Demo Discussion
Forum Config Examples Contributions Vulnerabilities
  Discussion forum about ELOG, Page 779 of 805  Not logged in ELOG logo
ID Date Icon Author Author Email Category OS ELOG Version Subject
  259   Wed Apr 2 05:39:45 2003 Warning Greg report  Disappearing attachments
Let me start by saying that I really like ELOG-- it's a nice tool.

I'm trying out version 2.3.3. The problem that I'm having is with
attachments disappearing when I do the following:

1. create a new entry that contains one or more attachments.
2. verify that the new entry from step 1 saved correctly.
3. reply to the entry from step 1.
4. return to the entry from step 1 only to find the attachments gone.

The attachement files are still in the logbook directory, it's just that
they are no longer attached to the entry.

FWIW, I've attached the elog.config that I'm using...


  258   Mon Mar 31 12:44:33 2003 Reply nicknick@nick.comInfo  Re: Elog and SSL
Im not running anything on port 443, one thing I did notice is that when 
stunnel is run and setup, I can run a netstat and nothing is bound to those 
ports, if I do a ps -ef | grep stunnel nothing is running, yet it accepts the 
command initially ?


> > I was wondering if you can help me understand the concept and if i am 
> > something wrong with securing Elog via SSL
> > 
> > Basically im running elog on a redhat 8 box with stunnel already 
> > as part of OpenSSL, on the server i ran the command specified in the 
> > instructions
> > 
> > stunnel -d 443 -r
> > 
> > This command runs on the server, but when I access 
> > get a page cannot be displayed, ive also put the URL = 
> > entry in the elogd.cfg file
> > 
> > HELP!!!!!!!
> Can you access your server locally under ??? If 
> then you maybe specified the wrong port, so check elogd.cfg and the "-p" 
> when starting elogd. If you can access it, and cannot access it under 
> https://, then something must be wrong with your stunnel configuration. 
> you run already a secure server under port 443? User "netstat -a" to check 
> that.
  257   Fri Mar 21 16:52:12 2003 Reply Recai  Re: Re: Elog and SSL
Ooops, I destroyed the original post, now how can we fix this :)
  256   Fri Mar 21 16:24:05 2003 Reply Stefan Rittstefan.ritt@psi.chInfo  Re: Elog and SSL
> I was wondering if you can help me understand the concept and if i am doing 
> something wrong with securing Elog via SSL
> Basically im running elog on a redhat 8 box with stunnel already installed 
> as part of OpenSSL, on the server i ran the command specified in the 
> instructions
> stunnel -d 443 -r
> This command runs on the server, but when I access i 
> get a page cannot be displayed, ive also put the URL = 
> entry in the elogd.cfg file
> HELP!!!!!!!

Can you access your server locally under ??? If not, 
then you maybe specified the wrong port, so check elogd.cfg and the "-p" flag 
when starting elogd. If you can access it, and cannot access it under 
https://, then something must be wrong with your stunnel configuration. Maybe 
you run already a secure server under port 443? User "netstat -a" to check 
  255   Thu Mar 20 21:07:09 2003 Reply djekdjek@nospam.invalidBug report  Re: Elog 2.3.3, problems of 2.3.2 solved
> > After upgrading from 2.3.1 to 2.3.3, elog is not able to load any resources
> > as stylesheets, images or passwordfiles.
> > 
> > Cannot open file /usr/local/elogdata/logbooks/djeks/password!
> If you installed from the RPM, elogd runs under the user "elog". If you have 
> installed a previous version under a different user, it might be that elogd 
> does not have read or write access to it. A 
> "chown -R elog.elog /usr/local/elogdata"
> might help.
It did, a lot, guess I missed that one in the changelog.

Had some trouble with subdir too:
changed it to its full path
restarted elogd

As a test I changed subdir to it's relative path
It kept working

mmmm, I wonder where that twighlight tune comes from ...
  254   Thu Mar 20 21:07:09 2003 Reply Stefan Rittstefan.ritt@psi.chBug report  Re: Elog 2.3.3, problems of 2.3.2 only partly solved
> After upgrading from 2.3.1 to 2.3.3, elog is not able to load any resources
> as stylesheets, images or passwordfiles.
> Cannot open file /usr/local/elogdata/logbooks/djeks/password!

If you installed from the RPM, elogd runs under the user "elog". If you have 
installed a previous version under a different user, it might be that elogd 
does not have read or write access to it. A 

"chown -R elog.elog /usr/local/elogdata"

might help.

- Stefan
  253   Thu Mar 20 21:07:09 2003 Blink djekdjek@nospam.invalidBug report  Elog 2.3.3, problems of 2.3.2 only partly solved
After upgrading from 2.3.1 to 2.3.3, elog is not able to load any resources
as stylesheets, images or passwordfiles.

Cannot open file /usr/local/elogdata/logbooks/djeks/password!

  249   Sun Mar 16 19:15:16 2003 Entry Recai  Elog and SSL
> Basically im running elog on a redhat 8 box with stunnel already installed 
> as part of OpenSSL, on the server i ran the command specified in the 
> instructions
> stunnel -d 443 -r

I haven't tried `stunnel` with elog, but as far as I read from various
sources, stunnel requires you to create an SSL certificate. In attachment,
you'll find a sample case for stunnel and smtp (port 25) + pop3 (port 110).
Hope this helps.

Attachment 1: stunnel_with_smtp_pop3.txt
EZ Email Security With Stunnel
by Pat Parsons

This is a little crash course in how to setup email over SSL painlessly using
Stunnel. First you need to have installed a mail transfer agent to handle the
SMTP portion of the mail. Then you need to have installed either an IMAP server
or a POP3 server. Many distributions come with Stunnel, if yours does not you
can get it from Stunnel requires that you have OpenSSL
or SSLeay installed first. This should come with your distribution. Generally
if you have SSH installed you also have a SSL library.

Get and install Stunnel. I am not going into detail on that because if you are
at this point you probably already know how to do so. Make a SSL certificate
for use with Stunnel. OpenSSL provides a makefile to do just that. In my
distribution it is located in /usr/share/ssl/certs . CD to that directory and
type make stunnel.pem to create the certificate that is named stunnel.pem. Now
you need to a few lines to your rc.local file to start Stunnel at bootup
(assuming you ever reboot that is) these lines are:

  /usr/sbin/stunnel -d 995 -r 110
  /usr/sbin/stunnel -d 465 -r 25

This will start stunnel listening on port 995 for POP3 and 465 for SMTP. Now
all you need to do is edit the options for your mail client and there you go.
No need to worry about cleartext email passwords. If you are too impatient to
wait for the next reboot you can type the commands given previously to start
Stunnel right away. There may be some problems with certificate validation for
some email clients. Make sure when asked by the makefile you get the server
name correct. If your email client will not let you add certificates you may
need to change or obtain a certificate from a certification authority. If you
cannot get the certificate vaidation worked out there is no way to ensure that
you are connecting to the correct machine. Have a nice day.
ELOG V3.1.5-3fb85fa6