1. Prepare a certificate
------------------------
either: request a certificate for your elog URL from your web administrator
- the private key must not be password-protected
- the 'common name' must be the URL of your elog server

or: create a self-signed certificate yourself with the OpenSSL package
- as root user, create a self-signed certificate with the command

root@localhost:# openssl req -new -x509 -config /etc/ssl/openssl.cnf -keyout stunnel.pem -out stunnel.pem -days 365 -nodes

- this creates a self-signed certificate (-x509) whith one year validity (-days 365)
  and no password protection for the private key (-nodes)
- private key and certificate are written to the same file, "stunnel.pem"

Answer all questions, making sure that the 'common name' is the URL under which users
are to reach your elog server.

For more information on how to create and/or manage SSL certificates, see e.g.
http://www.ibiblio.org/pub/Linux/docs/HOWTO/SSL-Certificates-HOWTO

Notice: Unless your web administrator can procure a certificate signed by an established
        CA, your elog users will be asked if they want to accept your (unverifiable) certificate
        when connecting to your elog server. This is no problem at all but can lead to
        questions if your users are unsure about this.


2. Adapt the certificate file to stunnel4 conventions
-----------------------------------------------------
The certificate filename must be the MD5 checksum:
- Retrieve the MD5 checksum of your certificate with

root@localhost:# openssl x509 -hash -noout -in stunnel.pem 

abcdefgh

- Rename the certificate file accordingly

root@localhost:# mv stunnel.pem abcdefgh.0

- Move the certificate file to the standard location, e.g. /etc/ssl/certs
- change the permissions of the file to -rw-------
- make sure there is a blank line between
  -----END RSA PRIVATE KEY----- and -----BEGIN CERTIFICATE-----
  and a blank line after
  -----END CERTIFICATE-----
  in your certificate file.


3. Configure stunnel4
---------------------
Install the stunnel4 package (if not already done).
Modify the configuration file (e.g. /etc/stunnel/stunnel.conf, depending on your
distribution):

- general options:
  cert = /etc/ssl/certs/abcdefgh.0    ; put the name of your certificate file here
  debug = 4                           ; otherwise ALL connection attempts will be logged to your syslog
  pid = /var/run/stunnel4/stunnel.pid ; check where the other services write their pid-files, depends 
                                      ; somewhat on the distribution

- comment out all lines containing chroot options
- comment out all CA lines
- comment out all service sections except the HTTPS section, which should look as follows

[https]
accept  = 443       ; i.e. stunnel listens on port 443, the standard https port
connect = 8080      ; and forwards all connections to port 8080 (use the port under which
                    ; your elogd is running here!)
TIMEOUTclose = 0    ; for buggy MS Internet Explorers, see the stunnel4 manpage


Some Linux distributions require that in the file /etc/defaults/stunnel4 the option ENABLED be set
to ENABLED=1. If not, the stunnel will not be started at system bootup.


4. Start the stunnel4 server
----------------------------
root@localhost# stunnel4 /etc/stunnel/stunnel.conf

Your elog should now be accessible via

https://your.elog.server

cert = /etc/ssl/certs/abcdefgh.0
pid = /var/run/stunnel4/stunnel.pid

; Some performance tunings
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1

; Some debugging stuff useful for troubleshooting
debug = 4

; Service-level configuration
[https]
accept  = 443
connect = 8080
TIMEOUTclose = 0

 setuid(2)							   setuid(2)




 NAME
      setuid(), setgid() - set user and group IDs

 SYNOPSIS
      #include <unistd.h>

      int setuid(uid_t uid);

      int setgid(gid_t gid);

 DESCRIPTION
      setuid() sets the real-user-ID (ruid), effective-user-ID (euid),
      and/or saved-user-ID (suid) of the calling process.  If the Security
      Containment product is installed, these interfaces treat a process
      observing CHSUBJIDENT as a privileged process.  Otherwise, only
      processes with an euid of zero are treated as privileged processes.
      See privileges(5) for more information on Security Containment and
      fine-grained privileges.

      The following conditions govern setuid's behavior:

	   +  If the process is privileged, setuid() sets the ruid, euid,
	      and suid to uid.

	   +  If the process is not privileged and the argument uid is equal
	      to the ruid or the suid, setuid() sets the euid to uid; the
	      ruid and suid remain unchanged.  (If a set-user-ID program is
	      not running as superuser, it can change its euid to match its
	      ruid and reset itself to the previous euid value.)

	   +  If the process is not privileged, the argument uid is equal to
	      the euid, and the calling process has the PRIV_SETRUGID
	      privilege, setuid() sets the ruid to uid; the euid and suid
	      remain unchanged.

      setgid() sets the real-group-ID (rgid), effective-group-ID (egid),
      and/or saved-group-ID (sgid) of the calling process.  The following
      conditions govern setgid()'s behavior:

	   +  If the process is privileged, setgid() sets the rgid and egid
	      to gid.

	   +  If the process is not privileged and the argument gid is equal
	      to the rgid or the sgid, setgid() sets the egid to gid; the
	      rgid and sgid remain unchanged.

	   +  If the process is not privileged, the argument gid is equal to
	      the egid, and the calling process has the PRIV_SETRUGID
	      privilege, setgid() sets the rgid to gid; the egid and sgid
	      remain unchanged.




 Hewlett-Packard Company	    - 1 -      HP-UX 11i Version 2: May 2006






 setuid(2)							   setuid(2)




    Security Restrictions
      Some or all of the actions associated with this system call require
      the CHSUBJIDENT privilege.  Processes owned by the superuser have this
      privilege.  Processes owned by other users may have this privilege,
      depending on system configuration.

      See privileges(5) for more information about privileged access on
      systems that support fine-grained privileges.

 RETURN VALUE
      Upon successful completion, setuid() and setgid() return 0; otherwise,
      they return -1 and set errno to indicate the error.

 ERRORS
      setuid() and setgid() fail and return -1 if any of the following
      conditions are encountered:

	   [EPERM]	  None of the conditions above are met.

	   [EINVAL]	  uid (gid) is not a valid user (group) ID.

 WARNINGS
      It is recommended that the PRIV_SETRUGID capability be avoided, as it
      is provided for backward compatibility.  This feature may be modified
      or dropped from future HP-UX releases.  When changing the real user ID
      and real group ID, use of setresuid() and setresgid() (see
      setresuid(2)) is recommended instead.

 AUTHOR
      setuid() was developed by AT&T, the University of California,
      Berkeley, and HP.

      setgid() was developed by AT&T.

 SEE ALSO
      exec(2), getuid(2), setresuid(2), privileges(5).

 STANDARDS CONFORMANCE
      setuid(): AES, SVID2, SVID3, XPG2, XPG3, XPG4, FIPS 151-2, POSIX.1

      setgid(): AES, SVID2, SVID3, XPG2, XPG3, XPG4, FIPS 151-2, POSIX.1













 Hewlett-Packard Company	    - 2 -      HP-UX 11i Version 2: May 2006

 setreuid(2)							 setreuid(2)




 NAME
      setreuid - set real and effective user IDs

 SYNOPSIS
      #include <unistd.h>

      int setreuid(uid_t ruid, uid_t euid);

 DESCRIPTION
      The setreuid() function sets the real and effective user IDs of the
      current process to the values specified by the ruid and euid
      arguments. If ruid or euid is -1, the corresponding effective or real
      user ID of the current process is left unchanged.

      A process with appropriate privileges can set either ID to any value.
      An unprivileged process can only set the effective user ID if the euid
      argument is equal to either the real, effective, or saved user ID of
      the process.

      It is unspecified whether a process without appropriate privileges is
      permitted to change the real user ID to match the current real,
      effective or saved user ID of the process.

 RETURN VALUE
      Upon successful completion, 0 is returned. Otherwise, -1 is returned
      and errno is set to indicate the error.

 ERRORS
      The setreuid() function will fail if:

	   [EINVAL]		    The value of the ruid or euid argument
				    is invalid or out-of-range.

	   [EPERM]		    The current process does not have
				    appropriate privileges, and either an
				    attempt was made to change the effective
				    user ID to a value other than the real
				    user ID or the saved set-user-ID or an
				    attempt was made to change the real user
				    ID to a value not permitted by the
				    implementation.

 SEE ALSO
      getuid(2), setuid(2), <unistd.h>.

 CHANGE HISTORY
      First released in Issue 4, Version 2.







 Hewlett-Packard Company	    - 1 -   HP-UX 11i Version 2: August 2003

 setresuid(2)							setresuid(2)




 NAME
      setresuid, setresgid - set real, effective, and saved user and group
      IDs

 SYNOPSIS
      #include <unistd.h>

      int setresuid(uid_t ruid, uid_t euid, uid_t suid);

      int setresgid(gid_t rgid, gid_t egid, gid_t sgid);

 DESCRIPTION
      setresuid() sets the real, effective and/or saved user ID of the
      calling process.

      If the current real, effective or saved user ID is equal to that of a
      user having appropriate privileges, setresuid() sets the real,
      effective and saved user IDs to ruid, euid, and suid, respectively.
      Otherwise, setresuid() only sets the real, effective, and saved user
      IDs if ruid, euid, and suid each match at least one of the current
      real, effective, or saved user IDs.

      If ruid, euid, or suid is -1, setresuid() leaves the current real,
      effective or saved user ID unchanged.

      setresgid() sets the real, effective and/or saved group ID of the
      calling process.

      If the current real, effective or saved user ID is equal to that of a
      user having appropriate privileges, setresgid() sets the real,
      effective, and saved group ID to rgid, egid, and sgid, respectively.
      Otherwise, setresgid() only sets the real, effective and saved group
      ID if rgid, egid, and sgid each match at least one of the current
      real, effective or saved group ID.

      If rgid, egid, or sgid is -1, setresgid() leaves the current real,
      effective or saved group ID unchanged.

    Security Restrictions
      Some or all of the actions associated with this system call require
      the PRIV_CHSUBJIDENT privilege (CHSUBJIDENT).  Processes owned by the
      superuser will have this privilege.  Processes owned by other users
      may have this privilege, depending on system configuration.  See
      privileges(5) for more information about privileged access on systems
      that support fine-grained privileges.

 RETURN VALUE
      Upon successful completion, setresuid() and setresgid() return 0;
      otherwise, they return -1 and set errno to indicate the error.





 Hewlett-Packard Company	    - 1 -      HP-UX 11i Version 2: May 2005






 setresuid(2)							setresuid(2)




 ERRORS
      setresuid() and setresgid() fail if any of the following conditions
      are encountered:

	   [EINVAL]	  ruid, euid, or suid (rgid, egid, or sgid) is not a
			  valid user (group) ID.

	   [EPERM]	  None of the conditions above are met.

 AUTHOR
      setresuid() and setresgid() were developed by HP.

 SEE ALSO
      exec(2), getuid(2), setuid(2).








































 Hewlett-Packard Company	    - 2 -      HP-UX 11i Version 2: May 2005

Index: elogd.c
===================================================================
--- elogd.c	(revision 2414)
+++ elogd.c	(working copy)
@@ -74,6 +74,8 @@
 char attr_list[MAX_N_ATTR][NAME_LENGTH];
 char attr_options[MAX_N_ATTR][MAX_N_LIST][NAME_LENGTH];
 int attr_flags[MAX_N_ATTR];
+/** Validation pattern for attribute, to test if it contains expected value */
+char attr_valid_pattern[MAX_N_ATTR][NAME_LENGTH];
 
 char attr_list_default[][NAME_LENGTH] = { "Author", "Type", "Category", "Subject", "" };
 
@@ -7033,7 +7035,7 @@
 
 int scan_attributes(char *logbook)
 /* scan configuration file for attributes and fill attr_list, attr_options
- and attr_flags arrays */
+ and attr_flags and attr_valid_pattern arrays */
 {
    char list[10000], str[NAME_LENGTH], str2[NAME_LENGTH], type[NAME_LENGTH],
        tmp_list[MAX_N_ATTR][NAME_LENGTH];
@@ -7062,11 +7064,20 @@
          }
       }
 
-      /* get options lists for attributes */
+      /* get options lists and validation patterns for attributes */
       memset(attr_options, 0, sizeof(attr_options));
+      memset(attr_valid_pattern, 0, sizeof(attr_valid_pattern));
       for (i = 0; i < n; i++) {
          n_options = 0;
 
+         sprintf(str, "ValidPattern %s", attr_list[i]);
+         if (getcfg(logbook, str, list, sizeof(list)))
+         {
+            strncpy(attr_valid_pattern[i], list, sizeof(attr_valid_pattern[i])-1);
+            attr_valid_pattern[i][sizeof(attr_valid_pattern[i])-1] = 0;
+            attr_flags[i] |= AF_HAS_VALID_PATT;
+         }
+
          sprintf(str, "Options %s", attr_list[i]);
          if (getcfg(logbook, str, list, sizeof(list)))
             n_options = strbreak(list, attr_options[i], MAX_N_LIST, ",", FALSE);
@@ -9650,6 +9661,17 @@
             rsprintf("    document.form1.%s.focus();\n", ua);
             rsprintf("    return false;\n");
             rsprintf("  }\n");
+            if (attr_flags[i] & AF_HAS_VALID_PATT) 
+            {
+              sprintf(str, loc("var validPatt=new RegExp(\"%s\");"), attr_valid_pattern[i]);
+              rsprintf("  %s\n", str);
+              rsprintf("  if (!validPatt.test(document.form1.%s.value)) {\n", ua);
+              sprintf(str, loc("Invalid value for attribute '%s'"), attr_list[i]);
+              rsprintf("    alert(\"%s\");\n", str);
+              rsprintf("    document.form1.%s.focus();\n", ua);
+              rsprintf("    return false;\n");
+              rsprintf("  }\n");
+            }
          }
       }
 
Index: elogd.h
===================================================================
--- elogd.h	(revision 2414)
+++ elogd.h	(working copy)
@@ -192,6 +192,7 @@
 #define AF_MUSERLIST         (1<<13)
 #define AF_USEREMAIL         (1<<14)
 #define AF_MUSEREMAIL        (1<<15)
+#define AF_HAS_VALID_PATT    (1<<16)
 
 /* attribute format flags */
 #define AFF_SAME_LINE              1

#!/bin/sh
# source file directory
srcd=/usr/local/elog/

# backup all files newer than 25 hours
date=$(date -d "-25hours" "+%Y%m%d %H:%M")
# backup file directory
tard=/logbooks_backup
# backup tar file name
tarf=$tard/$(date +%Y%m%d_%a.tar)
# do not backup files that match patterns in this file
excf=/usr/local/elog/exclude-logbooks
# create backup
cd $srcd
tar --ignore-case -X $excf --newer "$date" -cf $tarf . logbooks/*

# copy passwd.txt
if [ "$(date +%u)" -eq 1 ]
then
	passwd=$tard/passwd_$(date +%Y%m%d_%a.txt)
	cp $srcd/passwd.txt $passwd
	gzip -9 $passwd
fi
# delete all backups older than 90 days
find $tard -mtime +90 -name "*_???.tar"           -exec rm -f {} +
find $tard -mtime +90 -name "passwd_*_???.txt.gz" -exec rm -f {} +

*.png.png
*.gif.png
*.jpg.png
*.pdf.png
oldLogbooks/*
logbooks/elog.log
passwd.txt
ssl/*
logbooks/Backup/*
logbooks/old/*

tar -tf $1|grep -v "^.*/$"