From owner-freebsd-hackers@FreeBSD.ORG Tue Oct 29 16:53:03 2013 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id C1F3E9A for ; Tue, 29 Oct 2013 16:53:03 +0000 (UTC) (envelope-from mcdouga9@egr.msu.edu) Received: from mail.egr.msu.edu (hill.egr.msu.edu [35.9.37.162]) by mx1.freebsd.org (Postfix) with ESMTP id 9361724CD for ; Tue, 29 Oct 2013 16:53:03 +0000 (UTC) Received: from hill (localhost [127.0.0.1]) by mail.egr.msu.edu (Postfix) with ESMTP id 263E82D531 for ; Tue, 29 Oct 2013 12:53:02 -0400 (EDT) X-Virus-Scanned: amavisd-new at egr.msu.edu Received: from mail.egr.msu.edu ([127.0.0.1]) by hill (hill.egr.msu.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id f8NZTcJ0BiAb for ; Tue, 29 Oct 2013 12:53:02 -0400 (EDT) Received: from EGR authenticated sender Message-ID: <526FE7ED.5000903@egr.msu.edu> Date: Tue, 29 Oct 2013 12:53:01 -0400 From: Adam McDougall User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:24.0) Gecko/20100101 Thunderbird/24.0.1 MIME-Version: 1.0 To: freebsd-hackers@freebsd.org Subject: Re: Automated submission of kernel panic reports References: <526F8EB3.1040205@freebsd.org> In-Reply-To: <526F8EB3.1040205@freebsd.org> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Oct 2013 16:53:03 -0000 On 10/29/2013 06:32, Colin Percival wrote: > Hi all, > > I've written some code for automatically submitting kernel panic reports, > and I'd like some feedback before I place it into the ports tree. > > If ${panicmail_autosubmit} is set to NO, an email is sent to root containing > the panic data in both decrypted and encrypted forms. The system administrator > can then review the information and decide whether to allow it to be submitted. > Such emails look like this: > http://pastebin.com/w18pXah8 > > The code is in > http://svnweb.freebsd.org/base/user/cperciva/panicmail/ > and it uses my FreeBSD-base-system-only public-key encryption code: > http://svnweb.freebsd.org/base/user/cperciva/pkesh/ > > My plan is to get this into the ports tree, encourage people to install and > enable it, and then assuming it proves useful see it added into the FreeBSD > base system some day. At least initially I'd have panics coming to me, using > an encryption key which I hold; if/when it enters the FreeBSD base system, > some decision would need to be made (by core?) as to who should have access > to the panics. > > Comments? > The first thing that comes to mind is privacy so I looked at the information being submitted. Would it be possible to replace the hostname(s) and kernel config paths in the report with a hash by default? That way a site could still match up reports to internal hostnames without revealing anything specific about the source system. The hostname is only needed to differentiate sources and is not guaranteed to be unique anyway. Just thinking ahead about the information being obtained and reducing what is transmitted/stored in case it somehow falls into the wrong hands at some point in the future. Aside from that, I like it and would consider running it myself as long as I have appropriate control over the content. Thanks.