Demo Discussion
Forum Config Examples Contributions Vulnerabilities
  Discussion forum about ELOG, Page 60 of 806  Not logged in ELOG logo
 Find |  Login |  Help 
 Full | Summary | Threaded | Hide attachments  Show only new entries    6444 Entries 
Goto page Previous  1, 2, 3 ... 59, 60, 61 ... 804, 805, 806   Next  
ID Date Icon Authordown Author Email Category OS ELOG Version Subject
  65879   Tue May 13 16:58:40 2008 Reply Yoshio ImaiQuestion 2.7.3-1024Re: Access Control

Grant Jeffcote wrote:
At present we can give others a full view by adding them to the 'Users' list for each individual logbook, this unfortunately also gives them 'write' access.


I think the solution to your problem would be to use Deny statements in the configuration sections for the logbooks.
Assume user1, user2 and user3 are in the "owners'" group of logbook1, and user4 and user5 only have "privileged read" access. Then a configuration as follows might help:
Login user = user1, user2, user3, user4, user5

Deny New = user4, user5
Deny Reply = user4, user5
Deny Duplicate = user4, user5
Deny Edit = user4, user5
Deny Delete = user4, user5
Deny Select = user4, user5
Deny CSV Import = user4, user5

This should give them the same read permissions as the logbook owners but should deny any writing operations. I recognize that this is a little bit of admin work if the lists of such "privileged readers" gets long, but each user would have his/her individual password (even the same as for access to his/her "own" logbook).

Perhaps you can give it a try.
  65921   Wed Jul 9 19:57:50 2008 Warning Yoshio ImaiBug reportLinux2.7.3-2104Error messages while creating thumbnails
Hi again!

I have recently noticed that elog often creates large accumulations of the following group of error messages in our syslog:
Jul  9 19:05:00 elogd[27009]: Falling back to default group "elog"
Jul  9 19:05:00 elogd[27009]: Falling back to default user "elog"
Jul  9 19:05:02 elogd[27009]: Cannot restore original GID/UID.
Jul  9 19:05:02 elogd[27009]: Cannot remove pidfile "/var/run/elogd.pid" ; Permission denied
Jul  9 19:05:05 elogd[27013]: Falling back to default group "elog"
Jul  9 19:05:05 elogd[27013]: Falling back to default user "elog"
Jul  9 19:05:05 elogd[27013]: Cannot restore original GID/UID.
Jul  9 19:05:05 elogd[27013]: Cannot remove pidfile "/var/run/elogd.pid" ; Permission denied
Jul  9 19:05:05 elogd[27016]: Falling back to default group "elog"
Jul  9 19:05:05 elogd[27016]: Falling back to default user "elog"
Jul  9 19:05:06 elogd[27016]: Cannot restore original GID/UID.
Jul  9 19:05:06 elogd[27016]: Cannot remove pidfile "/var/run/elogd.pid" ; Permission denied

I have further found out that these coincide with the generation of attachment thumbnails (i.e. every time a user displays an entry generated before the advent of ImageMagick support for the first time, and every time the preview pictures are scaled/rotated while editing an entry).

The PID-file is indeed owned by the root user and not elog, but is correctly cleaned up at termination of the elog server.
Jul  9 19:47:08 elogd[27335]: elogd server aborted.

Jul  9 19:47:16 elogd[27359]: elogd 2.7.3 built Apr 18 2008, 14:08:31 
Jul  9 19:47:16 elogd[27359]: revision 2104
Jul  9 19:47:16 elogd[27359]: Falling back to default group "elog"
Jul  9 19:47:16 elogd[27359]: Falling back to default user "elog"
Jul  9 19:47:16 elogd[27360]: Falling back to default group "elog"
Jul  9 19:47:16 elogd[27360]: Falling back to default user "elog"
Jul  9 19:47:16 elogd[27360]: Cannot restore original GID/UID.
Jul  9 19:47:16 elogd[27360]: Cannot remove pidfile "/var/run/elogd.pid" ; Permission denied
Jul  9 19:47:16 elogd[27359]: ImageMagick detected

Does this point at some sort of problem?


Another question concerning the thumbnails of multi-page PDF-files: would it make sense to restrict the thumbnail generation to the first page? Since this is the title page, which in most cases is the only relevant page (really reading the file from the thumbnails is usually not possible anyway), this could help keep the attachment display less crowded ...


Thanks for the work and continuing support!

Yoshio
  65945   Fri Aug 8 14:20:27 2008 Reply Yoshio ImaiQuestionAll2.7.4xRe: 2 questions :: different colors in list view based on "type" + change verbage of "type"

dale cooper wrote:
I'd love to display in the LIST VIEW (full, summary, or threaded views) different color's based on which TYPE was selected...

You can achieve this by using a "style" directive for this attribute. E.g. if your attribute is called "Shift" and entries with value "Day" should be green, value "Swing" should be blue, you should add
Style Shift Day = background-color:green
Style Shift Swing = background-color:blue
(and so on) to the config file.



Quote:
really I am just wondering if I can change the verbage that ELOG is using for the term TYPE? Is that doable?

As long as I am not missing a key point in your problem, you should be able to define the names of your logbook attributes simply with the "Attribute" directive. So, if you want the users to enter the shift and the name of the shift leader, you would put a line
Attributes = Shift, Shift leader
Options Shift = Day, Swing, ... <and so on>
Options Shift leader = Mike, Edward, John, ... <and so on>
and the logbook display should correctly show "Shift" and "Shift leader" in the header line of each entry ...
  65946   Fri Aug 8 14:27:03 2008 Reply Yoshio ImaiQuestionLinux2.7.4-2111Re: Using the command line tool to edit

T. Ribbrock wrote:
NOTE: I found that this does not work if LOGBOOK has any spaces in it - I would get error messages where the logbook was not found.


You might try to escape the space in the form
elog -a 'Attribute1=value' -x -h localhost -l 'LOG\ BOOK' -p 8080 -u USER PASSWD



T. Ribbrock wrote:
What is the easiest way to retrieve an ID from the command line

I don't know if this helps you (depends on how much the application that edits the entry communicates with the application the generates the entry), but the elog client should output something like
Message successfully transmitted, ID=12345
which you could e.g. redirect into a file that the editing application then reads to determine the ID.
  65954   Mon Aug 18 14:08:22 2008 Reply Yoshio ImaiQuestionLinux2.7.4xRe: Expand TEXT colum in Summary view?

dale cooper wrote:
I am wondering if it is possible to configure ELOG to expand the TEXT column in the SUMMARY view?

While it is not possible to specify a number of characters per row, you can control the number of text lines in the summary view using the
Summary lines = NNN
directive (cf. also the ELog admin guide).
  66037   Mon Nov 10 13:05:21 2008 Warning Yoshio ImaiInfoLinux2.7.5elog init script
Notice that the following is not true when editing the config file outside of the administrator's "Config" page:
	reload)
		# Do nothing since ELOG daemon responds to 
		# the changes in conffile directly.
		;;

In our installation, the sysadmin has therefore added the following section for the reload) part of the init script:
    reload)
        if [ -f $PIDFILE ]; then
            echo -n "$DESC to reread config file ... "
            kill -HUP `cat "$PIDFILE"`
            echo "done"
        else
            echo "No $PIDFILE found!"
        fi
        ;;
  66319   Wed Apr 15 14:44:42 2009 Reply Yoshio ImaiQuestionWindows2.7.5Re: Multi Logook Login
Hi, Stefan!


Stefan Ritt wrote:
If "password file = xxx" is however in each individual logbooks configuration, then you get "path=/<lobook>". You can check that by inspecting your browser's cookies. In that case the login name and password cookies are only sent to the URL for that specific logbook. I have not tested that extensively (different browsers, with/without Apache proxy), but if it works reliably, I will put this into the documentation.


We had done so on your advice and in principle this works, but our experience has shown one problem:

We have separated our logbooks into different top groups because of the sheer number of them (i.e. experiment logbooks in one top group with logbook groups for the sub-categories, personal analysis logbooks in another top group etc.). Obviously, the experiment logbooks may share the same login, therefore we have put the "password file" statement into that top group's global section (otherwise, we would have to log on to every beamtime logbook individually, which can be cumbersome when comparing e.g. experiment settings between beamtimes). For the personal logbooks, of course, we use per-logbook-access (i.e. "password file" statement in the individual logbook sections) such that logging on to one's own logbook does not imply access to someone else's logbook. However, since the group/top group structure does not appear in the elog URLs, the cookies for the beamtime logbooks all have the path set to "path=/". This breaks the scheme again (I guess we have sort of "abused" the concept of top groups a little) and it is not possible to work in one of the experiment logbooks in parallel with one's own logbook without having to renew the login when switching the logbook.


Is it possible to modify the elogd such that it first checks if, among the cookies sent, there is one where the path corresponds to the path of the current logbook, and evaluate cookies with "path=/" only if no such cookie is found?

Yoshio
  66528   Fri Sep 4 13:59:19 2009 Reply Yoshio ImaiRequestLinux | Windows2.7.2-2012Re: multiple keyword search - regular expression
Maybe there is a simple way.
If I understand it correctly, the entries are accepted/rejected for inclusion in the search result list based on one call to regexec. In order to search for N keywords, you could replace this by a loop of N calls to regexec, and only accept the entry if all of them find a match.
Goto page Previous  1, 2, 3 ... 59, 60, 61 ... 804, 805, 806   Next  
ELOG V3.1.5-3fb85fa6