Faculty Info on Gradient

Faculty Information Page
gradient.sunynassau.edu
by R. Glass
Last modified:
See also: Quick Reference Page for gradient.sunynassau.edu

gradient.sunynassau.edu is the UNIX server that will be used for students in their course work. This server will support courses that require:

Student e-mail.
Web page space for students in courses that require it.
UNIX shell accounts.
Student written CGI.

This document contains the technical information for access by faculty and students having accounts on this system.

Table of Contents

Student Accounts and General Information

Depending on the course requirements, students will have the following configuration in terms of:

All features outlined below will be available from the Learning Centers and over the Internet for those students who use a third party Internet Service Provider (Example: Erols, AOL, etc) from their home or offices.

Table of Contents

Email

For all courses / students requiring either e-mail access or web page, the students will be assigned an e-mail address and an account on this system. Students will have an account name of the form: aaaNNNN where aaa is the first three letters of their last name and NNNN is the last four digits of their social security number.
Their e-mail address is: aaaNNNN@gradient.sunynassau.edu They access their mail via Netscape (pop).

Table of Contents

UNIX Shell Access

For courses that require shell access, a standard UNIX account has been provided and can be accessed via a Telnet program (such that is available with Windows 95) from the laboratories or the Internet.
The home directory for the student is: /export/home/students/aaaNNNN
Students with shell accounts can choose to read their mail using one of several UNIX mail programs instead of Netscape. Pine is currently available.

For students without shell access, a 'login program' (not really a shell or login program) has been provided that will allow them to:

Change their password.
Set a e-mail forwarding address.
Remove an e-mail forwarding address.

These options appear automatically whenever a student Telnet into gradient.sunynassau.edu.

All students have the capability to forward their mail to another Internet account. This is accomplished by placing a file call .forward in their home directory. This file contains the e-mail address(es) of where they wish the mail to forward to.

Table of Contents

Web pages

Student place their web pages on the server in the following directory: /web/courses/tcNNNss/aaaNNN where tcNNNss is the course. t is the time (d or e), c for cmp and ss is the section letters.

For example: D CMP 110 AA has the directory dc110aa.

The students can access their pages by the URL: http://www.gradient.sunynassau.edu/courses/tcNNNss/aaaNNNN

Table of Contents

Course Account

For each course that requires web pages, a directory and an account for that course has been created. This allows the faculty member to control access to the student pages.

Each course tcNNNss is in fact a user/account on the system. The instructor uses this account to control access to the web pages for their course.

This account can receive electronic e-mail.
This account has no control over the students home directory, but rather only the parent directory of the students web page directory.
The course account cannot in anyway modify or prevent access to the students' home directory or e-mail.
The instructor cannot delete items from the students directories (web or home) but can restrict access to the student web pages.

Table of Contents

URL Password

Access to student web pages has been password protected. Whenever someone attempts the access /~tcNNNsss/aaaNNNN they will be prompted for a username and password. Entering this username/password once will allow the browser to access any pages under the course and remains in effect until the user quits the browser. This prevents the casual browser (maybe there was a pun intended) from viewing the students directories.

The username for your course is is the course name (tcNNNss). The initial password will be given to you by the Learning Center staff. The password will be the same for all courses.

If you desire to change the password for your course, see Changing the URL Password

Table of Contents

Managing the Course Account and Student Web Directories.

Since the course account is in fact a user, it is capable of receiving e-mail, a telnet shell session, changing permissions on files it has access right to, etc some tailoring may be useful.

Forwarding Course Email
If you wish any mail sent to the course account to be automatically forwarded your regular account, create a file in the course home directory (/home/courses/tcNNNss) called .forward (dot forward). In this file, place the email addresses of where you wish the mail to be forwarded.
Example: Simple way to create a forward file:
1. Telnet to the course account (tcNNNsss).
2. give the command cat > .forward
3. Enter the e-mail address of where you wish the mail to be forwarded followed by an ENTER.
4. Type CONTROL D
Table of Contents
Changing the Login Password for the Course Account.
You can change the password of your course account by giving the UNIX command passwd You will be prompted to enter your old password and enter your new password twice.
Table of Contents
Changing the URL Password
If you wish to change the URL password for your course, Telnet into your course account, give the following command: htpasswd /web/courses/tcNNNss/.htpasswd tcNNNss You will then be prompted twice to enter the new password.
Table of Contents
Displaying Student Names
Some of the configuration on how a web server views a particular URL can be controlled by having a local access control file in the directory. By default, this file is called .htaccess (dot htaccess). Both www.gradient.sunynassau.edu and www.polar.sunynassau.edu allow creation of a .htaccess file.
All directories / URLs (/web/courses/tcNNNss and ~tcNNNsss) have been given a default .htaccess file. The default features of this file are:
1. Displaying the students name next to their web directory when accessing ~tcNNNsss or /courses/tcNNNss.
2. Providing a generic username/password for the students web directories. The default .htaccess file appearing in the /web/courses/tcNNNss directory is as follows:
```
AuthName        faculty
AuthType        Basic
AuthUserFile    /web/courses/tcNNNss/.htpasswd

<Limit GET POST>
require         valid-user
</Limit>

AddDescription "DOE, JOHN" /web/courses/tcNNNss/doe9999
AddDescription "JANE, MARY" /web/courses/tcNNNss/jan0000
```
The default directory listing occurs because the is no index.html file in /web/courses/tcNNNss directory.
- If you don't want a directory listing at all, obviously place an index.html file in the /web/courses/tcNNNss directory.
- If you do not like the way the students names appear, change AddDescription option. Just make sure the description appears in quotes.
- Delete the AddDescription lines if you want no names.
  Note 1: The use of the AddDescription option can be used on any files.
  Note 2: Any directory may contain an .htaccess file.
Table of Contents
Restricting Student Access
The instructor can restrict access in three ways:
Table of Contents
- Restricting Student Installation and Modification of Pages.
  Several instructors expressed feature of having the ability to prevent students from installing web pages at certain times of the semester. To prevent students from installing web pages into their directories, change the permission of your /web/courses/tcNNNss so that only the course account and the web server can access the students directories. You and the students will be able to view the pages but no one will have the ability to modify them.
  - Telnet into the course account, give the command: chmod 750 /web/courses/tcNNNss This will prevent anyone but your course account and the web server from accessing the students web directories.
  - To restore access to the directories, give the command: chmod 755 /web/courses/tcNNNss
  Table of Contents
- Restricting Browser Access to Student Web Pages
  If wish to prevent a particular students web pages from being viewed by the web at all but still allow the student to modify the contents of their web page directory. This can be accomplished by adding a <FILES> statement to the .htaccess file in the /web/courses/tcNNNss directory.
  1. Edit the .htaccess file.
  2. Place the following lines in the file:
```
<Files aaaNNN>
deny from all
</Files>
```
  A Forbidden error message will occur when a browser attempts to access anything in the directory.
  Table of Contents
- Restricting All Access to Student Web Pages.
  You can restrict a students account completely by giving the following series of commands: chown tcNNNss:course /web/courses/tcNNNss/aaaNNNN chmod 700 /web/courses/tcNNNss/aaaNNNN
  Neither shell access or the web server will be able to access this directory.
  WARNING!!! The instructor cannot restore the access once this is done. Access can only be restored by an administrative account.
  Note to administrative group: Access can be restored with the commands:
  chown tcNNNss:apache /web/courses/tcNNNss/aaaNNNN chmod 755 /web/courses/tcNNNss/aaaNNNN

Table of Contents

CGI Access

For the courses that require CGI, a student CGI directory and access has been created. Students place their CGI programs in the directory: /web/student-cgi-bin/tcNNNss/aaaNNNN The URL for their CGI programs will be: http://www.gradient.sunynassau.edu/student-cgi-bin/tcNNNss/aaaNNNN/program.pl

.pl for Perl script.
.cgi for a compiled C program.

Much of the discussion for controlling access to the students web page directory applies to the student-cgi-bin directory with the exception that there is no .htaccess file or directory index listing.

Table of Contents

Pictorial Representation of Everything I Just Said.

A graphical view of everything I just said can be found at http://www.gradient.sunynassau.edu/Unix_Help/grapview.html

General Information

The information supplied here is general in nature and applicable to most systems.

Creating a Password Protected URL.

Several people have expressed an interest in password protecting a directory (URL). The ability to password protect a URL depends on whether the server configuration grants that access. For both Gradient and Polar, the server configuration allows this feature.

Create a file called .htaccess (dot htaccess).
In that file, place the following lines: AuthName some_name AuthType Basic AuthUserFile name_and_path_to_the_password_file <Limit GET POST> require valid-user
</Limit>
Note 1: I am not sure what the some_name is, but anything there seems to work. As far as I can determine, if you use the same some_name for several URL's then, the username/password is in effect for all the URLS with the same AuthName.
Note 2: The name of the password file can be anything. Usually the name is .htpasswd (dot htpasswd).
Place the .htaccess file in the directory you wish to be protected.
You now need to create the password file .htpasswd and place the user names and password in it. You do that with the htpasswd command.
Initially create the file and add a user by typing: htpasswd -c name_and_path_to_the_password_file username
You can now add other user names or change passwords by leaving off the -c option (create option).
Notes:
1. The user will only have to enter the password once per browser session.
2. The password in the .htpasswd file are encrypted.
3. Make sure the web server can read both the .htpasswd and .htaccess file. The files should have the same permissions as those of your HTML pages.

Table of Contents

Graphical View of www.gradient.sunynassau.edu

Quick Reference Page for www.gradient.sunynassau.edu

www.gradient.sunynassau.edu

Department Home page.

Page and graphics by R. Glass