Demo Discussion
Forum Config Examples Contributions Vulnerabilities
  Discussion forum about ELOG, Page 57 of 807  Not logged in ELOG logo
New entries since:Thu Jan 1 01:00:00 1970
ID Date Icon Author Author Email Category OS ELOG Version Subject
  69414   Mon Nov 15 17:40:08 2021 Reply Sebastian Schenksebastian.schenk@physik.uni-halle.deQuestionAll3.1.4Re: Shared logbook and elog.cfg file across multiple installations

Hi Anthony,

the elog has a mirroring function, which synchornizes config and logs between multiple instances.
See the bottom section of https://elog.psi.ch/elog/config.html

Best wishes,
Sebastian

Anthony wrote:

Hi,

I'm wondering if it's possible to have a shared logbook and elog.cfg between multiple instances of elog.  Ideally, I'd like to have my logbooks folder and elog.cfg hosted on a nextcloud instance while running the elog service locally.  I've tried this using symlinks and shortcuts on windows with no luck.  I was able to install elog into my mounted nextcloud folder, but this isn't ideal as I would like this to work from multiple computers.

Any ideas or thoughts on how I can do this (if I can actually do this)?

 

  69413   Mon Nov 15 15:41:04 2021 Idea Anthonyanthony.weathers@pm.meQuestionAll3.1.4Shared logbook and elog.cfg file across multiple installations

Hi,

I'm wondering if it's possible to have a shared logbook and elog.cfg between multiple instances of elog.  Ideally, I'd like to have my logbooks folder and elog.cfg hosted on a nextcloud instance while running the elog service locally.  I've tried this using symlinks and shortcuts on windows with no luck.  I was able to install elog into my mounted nextcloud folder, but this isn't ideal as I would like this to work from multiple computers.

Any ideas or thoughts on how I can do this (if I can actually do this)?

  69412   Mon Nov 15 14:02:42 2021 Reply Sebastian Schenksebastian.schenk@physik.uni-halle.deBug reportWindows3.14Re: Restrict edit time = 0 behavior intended?

Hi Chris,

my old entry was related to the admin options of edit time.
The option "Admin restrict edit time" was implemented later, see ab8b98c

As a workaround you should be able to give "Restrict edit time" a ridiculous high number in the specific logbook, which should overwrite the global.
In the documentation is no rule specified for diabling global settings for specific logbooks, as far as i know.

Best wishes,
Sebastian

 

Chris Körner wrote:

Actually this is related to post 68993 from Sebastian Schenk in Jul 2019. Are there any new workarounds I may have missed?

Chris Körner wrote:

Hi,

I have set the options "Restrict edit time = 24" and "Admin restrict edit time = 0" in [global]. This way can only edit entries for 24 hours while the admin can forever. I now want a single logbook where all users have unlimited time to edit entries. However, setting "Restrict edit time = 0" in this specific logbook behaves differently to the admin setting as it simply sets the time to 0. Is this behavior intended or a bug? I guess a workaround is to specify the edit limitation not in global but in all logbooks seperately.

 

 

  69411   Mon Nov 15 11:48:25 2021 Reply Chris Körnerchris.koerner@physik.uni-halle.deBug reportWindows3.14Re: Restrict edit time = 0 behavior intended?

Actually this is related to post 68993 from Sebastian Schenk in Jul 2019. Are there any new workarounds I may have missed?

Chris Körner wrote:

Hi,

I have set the options "Restrict edit time = 24" and "Admin restrict edit time = 0" in [global]. This way can only edit entries for 24 hours while the admin can forever. I now want a single logbook where all users have unlimited time to edit entries. However, setting "Restrict edit time = 0" in this specific logbook behaves differently to the admin setting as it simply sets the time to 0. Is this behavior intended or a bug? I guess a workaround is to specify the edit limitation not in global but in all logbooks seperately.

 

  69410   Mon Nov 15 11:35:55 2021 Question Chris Körnerchris.koerner@physik.uni-halle.deBug reportWindows3.14Restrict edit time = 0 behavior intended?

Hi,

I have set the options "Restrict edit time = 24" and "Admin restrict edit time = 0" in [global]. This way can only edit entries for 24 hours while the admin can forever. I now want a single logbook where all users have unlimited time to edit entries. However, setting "Restrict edit time = 0" in this specific logbook behaves differently to the admin setting as it simply sets the time to 0. Is this behavior intended or a bug? I guess a workaround is to specify the edit limitation not in global but in all logbooks seperately.

  69409   Thu Nov 4 13:48:00 2021 Reply David Stopsdjs@star.sr.bham.ac.ukQuestionLinuxelog-3.1.4-2Re: results of security scan

Thanks, I'll try that and see what happens

 

David

Stefan Ritt wrote:

The elgod.c progarm itself is rather weak in SSL, since I just don't have time to catch up with the latest SSL enhancements. The safest you can do is to put an industry-strenth web server like Apache in front of elogd and let that server handle the SSL layer.

Stefan

David Stops wrote:

Recently central IT scanned our elog server and reported the following "vulnerabilities"

  • 42873 (1) - SSL Medium Strength Cipher Suites Supported (SWEET32)
  • 51192 (1) - SSL Certificate Cannot Be Trusted
  • 65821 (1) - SSL RC4 Cipher Suites Supported (Bar Mitzvah)
  • 85582 (1) - Web Application Potentially Vulnerable to Clickjacking

Is there any easy way of preventing these

Thanks and Best Wishes

David

 

 

  69408   Tue Nov 2 12:07:46 2021 Reply Stefan Rittstefan.ritt@psi.chQuestionLinuxelog-3.1.4-2Re: results of security scan

The elgod.c progarm itself is rather weak in SSL, since I just don't have time to catch up with the latest SSL enhancements. The safest you can do is to put an industry-strenth web server like Apache in front of elogd and let that server handle the SSL layer.

Stefan

David Stops wrote:

Recently central IT scanned our elog server and reported the following "vulnerabilities"

  • 42873 (1) - SSL Medium Strength Cipher Suites Supported (SWEET32)
  • 51192 (1) - SSL Certificate Cannot Be Trusted
  • 65821 (1) - SSL RC4 Cipher Suites Supported (Bar Mitzvah)
  • 85582 (1) - Web Application Potentially Vulnerable to Clickjacking

Is there any easy way of preventing these

Thanks and Best Wishes

David

 

  69407   Mon Nov 1 12:52:23 2021 Question David Stopsdjs@star.sr.bham.ac.ukQuestionLinuxelog-3.1.4-2results of security scan

Recently central IT scanned our elog server and reported the following "vulnerabilities"

  • 42873 (1) - SSL Medium Strength Cipher Suites Supported (SWEET32)
  • 51192 (1) - SSL Certificate Cannot Be Trusted
  • 65821 (1) - SSL RC4 Cipher Suites Supported (Bar Mitzvah)
  • 85582 (1) - Web Application Potentially Vulnerable to Clickjacking

Is there any easy way of preventing these

Thanks and Best Wishes

David

ELOG V3.1.5-3fb85fa6