We’re delighted to announce Virtual DICE. It’s like a DICE desktop, but running in a virtual machine. It’s currently in a testing phase – see below.
Everybody in the School of Informatics is welcome to use Virtual DICE, but you will need your own computer, which will need (at the last count) 35GB of free disk space, and a few free gigabytes of memory too. It will also need to be able to run virtualisation software – we’ve been using VirtualBox which runs on popular varieties of Linux and Windows and on many Macs.
It can be used whether or not a network is available.
Virtual DICE isn’t quite ready for prime time yet. We think it works, but we’d like it to be tested some more. If you’d like to try it out, please download and install it, then get in touch and tell us about your experiences. Tell us especially about anything which went wrong, and anything which you think it would be helpful to add to the Virtual DICE documentation pages. All feedback will be received gratefully, and providers of the most helpful feedback may also be given rewards in chocolate form.
To install it download a Virtual DICE image file and import it into VirtualBox.
Apart from backing up your files, it should need virtually no maintenance or looking after. If it breaks, delete the virtual machine then install another one from the downloaded Virtual DICE image file. To update it, delete the virtual machine a few times a year and replace it using a newer image file; or run a command each week to update its software selection. To backup your files, copy them to your AFS home directory.
Find out more and get your copy at the Virtual DICE documentation pages.
If you are a new member of Informatics and use AFS (e.g. for access to your home directory or group file space) or would just like a refresher then we would like to invite you to attend our annual Introduction to AFS tutorial.
The session will be held on Monday 14th October starting at 10:30am in room IF-4.31, it will last for approximately 1 hour.
It will mainly cover the essentials of file access management using AFS ACLs and groups. There will also be a guide to some useful commands, a summary of the main differences between AFS and other filesystems and a short guide to troubleshooting common problems.
The Computing Team are pleased to announce the launch of a new graphical remote login service. This service provides access to your normal DICE desktop environment from any Linux, MacOSX or Windows based client.
This service uses the NX technology to handle remote X Windows connections, consequently you will need to download the appropriate client software for your system. Full details are provided on the Computing Help pages.
Please note that this is a beta release of the service and as such we expect that some minor issues will be encountered. Please use the Support Form if you experience any problems.
As announced on sys-announce, to address security flaw in WordPress 3.6 and
earlier, blog.inf.ed.ac.uk has been updated to the current version of WordPress (3.6.1).
There will be some small changes, and you many notice pop-ups highlighting new options.
If you run your own WordPress installation within Informatics, then you must
upgrade your version too, as the exploit allows remote execution of code on our
servers. If we become aware of old WordPress installations on our servers, then
we will have to take steps to protect ourselves from this exploit, and disable
your WordPress installation.
See http://wordpress.org/news/2013/09/wordpress-3-6-1/ for more details on the
update and exploit.
To aid with a research project by ICSA’s Wireless & Mobile Networking (WiMo) Group, we have asked IS to reconfigure the wireless access points for the top three floors of the Forum temporarily. For the month of September the 802.11a (5GHz) channels have been turned off on these floors’ APs, to minimise interference with the research project’s equipment.
We do not anticipate this causing problems for mobile devices, as 802.11g and 802.11n will remain available on the 2.4GHz channels as before. However, please do contact Support in the usual way if you have wireless problems in these or other parts of the Forum. Please contact the WiMo group directly with any questions about the research project.
The remaining floors of the Forum are not affected by this change.
We have recently updated a number of Python modules on DICE which are useful for scientific data analysis. Here are the versions and links to the relevant documentation:
- numpy – 1.7.1 – docs
- scipy – 0.12.0 – docs
- pandas – 0.12.0 – docs
- matplotlib – 1.3.0 – docs
We have also been looking at upgrading IPython but it is proving slightly more difficult to build and package, hopefully we will get it working soon.
If you think there are additional Python modules which we could be providing in the DICE environment then please let us know. To find out what is already packaged and available for installation you can use our Package Search interface.
Even when it is not already packaged we are often able to install it for you so please contact us through the usual support form.
We have also added some software to make it easier for users to install extra Python modules for themselves. See our computing help pages for details.
We have some new SAN storage to bring on-line. It will be replacing the “head” of an existing SAN storage box, which will mean bringing it out of service while we replace the old head.
We plan to do this at 9am on Sunday 1st of September 2013.
This will mean that all data on this SAN storage box will be unavailable during the work. This is mostly group data areas, but may also include some older home directories. Though this should be the only data affected, the last time we tried this it ended up affecting other machines on the SAN. So access to all data should be considered at risk during the work, but these servers will definitely be affected:
squonk, nessie, kraken, yeti, naga, cetus, hawthorn, budapest and telford
Remember you can check which server AFS space is on by doing
fs whereis directory, eg
neilb@jings> fs whereis ~neilb
File /afs/inf.ed.ac.uk/user/n/neilb is on host naga.inf.ed.ac.uk
So my home directory will be unavailable.
The switch over should only take about 30 minutes. However people should consider access to all data at risk for the rest of Sunday morning.
If the timing of this is really not suitable, please contact me as soon as possible.
OpenAFS’s inability to use any encryption type other than single DES in the Kerberos tickets used to authenticate server-server and client-server communications has long been recognised as a major security shortcoming. 1DES’s relatively small key space renders it highly susceptible to a brute force attack and the wide availability of cheap distributed computing power, along with refinements of the algorithms used in such attacks made the compromise of an AFS cell a definite possibility. To address this, the developers of OpenAFS have produced updated versions of the AFS server and client which are able to make use of encryption types other than 1DES.
The immediate security risk was with server-server communication and to address this, the School’s file servers have already been upgraded to the new secure version of AFS and the key used for server-server communication recreated to use stronger encryption types. Though this has closed the immediate security hole, it is obviously highly desirable to start using stronger encryption types for client-server communication. We intend doing this on Monday the 2nd of September 2013.
Any AFS clients which have not been upgraded to use the new version of OpenAFS by this date WILL NOT be able to access the School’s AFS filesystem. This includes things like home directories and group space.
DICE machines will be upgraded automatically before this deadline and if your only access to the file system is via a DICE machine, you need do nothing. If however, you access the file system from a self-managed machine, you MUST upgrade the OpenAFS client on your machine or you will lose access. Upgrading the client should simply be a case of reinstalling AFS following the instructions found at
http://computing.help.inf.ed.ac.uk/informatics-filesystem. The version of the client you will need depends on the operating system you are using as follows:
- Fedora, RHEL, Scientific Linux, Mac-OS
For other Operating Systems or if you need help with the upgrade, please contact support.
The original security advisory can be found here. If you have any questions about any of this, please ask.
The 4th minor update to ScientificLinux 6 (which is based on RHEL6) is now ready for deployment to the Informatics SL6 DICE office and student lab machines. A minor update like this provides us with the opportunity to update important software and fix any bugs which are not security issues (we apply security updates as soon as they are available) in a controlled manner.
To complete this upgrade a reboot is required. The student lab machines will be rebooted during the night of Wednesday 31st July. A delayed reboot will be scheduled for all DICE office desktops. The delay will be 5 days, although the reboots are delayed it would be greatly appreciated if people could manually reboot their machines at their earliest convenience; the delayed reboot would then be cancelled. Upgrades for individual servers will be scheduled over the next few weeks and users affected will be contacted as necessary.
SL6.4 was released on 28th March 2013 and since then it has been thoroughly tested in our DICE environment so we are confident that this update will not cause any issues for users.
Details of the package updates are available on the LCFG wiki. For further, in depth information, there are also release notes from ScientificLinux and RHEL.
If you have any questions or problems with the upgrade please contact our User Support team through the support form.
capturED is an easy-to-use, cost-effective system for automatically capturing event and lecture presentations, including the facility to broadcast events live online.
We have now completed the testing of the CapturED facilities that have been installed in the Forum in G.07 and 4.31. The capturED facility which is provided by IS has been used extensively in a number of lecture theatres for some time. The facility in the Forum is available to all staff and can be requested using the support form. Please, however, give ample time to allow us to schedule the recording – at least 48 hours notice. More details on CapturED can be found at: