ELOG Forum

Demo Discussion

Forum Config Examples Contributions Vulnerabilities

Discussion forum about ELOG, Page 125 of 807

Not logged in

Find | Login | Help

Full | Summary | Threaded | Show attachments

6451 Entries

Goto page Previous 1, 2, 3 ... 124, 125, 126 ... 805, 806, 807 Next

Sun Aug 11 18:45:08 2002

tony summerfelt

snowzone25@yahoo.com

Comment

Re: self-registration

> Sorry, I haven't fully documented it yet, will do on Monday next week. For 
> now, see the configuration file for this forum which is attached.

that's ok. i just wanted to make sure that i hadn't missed something. i'm eventually switching over my entire dial up bbs, to my web page, with elog being the message system. self-registration was the last piece of the puzzle for me :)

Sat Aug 10 13:00:26 2002

Stefan Ritt

stefan.ritt@psi.ch

Question

Re: self-registration

> i seem to be unable to find a clear explanation of how to enable self-
registration in the docs.
> 
> just to be sure i grepped the doc directory, but the two references to it 
were in the changelog and the faq.
> 
> it could be just me but i'm not reading between the lines or connecting the 
various places in the docs to get it going :/

Sorry, I haven't fully documented it yet, will do on Monday next week. For 
now, see the configuration file for this forum which is attached.

114

Fri Aug 16 10:26:14 2002

eric wooten

wootene@verizon.net

Request

Re: self register enhancmenets

Also having the ability to subscribe to notifications for one or more 
logbooks (if access is given - along with the ability to choose which 
categories, etc notifications are sent.


> Couple Wish List Items for the Self Register:
> 
> -allow the user to pick which type of log entries (which categories, etc) 
> they would like to subscribe to and receive notifications on.   
> 
> -Option to use an existing LDAP database to authenticate users instead of 
> maintaining a password file.

67085

Mon Jun 20 17:53:58 2011

Re: segmentation fault when "restrict edit" is used and "new" is allowed for anonymous users

You are the first one allowing guests to enter new entries, so this probes a code path which was never used before. I fixed the crash in SVN revision 2416, but it might be that there are more issues with that. Just keep reporting.

471

Fri Feb 13 21:50:09 2004

Re: segmentation fault

This problem has been fixed recently. The new code is

   /* special case: "Change %s" */
   if (strstr(orig, "Change ") && strcmp(orig, "Change %s") != 0) {
      sprintf(result, loc("Change %s"), orig + 7);
      return result;
   }

Alternatively you can get the updated version from CVS.

- Stefan

67234

Tue Apr 10 15:35:07 2012

Re: segfault on empty, non-writable passwd file

Achim Dreyer wrote:

Segfault when password file is empty and not writable a segmentation fault is generated when a new user tries to register:

root# > passwd

root# chown root.root passwd

root# chmod 644 passwd

root# grep -i usr elogd.cfg

root#

kernel: [515323.672377] elogd[31048]: segfault at 78 ip 00000000004ba780 sp 00007fff03cd2078 error 4 in elogd[400000+dc000]

I cannot reproduce this error when running within gdb.

Thanks for reporting that bug. I fixed it in SVN revision 2448.

69350

Fri Apr 23 15:46:39 2021

Sebastian Schenk

sebastian.schenk@physik.uni-halle.de

Bug report

Linux

ELOG V3.1.4-611

Re: segfault in auth.c:366

Hi Mr. Holman,

The problem you are facing is more likely the issue, that the LDAP method is only provided as-is from a different developer.

I had a similar issue with the LDAP of my university.
I can't remember the correct error messages, but it looks similar, which arises from the used c library for LDAP.
The LDAP connection response can have 2 different variable types and only one of them is implemented in the elog, the other one crashes the elog with segfault.

I could fix it with this patch:
https://bitbucket.org/merrx/elog/commits/5a75fdb3e0b723380dae73bb57653946ed72690c
Obviously you have to adapt "displayName" and "postOfficeBox" to represent the name and email attributes of your LDAP structure.

I didn't made a PR for this commit, because it would break the current LDAP implementation, i assume.

Best wishes,
Sebastian

gary holman wrote:

Elog version: ELOG V3.1.4-611489ba

I am running openldap on the localhost. For some reason now, elogd is segfaulting when (I believe) when a new user is being added to the password file. For example:

1. I delete user passord file defined in elogd.cfg

2. Bind/Authenticate to LDAP successfully

3. Segfaults in auth.c ldap_adduser_file()

Makefile:
...
ELOGDIR = /opt/elog
DESTDIR = $(ROOT)$(PREFIX)/bin
SDESTDIR = $(ROOT)$(PREFIX)/sbin
RCDIR = $(ROOT)/etc/rc.d/init.d
SRVDIR = $(ROOT)/usr/lib/systemd/system

# flag for SSL support
USE_SSL = 1

# flag for Kerberos support, please turn off if you don't need Kerberos
USE_KRB5 = 0

# flag for LDAP support, please turn off if you don't need LDAP
USE_LDAP = 1# flag for PAM support, please turn of if you don't need PAM
USE_PAM = 0
...

For authentication, I am using openldap in the localhost:

----
Authentication = LDAP
LDAP server = ldap://localhost:389
LDAP userbase = ou=people,dc=example,dc=org
LDAP login attribute = uid
LDAP register = 1
Password file = /opt/elog/users

gdb output

----------

(gdb) run -s /opt/elog -c /opt/elog/elogd.cfg -f /var/run/elog/elog.pid
The program being debugged has been started already.
Start it from the beginning? (y or n) y
Starting program: /home/ubuntu/UPGRADE-42221/work-src/elog/elogd -s /opt/elog -c /opt/elog/elogd.cfg -f /var/run/elog/elog.pid
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
elogd 3.1.4 built Apr 22 2021, 19:19:39 revision 611489ba
File "/var/run/elog/elog.pid" exists, overwriting it.
CKeditor detected
ImageMagick detected
Indexing logbooks ... done
Server listening on port 9011 ...

Breakpoint 1, ldap_adduser_file (lbs=0x555556811ad8, user=0x7ffffffd3bd0 "testuser", password=0x5555558ea110 <_value+6000> "testuser", error_str=0x7ffffffd53d0 "", error_size=<optimized out>) at src/auth.c:350
350   if (rc != LDAP_SUCCESS) {
(gdb) n
337   rc = ldap_search_ext_s(
(gdb) n
350   if (rc != LDAP_SUCCESS) {
(gdb) n
358   for(entry = ldap_first_entry(ldap_ld,result);
(gdb) n
371   if(strcmp(attribute,"mail")==0 || strcmp(attribute,"rfc822Mailbox")==0)
(gdb) n
361   for(attribute = ldap_first_attribute(ldap_ld,entry,&ber);
(gdb) n
365   if((values = ldap_get_values(ldap_ld,entry,attribute)) != NULL ) {
(gdb) n
366   for(i=0; values[i] != NULL; i++) {
(gdb) n

Program received signal SIGSEGV, Segmentation fault.
ldap_adduser_file (lbs=0x555556811ad8, user=0x7ffffffd3bd0 "testuser", password=0x5555558ea110 <_value+6000> "testuser", error_str=<optimized out>, error_size=<optimized out>) at src/auth.c:366
366 for(i=0; values[i] != NULL; i++) {
(gdb) p attribute
$1 = 0x5555567f6a20 "uid"
(gdb) p values
$2 = (char **) 0x567f74f0

This user in LDAP:
-------------------------
# TESTUSER, people, example.org
dn: uid=TESTUSER,ou=people,dc=example,dc=org
uid: TESTUSER
cn: TESTUSER
givenName: TESTUSER
sn:: VEVTVFVTRVIg
mail: TESTUSER
uidNumber: 10000
gidNumber: 10000
homeDirectory: /dev/null
objectClass: top
objectClass: posixAccount
objectClass: shadowAccount
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
userPassword:: e1NTSEF9Y21ua1lsdFpMZ3ZrZlZ4OUp3MFN3cUY3NWIzdkFCSWY=

69351

Fri Apr 23 16:21:05 2021

Re: segfault in auth.c:366

Well, if you find a solution with works for everybody, I'm happy to commit it to the main repository. But unfortunately I cannot test it because I don't have LDAP here, so I'm flying blind.

Stefan

Goto page Previous 1, 2, 3 ... 124, 125, 126 ... 805, 806, 807 Next

ELOG V3.1.5-3fb85fa6