Demo Discussion
Forum Config Examples Contributions Vulnerabilities
  Discussion forum about ELOG, Page 85 of 807  Not logged in ELOG logo
ID Date Icon Author Author Email Categorydown OS ELOG Version Subject
  274   Tue Apr 8 08:57:20 2003 Reply Stefan Rittstefan.ritt@psi.chQuestion  Re: elogd under Apache, login screen always reappears
> I would like to run elogd under Apache because I don't want to open another
> port (eg. 8080) on the firewall for incoming http traffic. I followed the
> special instructions for that sort of setup but the user logon screen always
> comes up again, even after using a valid username/password.
> 
> I am testing on a Redhat 7.2 based distribution (called SME server) in a
> test domain (tuxhome.co.nz). 
> "Apache modules mod_proxy.c and mod_alias.c are activated", Yes.
> There seems to be a problem here with the Apache Redirect statement. When I
> try with
> Redirect permanent /elog http://www.tuxhome.co.nz/elog/
> ProxyPass /elog/ http://www.tuxhome.co.nz:8080/
> Mozilla responds "Redirection limit for this URL exceeded" and IE6 says
> "cannot find server or DNS error" so I have commented out the redirect
> statement for now.
> I might misunderstand the required URL statement in elogd.cfg 
> "URL = http://your.proxy.host/subdir/" ?
> which I understand it would have to be 
> URL = http://www.tuxhome.co.nz/elog/ for my above example?
> 
> Maybe someone could help me with an example that includes all 3 of the
> statements together, the redirect + proxypass from httpd.conf plus the URL
> from elogd.conf?
> Thanks for any help.

This Forum runs on "midas.psi.ch" under RH 7.1, Apache 1.3.22, port 8000, and 
it contains in httpd.conf:

Redirect permanent /elogdemo http://midas.psi.ch/elogdemo/
ProxyPass /elogdemo/ http://midas.psi.ch:8000/

elogd.cfg contains:

URL = http://midas.psi.ch/elogdemo/

As you can see, it works fine with all browsers, so I have no clue what is 
wrong in your case. You might want to look at your /var/log/httpd/access_log 
and /var/log/httpd/error_log to see what's going on. If you run elogd 
interactively with the "-v" flag, you see directly the communication between 
elogd and the browser which also might help.

- Stefan
  289   Fri Apr 18 21:32:59 2003 Entry Kutlay Topatanktopatan@worldbank.orgQuestion  Converting logs
I would like to dump mylog files into comma/tab seperated files. Is there 
an easy way to do it?

I tried to run elconv, but had no success. Always returns an error. 

Thanks,
k. 
  299   Tue Apr 22 19:27:28 2003 Entry Marcus Meyermarcus.meyer@gmx.netQuestion  Re: Converting logs
> I would like to dump mylog files into comma/tab seperated files. Is there 
> an easy way to do it?
> 
> I tried to run elconv, but had no success. Always returns an error. 
> 
> Thanks,
> k. 

Hi!

Same for me.

Here is the error:

Cannot find any ??????.log file in this directory.

THANX,
mm
  300   Tue Apr 22 19:58:13 2003 Entry Recai Oktasroktas@omu.edu.trQuestion  Re: Converting logs
> Here is the error:
> 
> Cannot find any ??????.log file in this directory.

`elconv' is just a simple tool to convert pre 2.0 log files to the current
format. (Well, after all these confusions, dropping it from the future
releases won't be surprising -at least for me- ;) You might try some
well-known text-processing tools ie. preferably awk or perl to make the
required conversions. But I think using comma or tab as the delimiter is not
suitable due to the content of logs. If all you want is importing them to
excel/word, you should play with the delimiter options of mentioned programs
before trying a solution.
  301   Tue Apr 22 20:06:51 2003 Reply Stefan Rittstefan.ritt@psi.chQuestion  Re: Converting logs
> `elconv' is just a simple tool to convert pre 2.0 log files to the current
> format. (Well, after all these confusions, dropping it from the future
> releases won't be surprising -at least for me- ;) You might try some
> well-known text-processing tools ie. preferably awk or perl to make the
> required conversions. But I think using comma or tab as the delimiter is 
not
> suitable due to the content of logs. If all you want is importing them to
> excel/word, you should play with the delimiter options of mentioned 
programs
> before trying a solution.

Hi Recai. I have several requests of this kind. "Want to import/export to 
comma separated text" or "XML". So one option is to extend elconv to handle 
all kind of conversions 1.x -> 2.x, 2.x -> CSV, 2.x -> XML. An alternative 
would be to write some awk/perl scripts as you noted. The disadvantage of 
this solution would be that they rely on the installation of awk/perl which 
is not given on windows systems. But nevertheless, if anyone volunteers to 
write a conversion tool, I would be happy to include it in the distribution. 
If not, I can put it into elconv.c, but that could take until June, given my 
current work load.
  307   Fri May 2 00:34:26 2003 Question Tomas Rudolftomas@mba.beQuestion  User Profile - Access to logbook group
Hi,

I was wondering if anyone had a solution for my problem.
We are trying to run several books on one server. The books are grouped 
such as follows :

Group Users1 = Book1, Book2, Book3
Group Users2 = Book4, Book5, Book6
Group Users3 = Book7, Book8, Book9

We would like to give access to selected users to only their Group. So that 
for instance Users1 cannot access the books of group Users3. I was 
wondering if there is any notion of "User profile" or security per logbook 
Group implemented?

What we do for now is that we have 3 different PASSELOG files and for each 
Book we need to specify which PASSELOG should be used for authentication. 
This works fine except that we prefer that users do not see the other 
logbooks listed in the main menu nor the other "inaccessible" logbook tabs 
in the logbook view. Is there a way to hide these for them (but only for 
them)?

Tomas
  308   Fri May 2 08:45:38 2003 Reply Stefan Rittstefan.ritt@psi.chQuestion  Re: User Profile - Access to logbook group
> We would like to give access to selected users to only their Group. So that 
> for instance Users1 cannot access the books of group Users3. I was 
> wondering if there is any notion of "User profile" or security per logbook 
> Group implemented?

No, groups of users are not yet implemented, but it's on the wishlist and I 
added your vote for this item.

> What we do for now is that we have 3 different PASSELOG files and for each 
> Book we need to specify which PASSELOG should be used for authentication. 
> This works fine except that we prefer that users do not see the other 
> logbooks listed in the main menu nor the other "inaccessible" logbook tabs 
> in the logbook view. Is there a way to hide these for them (but only for 
> them)?

A (poor man's) work-around right now is to run three instances of elogd on 
three different ports, then use Apache as a proxy. I do this in this server 
for example. Under http://midas.psi.ch/elogdemo you see the public logbooks, 
while under http://midas.psi.ch/megelog you see some logbooks from an 
experiment here at our institute. The access control is completely separated, 
and you don't see the logbook tabs from the other group as well.
  312   Fri May 2 15:58:23 2003 Question Robert Keeneyrkeeney@dfs.state.fl.usQuestion  Re: User Profile - Access to logbook group
I have managed to get this to work (so far).

What I do is use a separate password file and directory for each log.

I haven't tested it with with the current version but it worked fine before
that. My testing consisted of creating a user in the main password file and
see if he could get to anything I didn't want him to. This may not be enough
for something that requires a high level of security. 

When I create a new user I move that line to the appropriate password file if
it isn't already there.

You will get an invalid user message and a prompt if you try access a log that
doesn't have your user name in the password file. 

I only have six people using it so this isn't much trouble.

I would like to see groups implemented to make this more manageable.

> Hi,
> 
> I was wondering if anyone had a solution for my problem.
> We are trying to run several books on one server. The books are grouped 
> such as follows :
> 
> Group Users1 = Book1, Book2, Book3
> Group Users2 = Book4, Book5, Book6
> Group Users3 = Book7, Book8, Book9
> 
> We would like to give access to selected users to only their Group. So that 
> for instance Users1 cannot access the books of group Users3. I was 
> wondering if there is any notion of "User profile" or security per logbook 
> Group implemented?
> 
> What we do for now is that we have 3 different PASSELOG files and for each 
> Book we need to specify which PASSELOG should be used for authentication. 
> This works fine except that we prefer that users do not see the other 
> logbooks listed in the main menu nor the other "inaccessible" logbook tabs 
> in the logbook view. Is there a way to hide these for them (but only for 
> them)?
> 
> Tomas
ELOG V3.1.5-3fb85fa6