I've been using elog for a few years now.  I've had the current setup working for me up until today.  

If I create a new message (entry, whatever they are called), or if I attempt to update an existing message, only the header information is saved.  The body (the part I can see in the editor) does not get saved.

Yesterday, I did do some updates on the server machine.  Among them was an update to apache2, but I am not using apache2 (I can disable apache2, and elogd continues serving elog on client machines).  Also updated were several python3 packages; I ran into a compatibility problem with python3 with a different package, so I wonder if that could have some impact for elog also.  About 50 packages were updated altogether.

Here are the packages that were updated yesterday (in case this is of interest to solving the issue):

 bind9-host:amd64 (1:9.10.3.dfsg.P4-12.3+deb9u9, 1:9.10.3.dfsg.P4-12.3+deb9u10)
 ckeditor:amd64 (4.5.7+dfsg-2, 4.5.7+dfsg-2+deb9u1)
 cron:amd64 (3.0pl1-128+deb9u1, 3.0pl1-128+deb9u2)
 dnsutils:amd64 (1:9.10.3.dfsg.P4-12.3+deb9u9, 1:9.10.3.dfsg.P4-12.3+deb9u10)
 firefox-esr:amd64 (78.14.0esr-1~deb9u1, 78.15.0esr-1~deb9u1)
 libapache2-mod-php7.0:amd64 (7.0.33-0+deb9u11, 7.0.33-0+deb9u12)
 libavcodec57:amd64 (7:3.2.15-0+deb9u4, 7:3.2.16-1+deb9u1)
 libavfilter6:amd64 (7:3.2.15-0+deb9u4, 7:3.2.16-1+deb9u1)
 libavformat57:amd64 (7:3.2.15-0+deb9u4, 7:3.2.16-1+deb9u1)
 libavresample3:amd64 (7:3.2.15-0+deb9u4, 7:3.2.16-1+deb9u1)
 libavutil55:amd64 (7:3.2.15-0+deb9u4, 7:3.2.16-1+deb9u1)
 libbind9-140:amd64 (1:9.10.3.dfsg.P4-12.3+deb9u9, 1:9.10.3.dfsg.P4-12.3+deb9u10)
 libcups2:amd64 (2.2.1-8+deb9u6, 2.2.1-8+deb9u7)
 libcupsimage2:amd64 (2.2.1-8+deb9u6, 2.2.1-8+deb9u7)
 libdns162:amd64 (1:9.10.3.dfsg.P4-12.3+deb9u9, 1:9.10.3.dfsg.P4-12.3+deb9u10)
libdns-export162:amd64 (1:9.10.3.dfsg.P4-12.3+deb9u9, 1:9.10.3.dfsg.P4-12.3+deb9u10)
 libdw1:amd64 (0.168-1, 0.168-1+deb9u1)
 libelf1:amd64 (0.168-1, 0.168-1+deb9u1)
 libfaad2:amd64 (2.8.0~cvs20161113-1+deb9u2, 2.8.0~cvs20161113-1+deb9u3)
 libicu57:amd64 (57.1-6+deb9u4, 57.1-6+deb9u5)
 libisc160:amd64 (1:9.10.3.dfsg.P4-12.3+deb9u9, 1:9.10.3.dfsg.P4-12.3+deb9u10)
 libisccc140:amd64 (1:9.10.3.dfsg.P4-12.3+deb9u9, 1:9.10.3.dfsg.P4-12.3+deb9u10)
 libisccfg140:amd64 (1:9.10.3.dfsg.P4-12.3+deb9u9, 1:9.10.3.dfsg.P4-12.3+deb9u10)
 libisc-export160:amd64 (1:9.10.3.dfsg.P4-12.3+deb9u9, 1:9.10.3.dfsg.P4-12.3+deb9u10)
 libjbig2dec0:amd64 (0.13-4.1, 0.13-4.1+deb9u1)
 liblwres141:amd64 (1:9.10.3.dfsg.P4-12.3+deb9u9, 1:9.10.3.dfsg.P4-12.3+deb9u10)
 libnghttp2-14:amd64 (1.18.1-1+deb9u1, 1.18.1-1+deb9u2)
 libntfs-3g871:amd64 (1:2016.2.22AR.1+dfsg-1+deb9u1, 1:2016.2.22AR.1+dfsg-1+deb9u2)
 libopencv-core2.4v5:amd64 (2.4.9.1+dfsg1-2, 2.4.9.1+dfsg1-2+deb9u1)
 libopencv-imgproc2.4v5:amd64 (2.4.9.1+dfsg1-2, 2.4.9.1+dfsg1-2+deb9u1)
 libpostproc54:amd64 (7:3.2.15-0+deb9u4, 7:3.2.16-1+deb9u1)
 libpython3.5:amd64 (3.5.3-1+deb9u4, 3.5.3-1+deb9u5)
 libpython3.5-minimal:amd64 (3.5.3-1+deb9u4, 3.5.3-1+deb9u5)
 libpython3.5-stdlib:amd64 (3.5.3-1+deb9u4, 3.5.3-1+deb9u5)
 libruby2.3:amd64 (2.3.3-1+deb9u9, 2.3.3-1+deb9u10)
 libsdl1.2debian:amd64 (1.2.15+dfsg1-4, 1.2.15+dfsg1-4+deb9u1)
 libswresample2:amd64 (7:3.2.15-0+deb9u4, 7:3.2.16-1+deb9u1)
 libswscale4:amd64 (7:3.2.15-0+deb9u4, 7:3.2.16-1+deb9u1)
 ntfs-3g:amd64 (1:2016.2.22AR.1+dfsg-1+deb9u1, 1:2016.2.22AR.1+dfsg-1+deb9u2)
 php7.0-cli:amd64 (7.0.33-0+deb9u11, 7.0.33-0+deb9u12)
 php7.0-common:amd64 (7.0.33-0+deb9u11, 7.0.33-0+deb9u12)
 php7.0-curl:amd64 (7.0.33-0+deb9u11, 7.0.33-0+deb9u12)
 php7.0-intl:amd64 (7.0.33-0+deb9u11, 7.0.33-0+deb9u12)
 php7.0-json:amd64 (7.0.33-0+deb9u11, 7.0.33-0+deb9u12)
 php7.0-mbstring:amd64 (7.0.33-0+deb9u11, 7.0.33-0+deb9u12)
 php7.0-opcache:amd64 (7.0.33-0+deb9u11, 7.0.33-0+deb9u12)
 php7.0-readline:amd64 (7.0.33-0+deb9u11, 7.0.33-0+deb9u12)
 php7.0-xml:amd64 (7.0.33-0+deb9u11, 7.0.33-0+deb9u12)
 python3.5:amd64 (3.5.3-1+deb9u4, 3.5.3-1+deb9u5)
 python3.5-minimal:amd64 (3.5.3-1+deb9u4, 3.5.3-1+deb9u5)
 ruby2.3:amd64 (2.3.3-1+deb9u9, 2.3.3-1+deb9u10)
 tzdata:amd64 (2021a-0+deb9u1, 2021a-0+deb9u2)

This is a devuan ascii server only for clients on a local area network.

Hello Harry,

the elog server (elogd) is a standalone application written in C and contains a full webserver and logfile management system.
There are no other dependencies to apache or python.

You can use a webserver like apache or nginx in combination with elog to act as a proxy,
e.g. to handle the encryption part of the communication between your web browser and the elogd, but you don't need to.

Regarding the first part of your message:
The elog server worked normally; entries (including the text body) got saved correctly until the last update? 
The only thing in your list of updates, I can think of making this problem could be the update of ckeditor as it is the text editor used by elog.
The other packages should not be related to elog... but I am not a package maintainer.
I compiled elog from source and it brings the necessary files with it.

Best wishes,
Sebastian

Thank you for your quick response, Sebastion.  The new version of ckeditor is 4.5.7 -- is this version compatible with elog 3.1.2?  It is possible that I am using an outdated elog or outdated ckeditor due to the fact that this server is a bit old; I am looking to upgrade this machine soon, but I have several other issues to resolve first.

(disregard my recent post here about missing package -- that wasn't the elog server!)

I can see that ckeditor was upgraded 11/19, which is would be prior to my recent attempts to use elog.  It was apparently a security update, so I am not sure it is sensible to downgrade.  OTOH, I am the only person here, and I have all sides carefully barracaded, so I don't think it would be much of an issue.   But please disabuse me of my ignorance if need be.

After downgrading ckeditor, my elog installation is working again.  Thanks for your help.

Hi,

I have set the options "Restrict edit time = 24" and "Admin restrict edit time = 0" in [global]. This way can only edit entries for 24 hours while the admin can forever. I now want a single logbook where all users have unlimited time to edit entries. However, setting "Restrict edit time = 0" in this specific logbook behaves differently to the admin setting as it simply sets the time to 0. Is this behavior intended or a bug? I guess a workaround is to specify the edit limitation not in global but in all logbooks seperately.

Actually this is related to post 68993 from Sebastian Schenk in Jul 2019. Are there any new workarounds I may have missed?

Hi Chris,

my old entry was related to the admin options of edit time.
The option "Admin restrict edit time" was implemented later, see ab8b98c

As a workaround you should be able to give "Restrict edit time" a ridiculous high number in the specific logbook, which should overwrite the global.
In the documentation is no rule specified for diabling global settings for specific logbooks, as far as i know.

Best wishes,
Sebastian

Hi Sebastian,

thanks for the reply. It is just a bit confusing that these similar settings behave so differently. For me it is no big deal to set the time for every logbook independently instead of [global], but it leaves more room for configuration errors.

Best,
Chris

Hi,

I'm wondering if it's possible to have a shared logbook and elog.cfg between multiple instances of elog.  Ideally, I'd like to have my logbooks folder and elog.cfg hosted on a nextcloud instance while running the elog service locally.  I've tried this using symlinks and shortcuts on windows with no luck.  I was able to install elog into my mounted nextcloud folder, but this isn't ideal as I would like this to work from multiple computers.

Any ideas or thoughts on how I can do this (if I can actually do this)?

Hi Anthony,

the elog has a mirroring function, which synchornizes config and logs between multiple instances.
See the bottom section of https://elog.psi.ch/elog/config.html

Best wishes,
Sebastian

Thank you Sebastian!

I admittidely haven't looked through the page in a while, so I completely missed this feature.  This should solve the problem, although in a slightly different implementation than what I was trying for.

Recently central IT scanned our elog server and reported the following "vulnerabilities"

• 42873 (1) - SSL Medium Strength Cipher Suites Supported (SWEET32)
• 51192 (1) - SSL Certificate Cannot Be Trusted
• 65821 (1) - SSL RC4 Cipher Suites Supported (Bar Mitzvah)
• 85582 (1) - Web Application Potentially Vulnerable to Clickjacking

Is there any easy way of preventing these

Thanks and Best Wishes

David

The elgod.c progarm itself is rather weak in SSL, since I just don't have time to catch up with the latest SSL enhancements. The safest you can do is to put an industry-strenth web server like Apache in front of elogd and let that server handle the SSL layer.

Stefan

Thanks, I'll try that and see what happens

David

While running two e-log books that were mirrored, I ended up with the situation of two entries with the same number/id.  The mirroring did what it said it would, increment the local logbook entry and grab the entry from the remote logbook. However, when it did, it did not preserve the fields in the log book that are specified in the config file such as "Author", "Priority", "Subject" ect.  I ended up with a very minimal log:

Has anyone had issues with having too many files open? I'll setup my server and let it go but after a while, I end up with a lot of "cannot create socket: Too many open files" errors being reported.  I have a sync to another e-log going which I suspect is part of the cause since that e-log server hasn't had this issue. I suspect that there are files being opened, going into some return loop code and then never getting closed. I'm not a C programmer but I see lines like :

fh = open(tmp_filename, O_RDONLY);
      if (fh > 0) {
         read(fh, result, size - 1);
         close(fh);
      }

      /* remove temporary file */
      remove(tmp_filename);

This looks like it opens the file but unless the remove function closes the file, it will remain open even through the file has been deleted. Maybe this isn't the correct behaviour of 'remove' and I am mistaken?

There are also parts like :

 fh = open(textfile, O_RDONLY | O_BINARY);
      if (fh < 0) {
         printf("Message file \"%s\" does not exist.\n", textfile);
         return 1;
      }

      size = (INT) lseek(fh, 0, SEEK_END);
      lseek(fh, 0, SEEK_SET);

      if (size > (INT) (sizeof(text) - 1)) {
         printf("Message file \"%s\" is too long (%zd bytes max).\n", textfile, sizeof(text));
         return 1;
      }
This looks like for the second error, it will complain that the file is too long, return an error message but not close the file and would leave it open. Is this a reasonable avenue to pursue or am I mis-reading the code?   Thanks.

The code segements you show are from the command line tool elog.c, not the server elogd.c. The tool is called to submit a new message from the command line. Even if there would be a file not properly closed, it will be closed by the operating system once the program finishes. So no problem of too many open files there.

Hi,

I am trying to access elog through a python client (https://github.com/paulscherrerinstitute/py_elog) and found a strage strange behavior which may be related server side problem. The python script generates get/post messages via the python requests library. This works fine so far and I can view and post messages. However, if a wrong user/password is provided, the server still returns HTTP status code "200 OK", although login failed. Instead, it should return something like "401 Unauthorized". This behavior later causes problems since the python client thinks login was successful. After experimenting around I think this could be caused by a server side misconfiguration. Any ideas?

I am not sure if this imformation is important: We use LDAP as user/password provider for elog.

Seems like I've discovered another bug here related to umlauts in my name. :D 

I was submitting this post and forgot to put an icon. Elog seems to have saved a copy of my message, which I could not edit since my username does not match the bugged name saved for this message.

Hi,

I am trying to access elog through a python client (https://github.com/paulscherrerinstitute/py_elog) and found a strage strange behavior which may be related server side problem. The python script generates get/post messages via the python requests library. This works fine so far and I can view and post messages. However, if a wrong user/password is provided, the server still returns HTTP status code "200 OK", although login failed. Instead, it should return something like "401 Unauthorized". This behavior later causes problems since the python client thinks login was successful. After experimenting around I think this could be caused by a server side misconfiguration. Any ideas?

I am not sure if this imformation is important: We use LDAP as user/password provider for elog.