UTIG Computing
- Privacy and other Data Policy
- Help
- Storage
- Software
- Backups
If you have comments or questions about this document, including suggestions for topics it does not now cover, please let us know. This document was last updated in September 2020.
People
The IG Computer Committee and the IG Director set general policy for the
Institute computers. The Geology Department and the Bureau of Economic Geology,
also units within the
|
Name |
Email |
Telephone |
|
Mark Wiederspahn |
markw |
1-0406 |
|
John Gerboc |
johng |
1-0325 |
You can also leave a note on John or Mark's doors, which are located on the south central 3rd floor. Cell phone and home numbers are written on the boards outside these offices.
Systems
All aspects of computing at UTIG are free after payment of a small yearly fee,
unless you use a very large amount of some resource. If you are a big user of
consumable supplies, you will be expected to contribute a proportional share of
the incremental costs. Our goal is to minimize the accounting burden for all,
but also make everyone feel they receive fair value. We support mostly
RedHat CentOS Ubuntu Fedora Linux PC workstations and servers, and Windows and Apple
Macintosh PC's.
We have about 70 workstations and servers and some 100 PC's
networked together. Each has a unique name and IP address which lets you
access it from anywhere on the Internet. Some are considered completely public,
and some more private. Some have large memories, or very fast and large disks.
Many are always on. Almost all disks available on any machine are accessible
from any other machine within JSG sites (not in general across sites except as
specially provided for). There is a detailed list later on of systems and disk
locations for you to use.
Most Unix and Windows computers share the same set of valid users within UTIG. Your username and password at other JSG sites will probably be different. At UTIG, you may see references to legacy IG domain passwords; although the username is the same for Windows as for Unix, the passwords are independent.
In addition to permanently connected systems, laptops usually have dynamically assigned IP addresses; these may change from time to time and are not guaranteed to remain the same. Laptops and other mobile devices can connect either to the wired network (which is logically part of UTIG) or to the UT wireless network (which is not). If you are faculty, staff or student, you must use the utexas wireless network which requires authentication via your EID. UTguest and eduroam wireless is available for guests or meetings. Unless you are on the UTexas wireless, if you are outside of UTIG (except at other JSG units) you need specific procedures to get through the UTIG firewall. See http://www-udc.ig.utexas.edu/techdocs/wireless.htm
You may elect to bring your personal computer to work; it need not join our Windows login domain in order to access our network, share disk files, use printers or receive backup services. You must make sure its system software is updated and have reputable anti-virus software installed before you connect to our network. We will be glad to help.
The official domain name for most UTIG computers on our wired networks is a short name followed by ".ig.utexas.edu". Windows systems may also be "austin.utexas.edu". Other JSG units are ".jsg.utexas.edu", ".geo.utexas.edu", or ".beg.utexas.edu".
Getting
Started, Accounts, Passwords, Email
We asked the requestor of a new account for:
- First and last names of the new user
- suggested login name (we prefer than 8 characters)
- where email should be sent; this can be easily changed
later, but the "Welcome to UTIG" email is sent immediately as the
account is created.
- classification (research, postdoc, tech or admin staff, undergrad or grad_student, other ); all of these get mail sent to allhands@ig.utexas.edu
- supervisor (not necessarily the requestor). This person agreed to stay aware of
how you're using your account, although you remain responsible for everything
done with it.
We gave you a username and its initial password. The first thing you should do is to change that password.
By logging into a UT computing system, you implicitly agree to the computing code of conduct at Conduct
Password
Password protection of your account is VERY important. Because we are directly
on the Internet, people anywhere in the world may attempt to crack your
account. Breakin attempts occur dozens of times on UTIG computers every day. If
your password is easily guessable, it allows a hacker direct access to our
computers, making it much easier to get past security barriers. Your account
was created with an initial long random string; it should be changed to
something you can remember without writing it down.
You should not write down your password, unless it is in a locked, secure location. Never give it away to people you don't trust completely; they will be indistinguishable from you for any computer use. The University has specific policies about this, see passwords. If you consistently violate these guidelines, we will take away your login privileges.
Email
We expect you to read emails we send to your primary email address;
we send to one address per user. We understand that no one email solution works
for everyone and we'll try to support any reasonable arrangement. There are
many choices.
UT prefers UT provided accounts (Office365, UTmail) and now enforces this for business correspondence like sponsored research; they no longer forward to non-UT addresses.
UT automatically creates an Office365 enterprise email account for all faculty and staff; students may also manually claim o365 accounts. This allows web access at office365.austin.utexas.edu. This shuts down when you leave UT, and is destroyed a month after that. Your initial mail address is firstname.lastname@austin.utexas.edu, and up to 3 others can be added. These may be @ig, @austin, or just @utexas.edu and you will access them with your email address and your eid password. Forwarding to another UT email account is possible too.
he university also provides all faculty, staff and students a free email account claimed at UTMail.utexas.edu; this is essentially a Gmail account. This account can also be used for web access to your mail. This account is deleted when you leave UT unless you have ever been a student or you retire.
The University maintains an "official" email address for you. See https://workday.utexas.edu
Notes:
We no longer support a local email server at utig.ig.utexas.edu, except for internal purposes,
but email sent via @utig.ig.utexas.edu will be delivered as though it were sent to @ig.utexas.edu.
Email groups:
allhands@ig.utexas.edu goes to
these groups: Research, Student, Staff, and Other
Each of these is an email group as well. You might also find these groups
useful:
allstaff@beg.utexas.edu
geoscigrads@utlists.utexas.edu
geosci_research@utlists.utexas.edu
geosciundergrads@utlists.utexas.edu
geosci_allhands@utlists.utexas.edu
Privacy and other Data
Policy
The system managers may become aware of the content of your emails or files in
the normal course of our duties. We do try hard not to. If we have
reasonable cause to think that you (or a hacker logged in as you) are mis-using
the system, we may use such permissible methods as detailed at
Monitoring. We expect each user to behave in a manner that preserves the
integrity of the computer systems and others' information. We expect that you
won't actively seek information that would reasonably be expected to remain
private. We as managers do the same. The
UTIG computers are generally classified as UT-ISO Category 2 or 3 systems. UTIG does not have to protect personal data such as Social Security Numbers because they are never stored on our systems. Because such security isn't in place, you should not store sensitive personal data on any UTIG computers yourself. If you store data that must be protected by contract (eg. commercial non-disclosure) you must inform the managers and it may require special storage or access arrangements.
Help
If you are learning any computer system for the first time, whether it is
Windows, MacOSX or Unix/Linux, it can be a painful process. These web resources
may help:
· Linux for first time users: http://linuxsurvival.com
· CentOS: http://wiki.centos.org/
· RedHat: http://www.redhat.com/docs
· Apple: http://www.apple.com/support/manuals/
If you have a problem or particular question, please contact us. We would
prefer the following order of contact so we can work most efficiently, but if
you have a problem, don't hesitate to let us know by whatever means:
Email to "gripe"
(lower priority)
Email to "help"
(higher priority - I can't work until this is fixed!)
Telephone one of us (see phone numbers above)
Visit with us. Our offices are on the south side in the center of
the third floor.
If we have to communicate status of the various systems to users, we'll use
the following:
- Notes may be posted at the double hall
doors and outside room 3.203 from time to time in case nothing electronic is working
right.
- Email to "allhands" announces
expected outages or describes significant problems. If the email system itself
is malfunctioning, notes may be posted at www-udc.ig.utexas.edu,
or broadcasts may be sent to logged in users as possible.
Information about UT systems in general is at https://ut.service-now.com/sp?id=services_status.
Printers
There is a color printer in every work area. There is a a wide plotter and letter
size scanner on each floor. We have one tabloid color printer on the third floor.
Please see printers for details.
There is a public scanner in at the east end of hall 3.200 and one in the west end of 2.248. Some of the Administrative Associates also have scanners, in 2.104 for example.
Choosing a computer
In general, systems in public areas are public access, with priority given to
users in the local workarea, unless clearly labeled otherwise. Please honor
these requests. Once you login at any location, you can access other systems
over the network. Sometimes need for a particular peripheral will dictate which
system you need - tape drives are not network shareable, for example. If you
have a very large problem, having multiple cpus or big memory can speed up
execution. These systems are all Unix/Linux, as that is where most of our
non-dekstop computation occurs. There are many more; your advisor or workgroup
may have specific suggestions for one appropriate to your needs.
Remote Access
2021 Update - xdmcp is not working on Redhat7 systems yet.
You may use eXceed or X11 windows on your UTIG desktop system to login to most Unix
systems; use XDMCP Broadcast if it is available to see the entire list of all
computers. You may also use ssh (with -X or -Y for Linux or MacOSX xterm) to connect
to a specific Unix system.
Remote access procedures have been quite fluid in 2020. There are basically three options: X11 (tunneled over ssh), ssh (x2go), Remote Desktop (Remote Desktop, VNC, AppleRD) There are some specific access restrictions depending on the protocol. See Remote access details
You can access nearly all Unix/Linux system via ssh from remote Windows/MacOSX/Unix systems using the UT VPN service. Most users find that remote X11 over ssh is slower and less reliable than x2go or VNC unless you are on a very reliable, very high speed internet connection (think Google fiber). x2go uses ssh to provide a VNC-like remote graphics login which is restartable after network problems. For Windows systems, Remote Desktop is built into Windows, and freely available for MacOSX or for Linux. VNC is a similar package; both essentially recreate a remote desktop screen on your local machine. They were designed to tolerate the delays of longer distance networks, and so often have a better experience than X11 itself. To use Remote Desktop, you need:
A windows pc at UTIG which is "yours" - nobody else will be able to use it while you do; it must be enabled for your login:
1. You must turn on remote access: start -> control panel -> system -> remote -> Remote Desktop checked "on"
2. Check that start -> control panel -> windows firewall -> exceptions -> Remote Desktop permits access
3. You must have your login added to the approved list on that machine
4. You must note the computer name (usually IG-xxxxxx)
You must each time:
1. make sure the UTIG system is turned on. If you have a newer system, you may have to set power settings so it doesn't sleep.
2. on your remote machine, start the UT VPN https://vpn.utexas.edu (or be on the UT wireless )
3. search > Remote -> and click;
4. Enter the IG-xxxxxx.austin.utexas.edu name you remembered above.
5. Logon with your austin\eid username and password.
While a remote connection is active, users at UTIG will see a locked desktop, and only you (or an administrator) will be able to break the connection to make the local computer available again until the remote session is ended. To end the remote session, just click the close (X) box in the upper right. This does not log you out; you are still logged in to the UTIG system, and the desktop is still locked until you (or an admin) unlock(s) it locally, or you start another remote desktop session.
Storage
We make the distinction between public and private storage resources. Private
storage can have any policies the owner desires. We'll do our best to help keep
it running optimally, but we take no responsibility for any data on it. Public
storage comes in two flavors: Windows and Unix, and is backed up regularly.
Usually Unix storage is accessible from Windows, but only some Windows server
storage is visible from Unix. Historically, larger disks at UTIG are all Unix
disks.
Windows/MacOS storage consists of local internal and removable disks and server disks.
There are two kinds of public Unix storage: one is optimized for many smaller files, and one for larger files and higher transfer rates.
/home/{staff,student,other}/yourname is your home directory; which of the 3
you are assigned to depends on your classification at UTIG. A shorthand name
for this directory is "~" (in many Linux command interpreters). We don't enforce limits since problems are
very rare. Snapshots are taken very hour, and kept for a day, and daily snapshots are kept for a month, in case you
need to undo or restore changes.
You may access /home/staff from Windows or MacOS as:
\\files.ig.utexas.edu\home_staff or
smb://files.ig.utexas.edu/home_staff
and likewise, for student and other.
/disk/{staff,student,other}/yourname should be used for larger files. It is
particularly well suited for bulk data and archival storage. It automatically
migrates unused files to slower disk, and then to tape, over a period of hours
to weeks so there there is always about 5T of free space, and up to
several tens of TB can be made available in a matter of minutes. There may be a few
seconds delay if you don't work with a file for a while, as it is reloaded from
its archive. In the worst case, if you reload many large files at once, the delay
could be significantly longer. Please ask for advice if you regularly use old
files larger than 10GB. DO NOT compress files on this disk - the system compresses
them as it archives them so no space is saved by your doing so.
You may access /disk/staff from Windows or MacOS as:
\\files.ig.utexas.edu\disk_staff or
smb://files.ig.utexas.edu/disk_staff
and likewise, for student and other.
/p>
Software
Unix/Linux software is shared from architecture specific shared nfs filesystems
mounted at /usr/local/utig.
Software modules are selected in your .cshrc file, using "set SOME-MODULE"
commands before the "source /usr/local/utig/lib/Cshrc.new". This selects only certain
packages or modules at runtime. This avoids interaction between settings needed
for one package vs. another, or slow startup times when many different packages
are initialized. A non-permanent way of doing the same thing is: "set
SOME-MODULE; repath". This selects some-module only for the duration of the
window where repath is run.
Backup Policy
Backups are primarily done to guard against loss of bulk data due to hardware
malfunction or computer system error, although they often can also permit users
to recover from their own mistakes - please do ask if you have a problem.
Local Windows/MacOS disks (internal disks like c:, removable usb disks) are backed up daily on a best efforts basis to a centralized server. You should see a warning message on your system if it has not been backed up in the last 7 days. Windows server disks are backed up the same way. Restore of any system, from scratch, is usually possible for the previous 21 backups (usually about 3 weeks).
Unix disks /home/{staff,student,other} are backed up each morning to one disk, and each night to another disk, and both sets are kept for a month. Unix disks /disk/staff,student,other are backed up by the archiving software. Normally, a file there is archived several hours after you last change it and a second copy is made to tape after about a week. After the second copy is made, a file's space may be released. Typically this won't haapen for several months.
Private disks are not backed up. The owner should backup each according to the kind and value of data stored there.
Disaster recovery
We locate primary data and backups in separate locations in our building as far
apart as possible to preclude total loss in case of fire or malicious
vandalism. If you take a copy of your data home from time to time, it provides
a recovery point for you independent of whatever the system does. If you intend
to backup files in /disk/staff,student,other, please ask for advice first - the
data volumes involved can be quite large.
We suggest that you make a backup of any files you consider important. There are many dvd (4+GB) writers, and for larger data volumes we have tape or usb disks. We can read 8mm (5 GB), DAT (1,2,4,12,24 GB), DLT (10,15,35 GB), and LTO (1-7) (100G-6T). We recommend you use LTO4 for new backups, and use gtar (gnu tar) for data portability. Locations of tape drives change over time.
