ID |
Date |
Icon |
Author |
Author Email |
Category |
OS |
ELOG Version |
Subject |
1636
|
Fri Jan 27 20:40:00 2006 |
| G. Vandemoortele | gvdmoort@skynet.be | Question | Linux | 2.6.1 CVS | Running elog as ordinnary user | Hello,
I've configured elog with some commands running a shell :
Preset R-Date = $shell(/usr/bin/date +"%Y/%m/%d %H:%S")
; for testing :
Preset $text = $shell(whoami && set)
Preset $text = Some fixed text
That worked well when elog was started by root (and falling to user elog),
but later, I moved all the elog tree to /home/my_name/.elog,
(I'd like to start it only when I'm logged, it's only for personnal data)
changed all the attributes/permissions ($chown -R my_name:my_group .elog)
and none of these commands still works ! I use the -x option to allow
shell substitution.
More surprisingly, even the fixed text doesn't work (???)
Any explanation ?
By the way, I also seen that it is necessary to set Usr and Grp to "elog"
via the config file even when it's started by root, because otherwise,
you always get the strings 'Falling back to default group "elog"' and
Falling back to default user "elog" in the output of the shell substitutions.
Regards,
Gauthier
|
1637
|
Fri Jan 27 23:18:07 2006 |
| Stefan Ritt | stefan.ritt@psi.ch | Question | Linux | 2.6.1 CVS | Re: Running elog as ordinnary user |
G. Vandemoortele wrote: | I've configured elog with some commands running a shell :
Preset R-Date = $shell(/usr/bin/date +"%Y/%m/%d %H:%S")
; for testing :
Preset $text = $shell(whoami && set)
Preset $text = Some fixed text
That worked well when elog was started by root (and falling to user elog),
but later, I moved all the elog tree to /home/my_name/.elog,
(I'd like to start it only when I'm logged, it's only for personnal data)
changed all the attributes/permissions ($chown -R my_name:my_group .elog)
and none of these commands still works ! I use the -x option to allow
shell substitution.
More surprisingly, even the fixed text doesn't work (???) |
First of all, you could use
Preset R-Date = $date
instead of the shell command. Secondly, the command
Preset $text = $shell(whoami && set)
is wrong. Replace it by
Preset text = $shell(whoami && set)
without the "$".
G. Vandemoortele wrote: | By the way, I also seen that it is necessary to set Usr and Grp to "elog"
via the config file even when it's started by root, because otherwise,
you always get the strings 'Falling back to default group "elog"' and
Falling back to default user "elog" in the output of the shell substitutions. |
There is a good reason for that. If you run elogd as root, this can open a dangerous hole into your system. If there would be any bug in elog, an attacker could gain root access easily. By falling back to a non-root user, the damage can be minimized. As a precaustion, elog falls back to Usr and Grp "elog" if that setting is missing in the config file.
When you run elog under your user name, this fallback is not necessary. Why you got the message 'Falling back' is a mystery to me. I tried to reproduce that, so I run under a non-root account with following config:
[global]
port = 1234
[demo]
Attributes = Subject
Preset Subject = $shell(date +"%Y/%m/%d %H:%S")
and correctly got the date in the "Subject" field with ELOG V2.6.1-1640. |
1638
|
Sat Jan 28 10:40:18 2006 |
| G. Vandemoortele | gvdmoort@skynet.be | Question | Linux | 2.6.1 CVS | Re: Running elog as ordinnary user |
Stefan Ritt wrote: |
First of all, you could use
Preset R-Date = $date
instead of the shell command. Secondly, the command
Preset $text = $shell(whoami && set)
is wrong. Replace it by
Preset text = $shell(whoami && set)
without the "$".
|
I'm sorry ; even with this correction, none of the preset strings created with
a substitution mechanism (shell or built-in) works when elogd is started as
ordinnary user. I've tried the same config file /home/gv/.elog/elogd.cfg :
port = 8080
Language = french
Main Tab = Accueil
Usr = gv
Grp = users
Logbook dir = /home/gv/.elog/logbooks
[gauthier]
Self register = 1
Password file = passwd
Theme = default
Comment = Logbook personnel
Default encoding = 1
Time format = %a, %d/%m/%Y %H:%M
Attributes = Type, Statut, Priorité, Sujet, R-Date
Preset R-Date = $shell(/usr/bin/date +"%Y/%m/%d %H:%S")
Preset text = $shell(whoami && set)
;Preset text = Blablabla
;Preset text = $date
Start page = ?rsort=Record date
List display = R-Date, Type, Statut, Priorité, Sujet
Options Type = Divers, Lectures, Musique, Aca, Finances, Santé
Options Statut = A faire, Exécuté, Journal
Options Priorité = 0, 1, 2, 3
Preset Priorité = 0
Extendable Options = Type
Thread display = $sujet ($entry time)
Required Attributes = Type, Sujet
Page Title = ELOG - $subject
Reverse sort = 1
Quick filter = R-Date, Statut, Type
Sort Attributes = Priorité, R-Date
Started via root (# /usr/sbin/elogd -c /home/gv/.elog/elogd.cfg -x), it works,
but via "gv" ($ /usr/sbin/elogd -c /home/gv/.elog/elogd.cfg -x), it doesn't.
Regards,
Gauthier |
1639
|
Sat Jan 28 12:54:03 2006 |
| Stefan Ritt | stefan.ritt@psi.ch | Question | Linux | 2.6.1 CVS | Re: Running elog as ordinnary user |
G. Vandemoortele wrote: | Started via root (# /usr/sbin/elogd -c /home/gv/.elog/elogd.cfg -x), it works,
but via "gv" ($ /usr/sbin/elogd -c /home/gv/.elog/elogd.cfg -x), it doesn't. |
I tried with your config file, and it works fine (see attached screendump). So I have no clue right now why it is not working in your case. |
Attachment 1: screendump.png
|
|
1640
|
Mon Jan 30 10:21:41 2006 |
| Dimitrios Tsirigkas | dimitrios.tsirigkas@cern.ch | Bug report | Linux | 2.6.0 | Re: ELOG v2.6.0 (Linux) crashes while using " Forgot password?" |
Dimitrios Tsirigkas wrote: | A fix is always for all versions, since I have a common code base. Have you tried Version 2.6.1? |
Yep, 2.6.1 works fine. Thanks,
Dimitris |
1641
|
Mon Jan 30 11:41:18 2006 |
| Dimitrios Tsirigkas | dimitrios.tsirigkas@cern.ch | Question | Linux | 2.6.1 | Running ELOG under Apache | Hi,
Sorry if this has been asked elsewhere and I'm missing it. I want to stop users from accessing my elog by loading the URL: http://mycomputerURL:8080 and only make it accessible through http://mycomputerURL/elog. The end goal would be to use Apache to control access. I followed the instructions under "Running elogd under Apache" in the admin guide, but what that did was simply to redirect browsers trying to load ttp://mycomputerURL/elog to http://mycomputerURL:8080.
Thanks,
Dimitris |
1642
|
Mon Jan 30 12:27:08 2006 |
| Stefan Ritt | stefan.ritt@psi.ch | Question | Linux | 2.6.1 | Re: Running ELOG under Apache |
Dimitrios Tsirigkas wrote: | Sorry if this has been asked elsewhere and I'm missing it. I want to stop users from accessing my elog by loading the URL: http://mycomputerURL:8080 and only make it accessible through http://mycomputerURL/elog. The end goal would be to use Apache to control access. I followed the instructions under "Running elogd under Apache" in the admin guide, but what that did was simply to redirect browsers trying to load ttp://mycomputerURL/elog to http://mycomputerURL:8080. |
If you want to have user-level access control, you need to do that with the config option
Password file = ...
Then, if you have the
URL = http://mycomputerURL/elog
statement in your config file, you get redirected from elogd after each login automatically to that URL. If you physically want to block the 8080 port, you have to do that on the operating system level, like with iptables or ipchains. |
1643
|
Mon Jan 30 16:26:08 2006 |
| T. Ribbrock | emgaron@gmx.net | Bug report | Linux | 2.6.1-1637 | Numbered lists get closed by </ul> | I just ran into the following problem (and was able to reproduce it in the "demo" logbook on this site):
Numbered list follows:
- one
- two
- three
This text is indented, as the list was not closed properly.
- four
- five
- six
And now we have double indention... |
|