[sage-support] Re: sage server in OS 10.6
I was using firefox primarily, but I think it happened with Safari. On Mar 16, 7:13 pm, Dan Drake wrote: > On Fri, 16 Mar 2012 at 04:11PM -0700, Mike OS wrote: > > When I save and quit the worksheet, I go back to my home page. > > If I click sign out, nothing happens. > > Are you using Firefox? This happens with some recent versions of > Firefox. Does that same thing happen with another browser? > > Dan > > -- > --- Dan Drake > - http://mathsci.kaist.ac.kr/~drake > --- > > signature.asc > < 1KViewDownload -- To post to this group, send email to sage-support@googlegroups.com To unsubscribe from this group, send email to sage-support+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/sage-support URL: http://www.sagemath.org
Re: [sage-support] Re: sage server in OS 10.6
On Fri, 16 Mar 2012 at 04:11PM -0700, Mike OS wrote: > When I save and quit the worksheet, I go back to my home page. > If I click sign out, nothing happens. Are you using Firefox? This happens with some recent versions of Firefox. Does that same thing happen with another browser? Dan -- --- Dan Drake - http://mathsci.kaist.ac.kr/~drake --- signature.asc Description: Digital signature
[sage-support] Re: sage server in OS 10.6
On Mar 16, 7:11 pm, Mike OS wrote: > Jason and Dan, > > Thank you for the info and suggestions. It took a while, but we got > it running. > > One thing that I'm experiencing seems odd. > I created an account, logged in, made a worksheet. > > When I save and quit the worksheet, I go back to my home page. > If I click sign out, nothing happens. If I kill the browser window, > then open a new one and go back to the server, I get my home page > (without logging in). If I quit firefox, then I do have to login. > > But! If I open a worksheet and don't quit it, then it seems to keep > running even > after I quit firefox. I restart firefox, relogin and there it is, > the worksheet still running. > > This seems odd, is that how it should be? This is actually a feature. I've used this once in a while when moving between the office and classroom. > Won't this lead to a lot of unused stuff being stored when people, > unthinkingly > leave notebooks open? There is a default timeout, I believe... and you can set it. I think that "notebook?" should answer this for you. -- To post to this group, send email to sage-support@googlegroups.com To unsubscribe from this group, send email to sage-support+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/sage-support URL: http://www.sagemath.org
[sage-support] Re: sage server in OS 10.6
Jason and Dan, Thank you for the info and suggestions. It took a while, but we got it running. One thing that I'm experiencing seems odd. I created an account, logged in, made a worksheet. When I save and quit the worksheet, I go back to my home page. If I click sign out, nothing happens. If I kill the browser window, then open a new one and go back to the server, I get my home page (without logging in). If I quit firefox, then I do have to login. But! If I open a worksheet and don't quit it, then it seems to keep running even after I quit firefox. I restart firefox, relogin and there it is, the worksheet still running. This seems odd, is that how it should be? Won't this lead to a lot of unused stuff being stored when people, unthinkingly leave notebooks open? Also shouldnt sign out send me back to the login page? Is there a setting that needs to be ... set? Mike On Mar 6, 6:46 pm, Jason Grout wrote: > On 3/6/12 2:53 PM, Mike OS wrote: > > > > > > > > > > > I'd like to set up a sage notebook server at my campus. Since this is > > beyond my expertise, I asked the College IT specialists to handle it. > > Of course, they are very concerned about vulnerabilities, so they > > will only allow access from on campus. > > > We browsed some of the available information and most concerns Ubuntu > > not OS X. I received the following from Bill Morris, our IT guru. > > Could anyone answer his questions and validate his understanding of > > things? Also, please address the overarching issue, which I have > > seen discussed quite a bit in recent posts: security in setting up a > > server. > > > Thank you! > > > - I invested a couple of hours yesterday trying > > to unwind the "setting up a sage server" question. I think the issues > > are these: > > > 1. Sage's notebook server is built in to sage ... it is likely the > > same sort of python based web server as is used in zope. > > I don't think it's the same as zope, but it is a python-based web > server. Sage uses the twisted web server [1]. > > > 2. Coupling sage with apache is basically running apache with little > > more than a proxy to port 8000, the port sage's notebook server runs > > on. > > That's correct. Well, it's really a "reverse proxy". > > > > > > > > > > > > > 3. The part of the "how-to" instructions that leave me coldest are > > the "here is where we create the accounts sage1 ... sageN" on the > > server and try our best to keep people from exploiting them. They > > even go as far as talking about filesystem ACLs ... which tells me we > > don't want to go anywhere near this. > > > So, my question to you, as someone who hopefully understands the > > desired outcome better than I, is: > > > Does a sage notebook server require interactive logins? I'm > > thinking, but am not quite sure, that the interactive logins are for > > students to run sage from a command line, and as long as one creates > > sufficient accounts in the notebook server itself (not accounts on > > the host where the notebook server is hosted) the notebook server can > > exist without interactive logins. > > When a user executes a worksheet on the Sage server, a sage session is > started up on the server to execute their commands. This sage session > is basically giving them shell access on the server. If you don't > create something like the sageN accounts (i.e., if you don't use the > server_pool option when starting up the notebook server), then this sage > session is started up as the notebook user (i.e., the sageserver user, > if you're following these instructions [1]). This is bad, because it > means that any notebook user can then delete the entire notebook data > directory (because their worksheet commands have those user > permissions). So instead, we create restricted sage0 through sage9 > accounts (one account is all that is really necessary). These > restricted accounts are used for executing user code. This provides > privilege separation between the Sage notebook server, which maintains > the list of worksheets and communicates with users, and the user code > that is being run. > > Does that help? > > It would help to add clarifications to the instructions. The page is a > wiki page---feel free to edit it to clarify things, if you'd like! Or > let your IT person know that they are welcome to create a wiki account > and edit it to make it more friendly to IT people. > > Thanks, > > Jason > > [1]http://twistedmatrix.com/trac/ > > [2]http://wiki.sagemath.org/SageServer -- To post to this group, send email to sage-support@googlegroups.com To unsubscribe from this group, send email to sage-support+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/sage-support URL: http://www.sagemath.org
[sage-support] Re: sage server in OS 10.6
On 3/6/12 2:53 PM, Mike OS wrote: I'd like to set up a sage notebook server at my campus. Since this is beyond my expertise, I asked the College IT specialists to handle it. Of course, they are very concerned about vulnerabilities, so they will only allow access from on campus. We browsed some of the available information and most concerns Ubuntu not OS X. I received the following from Bill Morris, our IT guru. Could anyone answer his questions and validate his understanding of things? Also, please address the overarching issue, which I have seen discussed quite a bit in recent posts: security in setting up a server. Thank you! - I invested a couple of hours yesterday trying to unwind the "setting up a sage server" question. I think the issues are these: 1. Sage's notebook server is built in to sage ... it is likely the same sort of python based web server as is used in zope. I don't think it's the same as zope, but it is a python-based web server. Sage uses the twisted web server [1]. 2. Coupling sage with apache is basically running apache with little more than a proxy to port 8000, the port sage's notebook server runs on. That's correct. Well, it's really a "reverse proxy". 3. The part of the "how-to" instructions that leave me coldest are the "here is where we create the accounts sage1 ... sageN" on the server and try our best to keep people from exploiting them. They even go as far as talking about filesystem ACLs ... which tells me we don't want to go anywhere near this. So, my question to you, as someone who hopefully understands the desired outcome better than I, is: Does a sage notebook server require interactive logins? I'm thinking, but am not quite sure, that the interactive logins are for students to run sage from a command line, and as long as one creates sufficient accounts in the notebook server itself (not accounts on the host where the notebook server is hosted) the notebook server can exist without interactive logins. When a user executes a worksheet on the Sage server, a sage session is started up on the server to execute their commands. This sage session is basically giving them shell access on the server. If you don't create something like the sageN accounts (i.e., if you don't use the server_pool option when starting up the notebook server), then this sage session is started up as the notebook user (i.e., the sageserver user, if you're following these instructions [1]). This is bad, because it means that any notebook user can then delete the entire notebook data directory (because their worksheet commands have those user permissions). So instead, we create restricted sage0 through sage9 accounts (one account is all that is really necessary). These restricted accounts are used for executing user code. This provides privilege separation between the Sage notebook server, which maintains the list of worksheets and communicates with users, and the user code that is being run. Does that help? It would help to add clarifications to the instructions. The page is a wiki page---feel free to edit it to clarify things, if you'd like! Or let your IT person know that they are welcome to create a wiki account and edit it to make it more friendly to IT people. Thanks, Jason [1] http://twistedmatrix.com/trac/ [2] http://wiki.sagemath.org/SageServer -- To post to this group, send email to sage-support@googlegroups.com To unsubscribe from this group, send email to sage-support+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/sage-support URL: http://www.sagemath.org