Teaching/Project Rooms with User-Managed Systems
Code of Conduct and Ethics
- Ethics are paramount for an IT expert or an Engineer.
- You should never use your knowledge or expertise to do actions that violate the security or privacy of any information system.
- You should also be aware that you are fully accountable, from the legal standpoint, for all the actions that you perform on the University computers and networks.
- If at any time, you are in doubt about the legality of some action, please do not perform it until you consult with one of your instructors or the IT team and obtain anauthorization to proceed with it.
SOEN321,COMP5541,490 projects (H833, H835, H837, H842, H854)
The user-managed machines in the project rooms H833, H835,
H837, H842, and H854 are primarily by default Linux desktops. They
are intended for the student to play with the Operating System
(Fedora Core Linux) or do the projects that require root
privileges. This includes courses such as SOEN321,COMP5541, COMP490,
COMP492, COMP495, SOEN490. The students exercise full control
of the system for their course needs. The machines are
configured to be all in the server-only type of VLAN (see below
about distinction between the client-only and server-only
ECE 490/capstone projects (H805, H857)
The user-managed machines in H857 and H805-area are client-only Capstone user-managed machines that have the standard dual-boot ENCS user-managed cut, which is maintained by a technician responsible for the labs in terms of accounts and software installation, etc.
CIISE security projects (H909, H911)
The user-managed machines in H909 and H911 are typically used
by the CIISE courses such as INSE6120, INSE6130, INSE6140, and
INSE6150 for mini-projects and actual projects. While both
rooms are considered to be client-only (dual boot), H911 has
Internet access and the course TAs are managing and giving
accounts in that room and users are not given administrative
privileges. H911 has also some extra network equipment to be
used for teaching. H909 uses the same base CIISE dual-boot
user-managed image, but is locked down in terms of network
connectivity and is not allowed outside except DNS/DHCP by
default. Here the students may conduct various experiments that
may require privileged access. This lab is usually reghosted
for each term.
To start up, a variety of passwords (e.g. CMOS, root, user, and bootloader passwords) will be given to you when required by the lab monitor upon the need.
IMPORTANT: if you have it, DO NOT CHANGE CMOS PASSWORD. If you change the CMOS password we will have to open up the PC and reset it manually.
- To rebuild your PC in H833/H835/H837/H842/H854: just press the F12 key, then select network. All users can do it.
- At this point, rebuilding machines in H857, H805, H907-1, and H911 has to be done by an AITS analyst from a desktop group.
NOTE: Your PC will be completely re-installed if you do this, resulting in all data loss. As such, when a group of students working on a project is assigned one machine, other students should not tamper in any way with another team's computer. You are also entirely responsible for backup of any data on those machines and the University or the IT team are not responsible for any data loss unless explicitly specified.
Software updates, installation and removal are mainly done with the
yum is an interactive, automated update program which can be used for maintaining systems using RPMs. Here is a short usage guide.
To list all available software packages, you can use
To list installed software packages only, you can use
yum list installed
To list software packages requiring update (i.e. update is available), you can use
Update installed package(s) to a new version, if available
yum [-y] update [<package-name>]
Name of the package is optional, i.e. if it is absent, yum will try updating all the packages that need updating.
To install available stock software, you can use
yum [-y] install <package-name>
To uninstall simple stock software, you can use
yum [-y] remove <package-name>
-y switch will avoid confirming [y/n] prompts and always will select "yes".
usage: yum [options] < update | install | info | remove | list |
clean | provides | search | check-update | groupinstall |
groupupdate | grouplist | groupinfo | groupremove |
makecache | localinstall | erase | upgrade | whatprovides |
localupdate | resolvedep | shell | deplist >
-h, --help show this help message and exit
-t, --tolerant be tolerant of errors
-C run entirely from cache, don't update cache
-c [config file] config file location
-R [minutes] maximum command wait time
-d [debug level] debugging output level
-e [error level] error output level
-y answer yes for all questions
--version show Yum version and exit
--installroot=[path] set install root
--enablerepo=[repo] enable one or more repositories (wildcards allowed)
--disablerepo=[repo] disable one or more repositories (wildcards allowed)
--exclude=[package] exclude package(s) by name or glob
--obsoletes enable obsoletes processing during updates
--noplugins disable Yum plugins
Please see the yum manpage for more information by executing the command
Download/Upload and install other Software
The user-managed PCs in H833/H835/H837/H842/H854 for your projects are server-only machines, so you are not able to use web browser to access internet and download software package directly on this type of machine.
Therefore, if you would like to install other software that is unavailable using
yum to install, you have to download software source using one of regular ENCS-managed machines, then
sftp to upload your software package to your server-only type of machine. After that, just follow the instruction of
INSTALL file that the software package provides to install the specific software.
Windows is only present on the dual-boot client-only networks in H805, 857, H907-1, and H911. Its software maintenances, including updates of Windows itself, browsers, antivirus, and otherwise applications are done either automatically or by the person in charge of the lab after ghosting -- TAs (e.g. H907-1, and H911) or technicians (e.g. H805 and H857).
Client-only vs. Server-only Machines
There are two kinds of user-managed machines, client-only and server-only, depending on subnets that they belong to.
A client-only user-managed machine allows a user who is sitting in front of such a machine to have full access to web browsing, email access, telnet, ssh, etc. That is, allows making any internet connections to the outside world. However, users cannot remotely access a client-only user-managed machine from other machines (ENCS-managed or outside) except machines on same subnet.
A server-only user-managed machine is the exact opposite of the client-only one. Users can remotely access a server-only user-managed machine from any other machines (ENCS-managed, client-only machines, and outside). However, if a user is sitting in front of a server-only machine directly, it is unavailable for the user to browse internet, check email, etc. That is, all connections to outside world are blocked.
Note: The detail information about client-only and server-only machines can be found here.
If you have questions or suggestions about the project lab, please email us.