Athena Linux Differences: Athena Services Detail

Zephyr was the first client-server instant messaging system and is similar to systems such as AIM or Yahoo messenger. However, it contains many features such as end-to-end authentication that are only just beginning to be incorporated into the other popular services. Athena Linux installs, configures, and activates Zephyr as the default instant messaging system. There are clients for other instant messaging systems available as additions to the default Athena Linux Install. Zephyr clients are also available for Windows and Mac.

RPM: athena-zephyr.

See also: Zephyr on Athena and the "zephyr" man page.

The GMOTD (Global Message of the Day) was developed to allow messages regarding the Athena services to be sent to all Athena systems such that every user would see the message once and only once. Only a small list of service administrators have permission to set the GMOTD. The intent is to keep the traffic a very few messages that users will trouble themselves to read.

RPMs: athena-messaged, athena-gms, athena-get_message.

See also: the "get_message" man page.

"Lert" is a special-purpose service that sends alerts to targeted groups of users.

RPM: athena-lert.

See also: the "lert" man page.

Athena supports a legacy UNIX service called "write" that allows users to open a point-to-point chat between two hosts.

RPMs: athena-write, athena-writed.

See also: the "write" man page.

Athena Unix users are supported by the OLC (On-Line Consulting) service. Athena Unix machines have a special command-line client for this service. Users can also ask questions by phone, email, the web, and in person.

RPM: athena-olc.

See also: the "olc" man page.

Moira is a list management system used for managing mit.edu mailing lists as well as other MIT resources. Moira can be accessed on Athena machines via a command line client or the web.

RPM: athena-glue.

See also: the "moira", "blanche", "stella", "listmaint" and "mailmaint" man pages.

In the next major release this system will be replaced by the web-based Stellar courseware management system.

RPMs: athena-neos, athena-libfxcl, athena-fxserver.

The Discuss application is a discussion and mail archiving system. It can be accessed via the web, the "discuss" command line client, or GUI clients.

RPMs: athena-discuss, athena-xdsc.

See also: Discuss on Athena and the "xdsc", "discuss" and "dsgrep" man pages.

These utilities are for users/developers who need command line tools to access IMAP stores. They offer a command-line interface to IMAP that is similar to some mh functionality. In the future, these tools may be replaced if standard command-line IMAP tools become part of Red Hat.

Additionally, these utilities could help replace the Discuss system should shared IMAP folders be employed for discussions and email archiving.

RPMs: athena-mitmailcreate, athena-mitmaildel, athena-mitmailexp, athena-mitmailmove, athena-mitmailrename, athena-mitmailscan athena-mitmailshow.

See also: the "mitmailcreate", "mitmaildel", "mitmailexp", "mitmailmove", "mitmailrename", "mitmailscan", and "mitmailshow" man pages.

While single sign-on is implemented with a customized version of login that is contained in a variant krb5 RPM, most of the work is done by libal, the Athena Login Library. Designed to be highly portable, libal implements login authorization controlled by /etc/athena/access.

libal contains the logic that chooses amongst a single sign-on account with a Kerberos principal and user information from Hesiod, a pre-existing local account, or a temporary account created for a single session.

RPM: athena-libal.

See also: the "kerberos" man page and the section on Remote Access Control below.

The passwd program modifications allow users to change their Athena/Kerberos passwords. Since Kerberos password authentication expires after ten hours, the program "authwatch" is provided to warn users when their authentication is about to expire. "grenew" provides user authentication renewal.

RPMs: athena-passwd, athena-authwatch, athena-grenew.

See also: the "passwd", "authwatch", and "grenew" man pages.

When a user's login session starts up, it needs some basic information -- for example, important environment variable settings and X default appearances. These are set via the user's dotfiles (which are individually customizable) and the getcluster program (which sets different environment variables depending on workstation location).

The Athena user dotfiles set special shell and environment variables that have Athena-specific meanings. For example, $athena_path sets the standard Athena path, and $ATHENA_SYS defines the platform/machine architecture type for the current workstation. Users on Athena machines are advised to not indiscriminately edit or delete any of their dotfiles or it may disrupt the Athena settings. User customizable dotfiles include ~/.cshrc.mine, ~/.environment, ~/.Xresources, ~/.startup.X, ~/.logout.

RPM: athena-dotfiles.

See also: Dotfiles.

Athena uses AFS (the Andrew File System, originally from CMU's Andrew Project) to store user data, as well as provide access to a wealth of materials stored in lockers. Users access lockers via the attach command. Behind the scenes systems make it easy for users to locate their files, query their storage quota, and run programs without difficulty.

User home directories on Athena contain an OldFiles subdirectory which provides a read-only snapshot of the home directory contents from the previous day. This allows file recovery by a simple cp command.

Athena's filesystem contains user home directories, course materials, reference material, and a diverse collection of software. It can be read-accessed remotely via the WWW server web.mit.edu, or for read/write via various secure file transfer programs (Unix "scp", Windows FileZilla, or Macintosh Fetch, among others). IS&T supports add-on AFS clients for selected platforms provide non-Athena access to this rich collection of data and software (as licensing allows).

RPMs: athena-openafs, athena-afs-krb5, athena-quota, athena-listsuidcells, athena-newpag.

See also: AFS at MIT: An Introduction.

Athena uses of the locker abstraction to help users organize their files for use with present and future networked filesystems. This addresses how to make it possible to find libraries, documentation, shared content, and organize binaries so that a single hierarchy can support executables on a variety of hardware architectures. Extra effort was also made to interface the locker abstraction into the GNOME user interface.

RPMs: athena-locker, athena-machtype, athena-attach, athena-attachandrun, athena-athrun, athena-gathrun, athena-athdir, athena-libathdir, athena-athlsync.

See also: AFS at MIT: An Introduction and the lockers man page.

This legacy application has been replaced by the GNOME panel. It remains in the release for users who have yet to convert to GNOME.

RPMs: athena-dash, athena-revert-to-dash.

See also: the "dash" man page.

A part of Athena's desktop interface, the "console" allows the user to see information and error messages from /dev/console in a window on the desktop. The config_console program allows the user to customize console appearance.

RPMs: athena-console, athena-config_console.

See also: the "console", and "config_console" man pages.

Athena added a "delete" utility that allows users to mark files for deletion before deciding whether to permanently trash them as a friendly alternative to the standard (and permanent) file removal tool "rm".

RPM: athena-delete.

See also: the "delete", "lsdel", and "expunge" man pages.

Athena was designed to have a simple and quick install process: Power the machine up, boot the install CD or floppy, and answer very few basic questions. The system can be interrogated remotely to determine if the install is finished. A re-install is the usual method to recover from system corruption.

The installation program is a modified version of Red Hat's installer, with a great deal of the interface (irrelevant to our needs) removed.

RPMs: athena-base, athena-ws, athena-getcluster.

See also: Installing Athena.

Unless otherwise specified, the system will periodically validate its software, re-install packages that fail the verification, automatically and transparently update to newer versions of the Athena release. Updates are particularly important for the proactive distribution of security fixes and can be easily taken manually, if desired.

The update system contains a number of cooperating components to perform updates and perform utility functions, like reliable data synchronization, and to stagger the requests for new versions of files so that a large scale update will not overwhelm the network.

RPMs: athena-rpmupdate, athena-syncupdate, athena-synctree, athena-track, athena-desync, athena-ntp, athena-gettime.

See also: the "update_ws" man page, and the Software Updates section of the Private Athena Workstation Owner's Guide.

A new challenge for the Athena computing model is the increasing demand for laptops and other portable computers. These systems may spend a significant portion of their life off the network -- i.e., disconnected from AFS and the rest of the Athena services. The disconnected operation architecture is Team Athena's answer to that challenge.

RPMs: athena-athstatusd, athena-athneteventd, athena-offlinehome.

See also: the Athena Linux Disconnected Operation Project Notebook.

General use cluster machines and Quickstations are used by scores of different users per day, yet still require no manual maintenance. Small pieces of software work together to clean up Athena systems between uses.

The workstation's cycle of use:

1. dm, the display manager, starts the X server, console, and xlogin.
2. xlogin displays Athena's standard login window and waits for the user to login.
3. The user logs in.
4. Only on Quickstations, bugme runs, posting nagging windows reminding the user to log out after ten minutes.
5. The user uses the machine.
6. The user logs out.
7. cleanup kills any processes left running and performs other maintenance to return the computer to its default state.
8. Return to step 1.

Certain programs, for example GNOME Evolution, assume it's okay to start a process and leave it running after logout. Athena requires such processes to be started fresh for each user. We use dustbuster to start them so that cleanup will properly handle them.

In developing and refining cleanup, it was discovered erasing files in shared directories like /tmp could be problematic. There are race conditions where other programs might attempt to modify a file rather than recreating it as the housekeeping functions assume. saferm makes the removal atomic, ensures the right file is being deleted, and that no attempt is being made by a malicious user to create a symbolic link to an important system file with the name of a file in /tmp that would normally be deleted.

saferm also has the option to zero the contents of the file deleted so that a scan of raw devices will not turn up private content in data blocks. (Normal remove just puts the data blocks on the free list without overwriting their contents.)

Note: The serial reusability, automated update, and login session subsystems are tightly coupled.

RPMs: athena-session, athena-dm, athena-xlogin, athena-libal, athena-bugme, athena-xscreensaver, athena-gathlogout, athena-cleanup, athena-dustbuster, athena-saferm.

See also: the "dm", "xlogin", "xscreensaver", "dustbuster" and "saferm" man pages.

Athena Linux machines can be remotely queried for various information via the "athinfo" command. These machines are also configured to remotely log significant events (administrator logins, reboots, some kinds of error) to a central server. Additionally, Athena cluster machines are monitored by the Larvnet service, which allows users to find which clusters on campus have free machines.

The sysinfo package was added to make it easier for athinfo to obtain system information.

RPMs: athena-athinfo, athena-athinfod, athena-larv, athena-larvnetd, athena-busyd, athena-xcluster, athena-cviewd, athena-sysinfo.

See also: the "sysinfo", "athinfo", "athinfod", "xcluster", "cview", and "larvnetd" man pages.

The ares package was added to perform DNS queries asynchronously (so the process can keep doing other stuff), but also without using threads. Though developed as part of larvnet, its now also used in the Zephyr zwgc program.

RPM: athena-ares.

See also: the "ares" man page.

For security, many network services such as remote login are turned off by default. To enable an Athena general use machine in a public area to be used for collaborative work, the access_on and access_off commands enable and disable remote access.

See also: the "access_on" man page.

Privately administered workstations have an additional mechanism to control who is allowed to log in on the console display as well as via remote access protocols such as ssh. The file /etc/athena/access contains directives to specify who is permitted, and whether the permission is for remote access, or local access from the console only.

RPMs: athena-access, athena-inetd.

See also: the Remote Access section of the Private Athena Workstation Owner's guide.

Legacy NFS security enhancement

Before the availability of other, more secure and scalable ways for exporting files via the net, Athena enhanced Sun NFS by adding Kerberos authentication at file system mount time. Setting up the appropriate credentials table for an NFS server is done with the mkcred utility.

RPM: athena-mkcred.

See also: the "mkcred" man page.

Private workstation owners desiring to offer services may want to secure those services by giving the workstation a Kerberos identity via a keytab file. Legacy systems have a srvtab file. To convert the legacy srvtab file, use ktconvert.

RPM: athena-ktconvert.

See also: the "k5srvutil" man page.

After a program has been written, it is compiled using a "build system," which includes the programs "make", "autoconf," the macro package "m4" and the "troff" program for formatting man pages. The standard build system installs programs into /usr/bin or /usr/local/bin on the local machine. As Athena software is generally installed on the remote AFS network rather than on local machine, a small customization was needed. Therefore, the Athena build system defines a variable $DESTDIR which points to the proper installation location.

RPMs: athena-autoconf, athena-imakecf, athena-m4, athena-mdoc.

See also: the "make", "autoconf", "m4", "troff", "cxref", and "sendbug" man pages.

sendbug is the preferred way to submit Athena bugs. It pre-fills a form with relevant system information.

RPM: athena-sendbug.

See also: the "sendbug" man page.

In addition, Athena provides a number of very minor utilities that are sometimes used by developers:

• cxref: a tool for cross referencing symbols in a large body of code.
  
  
• fill and just: filters for filling and right justifying text.
  
  
• dent: indents files by a fixed number of spaces.
  
  
• jot: prints numbers in arithmetic sequence or according to some simple random generators.
  
  
• lam: reformat files for printing and lamination by putting them into multi-column format.
  
  
• rs: reshape data arrays according to various transform possibilities.

RPMs: athena-cxref, athena-just, athena-dent, athena-jot, athena-lam, athena-rs.

See also: The man pages for each of the named utilities.

Athena keeps around a few legacy widget libraries to support old applications like xmh, the console, and Dash:

• libMu: A library of utility functions for use with Motif and UIL.
  
  
• wcl: The Widget Creation Library, for Athena.
  
  
• libXj: An X11 widget library used by many Athena programs.

Documentation has not been maintained for these legacy libraries.

RPMs: athena-libMu, athena-wcl, athena-libXj.