| ID |
Date |
Icon |
Author |
Author Email |
Category |
OS |
ELOG Version |
Subject |
|
65937
|
Wed Jul 30 19:54:28 2008 |
 | Alan Stone | alstone@fnal.gov | Bug report | Linux | 2.7.4-2113 | Exploit Browser Tabs to Make Anonymous Entries | One of my shifters just managed to make an anonymous logbook entry even though the Author attribute is required.
It turns out that he had two tabs in his browser opened/logged into the Elog. He logged out in one tab only. Then he
did some other work on the desktop. Then he returned to the browser to make a new logbook entry, finding the tab which
still showed the logged in menu, including the link for "New". The Shifer is on day two, so he did not give any special
notice to seeing Anonymous in the Author field instead of his name. He did point it out when I came in, and noted that
no warning was given about making an anonymous entry.
I tested the same scenario myself. One cannot preview an anonymous entry (when Author field is a required attribute).
A warning is given. However, one can submit the anonymous entry, and no warning is given.
Alan |
|
65938
|
Thu Jul 31 09:25:01 2008 |
 | Stefan Ritt | stefan.ritt@psi.ch | Bug report | Linux | 2.7.4-2113 | Re: Exploit Browser Tabs to Make Anonymous Entries |
| Alan Stone wrote: |
|
One of my shifters just managed to make an anonymous logbook entry even though the Author attribute is required.
It turns out that he had two tabs in his browser opened/logged into the Elog. He logged out in one tab only. Then he
did some other work on the desktop. Then he returned to the browser to make a new logbook entry, finding the tab which
still showed the logged in menu, including the link for "New". The Shifer is on day two, so he did not give any special
notice to seeing Anonymous in the Author field instead of his name. He did point it out when I came in, and noted that
no warning was given about making an anonymous entry.
I tested the same scenario myself. One cannot preview an anonymous entry (when Author field is a required attribute).
A warning is given. However, one can submit the anonymous entry, and no warning is given.
|
What configuration do you use? I tried to reproduce your problem with a "minimal" configuration like
[demo]
Attributes = Author, Subject
Preset Author = $long_name
Locked Attributes = Author
When I log out from the second browser tab and click on "New" on the first browser tab, I am shown the login page, not the new entry page. I guess your "menu commands" and "guest menu commands" allow non-logged in users to issue a "New" command. Try removing that.
Stefan |
|
65927
|
Thu Jul 17 01:16:49 2008 |
 | Jesse Wodin | jwodin@slac.stanford.edu | Question | Linux | 2.7.4-2111 | Elog crashing with "segfault" during file upload | Hi there, I just compiled and installed elog on a machine running the newest Ubuntu server. Everything went fine - no problems. Running elog on it's own (no apache). I moved over a bunch of logbooks from an older elog, which seemed to work. Now, elog seems to crash when people are uploading files. Here is a snip from my syslog, and you can see each time it crashes with "error 4."
Jul 16 14:02:45 GrattaLab3old elogd[4526]: elogd 2.7.4 built Jul 15 2008, 18:44:44
Jul 16 14:02:45 GrattaLab3old elogd[4526]: revision 2111
Jul 16 14:02:45 GrattaLab3old elogd[4526]: FCKedit detected
Jul 16 14:02:45 GrattaLab3old elogd[4526]: ImageMagick detected
Jul 16 14:02:45 GrattaLab3old elogd[4526]: Server listening on port 8080 ...
Jul 16 16:02:42 GrattaLab3old kernel: [10631.276626] elogd[4526]: segfault at b4466000 eip 080adf19 esp bfa281d0 error 4
Jul 16 16:05:24 GrattaLab3old elogd[5509]: elogd 2.7.4 built Jul 15 2008, 18:44:44
Jul 16 16:05:24 GrattaLab3old elogd[5509]: revision 2111
Jul 16 16:05:24 GrattaLab3old elogd[5509]: FCKedit detected
Jul 16 16:05:24 GrattaLab3old elogd[5509]: ImageMagick detected
Jul 16 16:05:35 GrattaLab3old elogd[5509]: Server listening on port 8080 ...
Jul 16 16:06:06 GrattaLab3old kernel: [10834.637427] elogd[5509]: segfault at 091d7000 eip 080adf19 esp bfc313f0 error 4
Jul 16 16:07:10 GrattaLab3old elogd[5517]: elogd 2.7.4 built Jul 15 2008, 18:44:44
Jul 16 16:07:10 GrattaLab3old elogd[5517]: revision 2111
Jul 16 16:07:10 GrattaLab3old elogd[5517]: FCKedit detected
Jul 16 16:07:10 GrattaLab3old elogd[5517]: ImageMagick detected
Jul 16 16:07:10 GrattaLab3old elogd[5517]: Server listening on port 8080 ...
Jul 16 16:07:49 GrattaLab3old kernel: [10937.923301] elogd[5517]: segfault at b7c0d000 eip 080adf19 esp bffc1780 error 4
I run elog as:
Usr = elog
Grp = elog
/usr/local/sbin/elog -p 8080 -c /usr/local/elog/elogd_exo.cfg -D
where elogd_exo is my config file. Nothing special in my config file. |
|
65928
|
Fri Jul 18 08:18:18 2008 |
| Jesse Wodin | jwodin@slac.stanford.edu | Question | Linux | 2.7.4-2111 | Re: Elog crashing with "segfault" during file upload |
| Jesse Wodin wrote: |
|
Hi there, I just compiled and installed elog on a machine running the newest Ubuntu server. Everything went fine - no problems. Running elog on it's own (no apache). I moved over a bunch of logbooks from an older elog, which seemed to work. Now, elog seems to crash when people are uploading files. Here is a snip from my syslog, and you can see each time it crashes with "error 4."
Jul 16 14:02:45 GrattaLab3old elogd[4526]: elogd 2.7.4 built Jul 15 2008, 18:44:44
Jul 16 14:02:45 GrattaLab3old elogd[4526]: revision 2111
Jul 16 14:02:45 GrattaLab3old elogd[4526]: FCKedit detected
Jul 16 14:02:45 GrattaLab3old elogd[4526]: ImageMagick detected
Jul 16 14:02:45 GrattaLab3old elogd[4526]: Server listening on port 8080 ...
Jul 16 16:02:42 GrattaLab3old kernel: [10631.276626] elogd[4526]: segfault at b4466000 eip 080adf19 esp bfa281d0 error 4
Jul 16 16:05:24 GrattaLab3old elogd[5509]: elogd 2.7.4 built Jul 15 2008, 18:44:44
Jul 16 16:05:24 GrattaLab3old elogd[5509]: revision 2111
Jul 16 16:05:24 GrattaLab3old elogd[5509]: FCKedit detected
Jul 16 16:05:24 GrattaLab3old elogd[5509]: ImageMagick detected
Jul 16 16:05:35 GrattaLab3old elogd[5509]: Server listening on port 8080 ...
Jul 16 16:06:06 GrattaLab3old kernel: [10834.637427] elogd[5509]: segfault at 091d7000 eip 080adf19 esp bfc313f0 error 4
Jul 16 16:07:10 GrattaLab3old elogd[5517]: elogd 2.7.4 built Jul 15 2008, 18:44:44
Jul 16 16:07:10 GrattaLab3old elogd[5517]: revision 2111
Jul 16 16:07:10 GrattaLab3old elogd[5517]: FCKedit detected
Jul 16 16:07:10 GrattaLab3old elogd[5517]: ImageMagick detected
Jul 16 16:07:10 GrattaLab3old elogd[5517]: Server listening on port 8080 ...
Jul 16 16:07:49 GrattaLab3old kernel: [10937.923301] elogd[5517]: segfault at b7c0d000 eip 080adf19 esp bffc1780 error 4
I run elog as:
Usr = elog
Grp = elog
/usr/local/sbin/elog -p 8080 -c /usr/local/elog/elogd_exo.cfg -D
where elogd_exo is my config file. Nothing special in my config file.
|
Another funny problem. When I'm uploading a file, the syslog says this:
Jul 17 23:12:52 exo-elog elogd[4745]: Falling back to default group "elog"
Jul 17 23:12:52 exo-elog elogd[4745]: Falling back to default user "elog"
Jul 17 23:12:52 exo-elog elogd[4745]: Cannot restore original GID/UID.
Jul 17 23:12:52 exo-elog elogd[4745]: Cannot remove pidfile "/var/run/elogd.pid" ; Permission denied
Jul 17 23:12:52 exo-elog elogd[4749]: Falling back to default group "elog"
Jul 17 23:12:52 exo-elog elogd[4749]: Falling back to default user "elog"
Jul 17 23:12:52 exo-elog elogd[4749]: Cannot restore original GID/UID.
Jul 17 23:12:52 exo-elog elogd[4749]: Cannot remove pidfile "/var/run/elogd.pid" ; Permission denied
Jul 17 23:12:56 exo-elog elogd[4753]: Falling back to default group "elog"
Jul 17 23:12:56 exo-elog elogd[4753]: Falling back to default user "elog"
Jul 17 23:12:56 exo-elog elogd[4753]: Cannot restore original GID/UID.
Jul 17 23:12:56 exo-elog elogd[4753]: Cannot remove pidfile "/var/run/elogd.pid" ; Permission denied
Jul 17 23:12:56 exo-elog elogd[4757]: Falling back to default group "elog"
Jul 17 23:12:56 exo-elog elogd[4757]: Falling back to default user "elog"
Jul 17 23:12:56 exo-elog elogd[4757]: Cannot restore original GID/UID.
Jul 17 23:12:56 exo-elog elogd[4757]: Cannot remove pidfile "/var/run/elogd.pid" ; Permission denied
Jul 17 23:12:56 exo-elog elogd[4761]: Falling back to default group "elog"
Jul 17 23:12:56 exo-elog elogd[4761]: Falling back to default user "elog"
Jul 17 23:12:56 exo-elog elogd[4761]: Cannot restore original GID/UID.
Jul 17 23:12:56 exo-elog elogd[4761]: Cannot remove pidfile "/var/run/elogd.pid" ; Permission denied
Jul 17 23:12:56 exo-elog elogd[4765]: Falling back to default group "elog"
Jul 17 23:12:56 exo-elog elogd[4765]: Falling back to default user "elog"
Jul 17 23:12:56 exo-elog elogd[4765]: Cannot restore original GID/UID.
Jul 17 23:12:56 exo-elog elogd[4765]: Cannot remove pidfile "/var/run/elogd.pid" ; Permission denied
Jul 17 23:13:00 exo-elog elogd[4769]: Falling back to default group "elog"
Jul 17 23:13:00 exo-elog elogd[4769]: Falling back to default user "elog"
Jul 17 23:13:00 exo-elog elogd[4769]: Cannot restore original GID/UID.
Jul 17 23:13:00 exo-elog elogd[4769]: Cannot remove pidfile "/var/run/elogd.pid" ; Permission denied
Jul 17 23:13:00 exo-elog elogd[4773]: Falling back to default group "elog"
Jul 17 23:13:00 exo-elog elogd[4773]: Falling back to default user "elog"
Jul 17 23:13:00 exo-elog elogd[4773]: Cannot restore original GID/UID.
Jul 17 23:13:00 exo-elog elogd[4773]: Cannot remove pidfile "/var/run/elogd.pid" ; Permission denied
Jul 17 23:13:39 exo-elog kernel: [ 127.737506] elogd[4510]: segfault at b7b43000 eip 080adf19 esp bfdeeb00 error 4
and then crashes! |
|
65943
|
Thu Aug 7 10:12:25 2008 |
 | T. Ribbrock | emgaron@gmx.net | Question | Linux | 2.7.4-2111 | Using the command line tool to edit | I intend to create a script that updates one of our elog logbooks based on mails it receives. I was hoping to be able to do this using the "elog" command line tool. Adding a new entry works fine, as does "replying" to an existing entry. The only thing I cannot get to work is editing an existing entry. All entries ahve several attributes and I intend not to use the "message" itself. I tried the following (on the machine this elogd is running on):
- Create a new entry with Attribute1 set to "value":
elog -a 'Attribute1=value' -x -h localhost -l 'LOGBOOK' -p 8080 -u USER PASSWD
This works - the entry gets created and is displayed properly.
NOTE: I found that this does not work if LOGBOOK has any spaces in it - I would get error messages where the logbook was not found.
- Edit this entry to set a second attribute:
elog -e 1 -a 'Attribute2=something' -x -h localhost -l 'LOGBOOK' -p 8080 -u USER PASSWD
The result was: Error transmitting message. Running the same command with -v gives me a whole bunch of text with at the end this message (I've stripped the HTML): "This entry has in meantime been modified by someone else. Submitting it now would overwrite the other modification and is therefore prohibited." However, I know for certain that this entry is not being editied by anyone at that moment, so I'm wondering what I'm doing wrong here...
Also, I have a second, related question: Editing by the ID of the entry seems to be the only way of editing an entry - this makes it a bit difficult for me, as all entries already have a unique ID (which is defined as one of the attributes) that is non-numerical and not sequential. What is the easiest way to retrieve an ID from the command line (basically something like: "What ID has the entry with Attribute1==NAME?")? Is it possible at all? Otherwise, I would not be able to automatically edit the entries, as I don't know which is which... :-} |
|
65946
|
Fri Aug 8 14:27:03 2008 |
| Yoshio Imai | | Question | Linux | 2.7.4-2111 | Re: Using the command line tool to edit |
| T. Ribbrock wrote: | | NOTE: I found that this does not work if LOGBOOK has any spaces in it - I would get error messages where the logbook was not found. |
You might try to escape the space in the formelog -a 'Attribute1=value' -x -h localhost -l 'LOG\ BOOK' -p 8080 -u USER PASSWD
| T. Ribbrock wrote: | | What is the easiest way to retrieve an ID from the command line |
I don't know if this helps you (depends on how much the application that edits the entry communicates with the application the generates the entry), but the elog client should output something likeMessage successfully transmitted, ID=12345 which you could e.g. redirect into a file that the editing application then reads to determine the ID. |
|
65947
|
Fri Aug 8 14:50:56 2008 |
| T. Ribbrock | emgaron+elog@ribbrock.org | Question | Linux | 2.7.4-2111 | Re: Using the command line tool to edit |
| Yoshio Imai wrote: |
| T. Ribbrock wrote: | | NOTE: I found that this does not work if LOGBOOK has any spaces in it - I would get error messages where the logbook was not found. |
You might try to escape the space in the formelog -a 'Attribute1=value' -x -h localhost -l 'LOG\ BOOK' -p 8080 -u USER PASSWD |
I forgot to mention that I tried both 'LOG\ BOOK' and 'LOG%20BOOK' - neither worked. Running elog with -v seemed to indicate in both cases that the correct logbook could not be found.
| Yoshio Imai wrote: |
| T. Ribbrock wrote: | | What is the easiest way to retrieve an ID from the command line |
I don't know if this helps you (depends on how much the application that edits the entry communicates with the application the generates the entry), but the elog client should output something likeMessage successfully transmitted, ID=12345 which you could e.g. redirect into a file that the editing application then reads to determine the ID. |
Good point, thanks - I'll have to generate some kind of mapping table (ID<->Attribute) when the logbook gets populated, but that should be possible. It would be very cool, though, if elog was able to identify an entry by attribute value - maybe something for a day when Stefan gets bored... 
However, none of this will have any relevance unless I can solve the non-working "edit" function...  |
|
65949
|
Mon Aug 11 11:02:18 2008 |
| Stefan Ritt | stefan.ritt@psi.ch | Question | Linux | 2.7.4-2111 | Re: Using the command line tool to edit |
| T. Ribbrock wrote: |
|
I intend to create a script that updates one of our elog logbooks based on mails it receives. I was hoping to be able to do this using the "elog" command line tool. Adding a new entry works fine, as does "replying" to an existing entry. The only thing I cannot get to work is editing an existing entry. All entries ahve several attributes and I intend not to use the "message" itself. I tried the following (on the machine this elogd is running on):
- Create a new entry with Attribute1 set to "value":
elog -a 'Attribute1=value' -x -h localhost -l 'LOGBOOK' -p 8080 -u USER PASSWD
This works - the entry gets created and is displayed properly.
NOTE: I found that this does not work if LOGBOOK has any spaces in it - I would get error messages where the logbook was not found.
- Edit this entry to set a second attribute:
elog -e 1 -a 'Attribute2=something' -x -h localhost -l 'LOGBOOK' -p 8080 -u USER PASSWD
The result was: Error transmitting message. Running the same command with -v gives me a whole bunch of text with at the end this message (I've stripped the HTML): "This entry has in meantime been modified by someone else. Submitting it now would overwrite the other modification and is therefore prohibited." However, I know for certain that this entry is not being editied by anyone at that moment, so I'm wondering what I'm doing wrong here...
Also, I have a second, related question: Editing by the ID of the entry seems to be the only way of editing an entry - this makes it a bit difficult for me, as all entries already have a unique ID (which is defined as one of the attributes) that is non-numerical and not sequential. What is the easiest way to retrieve an ID from the command line (basically something like: "What ID has the entry with Attribute1==NAME?")? Is it possible at all? Otherwise, I would not be able to automatically edit the entries, as I don't know which is which... :-}
|
I fixed two things:
- The logbook can now contain a space. Enclose it in double quotes such as elog -l "LOG BOOK" ...
- The error you report comes from the fact that you are the first person using elog submissions together with "use lock=1" in the configuration file. This has never been tested and therefore does not work
 . So I fixed this by adding a new hidden parameter. If you update to SVN revision 2122, things should work
Concerning your request of editing existing entries by their idea, I agree with Yoshi that you could grab the ID upon the first submission. An alternative is to make a direct search on a logbook. Since this is not implemented in the elog command line tool, you have to use wget for it:
wget "http://localhost:8080/LOGBOOK/?mode=raw&Attribute1=something" -O elog.txt
A problem here is that the username and password are normally transmitted in an encrypted form as cookies by your browser after you logged in. Now you have to convince wget first to log in like
wget "http://localhost:8080/LOGBOOK/?unamee=USER&upassword=PASSWD"--save-cookies cookies.txt
followed by a second call to wget with --load-cookies cookies.txt. I tried that but was not successful since the login procedure above redirects to the elog listing page, and only the cookies set after the redirection were saved in cookies.txt. Maybe you can figure out how to do that. The only way I could get it to work is to supply the encoded password, which I manually obtained from the password file. The URL was then
wget "http://localhost:8080/LOGBOOK/?mode=raw&Attribute1=something&unm=USER&upwd=ENC_PWD" -O elog.txt
|
|