Around line 2240 (in loc()) in elogd.c the following is written, 
which results in an infinite loop, since loc() recursively with
the same argument "Change %s".

   /* special case: "Change %s" */
   if (strstr(orig, "Change ")) {
      sprintf(result, loc("Change %s"), orig + 7);
      return result;
   }

For now I just commented these lines.

Segfault when password file is empty and not writable a segmentation fault is generated when a new user tries to register:

root#  > passwd


root#  chown root.root passwd


root#  chmod 644 passwd


root#  grep -i usr elogd.cfg


root#


kernel: [515323.672377] elogd[31048]: segfault at 78 ip 00000000004ba780 sp 00007fff03cd2078 error 4 in elogd[400000+dc000]
 

I cannot reproduce this error when running within gdb.

Elog version:  ELOG V3.1.4-611489ba

I am running openldap on the localhost.  For some reason now, elogd is segfaulting when (I believe) when a new user is being added to the password file.  For example:

1. I delete user passord file defined in elogd.cfg

2. Bind/Authenticate to LDAP successfully

3.  Segfaults in auth.c ldap_adduser_file()

Makefile:
...
ELOGDIR    = /opt/elog
DESTDIR    = $(ROOT)$(PREFIX)/bin
SDESTDIR   = $(ROOT)$(PREFIX)/sbin
RCDIR      = $(ROOT)/etc/rc.d/init.d
SRVDIR     = $(ROOT)/usr/lib/systemd/system

# flag for SSL support
USE_SSL    = 1

# flag for Kerberos support, please turn off if you don't need Kerberos
USE_KRB5   = 0

# flag for LDAP support, please turn off if you don't need LDAP
USE_LDAP   = 1# flag for PAM support, please turn of if you don't need PAM
USE_PAM    = 0
...

For authentication, I am using openldap in the localhost:

----
Authentication = LDAP
LDAP server = ldap://localhost:389
LDAP userbase = ou=people,dc=example,dc=org
LDAP login attribute = uid
LDAP register = 1
Password file = /opt/elog/users
 

gdb output

----------

(gdb) run -s /opt/elog -c /opt/elog/elogd.cfg -f /var/run/elog/elog.pid
The program being debugged has been started already.
Start it from the beginning? (y or n) y
Starting program: /home/ubuntu/UPGRADE-42221/work-src/elog/elogd -s /opt/elog -c /opt/elog/elogd.cfg -f /var/run/elog/elog.pid
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
elogd 3.1.4 built Apr 22 2021, 19:19:39 revision 611489ba
File "/var/run/elog/elog.pid" exists, overwriting it.
CKeditor detected
ImageMagick detected
Indexing logbooks ... done
Server listening on port 9011 ...

Breakpoint 1, ldap_adduser_file (lbs=0x555556811ad8, user=0x7ffffffd3bd0 "testuser", password=0x5555558ea110 <_value+6000> "testuser", error_str=0x7ffffffd53d0 "", error_size=<optimized out>) at src/auth.c:350
350       if (rc != LDAP_SUCCESS) {
(gdb) n
337       rc = ldap_search_ext_s(
(gdb) n
350       if (rc != LDAP_SUCCESS) {
(gdb) n
358       for(entry = ldap_first_entry(ldap_ld,result);
(gdb) n
371                   if(strcmp(attribute,"mail")==0 || strcmp(attribute,"rfc822Mailbox")==0)
(gdb) n
361          for(attribute = ldap_first_attribute(ldap_ld,entry,&ber);
(gdb) n
365             if((values = ldap_get_values(ldap_ld,entry,attribute)) != NULL ) {
(gdb) n
366                for(i=0; values[i] != NULL; i++) {
(gdb) n

Program received signal SIGSEGV, Segmentation fault.
ldap_adduser_file (lbs=0x555556811ad8, user=0x7ffffffd3bd0 "testuser", password=0x5555558ea110 <_value+6000> "testuser", error_str=<optimized out>, error_size=<optimized out>) at src/auth.c:366
366                for(i=0; values[i] != NULL; i++) {
(gdb) p attribute
$1 = 0x5555567f6a20 "uid"
(gdb) p values
$2 = (char **) 0x567f74f0
 

This user in LDAP:
-------------------------
# TESTUSER, people, example.org
dn: uid=TESTUSER,ou=people,dc=example,dc=org
uid: TESTUSER
cn: TESTUSER
givenName: TESTUSER
sn:: VEVTVFVTRVIg
mail: TESTUSER
uidNumber: 10000
gidNumber: 10000
homeDirectory: /dev/null
objectClass: top
objectClass: posixAccount
objectClass: shadowAccount
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
userPassword:: e1NTSEF9Y21ua1lsdFpMZ3ZrZlZ4OUp3MFN3cUY3NWIzdkFCSWY=
 

if you are guest in the find option  

select 'all logbook'

it will display all 'attributes' from other logbook 
with no option  'guest command ...'
but having the same 'attribute' name

Solution :
**********
I use the copy to command to make a copy to other logbook
with option 'guest command' enabled

in this section I remove some field so the guest user can't no see all field

I suggest to give acces to 'guest' on a second run of elog to another
port or other computer ?

I don't think there is a good secure way so far, but would like to have your opinion. 

If I want user to create logbook for themselves, what's the best way to do it? I guess Execute $attribute = <command> may work, have it write to cfg file, but obviously it impose security problem. Is there a good and secure way to allow user to create logbook themselves?

Is it possible to have last runtime filtering and viewing method to be
stored in a cookie in order to make them permanent across navigation ?

I mean:
- if I decide to view "all" entries in the elog and then open one of them, 
  I'd like not to select "show all entries" again and again
- same thing if I choose to view last week
- same for every runtime filter and/or viewing option 

hope this is simple to implement :-)  thanks in advance 

Hello

I have the following in elog.cfg :

Attributes = Author, Author Email, Category, Customer, server, Subject ,  Change Window Begin , Change Window End
List display = ID,Author, Author Email, Category, Customer, server,  Subject ,  Change Window Begin , Change Window End

Type Change Window Begin = datetime
Type Change Window End = datetime

So I want to be able to give a start and end date to the user.  However : If I open a find/Search I see this :

There are for each  Change Window <item>   we get  Start: and End: time entries. Was expecting only one date entrie .

Why is this ? Seems to be a feature of datetime  or am i missing something.