Versions Compared

Old Version 28

changes.mady.by.user Greg Hudson

Saved on

compared with

New Version Current

changes.mady.by.user Jonathan D Reed

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migration of unmigrated content due to installation of a new plugin
Note
titleARCHIVED VERSION

While this page is no longer updated, it serves as a useful reference.

Contents

  1. Introduction
  2. Goals
  3. Release Deliverables
  4. Development Infrastructure
  5. Milestones
  6. Release Features List
    1. Applications
    2. Legacy Features
    3. Serial Reusability
    4. Changes For Shared Network Home Directories
    5. Monitoring
    6. Self-maintenance
    7. Miscellaneous
  7. Design Plans For Release Features
  8. Desupported and Changed Features

...

The Athena 10 release is planned for summer-2008 IAP 2009, with full roll-out over the Summer of 2009. It is intended to renew the Athena software, improve security, bring the base operating system into closer alignment with the MIT community, and reduce the ongoing maintenance burden of the Athena environment.

The Athena 10 project will be a collaboration with the Debathena developers from SIPB and will also act as a follow-on to the current Debathena release. From IS&T, the primary developers will be Greg
Hudson (the release engineer and lead developer), Robert Basch, and Andrew Boardman, with Alex Prengel taking on the role of ensuring compatibility with third-party software lockers. From the SIPB, the contributors will be Tim Abbott and Anders Kaseorg.
(Greg Hudson left the project on October 1, 2008. William Cattey took on more project management responsibility at that time. Additional SIPB contributors: Geoffrey Thomas, Greg Price and Evan Broder.)

Anchor
goals
goals

Goals

  • The supported base operating system will be Ubuntu 8.04 (Hardy Heron), which is due out in April 2008 and is tagged by Canonical as a long-term support release. Development will mostly take place on Ubuntu 7.10 (Gutsy Gibbon).
  • The build infrastructure and package repository will also support versions of Debian and other versions of Ubuntu. These operating system versions will be supported by SIPB rather than IS&T.
  • When a software package exists in the Ubuntu package archive, we will not build it ourselves from the upstream source. In cases where a change is necessary, we will use a script to rebuild the relevant Ubuntu and Debian source packages with a patch applied.
  • We will plug into system features such as PAM and NSS to avoid having to replace core parts of the base platform.
  • We will use autofs on /mit to remove the need for users to manually attach lockers (though the attach command will remain for compatibility and system notifications).
  • We will make our configuration packages as modular as possible, rather than bundling them all up into an athena-ws package.
  • We will use the standard /usr path prefix for Athena software rather than using a separate tree in /usr/athena. There will be a big package of compatibility symlinks to ensure that most old path references keep working.
  • The update system will no longer be organized around specific patch releases. This change will allow us to better leverage the native update system and will also enable machines to take native package updates as soon as they become available, which will improve security.
  • Continue to support the familiar user interface.
  • Continue to support "Public Cluster" systems that clean themselves up after each user logs out.
  • Continue to support the existing "Quickstation" systems tailored for shorter duration sessions.
  • Allow installation of Athena on an already-installed Linux system without an Operating System re-install.
  • Un-bundle the components to allow customers the option to pick and choose which pieces of Athena they want.
  • Retire functionality that is no longer used, or is no longer of sufficient benefit to warrant the ongoing maintenance cost.
  • Replace more of MIT invented or maintained components with upstream open source components, where necessary migrating to community standard practices rather than Athena-unique practices.

Anchor
Anchor
deliverables
deliverables

Release Deliverables

...

  • Source repositories for software which has Ubuntu packages, but for which we are the upstream maintainer (e.g. Zephyr).
  • An-automated-update-from-Athena-9.4.
  • An installation system.
  • . Eliminated from scope c. July 2008.
  • A script to install Athena 10 on a pre-installed Ubuntu syatem.
  • A comprehensive Cluster Installer to install Ubuntu and Athena 10 on bare metal.
  • Release notes and documentation, particularly for Release notes and documentation, particularly for aspects of Athena 9.4 which become desupported or supported in different ways.

Anchor
infrastructure decisionsinfrastructure
decisions

...

Design Decisions

  • The

...

  • supported base operating system will be Ubuntu 8.04 (Hardy Heron), which is due out in April 2008 and is tagged by Canonical as a long-term support release. Development will mostly take place on Ubuntu 7.10 (Gutsy Gibbon).
  • Subsequent Athena OS updates will be taken from the Ubuntu 6-month release cycle. Although this will be more work because of greater frequency, the 6-month release offers the most useful versions of applications and drivers. The plan is to deploy the x.10 release in January and the x.04 release over the summer.
  • The build infrastructure and package repository will also support versions of Debian and other versions of Ubuntu. These operating system versions will be supported by SIPB rather than IS&T.
  • When a software package exists in the Ubuntu package archive, we will not build it ourselves from the upstream source. In cases where a change is necessary, we will use a script to rebuild the relevant Ubuntu and Debian source packages with a patch applied.
  • We will plug into system features such as PAM and NSS to avoid having to replace core parts of the base platform.
  • We will use FUSE on /mit to remove the need for users to manually attach lockers (though the attach command will remain for compatibility and system notifications).
  • We will make our configuration packages as modular as possible, rather than bundling them all up into an athena-ws package.
  • We will use the standard /usr path prefix for Athena software rather than using a separate tree in /usr/athena. There will be a big package of compatibility symlinks to ensure that most old path references keep working.
  • The update system will no longer be organized around specific patch releases. This change will allow us to better leverage the native update system and will also enable machines to take native package updates as soon as they become available, which will improve security.

Anchor
infrastructure
infrastructure

Development Infrastructure

The Athena CVS repository will be converted to Subversion and copied to svn.mit.edu. This will become the development trunk; the CVS repository in AFS will remain as a branch for Athena 9.4 development.

The source tree will be reorganized to reflect the new architecture. The tentative new organization is:

  • athena - Athena local software. New debian subdirectories will be added to each software directory to turn these into Debian packages.
  • third - Third-party software imported from orginal source provider. Ideally, this would go away completely; in practice, a few packages may remain and have debian subdirectories added.
  • doc - Source tree documentation.
  • debathena/scripts - Build scripts and other supporting
    materials.
  • debathena/

The source tree will be reorganized to reflect the new architecture. The tentative new organization is:

  • athena - Athena local software. New debian subdirectories will be added to each software directory to turn these into Debian packages.
  • third - Third-party software imported from orginal source provider. Ideally, this would go away completely; in practice, a few packages may remain and have debian subdirectories added.
  • doc - Source tree documentation.
  • debathena/scripts - Build scripts and other supporting
    materials.
  • debathena/config - Sources for debathena-config-* packages.
  • debathena/debathena - Sources for debathena-specific software
    packages such as debathena-libnss-afspag.
  • debathena/meta - Sources for metapackages.
  • debathena/third - Scripts and supporting materials for building modified versions of native Debian and Ubuntu packages.

...

Anchor
milestones
milestones

Milestones

  1. DONE 3/18/08 Infrastructure - Development infrastructure in place including source tree and build scripts. Ubuntu machines in the hands of Andrew and Bob so that they may begin work. Done March 18.
  2. DONE 6/30/08 Core - The fundamental building blocks of the Athena environment are in place (AFS, login, incremental updates, etc). Due date: April 30.
  3. DONE 7/25/08 Basic - The high-profile Athena applications are in place (Firefox, email, etc.). Due date: June 30. Bigest scheduling issue: email clients.
  4. DONE 8/15/08 Preview - Enough features are in place for release to private machines on an opt-in basis. Backward compatibility features are not a big concern for this milestone if they are not expected to receive heavy use. Biggest scheduling issue: printing. Due date: August 15.
  5. Cluster - Self-maintenance features and GNOME modifications necessary for cluster machine deployments are in place. Alpha testing can begin once this milestone is complete. The-updater-is-complete. (Updater eliminated from scope c. July 2008). Due date: October 1. Biggest scheduling isue: The-updater The comprehensive installer.
  6. DONE 12/12/08 Feature Complete - Remaining release features are completed. The-installer-is-complete. (Installer moved to Cluster milestone.) System release notes are complete. Backward compatibility issues are
    substantially resolved. Due date: November 1. Biggest scheduling issue: The-installer.
  7. Beta Testing Complete - Acceptance testing is complete and Athena 10 is ready for "early release" deployment. User release notes are complete. Due date: November 1.
  8. Full Deployment Readiness - Early release is complete and Athena 10 is ready to be released to all cluster machines. Due date: December 1

...

Anchor
legacy
legacy

Legacy Features

...

...

Changes For Shared Network Home Directories

...

Anchor
self-maintenance
self-maintenance

Self-maintenance

...

...

Design Plans For Release Features

(This section needs to be reconsidered in light of the Debathena collaboration. Package naming is off since we will be naming our packages debathena-* instead of athena-*, milestones are off since much of this stuff is already implemented in Debathena, and in some cases the plan may need to be adjusted to conform to what Debathena has done.)

In total, these design plans account for about 24 weeks of work, or about two months per developer. Additional work will be required for the installer, the updater, integration testing, and documentation.

...

Planned solution: Ensure that the native x3270 package is installed. The xlogin option will no longer be supported.

Milestone: Feature Complete (one hour).

Status: Done.

...

Anchor
zephyr
zephyr

Feature: Users can send and receive Zephyr messages.

...

Planned solution: Ensure that the native pidgin, pidgin-encryption, and libsasl2-modules-gssapi-mit packages are installed. Create a wrapper script to set up an MIT Chat account the first time pidgin is run.

Milestone: Basic (one day).

Status: Done.

...

Anchor
mail
mail

Feature: Users can easily read MIT mail using Evolution or Pine.

Current solution: The athena-evolution and athena-evolution-data-server packages provide Evolution, and the athena-pine package provides Pine.   The athena-evolution package has been modified to make the Evolution data directory private when created, to auto-configure MIT mail settings on first invocation, to add Hesiod support, to cache messages in /var/tmp in preference to AFS homedirs, to display MIT folders first in the folder list, to avoid using ibex folders since they are byte-order dependent, and to enable krb4 authentication support.   (Unfinished; Pine changes not yet inventoried.)The athena-pine package has been modified to add Hesiod and krb4 support, to make the mail directory private when created, and to auto-configure MIT mail via the site config file.

Planned solution: The debathena-evolution-wrapper package will handle initial configuration, privacy of the data directory, and Hesiod lookup of the PO server.   The debathenificator framework will be used to modify the Ubuntu Evolution package to enable krb4 support, and possibly to cache messages in /var/tmp and disable ibex folders should those changes prove still necessary.   (Unfinished: Pine plan not made.)Status: Evolution tasks done.  Pine tasks not doneFor Pine, the debathenificator framework will be used to modify the Ubuntu alpine package to integrate krb4 and Hesiod support and to ensure the privacy of the data directory, and a new package debathena-alpine-config will install our site config file and create a pine -> alpine symlink.

Milestone: Basic (one week for remaining work)three weeks).

Status: Done.

...

Anchor
discuss
discuss

Feature: Users can read archives in Discuss.

...

Planned solution: Ensure that build-essential and native GNOME development packages are installed. Perl and Python are installed by default. Ensure that the sun-java6 packages are installed. Ubuntu sets up /usr/lib/jvm/java-6-sun along the same lines as our /usr/java/jdk so we won't have to do that ourselves.

Milestone: Core (one day).

Status: Done.

...

Anchor
utils
utils

Feature: Users have access to a variety of non-standard utilities (jot, lam, saferm, etc.).

Current solution: We build each of these from small independent source trees: gettime, cxref, dent, hostinfo, just, saferm, syncupdate, jot, lam, and rs. jot, lam, and rs are imports from NetBSD (they live in third/) while the others are treated as original source code.

Planned solution: We can use the athena-jot package (which is an upstream Ubuntu package despite the namepackage (which is an upstream Ubuntu package despite the name), and cxref can be desupported (it is completely broken in Athena 9.4 on Linux, without user complaint), but other than that, no change. These utilities do not have Ubuntu equivalents. Some of them are probably never used, but it's too hard to measure which ones and too easy to just keep building them.Status: Partially done in Debathena.

Milestone: Feature Complete (one day).

Status: Done.

...

Anchor
printing
printing

Feature: Users can print to Athena network printers with the lpr command and from applications which support printing.

...

Planned solution: The default printing system, CUPS, will be configured to point at a SIPB-operated browsing server cups.mit.edu.  (This will probably be migrated to an ops-maintained server before Athena 10 is deployed to clusters.)  CUPS printing will be integrated with the GUI and will work for printers which do not require authentication.  For authenticated queues and as a backup mechanism, a modified version of the stock lprng package will provide renamed commands (mit-lpr, mit-lpq, etc.).  The debathena-lprng-config package will configure this package to work with Athena printers.

Milestone: Feature Complete (three weeks or defer rearchitecting printing and deploy the existing code base with a work estimate of one week.).

Status: Done.

Future issues: The browsing server should be migrated to an ops-run server; the actual print queues may want to be migrated from LPD to CUPS at some point; support for private printers could be improved (perhaps via a mechanism using clusterinfo).

...

Planned solution: Ensure that the native enscript and psutils packages are installed; that gets us enscript and psnup, the most commonly used utilities. A new package debathena-transcript-glue will install attach-and-run scripts for the remaining commands.Status: Glue packages still need to be done.

Milestone: Preview for enscript and psnup; Feature Complete for other transcript glue. (One day.)one day).

Status: Done.

...

Anchor
emacs
emacs

Feature: Users can run emacs with Athena site customizations.

...

Planned solution: Ensure that the native emacs package is installed. A new package debathena-emacs-config will install our site-start file into /etc/emacs/site-start.d.Status: The config package still needs to be done.

Milestone: Basic (one day)day).

Status: Done.

...

Anchor
sso
sso

Feature: Users can conduct single sign-on logins to other Athena machines (provided they have a keytab and are configured for remote access) or compatible non-Athena machines via kerberized ssh, telnet, rlogin, or ftp.

...

Planned solution: Desupport the daemons for Kerberized telnet, rlogin, rsh, and ftp, all in favor of sshd.  Ensure that krb5-clients is installed so that clients for those protocols are available.  The debathena-ssh-client-config and debathena-ssh-server-config packages will configure the OpenSSH client and server appropriately.  A metapackage debathena-ssh-server will provide an entry point for installing the appropriately configured SSH daemon.

Milestone: Feature Complete (one week).

Status: Done.

...

Anchor
mailutils
mailutils

Feature: Users can query and manipulate IMAP mail stores with the mailquota, mailusage, from, and mitmail* commands.

...

Planned solution: Ensure that the native ispell and ispell-dictionary packages are installed. aspell is installed by default.

Milestone: Feature Complete (one hour).

Status: Done.

...

Anchor
movemail
movemail

Feature: Users can pull down MIT mail with the emacs movemail command (currently uses kpop).

...

Planned solution: The Ubuntu emacs package is not built with Hesiod and KPOP support in movemail. Some Even though a few users still use emacs rmail, so we either need to locally modify the Debian package to build movemail differently, or it has been actively discouraged for a very long time. We are going to desupport this feature. If there is significant pushback, we can either instruct the few users how to build their own movemail, or we could install the native mailutils package, configure it to work with the PO servers, and point emacs at it in our site-start file. Alternatively, we could desupport this way of reading mail, though we know a few people still use it.Status: Not doneIf the user base changes or the email infrastructure changes significantly this can be revisited in follow-on work.

Milestone: Feature Complete (one week, maybe less).
Changed: Eliminate to shrink project scope.

Status: Done.

...

Anchor
fonts
fonts

Feature: Athena machines have a selection of international fonts installed.

...

Planned solution: Ensure that the native emacs-intl-fonts package is installed.

Milestone: Feature Complete (one hour).

Status: Done.

...

Anchor
kermit
kermit

Feature: Users can talk to serial devices using kermit.

...

Planned solution: Ensure that the native ckermit package is installed.

Milestone: Feature Complete (one hour).

Status: Done.

...

Anchor
tex
tex

Feature: Users can process TeX and LaTeX documents.

...

Planned solution: Ensure that the native tetex and tetex-extra packages are texlive-full package is installed. A new package debathena-tetex-extras will install the nonstandard extensionstex-extras will install the nonstandard extensions.

Milestone: Feature Complete (one day).

Status: Done.

...

Anchor
smbclient
smbclient

Feature: Athena machines can access Windows file shares using a Kerberos-enabled smbclient.

Current solution: The athena-samba package contains a build of the entire Samba suite (3.0.2a), built with Kerberos.

Planned solution: Ensure that the native smbclient package is installed, and confirm that it is Kerberos-enabled and can access shares in the win.mit.edu domain.

Status: Done.

...

Anchor
sambasmbdsamba
smbd

Feature: Athena machines can access Windows serve file shares to SMB clients, using a Kerberos-enabled smbclient Samba server which is pre-configured for the win.mit.edu realm.

Current solution: The athena-samba package contains a build of the entire Samba suite (3.0.2a), built with Kerberos, along with a boot script and some configuration files for the Samba server.

Planned solution: Ensure that the native smbclient package is installed. A new package debathena-smbclient-config will point it at Desupport this; the Samba server package will not be installed automatically (but ideally we would provide documentation on how to join a Samba server machine to the win.mit.edu domain.Status: Config packages still needs to be done).

Milestone: Feature Complete (one day).
Changed: Eliminate SMB server from scope.

Status: Done.

...

Anchor
glue
glue

Feature: Athena machines have attach-and-run scripts in the default path for various bits of locker software such as the Moira tools.

...

Planned solution: Ensure that the native gv package is installed. OpenOffice and Ghostscript should be installed by defaultand Ghostscript should be installed by default. Moira utilities will be installed locally by the debathena-moira-clients package. The mimeutils scripts are most likely obsolete at this point. New packages debathena-transcript-glue , debathena-mimeutils-glue, debathena-moira-glue, and debathena-misc-glue will install the remaining attach-and-run scripts and man page symlinks.

Status: Not done.

Milestone: Feature Complete (one day).

Status: Done.

...

Anchor
dash
dash

Feature: Athena users can run an old desktop interface based on dash and mwm instead of GNOME if they have opted to do so.

...

Planned solution: Continue to provide debathena-dash since it's cheap to do so (though it will have to be renamed, since the name dash is now taken up by a shell in modern Ubuntu and Debian). Provide an debathena-mwm-config to overwrite the system mwm configuration. Continue to honor ~/.athena_dash_interface. Eliminate revert-to-dash and the dash login option.Status: Not done.

Milestone: Feature Complete (one day).
Changed: Desupport and remove from project scope.

Status: Done.

...

Anchor
sawfish
sawfish

Feature: Athena users can elect to run Sawfish (an outdated GNOME window manager) instead of Metacity.

...

Current solution: The athena-nmh package provides a build of nmh 1.0. (Unfinished.)

Hidden Data

Investigate local changes to nmh; may be able to use Ubuntu package

Planned solution: (Unfinished.)Status: Debathena contains a package of the Athena nmh sources which uses KPOP. This is an adequate stopgap. Follow-on work will be needed as the MIT Email infrastructure evolves.

Milestone: Feature Complete (two weeks, maybe less).
Changed: Use stopgap.

Status: Done.

...

Anchor
mozilla
mozilla

Feature: Users can browse the web with Mozilla instead of Firefox. Mozilla can also be used to read mail and edit HTML files.

...

Planned solution: Desupport this. Ensure that the native mozilla-thunderbird package is installed for people who want to use a Mozilla mail clienta Mozilla mail client.

Milestone: Feature Complete (one hour).

Status: Done.

...

Anchor
login
login

Feature: Any MIT user can log into cluster machines using their Kerberos passwords and their AFS home directories.

...

Current solution: On cluster machines, the root password is set to a value which can be discovered by the tellme command (a symlink into AFS installed by athena-glue). To prohibit root logins, the athena-ws boot script in the athena-ws package creates /etc/noroot on machines which are part of the "cluster" Hesiod cluster. The athena-libal package denies root login access if this file exists.

Planned solution: The debathena-pam-config package will handle this by creating an /etc/pam.d/deny-root file which is included by the main system login configuration. A boot script in the debathena-pam-config package will populate this file with a PAM directive to deny root logins if the machine is part of the "cluster" cluster.Status: Not donegdm already denies root logins by default. A new package debathena-cluster-login-config will remove the tty getty processes and set the root password.

Milestone: Cluster (one day).

Status: Done.

...

Anchor
passwd
passwd

Feature: Users can change their Kerberos passwords with the passwd command.

...

Planned solution: The debathena-pam-config package will configure pam_access as part of the login sequence. The update from 9.4 will rewrite /etc/athena/access to PWOG will document how to edit /etc/security/access.conf. Local account tagging will be desupported unless we think of a clever way to do it. Users who wish to use Athena software with a privately-owned machine will generally not install the debathena-pam-config package. Also, it shouldn't be as necessary with the new login architecture; all it would really do is suppress the attempt to get Kerberos tickets.Status: Steady state already done in Debathena; update step from 9.4 is not done.

Milestone: Cluster for the update step Core (two days).

Status: Steady state already done in Debathena.

...

Anchor
bugme
bugme

Feature: Athena machines tagged as quickstations display a timer and nagging warnings to log out after a set period of time.

...

Planned solution: Instead of being invoked from athena-dotfiles, the debathena-bugme package will include an xsession script which wraps . If the hostname is found on the list of quickstations the script will wrap the session with the bugme program, otherwise it will do nothing. The bugme program .  The bugme program will need to be tested for interference with gnome-session; there is already a bug report filed against it for interference with the screensaver in bugs 27097may need to be tested for interference with gnome-session. Athena bugs 27097 lists a problem but has been un-verified. The tricky part is to advance the code to deal with current window manager conventions: don't decorate, font properly, keep on top, even in the face of compositing.

Getting these issues right is reasonable, but should not block roll-out to general clusters. We will do this work after Early relese, but it will need to be finished when Athena 10 displaces Athena 9 as the standard release on all systems.

Milestone: Follow-on mini-project.

Status: Not Done.Milestone: Cluster (one day).

...

Anchor
accesson
accesson

Feature: Users can temporarily enable and disable remote access daemons on Athena machines with the access_on and access_off commands, if the machine is configured to allow this.

Current solution: The athena-inetd package contains a modified version of inetd which will respond to SIGUSR1 by turning on access to daemons marked as "switched" and to SIGUSR2 by turning off access. The boot script in that package invokes inetd with the -n option if /etc/athena/rc.conf has ACCESSON set to true, instructing inetd to turn those services on initially. The athena-openssh package has the sshd daemon customized to honor SIGUSR1 and SIGUSR2 if sshd is invoked with the -s or -S options. The boot script in that package invokes sshd with one of those options if /etc/athena/rc.conf has SSHD set to "switched". (Which option is sent depends on the value of ACCESSON and determines whether sshd is active or inactive initially.) The athena-access package contains a setuid program which sends SIGUSR1 or SIGUSR2 to inetd and sshd depending on whether it is invoked as access_on or access_off.

Planned solution: Desupport this feature.

Status: Done.

...

ACCESSON set to true, instructing inetd to turn those services on initially. The athena-openssh package has the sshd daemon customized to honor SIGUSR1 and SIGUSR2 if sshd is invoked with the -s or -S options. The boot script in that package invokes sshd with one of those options if /etc/athena/rc.conf has SSHD set to "switched". (Which option is sent depends on the value of ACCESSON and determines whether sshd is active or inactive initially.) The athena-access package contains a setuid program which sends SIGUSR1 or SIGUSR2 to inetd and sshd depending on whether it is invoked as access_on or access_off.

Planned solution: Desupport this feature.

Status: Done.

...

Anchor
session
session

Feature: GNOME Bonobo components from one login session will not be reused in another login session because they may not have access to the same tickets and tokens. There is similar isolation for gconfd-2 for the same reason.

Current solution: The athena-ORBit2 and athena-ORBit packages are locally modified to honor the ATHENA_SESSION_TMPDIR variable and use that instead of /tmp/orbit- for ORBit communication files. The Xsession script in athena-dotfiles creates a temporary directory (using a shell script named mksessiondir included in the same package) and sets ATHENA_SESSION_TMPDIR to point to it. This serves to create a separate universe of ORBit-enabled applications (including Bonobo components) for each login session. A similar local modification exists for athena-GConf2 and athena-GConf.

Planned solution: Desupport this change. Processes persisting past logout is largely not an issue in Athena 10 (especially on cluster machines), and solving the remaining cases is not worth the penalty of changing an upstream Ubuntu package.

It's worth noting that upstream GNOME source code implements the ORBIT_SOCKETDIR and GCONF_TMPDIR environment variables, which would allow us to solve this problem through setting environment variables in debathena-xsession. Unfortunately, this code is not in Ubuntu Hardy, but it's a consideration for the future.

Milestone: Cluster (three days).
Change: Desupport to shrink project scope.

Status: Done

Current solution: The athena-ORBit2 and athena-ORBit packages are locally modified to honor the ATHENA_SESSION_TMPDIR variable and use that instead of /tmp/orbit- for ORBit communication files. The Xsession script in athena-dotfiles creates a temporary directory (using a shell script named mksessiondir included in the same package) and sets ATHENA_SESSION_TMPDIR to point to it. This serves to create a separate universe of ORBit-enabled applications (including Bonobo components) for each login session. A similar local modification exists for athena-GConf2 and athena-GConf.

Planned solution: Bonobo components or gconfd daemons can most easily be reused if they erroneously persist beyond logout, but they can also be reused in other cases. For example, someone could have logged in remotely to an Athena machine from elsewhere, run a GNOME program sch as Evolution, and left the login session around (with expired tickets and tokens) before attempting to log in locally. Although the corner cases may be rare enough to warrant moving this to the low-priority list, nothing appears to have removed the need for this feature, and there does not appear to be any upstream equivalent to the ATHENA_SESSION_TMPDIR features we have added to ORBit and GConf. We will have to use the framework for modifying Debian packages to enable this, although we can ignore the GNOME 1 libraries. We should probably submit enhancement requests with patches to the upstream GConf2 and ORBit2 maintainers in order to get away from requiring source modifications of those components, although the enhancements may or may not be accepted.

Status: Not Done.

Milestone: Cluster (three days).

...

Anchor
locks
locks

Feature: Users can log in simultaneously from multiple machines without running afoul of GNOME software locks in the home directory.

Current solution: (Unfinished.)

Planned solution: (Unfinished.)

There are several code modifications to GConf2 to alter the way it does locking. However, most of these changes are inoperable because they were made to a backend which is no longer in use, and apparently the changes are not necessary in current GConf2.

Planned solution: No work needs to be done; the problem has been solved for us upstreamStatus: Not done.

Milestone: Cluster (three days).
Changed: Fixed upstream

Status: Done.

...

Anchor
temphome
temphome

Feature: If a user's home directory is unavailable upon login, a temporary homedir will be created on local disk and used instead.

...

Planned solution: Desupport this feature. It's a good feature but we want to get away from customizing the login system code, and there's no way to make it work without doing that. Instead, the Xsession script in debathena-gdm-config should check for an inaccessible home directory and present a fallback UI such as an xterm which will let the user input commands.Status: Not doneThe gdm fallback session should allow people to log in with inaccessible homedirs.

Milestone: Feature Complete (one day).

Status: Done.

...

Anchor
ignorecustom
ignorecustom

Feature: Users can log in with "ignore customizations" or in terminal mode to repair severely broken dotfiles.

...

Planned solution: If we are making source-level modifications to GConf2 anyway, then this is a relatively easy feature to support. debathena-gdm-xsession can config will include an "ignore" desktop file (we've prototyped this in prior 9.9 work) and the dotfiles can will continue to respect NOCALLS in the same manner. If this ever becomes the last source-level modification we are making to GConf2, we should desupport that side of the feature.Status: Not done.

Milestone: Cluster (one day).
Changed: Reduce scope, and offer gdm failsafe sessions.

Status: Done.

...

Anchor
dustbuster
dustbuster

Feature: User processes generated by Athena software components do not stick around after the user logs out. On cluster machines, user processes are forcibly killed after the user logs out.

...

Planned solution: Remove the athena-xscreensaver package. A new debathena-xlock package will provide the xlock script, which will just be an alias for "gnome-screensaver-command -l". The debathena-pam-config package will configure the screensaver to unlock the screen with the user's Kerberos password. A new debathena-cluster-screensaverlogin-config package will set up system GConf defaults to configure gnome-screensaver to disable user switching and to allow the user to be logged out after the screen has been saved for a set length of time. All other special features of the Athena screensaver will be desupported as they would require local code modifications.Status: Not done.

Milestone: Cluster (one day).

Status: Done.

...

Anchor
keyboard
keyboard

Feature: GNOME won't display a dialog about changes in X keyboard settings from one login to another, since the same account is used on multiple machines.

...

Planned solution: It looks like we will be forced to make a similar change to the native libgnomevfs2 package, since this still appears to be a problem in upstream code. We should try to get a fix into GNOME to resolve this problem upstream.

Status: Not done.

Milestone: Feature Complete (one day for local fix, another for upstream patch submission).
Change: The failures previously addressed in local modifications no longer seem to occur, though we have not yet identified the specific upstream modifications that changed the relevant behaviors.

Status: Done.

...

Anchor
authwatch
authwatch

Feature: Users receive warning dialogs when Kerberos tickets are about to expire.

...

Planned solution: A new debathena-syslog-config package will overwrite the stock syslog.conf file.Status: Not done.

Milestone: Cluster (one day).

Status: Done.

...

Anchor
larvnet
larvnet

Feature: Athena machines send information about whether they are in use to a "larvnetd" daemon on a central host which can be queried using the cview and xcluster commands.

Current solution: The athena-xlogin package contains calls to liblarv (in the athena-larv package) which creates or removes a flag file (/var/athena/busy) and sends a UDP status packet to a machine determined by the larvnet Hesiod sloc record. The athena-busyd package provides a UDP daemon which responds to poll requests based on the presence of the flag file, and the athena-inetd package makes the busyd daemon available. On the server end, the athena-larvnetd package contains a program to receive status packets, do periodic polling of cluster machines and printers, and write out reports. The athena-cviewd, athena-cview, and athena-xcluster packages provide server and client programs for retrieving and displaying those reports.

Planned solution: The Xsession script in the debathena-gdm-config package will take care of setting the flag file and sending the status packet, probably using nc. The debathena-busyd-config package will take care of making the busyd daemon available. (Unfinished.)Status: Not done.larvnet package provides the busyd daemon and an Xsession script to send packets to larvnet before and after graphical login sessions. Rather than use a flag file, busyd uses an empirical query to determine whether a gdm session is active, eliminating the need to run code as root before and after login sessions.

Milestone: Cluster (one day).

Status: Done.

...

Anchor
counterlog
counterlog

Feature: Athena machines report centrally about their existence, machine type, and version so that they can be counted.

...

Planned solution: A new package debathena-counterlog will install the script , the and cron job, and a boot script to run it.Status: Not done.

Milestone: Cluster (one day).

Status: Done.

...

Anchor
timeservice
timeservice

Feature: Athena machines respond to requests on the "time" and "daytime" ports with their idea of the current time.

...

Planned solution: Ensure that openafs-clients is installed. A new package debathena-openafs-config will configure the machine appropriately. Through automated scripts, packages and metapackages will be produced to install binary AFS kernel modules matching the standard Ubuntu kernel versions.

Milestone: Core (one week).

Status: Done.

...

Anchor
clean
clean

Feature: Athena machines periodically clean up files in temporary areas to avoid slowly filling the disk.

...

Planned solution: A new package debathena-tmp-cleaner will install the script and cron job.

Status: Not done.

Milestone: Cluster (one day).

Status: Done.

...

Anchor
update
update

Feature: Athena machines automatically take updates when we put out new releases.

...

Planned solution: We are moving away from the concept of patch releases.   Privately administered machines can take updates via the usual updater.   A package (name to be determined) will include The debathena-auto-update package contains a cron job or other mechanism for automatically updating centrally administered machines.Status: Not doneto take updates for cluster machines.

Milestone: Core (one week).

Status: Done.

...

Anchor
packages
packages

Feature: Athena machines have a consistent set of native platform packages installed, which is a superset of the default package set.

...

Planned solution: The debathena-cluster-software metapackage will depend on the required software.  This metapackage will be implied by debathena-cluster, but not by debathena-workstation as it will be quite large and not desirable for all privately administered machines.

Milestone: Core (one day).

Status: Done; will require ongoing maintenance as software needs arise.

...

  • The athena-ws boot script performs hardware-specific configuration maintenance when appropriate, such as adjusting the X configuration. (Specific examples at the current time are probably irrelevant due to the change in base operating system.)
  • The athena-ws boot script removes any installed ssh host keys.
  • The athena-ws boot script removes any files named *.local in /etc, /etc/athena, or /etc/athena/login.
  • The athena-ws boot script removes Mozilla cache directories in /var/tmp.
  • The athena-ws boot script removes configuration files and other files which shouldn't exist, and adjusts the mode of /etc/shadow.
  • The athena-ws boot script does not preserve the contents of /etc/motd (normally it rewrites the original line but keeps the remaining contents.
  • The public workstation verification script will operate (normally it will refuse to run) and runs at boot time.
  • The reactivate script does not check for running screen processes before performing cleanup.
  • The reactivate script performs a "full" reactivation (additional, slower cleanup) between each login instead of just when it runs from the cron job.
  • The reactivate script erases all files in /tmp as well as all temporary home directories.
  • The reactivate script copies the local passwd, athinfo.access, and local-lockers.conf file from a directory in AFS.
  • The reactivate script removes any installed ssh host keys.
  • The update script (run out of AFS) passes the -p option to rpmupdate, causing it not to honor local changes to the installed RPM set.

Planned solution: Since rc.conf is going away, we will use the file /etc/default/athena-public to control whether the machine is considered public. The particular actions listed above will be cleaned up a bit but will mostly remain as part of the debathena-verification package.

Status: Not done.

Desupport this feature. Private machines will install the debathena-workstation package instead of the debathena-cluster package. Functionality which applies only to cluster machines will be implemented in packages which are part of debathena-cluster.

Milestone: Cluster (two days).

Status: Done.

...

Anchor
menus
menus

Feature: The default GNOME panel setup contains a menu of important Athena locker software (currently unmaintained). For performance reasons, the files representing this menu must be stored on local disk.

...

Planned solution: A new package (name to be determined) will install desktop items for high-profile locker software.Status: Implemented, but needs some testing, and the list of locker menu items needs to be refined.

Milestone: Basic (two days).

Status: Done.

...

Anchor
local
local

Feature: Some lockers containing frequently-used software are stored on local disk for performance reasons.

...

Current solution: The athena-ws package includes a script /etc/athena/verify which is invoked from the boot script. The verify script uses rpmupdate to synchronize the locally installed RPM set with the current release list, and then checks for files which differ from their RPM checksums and reinstalls any affected RPMs. A specific set of configuration files is also copied in from an area in AFS in case they have been changed.

Planned solution: (Unfinished.)

Hidden Data

Find dpkg equivalent of rpm -V

Status: Not doneEach gdm login on a cluster machine will be performed in a separate, ephemeral snapshot of the root partition. The debathena-reactivate package will interface with gdm in order to do so.

Milestone: Cluster (three days).

Status: Done.

...

Anchor
cluster
cluster

Feature: Athena machines may be part of a Hesiod "cluster" which can determine whether they take beta updates, whether they are cluster/quickstation machines, and what their default printers are.

...

Planned solution: A new package debathena-clusterinfo will contain the save_cluster_info script and a boot script to invoke it. The debathena-getcluster package will remain.

Status: Debathena has a package for getcluster; otherwise not done.

Milestone: Core (one day).

Status: DoneMilestone: Cluster (two days).

...

Anchor
rcconf
rcconf

Feature: Particular aspects of Athena machines can be configured by editing /etc/athena/rc.conf.

...

Planned solution: Desupport this feature. Since we will no longer be a multi-platform environment, we should not be layering our own configuration mechanism on top of the native IP address configuration, and we should be using standard mechanisms (files in /etc/default) for configuring when our own software runs at boot time or determining whether a workstation is considered public.Status: Not done.

Milestone: Cluster (one day).

Status: Done.

...

Anchor
ipaddr
ipaddr

Feature: Cluster machines use static IP addresses and have an easy procedure for changing IP addresses when they are moved to different subnets.

...

Planned solution: Ensure that the native ntp and ntpdate packages are installed. A new package debathena-ntp-config will configure ntp to synchronize the time actively against time.mit.edu. AFS will continue to resync the time if NTP somehow fails. We will continue providing the debathena-gettime package for compatibility but will not use it in any of our own scripts.Status: Not done.

Milestone: Basic (two hours).

Status: Done.

...

Anchor
dst
dst

Feature: Athena machines automatically synchronize the hardware clock following Daylight Savings Time changes.

...

Planned solution: No change. The script badly needs to be rewritten to use modern tools, but that is neither trivial nor relevant to the Athena 10 goals.Status: Sendbug needs to be repackaged.

Milestone: Basic Cluster (two hours).

Status: Done.

...

Anchor
sendmail
sendmail

Feature: /usr/sbin/sendmail is configured to inject mail through outgoing.mit.edu and to use Kerberos authentication if the user has valid tickets. The sendmail queue is flushed once an hour in case mail has to be queued locally.

...

Planned solution: The debathena-dotfiles package will need to be adjusted for the new development infrastructure, and will contain only the central and prototype dotfiles for text logins. A new package debathena-root-dotfiles will contain the root dotfile replacements, since those are not necessarily desirable for privately operated machines.  A new package debathena-xsession will contain the graphical login session integration.

Milestone: Core (two days).

Status: DoneStatus: Done except for build system cleanup around the dotfiles package.

...

Anchor
machtype
machtype

Feature: Users can query basic machine characteristics with the machtype command.

...

  • The login option to use the dash interface is no longer supported, nor is the script to revert to dash. ~/.athena_dash_interface is still honoredwill not be honored.
  • The Mozilla web browser is de-supported and not available by default.
  • The Kerberized rlogin, rsh, telnet, and ftp daemons are no longer supported. The clients are still provided.

...

  • The access_on and access_off commands are no longer supported.
  • Athena machines will no longer create temporary home directories for users whose home directories are unavailable.
  • The "ignore customizations" login option is gone. In its place are two similar options: "Failsafe GNOME" which uses a default GNOME session without user customizations, and "Failsafe Terminal" which eliminates all GUI customizations.
  • The customized Athena xscreensaver has been replaced with the default GNOME screensaver. It is still possible to log out users after 20 minutes by default. It is no longer possible to specify a separate password for the screensaver. It is possible to run commands when the screen locks or unlocks but it is substantially more complicated; google for "gnome-screensaver dbus" for more information. The xscreensaver-button command is no longer supported.
  • The pop-up console window for system messages is gone. The standard Ubuntu behavior of writing xsession errors to a file .xsession_errors in the user's home directory is used instead.
  • Athena machines will no longer answer time requests on the "time" and "daytime" ports unless manually configured to do soconfigured to do so.
  • Athena 10 discontinues boot-time synchronizing the hardware clock with daylight savings time changes.
  • Bringing lockers local with the /etc/athena/local-lockers.conf file is no longer supported.

...

  • The /etc/athena/rc.conf file is no longer used to control workstation configuration. (Unfinished.)
  • There is no longer a "PUBLIC" configuration flag to control system cleanups. Instead Athena 10 systems will be considered "private" or "PUBLIC=false" by default. Cluster systems with their comprehensive application suite and aggressive system cleanups will install the package debathen-cluster. Installation of this package now defines a "PUBLIC=true" system.
  • Setting the hostname and IP address is no longer done in rc.conf. Instead the standard utility from the menu System->Administration->Network is used.
  • Athena machines no longer run a local caching name server.
  • The mkserv command is no longer supportedlonger supported.
  • Default SMB support is client only. To act as an SMB server requires additional software and manual configuration.
  • The xlogin global motd (displayed on the login screen before the user logs in) is no longer supported.

...

  • Printing to queues requiring authentication will only be supported via the non-standard command-line mit-lpr utility, not via the GUI.
  • If a .tcshrc file is present in a user's home directory, it will be executed instead of .cshrc; this is the standard tcsh behavior. In Athena 9.4 it is executed in addition to .cshrc.
  • If you log in and use GNOME processes twice on the same machine (e.g. using ssh with X forwarding for one of the login sessions), the later session may reuse gconfd2 or Bonobo components from the former one, which can break ungracefully if the former session's tokens have expired. In Athena 9.4 we made local changes to the GNOME source code to prevent this possibility.