GNU bug report logs - #52866
maintenance: Add a crash dump service.

Previous Next

Package: guix-patches;

Reported by: Mathieu Othacehe <othacehe <at> gnu.org>

Date: Wed, 29 Dec 2021 09:17:01 UTC

Severity: normal

Done: Mathieu Othacehe <othacehe <at> gnu.org>

Bug is archived. No further changes may be made.

Full log

Message #25 received at 52866-done <at> debbugs.gnu.org (full text, mbox):

From: Mathieu Othacehe <othacehe <at> gnu.org>
To: Ludovic Courtès <ludo <at> gnu.org>
Cc: 52866-done <at> debbugs.gnu.org
Subject: Re: bug#52866: maintenance: Add a crash dump service.
Date: Wed, 02 Feb 2022 17:33:50 +0100

Hey,

> OK (I didn’t know it was already deployed!).  What if we just put the
> uploaded file in a directory and let nginx provide a directory index and
> all?  Anyway, given the target audience, it doesn’t have to be fancy.

Heh, it was deployed for testing purposes and is now just committed. I
also considered the nginx directory index but I feel like the current
approach gives us more flexibility.

> The message should allow for informed consent.  Thus it should explain
> what the risks are (“Logs may contain sensitive information such as …”,
> “Logs are eventually publicly visible, but IP addresses are not logged”,
> etc.) and/or it should let users screen all the logs.

Josselin did add the possibility to consult and edit the log files
before creating the crash dump.

> As discussed the other day on IRC, to make sure the backtrace does not
> contain passwords, we could define a record type for “secrets”, which
> would basically just “box” strings such as passwords.  That record
> type’s printer would just print #<secret 0123abcd>.  See
> <file-system-label> for an example.

Also implemented by Josselin.

Closing this one,

Thanks,

Mathieu
This bug report was last modified 3 years and 155 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.