| ID |
Date |
Author |
Author Email |
Category |
Subject |
Status |
Last Revision |
|
151
|
Mon Mar 2 14:31:12 2020 |
Laurent Jean-Rigaud | lollspam@free.fr | Other | Re: RPM build process enhancements | Stable | Wed Mar 4 18:40:40 2020 by Laurent Jean-Rigaud | Hi Stefan,
2nd patch for RPM build which adds :
- dynamic build options for krb5/ldap/pam/ssl support :
- for git / non rpm users :
- buildrpm version release [-krb5] [-ldap] [-pam] [-ssl]
- for rpm users using SRPMS (dependances are managed) :
- rpm -i elog-ver-rel.src.rpm && rpmbuld -bb [--use krb5] [--use ldap] [--use pam] [--use ssl] ~/rpmbuild/SPECS/elog.spec
- dynamic 2 last changelog entries :
- last with build information with
- dynamic user 's info (use your info if builded from PSI, or use %packager from ~/.rpmmacros if exists, or set to username username@ostname)
- build options list (KBR5, LDAP, PAM, SSL)
- before last for product changelog of current ELOG version-release
- customrel flag for local rebuild :
- release = %elogrel%{?customrel}%{?dist)
- so custom builder can add --define 'customrel NSA' at rpmbuild command or in .rpmmacros file -> elog-3.1.4-2.NSA.el7.x86_64.rpm by example.
- elog version and release are delivered in specfile as default for rebuild (tarball name uses it so it can not be changed for local rebuild from SRPMS).
- buildrpm uses ~/rpmbuild/SPECS/elog.spec generated from elog.spec.template (elog.spec is deleted in repo, replaced by elog.spec.template).
Tested on EL6 and EL7 x86_64 :-)
Bye
| Laurent Jean-Rigaud wrote: |
|
Hi Stefan,
I enclosed a patch for RPM build process available on GIT.
changes :
- rpmbuild :
- checks if provider or custom build (the rm/mv are done on your computers only :-))
- call rpmbuild with version / release given as parameters
- elog.spec :
- last changelog entry date is set to build date
- build with debug for debuginfo rpms (product rpms are normally automatically strimmed)
- elog.init call /etc/ini.d/functions for RHEL/Centos/Fedora/? dists
Todo:
- add RPMbuild options for ldap/pam/...
- enclosed git log in changelog automatically (the dream :-))
|
|
| Attachment 1: elog-git_dd35f04ec8effce1c12927078a9efb59822ceb3f-add_use_options.diff
|
diff --git a/Makefile b/Makefile
index d8eecba..87cb502 100644
--- a/Makefile
+++ b/Makefile
@@ -23,16 +23,32 @@ RCDIR = $(ROOT)/etc/rc.d/init.d
SRVDIR = $(ROOT)/usr/lib/systemd/system
# flag for SSL support
+ifdef USESSL
USE_SSL = 1
+else
+USE_SSL = 0
+endif
# flag for Kerberos support, please turn on if you need Kerberos
+ifdef USEKRB5
+USE_KRB5 = 1
+else
USE_KRB5 = 0
+endif
# flag for LDAP support, please turn on if you need LDAP
+ifdef USELDAP
+USE_LDAP = 1
+else
USE_LDAP = 0
+endif
# flag for PAM support, please turn on if you need PAM
+ifdef USEPAM
+USE_PAM = 1
+else
USE_PAM = 0
+endif
#############################################################
diff --git a/buildrpm b/buildrpm
index 1c0b9bc..8dde819 100755
--- a/buildrpm
+++ b/buildrpm
@@ -1,17 +1,38 @@
#!/bin/csh
-# Usage: build [-n] <version> <release>
+# Usage: build [-n] <version> <release> [-krb5] [-ldap] [-pam] [-ssl]
# Build ELOG distribution
if ($#argv < 2) then
- echo "Usage: build <version> <release>"
+ echo "Usage: build <version> <release> [-krb5] [-ldap] [-pam] [-ssl]"
exit
endif
set version = $argv[1]
set release = $argv[2]
+set i = 0
+set BUILDOPTS=""
+foreach argument ($argv)
+ set i=`expr $i + 1`
+ if ($i <= 2) continue
+ switch ($argument)
+ case "-ldap":
+ set BUILDOPTS="$BUILDOPTS --with ldap"
+ breaksw
+ case "-pam":
+ set BUILDOPTS="$BUILDOPTS --with pam"
+ breaksw
+ case "-ssl":
+ set BUILDOPTS="$BUILDOPTS --with ssl"
+ breaksw
+ case "-krb5":
+ set BUILDOPTS="$BUILDOPTS --with krb5"
+ breaksw
+ endsw
+end
+
set dist = `rpm --eval %{\?dist}`
set dir = /tmp/elog-$version
-set archive = elog-$version.tar.gz
+set archive = elog-$version-$release.tar.gz
# create temporary directory
rm -Rf $dir
@@ -65,7 +86,8 @@ rm -Rf $dir
# transfer archive
echo Transfer archive...
-mkdir -p ~/rpmbuild/SOURCES && cp /tmp/$archive ~/rpmbuild/SOURCES/elog-$version.tar.gz
+[ ! -d ~/rpmbuild/SOURCES ] && mkdir -p ~/rpmbuild/SOURCES
+cp /tmp/$archive ~/rpmbuild/SOURCES/elog-$version-$release.tar.gz
# if running on at PSI copy to download area
if (`hostname` == 'elog01.psi.ch') then
@@ -75,6 +97,8 @@ if (`hostname` == 'elog01.psi.ch') then
cp -v /tmp/$archive ~ritt/html/elog/download/tar/elog-latest.tar.gz
cp -vf doc/ChangeLog ~ritt/html/elog/download/ChangeLog
endif
+ # define Factory Packager
+ set BUILDOPTS="${BUILDOPTS} --define \"packager Stefan Ritt <stefan.ritt@psi.ch>\""
endif
rm -f /tmp/$archive
@@ -83,8 +107,13 @@ rm -f ~/rpmbuild/RPMS/*/elog*${version}-${release}*.rpm
rm -f ~/rpmbuild/SRPMS/elog*${version}-${release}*.rpm
# building RPMs
+cp elog.spec.template ~/rpmbuild/SPECS/elog.spec
+sed -i "s/__ELOGVER__/${version}/;s/__ELOGREL__/${release}/" ~/rpmbuild/SPECS/elog.spec
echo Build RPMs...
-rpmbuild -ba --define "version ${version}" --define "release ${release}" elog.spec || exit $?
+set factorydate = `env LC_TIME=C date '+%a %b %d %Y'`
+rpmbuild -ba ${BUILDOPTS} --define "factorydate ${factorydate}" \
+ --define "version ${version}" --define "elogrel ${release}" \
+ ~/rpmbuild/SPECS/elog.spec || exit $?
# if running on at PSI copy to download area
if (`hostname` == 'elog01.psi.ch') then
diff --git a/elog.spec b/elog.spec
deleted file mode 100755
index 8397eab..0000000
--- a/elog.spec
+++ /dev/null
@@ -1,107 +0,0 @@
-# ELOG weblog application
-# rpmbuild -ba --define 'version 3.1.4' --define 'release 2' --define "date $(LC_TIME=En date '+%a %b %d %Y')" elog.spec
-
-#define date $(LC_TIME=En date '+%a %b %d %Y')
-%define build_timestamp %(LC_TIME=En date '+%a %b %d %Y')
-
-Name: elog
-Summary: elog is a standalone electronic web logbook
-Version: %version
-Release: %release%{?dist}
-License: GPL
-Group: Applications/Networking
-Source: http://elog.psi.ch/elog/download/elog-%{version}.tar.gz
-Vendor: Stefan Ritt <stefan.ritt@psi.ch>
-URL: http://elog.psi.ch/elog
-BuildRoot: /tmp/%{name}-root
-Prefix: /usr/local
-BuildRequires: openssl-devel >= 0.9.8e
-
-%description
-ELOG is part of a family of applications known as weblogs.
-Their general purpose is :
-
-1. To make it easy for people to put information online in a chronological
- fashion, in the form of short, time-stamped text messages ("entries")
- with optional HTML markup for presentation, and optional file attachments
- (images, archives, etc.)
-
-2. To make it easy for other people to access this information through a
- Web interface, browse entries, search, download files, and optionally add,
- update, delete or comment on entries.
-
-ELOG is a remarkable implementation of a weblog in at least two respects :
-
-- Its simplicity of use: you don't need to be a seasoned server operator
-and/or an experimented database administrator to run ELOG ; one executable
-file (under Unix or Windows), a simple configuration text file, and it works.
-No Web server or relational database required. It is also easy to translate
-the interface to the appropriate language for your users.
-
-- Its versatility: through its single configuration file, ELOG can be made
-to display an infinity of variants of the weblog concept. There are options
-for what to display, how to display it, what commands are available and to whom,
-access control, etc. Moreover, a single server can host several weblogs, and
-each weblog can be totally different from the rest.
-
-%changelog
-* %{build_timestamp} Stefan Ritt <stefan.ritt@psi.ch> %version-%release
-- Updated from git
-* Wed Sep 26 2018 Stefan Ritt <stefan.ritt@psi.ch>
-- Made adjustments for new elog server and RH7
-* Fri Aug 29 2014 Stefan Ritt <stefan.ritt@psi.ch>
-- Added BuildRequires, thanks to Stefan Roiser from CERN
-* Fri Oct 21 2005 Stefan Ritt <stefan.ritt@psi.ch>
-- Added resources/ directory
-* Fri Mar 14 2003 Stefan Ritt <stefan.ritt@psi.ch>
-- Added %post to change ownership of elog files
-* Thu Jan 30 2003 Stefan Ritt <stefan.ritt@psi.ch>
-- Added installation of man pages, thanks to Serge Droz <serge.droz@psi.ch>
-* Tue Aug 13 2002 Stefan Ritt <stefan.ritt@psi.ch>
-- Added elog group and user, thanks to Nicolas Chuche [nchuche@teaser.fr]
-* Tue Jun 18 2002 Stefan Ritt <stefan.ritt@psi.ch>
-- Put elogd.init into TAR file, add logbooks directory, put elogd in sbin/
-* Tue Jun 18 2002 Serge Droz <serge.droz@psi.ch>
-- Update to 2.0.0
-* Mon Jun 3 2002 Serge Droz <serge.droz@psi.ch>
-- Update to 1.3.6
-* Fri May 31 2002 Serge Droz <serge.droz@psi.ch>
-- Initial RPM
-
-
-%prep
-%setup -q
-
-%pre
-%{_sbindir}/groupadd -r elog 2>/dev/null || :
-%{_sbindir}/useradd -d / -s /bin/false \
- -g elog -M -r elog 2>/dev/null || :
-
-%build
-make CFLAGS='-O3 -funroll-loops -fomit-frame-pointer -W -Wall -Wno-deprecated-declarations -Imxml -g'
-sed "s#\@PREFIX\@#%{prefix}#g" elogd.init_template > elogd.init
-
-%install
-make install ROOT=$RPM_BUILD_ROOT MANDIR=$RPM_BUILD_ROOT%{_mandir}
-
-%post
-chown -R elog:elog $RPM_BUILD_ROOT%{prefix}/elog
-
-%clean
-rm -rf $RPM_BUILD_ROOT
-
-%files
-%defattr(-,root,root)
-/etc/rc.d/init.d/elogd
-%{_mandir}/man1/*
-%{_mandir}/man8/*
-%doc README COPYING doc
-%defattr(-,elog,elog)
-%prefix/bin/*
-%prefix/sbin/elogd
-%prefix/elog/resources
-%prefix/elog/ssl
-%prefix/elog/themes
-%prefix/elog/scripts
-%prefix/elog/logbooks
-%config(noreplace) %prefix/elog/elogd.cfg
diff --git a/elog.spec.template b/elog.spec.template
--- a/elog.spec.template
+++ b/elog.spec.template
0a1,139
> # ELOG weblog application
> # rpmbuild -ba --define 'elogver 3.1.4' --define 'elogrel 2' --with ssl --with pam --with ldap --with krb5 --define 'factorydate date'
>
> # define date of build for changelog and default release
> %define build_timestamp %(LC_TIME=C date '+%a %b %d %Y')
> %{!?factorydate: %define factorydate %build_timestamp}
>
> # default version and release
> %{!?elogver: %define elogver __ELOGVER__ }
> %{!?elogrel: %define elogrel __ELOGREL__ }
> # default release is build date
> %{!?elogrel: %define elogrel %{build_timestamp} }
>
> # Build options :
> # Read: If neither macro exists, then add the default definition.
> %{?_with_krb5: %define _with_krb5 USEKRB5=1}
> %{?_with_ldap: %define _with_ldap USELDAP=1}
> %{?_with_pam: %define _with_pam USEPAM=1}
> %{?_with_ssl: %define _with_ssl USESSL=1}
> # Default build options are with SSL
> %{!?_with_ssl: %{!?_without_ssl: %define _with_ssl USESSL=1}}
> # builder info
> %define whoami %(eval who am i | awk '{print $1}')
> %define HOSTNAME %(hostname)
> %{!?packager: %define packager %{whoami} %{whoami}@%{HOSTNAME}}
>
> Name: elog
> Summary: elog is a standalone electronic web logbook
> Version: %elogver
> Release: %elogrel%{?customrel}%{?dist}
> License: GPL
> Group: Applications/Networking
> Source: http://elog.psi.ch/elog/download/elog-%{elogver}-%{elogrel}.tar.gz
> Vendor: Stefan Ritt <stefan.ritt@psi.ch>
> URL: http://elog.psi.ch/elog
> BuildRoot: /tmp/%{name}-root
> Prefix: /usr/local
> # Add build dependencies for pam, ssl and ldap features if enabled.
> # Note: Tag tokens must start at beginning-of-line.
> #
> # Read: If feature is enabled, then add the build dependency.
> %{?_with_krb5:BuildRequires: krb5-devel}
> %{?_with_krb5:Requires: krb5-libs}
> %{?_with_ldap:BuildRequires: openldap-devel >= 2.4.1}
> %{?_with_ldap:Requires: openldap >= 2.4.1}
> %{?_with_pam:BuildRequires: pam-devel >= 1.1.1}
> %{?_with_ssl:BuildRequires: openssl-devel >= 0.9.8e}
>
> %description
> ELOG is part of a family of applications known as weblogs.
> Their general purpose is :
>
> 1. To make it easy for people to put information online in a chronological
> fashion, in the form of short, time-stamped text messages ("entries")
> with optional HTML markup for presentation, and optional file attachments
> (images, archives, etc.)
>
> 2. To make it easy for other people to access this information through a
> Web interface, browse entries, search, download files, and optionally add,
> update, delete or comment on entries.
>
> ELOG is a remarkable implementation of a weblog in at least two respects :
>
> - Its simplicity of use: you don't need to be a seasoned server operator
> and/or an experimented database administrator to run ELOG ; one executable
> file (under Unix or Windows), a simple configuration text file, and it works.
... 74 more lines ...
|
|
36
|
Tue Aug 23 12:07:51 2011 |
Stefan Ritt | stefan.ritt@psi.ch | Script | Re: JavaScript list auto-refresh | Stable | Tue Jul 12 12:36:16 2005 by Emiliano Gabrielli |
| Emiliano Gabrielli wrote: | Here is a simple piece of JS code to accomplish a smart page reload.
We don't reload if in some kind of editing mode.
You can put the code everywhere you like in the elog html page, my suggestion is to put it in Bottom Text (or Top Text):
;auto-refresh
Bottom text = [I]<script language="JavaScript">if (null==window.location.href.match('/[0-9]+$|.*(cmd|select)=.*') ) { window.setTimeout("location.reload();", 2*60*1000); now=new Date(); document.write('<br/>Last reload at '+now.getFullYear()+'/'+(now.getMonth()+1)+'/'+now.getDate()+', '+( ((h=now.getHours())<10) ? '0'+h :h)+':'+( ((m=now.getMinutes())<10) ? '0'+m :m)+':'+( ((s=now.getSeconds())<10) ? '0'+s :s)) }</script>[/I]
the timer is a product of # of minutes, #of seconds and milliseconds... 2 minutes in the above example 
| Revision Tue Jul 12 12:36:16 2005 wrote: |
modified regular expression in order to not activate the auto-refresh in the signle entry view
|
|
Starting with SVN revision 2422, there is a new config option
refresh = <seconds>
which lets you do the same thing. |
|
155
|
Fri Dec 1 16:30:46 2023 |
Stefan Ritt | Unstefan.ritt@psi.ch | Other | Re: Fixing repeating first inline_image in email | Stable | Fri Dec 1 16:31:37 2023 by Stefan Ritt | Unfortunately you made your changes against a pretty old version of elogd.c, so I can't see which changes you made (the diffs gives 100's of changes now). If you can apply your fix against the current elogd.cxx from the bitbucket repository, I would be happy to include the fix in the distribution.
Stefan
| rami khrais wrote: |
|
Fixing repeating first image in email (email notification) when the user submit a new log with in_line images.
|
|
|
44
|
Tue Jul 8 15:43:21 2014 |
TimS | timpie_s@yahoo.com | Script | Re: Custom input forms implementation | Stable | Tue Mar 19 13:18:33 2013 by Stefan Ritt |
Stefan Ritt wrote: |
|
Dear ELOG users,
starting with SVN revision 2328, custom input forms are implemented. This allows application specific formats for check lists etc. In our specific case we had to implement a shift check list, which was quite long. Furthermore the check list should be optimized for an iPad, which we take in the field and record various checks and readings (in our case some gas pressure gauges at the PSI particle accelerator). Since the standard ELOG interface was too inflexible, a completely hand-written form was needed. The form can be activated by the new configuration options Custom New Form, Custom Edit Form and Custom Display Form, one for a new entry, an entry to edit and and entry to display. In our case we used the same form for all three cases. This is how the shift check list looks under the Safari Browser on a PC:
And here is how it looks on the iPad:
Each section can be collapsed and expanded (blue arrows at the left), and various internal checks are made before the check list can be submitted.
Implementing such forms is however more something for the advanced user, since you have to hand-write HTML with CSS and JavaScript code. It can then however be a powerful method for check lists. Please find in the attachments the elogd.cfg configuration for that logbook and the shiftcheck.html source code file. It is a bit complicated since the page is a static page, elogd just serves it from the file. This requires all the dynamic functions to be implemented inside the HTML file with JavaScript. To display an entry for example, the JavaScript loads the raw data with the "?cmd=Download" command and the populates the form fields. The collapsing and expanding is done by using CSS properties. The integrated style sheet was optimized for the rendering on an iPad. Rather large fonts were chosen so that the items can be checked easily with your finger tips. Various parameters are sent between the browser and the elogd program via hidden fields and cookies. So only something for experts! But if you go through the effort and hand-write the form, it can be very handy. Note that you have to upgrade to SVN revision 2328 for the three new options.
|
That's awesome!! Didn't know ELOG was still being developed!! I was looking for this ...been trying this version now with
supplied example but there's files missing which are being referenced from the html file.
Anyway it would be nice to know a little more on how to use this and how it incorporates into ELOG.
Is some more work being done on this version ?
Thankx heaps for this great enhancement although now it's still needs a lot of figuring out on how to do this.
|
|
149
|
Sat Jun 15 06:13:07 2019 |
John | secondcomingtechnologies@fastmail.com | Script | Re: Custom input forms implementation | Stable | Sat Jun 15 06:19:24 2019 by John | I have been trying to get my head around this application module. I assume that after the input is done on this example (ShiftCheck), if goes into the usual file system directorys for storage? Or is it (or can it) goto another db like sql, flat, etc.? I also assume that the 'normal' Elog screens we see for input (and output), would be a completely seperate module that you have for (ShiftCheck).. but we do not see them here (as one of the attachments)? I am asking these questions because I am trying to recreate this (type) of input/output system for users, so I would like to know how the 'whole picture' is done with your example here. Thanx again.
| Stefan Ritt wrote: |
|
Dear ELOG users,
starting with SVN revision 2328, custom input forms are implemented. This allows application specific formats for check lists etc. In our specific case we had to implement a shift check list, which was quite long. Furthermore the check list should be optimized for an iPad, which we take in the field and record various checks and readings (in our case some gas pressure gauges at the PSI particle accelerator). Since the standard ELOG interface was too inflexible, a completely hand-written form was needed. The form can be activated by the new configuration options Custom New Form, Custom Edit Form and Custom Display Form, one for a new entry, an entry to edit and and entry to display. In our case we used the same form for all three cases. This is how the shift check list looks under the Safari Browser on a PC:
And here is how it looks on the iPad:
Each section can be collapsed and expanded (blue arrows at the left), and various internal checks are made before the check list can be submitted.
Implementing such forms is however more something for the advanced user, since you have to hand-write HTML with CSS and JavaScript code. It can then however be a powerful method for check lists. Please find in the attachments the elogd.cfg configuration for that logbook and the shiftcheck.html source code file. It is a bit complicated since the page is a static page, elogd just serves it from the file. This requires all the dynamic functions to be implemented inside the HTML file with JavaScript. To display an entry for example, the JavaScript loads the raw data with the "?cmd=Download" command and the populates the form fields. The collapsing and expanding is done by using CSS properties. The integrated style sheet was optimized for the rendering on an iPad. Rather large fonts were chosen so that the items can be checked easily with your finger tips. Various parameters are sent between the browser and the elogd program via hidden fields and cookies. So only something for experts! But if you go through the effort and hand-write the form, it can be very handy. Note that you have to upgrade to SVN revision 2328 for the three new options.
|
|
|
23
|
Fri Jul 13 12:36:45 2007 |
Stefan Ritt | stefan.ritt@psi.ch | Other | Re: Compiling elogd.c on HP-UX 64 bit | Beta | Thu Jul 12 09:38:47 2007 by Peter Rienstra | I applied most of your patches to the elog source code, SVN revision 1885. The only missing piece has to do with seteuid/setuid. I definitively need seteuid for linux, because elogd might be started under root, then it falls back to an optional elog user. But when it stops, it has to restore the original root user in order to delete the PID file (/var/run/elogd.pid) which was created under root. If seteuid does not exist under HP-UX, you should add something like
#ifdef HP-UX
setuid(...)
#else
seteuid(...)
#endif
Probably the HP-UX has to be something else, but I cannot test this since I don't have such an OS here. Once you get this working I can put it into the standard distribution. |
|
24
|
Mon Jul 16 15:27:08 2007 |
Peter Rienstra | peter.rienstra@gmail.com | Other | Re: Compiling elogd.c on HP-UX 64 bit | Beta | Thu Jul 12 09:38:47 2007 by Peter Rienstra | Stefan,
First I want to say I really like your program. We work in a small group of 5 database administrators, and this is exactly what we need to inform each other. Elog is simple but very functional, so thanks!
My problem is that I don't have root access to the HP-UX machines. We don't run elogd as root, so I wasn't really interested in the seteuid functionality, I just wanted to compile and run the program.
HP-UX doesn't have the "seteuid" and "setegid" functions. But there are "setuid+setgid", "setreuid+setregid" and "setresuid+setresgid" functions available. I'm not sure which one is the best to use. I uploaded the manpages as attachment. I hope this will help you.
If you want I can do a compile and run test on HP-UX with your altered source code. But I can't do a test with "root".
| Stefan Ritt wrote: | I applied most of your patches to the elog source code, SVN revision 1885. The only missing piece has to do with seteuid/setuid. I definitively need seteuid for linux, because elogd might be started under root, then it falls back to an optional elog user. But when it stops, it has to restore the original root user in order to delete the PID file (/var/run/elogd.pid) which was created under root. If seteuid does not exist under HP-UX, you should add something like
#ifdef HP-UX
setuid(...)
#else
seteuid(...)
#endif
Probably the HP-UX has to be something else, but I cannot test this since I don't have such an OS here. Once you get this working I can put it into the standard distribution. |
|
| Attachment 1: man_setuid.txt
|
setuid(2) setuid(2)
NAME
setuid(), setgid() - set user and group IDs
SYNOPSIS
#include <unistd.h>
int setuid(uid_t uid);
int setgid(gid_t gid);
DESCRIPTION
setuid() sets the real-user-ID (ruid), effective-user-ID (euid),
and/or saved-user-ID (suid) of the calling process. If the Security
Containment product is installed, these interfaces treat a process
observing CHSUBJIDENT as a privileged process. Otherwise, only
processes with an euid of zero are treated as privileged processes.
See privileges(5) for more information on Security Containment and
fine-grained privileges.
The following conditions govern setuid's behavior:
+ If the process is privileged, setuid() sets the ruid, euid,
and suid to uid.
+ If the process is not privileged and the argument uid is equal
to the ruid or the suid, setuid() sets the euid to uid; the
ruid and suid remain unchanged. (If a set-user-ID program is
not running as superuser, it can change its euid to match its
ruid and reset itself to the previous euid value.)
+ If the process is not privileged, the argument uid is equal to
the euid, and the calling process has the PRIV_SETRUGID
privilege, setuid() sets the ruid to uid; the euid and suid
remain unchanged.
setgid() sets the real-group-ID (rgid), effective-group-ID (egid),
and/or saved-group-ID (sgid) of the calling process. The following
conditions govern setgid()'s behavior:
+ If the process is privileged, setgid() sets the rgid and egid
to gid.
+ If the process is not privileged and the argument gid is equal
to the rgid or the sgid, setgid() sets the egid to gid; the
rgid and sgid remain unchanged.
+ If the process is not privileged, the argument gid is equal to
the egid, and the calling process has the PRIV_SETRUGID
privilege, setgid() sets the rgid to gid; the egid and sgid
remain unchanged.
Hewlett-Packard Company - 1 - HP-UX 11i Version 2: May 2006
setuid(2) setuid(2)
Security Restrictions
Some or all of the actions associated with this system call require
the CHSUBJIDENT privilege. Processes owned by the superuser have this
privilege. Processes owned by other users may have this privilege,
depending on system configuration.
See privileges(5) for more information about privileged access on
systems that support fine-grained privileges.
RETURN VALUE
Upon successful completion, setuid() and setgid() return 0; otherwise,
they return -1 and set errno to indicate the error.
ERRORS
setuid() and setgid() fail and return -1 if any of the following
conditions are encountered:
[EPERM] None of the conditions above are met.
[EINVAL] uid (gid) is not a valid user (group) ID.
WARNINGS
It is recommended that the PRIV_SETRUGID capability be avoided, as it
is provided for backward compatibility. This feature may be modified
or dropped from future HP-UX releases. When changing the real user ID
and real group ID, use of setresuid() and setresgid() (see
setresuid(2)) is recommended instead.
AUTHOR
setuid() was developed by AT&T, the University of California,
Berkeley, and HP.
setgid() was developed by AT&T.
SEE ALSO
exec(2), getuid(2), setresuid(2), privileges(5).
STANDARDS CONFORMANCE
setuid(): AES, SVID2, SVID3, XPG2, XPG3, XPG4, FIPS 151-2, POSIX.1
setgid(): AES, SVID2, SVID3, XPG2, XPG3, XPG4, FIPS 151-2, POSIX.1
Hewlett-Packard Company - 2 - HP-UX 11i Version 2: May 2006
|
| Attachment 2: man_setreuid.txt
|
setreuid(2) setreuid(2)
NAME
setreuid - set real and effective user IDs
SYNOPSIS
#include <unistd.h>
int setreuid(uid_t ruid, uid_t euid);
DESCRIPTION
The setreuid() function sets the real and effective user IDs of the
current process to the values specified by the ruid and euid
arguments. If ruid or euid is -1, the corresponding effective or real
user ID of the current process is left unchanged.
A process with appropriate privileges can set either ID to any value.
An unprivileged process can only set the effective user ID if the euid
argument is equal to either the real, effective, or saved user ID of
the process.
It is unspecified whether a process without appropriate privileges is
permitted to change the real user ID to match the current real,
effective or saved user ID of the process.
RETURN VALUE
Upon successful completion, 0 is returned. Otherwise, -1 is returned
and errno is set to indicate the error.
ERRORS
The setreuid() function will fail if:
[EINVAL] The value of the ruid or euid argument
is invalid or out-of-range.
[EPERM] The current process does not have
appropriate privileges, and either an
attempt was made to change the effective
user ID to a value other than the real
user ID or the saved set-user-ID or an
attempt was made to change the real user
ID to a value not permitted by the
implementation.
SEE ALSO
getuid(2), setuid(2), <unistd.h>.
CHANGE HISTORY
First released in Issue 4, Version 2.
Hewlett-Packard Company - 1 - HP-UX 11i Version 2: August 2003
|
| Attachment 3: man_setresuid.txt
|
setresuid(2) setresuid(2)
NAME
setresuid, setresgid - set real, effective, and saved user and group
IDs
SYNOPSIS
#include <unistd.h>
int setresuid(uid_t ruid, uid_t euid, uid_t suid);
int setresgid(gid_t rgid, gid_t egid, gid_t sgid);
DESCRIPTION
setresuid() sets the real, effective and/or saved user ID of the
calling process.
If the current real, effective or saved user ID is equal to that of a
user having appropriate privileges, setresuid() sets the real,
effective and saved user IDs to ruid, euid, and suid, respectively.
Otherwise, setresuid() only sets the real, effective, and saved user
IDs if ruid, euid, and suid each match at least one of the current
real, effective, or saved user IDs.
If ruid, euid, or suid is -1, setresuid() leaves the current real,
effective or saved user ID unchanged.
setresgid() sets the real, effective and/or saved group ID of the
calling process.
If the current real, effective or saved user ID is equal to that of a
user having appropriate privileges, setresgid() sets the real,
effective, and saved group ID to rgid, egid, and sgid, respectively.
Otherwise, setresgid() only sets the real, effective and saved group
ID if rgid, egid, and sgid each match at least one of the current
real, effective or saved group ID.
If rgid, egid, or sgid is -1, setresgid() leaves the current real,
effective or saved group ID unchanged.
Security Restrictions
Some or all of the actions associated with this system call require
the PRIV_CHSUBJIDENT privilege (CHSUBJIDENT). Processes owned by the
superuser will have this privilege. Processes owned by other users
may have this privilege, depending on system configuration. See
privileges(5) for more information about privileged access on systems
that support fine-grained privileges.
RETURN VALUE
Upon successful completion, setresuid() and setresgid() return 0;
otherwise, they return -1 and set errno to indicate the error.
Hewlett-Packard Company - 1 - HP-UX 11i Version 2: May 2005
setresuid(2) setresuid(2)
ERRORS
setresuid() and setresgid() fail if any of the following conditions
are encountered:
[EINVAL] ruid, euid, or suid (rgid, egid, or sgid) is not a
valid user (group) ID.
[EPERM] None of the conditions above are met.
AUTHOR
setresuid() and setresgid() were developed by HP.
SEE ALSO
exec(2), getuid(2), setuid(2).
Hewlett-Packard Company - 2 - HP-UX 11i Version 2: May 2005
|
|
25
|
Mon Jul 16 15:57:47 2007 |
Stefan Ritt | stefan.ritt@psi.ch | Other | Re: Compiling elogd.c on HP-UX 64 bit | Beta | Thu Jul 12 09:38:47 2007 by Peter Rienstra |
| Peter Rienstra wrote: | | HP-UX doesn't have the "seteuid" and "setegid" functions. But there are "setuid+setgid", "setreuid+setregid" and "setresuid+setresgid" functions available. |
I had a look and found that setreuid/setregid is also available under Linux, so I use those functions instead, which should also work on HP-UX. Can you check revision 1888 (http://savannah.psi.ch/viewcvs/trunk/src/elogd.c?root=elog&rev=1888), compile it and see if you can run it at least under your non-root account. |
|
26
|
Mon Jul 16 16:43:07 2007 |
Peter Rienstra | peter.rienstra@gmail.com | Other | Re: Compiling elogd.c on HP-UX 64 bit | Beta | Thu Jul 12 09:38:47 2007 by Peter Rienstra |
I downloaded revision 1888. There were no problems compiling it. It's running on the HP-UX system now and everything seems to work fine. |
|
53
|
Sat Sep 16 15:47:16 2017 |
David Pilgram | David.Pilgram@epost.org.uk | Script | Re: Check logbook files for wrong references | Stable | Sat Sep 16 15:52:58 2017 by David Pilgram | I had to modify the script because I'm still on elog 2.9.2, where there are not subdirectories (by year) for
each logbook. Line 5 had to be changed to
$logf=q/[0-9][0-9][01][0-9][0-3][0-9]a.log/;
to do this.
Once done, I found the deliberate orphan script that I had put in to test, and rather too many other orphans than I had expected. One or two I cannot explain. If I had clicked on any of those entries elog would have gone into infinate loop.
A very useful utility. Thanks Andreas!
| Andreas Luedeke wrote: |
|
You can run this little script to check if all entries referenced "In reply to:" do actually exist.
To use it, you first need to "cd" to your logbook directory ("cd /usr/local/elog/logbooks") and then run it without arguments "logcheck".
If it finds references pointing to a missing entry, it'll print the path to the file with the offending reference and some lines. For example:
### error: reference to entry 146, that exists 0 times. Reference is:
### Proscan/2012/120507a.log-<p>[...].</p>
### Proscan/2012/120507a.log-$ @ MID @ $: 147
### Proscan/2012/120507a.log-Date: Mon, 07 May 2012 13:44:03 +0200
### Proscan/2012/120507a.log:In reply to: 146
### Proscan/2012/120507a.log-Wann: 1336373261
### Proscan/2012/120507a.log-Autor: [...]
### Proscan/2012/120507a.log-Eintrag: Problem
[...]- Very often this happens if an entry is deleted AFTER someone already replied to it. Normally that is no problem, but in some cases you might get infinite loops and that causes ELOG to hang. The script is not checking for loops, but wrong references might give you a hint where to look.
The script will print duplicate entries as well, if the referenced entry exist more than once.
Cheers, Andreas
PS: never include the string "$ @ MID @ $:" without spaces in an ELOG entry: apparently ELOG cuts off all text from that token on.
|
|
|