| ID |
Date |
Icon |
Author |
Author Email |
Category |
OS |
ELOG Version |
Subject |
|
69168
|
Mon Jul 6 20:19:21 2020 |
 | Laurent Jean-Rigaud | lollspam@free.fr | Bug report | Linux | 3.1.4 | Re: bug in elog.spec | Hi,
You rights, CFLAGS should not be in specfile to take care of distrib env.
Btw, I sent in the past an update for build process of Stefan delivery to generate src.rpm file copatible to tarball version. I think Stefan did not have time yet to test and to check.
With the enclosed SPEC file, you can build ELOG with options at rpmbulld command w/o modifying sources. For exemple,
rpm -i elog-.....src.rpm
rpmbuild -bb --with ssl --with pam --with ldap --with krb5 ~/rpmbuild/SPECS/elog.spec
I enclosed also the SRPMS i used for my projects. Be careful, It's maybe not uptodate of last GIT version or PSI releases... but you can test it on your RPM distrib. It should be nice to hare your feedback.
Bye,
Laurent
| Janusz Szuba wrote: |
|
Hi,
in commit 1812e7c, specifying CFLAGS to make command in elog.spec, renders all other settings in Makefile void. That is, if I want to include any of KRB5, LDAP, PAM support, and change makefile accordingly, then when producing rpm they are not taken into account. Anyway, CFLAGS in Makefile are already set to the same defaults, so why it is redefined in spec file?
best
Janusz
|
|
| Attachment 1: elog.spec
|
# ELOG weblog application
# rpmbuild -ba --define 'elogver 3.1.4' --define 'elogrel 2' --with ssl --with pam --with ldap --with krb5 --define 'factorydate date'
# define date of build for changelog and default release
%define build_timestamp %(LC_TIME=C date '+%a %b %d %Y')
%{!?factorydate: %define factorydate %build_timestamp}
# default version and release
%{!?elogver: %define elogver 3.1.4 }
%{!?elogrel: %define elogrel 2 }
# default release is build date
%{!?elogrel: %define elogrel %{build_timestamp} }
# Build options :
# Read: If neither macro exists, then add the default definition.
%{?_with_krb5: %define _with_krb5 USEKRB5=1}
%{?_with_ldap: %define _with_ldap USELDAP=1}
%{?_with_pam: %define _with_pam USEPAM=1}
%{?_with_ssl: %define _with_ssl USESSL=1}
# Default build options are with SSL
%{!?_with_ssl: %{!?_without_ssl: %define _with_ssl USESSL=1}}
# builder info
%define whoami %(eval who am i | awk '{print $1}')
%define HOSTNAME %(hostname)
%{!?packager: %define packager %{whoami} %{whoami}@%{HOSTNAME}}
Name: elog
Summary: elog is a standalone electronic web logbook
Version: %elogver
Release: %elogrel%{?customrel}%{?dist}
License: GPL
Group: Applications/Networking
Source: http://elog.psi.ch/elog/download/elog-%{elogver}-%{elogrel}.tar.gz
Vendor: Stefan Ritt <stefan.ritt@psi.ch>
URL: http://elog.psi.ch/elog
BuildRoot: /tmp/%{name}-root
Prefix: /usr/local
# Add build dependencies for pam, ssl and ldap features if enabled.
# Note: Tag tokens must start at beginning-of-line.
#
# Read: If feature is enabled, then add the build dependency.
%{?_with_krb5:BuildRequires: krb5-devel}
%{?_with_krb5:Requires: krb5-libs}
%{?_with_ldap:BuildRequires: openldap-devel >= 2.4.1}
%{?_with_ldap:Requires: openldap >= 2.4.1}
%{?_with_pam:BuildRequires: pam-devel >= 1.1.1}
%{?_with_ssl:BuildRequires: openssl-devel >= 0.9.8e}
# GAIAOPS: set max N limit to 500
Patch1: elog_set_max_list_500.patch
%description
ELOG is part of a family of applications known as weblogs.
Their general purpose is :
1. To make it easy for people to put information online in a chronological
fashion, in the form of short, time-stamped text messages ("entries")
with optional HTML markup for presentation, and optional file attachments
(images, archives, etc.)
2. To make it easy for other people to access this information through a
Web interface, browse entries, search, download files, and optionally add,
update, delete or comment on entries.
ELOG is a remarkable implementation of a weblog in at least two respects :
- Its simplicity of use: you don't need to be a seasoned server operator
and/or an experimented database administrator to run ELOG ; one executable
file (under Unix or Windows), a simple configuration text file, and it works.
No Web server or relational database required. It is also easy to translate
the interface to the appropriate language for your users.
- Its versatility: through its single configuration file, ELOG can be made
to display an infinity of variants of the weblog concept. There are options
for what to display, how to display it, what commands are available and to whom,
access control, etc. Moreover, a single server can host several weblogs, and
each weblog can be totally different from the rest.
%changelog
* %{build_timestamp} %{packager} %{version}-%{release}
- rebuild with option(s): %{?_with_krb5:KRB5 }%{?_with_ldap:LDAP }%{?_with_pam:PAM }%{?_with_ssl:SSL}
- set MAX_N_LIST to 500 (patch1)
* %{factorydate} Stefan Ritt <stefan.ritt@psi.ch> %{version}-%{release}
- Updated from git
* Wed Sep 26 2018 Stefan Ritt <stefan.ritt@psi.ch>
- Made adjustments for new elog server and RH7
* Fri Aug 29 2014 Stefan Ritt <stefan.ritt@psi.ch>
- Added BuildRequires, thanks to Stefan Roiser from CERN
* Fri Oct 21 2005 Stefan Ritt <stefan.ritt@psi.ch>
- Added resources/ directory
* Fri Mar 14 2003 Stefan Ritt <stefan.ritt@psi.ch>
- Added %post to change ownership of elog files
* Thu Jan 30 2003 Stefan Ritt <stefan.ritt@psi.ch>
- Added installation of man pages, thanks to Serge Droz <serge.droz@psi.ch>
* Tue Aug 13 2002 Stefan Ritt <stefan.ritt@psi.ch>
- Added elog group and user, thanks to Nicolas Chuche [nchuche@teaser.fr]
* Tue Jun 18 2002 Stefan Ritt <stefan.ritt@psi.ch>
- Put elogd.init into TAR file, add logbooks directory, put elogd in sbin/
* Tue Jun 18 2002 Serge Droz <serge.droz@psi.ch>
- Update to 2.0.0
* Mon Jun 3 2002 Serge Droz <serge.droz@psi.ch>
- Update to 1.3.6
* Fri May 31 2002 Serge Droz <serge.droz@psi.ch>
- Initial RPM
%prep
%setup -q
%patch1 -p0
%pre
%{_sbindir}/groupadd -r elog 2>/dev/null || :
%{_sbindir}/useradd -d / -s /bin/false \
-g elog -M -r elog 2>/dev/null || :
%build
make %{?_with_ssl} %{?_with_pam} %{?_with_ldap} %{?_with_krb5} CFLAGS='-O3 -funroll-loops -fomit-frame-pointer -W -Wall -Wno-deprecated-declarations -Imxml -g'
sed "s#\@PREFIX\@#%{prefix}#g" elogd.init_template > elogd.init
%install
make install ROOT=$RPM_BUILD_ROOT MANDIR=$RPM_BUILD_ROOT%{_mandir}
%post
chown -R elog:elog $RPM_BUILD_ROOT%{prefix}/elog
%clean
rm -rf $RPM_BUILD_ROOT
%files
%defattr(-,root,root)
/etc/rc.d/init.d/elogd
%{_mandir}/man1/*
%{_mandir}/man8/*
%doc README COPYING doc
%defattr(-,elog,elog)
%prefix/bin/*
%prefix/sbin/elogd
%prefix/elog/resources
%prefix/elog/ssl
%prefix/elog/themes
%prefix/elog/scripts
%prefix/elog/logbooks
%config(noreplace) %prefix/elog/elogd.cfg
|
| Attachment 2: elog-3.1.4-2.CNES.el6.src.rpm
|
|
69169
|
Tue Jul 7 11:22:45 2020 |
| Janusz Szuba | janusz.szuba@xfel.eu | Bug report | Linux | 3.1.4 | Re: bug in elog.spec | Thanks for the answer, I will try with your specfile
best
Janusz
| Laurent Jean-Rigaud wrote: |
|
Hi,
You rights, CFLAGS should not be in specfile to take care of distrib env.
Btw, I sent in the past an update for build process of Stefan delivery to generate src.rpm file copatible to tarball version. I think Stefan did not have time yet to test and to check.
With the enclosed SPEC file, you can build ELOG with options at rpmbulld command w/o modifying sources. For exemple,
rpm -i elog-.....src.rpm
rpmbuild -bb --with ssl --with pam --with ldap --with krb5 ~/rpmbuild/SPECS/elog.spec
I enclosed also the SRPMS i used for my projects. Be careful, It's maybe not uptodate of last GIT version or PSI releases... but you can test it on your RPM distrib. It should be nice to hare your feedback.
Bye,
Laurent
| Janusz Szuba wrote: |
|
Hi,
in commit 1812e7c, specifying CFLAGS to make command in elog.spec, renders all other settings in Makefile void. That is, if I want to include any of KRB5, LDAP, PAM support, and change makefile accordingly, then when producing rpm they are not taken into account. Anyway, CFLAGS in Makefile are already set to the same defaults, so why it is redefined in spec file?
best
Janusz
|
|
|
|
69180
|
Thu Jul 30 17:03:12 2020 |
 | Jose Caballero | jcaballero.hep@gmail.com | Question | Linux | 3.1.4 | testing the client: unclear it worked | Hello,
I just gave it a quick try to the command line client, to see if I can use it to access our institution service.
[root@host ~]# cd /tmp/
[root@host ~]# mkdir elog
[root@host ~]# cd elog
[root@host ~]# wget https://elog.psi.ch/elog/download/RPMS/elog-3.1.4-2.el7.x86_64.rpm
[root@host ~]# rpm2cpio elog-3.1.4-2.el7.x86_64.rpm | cpio -idmv
[root@host ~]# cd usr/local/bin/
[root@host ~]# ./elog --help
[root@host ~]# ./elog -h <hostname> -l <logbook> -u <myusername> <mypassword> -w last
"Message successfully transmitted, ID=-1"
Is that the expected output? I was expecting to see info about the latest message in the server.
Cheers,
Jose |
|
69182
|
Fri Jul 31 08:34:35 2020 |
| Stefan Ritt | stefan.ritt@psi.ch | Question | Linux | 3.1.4 | Re: testing the client: unclear it worked | The <hostname> you have to actually replace with your real host name. Same for logbook, username and password.
On my local test system I get (actual password hidden here with "...")
~$ elog -h localhost -p 8080 -l demo -u stefan ... -a Authort=SR -a Subject=test test
Message successfully transmitted, ID=5
~$
| Jose Caballero wrote: |
|
Hello,
I just gave it a quick try to the command line client, to see if I can use it to access our institution service.
[root@host ~]# cd /tmp/
[root@host ~]# mkdir elog
[root@host ~]# cd elog
[root@host ~]# wget https://elog.psi.ch/elog/download/RPMS/elog-3.1.4-2.el7.x86_64.rpm
[root@host ~]# rpm2cpio elog-3.1.4-2.el7.x86_64.rpm | cpio -idmv
[root@host ~]# cd usr/local/bin/
[root@host ~]# ./elog --help
[root@host ~]# ./elog -h <hostname> -l <logbook> -u <myusername> <mypassword> -w last
"Message successfully transmitted, ID=-1"
Is that the expected output? I was expecting to see info about the latest message in the server.
Cheers,
Jose
|
|
|
69194
|
Tue Aug 4 13:44:01 2020 |
| Stefan Ritt | stefan.ritt@psi.ch | Question | Linux | 3.1.4 | Re: How to prevent file path leaks on a 404 page | I removed the version info from the 404 error, but you have to recompile elogd from sources. The fix will be included in the next RPM, but that can usually take a few weeks.
| Rich Loring wrote: |
|
Hello,
We used the Elog RPM binary installation method to install Elog. Our security scanners are complaining that Elog discloses the version information when you hit a missing page (404 error). How can I hide this version info? Is there a snippet of code somewhere that I can comment out?
Any help is appreciated.
-Rich
|
|
|
69198
|
Mon Aug 10 07:56:43 2020 |
 | HyonSan Seo | hyon.san.seo@cern.ch | Bug report | Linux | 3.1.4 | SSL connection drop with large content | Dear all,
I had some difficulty to upload large files (>20MB) with SSL connection. I think it is also related to https://elog.psi.ch/elogs/Forum/68636
During debuging, I found that, when uploading large files, ssl connection is dropped since 'SSL_read' function returns -1.
But it doesn't alway mean broken connection. It may be "SSL_ERROR_WANT_READ".
I changed the "server_loop" function in the source code to "continue" when it is SSL_ERROR_WANT_READ. And it fixed the problem.
Here is my code.
## elogd.c "server_loop" function L30031
if (FD_ISSET(_sock, &readfds)) {
#ifdef HAVE_SSL
if (_ssl_flag){
i = SSL_read(_ssl_con, net_buffer + len, net_buffer_size - len);
if(i<=0){
int ssl_error=SSL_get_error(_ssl_con,i); ## check ssl error code
if(ssl_error==SSL_ERROR_WANT_READ||ssl_error==SSL_ERROR_WANT_WRITE) continue; ## if ssl wants more, continue
}
}
else
#endif
i = recv(_sock, net_buffer + len, net_buffer_size - len, 0);
I am ignorant about networking. Some experts on ssl connection would know a better way to deal with this problem.
Best,
HyonSan Seo
|
|
69199
|
Mon Aug 10 08:33:42 2020 |
| Stefan Ritt | stefan.ritt@psi.ch | Bug report | Linux | 3.1.4 | Re: SSL connection drop with large content | Your solution sounds quite good, I will incorporate them in the distribution.
Stefan
| HyonSan Seo wrote: |
|
Dear all,
I had some difficulty to upload large files (>20MB) with SSL connection. I think it is also related to https://elog.psi.ch/elogs/Forum/68636
During debuging, I found that, when uploading large files, ssl connection is dropped since 'SSL_read' function returns -1.
But it doesn't alway mean broken connection. It may be "SSL_ERROR_WANT_READ".
I changed the "server_loop" function in the source code to "continue" when it is SSL_ERROR_WANT_READ. And it fixed the problem.
Here is my code.
## elogd.c "server_loop" function L30031
if (FD_ISSET(_sock, &readfds)) {
#ifdef HAVE_SSL
if (_ssl_flag){
i = SSL_read(_ssl_con, net_buffer + len, net_buffer_size - len);
if(i<=0){
int ssl_error=SSL_get_error(_ssl_con,i); ## check ssl error code
if(ssl_error==SSL_ERROR_WANT_READ||ssl_error==SSL_ERROR_WANT_WRITE) continue; ## if ssl wants more, continue
}
}
else
#endif
i = recv(_sock, net_buffer + len, net_buffer_size - len, 0);
I am ignorant about networking. Some experts on ssl connection would know a better way to deal with this problem.
Best,
HyonSan Seo
|
|
|
69206
|
Wed Aug 26 20:44:38 2020 |
| Stefan Ritt | stefan.ritt@psi.ch | Question | Linux | 3.1.4 | Re: How to prevent file path leaks on a 404 page | A new RPM has been released at https://elog.psi.ch/elog/download/RPMS/elog-3.1.4-2.el7.x86_64.rpm containing that fix.
| Stefan Ritt wrote: |
|
I removed the version info from the 404 error, but you have to recompile elogd from sources. The fix will be included in the next RPM, but that can usually take a few weeks.
| Rich Loring wrote: |
|
Hello,
We used the Elog RPM binary installation method to install Elog. Our security scanners are complaining that Elog discloses the version information when you hit a missing page (404 error). How can I hide this version info? Is there a snippet of code somewhere that I can comment out?
Any help is appreciated.
-Rich
|
|
|
|