| ID |
Date |
Icon |
Author |
Author Email |
Category |
OS |
ELOG Version |
Subject |
|
69044
|
Wed Oct 16 13:20:31 2019 |
 | Xuan Wu | wux@ihep.ac.cn | Bug report | Linux | 3.1.3 | Re: elog hanged when uploading photo failed | Hi all,
I've found a bug in elog. It's all right that uploading an image which file name with special characters. I think it must have something to do with the code like"url_encode(file_enc, sizeof(file_enc)); /* for file names with special characters like "+" */". If I clicked the "Make small/Make larger/Original size/Rotate left/Rotate right" button, the elog server will hang. How it can be fixed? The attached image shows the debug info.
Xuan
| Stefan Ritt wrote: |
|
The problem is you have some weird characters in your file name R2BLM15 ? ? ? ? ? .PNG which confuses the interpreter. There should not be any special character or blanks in attached images.
Stefan
| Xuan Wu wrote: |
|
Hi all,
We came across a problem recently when clicking "Upload" button, then elog hanged and never being accessed. I have checked the elog logs and find that it seems that elog didn't get the path of the picture for some reason. So is it a bug or our operation isn't correct?
|
|
|
| Attachment 1: error.png
|
|
|
69046
|
Thu Oct 17 21:29:25 2019 |
 | John | secondcomingtechnologies@fastmail.com | Question | Linux | V3.1.2-bd75964 | Re: How to get Elog server to produce web server log files in Linux. | Hi again everyone; a Sebastian suggested I use a reverse proxy to complete my need to have logs show up when someone 'lands' on my first entry page. I see that Elog will only start recording logs when someone has actually started to do some work.. like login, read a post, etc... but NOT when they first enter the login page or 'listings' pages. I have tried fowarding from my router (both lighty and Apache) but so for no good. I will also look into a vhost option and shareing the same port (very difficult- if even possible) to solve my dilema.
John :)
| Stefan Ritt wrote: |
|
Have you tried
Logfile = ...
Logging level = 3
| John wrote: |
|
Hi, I have been trying for a long time to get my web server logs to record when someone accesses my Elog server. I've tried Apache2, Lighttpd, and others, all with no luck. Either the web servers complain that the port I have Elog on is in use, or I just don't get any readings. I need to see who is accessing my Elog from the web, and I hope there is a way.
Thanks again for such a wonderful program,
John
|
|
|
|
69051
|
Mon Oct 21 13:41:08 2019 |
| Sebastian Schenk | sebastian.schenk@physik.uni-halle.de | Question | Linux | V3.1.2-bd75964 | Re: How to get Elog server to produce web server log files in Linux. | Hi,
that Sebastian would be me. I replied to the first entry, as it was a draft (site reloaded incorretly...) and now I can't see the post anywhere. But this is off topic.
We have elog running on port 8000 and forward the traffic via Apache to it. Apache handles the SSL and other sites on the server.
All you need is a apache site configuration like the following. The parameter you want is CustomLog. (Have a look in the internet for options.)
I have also used nginx as webserver and know it can also handle this proxy setup.
If you use the following config, the elog config needs the URL attribute in the (global) config.
Best wishes,
Sebastian
<VirtualHost *:443> # change 443 to 80, if you don't use SSL
ServerName your.server.name
# delete the next 3 lines, if you don't use SSL
SSLEngine on
SSLCertificateFile /path/to/your/ssl.crt
SSLCertificateKeyFile /path/to/your/ssl.key
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:8000/
ProxyPassReverse / http://127.0.0.1:8000/
# Possible values include: debug, info, notice, warn, error, crit, alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
ErrorLog ${APACHE_LOG_DIR}/error.log
</VirtualHost>
| John wrote: |
|
Hi again everyone; a Sebastian suggested I use a reverse proxy to complete my need to have logs show up when someone 'lands' on my first entry page. I see that Elog will only start recording logs when someone has actually started to do some work.. like login, read a post, etc... but NOT when they first enter the login page or 'listings' pages. I have tried fowarding from my router (both lighty and Apache) but so for no good. I will also look into a vhost option and shareing the same port (very difficult- if even possible) to solve my dilema.
John :)
| Stefan Ritt wrote: |
|
Have you tried
Logfile = ...
Logging level = 3
| John wrote: |
|
Hi, I have been trying for a long time to get my web server logs to record when someone accesses my Elog server. I've tried Apache2, Lighttpd, and others, all with no luck. Either the web servers complain that the port I have Elog on is in use, or I just don't get any readings. I need to see who is accessing my Elog from the web, and I hope there is a way.
Thanks again for such a wonderful program,
John
|
|
|
|
|
69052
|
Mon Oct 21 19:31:17 2019 |
| John | secondcomingtechnologies@fastmail.com | Question | Linux | V3.1.2-bd75964 | Re: How to get Elog server to produce web server log files in Linux. | Thank you soo much Sebastian once again for helping me!! This is something that will help me very much in the future with other situations similiar!
John :)
| Sebastian Schenk wrote: |
|
Hi,
that Sebastian would be me. I replied to the first entry, as it was a draft (site reloaded incorretly...) and now I can't see the post anywhere. But this is off topic.
We have elog running on port 8000 and forward the traffic via Apache to it. Apache handles the SSL and other sites on the server.
All you need is a apache site configuration like the following. The parameter you want is CustomLog. (Have a look in the internet for options.)
I have also used nginx as webserver and know it can also handle this proxy setup.
If you use the following config, the elog config needs the URL attribute in the (global) config.
Best wishes,
Sebastian
<VirtualHost *:443> # change 443 to 80, if you don't use SSL
ServerName your.server.name
# delete the next 3 lines, if you don't use SSL
SSLEngine on
SSLCertificateFile /path/to/your/ssl.crt
SSLCertificateKeyFile /path/to/your/ssl.key
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:8000/
ProxyPassReverse / http://127.0.0.1:8000/
# Possible values include: debug, info, notice, warn, error, crit, alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
ErrorLog ${APACHE_LOG_DIR}/error.log
</VirtualHost>
| John wrote: |
|
Hi again everyone; a Sebastian suggested I use a reverse proxy to complete my need to have logs show up when someone 'lands' on my first entry page. I see that Elog will only start recording logs when someone has actually started to do some work.. like login, read a post, etc... but NOT when they first enter the login page or 'listings' pages. I have tried fowarding from my router (both lighty and Apache) but so for no good. I will also look into a vhost option and shareing the same port (very difficult- if even possible) to solve my dilema.
John :)
| Stefan Ritt wrote: |
|
Have you tried
Logfile = ...
Logging level = 3
| John wrote: |
|
Hi, I have been trying for a long time to get my web server logs to record when someone accesses my Elog server. I've tried Apache2, Lighttpd, and others, all with no luck. Either the web servers complain that the port I have Elog on is in use, or I just don't get any readings. I need to see who is accessing my Elog from the web, and I hope there is a way.
Thanks again for such a wonderful program,
John
|
|
|
|
|
|
69054
|
Thu Oct 24 16:38:27 2019 |
| marijn lucas | marijn.lucas@rhul.ac.uk | Question | Linux | v3.1.2 | Re: Hide logbook tab when not authorized | *** edit ***
I solved my problem by removing the guest options from the logbooks ('Guest menu commands' and 'Guest List Menu commands'), this forbids any unauthorised user to see the content of the concerned logbooks. This is what I needed.
***********
Dear Stefan,
I am currently configuring elog for a user platform that will run different unrelated experiments for unrelated research groups. As Stefano, I also would like that user only see the logbooks that they are allowed to edit; your answer was
Hiding logbooks from the logbook selection page is not possible since when people bring up that page, they are not yet logged in, so elog does not know who is accessing the page
However if I set Protect Selection page = 1 in [global] and force users to log in before accessing the logbook selection page, wouldn't elog know who looks at the page?
I would like to use top groups to separate administrative tasks from experimental projects and maintain an easy flow between the different logbooks within a top group for those users that can edit more than one logbook (e.g. the employees of the user platform).
Kindly,
marijn
| Stefan Ritt wrote: |
|
Hi Stefano,
that's what top groups were made for. So make a top group for yourself, and nobody will be able to see them without having the proper URL. Hiding logbooks from the logbook selection page is not possible since when people bring up that page, they are not yet logged in, so elog does not know who is accessing the page (fortunatley no face recognition yet!). So if elog doe not know who looks at that page, logobook which a certain use has no access to cannot be hidden becuase the user is not known at that point.
Best regards,
Stefan
| Andreas Luedeke wrote: |
|
Well, Stefan would need to answer that. But if you are good with C-programming, you might implement it yourself?
There is a way to implement it; but it makes your installation a lot more complicated: you can have two ELOG servers. The first has all logbooks but requires authentification to read any. The second has only the public logbooks, and they are mirrored from the first.
| Stefano Bonaldo wrote: |
|
Hi Andreas,
many thanks for your answer. I partially agree with you, because sometimes "for privacy" of my working group I don't want that other users (external users) know the existance of the other logbooks.
Do you think that will be implemented in future?
Best regards, Stefano
| Andreas Luedeke wrote: |
|
Hi Stefano,
I think your assessment is correct: it is not possible to hide a logbook based on your read/write privileges.
And I'm not even sure that this would make much sense: at least you need to be able to get to the login page of the logbook.
But if you don't have read privileges for a logbook, you'll be automatically redirected to the login page, as soon as you select this logbook.
Kind Regards, Andreas
| Stefano Bonaldo wrote: |
|
Hello, I read carefully the manual, but I didn't find a way to hide the logbooks in the logbook bar and in the initial logbook selection for which the user does not have the access. So, if a user1 does not have the access to a specific logbook, user1 is not able to see that logbook in the bar and neither in the initial logbook selection. How can I do this without using the top groups?
|
|
|
|
|
|
|
69055
|
Tue Nov 5 21:42:50 2019 |
 | David Wallis | wallis@aps.anl.gov | Question | Linux | V3.1.4-ba84827 | PAM authentication question | I'm testing the PAM authentication feature, and have a couple questions, a suggestion, and a comment.
First the comment... it was pretty easy to get working, and is exactly what we need here, so thanks! Our PAM stack here is designed to allow logins with Active Directory, LDAP, or local accounts, so the PAM option preserves all of that.
The suggestion: In order to make it work, I had to add a symbolic link in /etc/pam.d:
elogd -> system-auth
That might be considered for addition to the documentation (this was on Red Hat Enterprise Linux 7.7)
The questions:
- The docs indicate that "Self register" must be set to >= 1, but in the code (elogd.c, line 26453), if the PAM module is enabled, Self register is overriden to 0. The result is that no "register as new user" link is displayed on the login screen. Is that the intent?
- Related... can PAM and File authentication both be enabled? We have some logbooks that are used by both internal people (with an A/D account) and outside collaborators that get local elog accounts. This works with LDAP + File, can it work with PAM?
Thanks in advance! |
|
69059
|
Sun Nov 17 14:55:11 2019 |
| Jan Christoph Terasa | terasa@physik.uni-kiel.de | Question | Linux | V3.1.4-ba84827 | Re: PAM authentication question |
| David Wallis wrote: |
|
I'm testing the PAM authentication feature, and have a couple questions, a suggestion, and a comment.
First the comment... it was pretty easy to get working, and is exactly what we need here, so thanks! Our PAM stack here is designed to allow logins with Active Directory, LDAP, or local accounts, so the PAM option preserves all of that.
The suggestion: In order to make it work, I had to add a symbolic link in /etc/pam.d:
elogd -> system-auth
That might be considered for addition to the documentation (this was on Red Hat Enterprise Linux 7.7)
The questions:
- The docs indicate that "Self register" must be set to >= 1, but in the code (elogd.c, line 26453), if the PAM module is enabled, Self register is overriden to 0. The result is that no "register as new user" link is displayed on the login screen. Is that the intent?
- Related... can PAM and File authentication both be enabled? We have some logbooks that are used by both internal people (with an A/D account) and outside collaborators that get local elog accounts. This works with LDAP + File, can it work with PAM?
Thanks in advance!
|
David, thank you for reporting on your findings regarding the PAM feature. I will look into the points you mentioned:
0. On my machines (Debian testing and stable) I did not have to add anything to /etc/pam.d, but apparently Debian just uses implicit defaults then, and REHL might insist on using excplicit settings. Adding a hint in the documentation is certainly useful, thank your for the suggestion. Maybe elog should provide a pam.d config file (which can be installed/adapted by package maintainers for various OSes).
1.+2. If I remember correctly, I intentionally disabled registration when using the PAM backend, because users will register using their passwd/LDAP/NIS users, and new users can only be regustered using the appropriate tools for the authentication mechanism used. This might not be correctly reflected in the docs, I will check that. In the light of question 2., I can also re-investigate that policy, so that logins will check against both the elog user database and PAM. Self-registering can then be enabled again, and new registrees will go to the elog database. I will try to bringthe code in line with how LDAP works.
regards,
Christoph |
|
69060
|
Mon Nov 18 16:58:21 2019 |
| Roger Kalt | roger.kalt@psi.ch | Info | Linux | 3.1.4 | Example scripts how to migrate or combine logbooks | Attached the shell scripts using awk and sed how I have migrated two separated logbooks into one single and how I re-adjusted certain attributes. |
| Attachment 1: run_modif.sh
|
#!/bin/bash
# KR84, 28.10.2019
# the input files are the exported XML files from ELOG -> Finden
# search in XML for sring between <DATE> and </DATE>
# and replace with: <DATE> and </DATE><When> and </When>
echo "converting export_rf.xml ..."
cat ./export_rf.xml |
sed 's/<Personnel\(.*\)Personnel>/<Author\1Author>/g' |
sed 's/<DATE\(.*\)DATE>/<DATE\1DATE>\n\t\t<When\1When>/g' |
sed 's/<Subject>\(.*\)<\/Subject>/<Title>\1<\/Title><Entry_Type><\/Entry_Type>/g' |
sed '/<Machine>SwissFEL<\/Machine>/ {N;N; s/<Machine>SwissFEL<\/Machine>.*<Domain>OBLA<\/Domain>.*<Section>TRFCB/<Machine>OBLA<\/Machine>\n\t\t<Domain>All<\/Domain>\n\t\t<Section>TRFCB/g}' |
sed 's/<When>Mon, /<When>/g' |
sed 's/<When>Tue, /<When>/g' |
sed 's/<When>Wed, /<When>/g' |
sed 's/<When>Thu, /<When>/g' |
sed 's/<When>Fri, /<When>/g' |
sed 's/<When>Sat, /<When>/g' |
sed 's/<When>Sun, /<When>/g' |
sed '/<When>.*<\/When>/{s/ Jan 20/.01./g}' |
sed '/<When>.*<\/When>/{s/ Feb 20/.02./g}' |
sed '/<When>.*<\/When>/{s/ Mar 20/.03./g}' |
sed '/<When>.*<\/When>/{s/ Apr 20/.04./g}' |
sed '/<When>.*<\/When>/{s/ May 20/.05./g}' |
sed '/<When>.*<\/When>/{s/ Jun 20/.06./g}' |
sed '/<When>.*<\/When>/{s/ Jul 20/.07./g}' |
sed '/<When>.*<\/When>/{s/ Aug 20/.08./g}' |
sed '/<When>.*<\/When>/{s/ Sep 20/.09./g}' |
sed '/<When>.*<\/When>/{s/ Oct 20/.10./g}' |
sed '/<When>.*<\/When>/{s/ Nov 20/.11./g}' |
sed '/<When>.*<\/When>/{s/ Dec 20/.12./g}' |
sed 's/ +0100<\/When>/<\/When>/g' |
sed 's/ +0200<\/When>/<\/When>/g' > export_rf_modified.xml
# sed 's/ Jan 20/.01./g' |
# sed 's/ Feb 20/.02./g' |
# sed 's/ Mar 20/.03./g' |
# sed 's/ Apr 20/.04./g' |
# sed 's/ May 20/.05./g' |
# sed 's/ Jun 20/.06./g' |
# sed 's/ Jul 20/.07./g' |
# sed 's/ Aug 20/.08./g' |
# sed 's/ Sep 20/.09./g' |
# sed 's/ Oct 20/.10./g' |
# sed 's/ Nov 20/.11./g' |
# sed 's/ Dec 20/.12./g' |
# search in XML and add offset to all IDs because they shall not overlap when merged.
echo "converting export_llrf.xml ..."
cat ./export_llrf.xml | sed 's/<Subject>\(.*\)<\/Subject>/<Entry_Type><\/Entry_Type>\n\t\t<Status><\/Status>\n\t\t<Title>\1<\/Title>\n\t\t<Inv_ID><\/Inv_ID>/g' > export_llrf_modified1.xml
cat ./export_llrf_modified1.xml | awk -F'\t\t<MID>|</MID>||' '{ if ($2!="") {print "\t\t<MID>"$2+2016"</MID>"} else { print $1} }' > export_llrf_modified2.xml
cat ./export_llrf_modified2.xml | awk -F'\t\t<REPLY_TO>|</REPLY_TO>||' '{ if ($2!="") {print "\t\t<REPLY_TO>"$2+2016"</REPLY_TO>"} else { print $1} }' > export_llrf_modified3.xml
cat ./export_llrf_modified3.xml | awk -F'\t\t<IN_REPLY_TO>|</IN_REPLY_TO>||' '{ if ($2!="") {print "\t\t<IN_REPLY_TO>"$2+2016"</IN_REPLY_TO>"} else { print $1} }' > export_llrf_modified.xml
rm -rf ./export_llrf_modified1.xml ./export_llrf_modified2.xml ./export_llrf_modified3.xml
cat ./export_llrf_modified.xml |
sed '/<Machine>SwissFEL<\/Machine>/ {N;N; s/<Machine>SwissFEL<\/Machine>.*<Domain>Test Systems<\/Domain>.*<Section>TRFCB/<Machine>OBLA<\/Machine>\n\t\t<Domain>All<\/Domain>\n\t\t<Section>TRFCB/g}' |
sed 's/<When>Mon /<When>/g' |
sed 's/<When>Tue /<When>/g' |
sed 's/<When>Wed /<When>/g' |
sed 's/<When>Thu /<When>/g' |
sed 's/<When>Fri /<When>/g' |
sed 's/<When>Sat /<When>/g' |
sed 's/<When>Sun /<When>/g' |
sed 's/-Jan-/.01./g' |
sed 's/-Feb-/.02./g' |
sed 's/-Mar-/.03./g' |
sed 's/-Apr-/.04./g' |
sed 's/-May-/.05./g' |
sed 's/-Jun-/.06./g' |
sed 's/-Jul-/.07./g' |
sed 's/-Aug-/.08./g' |
sed 's/-Sep-/.09./g' |
sed 's/-Oct-/.10./g' |
sed 's/-Nov-/.11./g' |
sed 's/-Dec-/.12./g' |
sed 's/ +0100<\/When>//g' |
sed 's/ +0200<\/When>//g' |
sed 's/<\/When>/:00<\/When>/g' |
sed 's/<When>-:00<\/When>/<When><\/When>/g' > export_llrf_modified_datetime.xml
echo "export_llrf_modified_datetime.xml need manual edit for empty <When></When>"
|
| Attachment 2: generate_import_llrf_fwd.sh
|
#!/bin/bash
# KR84, 28.10.2019
# generate emtpy auto-fwd text for LLRF for 3100 entries and offset of 2000
echo "generated import_llrf_fwd.xml"
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" > import_llrf_fwd.xml
echo "<ELOG_LIST>" >> import_llrf_fwd.xml
declare -i ID
declare -i IDNEW
for ID in {1..3013}
do
IDNEW=$ID+2016
echo -e "\t<ENTRY>" >> import_llrf_fwd.xml
echo -e "\t\t<MID>${ID}</MID>" >> import_llrf_fwd.xml
echo -e "\t\t<DATE>Mon, 28 Oct 2019 20:00:00 +0200</DATE>" >> import_llrf_fwd.xml
# echo -e "\t\t<DATE>28.10.2019 20:00:00</DATE>" >> import_llrf_fwd.xml
echo -e "\t\t<ATTACHMENT></ATTACHMENT>" >> import_llrf_fwd.xml
echo -e "\t\t<ENCODING>HTML</ENCODING>" >> import_llrf_fwd.xml
echo -e "\t\t<When>28.10.2019 20:00:00</When>" >> import_llrf_fwd.xml
# echo -e "\t\t<When>1572289200</When>" >> import_llrf_fwd.xml
echo -e "\t\t<Author>Kalt Roger (KR84)</Author>" >> import_llrf_fwd.xml
echo -e "\t\t<Machine>SwissFEL</Machine>" >> import_llrf_fwd.xml
echo -e "\t\t<Domain></Domain>" >> import_llrf_fwd.xml
echo -e "\t\t<Section></Section>" >> import_llrf_fwd.xml
echo -e "\t\t<System></System>" >> import_llrf_fwd.xml
echo -e "\t\t<Subsystem></Subsystem>" >> import_llrf_fwd.xml
echo -e "\t\t<Subject>Automatic forward</Subject>" >> import_llrf_fwd.xml
echo -e "\t\t<TEXT><meta http-equiv="refresh" content="0; URL='https://elog-gfa.psi.ch/SwissFEL+RF/${IDNEW}'" /></TEXT>" >> import_llrf_fwd.xml
echo -e "\t</ENTRY>" >> import_llrf_fwd.xml
done
echo "</ELOG_LIST>" >> import_llrf_fwd.xml
|
|