ABRT frustrating for users and developers
Jan Kratochvil
jan.kratochvil at redhat.com
Mon Jan 18 09:53:30 UTC 2010
On Mon, 18 Jan 2010 09:06:13 +0100, Jiri Moskovcak wrote:
> On 01/17/2010 06:49 PM, Camilo Mesias wrote:
> > This is a good point, the users shouldn't really have to install
> > debuginfo for a one-off use. It would be better for a central server
> > or service to have access to all the debuginfo files at all versions.
> > The back end processing of symbol-less backtraces + version info to
> > fully annotated ones could be automated.
>
> There has been such idea called debugfs, but it was cancelled (don't
> remember the reason), but I agree that would be probably the best
> option, because when user creates the backtrace he needs to install
> the whole debuginfo, but then GDB reads just a few kilobytes.
For various reasons of current debuginfo format + current GDB state GDB will
always read the whole .debug file. Therefore it (currently) does not make
a difference (in fact it would be slower) to NFS-like access it by some
"debugfs" instead of downloading single .debug file.
Still it may be a difference to download just specific .debug files from
-debuginfo.rpm - either by "debugfs" or by some other .debug download method.
OTOH that has security implications as the .debug files are not signed as the
debuginfo.rpm files are, see:
https://fedoraproject.org/wiki/Talk:Features/DebuginfoFS#Security
This discussion is about so-called "retrace server" provided at least by
Ubuntu Apport:
https://wiki.kubuntu.org/Apport#Launchpad-based%20auto-retracer
It has been scratch-made for ABRT but there needs to be done some more bits of
work; it is currently not deployed:
https://fedorahosted.org/pipermail/crash-catcher/2009-October/000052.html
For the "retrace server" there comes back the question of security by possible
hiding of disclosed information from user (such as hiding a password from
crashed application into the backtrace to make it invisible for approval
before submitting it). With current download of whole -debuginfo.rpm files
signed by Fedora this security problem does not exist. There would be needed
some Fedora-provided signed retrace servers with the same level of trust as
have the signatures on -debuginfo.rpm files.
Regards,
Jan
More information about the devel
mailing list