Below are topics which cover the most common questions we receive at Physics Support, this list is constantly updated.
❧
External access to Physics using SSH (and internal XWin32/XNest access) is no longer available through suphys.physics.usyd.edu.au. Suphys has now become a full time server for the Physics network and is not available to users for these two services.
Users wishing to access the Physics network from anywhere in the world using SSH or NX to access a virtual Linux desktop will now do this through our Linux server:
gateway.physics.usyd.edu.au
All other network services will continue to run from suphys.
Users are not to make any changes
to their settings—network, email etc— unless advised by Physics Support.
The new server has the same suite of software available as all Linux workstations at Physics (except for IDL, MATLAB and Mathematica). For permanent direct access to workstations from external networks click here.
IMPORTANT: This server is designed as a secure entrance point to the Physics network from anywhere in the world and it is only to be used for light weight processing e.g. reading your email, editing files, surfing the web etc. It is not to be used for data processing of any kind that would result in high CPU or Memory load, such processes will be killed without notice. These are the same guidelines to which users adhered when accessing suphys.
NOTE: if you do not create an index.html file in directory ~/public_html
and any of it's subdirectories everyone will be able to get a listing
of these directories and download files you may not want them to have.
Also if there is not enough room in your home directory make a symbolic
link (command: ln -s) from within ~/public_html to where the rest of
your web files are kept.
The University has two Network Time Protocol (NTP) servers:
NTP server internal to Physics is:
If you maintain a private Linux PC please consult the security pages for your particular distribution — Ubuntu, Fedora, CentOS...
For example for Ubuntu there is this guide https://wiki.ubuntu.com/BasicSecurity.
Please note that this information is provided as is and Physics Support takes no responsibility for the use or misuse of this information.
The School's server runs several restricted sites and pages which can only be seen by authorised systems. If a user believes they should be able to see these pages or sites and they can not they should first check that their Internet Browser Proxy Setting is correct.
Note: from the start of 2016 the correct setting is No proxy
Users can print to any
printer
(although you should restrict yourself to the one(s) in your department)
from all computers. To check status of available printers on Linux
workstations use command checkprinters. In Linux for more
information on command line printing commands check the man
entries for lpr or lp, lpoptions,
lpq, lprm. Printing of files other then
plain text should be done using the appropriate application, example:
for PDF files user acroread, for ASCII/Rich-text files use
a2ps -1 (see man a2ps for more option).
If a user sees that their job is not printing (e.g. printer LCD shows
error) they can remove the job from the print queue by pressing the 'Cancel
Job' button or remove the job: on windows the job can be removed using
the Print Manager and on linux through the use of the lprm
command.
The page size which the printer will print on is selected using the software you are using to send your document to be printed. Page size is not determined by your workstation or the printer. Example: if you use acroread and do not select a page size the document will be sent to the printer with what ever the default page size is set in acroread or the pdf document. Therefore, if you do not select say A4 your document may be sent to printer for printing on US Letter size.
If the printer LCD panel shows a message stating that US Letter size paper is required the user can choose to press the Cancel button to delete the print job or press the Green (Go) button twice to have the printer print the job on A4 paper. This is available on almost all our printers.
From the command line users can force A4 size using the following:
lpr -o PageSize=A4a filename
where filename is your postscript (.ps) file.
Depending on the PDF file users may also need to select a different Postscript Level. Physics printers will print both Postscript Language Level 1 and 2 but NOT 3. To change Postscript Level in acroread goto: File -> Print -> Postscript Options).
Linux workstations handle both /usr/bin/lp and
/usr/bin/lpr as commands in the acroread or xpdf "Printer
Command:" field. The job will then be sent to the printer defined in the
users ~/.default_printer file (user can change printer in
this file using the chooser command).
All public printers at Physics are Postscript printers, this means no drivers are required when sending jobs from UNIX or Linux workstations.
Mac OS X and Windows XP users should submit an Physics Support Request Form to have the required drivers installed on their system.
Users who find that the text from their file runs of the page when
it is printed with the standard lp command should use
linux command a2ps. See the man page on how to use the
command (man a2ps). For quick ease use the command has 9
preformated options (-1 to -9) which users can use as follows: a2ps
-2 filename without having to set any other options.
This Printer Error (which sometimes appears on the printer LCD) is caused when a badly formed postscript file is sent. In our case this is typically caused by some combination of PDF file and acroread version (i.e. a PDF file may cause the error when sent from Acroread 7 but not when sent with Acroread 5). This error is OS independent.
Since users can not determine which PDF file <—> acroread-version combination can cause this issue all that the user can do is 'lprm' the job from their queue and power-cycle the printer to clear the job from memory then try sending it with a different acroread version (e.g. acroread5).
If you are using a mac and you want to add a printer to it, and you have admin permissions you can do so as follows;
Note: If the system does not detect the printer model, or you have an other problems log a job with Physics Support.
When you first login into a workstation console, you have a choice of Window Managers: Gnome or KDE on Red Hat and Scientific Linux workstations ‐ Gnome is the default but you can choose a different Window Manager each time you login.
Users should generally not run software intended for the KDE environment under Gnome, as it can cause the Gnome environment to crash (i.e. your display will hang).
All UNIX/Linux and Mac OS X client machines are IP filtered. So users wanting permanent direct remote access to these machines through ssh/sftp/scp/NX etc from external networks will have to submit a Physics Support Request Form stating from which domain they want access (example: .physics.unsw.edu.au).
SSH/SFTP/SCP connections are permited and X11/NX forwarding is automatic.
If you are at an off-site location for a short period (example: conference) please login to gateway.physics.usyd.edu.au and if required then your workstation.
When using
Networked Linux Workstations for running long jobs they should always be run at reduced priority.
The reason for this is to minimise the effect on the interactive response of the system to the console user (see the info entry for nice).
You should refrain from running lots of jobs in parallel (on the one
machine). This reduces the efficiency of the machine, and you would
usually get your results quicker if you ran the jobs serially. Before
running a long job, check the current load on the machine with command top
it will give you this information about all processes on the
workstations your on. You will often get better performance from a
slower but lightly loaded machine than from a fast but heavily loaded
machine.
When running jobs on someone else's machine, make sure you use a nice level of no less than 10. Also check the size of the job which you are going to run. The size
command will give you an idea of your job's memory requirement. This
should in general not exceed 70% of the machines RAM. Command top
will tell you how much RAM a machine has. If this is much more than 70%
of the RAM in the computer then you shouldn't run the job on someone
else machine as it's likely to slow it down significantly even when
nice'd because of
paging to disk. The renice command may be used to change the nice value
of a job that is already running. It is only possible to increase the
nice value (i.e., decrease the priority). To do this you need to know
the process ID for the job (which you can find by running ps). For example to change the nice value to 15 for a job with PID 1254, run:
renice +15 1254
Your home directory is the directory you are put into when you login to any
Networked Linux Workstations on our network. Users can check the full path of their home directory by typing pwd
in an xterm, this path will be the same on all workstations.
Home directories are treated differently from other directories/file
systems for many reasons which we want go into here. The most common
issue users will run into is quotas. Quotas are limits set on the
amount of data and number of files you can put into your home
directory. Current limit can be found using command: quota
Users can check their quotas by typing the command: quota
NOTE: if you fill your home directory and logout you will not be able to log back in to any Linux workstation, you will have to contact Physics Support for help.
Data disks are file systems with no quota limits which are available to users. Other common names for data disks are shared file systems, network file systems, remote file systems, data partitions etc. Data disks should be used when you need more storage space then your home directory can provide.
We also currently have 2x 4,800 GB data disks available on our server. All data disks are available (cross mounted) on all workstations. Available similarly on Mac OS X systems.
Users should check the status of the disk (e.g. if the data is very important is the disk backed-up), so they can select an appropriate disk for their data needs. Users wishing to get access to these disks just need to send a request to Physics Support
The path to a data disk takes the form of /import/hostname#/username where # is a number. So host silo and user ted would have data disk access path as /import/silo1/ted or /import/silo2/ted etc. Users should NEVER use the path starting with /export to get to their data disk. This is the mount point of the data disk partition on the given host. This path does not work anywhere else other then on the computer which hosts that data disk.
Also user should note that data disks are automounted to prevent Stale File Handles. What this means is if you are on a remote machine or type the command df and do not see your data disk as /import/ ... do not be concerned as soon as you run a command (e.g. cd) which access that disk it will be seamlessly automounted without the user noticing anything. When left unused it will unmount (to prevent a Stale File Handle) untill the next command requests it.
A Stale File Handle occurs when a process is running on one machine and writing to a remote data disk (i.e. a disk on another computer) and that host is brought down (turned off, rebooted etc). The user will notice then that when they try to access this data disk they will get a Stale File Handle. This is easily cleared by root so user just needs to submit a IT Support Request Form or if urgent call Physics Support.
Users can search for files or directories on all Linux systems using the command: locate
Locate will look for the string of characters (case sensitive) the user types after the command e.g.: locate thesis
To search for software you can use locate if you don't know the executable filename e.g. locate acro or use UNIX command which e.g. which acroread
For Windows users convenience every user at Physics with SAMBA access to Suphys1 or 2 data disks has a folder called private on that data disk. Any files which the user deems private (i.e. should not be seen by anyone) should be placed in this folder. Files/directories which the user wants to share can be placed (drag/drop) outside this directory.
Alternatively, the user can follow the below examples to setup what ever permissions they wish on files/folders in their home directory and Suphys1 or 2 data disk.
CHMOD is a powerful UNIX command which can be used to safe-guard or share files in your home directory, Suphys1 or 2 data disks with other users at Physics. It is best illustrated by some examples, it works the same way for folders (directories) and files (you can not damage your files using this command).
The default SAMBA permissions of a users home directory, Suphys1 or 2 data disk is that everything can be seen by everyone but no one can change or execute anything (i.e. read-only access). Users can only change permissions by logging into gateway.physics.usyd.edu.au using putty. They can not be changed through Windows because it does not offer such a facility.
Example 1: User ted doesn't want anyone to see what is in folder papers in his home directory.
Login to gateway.physics.usyd.edu.au using putty, then type: chmod go-rwx papers
In this case chmod removes read/write/execute (go-rwx) permissions for all users in physics, except the owner, from entering folder papers and seeing it's content.
User would use the same command to protect a single file.
Example 2: ted now wants to give all users in his group permission to write to folder project on suphys1.
Login to gateway.physics.usyd.edu.au, then type: cd /import/suphys1/ted
then: chmod g+rwx project
This only allows users to write to folder project it does not allow users in the group to write to folders/files in/below project that are created by other users in the group.
Example 3: ted now also want's the users in his group to be able to edit each others files in folder project on suphys1.
Login to gateway.physics.usyd.edu.au, then type: cd /import/suphys1/ted
then: chmod g+rwx,g+s project
This does not stop two or more users from editing the one file and overwriting each others changes so be careful.
A full manual page for the command can be seen by typing: man chmod
Known issues with Matlab on Linux workstations.
If you are running Matlab through a NX session and it hang (sleeps) when you disconnect from the NX session run matlab as own processes: matlab &
When users open other windows associated with MATLAB, such as the Preferences window, or the Path Tool window, they are sized too small (or too large).
Matlab has been patched for this issue. Users should only have to run the following command in Matlab: rehash toolboxcache.
Additional toolboxes are not available for Matlab due to the costs involved.
The following dialog displayed when attempting to start Firefox:
This normally indicates that a Firefox process on another machine has run and exited without removing its lock or is still running with the lock in place.
Normally when the second instance of Firefox is started it looks at this lock and locates the first instance. If this second instance can contact the first instance (using the current X11 DISPLAY environment variable) it passes the user's request (URL) to the first instance and exits. If the second instance can not contact the first the error dialog (above) is displayed.
The first instance can be located using the lock file, which is actually a symbolic link containing the IP address of the host on which it is running and its process id (PID).
This lock file is created in the profile directory under the directory .mozilla/firefox found in your home directory.
The profile directory is normally automatically (randomly) generated and looks something like emopobk6.default. Normally you won't have more than one profile but if you do then one method of finding all the locks is:
cd ~/.mozilla/firefox find . -type l -name lock -ls
The output is typically
8983 0 lrwxrwxrwx 1 kpopper phil 19 Sep 19 14:34 ./emopobk6.default/lock -> 129.78.129.25:+1096
The 129.78.129.25 indicates the process is or was running on gateway.physics.usyd.edu.au and the 1096 indicates it is or was process 1096.
In this case logging into Gateway and running
ps -p 1096 -f
will indicate whether Firefox is still running or not. If it is not running then the lock can be removed with rm otherwise the Firefox process may be terminated with the kill command.
FTP including Anonymous FTP has been disabled on our server for security and lack of usage by users.
If a user wishes to make files available to the public for download they can use their Web page or their Group's Web page.
Other options include a public Github repository. See What is the University code repository?. Alternatives include Dropbox, Onedrive or Aarnet CloudStor.
The School of Physics and Physics Support do not support hardware or software for the purposes of entertainment, this includes playing of Music CDs/MP3s, Movie DVDs/VCDs, games etc.
The support of hardware/software provided by the School is there for work related uses. Hardware such as speakers/sound-cards are supplied only as a byproduct of a given config, they are not specifically purchased.
Similarly if during standard install, software (including drivers) detect and configure other devices (e.g. sound-cards), then that workstation will have these features available. If it does not, Physics Support do not debug software/configs for the purposes of entertainment.
Unencrypted Telnet and Ftp connections are not permitted to our server, therefore, users wishing to connect to our server must have some form of SSH client software running on their computer.
All Linux and Mac OS X systems come with SSH client software already installed.
Following is a list of free SSH client software available for MS Windows and Mac (OS 9 and earlier) platforms. If a user is unsure about installing a package themselves just submit an IT Support request.
The following free clients are recommended for interoperating with SSH from MS Windows machines:
Users are permitted to install custom software on Linux workstations into their home directories or data disk areas (e.g. favorite web browser or editing tool etc).
Free software for the linux OS (freeware) typically comes in the form of OS source code or precompiled binaries. Precompiled binaries typical do not require the user to do anything other then unpack the zip/gzip/tar/bzip file they come packaged in.
Source code, however, requires the user to compile the software. Here we will show an example of how to install a software package from source code. This procedure has been greatly simplified over the last decade thanks to the standardisation of linux libraries.
See Building Linux software from source.
IDL may display colours incorrectly depending on OS and display settings. This is a known IDL issue and not an OS issue. Solutions are available in most cases and depend on OS and what is being displayed using IDL.
On Red Hat Linux one solution (provided you don't want a colour map that can change dynamically for any one plot) is to add:
idl.gr_depth: 24
idl.retain: 2
idl.gr_visual: TrueColor
to your ~/.Xdefaults file. This should get rid of the colour flicker and make sure the screen is redrawn after it has been covered.
See also A Mug's Guide to IDL or the IDL Group at Google for other solutions and help.
The man command can be used to find out details of any UNIX command.
To find out how to use man, try running:
man man
UNIX command info can be used to obtain some information about local features
of a system. The usage of this command is:
info subject
To get a list of subjects, run info with no arguments.
If you wish to change file permissions on Mac files, either on your local hard disc or on a mounted volume (such as suphys2) to prevent or allow other users to read or write to these files or folders follow this proceedure.
Highlight the file/folder icon by clicking on it once, then go to the file drop down menu and select "get info" (note: you can also use the key combination Cmd-I), under "ownership and permissions" select "details". The permissions are set up under three categories, owner, group and others. You can then choose to allow any of these to be able to "Read and Write", "Read Only", "Write only (drop box)" or "No Access". The meanings should be obvious. Do not click the "Apply to enclosed items..." button.
You are the owner, the group depends on how many users are in a particular group and others is everybody. You may also change the owner and group by clicking on the icon indicating these values. Then simple close the get info window and the permissions will have been set. You may need to click once on the small padlock icon next to the owner's name to allow you to authenticate with your macintosh password (not your email password).
After X11 is installed, as root edit the file
/etc/ssh_config
and allow X11 Forwarding by changing the permission to "yes" and uncommenting the line. Then edit the file
/etc/sshd_config
and uncomment the line "AllowTcpForwarding".
For example http://macphys.physics.usyd.edu.au/admin/export.ics
and click the "Subscribe" button. A new dialogue will appear asking if you
would like to name the calendar "export". allow this and a new calendar called
export will appear on your ical window.
To ssh logon to workstations without using a password, open a terminal and enter:
ssh-keygen -t rsa
- press enter
- press enter
- press enter
cp -p ~/.ssh/id_rsa.pub ~/.ssh/authorized_keys2
You will now be able to ssh to any workstation without having to type in a password.
Due to ICT's change to a new firewall appliance. Users need to make the following changes to ssh connection setting to keep idle connection alive.
Services which have been reported as having problems are:
In Physics the major issue at this stage is idle ssh connections (i.e. you ssh into a workstation from the world and your sessions closes while your out making a coffee). A work around for this is the following:
ssh -l username -o TCPKeepAlive=yes -o ServerAliveInterval=30 hostname
These parameters can be set in ${HOME}/.ssh/config
TCPKeepAlive=yes ServerAliveInterval=30
For private systems this can also be set globally in ther /etc/ssh/ssh_config file.
For Windows, to enable KeepAlive in PuTTY, follow the steps below:
Also see the ICT page How do I configure my PuTTY client to not time out due to inactivity?