Rebuild pages at 3bf10ce

_sources/python/further_reading.md.txt

@@ -1,12 +1,16 @@
 # More advanced topics in Python
 
 ## Nice standard libraries
-* argsparse, datetime, fnmatch, glob, os, re, sys, subprocess
+* argsparse, datetime, fnmatch, re, sys, subprocess, pathlib
 
 ## Nice libraries for data analysis
 * [NumPy](https://numpy.org/)
 * [pandas](https://pandas.pydata.org/docs/)
 * [matplotlib](https://matplotlib.org/)
+* [iminuit](https://iminuit.readthedocs.io/en/stable/) for fitting
+* [resample](https://resample.readthedocs.io/en/stable/) for uncertainty estimation with the bootstrap and jackknife
+* [jacobi](https://hdembinski.github.io/jacobi/) for error propagation based on first derivatives
+* [numba-stats](https://github.com/HDembinski/numba-stats) fast implementations of statistical distributions to build statistical models
 
 ## Python and ROOT
 * pyROOT: Python interface for ROOT

_sources/shell-extras/persistent-screen.md.txt

@@ -3,33 +3,57 @@
 ### Setting up password-less kerberos token
 
 In order for the kerberos token to be refreshed automatically, it must be possible to do so without a password.
-Therefore, we create a keytab (similar to a private ssh key) on lxplus using the keytab utility. After starting it by typing `ktutil`, type the following three lines into the prompt and confirm the first two steps with your password.
+Therefore, we create a keytab (similar to a private ssh key) on lxplus using the provided `cern-get-keytab` utility. Note it will prompt for your password, in order to generate the keytab.
+
+{% callout "The old way" %}
+
+The former recipe was to start `ktutil`, then type the following three lines into the prompt and confirm the first two steps with your password.
 ```bash
-add_entry -password -p [email protected] -k 1 -e arcfour-hmac-md5
-add_entry -password -p [email protected] -k 1 -e aes256-cts
-wkt USERNAME.keytab
+cern-get-keytab --user USERNAME --keytab USERNAME.keytab
 ```
 and close the `ktutil` prompt with `Ctrl+D`.
-This will create a file called USERNAME.keytab in the current directory. It is strongly recommended to store this file in a directory to which only you have access as anyone who obtains a copy of this file can use it to obtain tokens in your name.
+This would create a file called USERNAME.keytab in the current directory.
+Since [OTG0077802](https://cern.service-now.com/service-portal?id=outage&n=OTG0077802), this recipe no longer works, and you will have to create a new keytab using these updated instructions.
+
+{% endcallout %}
+
+CERN [provides](https://cern.service-now.com/service-portal?id=kb_article&n=KB0003405) a shortcut command on lxplus9 (it will not work properly on lxplus7, though you can still use the created keytab from lxplus7 or lxplus8), which will prompt you for your password:
+```bash
+cern-get-keytab --keytab ~/private/$USER.keytab --user --login $USER
+```
+This will create a file called `$USER.keytab` (where `$USER` is your username) in the directory `~/private/`. By default, on lxplus, only `$USER` has access to this directory; anyone who can access this file can use it to obtain tokens in your name, so be careful if you decide to move it to a different directory.
 
-**NOTE** that the domain name `CERN.CH` has to be all uppercase, while the `USERNAME` should match your case-sensitive CERN username. 
+To test if the keytab works:
+```bash
+kdestroy; kinit -kt ~/private/$USER.keytab $USER; klist
+```
+This should display information about a ticket cache.
 
 ### Making use of the keytab
 This keytab file can now be used to obtain kerberos tokens without having to type a password:
 ```bash
-kinit -k -t USERNAME.keytab USERNAME@CERN.CH
+kinit -k -t ~/private/$USER.keytab $USER@CERN.CH
 ```
-where `-k` tells `kinit` to use a keytab file and `-t USERNAME.keytab` where this keytab actually is.
+where `-k` tells `kinit` to use a keytab file and `-t ~/private/$USER.keytab` where this keytab actually is.
 ### Using k5reauth to automatically refresh your kerberos token
 To create a permanent session of `tmux` or `screen`, the `k5reauth` command is used, which by default creates a new shell and attaches it as a child to itself and keeps renewing the kerberos token for its children. `k5reauth` can start processes other than a new shell by specifying the program you want to start as an argument
 ```bash
 k5reauth -f -i 3600 -p .... -- <command>
 ```
 To start `screen` or `tmux` run:
 ```bash
-k5reauth -f -i 3600 -p USERNAME -k /path/to/USERNAME.keytab -- tmux new-session -s NAME
+k5reauth -f -i 3600 -p $USER -k ~/private/$USER.keytab -- tmux new-session -s NAME
+```
+which will create a `tmux` session whose kerberos token is refreshed automatically every 3600 seconds.
+
+This is not enough to actually get a persistent session. From inside the `tmux` session, run:
+```bash
+kinit [email protected]
 ```
-which will create a `tmux` session whose kerberos token is refreshed automatically every 3600 seconds. When attaching back to the process, a simple
+Make a note of which lxplus machine you are on. Then, detach the session (<kbd>^B D</kbd> by default) and log out. Finally, log back into the same machine, attach the session using `tmux a`, and run `kinit [email protected]` again.
+Now, you should have a persistent tmux session on the machine you logged in to.
+
+When attaching back to the process in the future, a simple
 ```bash
 tmux attach-session -t NAME
 ```
@@ -43,13 +67,14 @@ You will almost certainly want to use an alias or function to access this comman
 ```bash
 ktmux(){
     if [[ -z "$1" ]]; then #if no argument passed
-        k5reauth -f -i 3600 -p USERNAME -k /path/to/USERNAME.keytab -- tmux new-session
+        k5reauth -f -i 3600 -p $USER -k ~/private/$USER.keytab -- tmux new-session
     else #pass the argument as the tmux session name
-        k5reauth -f -i 3600 -p USERNAME -k /path/to/USERNAME.keytab -- tmux new-session -s $1
+        k5reauth -f -i 3600 -p $USER -k ~/private/$USER.keytab -- tmux new-session -s $1
     fi
 }
 ```
 You could then start a tmux session named “Test” using
 ```bash
 ktmux Test
 ```
+Note that you will still have to follow the rest of the recipe (`kinit`, detach, log out, log in, attach, `kinit`) manually to get a persistent session.

advanced-python/10Basics.html

@@ -738,7 +738,7 @@ <h2>Jupyter<a class="headerlink" href="#Jupyter" title="Link to this heading">
 </div>
 <div class="output_area docutils container">
 <div class="highlight"><pre>
---2023-11-09 20:15:31--  https://example.com/index.html
+--2023-11-09 22:04:41--  https://example.com/index.html
 Resolving example.com (example.com)... 93.184.216.34, 2606:2800:220:1:248:1893:25c8:1946
 Connecting to example.com (example.com)|93.184.216.34|:443... connected.
 HTTP request sent, awaiting response... 200 OK
@@ -747,7 +747,7 @@ <h2>Jupyter<a class="headerlink" href="#Jupyter" title="Link to this heading">
 
 index.html          100%[===================&gt;]   1.23K  --.-KB/s    in 0s
 
-2023-11-09 20:15:31 (70.0 MB/s) - ‘index.html’ saved [1256/1256]
+2023-11-09 22:04:42 (82.3 MB/s) - ‘index.html’ saved [1256/1256]
 
 </pre></div></div>
 </div>
@@ -765,8 +765,8 @@ <h2>Jupyter<a class="headerlink" href="#Jupyter" title="Link to this heading">
 </div>
 <div class="output_area docutils container">
 <div class="highlight"><pre>
-CPU times: user 737 µs, sys: 171 µs, total: 908 µs
-Wall time: 913 µs
+CPU times: user 517 µs, sys: 96 µs, total: 613 µs
+Wall time: 617 µs
 </pre></div></div>
 </div>
 <div class="nboutput nblast docutils container">
@@ -795,8 +795,8 @@ <h2>Jupyter<a class="headerlink" href="#Jupyter" title="Link to this heading">
 </div>
 <div class="output_area docutils container">
 <div class="highlight"><pre>
-CPU times: user 1.97 ms, sys: 0 ns, total: 1.97 ms
-Wall time: 1.98 ms
+CPU times: user 1.37 ms, sys: 0 ns, total: 1.37 ms
+Wall time: 1.37 ms
 </pre></div></div>
 </div>
 <p>If something takes longer than you expect, you can profile it to find out where it spends it’s time:</p>