Ubuntu
sosreport package

[plugin][snappy] Collect 'state.json' which may contain sensitive information (macaroons)

Bug #1891296 reported by Michael Vogt
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
sosreport
Unknown
Unknown
sosreport (Ubuntu)
Status tracked in Noble
Bionic
In Progress
Undecided
Unassigned
Focal
In Progress
Low
Unassigned
Groovy
Won't Fix
Low
Adam Bell
Jammy
In Progress
Low
Unassigned
Mantic
In Progress
Low
Unassigned
Noble
In Progress
Low
Adam Bell

Bug Description

[Impact]

[Test Case]

[Regression Potential]

[Other Info]

[Original Description]

Please include the "journalctl -u snapd" output and /var/lib/snapd/state.json if possible. This will allow easier debugging of snap related issues.

Please note that the content of /var/lib/snapd/state.json may contain sensitive information (macaroons) so this data needs to be handled with care or we need to provide a way to scrub this data.

See original description
Tags: seg sts
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in sosreport (Ubuntu):
status: New → Confirmed
Eric Desrochers (slashd)
tags: added: seg sts
Revision history for this message
Eric Desrochers (slashd) wrote :

@mvo,

The 'snappy.py' plugin already provides the journal via 'add_journal()'[0] method producing the following: 'sos_commands/snappy/journalctl_--no-pager_--unit_snapd'

Note that this is already part of every supported Ubuntu stable release.

It would only be a matter of collecting '/var/lib/snapd/state.json' as suggested while not revealing sensitive information.

- Eric

[0] - https://github.com/sosreport/sos/blob/master/sos/report/plugins/snappy.py#L29

Revision history for this message
Eric Desrochers (slashd) wrote :

@mvo, I have reported the request upstream:

https://github.com/sosreport/sos/issues/2241

I'll work on it when my time permits.

Regards,
Eric

Eric Desrochers (slashd)
summary: - Please include snapd logs
+ [plugin][snappy] Collect 'state.json' which may contain sensitive
+ information (macaroons)
Eric Desrochers (slashd)
Changed in sosreport (Ubuntu):
assignee: nobody → Adam Bell (arbell)
status: Confirmed → In Progress
importance: Undecided → Medium
Revision history for this message
Adam Bell (arbell) wrote :

PR (currently draft) created: https://github.com/sosreport/sos/pull/2257; once we confirm that all the necessary fields are omitted/removed, I'll make the PR official for the sos team to review.

Eric Desrochers (slashd)
description: updated
Revision history for this message
Eric Desrochers (slashd) wrote :

@Adam,

Any update on your upstream work ?

Regards,
Eric

Eric Desrochers (slashd)
Changed in sosreport (Ubuntu Groovy):
status: In Progress → Incomplete
Changed in sosreport (Ubuntu):
status: In Progress → Incomplete
Revision history for this message
Brian Murray (brian-murray) wrote :

The Groovy Gorilla has reached end of life, so this bug will not be fixed for that release

Changed in sosreport (Ubuntu Groovy):
status: Incomplete → Won't Fix
Arif Ali (arif-ali)
Changed in sosreport (Ubuntu Focal):
importance: Undecided → Low
Changed in sosreport (Ubuntu Jammy):
importance: Undecided → Low
Changed in sosreport (Ubuntu Groovy):
importance: Medium → Low
Changed in sosreport (Ubuntu Mantic):
importance: Undecided → Low
Changed in sosreport (Ubuntu Noble):
importance: Medium → Low
Changed in sosreport (Ubuntu Bionic):
status: New → In Progress
Changed in sosreport (Ubuntu Focal):
status: New → In Progress
Changed in sosreport (Ubuntu Jammy):
status: New → In Progress
Changed in sosreport (Ubuntu Mantic):
status: New → In Progress
Changed in sosreport (Ubuntu Noble):
status: Incomplete → In Progress
Revision history for this message
Arif Ali (arif-ali) wrote :

This has now been implemented upstream

This will be targeting the 4.7.0 release of sosreport which is due upstream 19th February

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.