I have a crontab set-up for root:

crontab -e

* * * * *       if ! ps -C elogd >/dev/null;then /sbin/service elogd restart;fi

The script just checks if elogd is still running and if not, it'll restart it. We run Centos, but I'm sure it'll be easy to adapt for Ubuntu (I don't know much about Debian).

This will only help if elogd really crashed; in case it is still running at 100% cpu load this won't help.

In our case (~30 logbooks, > 100 entries per day, ~ hundred users) elogd is crashing about once a week. With the help of this script it means 1 minute downtime a week: that's acceptable.

See https://midas.psi.ch/elog/config.html on how to use a logfile with elogd. Here's the relevant excerpt:

• Logfile = <file>
  This option specifies a filename which logs all login/logout activities and successful user connections for logbooks with user level access. The the logging level (see below) is larger than 1, also read and write accesses can be logged.
• Logging level = 1 | 2 | 3
  Specifies the logging level. The higher this value, the more information is logged. Default is 2:
  • 1: Log only logins and logouts
  • 2: Log also write accesses
  • 3: Log also read accesses

Hi,
  we are running an elogd (with SSL) server on a machine and using apache as a proxy.

The authentication to the apache server is managed via LDAP module directly by apache, while, so far, we have no authentication enabled in the elogd server itself.
So, when a used want to access the elog server, he is required to provide user/pwd by apache, and then he can access the elogs.

We would like to use the elog command line to transit entries automatically from a terminal from a different host.

the command line we are trying is:

echo "Test" | elog -v -h elog.belle2.org -a Author="stefano" -a Type="Other" -l elog -s demo -u username password  -p 443

where username password are registered into LDAP.

In response we have a 401 Unauthorized. The full return message is at the end of this message.

I suspect that the "username password" we pass to elog are supposed to be that of elogd, not that of apache/ldap: I don't know if this is the case.

Does anyone have an idea how to make this work?

Thanks in advance,
  Stefano

Successfully connected to host elog.belle2.org, port 443
Request sent to host:
POST /elog/ HTTP/1.0
Content-Type: multipart/form-data; boundary=---------------------------44BDB584269C5EEC3F73204
Host: elog.belle2.org:443
User-Agent: ELOG
Content-Length: 946


Content sent to host:
---------------------------44BDB584269C5EEC3F73204
Content-Disposition: form-data; name="cmd"

Submit
---------------------------44BDB584269C5EEC3F73204
Content-Disposition: form-data; name="unm"

xxxxxxxx
---------------------------44BDB584269C5EEC3F73204
Content-Disposition: form-data; name="upwd"

xxxxxxxx
---------------------------44BDB584269C5EEC3F73204
Content-Disposition: form-data; name="exp"

elog
---------------------------44BDB584269C5EEC3F73204
Content-Disposition: form-data; name="encoding"

ELCode
---------------------------44BDB584269C5EEC3F73204
Content-Disposition: form-data; name="Author"

stefano
---------------------------44BDB584269C5EEC3F73204
Content-Disposition: form-data; name="Type"

Other
---------------------------44BDB584269C5EEC3F73204
Content-Disposition: form-data; name="Text"

demo
---------------------------44BDB584269C5EEC3F73204

Response received:
HTTP/1.1 401 Unauthorized
Date: Thu, 06 Apr 2017 15:32:37 GMT
Server: Apache/2.4.18 (Ubuntu)
WWW-Authenticate: Basic realm="Belle II internal"
Content-Length: 463
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Unauthorized</title>
</head><body>
<h1>Unauthorized</h1>
<p>This server could not verify that you
are authorized to access the document
requested.  Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn't understand how to supply
the credentials required.</p>
<hr>
<address>Apache/2.4.18 (Ubuntu) Server at elog.belle2.org Port 443</address>
</body></html>

Error transmitting message

Hi, the elog command line client does not know anything about Apache authentication, therefore the authentication with the elog username/password fails. As an alternative to the command line client you can use the "curl" utility (available under Linux). This tools has the "-u" flag, which works with Apache. The tricky thing is now to "emulate" your browser submitting an entry. You can do

$ curl -u <username>:<password> -F cmd=Submit -F Author=CURL -F Text="This is the CURL text" http://<your host>:8080/<logbook>

(of course your attributes might be different than "Author"). If you have a multiline text body, you can read that from a file (in this case "file.txt"):

$ curl -u <username>:<password> -F cmd=Submit -F Author=CURL -F Text="@file.txt" http://<your host>:8080/<logbook>

When I wrote "elog" orginiallly (199x?), "curl" was not available or at least I didn't know of. Right now it almoste completely can replace the elog tool.

Stefan

How can i configure eLog to be used completely anonymous without the need to log in?

I tried menu and guest menu settings without luck. I do not use password files. With earlier versions this was easy to set up...

Thanks in advance

Sure. Just remove "Password file = ..." and any guest menu.

Stefan

Does not work.

Clean install (debian 8 x64, with aptitude), only thing i've changed in the config is "URL"-parameter (global section) and redirection with Apache. No luck. Edit or delete gives an error "Error: Command "Delete" not allowed", "New" opens login-windows.

Now i removed all (guest) menu and URL settings a use it directly (port 8080), still no luck. "Error: Command "Delete" not allowed". When i click on "New" a login-windows opens.

Tested with the demo-logbook.

Version 2.9.2 is hopelessly outdated. Please upgrade to the current version on bitbucket. You also might have to delete any cookie in the browser sent to the elog server.

OK, i will try that. Thanks.