Yale University

ITS Section Heading

Yale ITS Home Student Technology Collaborative

Gateways for:

Help Desk
203.432.9000

ITS Office
Yale University
25 Science Park
P.O. Box 208276
New Haven, CT
06520-8276
USA

Yale logo.

Pantheon Policies

All questions about these policies should be directed to Student Technology Collaborative.

The use of Information Technology Services facilities is governed by the ITS Appropriate Use Policy, University policies and applicable laws. Your use of ITS facilities, including the Pantheon, computing clusters, and the Yale network, constitutes your agreement to abide by these policies.

ITS Appropriate Use Policy

Other ITS Policies

Pantheon Use Policy

This policy applies to Minerva, Mercury, Morpheus, and Mars collectively referred to as the Pantheon, as well as any future systems having the same role. In the context of this document, "Pantheon" should be interpreted as any or all of these computers.

The Pantheon is a multiuser system that thousands of people have access to. Thus, certain rules are necessary in order to make sure that it remains secure and usable by everyone. These policies are in addition to all other ITS, Yale, and governmental policies and laws (eg. the copyright law must be observed by all users). See the ITS General Policy Statements for more information.

Privacy Policy

Dozens of people can use the Pantheon at one time. This inevitably leads to some loss of privacy. For example, other users can easily find out your name, your email address, when you have used the a Pantheon machine, and what you are doing on a Pantheon machine right now. Information such as your real address and phone number may also be obtained over the network.

However, Unix (the operating system that the Pantheon uses) has mechanisms built in to make sure that only you can access your data files (including mail files). It is possible for you to override these settings, but before you do so, make sure that you fully understand what you are doing.

Security Policy

    The following is NOT allowed:
  • Using the system without authorization
  • Concealing your identity (eg. by sending forged email)
  • Sharing your password or account
  • Using an account that is not yours
  • Attempting to "crack" or guess other people's passwords
  • Obtaining passwords by other means (eg. password capture programs)
  • Attempting to thwart system security

Resource Hogging

Since so many people use the Pantheon, it is important that no one person hog the resources needed by everyone. For example, all users have a disk quota that limits how much they can store on the Pantheon.

    To ensure that system remains usable for everyone, the following are examples of things that are not allowed:
  • Mass mailings (ie. sending a large volume of unsolicited email)
  • Chain mail propagation
  • Storing large amounts of data in public temporary directories
  • Running long or computationally intensive jobs without permission
  • SLIP or similar emulators NOTE: Mathematical and scientific computation should only be done on designated machines
  • Writing or knowingly spreading viruses and worms
  • Running "daemon" like processes that never terminate
  • Running WWW or other Internet servers
  • Running IRC 'bots
  • Anything else that could significantly reduce system performance

Enforcement and Due Process

Normally, ITS staff are forbidden to "browse" user files. However, in the case of a suspected rules violation, or in cooperation with law enforcement officials, the Director of Academic Media & Technology may approve searching an account or even logging all of a user's key strokes during a Pantheon session. Whenever possible, at least two qualified ITS employees will be present during such searches. In emergency cases where system integrity is threatened and it is not possible to obtain the approval of the Director, certain other ITS staff members have the authority to lock or search accounts or log sessions.

A person accused of a rules violation will be notified of the charge, and have an opportunity to respond before a penalty is determined. The Director of Academic Media & Technology must approve the penalty. In some cases, the University may also take further disciplinary or legal action.

Backup and Restore Policy

    The current backup/restore policy for Pantheon filesystems provides for Tivoli, the backup/restore software to:
  • Run daily in the early morning hours, backing up all filesystems except filesystems designated as temporary storage or other filesystems, as designated by the System Manager. For example, /tmp and /scratch are not backed up.
  • Keep the current backup version of any existing file forever (until the file is deleted by the owner or the System Manager)
  • Keep up to 8 backup (1 current, 0-7 extra) versions of existing files (providing up to 7 days backoff, for files that change daily)
  • Keep up to 2 backup (1 current, 0-1 extra) versions for any deleted file (backup versions 3-8 expire and are automatically eliminated by next ADSM EXPire Inventory process after file is deleted by owner or System Manager)
  • Keep extra (not current) backup versions for 30 days (applies to all files, regardless of existing or deleted status)
  • Keep the last (only) backup version of a deleted file for 60 days (after file has been deleted by the owner/surrogate)

Note that each Pantheon user is ultimately responsible for his or her own data. AM&T offers this facility as a service and is not responsible for lost or corrupt data that may occur as a result of the use of this or other systems.

The backup system has been thoroughfully tested and it works reliably. There may be situations, however, in which failures occur. AM&T does not, therefore, guarantee that a deleted or lost file will be retrievable. Likewise, AM&T does not guarantee that erased files will be irretrievable after the standard expiry period.

Core Files Policy

In an attempt to reduce disk space usage, we may remove all files named core that are more than one day old in everyone's home (~) directories. This is a regular procedure done from time to time for which no specific announcements will be made. Developers needing core files for other purposes should take appropriate action.

Downtime Policy

Downtime for all Pantheon machines is kept at a minimum. If at all possible, at least one machine from the Pantheon will be fully functional and accessible.

Downtimes scheduled in advance will normally be announced 2 days in advance by a note in the MOTD (Message of the Day) of the affected machine(s) and by notifying ITS Operations. In emergency situations a shorter notice will be given if at all possible, with suitable time for users to save their work and log out.

Service will always be scheduled to be restored by 8:30 AM, and never go beyond 9:00 AM. Ample allowance for unpredicted events will be taken into account when scheduling downtime.

During unexpected downtimes AM&T staff will respond until 12 midnight during the academic year and up to 2:00 AM during reading period. Problems that arise after these times will be dealt with the following morning.

Hardware problems are resolved through external service providers. Their coverage and response time varies depending on the coverage on a particular machine.. For the critical machines they are on call 24 hrs a day 7 days a week with a 4 hour expected turnaround time.

Log Policy

Pantheon systems log user access according to the specifications below. Most logs survive for four weeks, although backup copies of logs may exist for a longer period of time.

Note the system event logging may be increased at any time in response to technical or security concerns, but that any such changes will occur in accordance with the Information Technology Appropriate Use Policy and all Pantheon Policies. Also note that the shared architecture of the Pantheon makes it possible for users to monitor the activities of others users; see the Privacy section of this page.

Event Data Recorded
successful connection via:
  • Kerberized telnet
  • secure shell (SSH)
  • Kerberized file transfer protocol (KFTP)
  • samba
  • netatalk
  • username
  • start time of session
  • end time of session
  • IP address
failed connection via:
  • Kerberized telnet
  • secure shell (SSH)
  • Kerberized file transfer protocol (KFTP)
  • samba
  • netatalk
  • time
  • IP address
Pantheon web page viewed
  • time
  • IP address
  • URL of accessed page
email message sent from Pantheon
  • time
  • message ID
  • size of message
  • "to" field of message
  • "from" field of message
incoming write request
  • originating username
  • originating machine name
  • time
incoming finger request
  • time
  • remote host
  • request size
  • response size

The following are also logged:

  • attempts to gain superuser access
  • total number of Pine sessions
  • licensed software use (MATLAB, Mathematica, Splus, STATA, and others)
  • a sampling of usernames and commands they run on biscu

The names of all files on the Pantheon are recorded each night when backups are performed. System administrators monitor these backup logs for troubleshooting purposes.

Quotas

Because the Pantheon is shared by several thousand users, there must be limits to how much you can store on them. To see how much room you have left, use the web-based Pantheon Account Tool. Or you can instead type quota -v at a Pantheon prompt.

Users on the Pantheon have a soft quota and a hard quota for the amount of disk space they can use. If a user normally has a soft quota of 500 megabytes then that user will have a hard quota of 510 megabytes. What this means is that the 500 megabyte quota can be exceeded by up to 50 megabytes (making a total of 550 megabytes used) for up to a week. After a week, the soft quota becomes a hard quota and the user cannot save data to the Pantheon until his or her disk usage drops below the 500 megabyte quota again.

If you fill your quota, you have to delete things from your account. If you want to save them, you can transfer them to a networked computer, or print them.

Quota Increases

In addition, in special cases where there is a clear academic need, more room can be granted. To apply for an increase, e-mail consult@pantheon.yale.edu with your request and your reason for needing more space. Quotas may be increased up to 600MB without much difficulty, and up to 800MB for academic purposes. If more space is still needed, you may consider alternatives such as research.yale.edu, or investing in local storage media such as CD-Rs/DVD-Rs, an external hard drive, or a new internal hard drive of larger capacity.

Scratch Space Policy

Users needing more then their normal allocated disk quota may use the /scratch partition for temporary storage of data. This space should not be used for file distribution in any way. If this storage is in excess of 500MB, it is not guaranteed to be retained for more than 24 hours. In addition, the /scratch partition will be purged on the first and fifteenth of each month. Please do not regard this partition as being a permanent extension of your home directory; AM&T reserves the right to redeploy the disk to another use in emergency situations (e.g., if one of the other Pantheon disks fails). Appropriate warning will be given when possible. The partition is not backed up.

If you need to make use of the space, please create a directory on /scratch where you will store your files to avoid a mess in the root directory of the partition. You should set the permissions on the directory to be non world-readable, as any folders found to be world-readable may be purged without notice.

Web Page Indexing Policy

For technical and privacy reasons Yale does not permit automated search engines to index Pantheon web pages. Users needing to propagate institutionally relevant official or semi-official information are encouraged to publish that information through www.yale.edu or departmentally supported web servers.

Jump to top.

Last modified: Thursday, 31-Jan-2008 11:58:43 EST. (jj)