ELOG Administrator's Guide  

How to set up and run your very own ELOG server

  Installing and running on Linux  


Installation from the RPM file:

Since version 2.0, ELOG contains a RPM file which eases the installation. Get the file elog-x.x.x-x.i386.rpm from the download section and execute as root "rpm -i elog-x.x.x-x.i386.rpm". This will install the elogd daemon in /usr/local/sbin and the elog and elconv programs in /usr/local/bin. The sample configuration file elogd.cfg together with the sample logbook will be installed under /usr/local/elog and the documentation goes to /usr/share/doc. The elogd startup script will be installed at /etc/rc.d/init.d/elogd. To start the daemon, enter

It will listen under the port specified in /usr/local/elog/elogd.cfg which is 8080 by default. So one can connect using any browser with the URL:

To start the daemon automatically, enter:

which will start the daemon on run levels 3,4 and 5 after the next reboot.

Note that the RPM installation creates a user and group elog, under which the daemon runs.

To start the daemon on non-RedHat systems, like SuSE or Solaris, a more generic startup scrips has been provided by Steve Jones in the Contributions section.


Installation from the tarball:

Download the latest elog-x.x.x.tar.gz package.

Make sure you have the libssl-dev package installed. Consult your distribution for details.

Expand the compressed TAR file with tar -xzvf elog-x.x.x.tar.gz. This creates a subdirectory elog-x.x.x where x.x.x is the version number. In that directory execute make, which creates the executables elogd, elog and elconv. On some systems like OpenBSD you have to execut gmake. These executables can then be copied to a convenient place like /usr/local/bin or ~/bin. Alternatively, a "make install" will copy the daemon elogd to SDESTDIR (by default /usr/local/sbin) and the other files to DESTDIR (by default /usr/local/bin). These directories can be changed in the Makefile. The elogd executable can be started manually for testing with :

where the -p flag specifies the port. Without the -p flag, the server uses the standard WWW port 80. Note that ports below 1024 can only be used if elogd is started under root, or the "sticky bit" is set on the executable.

When elogd is started under root, it attaches to the specified port and tries to fall-back to a non-root account. This is necessary to avoid security problems. It looks in the configuration file for the statements Usr and Grp.. If found, elogd uses that user and goupe name to run under. The names must of course be present on the system (usually /etc/passwd and /etc/group). If the statements Usr and Grp. are not present, elogd tries user and group elog, then the default user and group (normally nogroup and nobody). Care has to be taken that elogd, when running under the specific user and group account, has read and write access to the configuration file and logbook directories. Note that the RPM installation automatically creates a user and group elog.

If the program complains with something like "cannot bind to port...", it could be that the network is not started on the Linux box. This can be checked with the /sbin/ifconfig program, which must show that eth0 is up and running.

The distribution contains a sample configuration file elogd.cfg and a demo logbook in the demo subdirectory. If the elogd server is started in the elogd-x.x.x directory, the demo logbook can be directly accessed with a browser by specifying the URL http://localhost:8080 (or whatever port you started the elog daemon on). If the elogd server is started in some other directory, you must specify the full path of the elogd file with the "-c" flag and change the Data dir = option in the configuration file to a full path like /usr/local/elog.

Once testing is complete, elogd will typically be started with the -D flag to run as a daemon in the background, like this :

Note that it is mandatory to specify the full path for the elogd file when started as a daemon.

To test the daemon, connect to your host via :

If port 80 is used, the port can be omitted in the URL. If several logbooks are defined on a host, they can be specified in the URL :

where <logbook> is the name of the logbook.

The contents of the all-important configuration file elogd.cfg are described below.

  Notes for various platforms  

Mac OS X:

Under Mac OSX, ELOG must be compiled from the source code. The OSX command line tools (compiler & Co) must be available, which can be done thought he free Xcode package which can be obtained though the App Store. Once Xcode is installed, you can do a xcode-select --install to install the command line tools. After that, a simple make in in the elog directory does the job of compiling ELOG. If SSL support is needed (access via https://...), you have to install OpenSSL and turn on SSL support in the Makefile by setting USE_SSL = 1. You can install OpenSSL for example through the MacPorts project. After having installed MacPorts, you do a sudo port install openssl.

After successful compilation, you do a sudo make install to install all required files under the installation directory, which is by default /usr/local/. A subdirectory /usr/local/elog is created which contains a simple example logbook. The ELOG server can now be started either manually with

/usr/local/sbin/elogd

or through the daemon servics with

sudo launchctl load /Library/LaunchDaemons/ch.psi.elogd.plist

To stop the service, use

sudo launchctl unload /Library/LaunchDaemons/ch.psi.elogd.plist


Debian:

A Debian package is available under https://tracker.debian.org/pkg/elog.


Solaris:

Martin Huber reports that under Solaris 7 the following command line is needed to compile elog:

With some combinations of Solaris servers and client-side browsers there have also been problems with ELOG's keep-alive feature. In such a case you need to add the "-k" flag to the elogd command line to turn keep-alives off.


FreeBSD:

David Otto maintains the ELOG port for FreeBSD. To install ELOG on a FreeBSD system, you can simply type

  Running elogd under Apache  

For cases where elogd should run under port 80 in parallel to an Apache server, Apache can be configured to run Elog in a subdirectory of Apache. Start elogd normally under port 8080 (or similarly) as noted above and make sure it's working there. Then put following redirection into the Apache configuration file:

Make sure that the Apache modules mod_proxy.c and mod_alias.c are activated. Justin Dieters <enderak@yahoo.com> reports that mod_proxy_http.c is also required. The Redirect statement is necessary to automatically append a "/" to a request like http://your.host.domain/elog. Apache then works as a proxy and forwards all requests staring with /elog to the elogd daemon.

Note: Do not put "ProxyRequests On" into your configuration file. This option is not necessary and can be misused for spamming and proxy forwarding of otherwise blocked sites.

Because elogd uses links to itself (for example in the email notification and the redirection after a submit), it has to know under which URL it is running. If you run it under a proxy, you have to add the line:

into elogd.cfg.


  Installing ImageMagick  

When images are attached to ELOG entries, thumbnails can be created for quick preview. This works also for PDF and PostScript files. ELOG forwards any image operation to the ImageMagic and GhostScript packages, which must be installed for this to work. While these packages are installed on most Linux systems, windows users have to download and install these pagages manually. ImageMagick can be obtained from www.imagemagick.org and GhostScript can be obtained from http://pages.cs.wisc.edu/~ghost/. After the installation, it has to be made sure that both packages are in the path. This can be checked to open a command prompt and typing identify -version. This command should return someting like:

C:\>identify -version
Version: ImageMagick 6.3.8 01/25/08 Q16 http://www.imagemagick.org
Copyright: Copyright (C) 1999-2008 ImageMagick Studio LLC
When ELOG is started interactively, it checks for the ImageMagick installation and shows a note if it is found:

C:\Program Files\ELOG>elogd
elogd 2.7.2 built Feb 21 2008, 20:00:42 revision 2051
ImageMagick detected
Indexing logbooks ... done
Server listening on port 8080 ...
If ImageMagick is not installed, the thumbnail functions are simply disabled, but ELOG can otherwise run normally.


  Installing and running in Windows  

ELOG is distributed in binary (executable) form for Windows platforms. It will run happily in console mode (or "DOS box") under Windows 9x and ME. Under Windows NT and 2000 it is also possible to run it as a service (the Windows equivalent of a UNIX daemon).

Download the latest elogxxx.exe file and execute it. The installer puts the ELOG system into a directory you specify and adds some menu shortcuts. With these shortcuts, the daemon elogd.exe can be started directly and the demo logbook can be accessed with the browser. Alternatively, the elogd.exe daemon can be registered as a service under Windows NT/2000/XP, so it gets started automatically when windows boots. This can be selected during installation or be done manually with the start menu shortcuts.

While the pre-2.5.3 methods of installing elogd.exe as a daemon (namely FireDaemon and srvany.exe) are still possible, they are not recommended any more.

Under Windows, the ports below 1024 can be used without restriction. So if no web server is running on the same PC the ELOG daemon can be started under the standard Web port 80. This is achieved by changing the port=8080 option in elogd.cfg to port=80 and restarting elogd.


  Server Configuration  

The ELOG daemon elogd can be executed with the following options :

with :

The appearance, functionality and behaviour of the various logbooks on an ELOG server are determined by the single elogd.cfg file in the ELOG installation directory.

This file may be edited directly from the file system, or from a form in the ELOG Web interface (when the Config menu item is available). In this case, changes are applied dynamically without having to restart the server. Instead of restarting the server, under Unix one can send a HUP signal like "killall -HUP elogd" to tell the server to re-read its configuration.

The many options of this unique but very important file are documented on the separate elogd.cfg syntax page.

To better control appearance and layout of the logbooks, elogd.cfg may optionally specify the use of additional files containing HTML code, and/or custom "themes" configurations. These need to be edited directly from the file system right now.

The meaning of the directory flags -s and -d is explained in the section covering the configuration options Resource dir and Logbook dir in the elogd.cfg description.


  Secure Connections HOWTO  

Using elogd itself:

Starting from version 2.7.3 on, the elogd program supports secure connections over the Secure Socker Layer (SSL) directly. It is recommented to run elog only through secure HTTPS connections if passwords are used. Otherwise the passwords are send over the network in clear text and exposed to sniffing attacks. To use SSL, put SSL = 1 into the config file. If the URL = directive is used, make sure to use https://... instead of http://... there. The ELOG distribution contains a simple self-signed certificate in the ssl subdirectory. One can replace this certificate and key with a real ceritficate to avoid browser pop-up windows warning about the self-signed certificate.

Using Apache:

Another possibility is to use the
Apache web server as a proxy server allowing secure connections. To do so, Apache has to be configured accordingly and a certificate has to be generated. See some instructions on how to create a certificate, and see Running elogd under Apache before on this page on how to run elogd under Apache. Once configured correctly, elogd can be accessed via http://your.host and via https://your.host simultaneously.

The redirection statement has to be changed to and following has to be added to the section "VirtualHOst ...:443 in /etc/httpd/conf.d/ssl.conf: Then, following URL statement has to be written to elogd.cfg: There is a more detailed step-by-step instructions at the contributions section.

Using ssh:

elogd can be accessed through a a SSH tunnel. To do so, open an SSH tunnel like:

This opens a secure tunnel from your local host, port 1234, to the server host where the elogd daemon is running on port 8080. Now you can access http://localhost:1234 from your browser and reach elogd in a secure way.


  How It All Works  

For the technically curious :

The concept of ELOG is very simple. The logbook functionality is implemented by a single daemon program, elogd, which is written in C. It contains an integrated Web server, which does not serve files like standard Web servers, but reads logbook entries from its database and formats them into HTML. Since only forms and tables are used, no Java or Javascript is necessary, which makes the logbook display very fast. The system does not use any images on purpose to reduce the amount of data to be transferred. Since the ELOG daemon contains its own http server, no additional server like Apache is required.

The "database" in which ELOG saves its entries is in plain ASCII format. One file is created for each day in the form YYMMDDa.log (where YY is the year, MM the month and DD the day). For ELOG versions 1.x.x, the format was YYMMDD.log. Messages are separated internally by the string $@MID@$. If this string is entered in a message (main body text or attribute), it gets converted automatically in order not to invalidate the database structure.

If attachments are submitted, they are saved as separate files named YYMMDD_HHMMSS_name - where in addition to the date the time is specified and name is the original file name of the attachment. To copy the database to another computer, only the *.log files and the attachment files need to be copied. To copy for example all files from March 2001, just select them with 0103??a.log and 0103??_*.