Hi, I tried to set up an ELOG from a windows machine. Its functionalities work without any problem, but I cannot access at all this ELOG from any other machine. I tried to search in this forum, but with no avail.

Could someone perhaps tell me know how to fix this problem? Or did I miss something obvious in the configuration of the ELOG?

Cheers,

Duarte

Probably a problem with your Windows Firewall. You have to convice your OS to let you in.

Stefan

Do you know which settings in the firewall panel I should change (windows 10 machine)? I went over all the access rules and could not find anything corresponding to the ELOG.

Duarte

I'm not a Windows user so I don't know details. But I believe you have to make an exception in the firwall for the elogd.exe executable. You can certainly Google how to do that for any executable.

Stefan

I'm testing the PAM authentication feature, and have a couple questions, a suggestion, and a comment.

First the comment... it was pretty easy to get working, and is exactly what we need here, so thanks! Our PAM stack here is designed to allow logins with Active Directory, LDAP, or local accounts, so the PAM option preserves all of that.

The suggestion: In order to make it work, I had to add a symbolic link in /etc/pam.d:
    elogd -> system-auth
That might be considered for addition to the documentation (this was on Red Hat Enterprise Linux 7.7)

The questions:

1. The docs indicate that "Self register" must be set to >= 1, but in the code (elogd.c, line 26453), if the PAM module is enabled, Self register is overriden to 0. The result is that no "register as new user" link is displayed on the login screen. Is that the intent?
2. Related... can PAM and File authentication both be enabled? We have some logbooks that are used by both internal people (with an A/D account) and outside collaborators that get local elog accounts. This works with LDAP + File, can it work with PAM?

Thanks in advance!

David, thank you for reporting on your findings regarding the PAM feature. I will look into the points you mentioned:

0. On my machines (Debian testing and stable) I did not have to add anything to /etc/pam.d, but apparently Debian just uses implicit defaults then, and REHL might insist on using excplicit settings. Adding a hint in the documentation is certainly useful, thank your for the suggestion. Maybe elog should provide a pam.d config file (which can be installed/adapted by package maintainers for various OSes).

1.+2. If I remember correctly, I intentionally disabled registration when using the PAM backend, because users will register using their passwd/LDAP/NIS users, and new users can only be regustered using the appropriate tools for the authentication mechanism used. This might not be correctly reflected in the docs, I will check that. In the light of question 2., I can also re-investigate that policy, so that logins will check against both the elog user database and PAM. Self-registering can then be enabled again, and new registrees will go to the elog database. I will try to bringthe code in line with how LDAP works.

regards,

Christoph

Hi Christoph,

Thanks for looking into this, if you can enable PAM + File, our users would be very happy!

The pam.d issue is probably related to CentOS/Red Hat, since our PAM expert warned me that it might be necessary.

Hi David,

sorry for the delay, I currently am very busy with other important work-related business, I hope I can find some time to look into this during christmas holiday season.

Have nice holidays,

Christoph

Hi,

First, thanks to ELOG tool !

I'm trying to swicth a ELOG 3.1.2 server with local passwd DB to GIT version builded with SSL/PAM/LDAP options. I reuse the buildrpm script which generates correctly RPM files.

After installing on EL6 x86_64 server, i update the elogd.conf file according to GIT version doc :

• Authentication = PAM
• Password file = /usr/local/elog/elog_users.pam   (new file as i want to keep the old local DB)
• Self register = 3

I add a link for pam module :

$ ll /etc/pam.d/elogd
lrwxrwxrwx 1 root root 11 Jan 24 16:23 /etc/pam.d/elogd -> system-auth

elogd starts well

elogd 3.1.4 built Jan 24 2020, 07:34:02 revision 283534d
Config file  : /usr/local/elog/elogd.cfg
Resource dir : /usr/local/elog/
Logbook dir  : /usr/local/elog/logbooks/
Falling back to default group "elog"
Falling back to default user "elog"
CKeditor detected
Falling back to default group "elog"
Falling back to default user "elog"
Going to execute: /bin/sh -c "convert -version" > /tmp/elog_okY7qv 2>&1
Falling back to default group "elog"
Falling back to default user "elog"
Going to execute: /bin/sh -c "/usr/bin/convert -version" > /tmp/elog_xBge3f 2>&1
Falling back to default group "elog"
Falling back to default user "elog"
Going to execute: /bin/sh -c "/usr/local/bin/convert -version" > /tmp/elog_GfKWF0 2>&1
Falling back to default group "elog"
Falling back to default user "elog"
Going to execute: /bin/sh -c "/opt/local/bin/convert -version" > /tmp/elog_uZtajL 2>&1
ImageMagick NOT detected. Image scaling will not work.
Indexing logbook "logbook1" in "/usr/local/elog/logbooks/logbook1/" ... ok
Indexing logbook "logbook2" in "/usr/local/elog/logbooks/logbook2/" ... ok
Server listening on port 8080 ...

When i try to connect, ELOG login window shows "Invalid user name or password!" .

The logfile (level 9) shows :

24-Jan-2020 16:36:28 [IP] POST /logbook1/ HTTP/1.1
24-Jan-2020 16:36:28 [IP] {MCO} LOGIN user "toto" (attempt)
24-Jan-2020 16:36:28 [IP] {MCO} [PAM] Starting authentication for user toto
24-Jan-2020 16:36:29 [IP] {MCO} [PAM] Authentication not successful for user toto

The problem appears for all Linux users as well.

Does i miss something ?

Thanks for help.

Laurent

Hi Laurent,

does the ELOG server show the window immediately before even showing the login mask?

Christoph

Hi,

Before le pam module link, yes.

After adding it, I wait some seconds before new login window popups with password error message.

FYI i added ACL on /etc/shadow file to allow elog user for reading. Testing from elog login shell is OK.

Any suggestion ?

Hello again, 

I love to use elog, but I don't need any other accessing it for the moment. So, it is possible to run elog locally on my PC, and make it not accessible from outside? 

Moreover, I installed elog on a linux virtual machine running with Virtual Box on Windows 10. Is it possible to open/edit my elog both from the linux VM and from the Windows system? without any accessibility from outside my PC?

Many many thanks

Sara

Thanks John. I found the linux IP address with ifconfig, type it on my windows machine with the port number, but it doesn't work, the error is "website not found"... what else could I try?

Regards

Sara

After we upgarde to eLog 3.1.4 ... The HTML editor tools are grayed out and you can't paste any images in the body of the log like I did below.. Any help will be much appreciated..

This typically happens if you update only the executabe and not the full directory tree with the ELOG JavaScript files.

/Stefan

Thank yoy for responding back to me ... I run the excutable that I downloaded from the website .. How can I do the full directory tree with the ELOG JavaScript files??

We just tested eLog and it works in Chrome but not in IE .. Is it a setting issue that we need to chnage on IE ?!

Hello,

I'm using ELOG with Ubuntu 19. When I create or edit an entry and I start writing, it hangs for few seconds, resumes, and all over again intermittently.

How can I fix it?

Best

Sara

Dear,

I need to setup automatic email notification using direct send through a office365 smtp server.
This part worked without any issue after setting the right MX record as SMTP host.
As I am working on the configuration file while it is already use, I created a copy of the [GENERAL] logbook to make my tests called [GENERAL COPY] (see attachement and below for the config file).

Surprisingly I manage to send the email without errors using [GENERAL COPY] but not in [GENERAL]. In that case, I get this error message:
Error sending Email via <i>"cta####-####.mail.protection.outlook.com"</i>: 4.5.3 Recipients belong to multiple tenants [AM5EUR02FT024.eop-EUR02.prod.protection.outlook.com]

In that case, I was actually not sending the mail to a mailing list but to myself, a registered user.

Do you see any reason why two identical logbooks (except for the name) would behave differently ?

Best,

elogd.cfg:

[global]
port = 8090
SSL = 0
Self register = 0
Welcome Title = <html><font size=5>Welcome to the LST1 Elog server</font></html>
Main Tab = Main Logbooks page
URL = #######
SMTP host = cta####-####.mail.protection.outlook.com
SMTP port = 25
Use Email From = mailing-list@cta-####.org
Display Email recipients = 0
Email message body      = 1

[GENERAL]
Theme = default
Comment = LST1 General ELOG
Attributes = Author, Type, Subject, Status
Options Type = Announcements, Shift Summary, Webserver, Plans, Safety, Operations, Interventions, Measurements, Structure, Issue
Options Status = Fixed, Under Process, Not Fixed
Cell Style Status Fixed  = background-color:green
Cell Style Status Not Fixed  = background-color:red
Cell Style Status Under Process  = background-color:yellow
Extendable Options = Type
Required Attributes = Author, Type
Page Title = ELOG - $subject
Reverse sort = 1
Quick filter = Date, Type, Status
Use Email Subject = $Type, $Subject
Email Type Webserver = mailing-list@cta-####.org
Email Type "Shift Summary" = mailing-list@cta-####.org
Admin user = camera
Password file = camera.pwd

[GENERAL COPY]
Theme = default
Comment = LST1 General ELOG
Attributes = Author, Type, Subject, Status
Options Type = Announcements, Shift Summary, Webserver, Plans, Safety, Operations, Interventions, Measurements, Structure, Issue
Options Status = Fixed, Under Process, Not Fixed
Cell Style Status Fixed  = background-color:green
Cell Style Status Not Fixed  = background-color:red
Cell Style Status Under Process  = background-color:yellow
Extendable Options = Type
Required Attributes = Author, Type
Page Title = ELOG - $subject
Reverse sort = 1
Quick filter = Date, Type, Status
Use Email Subject = $Type, $Subject
Email Type Webserver = mailing-list@cta-####.org
Email Type "Shift Summary" = mailing-list@cta-####.org
Admin user = camera
Password file = camera.pwd

When creating new logbook entries, recent versions of firefox somehow ignore the message width setting.

For example, configure a logbook with:
Message Width = 76
Message Height = 20

Then, create a new plain text entry that contains very long lines.  The text entry box is the correct size, but once you hit submit and view the full display of the message, it is not wrapped properly.  The summary display is wrapped properly, but not the full display.

We've only found this to be a problem with recent versions of firefox.  Chromium, Safari, and old versions of firefox behave properly.

As an example, I created this same entry in the demo logbook using Safari.  As you can see there, the message is wrapped at the width that I set the text entry box.

https://elog.psi.ch/elogs/Linux+Demo/9

> When creating new logbook entries, recent versions of firefox somehow ignore the message width setting.
> 
> For example, configure a logbook with:
> Message Width = 76
> Message Height = 20
> 
> Then, create a new plain text entry that contains very long lines.  The text entry box is the correct size, but once you hit submit and view the full display of the message, it is not wrapped properly.  The summary display is wrapped properly, but not the full display.
> 
> We've only found this to be a problem with recent versions of firefox.  Chromium, Safari, and old versions of firefox behave properly.

In some of our logbooks, some columns are very narrow, which makes their content difficult to read. I have tried adding a custom css file like this:

But I find that the column width does not change. I have verified via element inspection that the width attribute is active on the correct column (td).

Am I doing someting wrong, or is this not possible?

You need

/Stefan

Awesome, thank you!