[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Bugs reports should include syslog warnings or not?

Hey there, was raised
to my attention in a discussion about apport/e.u.c and I'm wondering if
the change is right

The report pointed out that private info have been included in a report
through JournalError.txt, and the solution applied was to change apport
to include errors level messages only and not warning.

Looking a bit a journalerror on some bugs it seems we have indeed some
components that log too much content as "warning" (gdm in that case),
but changing to "error" has been cutting out useful warnings and doesn't
seem the right fix to me nor a step in the right direction. It doesn't
also protect us of the described issue (if a program logs sensitive info
in its errors messages we are still going to send them).

I suggest that we change apport back to report warnings as well and look
at how we can better fix the privacy issue.

The xession logs are filtering on "safe" keywords, maybe one option
would be to do something similar for the journal

Another thing we could/should do is to review the logs and fix programs
that are logging too much details to the journal as the warning/error

What do you think?

Sebastien Bacher