Demo Discussion
Forum Config Examples Contributions Vulnerabilities
  Discussion forum about ELOG, Page 343 of 807  Not logged in ELOG logo
New entries since:Thu Jan 1 01:00:00 1970
ID Date Icon Author Author Email Category OS ELOG Version Subject
  67073   Wed Jun 1 15:05:59 2011 Angy Sara Vaninisara.vanini@pd.infn.itBug reportLinux2.7HELP - URGENT - odd ELOG behaviour
  67072   Tue May 31 17:38:57 2011 Question Hung Daohungtdao@yahoo.comInfoWindows2.xIs there maximum number of entries?

Does anyone know whether ELOG has limit number of entries or it can create new entries as many as it can go?  Thanks.

  67071   Tue May 31 13:48:41 2011 Entry Peter de Molpcwdemol@gmail.comBug reportWindows2.7.8-2280Find page resets quick filters if fields with user defined (drop-down)lists are selected.

 Hi Stefan,

First : Compliments with your fine application !

The issue : A user wants to search the database. He selects one of the quick filters (e.g. "Show Last / Month"). Next he fills in the form and as long as text boxes are used there is no problem. But when he chooses a value from a populated drop-down list, the quick filter disappears. Other way round (first drop-down list and then the quick filter) no problem.

 

Kind regards,

 

Peter de Mol

elog.png

  67070   Mon May 30 12:28:53 2011 Warning Andreas Luedekeandreas.luedeke@psi.chBug reportLinux2.9.0-2414elogd crashes when running mirror cron with SSL and KRB5
When I run a mirror server and both logbooks using SSL/KRB5 then the cron job causes a segmentation fault.

I haven't tried to check it with a simple configuration yet.
My set-up: two elogd on same server, one running "german" on port 444, the other "english" on port 445.
Both are behind an apache webserver configured reverse proxy, to hide the ports for external access.
I'll try to reproduce the fault with a "minimal configuration" soon and report again.


Debug output from GDB:

run -x -c /usr/local/elog/elogd_en.cfg
Starting program: /opt/elog-2.9.0/elog/elogd -x -c /usr/local/elog/elogd_en.cfg
elogd 2.9.0 built May 30 2011, 11:14:32 revision 2414
File "/var/run/elogd.pid" exists, using "/var/run/elogd.pid.445" instead.
Falling back to default group "elog"
Falling back to default user "elog"
User "elog" not found
Falling back to default user "nobody"
FCKedit detected
Falling back to default group "elog"
Falling back to default user "elog"
User "elog" not found
Falling back to default user "nobody"
ImageMagick detected
Indexing logbooks ... done
SSLServer listening on port 445 ...

Program received signal SIGSEGV, Segmentation fault.
0x0030b7b5 in SSL_write () from /lib/libssl.so.6
  67069   Fri May 20 22:45:00 2011 Idea John M O'Donnellodonnell@lanl.govBug fixLinuxsvn 2414my_shell (OS_UNIX) uses /tmp/elog_shell - conflict when more than one elogd runs at the same time

all instances of elogd use the same file name in /tmp when calling my_shell.  This can cause some inconsistent behavior when two or more copies of elogd are runnnig at the same time.  (eg. one might detect ImageMagik is installed, and the other not,)

 

The propsed solution is to have the parent read from a pipe to the child rather from a file.  A patch is attached.

Attachment 1: elogd.c.patch_shellPipe
--- elogd.c.orig	2011-05-20 13:28:48.000000000 -0600
+++ elogd.c	2011-05-20 14:16:12.000000000 -0600
@@ -866,25 +866,27 @@
 
 #ifdef OS_UNIX
    pid_t child_pid;
-   int fh, status, i;
+   int fd[2], status, i;
    char str[256];
 
+   /* create pipe for parent<->child communication */
+   if (pipe(fd) < 0)
+      return 0;
+
    if ((child_pid = fork()) < 0)
       return 0;
    else if (child_pid > 0) {
-      /* parent process waits for child */
-      waitpid(child_pid, &status, 0);
+
+      /* parent does not write to child */
+      close(fd[1]);
 
       /* read back result */
       memset(result, 0, size);
-      fh = open("/tmp/elog-shell", O_RDONLY);
-      if (fh > 0) {
-         i = read(fh, result, size);
-         close(fh);
-      }
+      i = read(fd[0], result, size);
+      close(fd[0]);
 
-      /* remove temporary file */
-      remove("/tmp/elog-shell");
+      /* parent process waits for child */
+      waitpid(child_pid, &status, 0);
 
       /* strip trailing CR/LF */
       while (strlen(result) > 0 && (result[strlen(result) - 1] == '\r' || result[strlen(result) - 1] == '\n'))
@@ -926,8 +928,7 @@
             eprintf("Falling back to user \"%s\"\n", str);
       }
 
-      /* execute shell with redirection to /tmp/elog-shell */
-      sprintf(str, "/bin/sh -c \"%s\" > /tmp/elog-shell 2>&1", cmd);
+      /* execute command with redirection to pipe to parent */
 
       if (is_verbose()) {
          efputs("Going to execute: ");
@@ -935,7 +936,17 @@
          efputs("\n");
       }
 
-      system(str);
+      /* redirect stdout/stderr to pipe for parent to read */
+      close(STDOUT_FILENO); dup2(fd[1], STDOUT_FILENO);
+      close(STDERR_FILENO); dup2(fd[1], STDERR_FILENO);
+      /* child does not read the pipe */
+      close(fd[0]);
+      /* child nolonger uses fd[1] - use stderr or stdout instead */
+      close(fd[1]);
+      
+      if (system(cmd) == -1) {
+          fprintf(stderr, "unable to execute command: %s\n", cmd);
+      }
       _exit(0);
    }
 
  67068   Tue May 17 17:00:03 2011 Reply Olivier CallotOlivier.Callot@cern.chBug reportAll2.9.0Re: Self Register = 3 doesn't work any longer

Stefan Ritt wrote:

Olivier Callot wrote:

Dear Stefan, after a long time I managed to get a test setup. The line that creates the misbehaviour is

Guest Menu Commands      = List, Find, Login, Help

which seems inocuous! But with this line a user with inactive account can login without validation. Without this line I get also the proper web page indicating that the account has to be activated when I register as new user.

Another little annoyance: When a user is prevented from login ("The account is currently deactivated") there is NO WAY to login, as any action with Elog tries to use the (non activated) username and password. I can't get back the login page!

Thanks

Great. This this description I could reproduce the error and fix it. The fix is in SVN revision 2414.

Cheers, Stefan. 

 If you could also obtain the display of the message "Your request has been forwarded to the administrator.You will be notified by email upon activation of your new account." when a new user apply in the presence of the Guest Menu commands, that would be perfect. Cheers

  67067   Tue May 17 16:37:42 2011 Reply Stefan Rittstefan.ritt@psi.chBug reportAll2.9.0Re: Self Register = 3 doesn't work any longer

Olivier Callot wrote:

Dear Stefan, after a long time I managed to get a test setup. The line that creates the misbehaviour is

Guest Menu Commands      = List, Find, Login, Help

which seems inocuous! But with this line a user with inactive account can login without validation. Without this line I get also the proper web page indicating that the account has to be activated when I register as new user.

Another little annoyance: When a user is prevented from login ("The account is currently deactivated") there is NO WAY to login, as any action with Elog tries to use the (non activated) username and password. I can't get back the login page!

Thanks

Great. This this description I could reproduce the error and fix it. The fix is in SVN revision 2414.

Cheers, Stefan. 

  67066   Tue May 17 13:19:03 2011 Reply Olivier CallotOlivier.Callot@cern.chBug reportAll2.9.0Re: Self Register = 3 doesn't work any longer

Stefan Ritt wrote:

Olivier Callot wrote:

 

I tried again and confirm the version number. I never got this pannel saying that my request will be processed by an adminstrator. Maybe the installation was incomplete? Is this pannel outside the standard src files?  I receive the mail as administrator, but the accout is already valid BEFORE I validate it.

This was working in previous versions, i.e. the entry was not created at all. And login wasn't possible.

We went back to 2.8.0 as the server is regularly crashing with 2.9.0 and we have to keep it alive for our running experiment. We are trying to isolate and reproduce the problem...

Try to use the simple config file, and see what happens there. Maybe it's a config option you use differently in the experiment. If you identify the config option which triggers the problem, I can probably reproduce it and fix it. Concerning crashes of 2.9.0: We have it running stably for our experiments, that's why I released it. But there are major changes since 2.8.0, mainly the Kerberos authentification (actually people from CERN asked for that). So it could be that in your case there are problems I don't see. In that case you have to test with which options in the config file the problems start. If elogd crashes, a stack dump would maybe also be helpful for me.

 Dear Stefan, after a long time I managed to get a test setup. The line that creates the misbehaviour is

Guest Menu Commands      = List, Find, Login, Help

which seems inocuous! But with this line a user with inactive account can login without validation. Without this line I get also the proper web page indicating that the account has to be activated when I register as new user.

Another little annoyance: When a user is prevented from login ("The account is currently deactivated") there is NO WAY to login, as any action with Elog tries to use the (non activated) username and password. I can't get back the login page!

Thanks

ELOG V3.1.5-3fb85fa6