Overview
APT repository
In order to be able to use the APT repository for your Debian installation, you generally need an activation by Rechnerbetrieb Mathematik.
| Laptop with cable | No restrictions after activation |
What are compute servers?
These are necessary for bigger calculations. RBM has so-called compute servers for these purposes. These are computers with comparatively high computing power and a lot of memory.
Employees of the Faculty of Mathematics (EIM-M) can use these servers. Please contact us.
If you want your programmes to not terminate on logout, the commands nohup and screen exist.
The names of the compute servers are known to the working groups and can be requested from the RBM if necessary.
Employees of the mathematics department with a corresponding AG membership have access to the compute servers via ssh only from the networks of the mathematics department.
On Linux systems, access is as follows
ssh <servername>
e.g. for the compute server euklid:
ssh euklid.math.paderborn University.de
But why are compute servers useful and how do I use them?
Problems with long-running processes and programmes
Processes that perform complex calculations usually run for a very long time, possibly several days.
This has some consequences:
1. problems with the quota
You are logged in for a long time and your memory quota is full. Now effects can occur whose actual cause is difficult to recognise:
- Mozilla no longer works, neither mail nor browser
- Printing is no longer possible.
- etc.
2. security problems
From time to time, security problems are detected in software, i.e. programming errors that allow unauthorised persons to, for example
- read your mails
- carry out attacks from your computer to other computers under your user account or your name.
- etc.
RBM tries to close such gaps as soon as they occur, usually within one working day. It is often necessary to restart the computer.
To ensure that no data is lost, we first check whether anyone is logged in and working on the affected workstations. If this is the case, a message is displayed on the screen and the reboot is delayed. Follow the instructions in this message.
After two weeks, the computer is automatically restarted for your protection and the protection of your data.
In order not to lose any data, e.g. also in the event of power failures during longer running compute processes, it is recommended to use the compute servers.
Firstly, the compute servers are more powerful than standard workstation PCs and are also separately protected against power and hardware failures. They are also better protected in terms of security.
1. nohup
The nohup command enables console programmes to be started without being terminated when logging out.
The general use looks like the following:
nohup <command> ... &
For example, if you want to run the programme ./compute-mupad.sh in the current directory:
nohup ./compute-mupad.sh &
If the programme generates output on the console or XTerm during normal use, this will be in the file nohup.out in the current directory.
If you log out after starting the programme, it is possible to view the progress of the calculation in the nohup.out file at a later time.
nohup is not suitable for starting X applications or interactive console applications.
2. screen
Another alternative is the screen command . In contrast to nohup , screen also enables interactive console programmes to be started.
A so-called screen session is started by entering the following:
screen
The session starts with a screen that looks similar to the following:
The session window looks like this. Firstly, it is a shell like in any normal XTerm. In the lower part of the window you can see a status bar (white on blue). From left to right you can see the computer name, then the system load in brackets, then the date and original time and finally the names of the current subwindows.
Several sub-sessions called screens can exist in one screen session. When first started, there is only one screen no. 0 called bash.
Screen is generally controlled by a key combination starting with <Control-A> (English keyboard layout) or <Strg-A>on the German keyboard, i.e. Control or Ctrl key pressed together with the A key. In the following only called <C-a> . <C-a c> means first <Ctrl-A> and then the C key.
Below are the most important key commands:
| Keyboard shortcuts | Effect |
| C-a c | Open new screen |
| C-a k | Close unresponsive screen |
| C-a n | Switch to the next screen |
| C-a p | Switch to the previous screen |
| C-a A | Edit the name of the screen |
| C-a d | Disconnect from the screen session, all screens in the session continue to run until they close themselves, the screen session is called up again or the computer is restarted. |
Applications can now be started in the screens. Once all calculations have been started, it is possible to disconnect from the screen session. To do this, use the key combination <C-a d>.
You can then log out of the computer and the calculations will continue.
If you want to view the status of the calculations in the screen session at a later time, first log in to the computer on which the screen session was started via ssh . Then enter
screen -x
This reconnects you to the screen session and you can use the key commands to check the screen session.
Further information can be found in the Unix man page for screen, which can be opened on Linux computers with
man screen
on Linux computers.
The Linux pool rooms for mathematics
Mathematics operates a Linux pool in room D3.301.
To work remotely on one of the pool computers, an SSH or NX client is required.
Documentation on the institution of the x2go client is available here.
Access canonlyvia the gateway sommerfeld.math.uni-paderborn University.de.
The pool computers can then be accessed as <computer name>.math.uni-paderborn.de via ssh.
If a pool computer is switched off, it can be started with the command "boot <computer name>" on Sommerfeld.
- skinner
- waylon
- lou
- smithers
- duff-man
- edna
- jeff
- margin
- ralph
- flanders
- clancy
- patty
- quimby
- selma
- apu
- itchy
- beard
- homer
- otto
- jimbo
- mr-burns
- scratchy
- nelson
- lisa
- martin
Recommended software
Action | Software | Command | Command Description |
Web browser | firefox | firefox | Good slim web browser |
links | links | Console text browser | |
lynx | lynx | Consoles Text-Browser | |
CD/DVD burning | k3b | k3b | Simple CD/DVD burning software for KDE |
cdrecord | cdrecord | Powerful CD burning software for the console | |
cdrdao | cdrdao | Also powerful burning programme on the console | |
TeX/LaTeX editors (frontends) | Kile | kile | KDE editor especially for LaTeX documents |
Lyx | lyx | What-You-See-Is-What-You-Get Editor for LaTeX documents | |
View images | |||
Gwenview | gwenview | Very comfortable image viewer based on ACDSee | |
Edit images | The Gimp | gimp | Complex image editing programme |
View videos | mplayer | mplayer | Comprehensive playback programme for video files |
gmplayer | Graphical user interface for mplayer | ||
haruna | haruna | Rae's recommendation | |
xine | xine | User-friendly playback programme for video files incl. graphical user interface | |
Email clients | alpine | alpine | Email client for the text console |
Thunderbird | thunderbird | Graphical email client | |
Writing letters | OpenOffice | oowriter | Powerful word processing programme |
Create slides | ooimpress | is used to create screen presentations | |
Create spreadsheets | oocalc | Powerful spreadsheet programme | |
Java IDE | Eclipse | eclipse | Complex Java IDE |
Set up Kerberos client
Some services such as SSH can be used from home without being logged in to the terminal. It is recommended to install/configure Kerberos for this.
Quick reference:
Necessary packages: krb5-config krb5-user
Realm: MATH.PADERBORN UNIVERSITY.DE
Kerberos server: Does not need to be specified
Step by step instructions:
- Open a root shell:
- Install packages:
- Configuration:
-
Test:
You can now use the kinit command to get a ticket.
For a general understanding of Kerberos, we recommend our introduction.
Problems logging in
There are two different cases of failed login attempts:
- After a short time, a window appears with the message:"Login incorrect; please try again"
- The login screen initially disappears, but reappears shortly afterwards.
Case 1: There are two possibilities:
- You have forgotten or misremembered your password. (This happens again and again!)
- Your login is blocked (there are various reasons for this).
It is then necessary in any case to contact the computer centre in room D2.301.
Case 2: The quota has been exceeded. (The personal data takes up too much space).
In this case, you can remedy the situation yourself. Logging in to the text terminal is then still possible.
It works like this:
- "CTRL-ALT-ENTF F1"
- Enter login+password (no placeholder is inserted for the password, don't be surprised!)
Files must now be deleted until the quota is no longer exceeded.
The most important commands:
- quota -vs (Checks the quota)
- du -k (How much space does a directory occupy?)
- ls -l (Displays the size of files)
- rm (to delete files)
Don't forget to log out afterwards! (Command: exit)
Then you should be able to log in again. Otherwise visit us in D2.301.
An increase of the quota can be requested at the computer operation.
Use of external data carriers
Using USB sticks on Linux computers
Mounting
Normally, an inserted USB stick is automatically recognised and mounted. A window should appear showing the contents of the stick. Otherwise, you can call it up via the file manager of the user interface (Nautilus/Thunar).
Unmounting
Normally, you can eject a USB stick via the respective file manager using the right-click menu. If this does not work, you must use the
console command pumount:
pumount /media/[name of USB stick]
Mount point
The USB stick with the respective name is mounted under /media:
/media/[name of the USB stick]
If a USB stick is not assigned a name, it is created with the default name disk.
Naming and folder creation is case-sensitive, therefore upper and lower case must be observed.
Why is my computer slow?
If your computer responds very slowly, check the utilisation of the PC and the existing processes with the command
user@client# top
To exit top again, press the q key. top shows you which intensive (utilisation of the CPU, main memory) processes are running on the computer.
The command w shows all users who are logged on to the PC:
user@client# w
If other people are also using the computer, let them know that their processes are interfering and that they should stop them. If the person is no longer logged in, it is probably due to incorrectly terminated processes. Please inform Computer Operations Mathematics and we will then terminate the processes.
If one of your own processes is the problem, terminate it. If this is not possible, use the command
user@client# ps -aux | grep your_login_name
to determine the process ID (PID). You can then use the command
user@client# kill PID
command to terminate the application. PID must be replaced by the previously determined process ID. If the process still cannot be terminated, the following may help
user@client# kill -9 PID
Further information can be found on the help pages for top and ps, which can be accessed with the commands
user@client# man top
and
user@client# man ps
can be displayed.
If it is no longer possible to use the computer on the console (the monitor remains black, you can no longer enter commands), try logging in from another computer via ssh:
user@client# ssh name_of_slow_down_computer
You can then try to kill your processes. Or inform the computer operation maths and provide us with all essential information (name of the computer and login, commands entered, error messages).
Please never simply switch a PC under Linux off and on again, as this procedure can damage the hard drive.
Users:inside and groups
Under UNIX, all users of the system are categorised into groups. A user can belong to several groups. One of the groups is the so-called primary group, which plays an important role when creating a file/directory. You can find out which groups you are a member of using the groups command:
Example:
gudrun@vieta[~]>>groups gudrun root fiz3 gdmaint mupmod mupdev modem muplib mupas sysadmin software mathnet gudrun@vieta[~]>>
Groups are assigned to users by the system administrator and can only be changed by them. You can temporarily change your own primary group to another group to which you belong: newgrp(newgroup) sets your primary group in the news shell to newGroup until you exit the shell, e.g. with CRTL-D.
Example:
gudrun@vieta[~/TEST]>>groups gudrun root fiz3 gdmaint mupmod mupdev modem muplib mupas sysadmin software mathnet gudrun@vieta[~/TEST]>>touch test-file1 gudrun@vieta[~/TEST]>>ll test-file1 -rw-r--r-- 1 gudrun root 0 Apr 25 08:37 test-file1 gudrun@vieta[~/TEST]>>newgrp mathnet Loading standard modules...done. Loading additional modules from ~/.modulefilesrc basic pem gnu openwin X11 tetex done. gudrun@vieta[~/TEST]>>touch test-file2 gudrun@vieta[~/TEST]>>ll test-file2 -rw-r--r-- 1 gudrun mathnet 0 Apr 25 08:37 test-file2 gudrun@vieta[~/TEST]>>
Properties of files and directories
Access to files and directories under UNIX is regulated by three user classes:
- u for login user(the owner)
- g for group(the corresponding group)
- o for others(everyone who is not in the group)
Example:
gudrun@vieta[~/TEST]>>ls -al total 278 drwxr-xr-x 11 gudrun root 512 Apr 25 08:49 ./ drwxr-sr-x 58 gudrun mupas 4608 Apr 21 22:54 ../ [...] drwxr-xr-x 2 gudrun mupas 512 Apr 25 08:49 TEST-DIR/ -rw-r--r-- 1 gudrun root 0 Apr 25 08:37 test-file1 -rw-r--r-- 1 gudrun mathnet 0 Apr 25 08:37 test-file2 gudrun@vieta[~/TEST]>>
In this output of ls -al you will see seven blocks of information per file/directory. The first block consists of 10 characters and represents the type of file and its access rights. The second block is a number that indicates the number of existing links to the file/directory. The third block indicates the owner of the file, the fourth block the group that has access to this file. This is followed by the size of the file (in bytes), the last modification date and the name of the file/directory.
Access rights to files
In the first block of the output of ls -al, the first of the ten characters specifies the type of file/directory. A - means that it is a (normal) file. A d stands fordirectory, an l forlink.
Characters two to four specify the access rights for the owner of the file. Characters five to seven specify access rights for the other members of the group to which the file belongs. Characters eight to ten specify the access rights for all other users.
For each of the user classes, access for reading(read), writing(write) orexecuting (execute) can be set individually, meaning that a total of nine different access rights (protection bits) can be assigned per file/directory. The file access rights thus determine who is authorised to access the contents of the file and in what sense.
Example:
-rw-r--r-- 1 gudrun mathnet 0 Apr 25 08:37 test-file2
In this example, the access rights for test-file2 are -rw-r--r--. It is therefore a normal file. As the owner, the user gudrun has both read and write authorisation. All other members of the mathnet group only have read authorisation, as do all other users. They cannot change the content of the file. Nobody has execute permission (x), which should only be granted for executable files (i.e. files that contain programmes).
Access rights to directories
The access rights for a directory control access to the files and subdirectories it contains. As soon as you have access to a directory, the ability to read individual files or change their content is monitored by the file access rights. As with files, access to directories for reading(read), writing(write) orexecuting (execute) can be set individually for each user class. Compared to file access rights, there are two special features to note for directories:
- For directories, the execute permission (x) means that the corresponding users can access the directory, e.g. change to the directory or list the files in the directory with ls.
Important: If a user is allowed to access a directory, they need the execute permission (x) for all higher-level directories up to the root (root directory:). - Write permission to a directory means that authorised users can create and delete files.
Important: In this case, it is possible to delete a file even if the corresponding group does not have any access rights to the file itself.
Change access rights
The access rights to a file/directory may only be changed by the owner:in the file/directory. Thechmod command(change mode) is used for this purpose. There are two syntactically different forms of chmod, but they have the same effect:
- Changing access rights using chmod w?y where the
following can be set
forw (user:inner class): u (user), g (group), o (other), a (all)
? (action) can be set: + (add right), - (remove right)
y (access right) can be set: r (read), w (write), x (execute)Examples:
gudrun@vieta[~/TEST]>>ls -al test-file1 -rw-r--r-- 1 gudrun root 0 Apr 25 08:37 test-file1 gudrun@vieta[~/TEST]>>chmod g-r test-file1 gudrun@vieta[~/TEST]>>ls -al test-file1 -rw----r-- 1 gudrun root 0 Apr 25 08:37 test-file1 gudrun@vieta[~/TEST]>>
The group is no longer allowed to read the file.
gudrun@vieta[~/TEST]>>ls -al test-file1 -rw-r--r-- 1 gudrun root 0 Apr 25 08:37 test-file1 gudrun@vieta[~/TEST]>>chmod g-r test-file1 gudrun@vieta[~/TEST]>>ls -al test-file1 -rw----r-- 1 gudrun root 0 Apr 25 08:37 test-file1 gudrun@vieta[~/TEST]>>
All users are allowed to execute the file, the group is allowed to read again. Note that several assignments can be made with one command, separated by a comma.
gudrun@vieta[~/TEST]>>ls -al [...] drwxr-xr-x 2 gudrun mupas 512 Apr 25 08:49 TEST-DIR/ gudrun@vieta[~/TEST]>>chmod o-x TEST-DIR/ gudrun@vieta[~/TEST]>>ls -al [....] drwxr-xr-- 2 gudrun mupas 512 Apr 25 08:49 TEST-DIR/
Others (all those who are not group members) are no longer allowed to access the directory.
- Reassignment of all access rights by chmod ugo where the values for u,g,o are specified as follows:
user group other read 4 4 4 4 write 2 2 2 execute 1 1 1
The corresponding columns are totalled for the desired rights.
Examples:gudrun@vieta[~/TEST]>>ls -al test-file1 -rwxr-xr-x 1 gudrun root 0 Apr 25 08:37 test-file1* gudrun@vieta[~/TEST]>>chmod 600 test-file1 gudrun@vieta[~/TEST]>>ls -al test-file1 -rw------- 1 gudrun root 0 Apr 25 08:37 test-file1 gudrun@vieta[~/TEST]>>
Only the owner:in of the file may read and modify the contents of the file.
- gudrun@vieta[~/TEST]>>ls -al test-file1 -rw------- 1 gudrun root 0 Apr 25 08:37 test-file1 gudrun@vieta[~/TEST]>>chmod 640 test-file1 gudrun@vieta[~/TEST]>>ls -al test-file1 -rw-r----- 1 gudrun root 0 Apr 25 08:37 test-file1 gudrun@vieta[~/TEST]>>
The owners:in the file may read and change the contents of the file, the group members may read the contents but not change them, all others have no access rights.
gudrun@vieta[~/TEST]>>ls -al test-file1 -rw-r----- 1 gudrun root 0 Apr 25 08:37 test-file1 gudrun@vieta[~/TEST]>>chmod 664 test-file1 gudrun@vieta[~/TEST]>>ls -al test-file1 -rw-rw-r-- 1 gudrun root 0 Apr 25 08:37 test-file1 gudrun@vieta[~/TEST]>>
The owners:in the file and all group members may read and modify the contents, all others may only read.
gudrun@vieta[~/TEST]>>ls -al total 278 [...] drwxr-xr-- 2 gudrun mupas 512 Apr 25 08:49 TEST-DIR/ gudrun@vieta[~/TEST]>>chmod 755 TEST-DIR/ gudrun@vieta[~/TEST]>>ls -al total 278 [...] drwxr-xr-x 2 gudrun mupas 512 Apr 25 08:49 TEST-DIR/ gudrun@vieta[~/TEST]>>
The owner:in has full access to the directory, the group and all others may only read in the directory (of course only the files that have the corresponding read permissions).
chmod can be used recursively in both forms with the -R option.
Preset access rights globally
Each time a file/directory is created, the access rights preset by the system are set. This default setting can and should be adapted to your own requirements. In the maths network, the value of umask is set to 022 for each user:in in the .cshrc file, i.e. each file created by a user:in has full access rights for this user:in and read access rights for all others. Useful values of umask and their meaning for newly created files and directories are
| umask value | file | Directory |
| 022 | -rw-r--r-- | drwxr-xr-x |
| 077 | -rw------- | drwx------ |
| 027 | -rw-r----- | drwxr-x--- |
Please adapt the value of umask to your requirements.
The umask command can of course also be used in the current shell. umask without an argument returns the currently valid setting of umask.
Example:
gudrun@vieta[~/TEST]>>umask 22 gudrun@vieta[~/TEST]>>touch test-file5 gudrun@vieta[~/TEST]>>ls -al test-file5 -rw-r--r-- 1 gudrun root 0 Apr 25 09:49 test-file5 gudrun@vieta[~/TEST]>>umask 077 gudrun@vieta[~/TEST]>>umask 77 gudrun@vieta[~/TEST]>>touch test-file6 gudrun@vieta[~/TEST]>>ls -al test-file6 -rw------- 1 gudrun root 0 Apr 25 09:49 test-file6 gudrun@vieta[~/TEST]>>
Important: If a file is copied with the cp command, the old access rights of the file are taken over, provided umask allows these access rights. Additional rights are never set, as a new file is created with the news access rights and the content of the original file is copied into it. However, if a file already exists that is overwritten by the copying process, its old access rights are retained:
Example:
gudrun@vieta[~/TEST]>>umask 77 gudrun@vieta[~/TEST]>>ls -al test-file* -rw-rw-r-- 1 gudrun root 0 Apr 25 10:02 test-file1 -rw------- 1 gudrun root 15 Apr 25 10:03 test-file6 gudrun@vieta[~/TEST]>>cp test-file1 test-file1-new gudrun@vieta[~/TEST]>>cp test-file6 test-file1 gudrun@vieta[~/TEST]>>ls -al test-file* -rw-rw-r-- 1 gudrun root 15 Apr 25 10:04 test-file1 -rw------- 1 gudrun root 0 Apr 25 10:04 test-file1-new -rw------- 1 gudrun root 15 Apr 25 10:03 test-file6 gudrun@vieta[~/TEST]>>
Change ownership rights
The ownership of a file/directory can only be changed by the system administrator. The group membership of a file/directory can be changed by the respective owner:in the file using the command chgrp(changegroup). The syntax for this command is: chgrp With the option -R chgrp
Example:
gudrun@vieta[~/TEST]>>ls -al test-file* ls: No match. gudrun@vieta[~/TEST]>>touch test-file1 gudrun@vieta[~/TEST]>>ls -al test-file1 -rw------- 1 gudrun root 0 Apr 25 10:12 test-file1 gudrun@vieta[~/TEST]>>chgrp mupas test-file1 gudrun@vieta[~/TEST]>>ls -al test-file1 -rw------- 1 gudrun mupas 0 Apr 25 10:12 test-file1 gudrun@vieta[~/TEST]>>
Sharing directories
Groups often want to make files available centrally for all their group members. A directory that has full access rights for the group can be used for this purpose: Example:
gudrun@vieta[~/TEST]>>mkdir FUER_MUPAD gudrun@vieta[~/TEST]>>ls -al total 280 [...] drwx------ 2 gudrun root 512 Apr 25 10:22 FUER_MUPAD/ gudrun@vieta[~/TEST]>>chgrp mupas FUER_MUPAD/ gudrun@vieta[~/TEST]>>chmod 770 FUER_MUPAD/ gudrun@vieta[~/TEST]>>ls -al total 280 [...] drwxrwx--- 2 gudrun mupas 512 Apr 25 10:22 FUER_MUPAD/ gudrun@vieta[~/TEST]>>
Important: Please note the following in this case:
- Each of the group members can now create and delete files in the directory. It is also possible to delete a file even if group access is not permitted for this file.
- A file created by a group member belongs to this group member and is therefore counted towards their quota.
- A file created by a group member can still not be readable for the group. The file access rights must be set correctly for the group. In this case, check the value of umask (see Presetting access rights globally) or set the rights manually (see Changing access rights).
- A file created by a group member may still not be readable, as this person is a member of the correct group but has a different primary group (see under Users and groups) and the file was therefore created with the wrong group. In this case, only the owner can change the ownership rights in the file. Alternatively, they can avoid this problem by setting the so-called Set-GID bit on the directory. This means that all files created in the directory are automatically assigned the group membership of the directory.
Example:
gudrun@vieta[~/TEST]>>ls -al [...] drwxrwx--- 2 gudrun mupas 512 Apr 25 10:43 FUER_MUPAD/ gudrun@vieta[~/TEST]>>touch FUER_MUPAD/test-file1 gudrun@vieta[~/TEST]>>ls -al FUER_MUPAD/test-file1 -rw-r----- 1 gudrun root 0 Apr 25 10:44 FUER_MUPAD/test-file1 gudrun@vieta[~/TEST]>>chmod g+s FUER_MUPAD/ gudrun@vieta[~/TEST]>>ls -al [...] drwxrws--- 2 gudrun mupas 512 Apr 25 10:47 FUER_MUPAD/ gudrun@vieta[~/TEST]>> gudrun@vieta[~/TEST]>>touch FUER_MUPAD/test-file2 gudrun@vieta[~/TEST]>>ls -al FUER_MUPAD/test-file2 -rw-r----- 1 gudrun mupas 0 Apr 25 10:47 FUER_MUPAD/test-file2 gudrun@vieta[~/TEST]>>
- There can also be problems with access control for files that are writable for the group. If two people edit the same file at the same time, changes will be lost. Please remember to solve this problem organisationally (e.g. through clear agreements or by working exclusively on copies). A technically supported professional solution such as the use of a version control system (e.g. cvs) may also be useful.