| ID |
Date |
Icon |
Author |
Author Email |
Category |
OS |
ELOG Version |
Subject |
|
1781
|
Sat Apr 1 15:30:32 2006 |
 | Stefan Ritt | stefan.ritt@psi.ch | Question | Linux | 2.61 | Re: Anonymous vs user posts |
| Chris Warner wrote: | | If I have a logbook that will let both registered users Anonymous users post. I would like the author attribute to default to the value in $long_name but if the post is Anonymous display a default text string "Anonymous". Is it possible to do this? |
I added that functionality into the intermediate release 2.6.1-4 which you can download from the ELOG site. |
|
1799
|
Thu Apr 6 20:24:06 2006 |
 | Yoshio Imai | | Question | Linux | 2.6.1-1671 | elog client authentication and attachment comment | Hi again!
I have two questions, one concerning authentication methods for the elog client. Until revision 1642, it was possible to submit entries to a password-protected logbook using the elog client without supplying authentication information. With revision 1671 this is no longer possible. In principle this is good. However, many of our run control programs use the elog client (via rsh to the elog server computer) to submit automatic entries, which fails now. In order for this mechanism to work again, we would have to change the command-line call in the sources, including now the password in clear text. Since this can be considered a security issue, we would like to avoid it if at all possible. I guess my request would go in the direction of PAM support, but would it be possible to revert to the old behaviour as an option? (If you tell me where in the code to look, we could probably also comment out the respective lines ourselves so that you don't have extra work...)
The second remark is about attachment comments. When editing a logbook entry, the attachment upload buttons appear again, but without the comment. Shouldn't it be there, too?
Thanks,
Yoshio |
|
1801
|
Fri Apr 7 10:29:49 2006 |
| Stefan Ritt | stefan.ritt@psi.ch | Question | Linux | 2.6.1-1671 | Re: elog client authentication and attachment comment |
| Yoshio Imai wrote: | | Until revision 1642, it was possible to submit entries to a password-protected logbook using the elog client without supplying authentication information. With revision 1671 this is no longer possible. In principle this is good. However, many of our run control programs use the elog client (via rsh to the elog server computer) to submit automatic entries, which fails now. In order for this mechanism to work again, we would have to change the command-line call in the sources, including now the password in clear text. Since this can be considered a security issue, we would like to avoid it if at all possible. I guess my request would go in the direction of PAM support, but would it be possible to revert to the old behaviour as an option? (If you tell me where in the code to look, we could probably also comment out the respective lines ourselves so that you don't have extra work...) |
There was a quite strong request to not allow unauthorized access via the elog utility. People were also able to submit entries with the "curl" program without supplying authorization. So I rather would not like to go back to the old version. But I would propose a different scheme: We could save the username/password in a file on the server, which is maybe readable only by the owner. Then one could call elog with
elog ... -u @filename
so that the user name and password gets retrieved from the file on the server. This way the password does not have to be passwd over the network. BTW, you also could use ssh instead of rsh to prevent password being sent over the network in plain text.
| Quote: |
The second remark is about attachment comments. When editing a logbook entry, the attachment upload buttons appear again, but without the comment. Shouldn't it be there, too? |
I'll have a look and fix it. |
|
1803
|
Mon Apr 10 20:08:02 2006 |
| Yoshio Imai | | Question | Linux | 2.6.1-1671 | Re: elog client authentication and attachment comment |
| Stefan Ritt wrote: | | We could save the username/password in a file on the server, which is maybe readable only by the owner. |
I have discussed it with the others, and it sounds like a good idea. There is only the debate whether it should be readable by the owner or by the root user of the elog server. I can't tell at the moment which is more favourable ... |
|
1804
|
Mon Apr 10 20:28:37 2006 |
 | Alan Stone | alstone@fnal.gov | Question | Linux | 2.6.1-1684 | How can I configure to prevent empty entries? | I have accidentally created a couple of entries recently. It is pretty easy. I
fill in the header, type in a Subject, and then hit Enter, instead of TAB.
I have turned off the edit option intentionally.
I want to avoid this in the future. Is there a configuration option which would
confirm that the user before submitting an entry without a Body? I know I can require
attributes like Author and Subject. I am not sure I want to require a Body, in case
someone submits an entry with just an attachment (and a Subject).
Thanks, Alan |
|
1810
|
Sat Apr 15 00:37:48 2006 |
 | Marco Calf | marco@kelf.nl.eu.org | Comment | Linux | 2.5.7 | User review..use case: implementing GTD | Playing with elog for a day made me very happy. I was looking for a webbased thingy to support list building for 'Getting Things Done' by David Allen ( David Allen's Getting Things Done ).
Elog is simple, intuitative and very powerfull!
Less informative is the fact that i found no bugs till now 
On usablitity..maybe some more control over the dialog..eg the 'in between' screens (eg after a move...the 'to which log i would like to resume' question)...or have an option to be in select mode by default.
Tnx |
|
1813
|
Tue May 2 22:58:48 2006 |
| Mark Bergman | mark.bergman@uphs.upenn.edu | Question | Linux | 2.6.1 | Is it possible to require certain attributes for specific users (guests)? | First of all, thanks for writing and maintaining eLog.
I've been using it for a few years, but I'm now introducing it in an environment that may have a lot of "Guest"
accounts.
I'd like to have two "Required Attributes" when a guest enters a new entry; their name and e-mail address. These
fields don't need to be required for registered accounts, since that information is available already.
Is there any way to have conditional statements act on the value of $short_name?
Thanks,
Mark |
|
1814
|
Wed May 3 00:16:42 2006 |
 | Mark Bergman | mark.bergman@uphs.upenn.edu | Request | Linux | 2.6.1 | allow per-logfile attributes to be added/subtracted from the global settings | I think it would be a big enhancement to allow per-logbook attributes to be additions or subtractions from the global attributes, rather than replacing the global settings.
For example, the [global] section of my elogd.cfg reads:
Attributes = Author, Type, Category, Severity, Subject, Entry ID, Status
Extendable Attributes = Type, Category, Severity, Subject, Status
Options Category = Hardware, Software (OS and utilities), Software (Application), Network, Security, Other
Options Severity = None, Low, Medium, High, Critical
Options Status = Open, Closed, In-Progress, Suspended
Options Type = To-Do, Problem Report, Problem Fixed, Informational Note, Software Installation, Configuration, Other
Required Attributes = Type, Category, Subject, Status
I've also got an logbook for each server for hardware issues. Within those logbooks, I'd like to keep all the fields except the software fields, and add fields for memory and storage.
Adding 7 definitions to each server logbook makes the config file huge and difficult to edit, and it means that a future change to the global settings wouldn't propagate to the individual log files. I'd really like to do something like:
[server47]
-Options Category = Software (OS and utilities), Software (Application)
+Options Category = Storage, Memory
-Options Type = Software Installation
+Options Type = RAM Installation, Drive upgrade
As I see it, the initial "-" sign in front of an attribute or option would indicate that the fields listed should be deleted from the global set (if the field name is an exact match), and a leading "+" indicates that the given fields would be added to the global attribute of the same name, for that specific logbook.
The current behavior--without a leading "+" or "-" would be unchanged, so that existing config files don't change.
Thanks,
Mark |
|