Promoted to main.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/913694
Title:
[MIR] whoopsie-daisy
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/whoopsie-d
This bug was fixed in the package whoopsie-daisy - 0.1.8
---
whoopsie-daisy (0.1.8) precise; urgency=low
* Security fixes. Thanks Jamie Strandboge for the review.
- Check the return value of the open call in get_system_uuid.
- Properly initialize libcrypt.
- Check that t
** Branch linked: lp:whoopsie-daisy
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/913694
Title:
[MIR] whoopsie-daisy
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/
Feel free to mark this bug as 'Fix Committed' once you upload an updated
whoopsie to the archive with these changes.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/913694
Title:
[MIR] whoopsie-daisy
You're welcome. Looking at the bzr branch it looks like you addressed
all the issues. Thanks! :)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/913694
Title:
[MIR] whoopsie-daisy
To manage notificat
On Tue, Feb 14, 2012 at 6:09 PM, Evan Dandrea
wrote:
> On Fri, Feb 10, 2012 at 4:19 PM, Jamie Strandboge wrote:
>> * get_crash_db_url(): needs to verify the url. Granted, it should be
>> tightly controlled via the initscript or the root user, but still.
>
> Verified how? I could ensure there's an
On Tue, Feb 14, 2012 at 7:16 PM, Jamie Strandboge wrote:
>>> * get_crash_db_url(): needs to verify the url. Granted, it should be
>>> tightly controlled via the initscript or the root user, but still.
>> Verified how? I could ensure there's an http:// on the front and a NUL
>> terminator on the
Thanks for taking care of these items. I'll respond to your questions
here:
>> * get_crash_db_url(): needs to verify the url. Granted, it should be tightly
>> controlled via the initscript or the root user, but still.
> Verified how? I could ensure there's an http:// on the front and a NUL
> ter
On Fri, Feb 10, 2012 at 4:19 PM, Jamie Strandboge wrote:
> I spent quite a bit of time looking at whoopsie and overall I think it
> looks to be in pretty good shape, but needs some updates (see below).
Thank you so much for this comprehensive review.
> * get_crash_db_url(): needs to verify the u
** Attachment added: "whoopsie-parser-tests.tar.gz"
https://bugs.launchpad.net/ubuntu/+source/whoopsie-daisy/+bug/913694/+attachment/2729811/+files/whoopsie-parser-tests.tar.gz
** Changed in: whoopsie-daisy (Ubuntu)
Status: New => In Progress
** Changed in: whoopsie-daisy (Ubuntu)
I spent quite a bit of time looking at whoopsie and overall I think it
looks to be in pretty good shape, but needs some updates (see below).
Since whoopsie is started as root, I looked very carefully at the section
before it drops privileges. Here is what I found:
* sets up signals: fine
* parse
Fixed in 0.1.7. Apologies for that oversight.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/913694
Title:
[MIR] whoopsie-daisy
To manage notifications about this bug go to:
https://bugs.launchpad.n
I get a segmentation fault when try to access the whoopsie-daisy preferences:
$ gnome-control-center whoopsie-daisy
** WARNING **: Could not load interface file Failed to open file
'/build/buildd/whoopsie-daisy-0.1.5/debian/whoopsie/usr/share/gnome-control-center/ui/whoopsie.ui':
No such file or
Most of those work items have to do with the backend service that this
reports to.
It's currently defaulted to localhost as we're still in the process of
deploying the backend service on Canonical's servers.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is
Oh, and yes, as a matter of convenience I've put that backend service in
the source package. However, once we're past Feature Freeze, I'm likely
to deploy updates to it from bzr.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https:/
The https://blueprints.launchpad.net/ubuntu/+spec/foundations-p-crash-
database has a lot of TODO items. Are all these changes expected to be
part of this same source package which is intended to be in main?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is s
Still working through this and trying to understand the design. I did find that
after installing the package it doesn't start:
$ sudo whoopsie
** WARNING **: Could not get crash database location.
I'm assuming this is because of this line in /etc/init/whoopsie.conf:
env CRASH_DB_URL=http://local
0.1.6 fixed that, which should be in the archive by now.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/913694
Title:
[MIR] whoopsie-daisy
To manage notifications about this bug go to:
https://bugs.
Just starting to look at this, but an 'apt-get install whoopsie' results in:
Setting up whoopsie (0.1.5) ...
chgrp: cannot access `/var/crash/*.crash': No such file or directory
dpkg: error processing whoopsie (--configure):
subprocess installed post-installation script returned error exit status
Jamie,
Any luck with this? Whoopsie 0.1.5 is now in the archive, which drops
the CAP_FOWNER code (0.1.4) and adds a user interface in the control
center for an administrator to disable crash reporting.
Cheers!
--
You received this bug notification because you are a member of Ubuntu
Bugs, which
James Troup has helpfully pointed out that the CAP_FOWNER stuff is
entirely unnecessary. We can just write a .uploaded file once we've
processed the crash, and delete those in cron. Sometimes the simplest
solution... :-/
--
You received this bug notification because you are a member of Ubuntu
B
Okay, whoopsie-daisy 0.1.3 is ready for review.
The daemon now drops privileges and all capabilities, except for
CAP_FOWNER. Keeping CAP_FOWNER allows it to ignore the sticky bit in
/var/crash and remove the .upload files, which are created by regular
users to indicate that a crash report should
Michael,
Indeed, I have a note in the code about using that when it's in the
archive (at the time, it wasn't). I'll give it another look.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/913694
Title:
Evan, if all you are using NetworkManager for is watching connected-
status (quick scan of code made me think so), maybe you can get by with
the new GNetworkMonitor in gio:
http://developer.gnome.org/gio/unstable/GNetworkMonitor.html
--
You received this bug notification because you are a member
I've fixed the +junk branch and production comment in trunk (now lp
:whoopsie-daisy). Do hold off on the security review, as I have changes
in trunk to drop privileges and read the system UUID, amongst other
things.
I've been holding off on uploading these. Dropping privileges breaks
communicati
Assigning to Jamie since this package parses crash report files
manually.
But aside from that security review, this seems a little not-ready? The
upstream bzr is a +junk branch, and there's comments like "this code
should be removed before we go production"
** Changed in: whoopsie-daisy (Ubuntu)
26 matches
Mail list logo
