| ID |
Date |
Icon |
Author |
Author Email |
Category |
OS |
ELOG Version |
Subject |
|
66153
|
Fri Jan 16 23:54:46 2009 |
 | Kevin O'Sullivan | kosok@stanford.edu | Question | Linux | 2.6.1+r164 | Re: elog (2.6.1+r1642 ubuntu/debian) regularly becomes non-responsive (w/o crashing) | I'm actually still having this issue in Ubuntu and I'm running elog version 2.7.5. In fact, now it's worse in 2.7.5 than in previous version because sometimes I have to restart the machine to get elog working again.
Is there anything I can do to help you find potential bugs with Ubuntu?
| Stefan Ritt wrote: |
| Peter Kovac wrote: | First, the problem. Fairly regularly (at least once a week, perhaps more), our elog daemon seems to quietly die. The process is still running but anyone attempting to access the server gets "connection refused." The elog log doesn't show anything and the apache logs just show "proxy: Error reading from remote server returned by [path]". Calling a daemon restart doesn't seem to kill the daemon -- I get a "could not bind to port" error. Using kill and then starting the daemon again fixes the problem for a few days and then we start over.
The particulars:
We are running elog on an Ubuntu (6.06 Dapper Drake LTS) web server.
It's currently version 2.6.1+r1642 pulled via apt-get from the Debian repositories.
elog is hiding behind an apache2+SSL proxy.
Any thoughts? Has anyone else seen this behavior? My next step is probably to compile 2.6.2 and remove the packaged flavor but I wanted to see if this was a known bug... |
There are three reasons why an elog server can go into an infinite loop:
- A bug which has been fixed in meantime. If you can give a try to 2.6.2-1750 or so that could help. I'm not sure if this version is already in the Debian distribution since I'm not the maintainer there.
- A corrupted log file. If one of the YYMMDDa.log file get some garbage (maybe due to hard disk problems etc.) the elogd server can run into an infinite loop. In that case examine all log files to see if there is anything wrong. If so, edit it manually and restart elogd.
- Some not yet found bug. One never can exclude this of course, but at this forum I have elogd running under similar conditions like you, and it runs for months without problems.
|
|
|
66154
|
Sat Jan 17 08:16:19 2009 |
| John Rouillard | rouilj+elog@cs.umb.edu | Question | Linux | 2.6.1+r164 | Re: elog (2.6.1+r1642 ubuntu/debian) regularly becomes non-responsive (w/o crashing) |
| Kevin O'Sullivan wrote: | I'm actually still having this issue in Ubuntu and I'm running elog version 2.7.5. In fact, now it's worse in 2.7.5 than in previous version because sometimes I have to restart the machine to get elog working again.
Is there anything I can do to help you find potential bugs with Ubuntu?
|
What does "lsof -p pid" on the elogd process show, how about "strace -p pid"?
Since you are using elogd with an apache providing reverse proxy, I wonder if one of
the httpd processes isn't properly closing it's connection when it's done. That would
hang the elogd process since it's single threaded and non forking (IIRC).
Also why do you need to restart the box, does killing and restarting the elogd process not work?
When you kill elogd, does 'sudo netstat -anp' show anything listening at the elogd port?
-- rouilj |
|
1181
|
Mon Jun 6 15:17:50 2005 |
 | Stefan Ritt | stefan.ritt@psi.ch | Bug report | All | 2.6.0-beta | Re: elog & firefox pipelining |
| Emiliano Gabrielli wrote: | Having the Firefox pipelining feature enabled makes elog unable to correctly show avery attachment in the full view when a quite large number of them is present..
disabling pipelining makes all works fine again |
As is said:
Pipelining is an experimental feature, designed to improve page-load performance, that is unfortunately not well supported by some web servers and proxies.
So what do you expect 
I have not checked in detail, but it seems that the browser fires off several requests in parallel, one for each image. This can only be handled by a multi-threaded server, which elog is not (yet). What is more an issue for elog in relation to multi-threading is that one long request blocks all other users. So if I do a synchronize for example from home, the server can be nonresponsive for a minute or two. I have some plans for making it multi-threaded, but as you can imagine this is not so simple to do in a portable way. |
|
1183
|
Tue Jun 7 13:12:25 2005 |
 | Emiliano Gabrielli | AlberT@SuperAlberT.it | Bug report | All | 2.6.0-beta | Re: elog & firefox pipelining |
| Stefan Ritt wrote: |
| Emiliano Gabrielli wrote: | Having the Firefox pipelining feature enabled makes elog unable to correctly show avery attachment in the full view when a quite large number of them is present..
disabling pipelining makes all works fine again |
As is said:
Pipelining is an experimental feature, designed to improve page-load performance, that is unfortunately not well supported by some web servers and proxies.
So what do you expect
I have not checked in detail, but it seems that the browser fires off several requests in parallel, one for each image. This can only be handled by a multi-threaded server, which elog is not (yet). What is more an issue for elog in relation to multi-threading is that one long request blocks all other users. So if I do a synchronize for example from home, the server can be nonresponsive for a minute or two. I have some plans for making it multi-threaded, but as you can imagine this is not so simple to do in a portable way. |
You are right .. I'll wait the m-t support then  ghghgh |
|
67996
|
Wed Jun 10 11:39:23 2015 |
| Stefan Ritt | stefan.ritt@psi.ch | Bug report | Linux | 3.1.0 | Re: elconv deletes everything | > - elogd should not tell us to run elconv when both old-style and corresponding new-style elog entries exist
I removed that check completely. The old format was used up to 2002, so I expect that all users have upgraded in meantime.
Stefan |
|
67178
|
Mon Jan 30 09:31:51 2012 |
| Christof Hanke | hanke@rzg.mpg.de | Question | Linux | 2.9.0 | Re: el cheapo LDAP binding | Hi Christian,
I have also the need to do auth on the webserver, but I tried to integrate it into elogd as far as I could.
However, I do not try to set a special cookie to set the username, but always use
"X-Forwarded-User". Like this, every request is authenticated by the webserver in front.
If that's not too heavy for you, try out the applied patch.
HTH,
Christof
PS:
@Stefan:
If you are willing to integrate this into the official tree,
I can provide some docs for it (like setting author
directly etc.)
-----------------------------------------------------------------
Christof Hanke e-mail hanke@rzg.mpg.de
RZG (Rechenzentrum Garching) phone +49-89-3299-1041
Computing Center of the Max-Planck-Gesellschaft (MPG) and the
Institut für Plasmaphysik (IPP)
| Christian Herzog wrote: |
|
Hi all,
we would like to hook elog to our LDAP server. Instead of writing a full-featured LDAP auth module for elog, I have the following idea: use Apache's LDAP module to require LDAP auth for a single logbook:
<Location /elog/admin>
Use PhysLDAP
Use RequirePhysLDAPGroup isg
RewriteEngine On
RewriteCond %{LA-U:REMOTE_USER} (.+)
RewriteRule . - [E=RU:%1]
RequestHeader add X-Forwarded-User %{RU}e
</Location>
the two Use statements are Apache macros that define our LDAP settings. The last 4 lines are necessary for Apache to pass on the logged in user to the proxied elog (ends up in ENV X-Forwarded- User).
In elogd.c, I added
/* extract REMOTE_USER */
if ((p = strstr(request, "X-Forwarded-User:")) != NULL) {
p += 17;
while (*p && *p == ' ')
p++;
strlcpy(remote_user, p, sizeof(remote_user));
if (strchr(remote_user, '\r'))
*strchr(remote_user, '\r') = 0;
char sid[32];
/* get a new session ID */
sid_new(NULL, remote_user, (char *) inet_ntoa(rem_addr), sid);
/* set SID cookie */
set_sid_cookie(NULL, sid);
// TODO: set lbs!
}
to process_http_request in order to extract the LDAP login. I have managed to populate the author field with remote_user, but what I'd really like is to write a cookie containing this login name so that session handling kicks in. You can see that I attempt to write a cookie, but elogd segfaults at set_sid_cookie() (gdb backtrace:
set_cookie (lbs=0x0, name=0x483b22 "sid", value=0x7ffffffd7590 "4831386B7B333A99",
global=0, expiration=0x7ffffffd7300 "")
Would anyone be willing to help me with this? I'm not at all familiar with the program flow in elogd and my C is a bit rusty...
thanks,
-Christian
--
Dr. Christian Herzog <herzog@phys.ethz.ch> support: +41 44 633 26 68
IT Services Group, HPT H 8 voice: +41 44 633 39 50
Department of Physics, ETH Zurich
8093 Zurich, Switzerland http://nic.phys.ethz.ch/
|
|
| Attachment 1: elogd-addwebserverauth.patch
|
--- trunk/webservices/ELOG/elog-2.9.0/src/elogd.c 2011/10/20 14:36:27 3247
+++ trunk/webservices/ELOG/elog-2.9.0/src/elogd.c 2012/01/30 08:14:32 4130
@@ -37,6 +37,7 @@
char listen_interface[256];
char theme_name[80];
char http_host[256];
+char http_user[256];
char _param[MAX_PARAM][NAME_LENGTH];
char _value[MAX_PARAM][NAME_LENGTH];
@@ -8534,7 +8535,7 @@
if (old_pwd[0] || new_pwd[0]) {
if (user[0]) {
- if (stristr(auth, "Kerberos")) {
+ if (stristr(auth, "Kerberos") || stristr(auth, "Webserver")) {
if (strcmp(new_pwd, new_pwd2) != 0)
wrong_pwd = 2;
} else {
@@ -12677,6 +12679,12 @@
return 0;
}
+ /* if we have outsourced the authentication, use external username */
+ getcfg(lbs->name, "Authentication", str, sizeof(str));
+ if ( stristr(str, "Webserver")) {
+ strncpy(user,http_user,sizeof(user));
+ }
+
/* check for full name */
if (!isparam("new_full_name") || *getparam("new_full_name") == 0) {
sprintf(str, loc("Please enter \"%s\""), loc("Full name"));
@@ -13247,7 +13255,7 @@
rsprintf("<tr><td nowrap width=\"15%%\">%s:</td>\n", loc("Login name"));
getcfg(lbs->name, "Authentication", auth, sizeof(auth));
- if (stristr(auth, "Kerberos"))
+ if (stristr(auth, "Kerberos") || stristr(auth, "Webserver"))
rsprintf("<td><input type=text size=40 name=new_user_name value=\"%s\" readonly></td></tr>\n", str);
else
rsprintf("<td><input type=text size=40 name=new_user_name value=\"%s\"></td></tr>\n", str);
@@ -13334,6 +13342,7 @@
rsprintf("<tr><td class=\"menuframe\"><span class=\"menu1\">\n");
+ /* remove user-management buttons
if (is_admin_user(logbook, getparam("unm")) || !getcfg(logbook, "allow password change", str, sizeof(str))
|| atoi(str) == 1)
rsprintf("<input type=submit name=cmd value=\"%s\">\n", loc("Change password"));
@@ -13345,7 +13354,7 @@
strlcpy(str, loc("Change config file"), sizeof(str));
rsprintf("<input type=submit name=cmd value=\"%s\">\n", str);
}
-
+ */
rsprintf("</span></td></tr></table>\n\n");
show_bottom_text(lbs);
rsprintf("</form></body></html>\r\n");
@@ -13579,9 +13588,9 @@
/*---- header ----*/
getcfg(lbs->name, "Authentication", str, sizeof(str));
- if (stristr(str, "Kerberos")) {
+ if (stristr(str, "Kerberos")|| stristr(str, "Webserver")) {
show_error
- ("This installation of ELOG uses site authentification\nwhere password recovery is not possible");
+ ("This installation of ELOG has outsourced its authentification\nwhere password recovery is not possible");
return;
}
@@ -13609,6 +13618,7 @@
void show_new_user_page(LOGBOOK * lbs, char *user)
{
+ char str[256];
/*---- header ----*/
show_html_header(lbs, TRUE, loc("ELOG new user"), TRUE, FALSE, NULL, FALSE);
@@ -13644,13 +13654,14 @@
rsprintf("<tr><td nowrap>Email:</td>\n");
rsprintf("<td colspan=2><input type=text size=40 name=new_user_email></tr>\n");
+ getcfg(lbs->name, "Authentication", str, sizeof(str));
+ if (!stristr(str, "Kerberos") && !stristr(str, "Webserver")) {
+ rsprintf("<tr><td nowrap>%s:</td>\n", loc("Password"));
+ rsprintf("<td colspan=2><input type=password size=40 name=newpwd>\n");
- rsprintf("<tr><td nowrap>%s:</td>\n", loc("Password"));
- rsprintf("<td colspan=2><input type=password size=40 name=newpwd>\n");
-
- rsprintf("<tr><td nowrap>%s:</td>\n", loc("Retype password"));
- rsprintf("<td colspan=2><input type=password size=40 name=newpwd2>\n");
-
+ rsprintf("<tr><td nowrap>%s:</td>\n", loc("Retype password"));
+ rsprintf("<td colspan=2><input type=password size=40 name=newpwd2>\n");
+ }
rsprintf("</td></tr></table>\n");
/*---- menu buttons ----*/
@@ -25391,7 +25402,12 @@
if (!enum_user_line(lbs, 0, str, sizeof(str))) {
if (isparam("new_user_name"))
return TRUE;
- show_new_user_page(lbs, NULL);
+ getcfg(lbs->name, "Authentication", str, sizeof(str));
+ if (stristr(str, "Webserver")) {
+ show_new_user_page(lbs, http_user);
+ } else {
+ show_new_user_page(lbs, NULL);
+ }
return FALSE;
}
@@ -25417,7 +25433,9 @@
}
}
- /* if invalid or no session ID, show login page */
+ /* if invalid or no session ID, show login page,
+ unless we have outsourced the authentication to webserver
+ */
if (!skip_sid_check && !sid_check(sid, user_name)) {
if (isparam("redir"))
strlcpy(str, getparam("redir"), sizeof(str));
@@ -26397,6 +26415,25 @@
if (lbs->n_attr < 0)
return;
+ /* if we outsource the authentication to Webserver and have no sid, just set a new sid */
+ getcfg(lbs->name, "Authentication", str, sizeof(str));
+ if (stristr(str, "Webserver")) {
+ if (http_user[0]) {
+ if (!sid_check(getparam("sid"), http_user)) { /* if we don't have a sid yet, set it */
+ /* get a new session ID */
+ sid_new(lbs, http_user, (char *) inet_ntoa(rem_addr), sid);
+ /* set SID cookie */
+ set_sid_cookie(lbs, sid);
+ }
+ } else {
+ sprintf(str, "Error: Misconfigured webserver, did not get X-Forwarded-User from it.");
+ show_error(str);
+ return;
+ }
+ }
+
+
+
/* check for new login */
if (isparam("uname") && isparam("upassword")) {
/* log logins */
@@ -27650,6 +27693,17 @@
*strchr(http_host, '\r') = 0;
}
+ /* extract X-Forwarded-User into http_user if Authentication==Webserver */
+ http_user[0] = 0;
+ if ((p = strstr(request, "X-Forwarded-User:")) != NULL) {
+ p += 17;
+ while (*p && *p == ' ')
+ p++;
+ strlcpy(http_user, p, sizeof(http_user));
+ if (strchr(http_user, '\r'))
+ *strchr(http_user, '\r') = 0;
+ }
+
/* extract "X-Forwarded-For:" */
if ((p = strstr(request, "X-Forwarded-For:")) != NULL) {
p += 16;
|
|
67181
|
Fri Feb 3 09:30:20 2012 |
| Christian Herzog | herzog@phys.ethz.ch | Question | Linux | 2.9.0 | Re: el cheapo LDAP binding | Hi Christof,
wow thanks, that's (almost) exactly what I was looking for! I only had to add
--- src/elogd.c.orig 2012-02-03 09:11:42.000000000 +0100
+++ src/elogd.c 2012-02-03 09:11:32.000000000 +0100
@@ -8375,6 +8375,10 @@
strcpy(list[i], "remote_host");
strlcpy(value[i++], rem_host, NAME_LENGTH);
+ /* add LDAP author */
+ strcpy(list[i], "http_user");
+ strlcpy(value[i++], http_user, NAME_LENGTH);
+
/* add local host */
strcpy(list[i], "host");
strlcpy(value[i++], host_name, NAME_LENGTH);
in order to get
Preset Author = $http_user
to work. I fully support getting your patches into upstream.
thanks a bunch,
-Christian
|
|
67077
|
Thu Jun 2 14:57:39 2011 |
| David Pilgram | David.Pilgram@epost.org.uk | Bug report | Linux | 2.7 | Re: editor dosn't work |
| Sara Vanini wrote: |
|
Hi,
when I try to edit an entry of my ELOG, the display shows the editor window blank, without all the previous content of the entry, and it is not possibile to write in it. It worked since yesterday, when ELOG tried to save a new entry but the disk was full. ELOG was srewed up. I deleted the buggy entry and now I can display all the previuos entries, but I cannot edit anymore... Please help!
Sara
|
I've a little experience of digging myself out of (in my case, self-induced) problems using ELOG. I'm also aware that I may be the least experienced/qualified user..
First: Archive your work directories. Then at least whatever you do from here, you've got the status quo to fall back on. Also, record anything you can remember (ID number, thread, etc) of the deleted entry/entries.
I've found that ELOG can hang in an infinite loop if it tries to find an entry that is no longer there - and that depends upon how you approach the point where the missing entry would be. ELOG's own delete works fine in normal circumstances. I'm talking about abnormal circumstances, for example when idiots (me) are playing around with the yymmdda.log files, or *possibly* if the disk is full, and you then try deleting the entry that caused the full disk problem. Whether that is what you are seeing, I cannot say at present.
However, to progress this: When you are stuck, unable to edit anything, in a[nother] terminal, try the process report
ps -A
two or three times, with a short interval between commands. (Or other switches if you know how to select to view the elogd process on your system). If elogd is using seconds of CPU time between each ps command, it's probably in an infinite loop. If you need to be sure, wait a minute and check again. If so, you'll have to stop the daemon, possibly requiring a computer reboot. In my experience, ELOG does not get stuck in an infinite loop when just indexing the pages when the daemon starts, but experts may well know better.
This may at least diagnose whether you cannot edit because ELOG is stuck in an infinite loop, or has some other cause.
If it is the infinite loop, the trick is to find which entry causes the loop without getting stuck in that loop next time around.
David Pilgram. |
|