Public bug reported: [IMPACT]
Canonical support is about to offer SOSCleaner project for UA customer who wants to obfuscate sensible data from an existing sosreport tarball such as user, hostname, network information obfuscation. For user obfuscation, currently SOSCleaner relies on what sosreport offers which is "lastlog", reporting all user regardless of their UID. Unfortunately, this generate a lot of false positives (and require a significant ignored_users list) inside SOSCleaner especially for user in the UID range 0-999 (e.g.'sys', 'bin', 'syslog', and much more) I have submitted a PR in sosreport upstream in order to split lastlog output by UID ranges, in order to help SOSCleaner to obfuscate what we really want to obfuscate and ignore the rest. https://github.com/sosreport/sos/issues/1743 https://github.com/sosreport/sos/pull/1770 Once approved upstream, I'd like to push that change in E/D/B/X in order to unblock the development of the tool "SOSCleaner" which unfortunately won't land in the archive for now, will be offered in a Private PPA. Note that the plan is for the package to eventually land in the Ubuntu archive in the near future. [TEST CASE] * Install sosreport ** Run sosreport: - sosreport -a * Install soscleaner ** Run soscleaner: - soscleaner /tmp/sosreport-<TARBALL> * Make sure only user in the 1000-6000 UID range are obfuscated. [REGRESSION POTENTIAL] - None, sosreport will still collect the entire lastlog (current behavior), we are not removing that behaviour, we simply add an alternative which is not costly for typical systems. [OTHER INFO] https://github.com/sosreport/sos/issues/1743 https://github.com/sosreport/sos/pull/1770 ** Affects: sosreport (Ubuntu) Importance: Undecided Assignee: Eric Desrochers (slashd) Status: In Progress ** Affects: sosreport (Ubuntu Xenial) Importance: Undecided Status: New ** Affects: sosreport (Ubuntu Bionic) Importance: Undecided Status: New ** Affects: sosreport (Ubuntu Disco) Importance: Undecided Status: New ** Tags: sts ** Also affects: sosreport (Ubuntu Bionic) Importance: Undecided Status: New ** Also affects: sosreport (Ubuntu Disco) Importance: Undecided Status: New ** Also affects: sosreport (Ubuntu Xenial) Importance: Undecided Status: New ** Summary changed: - Update sosrepor [last] plugin + Update sosreport [last] plugin ** Tags added: sts ** Changed in: sosreport (Ubuntu) Status: New => In Progress ** Changed in: sosreport (Ubuntu) Assignee: (unassigned) => Eric Desrochers (slashd) ** Description changed: [IMPACT] Canonical support is about to offer SOSCleaner project for UA customer who wants to obfuscate sensible data from an existing sosreport tarball such as user, hostname, network information obfuscation. - Currently SOSCleaner relies on what sosreport offers which is "lastlog", - which currently report all user regardless of their UID. + For user obfuscation, currently SOSCleaner relies on what sosreport + offers which is "lastlog", reporting all user regardless of their UID. - Unfortunately, this generate a lot of false positives inside SOSCleaner - especially for user in the UID range 0-999 (e.g.'sys', 'bin', 'syslog', - and much more) + Unfortunately, this generate a lot of false positives (and require a + significant ignored_users list) inside SOSCleaner especially for user in + the UID range 0-999 (e.g.'sys', 'bin', 'syslog', and much more) I have submitted a PR in sosreport upstream in order to split lastlog output by UID ranges, in order to help SOSCleaner to obfuscate what we really want to obfuscate and ignore the rest. https://github.com/sosreport/sos/issues/1743 https://github.com/sosreport/sos/pull/1770 Once approved upstream, I'd like to push that change in E/D/B/X in order to unblock the development of the tool "SOSCleaner" which unfortunately won't land in the archive for now, will be offered in a Private PPA. Note that the plan is for the package to eventually land in the Ubuntu archive in the near future. [TEST CASE] * Install sosreport - - sosreport -a + - sosreport -a * Install soscleaner - - soscleaner /tmp/sosreport-<TARBALL> + - soscleaner /tmp/sosreport-<TARBALL> * Make sure only user in the 1000-6000 UID range are obfuscated. [REGRESSION POTENTIAL] - None, cause sosreport will still collect the entire lastlog, we are not removing that behaviour, we simply add an alternative which is not excessively costly for typical systems. [OTHER INFO] https://github.com/sosreport/sos/issues/1743 https://github.com/sosreport/sos/pull/1770 ** Description changed: [IMPACT] Canonical support is about to offer SOSCleaner project for UA customer who wants to obfuscate sensible data from an existing sosreport tarball such as user, hostname, network information obfuscation. For user obfuscation, currently SOSCleaner relies on what sosreport offers which is "lastlog", reporting all user regardless of their UID. Unfortunately, this generate a lot of false positives (and require a significant ignored_users list) inside SOSCleaner especially for user in the UID range 0-999 (e.g.'sys', 'bin', 'syslog', and much more) I have submitted a PR in sosreport upstream in order to split lastlog output by UID ranges, in order to help SOSCleaner to obfuscate what we really want to obfuscate and ignore the rest. https://github.com/sosreport/sos/issues/1743 https://github.com/sosreport/sos/pull/1770 Once approved upstream, I'd like to push that change in E/D/B/X in order to unblock the development of the tool "SOSCleaner" which unfortunately won't land in the archive for now, will be offered in a Private PPA. Note that the plan is for the package to eventually land in the Ubuntu archive in the near future. [TEST CASE] * Install sosreport + ** Run sosreport: - sosreport -a * Install soscleaner + ** Run soscleaner: - soscleaner /tmp/sosreport-<TARBALL> * Make sure only user in the 1000-6000 UID range are obfuscated. [REGRESSION POTENTIAL] - - None, cause sosreport will still collect the entire lastlog, we are not removing that behaviour, we simply add an alternative which is not excessively costly for typical systems. + - None, sosreport will still collect the entire lastlog (current behavior), we are not removing that behaviour, we simply add an alternative which is not costly for typical systems. [OTHER INFO] https://github.com/sosreport/sos/issues/1743 https://github.com/sosreport/sos/pull/1770 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1842489 Title: Update sosreport [last] plugin To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/sosreport/+bug/1842489/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
