subversion upgrade on SL6

As announced by mailing list:

The default version of the subversion (svn) revision control software will
change on DICE SL6 desktop and compute servers. This brings the version
into line with our new SL7 desktops and will allow working copies to be
shared between all DICE machines again.

The change will take place early in the morning of Thursday, 5h November.
You can check the current version as you’d expect:

  [hostname]you$ svn --version                                                                                                 
  svn, version 1.7...                                                                                                            

This change will have one particularly noticeable effect: *any* attempt to
work with an existing subversion working copy (i.e. “checkout”) with a
subversion 1.7 client will fail with the following message:

  [hostname]you$ svn up ./myrepo                                                                                              
  svn: E155036: Please see the 'svn upgrade' command                                                                              
  svn: E155036: Working copy [...] too old (format 10, created by Subversion 1.6)                                                 

You might already have seen this message on SL7 desktops; if you have
already upgraded then the sole effect of the DICE update will be to
restore access from SL6 desktops. Note that unlike historical releases of
subversion this will *not* affect your repository in any way.

If you wish to continue working with other, older clients you
will need to check out two working copies in different locations.

We do not intend to upgrade any of our running subversion servers to 1.7
until they are moved to DICE SL7 (for which there’s no immediate
timetable). If you run your own subversion server on SL6 you may wish to
let us know in advance; we can hold back subversion on your machine if
it’s critical.

Posted in Uncategorized | Leave a comment

OpenVPN configuration file updates

Of interest to users of the Informatics OpenVPN service:

Please note that – as announced via email to the sys-announce list – an updated set of configuration files for our OpenVPN service was put in place in late July 2015.

The old configurations will be turned off on Monday 2nd November, 2015 – so, if you haven’t already updated to the new set, please do so now.

Download links and instructions for the new files can be found at:

http://computing.help.inf.ed.ac.uk/openvpn-config-files

We also recommend that you install the latest versions of the OpenVPN client software you’re using (e.g. openvpn for Linux and Windows; tunnelblick for Macs), in order to pick up any recent security fixes.

Please contact Support in the usual way if you have any questions or comments.

Posted in Service Update | Leave a comment

Another web server (with a bit more security)

The web-page hosting services homepages.inf and groups.inf have been complemented by a new service, sweb.inf, which allows users to publish AFS-based web pages that have a greater degree of protection than the mechanism currently employed on existing services.

The new server, sweb.inf, uses AFS space that is accessible from anywhere (as normal) and is editable by the user (also as normal), but when accessed via the web using Apache it is constrained to a separate, user-specific ID, of the form “sweb.<user>” (not the generic <apache> ID as is normal on our other web servers). The resulting filespace should benefit from the resilience and availability of AFS, and be better-protected from any server-side issues (such as another user’s mis-configured script).

The URL of this more-secure web server is https://sweb.inf.ed.ac.uk, and user pages sit below the user ID at that site, so that the “test.html” page of user “fred” would be “https://sweb.inf.ed.ac.uk/~fred/test.html”.

The corresponding filespace is within the AFS file-structure, and accessible in the “web” sub-directory below the user directory in /afs/inf.ed.ac.uk/web/securepages (thus the path corresponding to the example URL above would be /afs/inf.ed.ac.uk/web/securepages/fred/web/test.html).

For related files that are not intended to be web-visible (README and other house-keeping files, intermediate or temporary files
used by scripts and suchlike) there is a data directory (for example, /afs/inf.ed.ac.uk/web/securepages/fred/data), which is a sibling of the web directory. These “data” files are only accessible via the filesystem, not via the web.

Files within the /afs/inf.ed.ac.uk/web/securepages structure need specific permissions if the mechanism is to work correctly. This allows web access as the restricted user-specific ID (such as “sweb.fred”, for example), but full access via the filesystem as user “fred”.

More information can be found on the relevant computing.help web page, http://computing.help.inf.ed.ac.uk/using-secure-afs-web-server.

To make use of this service, a request should be made via the Support Form.

Posted in Uncategorized | Leave a comment

New: SL7 Virtual DICE

We’re delighted to announce a new release of Virtual DICE. Find out more in the Virtual DICE help pages. The download information is here.

Virtual DICE is DICE Linux, but running in a virtual machine. It can run on any machine supported by VirtualBox. This release of Virtual DICE is based on the SL7 version of DICE Linux used in the Informatics student labs at Forrest Hill. Most of what you can do on SL7 DICE can also be done on Virtual DICE.

If you have questions which aren’t answered in the Virtual DICE help pages, please put them to Computing Support. Thanks.

Posted in Uncategorized | Leave a comment

SL7 Desktop Upgrades

A number of staff have already moved to using the latest version of our operating system – SL7 – so we have now started to upgrade the remaining DICE desktops. If they haven’t done so already, support will contact you individually to arrange a suitable date and time. We aim to have all DICE desktops upgraded to SL7 by the end of the year.

If you would rather not wait until we contact you and would like to be upgraded sooner rather than later, please get in touch with us via the support form –
http://www.inf.ed.ac.uk/systems/support/form/

The upgrade involves a full re-install and re-partitioning of the disk and therefore any data that you have stored on the local disk will be lost. We will therefore provide temporary storage space for you so that you can copy any files from the local disk that you may wish to keep. After the upgrade, you can then copy your files back. We’ll provide further details on this when we contact you.

We have added a page on computing.help with release notes on sl7. You may find the section on Window Managers particularly useful.

http://computing.help.inf.ed.ac.uk/sl7

Any questions, please contact support.

Posted in Uncategorized | Leave a comment

PostgreSQL upgrades

As posted to our announcements mailing list, we’ll be upgrading both of our commodity PostgreSQL servers “pgteach” and “pgresearch” this week (Wednesday 16th Sep, for the avoidance of doubt!) to the latest major version, 9.4.

The process is usually fairly painless as it can be performed “online” with only a few minutes of downtime, and a few minutes of read-only operation.

For details of the changes in the new version, you’d be advised to read the release notes on the PostgreSQL website.

For more information on use of the servers, computing support provide PostgreSQL help.

Posted in Uncategorized | Leave a comment

Automounter Changes

One of the consequences of the move from SL6 to SL7 is that we have switched from using the AMD automounter (which isn’t available on SL7) to Autofs. In making this switch, we have taken the opportunity to clear out many old and broken automounts, particularly within /group. We have also removed the /legacy automount completely. No-one should be affected by this since legacy content has not changed for many years but if you do need access to this area for any reason, please contact computing support.

Posted in Uncategorized | Leave a comment

Changes to Forum Printing

Currently the Forum print rooms located in the North East corner of the building have both a Xerox Multi-function device capable of printing in colour and a small monochrome printer. These mono printers are very old now and becoming more and more expensive to keep in service. Usage figures don’t justify their replacement and so the decision has been taken to take these printers out of service.

At first sight, it might seem that the inevitable result of this will be that people print out their jobs in colour on the colour printer at considerably greater expense, even though they don’t really need colour, but this has been taken into account. When the mono printers are removed, their queues will be redirected to the colour printer, configured so that the job is printed in black and white. In case you’ve forgotten, the second last character of the queue name specified whether the queue is a (m)onochrome or (c)olour queue so when this scheme goes into place (planned to happen before the start of the new term), printout sent to if435m0 and if435c0 will go to the same printer but jobs sent to the first queue will be monochrome and to the second, colour. All you have to do is to remember to collect your printout from the Xerox photocopier!

Posted in Uncategorized | Leave a comment

MATLAB Upgrade, Sep 2015.

For many years we’ve supported multiple versions of MATLAB across our managed DICE environment. We’ll continue to support requests for alternative versions (whenever possible), but our upcoming move to DICE SL7 has provided a sensible moment to simplify the default MATLAB versions on our desktops and servers.

So last night our users mostly received the following email:

Dear MATLAB users,

If you already see:

                   < M A T L A B (R) >
         Copyright 1984-2015 The MathWorks, Inc.
          R2015a (8.5.0.197613) 64-bit (glnxa64)
                    February 12, 2015

…when you start matlab, read no further! There’s no change for you.

For everyone else: this is to announce a planned upgrade to the above
version (2015a) of MATLAB across DICE. Where possible we’ll be replacing
all previous versions, starting from Thursday 17th September.

We appreciate that this might be inconvenient for those with long-running
jobs. If you’d like to make a special request for a specific machine you
control, please file a support ticket:

https://www.inf.ed.ac.uk/systems/support/form/

and we’ll be able to make exceptions for a short time.

Equally, if you’d like to test out the new version of MATLAB ahead of this
date, please get in touch using the form above: we can suggest an
appropriate machine to test your code, or let you “jump the queue”.

as ever, your feedback is welcome. Simply file a support ticket, just as the email says.

Posted in Uncategorized | Leave a comment

IPv6

IPv6 was standardised around 15 years ago, primarily as a way to address the anticipated exhaustion of IPv4 address space, and since then we have had a steady trickle of people asking whether they could have one to use on the University’s network.  Until now we have had to turn these down, unfortunately, as our network kit did not have enough in the way of facilities to allow us to support this properly.

Now that IPv4 addresses have finally been used up, we expect that sooner or later major ISPs will start to issue IPv6 addresses to their customers.  Many large service providers, such as google and amazon are already fully IPv6-ready, for this reason.  It’s inevitable that we will need to speak IPv6 in order not to be cut off from what can only be a growing part of the Internet.

With the recent upgrade of many of the Forum edge switches, and the intention to upgrade most of the remainder over the next year or two, we now think that we have enough support in place that we can start to take a proper look at implementing IPv6 locally.  To that end, we have begun a Development Project to undertake an initial investigation into what will be required to support IPv6 within Informatics.  It is not expected that we will stop using our existing IPv4 allocation any time soon, if at all, however.  Indeed, it’s likely that IPv4 and IPv6 will run in parallel for quite a few years yet.  The ultimate goal is that any Informatics system which needs an IPv6 address will be able to have one, or even many of them.

Please note that adding IPv6 support to our network is not something that can happen overnight.  On the contrary, it will require that we turn things on in a gradual, phased way, testing carefully at each stage before moving on.  If we do happen to miss something, there is the potential to cause quite widespread problems for existing IPv4 users, so needless to say we will be proceeding with caution!  The expectation is that there will be several more projects requiring to be spawned by this one before all of the necessary facilities are in place.  Managed machines are likely to be supported first, with self-managed machines coming later as a result of the extra infrastructure that will have to be in place for them.

The project’s home page is here; it will be added to through the life of the project.  At the moment it has links to some useful outside sites, as well as to our own “issues” page.

Posted in Uncategorized | Leave a comment