Demo Discussion
Forum Config Examples Contributions Vulnerabilities
  Discussion forum about ELOG, Page 317 of 806  Not logged in ELOG logo
IDdown Date Icon Author Author Email Category OS ELOG Version Subject
  67264   Mon May 7 13:41:38 2012 Question Roland Gsellroland.gsell@oeaw.ac.atInfoLinux2.9.1-2435Access rights

Hi,

the manual says:

"
There are four ways through which access to a logbook may be controlled:

it may be open for all to read ;
it may require a common "read" password for all users ;
it may require each user to have an individual user account (login name) and password ;
finally, access may be granted or not depending on the address of the workstation you are using.
"

But it doesn't say how to do so or at least I didn't find it.

If I have each user have to log in with an individual accout, can I define which logbooks he can read and/or modify?
If yes, how to do that?

Also, please accept my vote for user groups. We can use that, too.

TIA,
Roland.

  67263   Wed May 2 18:19:18 2012 Smile Matt Newvillenewville@cars.uchicago.eduQuestionLinux2.9.2Re: password protect a logbook with Apache redirect
> I don't remember the details, but originally had the same trouble. I think a "/" at the end of a url got me somewhere. 
> I have defined...
> 
> URL = http://somewhere.edu/elog
> 
> ...in the config file, and my redirect looks like this:
> 
> Redirect /elog http://somewhere.edu/elog/
> ProxyPass /elog/ http://somewhere.edu:8080/
> ProxyPassReverse /elog/ http://somewhere.edu:8080/


Yes, that did it:  Adding the URL to the config file was the key.

Thanks!
  67262   Wed May 2 17:18:36 2012 Reply Graham Medlinglmedlin@ncsu.eduQuestionLinux2.9.2Re: password protect a logbook with Apache redirect
I don't remember the details, but originally had the same trouble. I think a "/" at the end of a url got me somewhere. 
I have defined...

URL = http://somewhere.edu/elog

...in the config file, and my redirect looks like this:

Redirect /elog http://somewhere.edu/elog/
ProxyPass /elog/ http://somewhere.edu:8080/
ProxyPassReverse /elog/ http://somewhere.edu:8080/
  67261   Wed May 2 17:09:25 2012 Reply Stefan Rittstefan.ritt@psi.chQuestionLinux2.9.2Re: password protect a logbook with Apache redirect
> Is there a way to make this (password protecting logbooks while also using a proxy to Apache) work?

I use it with the current version and it works fine for me. What you might be missing is the

URL = http://example.com/elogbook/

statement in your elogd.cfg to make this work.

Best regards,
Stefan
  67260   Wed May 2 17:06:35 2012 Question Matt Newvillenewville@cars.uchicago.eduQuestionLinux2.9.2password protect a logbook with Apache redirect
Hi,

I'm trying to set up elogd, running on port 8080 behind an Apache server on port 80, using mod_proxy to redirect
to the elogd server, and the recommended

Redirect permanent /elogbook http://example.com/elogbook/
ProxyPass /elogbook/         http://example.com:8080/

This works well for non-password-protected logbooks, but for password protected (that I can access fine via port
8080), I keep getting shown the Login page, even with valid username / password.    

Poking around the code, it appears (probably not too surprisingly) that the issue lies in check_login().  
For example, 

   /* if invalid or no session ID, show login page */
  if (!skip_sid_check && !sid_check(sid, user_name)) {
      if (isparam("redir"))
         strlcpy(str, getparam("redir"), sizeof(str));
      else
         strlcpy(str, isparam("cmdline") ? getparam("cmdline") : _cmdline, sizeof(str));
      /* avoid recursive loops with ?cmd=Login */
      if (stristr(str, loc("Login")))
         str[0] = 0;
      /*  added write_logfile here...
          char mstr[250];
          sprintf(mstr, "show_login B %s isparam: %d, cmd: %d, skip_sid_check: %d, sid_check: %d",
                         user_name,  isparam("redir"), isparam("cmdline"), skip_sid_check, sid_check(sid,
user_name));
           write_logfile(lbs, mstr);

        */
      show_login_page(lbs, str, 0);
      return FALSE;
}

and the logfile shows that user_name is blank(!!) and redir, cmdline, skip_sid_check, and sid_check(sid,
user_name) all to be 0.   In fact, isparam("unm") and isparam("upwd") are also 0, which explains why user_name
is blank.   But the log file also shows

LOGIN user "username" (attempt)
LOGIN user "username" (success)

just prior to this!

I'd guess that the form POST methods aren't being forwarded correctly, but I haven't looked at it in any more
detail.   

Is there a way to make this (password protecting logbooks while also using a proxy to Apache) work?

Thanks!
  67259   Wed May 2 09:17:56 2012 Reply Stefan Rittstefan.ritt@psi.chBug reportLinux2435Re: Forgot Password

Christopher Lee wrote:

Stefan Ritt wrote:

Christopher Lee wrote:

We seem to have a problem with retrieving user passwords using the forgot password system 

Thanks for reporting that bug. With the help of your config file I finally could reproduce and fix it. The fix is contained in SVN revision 2462.

 Thanks mate.. Glad to know it wasn't just me going insane? I'll keep an eye out for the new file

For the new version have a look here: http://midas.psi.ch/elog/faq.html#21 

  67258   Tue May 1 17:03:37 2012 Agree Per Erikssonpelle@sm4xiu.euInfoLinuxAnyRe: Compiling Elog for QNAP NAS x86

Per Eriksson wrote:

Hi All,

I am interested to have ELOG installed in my QNAP x86 based NAS (239 Pro II)
Have someone done this already or is there a write-up of a normal compile-procedure which I can have as a base when I attempt to compile?

Regards,

Per

I solved it.
I don't really know if I really needed to compile it but I complied this on the NAS itself so now it is 100% compatible (I believe)

Per

  67257   Tue May 1 11:38:05 2012 Entry Per Erikssonpelle@sm4xiu.euRequestLinuxAnyCompiling Elog for QNAP NAS x86

Hi All,

I am interested to have ELOG installed in my QNAP x86 based NAS (239 Pro II)
Have someone done this already or is there a write-up of a normal compile-procedure which I can have as a base when I attempt to compile?

Regards,

Per

ELOG V3.1.5-3fb85fa6