    life easier for everyone. When you return to a project 6 months later,
    it is a lot easier to make sense of what you were doing if it is written
    down. It also helps those who come after you figure out what you were
    doing.
  • Be Nice. We all have to work together, so show some respect.
  • Cleanliness. Everyone needs to work to keep the common spaces clean,
    but your desk is your business until it affects your work.
  • Productivity. Your worth is measured by what you do, not how many
    hours you spend doing it. Being in the lab for 12 hours a day does not
    count if you spend 10 surfing the internet. On the other hand, if you
    get things done in 4 hours, no one will complain if you are not here for
    8 hours.
  • Computer Etiquette

    The
    Unix filesystem permissions system is very simple, yet quite powerful and flexible. Almost no one takes the time to learn the few things necessary to use this system to make their lives easier and more productive. Read on to join the inner circle of the iluminati.

    The Three Things Everyone Should Know about Unix Filesystem
    Permissions

    Your
    “umask” determines the default permissions applied to every file

    you create. If you want your default permissions to be 664 (read and write for
    owner and group, but read-only for everyone else), then your
    umask should be 002.
    If you’re using the environment files provided in
    the ENV.tar download
    from the LinuxUpdates page, then this is your umask
    setting. If you want to
    set your umask yourself, then add the
    line:
    umask 002
    to your .cshrc.personal
    (or .bash_profile.personal). Change the mask to whatever
    you like, but
    leaving it as 002 will avoid all sorts of trouble for you and
    Joe
    Bob.

    2) All of your
    directories (except your home dir) should be mode 2775. This
    sets the
    perms to read, write, and list for owner and group, but read and list
    for everyone else. The “2″ makes the directory
    “setgid”
    which ensures that every file and directory created
    within will inherit the
    group association of the parent. Directories
    created within will inherit the
    “setgid” setting. Doing things
    this way makes working with Joe Bob
    so much easier! For example, if you
    and Joe Bob are working together on the
    project Strange Stars in the
    directory /net/ss. The project is Top Secret, so
    you and Joe Bob have had
    a special group created with just the two of you as
    members. If the two
    of you have umask 002, and /net/sdss is set up like: drwxrwsr-x
    3 jbob ss
    4096 Aug 6 18:02 /net/ss then you and Joe Bob will be able to create
    files and directories within /net/sdss with abandon. You’ll never get
    annoyed
    because you can’t edit each other’s files, and you’ll never have
    to worry about
    anyone other than the members of your exclusive group
    accidentally destroying
    all your work with an errant find(1) command. Do
    “chmod 2775 dirname”
    to make things right.

    Your home dir should
    be mode 2700. This make it accessible only to you. This
    is correct. You
    home directory is not for sharing data with others. It’s not
    even for
    storing data for your projects (which you’ll probably want to share
    with someone else someday). It’s for things like your email and your ssh keys,

    which are PRIVATE. Your home directory is for stuff that you, and only
    you need to see. If your home directory permissions are set too loosely,
    then email forwarding
    (via a “.forward” file), passwordless ssh
    logins using RSA key exchange,
    etc. will not work. Everyone should also
    be a member of a group of which they
    are the only member, and their home
    directory should be associated with this
    group. Unfortunately, that’s not
    generally the case here on most system. Maybe
    someday… For a more
    complete discussion of filesystem permissions, refer to
    the fileutils
    info available on most Red Hat Linux systems (enter “info
    fileutils” at the shell prompt). Jump to the “File
    permissions”
    link, then “Mode structure” for the most
    important background discussion.
    To navigate the info system, use
    “n” to go to the next topic, and
    “p” the previous.
    Use to jump to links in the text – press
    return to follow the
    link. Press “?” for help.

    Backup Procedure

    Q:
    What doesn’t get backed up?

    A:
    Anything stored on the local disks on desktop Linux machines – not
    /tmp, not /scratch, nothing. Currently, the web/mail/ftp server is
    not being backed up. There are plans to change this.

    Q:
    Can I make my own backups of stuff you’re not backing up?

    A:
    The LCD iMac has Superdrive that can burn DVD-Rs and CD-Rs of your data. If you are interested contact Hyun Joo

    Q:
    When do you do backups? How long are they preserved?

    A:
    One month. We have a lot of data to back up and not a lot of cash to
    buy tapes. Our dump cycle is one month long with backups Monday
    through Friday (20 runs total). Files sometimes survive on tape for
    six weeks or more, but don’t count on it.

    Q:
    When do you do full dumps? Incrementals?

    A:
    We use a program called Amanda to manage our backups. Each time it
    runs, Amanda schedules some directories in the dump list to get full
    dumps and others to get incrementals. In a given dump cycle, Amanda
    attempts to preserve two full dumps for every entry in the dump list.
    Amanda attempts to dump every entry in the dump list every time it
    runs – either a full or incremental dump.

    Q:
    Do you store a full dump archive off site in case of disaster?

    A:
    No. We do not have the ability to make a full dump of our main
    fileservers. It would consume at least 30 tapes and take about a week
    to complete. Our tapes are stored in the computer room, right next to
    the tape library and fileservers. They should be stored in a
    different building, or at least a different room. If you want to
    volunteer to shuttle the tapes between locations, contact Hyun Joo.

    Also,
    the dump list changes every week as directories are added and removed
    from our servers. Our backup system creates a new dump list every
    weekend and, typically, several dozen changes are made from the
    previous week’s list.

    Q:
    Why are there so many entries in the dump list? Why don’t you have
    just a single entry for each server?

    A:
    Our backup software does not support having a single backup span
    multiple tapes. Consequently, we have to break our backups into
    smaller chunks. Currently, the chunk size is 35GB – any directory
    with more than 35GB of data will be broken into two or more chunks.
    Another limitation of our backup scheme is its inability to back up
    files in the branch node directories. For example, /a1/FOO
    contains two subdirectories /a1/FOO/small with 10GB of
    data and /a1/FOO/large with 30GB of data. Our backup system
    would dump small and large separately, but any files in
    /a1/FOO would be missed. We have a second routine that backs
    up these files, but the list of files to dump is only updated once a
    week – so be aware!

    Q: Anything else I should know
    about?

    A: Disk list entries containing
    spaces or strange characters will not be backed up.

    If a file
    changes as it is being read by Amanda, it will not be backed up. This
    happens occasionaly with files being written by Condor jobs or other
    processes which do substantial file I/O at night when the backups
    run.

    Backups begin at 7:30 p.m., Monday though Friday and tend
    to take eight to ten hours to complete. This means that any data you
    create and destroy in a single day is probably not on tape. Email
    messages received and deleted on the same day are a good example of
    this sort of problem.

    Network Layout

    The linux systems in the lab can be divided into two groups, the Muir
    Woods and the Forest. The desktops in the Forest are used for
    project development while the nodes in the Muir Woods are used for long,
    computationally intensive projects. Both groups have common access to
    /net/work/ (data) and /net/prog/ (programs) but seperate home directories.
    Read the etiquette page to understand why you
    can still work on both sets of computers. For those writing programs,
    developement should be done in /net/prog and once the source is stable,
    it should be added to /net/prog/bin/ to be available to everyone.

    Tsai Lab network cluster