Physics Computer Network

The aim of these guidelines is to provide an information starting point and reference for the users and to solicit feedback for improvements of our computer network and its documentation.
1) all underlined colored items are links back or forth through this guide.
2) clicking on a section header leads to one level up.
3) ??? indicate still missing/pending info.
4) clever use of the "back" and "search" facilities of your browser will help you navigate efficiently.

Introduction Foreword History Location    
Basics Users Computers Software Printers Network
Fax Photocopy      
Setups Sharing E-mail Web LINUX Windows
Laptops Clusters Wireless Documents Glossary
Organization Responsibilities Conduct Financing    
Contacts Committee Coordination Managers    

Foreword     History     Location



The present network guidelines were initially written for the High Energy Physics (HEP) Groups of the Department of Physics, later expanded to the Astrophysics (Astro) groups and now also the Centre for the Physics of Materials (CPM) groups, thus covering practically all research units of the Department. They do not apply to the administration local area network. Whenever there are differences in the descriptions according to the groups, these will be identified accordingly with [HEP], [Astro] or [CPM].

The reader is encouraged to browse through to familiarize him-/herself with the content.

A Brief History


Computers have been an integral part of research and academia at McGill for quite a while. The infrastructure is still growing in scope and complexity. To address all the issues of accessibility, efficiency and security, resources have to be allocated and guidelines introduced. McGill has developed such policies. Likewise, all sub-units of the university, like departments, had to generate some local guidelines according to their own specialized requirements, hence, as a result, the current guidelines.


The Department of Physics has long been at the forefront of this field with its numerous computer applications and the need for fast and reliable network. The system currently in use combines a Local Area Network (LAN) for the department administration, and subnets for the large research groups, e.g. the CPM (Centre for the Physics of Materials) group, our HEP/Astro groups (High Energy Physics and Astrophysics) and the GANG (Group for the Analysis of Nonlinear variability in Geophysics).

Our Computer Network

Ages ago (beginning of the 80's, actually), the HEP group activities were centered around one VAX computer, and then several other small ones. Later on, with the advent of less costly RISC technology, individual research groups purchased their own UNIX platforms (DEC, SGI, SUN, NeXT, Alpha, ..) to satisfy their needs, respond to the collaboration requirements as well as providing more CPU power. Those different machines were almalgamated into a network, increasingly sharing dispersed resources (e.g. printers). In time, practically only machines based on Intel and AMD chips were used, with dual-, quad-core, etc.. variations.

As the system evolves and changes take place, so will these guidelines be modified appropriately. Feedback from the users is essential in providing timely updates.


Floor Plans

The following floor plans indicate the distribution of rooms and locations of common facilities (e.g. printers): 1st floor, 2nd floor, 3rd floor and 4th floor.

For more details on the whereabout of the users and other useful people, please consult the department's directories.


As of 2010, the physics research computer network could be briefly summarized in very approximate numbers as follows:

Users 218 203
Desktops 180 150
in the lab. 20 50
Laptops 80 100
Clusters 3 2
.. CPU's 442 820
Printers 8 3

The number of computers refers to our global network and excludes what is in the clusters/Beowulfs. To the above we might (very) loosely add:

Fax machine 10
Photocopier 10

Just follow the items or click on them to reach their descriptions.

Users     Computers     Software     Printers     Network     Fax     Photocopier


System Managers

All technical aspects of the computer network are the responsibility of the system managers. If you have questions, problems or need advice, please contact them, preferably by e-mail under operator@, but remain aware of the rules of conduct !

New Accounts

Upon arriving at the department, you first have to get a supervisor, who will contact the system managers to confirm your status in his/her research group and provide all details pertaining to the account to be created: full name, username, group association, etc.. The system managers will then create the account with a home area for you on the appropriate home server, and inform you and your supervisor via e-mail as to when the account will be ready for you to use. You will get the initial password from your supervisor (or the system manager, if the supervisor is unreachable) and you will have to change it at your first login (via the yppasswd command),

Usernames (and desktop names) are generally at the discretion of the system managers in order to keep some coherence. Suggestions are however welcome.

Home Areas

Home areas are usually located on computers called file servers. There are currently 5 of them. This is where your configuration files are, where you store your mail, develop your programs, store your "stuff", i.e. do business. This area is backed up regularly as a safety precaution.

    [HEP/Astro] /homes/*/username
    [CPM] /*/users/username

Avoid storing very large data files (>500 MB) there. Music and videos are forbidden by copyright laws anyway. Please don't even try. Data files should reside on alternate storage areas (see below).

Data Areas

Data areas are essentially large areas that your research groups makes available to you. As a group member, you can create directories for yourself in theses areas so that you can store all your data files. These areas are generally NOT backed except with special arrangement between your supervisor and the system managers. However, some of these have special safeguards against either disk collapse or accidental removal, e.g. when they are in RAID1 format. Ask the system managers for details of your area(s) You are however free to make your own backups using devices available to your group. Avoid creating unnecessary copies of large data sets as they clog the system, especially if you forget that you have them.

    [CPM] /*/dat*, only for users with "lots" of data (>100 GB)
    [HEP/Astro] ask your system manager

Type the command lsdata to find out where group data areas are located. (??? not yet implemented)

Scratch Areas

Scratch areas are public large disk spaces accessible to all users for the reading and writing of temporary files, e.g. for re-organizing some of your data, making large emergency ftp-transfers, etc.. Here temporary means you can use the area for your files until it is filled and somebody else needs the space, or the system manager judges the files are no longer used or accessed, or you use it more than a couple of months. Such smaller areas are also located on most computers. Anybody can write in them. These areas are NEVER backed up or guaranteed under any circumstances.

    [CPM] /ltmp/username
    [HEP/Astro] /scratch/computername

Any user can create/remove his/her own files in theses areas. A minimum courtesy is expected in the case using and cleaning up your parts of the areas. System managers may also clean these areas, usually under special circumstances irregularly and after giving a warning.

Type the command lsscratch to find out where scratch areas are located. (??? not yet implemented)

[HEP/Astro] For the moment, you can type df -h /scratch/`uname -n` to locate those areas on your computer, if they exist.


Home areas are backed up regularly, hence the limitations in their sizes.

[HEP/Astro] There are at present two ways to do this for the home areas: shadowing (see below) and replacement upon the shadow for 3 full months, like an incremental shadow of a shadow, which is described in the next section. DLT tapes are no longer in use.

[CPM] All backups are done to the tape library. Homes and mail spool are backed up daily. Data areas are backed up every other day.


Shadowing is a fully automated procedure by which a copy of each home area is done on some dedicated machine and updated every night. This means that for any file that you might lose one day, say, by typing the wrong command, the version from the previous day can be immediately retrieved. For the moment, please ask the system managers for the location of your shadow area or ask them to retrieve the file for you.

[HEP/Astro] Type the command lsshadow to find out where shadows areas are located. For immediate retrieval of yesterday's material use this command to go into the backup directory:

cd `echo ${HOME}|sed -e 's/homes/shadow/'`

[CPM] no shadowing is done

What to do if ..

you need a new account go to your supervisor, who will contact the system managers
you need more home space idem
you lost a file try shadow (above) first if it exists. Next for the moment, give the name, location, date and time of loss of the file and an estimate of the last modification date to the system managers who will then search the backups.



Ages ago, the first computers to form our network were VAXes, later followed by UNIX machines, sturdy, reliable but expensive. Almost all have now been replaced by standard PC-style machines running LINUX, much less expensive and nowadays extremely fast. Some of the old UNIX machines have been retained somewhat longer as specialized servers but are also almost all phased out.

If you plan to purchase a new computer, please consult the system managers first to insure compatibility with the rest of the network, connectivity, architecture, configurations, etc.. They can also help you draft equipment grant applications by understanding the requirements and collecting the relevant technical informations.

If you plan to acquire a special computer tailored to your personal needs, like MacIntosh'es, PC's to run under Windows, or laptops, be aware that technical support and connectivity may be limited. It might be best to ask Janney to install all licensed software. Except for basic requirements - network access, network printer definitions - you're essentially on your own. In particular, the current McGill Corporate anti-virus is now for all, from staff to students, and also apply to permanent computers like room-assigned desktops.

And do not forget: each computer you buy does NOT belong to the user sitting in front of it, to you, your group or the network, it technically belongs to the University, as stated for example explicitly by ownership rules of NSERC, CFI or McGill.

For details on insurance coverage, please consult McGill policy under Risk Management.


A new computer on the network will be given an IP address but it also needs a name. This is done by agreement between the actual owner and the system manager, and also applies to the computer within a cluster.


All new machines are installed, setup and configured by the system managers to insure that their connectivity and security levels are all complete and uniform. Only once the machine is setup and properly tested is it released to the group/user and put at the appropriate location.


Computers generally fall in two categories: those belonging to specific groups and those assigned to the community. While the former will be used towards the detailed research goals of the groups, the latter will perform tasks which are not identified to any particular group or person. They are called servers and their functions can be to manage files, e-mail, web pages, printers, network, etc.. No CPU-intensive job, or heavy I/O operations should be run on these machines. Often they are not accessible directly to the user.


Extra disks, CD,DVD,USB,Firewire devices, etc.. are possible, but not all drivers are available under LINUX, so check with the system managers first.


Any maintenance needed for your standard computers will be performed by the system managers. They will also routinely test your machine remotely.

Updates / Upgrades

The same applies to updates and upgrades. You may wish/need to go to a newer version of the kernel or of the operating system, you may need a specific software set, or the system managers may have been made aware that patches should be applied. In any case they will ascertain the relevance of the changes and apply them for you.


Each user gets a unique password for the computer network, which allows him/her to log on all the machines of the network independently of the location of his/her home area. This is done through the Network Information Service (NIS). However, a user is only allowed to write in his/her own home area and in alternate storage areas as described previously (data and scratch).

The root password of a computer belongs to the administrator (i.e. the system managers) of the machine and for obvious security reasons, no individual user is ever allowed to have it. If you have trouble or special requests with your computer, contact the system managers.

In exceptional circumstances, supervisors could be allowed special limited privileges after discussions with the system managers and validation of the reasons, and only as long as they conform to established security practices and do not perform standard user operations with such an account.

What to do if ..

your computer is frozen never turn it off or reset it yourself, notify the system managers (preferably by e-mail)
it makes noises try to identify the source, notify the system managers
errors occur at execution list what was running, document with error messages, printouts
in case of doubt Remember: Always notify the system managers before doing anything



A large number of program codes may run on your computer. In the standard installation, most updated versions of the system libraries will have been installed to enable compilation of your programs, access the graphics capabilities, etc.. Commonly used programs are for example:

Name Function
pine e-mail
alpine e-mail successor to pine
pico simple editor
nano simple editor
nedit simple and better editor
vi less simple editor
vim its clone
emacs elaborate editor
xv image visualisation
display image manipulation [HEP/Astro]
gimp image manipulation [CPM]

In addition, many members of the HEP/Astro groups make use of generally available scientific packages. These are for example:

Name Function Group License
cernlib Physics and Statistics [HEP/Astro] no
ROOT Data handling package [HEP/Astro] no
PROOF Distributed ROOT [HEP/Astro] no
maple Symbolic Math   yes
iraf Image Reduction [Astro] no
supermongo Plotting [Astro] yes
mathematica Symbolic Math   yes
matlab Math Solutions   yes
IDL Data Visualization [Astro] yes

If a license is needed, the system administrators will have obtained it for all on the network. Most should have been made available to each type of platform. If one does not seem available although the corresponding version should exist, please contact the system managers.


Your applications may require special programs to run. In that case, their costs and the responsibility are yours, and you can install it privately in a /usr/local extension on your machine [HEP/Astro only]. If however it should be accessible for examples to all members of your group, it would be highly preferable not to create multiple copies and you should ask the system managers for a group common location to be setup where the software could be installed.


Should you want to use the ROOT package, it may already be present on your computer as part of the general installation package, but not accessible. First locate it under /usr/local/cern/ and select a version (e.g. the last one). Here is how to proceed next depending on your current Linux shell:

  1. setenv ROOTSYS /usr/local/cern/root_vX.XX.XX/
  2. pushd $ROOTSYS
  3. source bin/thisroot.csh
  4. pushd
  1. exports ROOTSYS=/usr/local/cern/root_vX.XX.XX/
  2. pushd $ROOTSYS
  3. . bin/
  4. pushd
Alternatively, you can put these commands e.g. in a ~/.root_setup file and source it from your .login file.


Users may install or write any program they might need to perform their research. They bear the responsibility of the code and its debugging. System administrators may provide tips or advices, but in general will not or should not take over any user's programming tasks.

CPU-intensive distributed software programs should not run on our network except when agreed upon by the local network coordinator and the system managers. You should learn about queues and clusters to go about it. A procedure, "catz",is also already in place on most computers: if a process uses too much resources on a machine, it will be first pushed down in priority (typically after 15 minutes) and then simply killed after 30 minutes if it persists.

What to do if ..

your program crashes [HEP/Astro] debug it, ask colleagues first
your program crashes [CPM] check with the system manager
you get system errors check your code first, e-mail the system managers with all the relevant information
your program crashes the computer document all and contact the system managers


Names and Locations

Several printers are available to all users of our network. All print by default on letter-size paper (8½×11). Here is the list:

Name(s) Room
Type Color Special
Level 3
hp4250r230 200 HP 4250 no no yes list
number10 200 Xerox Phaser 8560 DN Color yes no yes list
tigre 320 Xerox Phaser 4400 DT no no yes list
number1 320 Xerox Phaser 8400 Color yes no yes list
gato 350 HP Laserjet 4000 no no no list
lynx 350 Xerox Phaser 4500 DT Laser no no yes list
number5 (phaser) 350 Xerox Phaser 8550DN yes yes yes list
number17 407 Xerox Phaser 4510 DT no no yes list
phaser6 407 Xerox Phaser 8550 N yes no yes list
phaser9 407 Xerox Phaser 8560 DN yes no yes list

Command options vary from printer to printer: see the lists above. Some useful generic command examples are:

Command Function
lpoptions -p printername -l printer options
lpstat -t printer status
man lpr printing command manual
lpr -Pprintername submit file to printer queue
lpq -Pprintername query printer queue
lprm # -Pprintername remove printer job from queue

Only specific brands of transparencies/slides are allowed in the printers that can handle them. Please see below for details.


Printer usage (ink, drum life, maintenance) and paper consumption represent the main running costs of the whole computer network. Unfortunately, mishandling of the printers may cause long interruptions of the services and generate considerable extra costs, as past experience shows too clearly.

Please take note of the following advices:
  1. Keep our working environment clean.
  2. Ask yourself if you really need to print that much, if you will read it.
  3. Only use color printers if absolutely necessary.
  4. When you come to get your output, don't let other outputs lie around ..
  5. .. sort all outputs into bins to that effect.
  6. All leftover outputs are put in the blue recycle bins on Monday mornings.
  7. Gently and lightly bend packs of paper back and forth before putting them in the trays.
  8. Distribute opened packs of paper among printers and photocopier.
  9. Don't overload the paper trays: fill them to roughly 3/4 capacity only.
When a printer jam occurs:
  1. If you know what to do, disengage the stuck sheet(s) gently.
  2. If it starts to tear, stop immediately and contact the system managers by e-mail.
  3. Never force trays or other components as they may easily break.
  4. Report the jam to the system managers.
  5. Refrain from kicking .. but report any user mishandling a printer.

Ink & Cartridges

When the ink or toner level becomes low, a warning signal is usually shown, please notify the system managers.

In the case of the color phaser printers, they work with wax blocks, of which there should be some close by. Check for the missing colors for the printer and insert the proper wax blocks (where paper comes out, after opening the top rear cover). Also be aware that for those printers the resulting outputs cannot be autofed into a photocopy machines because of the wax at the surface, only manual feeding will work.

Paper / Transparencies

A common standard paper type, supplied by the department, but paid by us, is used for both the printers and the photocopier. Printer paper can be taken automatically from the trays or fed manually by the user, provided the right printer command is used at submission time (see command options above).

Only specific brands of slides or transparencies are allowed in the color printers that can handle transparencies, otherwise the printer can be severely damaged (e.g. plastic melting inside, you don't want to know). The system managers are supplied with a reserve of transparencies, please ask your supervisor first, as he/she might have his/her own reserve, or he/she will clear it with the manager, in which case you then go to the system managers to obtain what you need.

What to do if ..

nothing comes out the queue hangs, ask the system managers to restart it
ERROR COMMAND shows up many problems can generate this message.
A frequent case is when the postscript level is too high for this printer: switch e.g. from gato to lynx


McGill Restrictions

Our access to the outside world goes through the McGill network backbone to which the department is connected. McGill has an extensive set of policies, code of conduct and network regulations to which we are all committed. Browse at your leisure!

A few points can be extracted:
  1. Each computer has a distinct connection for which we pay, no hub/switch/splitter/router is allowed.
  2. No private wireless setup can be installed/used.
  3. McGill maintains and updates the network and all switches up to and including the entry point in the department.
  4. .


The department network is divided in several subnets:

Subnet Coverage
132.206.6.* physics research backbone, mail/web server homes, gateways
132.206.9.* CPM, mostly UNIX
132.206.36.* Administration Windows network
132.206.92.* HEP/Astro/TNP
132.206.123.* GRID
132.206.125.* currently unused
132.206.126.* used for NOP's (not our problem) and a few fixed HEP/Astro boxes
132.206.186.* non-centrally administered CPM/HEP/Astro, mostly Windows
132.206.252.* undergraduate, mostly UNIX (if not all)

A (very) schematic example of the network configuration is given here for the HEP/Astro part of the network.

Local Access

Each computer has to obtain an IP address from the system managers and be given a name.

[HEP/Astro] The IP/name association then goes into a IP/name resolution database for authentication. This is also the case for computers that obtain their IP address dynamically via "DHCP".

[CPM] Static IP addresses are assigned to the computers.

[HEP/Astro] Before connecting to the network, for example with a laptop, you must therefore communicate the unit's MAC address to the system managers who will then proceed to update appropriate databases and link the appropriate information with a specific wall socket.

For wireless access, see below.

Access from Outside

Only secure (ssh) exterior access is enabled. However, a very limited set of hosts allow this external access:

    [HEP/Astro] choco, calys.
    [CPM] elwing, galadriel, gollum, luthien.

Also refer to the remote instructions for the McGill services which can be of use especially for ISP users who need access to some services that require the "appearance" of being inside McGill.


The bandwidth in the department is normally limited to the maximum of 100 Mb/s between two machines within a subnet branch. There seems to be no congestion at the moment, but there are talks of upgrading the system in prevision for the future needs.

Security Issues

Attack attempts by hackers, port scans and other nefarious activities are extremely frequent and all precautions must be taken to reduce the possibility of damages.

  • There can be a large number of scans any day, most of them worms/virus targeting windows or poorly configured Linux boxes.
  • Don't run any services you don't need.
  • If you rarely use a service, enable it when you use it, then disable it.
  • Never do `internet stuff' (surf the web, newsgroup reading/posting, e-mail) as a `privileged user'.
  • Beware that on Windows, the first user is a `power user', i.e. has administrator privileges.
  • Never use cleartext protocols over which you send passwords (telnet, rlogin, ftp, non-SSL pop or imap, etc).
  • On Windows, block all scripting (set the `internet zone' security level to high).
  • Block all cookies no matter which operating system or browser you use. Only enable `session cookies' for those sites that won't work otherwise.
  • On Windows, don't share (Microsoft-definition) anything by default. If you must, require passwords.

What to do if ..

you don't see the local network a local server might be down
you don't see the rest of the department a department server might be down
you don't see mcgill the McGill network might be down
you don't see your favorite website its specific server might be down
file transfer is slow check other activities on your computer first
inform system managers next

Fax Machine


There is a departmental fax machine in room 108 of the building for administrative and course work. Its number is (514)398-8434.

The HEP/Astro group has its own fax machine in room 320 for research purposes. Its number is (514)398-3733.


This machine can make long distance calls, but no voice phone call is permitted on it.

A HEP fax cover sheet can be found here.

Insert the sheets face down on the top (or face up in the tray), dial 9 (to get out of McGill), followed by the number you want to send your fax to, and initiate by pressing "Dial".

An OK message should appear on the display at the successful end.

What to do if ..

there is no paper refill the paper tray
there is no ink exchange cartridge with a replacement one, see instructions
there is no replacement cartridge contact the system managers
for any other problem contact the system managers



Two photocopy machines are available to all users of the department, on downstairs in room 011, and one on our floor in the printer room 350. Both work with the same ID code that you should have received from the departmental secretary after having talked to your supervisor.


Enter your ID code to let yourself in. The rest is assumed to be common knowledge. Good luck. When finished, make sure to log out. Good luck again. Check that you are really out.

What to do if ..

paper is jammed follow the instruction on the LCD screen
there is no paper fill the tray(s)
there is no more paper contact the departmental secretary

Sharing    E-mail    Web Pages    LINUX    Windows
Laptops    Clusters    Wireless    Documentation    Glossary

Sharing of the Resources


Ever since its inception, our local computer network has proned transparency of usage. This means that irrespective of the location of his/her home area, a user can in principle log in on any machine of the network. A user will preferably use his/her own computer and desktop configuration, but he may access any other user unit. While this should not be abused, it enables sharing of the resources and access to types of programs or partitions which may only be possible from certain units.

CPU Cycles

The strongest arguments for sharing the facilities beyond the common printers and network infrastructure is to make the best use of our money or to allow someone else to do it. Although some users may not notice it, most of the common tasks are neither CPU intensive nor memory hogs. It is then to the advantage of all that instead of buying new computers for occasional jobs, they may let it run on other machines, therefore e.g. using the free CPU cycles at no extra cost.

Queues [HEP/Astro]

A system of job queues is installed on a large number of our standard computers to make optimal use of the free CPU cycles. The system managers will typically install one queue per computers except for those used as file server, web server, or dedicated to some other special task.

Here is a list of the most commonly used commands for the queues:

Command Function
qstat list and status of queues
qexample queue job example
qsub submit a job to a queue

man qsub or qsub alone, etc.. will give a detailed description about each queue command. A job can be submitted from any machine where the commands are installed to any queue of the list. The job WILL run at lowest priority, not visibly affecting the workstation user interacting with it. Users that have logged onto a host not directly allocated to him/her will have CPU intensive applications killed if not using the queuing arrangement. However this restriction does not apply to applications run by the user associated directly to a workstation, yet applications will forcibly be niced (see man nice) as to maintain a good equilibrium with the normal operations of the unit. The output logs can be retrieved in the submitter's ~/Dnqs subdirectory of his/her home area.

More About Queues [HEP/Astro]

Apart from here is a brief on how to use the Torque PBS submission scheme.
  • 1. Most important:

    The user must have created his/her ssh authentification keys on one of our nodes and copy them to his/her ~/.ssh/authorized_keys file. If it wasn't done then the output and error files will remain on the host which did the job.

    To generate the keys:
             ssh-keygen -t rsa (use defaults)
             ssh-keygen -t dsa (again use defaults)
             scp ~/.ssh/*.pub >> ~/.ssh/authorized_keys

  • 2. a) You can get a list on nodes and properties via:
             pbsnodes -a | egrep '^[a-z]|state =|np =|properties'
  • 2. b) Or use "xpbsmon" to see which units are available
  • 2. c) Our networks currently has 2 types of worker nodes "types":
             "desktops" and "flor/finas" cluster units
  • 2. d) flor/finas , all multi-cpu/multi-core units running 64 bit:
             nodes 2-6 ,purchased by RHB
             nodes 8-10 ,purchased by Veritas people
             nodes 11-18 (also known atreides), purchased by Sangyong

  • 3. Write a script ..

    .. containing the commands you would normally type on your terminal window. You may insert at the beginning of the script sets of PBS directives that start with the "#PBS" line (See "command line below).

    Those directives tel the PBS-job manager how to control your jobs, for example:

    #PBS -N "test1" #Define Job name
    #PBS -l nodes=2:ppn=4:atriedes #Job requires 2 nodes with 4 processors/node in the atreides group of nodes
    #PBS -l nodes=1:desktop #Job requires one node/one cpu in the desktop range
    #PBS -e test1.err #Define the error file
    #PBS -o todays.out #define output file
    #PBS -S /bin/bash #Make this run under Bash shell

  • 4. Command line submission:      qsub -l nodes=<#cpus>:{{hostname}:{property...}} <Script>
    Example: qsub -l nodes=1:desktop:IDL <Script>
    i.e. submit to any desktop as long as it has IDL installed

    The qsub program is used to submit jobs, and has a number of command-line options:

    -a <date_time>......... : The earliest the job may be executed
    -A <account_string>.... : Account name to use resources from
    -C <directive_prefix>.. : string to indicate PBS commands in a script
    -e <error_file>........ : error file (with absolute or relative path)
    -I .................... : Launch an interactive job
    -h .................... : Hold the job at launch
    -j oe ................. : Join output and error streams (stdout/stderr)
    -l <resource_list>..... : Request specific resources (# of procs, walltime, etc.)
    -m [a[b[e]]]........... : Mailing options. a=Mail if aborted by scheduler
                                               b=Mail when job begins
                                               e=Mail when job ends
    -M <email_list>........ : List of comma-delimited email addresses to email
    				notifications to
    -N <job_name>.......... : Name of the job
    -o <output_file>....... : output file (with absolute or relative path)
    -q <queue_name>........ : Name of queue to submit job to
    -S <shell_path>........ : Which shell to use to interpret the given commands
    -W <attribute_list>.... : List of attributes -- advanced option, see later sections

    NOTE 3 & 4 will use need one of the properties and/or hostname along the submit request either via the PBS directives OR command line, i.e. the "-l" option.

  • 5. Not all current desktops have the PBS queueing service installed yet. If "pbsnodes" doesn't exist on the desktop then use kihoskh, choco or calys

  • 6. Job viewing: qstat -n1
    Job cancelling: qdel <job-id> <- may need to do that on job-manager node (kihoskh)



Each user on the network gets, at the same time as his/her account on the system, a unique e-mail address based on his/her username/loginname: Having an e-mail address enables the user to send and receive mail. For most of the faculty people, the last name is also an alternative for reaching the correct person. Name conflicts and special wishes are resolved at the discretion of the system managers and within the rules of the university.

[HEP/Astro] In the longer run, addresses of the type may also become available once the department's database is completed.

[CPM] No long names planned.


E-mail messages are currently limited to 10 MB in size for the Department of Physics and for the HEP/Astro groups. Binary files must be encoded and require approximately 25% more space, hence their practical size limit is 8 MB. You may also ask youself whether your destinee actually likes to get huge files, as some receives mailers tend to slow down considerably.

As the messages become larger, it's important to consider some of the overheads. In the initial phase of delivery, incoming messages are stored in a global area, commonly referred to as the mail spool. If the incoming mail folder becomes too large, appending becomes a serious issue as the mailer and therefore the filesystems become heavy and unwielding for all users. Users are strongly encouraged to use the scp/sftp commands whenever possible to transfer large files. It is also good practice to create your own sets of folders and organize your mail messages in your own home areas, i.e. away from the system pool.

Conversely, the use of your web pages is an acceptable alternate method of distributing large files to the general public, as they are picked up at the recipient's leisure without clogging his/her own mailer.


If you want your mail forwarded to another account, you should create a .forward file in your base directory, containing one line with the new destination address, e.g.

If in addition you would like to keep a copy in your McGill user account, the .forward file should contain:


IMAP & More

Only secure IMAP will work. Try to be reasonable and adjust to polling time to >15 minutes as spawning of the service for each connection just clogs the service. Avoid multi-host IMAP connections, this is only a trick to get faster polling. And don't forget to stop the service from home when you go to bed or leave your home house or when not in use.

    [HEP/Astro] or
    [CPM] (SSL/TLS only)

Mail relaying is not allowed unless within the physics department.

SMTP Relaying Mailer

Roaming users who need to have us relay their mail should:
  • [HEP/Astro] Configure your "smtp" server to be and use "TLS" authentication.
  • [CPM] (STARTTLS, login required)
  • Accept our self-signed certificate(s).
  • If your Internet Service Provider (ISP) is blocking SMTP port 25, use port 587.


ALPINE and PINE are the program for e-mail on all of our local machines.


WEBMAIL is the alternative to PINE when the users is outside of McGill and wants to access his/her e-mail security through a browser at

A bit of history:

we had configured PINE to behave so that: all mail gathering on the master-spool ( area is transferred to the ${USER}/mbox folder if it exists at each PINE session.

However WEBMAIL (unlike PINE) has only one view of things.. either the ${USER}/mbox or the master-spool folder

Since we need WEBMAIL to know about new-arrivals in the master-spool We reconfigured WEBMAIL to use the master-spool folder.

You now have 2 options:
  1. You care about the master-spool folder only and wish to stop PINE transferring from the master-spool to ${USER}/mbox then simply do:
    cat ~/mbox >> /var/spool/mail/${USER}; mv ${USER}/mbox ${USER}/mbox.old
  2. You wish to continue the gathering phase of master-spool to ${USER}/mbox, then do:
    ln -s ../mbox ~/mail/mbox
    You will then need to get that folder from WEBMAIL's folder list

To transfer your PINE addressbook to WEBMAIL, the following (relatively complex) method seems to work (Based from:
  1. Enable Aggregate Commands in PINE, if necessary:
    • In PINE's main menu, type 'S' (setup) and 'C' (config).
    • Press down-arrow to the 'enable-aggregate-command-set' option.
    • Press 'X' to check it if it's not already.
    • Press 'E' to exit setup, and 'Y' to save your changes.
  2. Export your PINE address book in 'vCard' format:
    • In PINE's main menu, press 'A' (addressbook).
    • Choose your addressbook (.addressbook) if necessary.
      If you see your addresses immediately, it's not necessary.
    • press ';' (semicolon) and 'A' to select all addresses (you can also be more selective, but we'll ignore that complication).
    • Press 'A' and 'S' (save all).
    • Press 'E' (export).
    • Press 'V' (VCard).
    • Type a filename, for example 'addressbook.vcf'.
    • Exit PINE by typing 'Q', then 'Y'.
  3. Transfer the file you saved (e.g. 'addressbook.vcf') to your PC. You can use an SFTP/SCP client to do this.
    • Import the file * into WEBMAIL:
    • choose the 'Addressbook' link.
    • choose the 'Import/Export' link.
    • choose 'vCard3.0' from the pulldown menu in the Import Addressbook section.
    • press 'Browse'.
    • find and select the file you downloaded to your PC.
    • press the 'Import' button.

[CPM] Alternatively, you may use NCS's e-mail services.


Spam is a plague and its impact should be reduced as much as possible. The university and the system managers on our network spend an inordinate amount of time fighting spam mail to reduce the network traffic. Certified spam messages are discarded. Still, (too) many come through.

If you notice likely sources or subjects, please bring them to the attention of the system managers who will try to add it to the lists. Likewise, avoid giving full e-mail addresses in any of your web pages, as they can be scanned and reaped to your annoyance only. Finally, the use of university e-mail for propagating spam and for other damaging activities of any kind is forbidden.

You may want to activate Spam Assassin or Procmail on your incoming mail. Please consult the system managers.

Web Pages

Your Own

As with e-mail, each user routinely gets access to a web page he can fill, design, update, etc.. Its address is of the type This page is accessible from the outside world.

[CPM] The pages you want accessible to the world should be in /WWW/username. The server is instantly updated and the pages are immediately visible on the web under

[HEP/Astro] The pages you want accessible to the world should be in ~/WWW or /imports/WWW/people/username, whereby ~ represents your main directory. They are immediately available on the web address An automatic update is initiated three times a day to the main web server to make the content visible on the web under

The user may however encourage/order an immediate update by typing the webpush command on the host ataura (a login is not necessary when on the local network, "ssh -x ataura webpush" or "rsh ataura webpush" will do from almost any of our computers). It case you get a strange message about entropy, wait a few minutes and then re-try: the message should disappear.


Web pages are for research-related or academic activities. The available areas are not yet infinite in size, so please restrain yourself.

Personal additions to your pages are possible as long as they remain brief (at most a small fraction of the total physics content) and do not contain any illegal or inappropriate material.

For security reasons, no private web server is allowed.



UNIX was and remains the operating system of choice on the computers of the network. It existed and still exists in numerous brands (and flavours). With the advent of the cheaper and more affordable PC-like machines, its Linux derivatives, it has been generally widely adopted and ported to all new machines.

An introduction to Unix/Linux by S.Jeon can be found here in HTML or here as a PDF document.


Several flavours of Linux also exist, each with slightly different features and characteristics. Debian has been chosen as the flavour of choice in the department. Actually, most machines (SUN, Alpha, etc..) can be converted to it. A few exceptions have been made for Scientific Linux and Red Hat when compatibility with international collaborations required it.

Windows and more non-Linux


Most non-Linux machines are PC's running under Windows. Currently, greater stability and better security features have been achieved by Windows XP, to which all systems tended to converge. Windows 95 and 98 have too many security holes, are dangerous, no longer sustainable and therefore should be disconnected from the network. New "improved" versions of Windows keep coming. For technical help, please ask Janney.


MacIntosh computers are provided with the basic connectivity but are managed exclusively by their owners. For more information, contact Paul, who may also redirect you to experienced MacIntosh users.


Trend Micro, Corporate Edition, is available for all Windows machines on our network, as well as MacIntosh machines and some Linux machines. Please insure that it is installed and working correctly, and that the virus definitions updates are frequently applied, if not automatically.

You should also run software like ad-aware to identify possible treats, spyware and other un-goodies generally known as crapware. From previous experiences on our network, the free "Spyboot Search&Destroy" is recommended over "Ad-aware". In case of severe intrusions, "HighJachThis" is excellent but for experts. Consult Janney, the Windows system manager for more details.

System managers are not to be held responsible for invasion, decontamination or re-installation of your machine and any associated loss of data or time. Do not ignore any security warning nor neglect the fundamental safety precautions.


A firewall will not
  • stop your browser from downloading malicious Active-X or other language scripts from remote websites you are currently visiting;
  • prevent them from modifying your key registry, hosts file, or any other OS file/component;
  • unless set to be absolutely paranoid (making any type of network access unbearable or close to), it will not prevent said scripts from downloading further scumware using http requests, or, more importantly, uploading information gathered on your computer to other sites. The anti-virus program now takes care of some of this.

On the other hand, if you run as an unprivileged user, some of the key steps in the scumware installation will be blocked because they required privileges you do not have.

It's not 100% safe, and you should still run a firewall, install all security patches, run an antivirus and your favorite ad/spy/crap/scumware blocker/remover, and also run regular scans (even if you've enable real-time protection on the antivirus and the ad/spy/crap/scumware blocker/remover)


Do you have a Windows, Mac or Linux machine and want to print on one of the network printers? Please follow theses steps for Windows XP:
  • Either goto Start -> Settings or on the Control Panel.
  • Select: Printers and Faxes.
  • Select: Add printer.
  • At the welcome page, press "Next".
  • Select "Local Printer" but without Auto-Detect, then press "Next".
  • Select "Create a new port".
  • From the Drop down menu, select "LPR Port", press "Next".
  • If "LPR Port" is not there, go to the Control Panel, then to "Add or Remove Programs", then select "Add/Remove Windows Component" and somewhere i(sorry) there enable "LPR Ports". Then start over.
  • Give name of server "".
  • Give Name of printer, e.g. "lynx" from table.
  • Press "OK".
  • You then have to provide the brand and type of printer from the lists and follow the instructions until completion.
Instructions for other machines are forthcoming.

Some drivers are available at

For CUPS-based printing (Linux, MacOS, Solaris), follow the links with the instructions for the 2nd floor and 3rd floor [Astro/HEP], or 4th floor [CPM] respectively.


If you want to set up a Virtual Private Network (VPN) to connect inside McGill from off-campus, see the instructions


Please read McGill's web pages on computer network and security to keep abreast of potential problems. For a list of things to do and not to do, see also above or under security issues.



Laptops are considered personal computers to be used by a single person and carried around by the said user. How a laptop is configured is normally done by the user since it is frequently running under Windows, dual boot or other scheme.

So basically you're on your own, but you can ask the system manager for advice.

Any special request to the system managers should be cleared beforehand.

A laptop should also be identified to the system if it is to be connected (via "DHCP" or fixed IP address) to the network. See the access section for details.


The user does it all.

Risk and Insurance

Please read the McGill policy on property insurance, especially the part on property used off premises, under Risk Management.

Dedicated Clusters / Beowulfs


Dedicated clusters are large set of computers bought in general by a particular group for specific purposes. Each cluster is to be considered as a node. In principle only one of them is needed as gateway to the rest of our normal network, hence a meaningful relaxation of the McGill rules of one computer - one port.

Up to now, such clusters were planned by a limited group of users in consultation with the system managers, purchased through e.g. specific CFI grants and set up by the buyer with recommendations and help from the system managers.

Beowulf clusters are scalable performance clusters. Most of our clusters on our network are such Beowulfs. Here, as a 2010 snapshot:

Network Name Group Duals
(2 CPUs)
(4 CPUs)
(8 CPUs)
Flors HEP THEP   6  
HEP TNP     8
Astro Veritas     3
Borgs Astro Pulsar 45+40    
Gaias HEP Atlas 80    
Shire CPM Nanoscience 330    
Eldar CPM Vinals 80    

For the configurations, see the example of the flors/finas Beowulf or ask the system managers for details.


[HEP/Astro] The group buying the cluster is responsible for its installation, testing, maintenance and possible upgrades. The system managers are interested in the developments, provide any advice necessary and insure a good connection to the common network. Should the technical support from the system managers be more involved and intensive, an agreement with the local coordinator should be reached regarding the prioritisation of tasks and changes in the cost sharing.

[CPM] The cluster installation and maintenance is performed by the system manager.



No private wireless mini-network may be setup on the campus.

As the wireless access is reserved by McGill as campus wide service, there is no Physics network wireless per say. Refer to the wireless McGill network services for instructions or to the request forms for guest network access.

For more on laptops, click here.



Please ask supervisor, colleagues or search the web to find documentation on most of the standard features of computers, printers, operations systems (LINUX, Windows, Macs, etc..).


The present documentation is an attempt at getting a starting point for specifics of our network. Please browse through to locate what you are looking for, or send comments/complaints/suggestions to your local network coordinator as feedback to improve the situation.


Some Abbreviations

Abbr. Meaning
Astro Astrophysics, Astroparticle Physics
CFI Canadian Fund for Innovation
CISC Complete Instruction Set Computer
CPM Centre for the Physics of Materials
CPU Central processing Unit
DHCP Dynamic Host Configuration Protocol
DLT Tape Backup System
DNS Domain Name Service
ERP Ernest Rutherford Physics Building
FTP File Transfer Protocol
GANG Group for the Analysis of Nonlinear variability in Geophysics
HEP High-Energy Physics
HTML Hyper Text Markup Language
HTTP Hyper Text Transfer Protocol
HTTP .. idem, secure
IMAP Internet Message Access Protocol
Intel .
I/O Input/Output
IP Internet Protocol
ISP Internet Service Provider
LAN Local Area Network
LINUX Linus Torvalds' UNIX-type OS
MB Mega-Bytes
MS Microsoft Corporation
NIS Network Information Service
NP Nuclear Physics
NSERC National Science and Engineering Research Council
OS Operating System
PC Personal Computer
PDF Portable Data Format (Adobe)
POP Post Office Protocol
RISC Reduced Instruction Set Computer
RSH Remote Shell
SCP Secure Copy
SMTP Simple Mail Transfer Protocol
SSH Secure Shell
TCP Transmission Control Protocol
TCSH Shell
THEP Theoretical HEP
TNP Theoretical Nuclar Physics
UNIX Common operating system (name)
VAX Legendary old type of computer
VPN Very Private Network
WON WON Engineering Building
WWW World Wide Web
XHEP Experimental HEP
XNP Experimental Nuclar Physics
YP Yellow Pages (now NIS)

You may also try Wikipedia, Google or others for (much) more.

Responsibilities     Rules of Conduct     Financing

Areas of Responsibilities


An organigram of the current working structure of the computer network in the department can be found here.

Research and Administrative Computing Review Committee

Jorge Vinals Chair
Tracy Webb as Chair of the Web Committee

The Research and Administrative Computing Review Committee met on September 27, 2004. [..] It recommends:
  1. That a permanent committee (the "Local Systems Committee") be established charged with:
    • Oversight of technical support,
    • Oversight of departmental acquisitions of hardware and software, and
    • Oversight of research computing equipment that may have a substantial impact on building resources.
  2. Operation of three platforms: LINUX/UNIX, Mac OSX and MS Windows needs to be transparent to the end user.
  3. Online documentation of resources and policies needs to be improved.
  4. "One desk, one ethernet port".

Department-wide Computing Committee

On October 27th, 2004, the Chair of the Department, appointed a new Committee, the "Local Computer Systems Committee". Current membership on this Committee can be found under below.

Local Network Coordinators

The local network coordinators are responsible for the administration of the computer networks, i.e. the HEP/Astro one on the 2nd/3rd floors and the CPM one on the 4th floor. They establish, in consultation with the system managers, the priorities in the activities, they do the finances and they take the associated decisions. In general they also serve as "employer" for the system managers and provide them support for any major problem or unresolved technical or personnel issue.

System Managers

The system managers bear the technical load of the computer network. They interact with the users and their devices on a day-to-day basis, and with the McGill Computer Center as necessary. Their job description covers almost all technical aspects related to computers as listed in these guidelines. They however will not teach or program for the users, but are available for consultation, advice and questions.


Supervisors are normally the faculty members of the department who are associated with our computer network. They lead or are part of one or more research groups, and are therefore directly responsible for the users belonging to their group(s), the computers and other devices purchased or used by their group as well as the activities and impact of the said users. They stand between the local network coordinators and the users.

Users are all those members of the department having an account on our computer network and using its facilities. Every single user must be assigned to a supervisor. They can get help and directions from the system managers. In case of difficulties or misunderstanding, they should consult with their supervisor or eventually contact their local network coordinator.

Rules of Conduct


We want to keep our working environment running as smoothly and efficiently as possible. To that goal, the collaboration of all users is obviously necessary:
  1. Treat your fellow user, the system managers and all people sharing the network with consideration.
  2. Handle the computers properly. You may swear at them, but please not too loudly. Don't hit them, shake them or reset them. Ask for help if you suspect a hardware or a software problem.
  3. Take care of all peripherals, especially the printers.
  4. Keep an eye on your machine or the network. In case of doubt, if you think some illegal activity is/has taken place (e.g. hacking), please inform the system managers immediately. If necessary, disconnect your network cable (without breaking it) on the spot.
  5. Follow the rules, instructions or conventions, whenever applicable.
The network and its components are routinely monitored for good functionality, but since it is still all based on trust, no invasive procedure is used yet to insure that all rules and safety precautions are used.

System Abuses

Should one user or some users abuse any part of the system, they will be warned. Such harmful activities can be (non-exhaustive list):
  1. Blocking a computer by saturating its CPU, memory or disks until it freezes.
  2. Running long CPU-intensive jobs outside of the queues.
  3. Clogging a too large number of queues with their jobs.
  4. Saturating the network bandwidth, especially during the day.
  5. Downloading illegal or illicit files (videos, copyrighted programs, etc..)
  6. Clogging printer queues.
  7. ..
Users will be warned, assuming the harm was unintentional. Should they persist however, they will have to be barred from using part or even all of the network. Supervisors are responsible for the activities of the users in their groups.

Vandalism and Theft

Vandalism and thefts are not tolerated and are to be reported at once.

In the past two years, repeated vandalism from impatient and unknown users has lead to printer trays or doors to be forced and damaged. Not including the down times, these are expensive repairs for which all the participating groups have to foot the bill.

Unfortunately, thefts are no longer a rarity in the busy McGill campus environment:
  1. Leave you door closed, even if you should go out for only a minute.
  2. Don't leave valuables lying around.
  3. Secure your laptop.
  4. Observe people going around. If they don't belong or don't seem to belong, ask them if you can help them, or even offer to bring them where they want. Such actions are strong deterrents.
  5. Report any suspected damage or missing item as soon as possible.
And remember, anything not attached can be a temptation, but don't rely only on a cable or chain. One thief was once caught stealing one of the McGill gray telephones! Always lock you door when you go, even if only for one minute.


We want to keep an informal and relax working environment. Please refrain from aggressive, demanding or insulting behaviours at all times. They may originate from computer or personal problems, thus creating stress, but sometimes the priorities of others or of the system managers regarding the whole network might be different from yours. For example, after a power failure, they may not have time to attend to you because they have to reset the whole system first.

If you have problems with your group's part of the system, please talk to your supervisor first. If you have communication problems with the system managers, do not hesitate to go to your local network coordinator. Efforts will be made to resolve the issue(s). If you feel the current set of rules and practice is not adequate, please let your network committee know, that's what they are there for.

Financing the Network

By the Groups [HEP/Astro]

The HEP/Astro Computer Network is financed by the Consortium, a conglomerate of all the participating faculty members (or supervisors).

The common expenses are:
  • Contributions to the system managers salaries
  • Printer costs (toner, paper, maintenance, repairs, purchases)
  • Hardware maintenance (keyboards, mice, power supplies, fans, ..)
  • Software contracts
  • Fax and Telecom
  • Stationery
  • Network costs (cables, ..)
  • Miscellaneous

Small standard pieces of equipment can be supplied, but any other large piece, or specific to users (hard disks, peripherals, memory, etc..) or damaged by the user is replaced at the user's expense.

The revenues are generated from the research grants of all members with additional contributions from the department. The sharing between the members is done according to an algorithm based on:
  1. the number of accounts to represent the user "load".
  2. the number of computers to represent the "machines". Note that clusters under the sole responsibility of a group are up to now counted as one entry only.
  3. the number of pages printed to represent the "activity"
Each account/computer/page is associated either to a supervisor (as in most cases) or to the whole system (small fraction, as a commonly-owned facility). The items in the latter category are shared equally by all. These are all hard, reproducible numbers. The corresponding fractions are:
  1. 40%
  2. 40%
  3. 20%
The 20% for the printed pages actually reflects fairly well the relative fraction due to the printing costs. The data are collected once a year and the calculations made to charge the different groups in proportion of their "usage" of the network.

[CPM] the costs are covered by the Centre.

Maintenance and Repairs

Several computers and devices are commonly shared, either bought for specific purposes or donated to the Consortium by a group. Examples are: These are maintained and repaired/replaced whenever necessary with high priorities. Since these costs may vary wildly, small reasonable provisions are made in the budget but sometimes they may overflow onto the next year.


Our network is always open to new technologies which could improve our system, as long as we could afford it. If the promises are good, but if it could not be absorbed in the running budget, we try to either generate an equipment grant application which would cover it, or to find a generous donor, often the person or group proposing the innovation. In either case, if the consensus is to get it for the Consortium, the running/maintenance costs are thereafter inserted in the budget.


Each year, when the cost sharing is established, an accounting is done by the local network coordinator for the past year's activities and a budget projection made for the coming year. After submission to the Consortium members, and feedback from them, the numbers may be corrected as necessary before being accepted.

Committee     Coordination

Network Committee


The tasks of the Computing Committee are:
  • Survey the network
  • Monitor the usage
  • Evaluate the needs
  • Assess the impacts
  • Review solutions
The committee should try to streamline the activities and especially the developments at the department level. It is accountable to the Department.


The committee is formed by a Chair of the Network Committee, the Chair of the Web Committee and the de facto coordinators from the HEP/Astro or CPM networks. The list for 2009-2010 is given below. Please forward your feedback, questions, queries, wishes to:

Function Name Room Phone E-mail
  Jorge Vinals ERP-215 2766 vinals@
Web Tracy Webb ERP-217 7226 webb@
HEP/Astro François Corriveau ERP-330 6515 corriveau@
Astro Bob Rutledge ERP-222 6509 rutledge@

All e-mail addresses are to be followed by the usual 'physics dot mcgill dot ca'

Network Coordination


All e-mail addresses are to be followed by the usual 'physics dot mcgill dot ca'

Groups Name Room Phone E-mail
HEP/Astro François Corriveau ERP-330 6515 corriveau@
CPM Hong Guo ERP-416 6530 guo@
Admin Saverio Biunno WON-0140 6487 saverio.biunno@

System Managers


If you need to contact the system managers, please do it preferably by e-mail at the generic address listed below.

Group Name Room Phone E-mail
  generic     operator@
HEP/Astro-(CPM) Paul Mercure ERP-347 6505 merp@
CPM-(HEP/Astro) Juan Gallego ERP-331 6504 juan@

Group Name Room Phone E-mail
Windows Janney Wu WON-0130 1752 janney@

Last updated by François Corriveau (corriveau@) on September 17th, 2014.