[bug#52866] maintenance: Add a crash dump service.

["Ludovic Courtès" <ludo@gnu.org>]

Hello!

Mathieu Othacehe <othacehe@gnu.org> skribis:

> Here's a patch that adds a crash dump service. The concept is simple, a
> Guile HTTP server is listening on "dump.guix.gnu.org". Crash reports can
> be uploaded using multipart forms in POST requests. They are then stored
> on Berlin.
>
> I have implemented the installer dump service. On a crash, it optionally
> submits an archive report containing the backtrace, the installer state,
> the syslog and dmesg logs.

Oh, interesting!  It sounds like it could help QA somewhat; at least it
would greatly simplify bug reporting and would guarantee that the crash
reports we get contain all the info we need to debug them.

Now, I wonder about the privacy implications of this: /var/log/messages
during an install contains personal or sometimes personally-identifying
information such as IP addresses, user account names (I think?),
partitioning details, device unique identifiers, etc.  I suppose the
installer would ask for consent before sending anything, but still, I
wonder if we can really be precise about the kind of info we collect and
send.

I’m also unsure about the idea of having admins of Guix infrastructure
be in a privileged position collecting that debugging info.  There’d
have to be a privacy policy in place.

Or, dump.guix.gnu.org could relay everything as-is to bug-guix@gnu.org
*if* we know users are aware of what data is being reported.

WDYT?

Also, what does Debian do?  :-)

IIRC, Debian has ‘reportbug’, which has the advantage that it uses the
public Debbugs channel, but the downside that it requires a working
email setup.  I think ‘reportbug’ includes info such as the kernel
version, info about installed packages, etc.; users see the info that is
about to be sent in clear before it goes out, and it’s easily screened I
think.

Sorry for the many questions!

Thanks,
Ludo’.