ABRT allow blacklisting dumps and add user whitelist ==================================================== Related bugzillas: #1208713, #1256705
Allow blacklisting applications/exe-paths/packages ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Current state ------------- There is a possibility to blacklist packages or paths in '/etc/abrt/abrt-action-save-package-data.conf' options 'BlackList' for packages and option 'BlackListedPaths' for paths.
The blacklisting is not done in time when the crash occurs but while the abrt-action-save-package-data tool is executing so in 'post-create' event after the coredumps are written to disk.
Suggestions ----------- The new blacklisting feature should prevent of dumping blacklisted executables/paths already in dumping time, therefore it must be moved from abrt-action-save-package-data to abrt-hook-ccpp.
Have to notice ABRT is marked as a tool for developers and developers want coredumps of their applications.
If the 'post-create' event fails because of 'abrt-action-save-package-data' (e.g. the package is blacklisted or the executable file is not signed or don't belong to any package etc.), the created dump dir, also with coredump, is removed and developers cannot analyse it. Creating unwanted directories and deleting them in the next step don't make much sense.
Another example: If the option 'OpenGPGCheck' is set to 'no' and 'ProcessUnpackaged' set to 'yes', it means ABRT catches all crashes on the system and makes them reportable to the bugzilla or to another bug tracking system even if it's not possible because usually there is no such component in bug tracking system.
jfilak suggested to not delete crashes which pass through main blacklisting in 'abrt-hook-ccpp' and at the same time don't pass through 'abrt-action-save-package-data' but mark them as 'not-reportable'. This allows the developers analyse them later or configure ABRT, for example, to sent all crashes, even the not reportable one, via email or to FTP server.
Conclusion ---------- 1) mark crashes which don't pass through abrt-action-save-package-data as not-reportable like was mentioned above
2) introduce a new dump dir element, something like 'unsupported', which disallow reporting crashes only to bug tracking systems
Other things ------------ We have to decided which of abrt-action-save-package-data.conf's options (OpenGPGCheck, BlackList, ProcessUnpackaged and BlackListedPaths) will stay in the conf file or which one will be renamed.
My suggestions: BlackList -> NotSupportPackages BlackListedPaths -> NotSupportPaths OpenGPGCheck - without changes ProcessUnpackaged - without changes, but if its value is 'true', all the unpackaged apps will be marked as not-reportable (unsupported).
Add user whitelist ~~~~~~~~~~~~~~~~~~ Current state ------------ Is not possible to catch crashes only from given users.
Suggestions ----------- This option should be added to abrt-hook-ccpp (so to the CCpp.conf file) because we have to stop processing the crash in the very beginning and do not create and then remove created dirs like it is done during processing of events.
conclusion ---------- Add option to the CCpp.conf file like 'ProcessCrashFromUsers'. If there are no user names or the option is not presented, ABRT process crashes from all users. If there are specified user names, ABRT process crashes from given users.
Matej