-
Notifications
You must be signed in to change notification settings - Fork 47
uReport
uReport (microreport) is a JSON object representing a problem: binary crash, kerneloops, SELinux AVC denial... The report is expected to be completely anonymous (see below). The object contains a numeric field ureport_version
, which defines the expected contents. If the field is missing, the version is considered 0.
First uReports were not versioned at all because of quick evolution. uReport0 is the codename for the last of these (no known client has ever sent ureport_version = 0
). All former uReports will fail parsing. Although uReport0 is still supported (it can be turned into uReport1), it is obsolete and should not be used in client applications.
uReport1 format was designed for the needs of ABRT (at that moment processing C/C++ crashes, unhandled Python exceptions and kerneloopses). The background idea is that all the reports contain a stacktrace and some metadata about the environment (OS version, CPU architecture, kernel version...). Only supported fields are allowed. Some of them are mandatory, some are not. Any uReport containing excessive fields or missing mandatory fields will fail parsing.
-
ureport_version
MUST be set to1
in order to be parsed and processed by uReport1 workflow -
type
(string) either ofuserspace
python
kerneloops
-
reason
(string) a short message describing what happend -
uptime
(int) uptime of the machine -
component
(string) affected component -
executable
(string) affected executable -
architecture
(string) CPU architecture -
crash_thread
(int) ID of the crash thread -
kernel_taint_state
(string) kernel tainted flags -
proc_status
placeholder -
proc_limits
placeholder -
oops
(string) the raw kerneloops as written into syslog -
user_type
(string) either ofroot
nologin
local
remote
-
installed_package
(obj) maps to appropriate RPM attributes -
-
name
(string)
-
-
-
epoch
(int)
-
-
-
version
(string)
-
-
-
release
(string)
-
-
-
architecture
(string)
-
-
running_package
(obj) same asinstalled_package
-
related_packages
(list) list of following objects: -
-
installed_package
(obj) same asinstalled_package
above
-
-
-
running_package
(obj) same asinstalled_package
above
-
-
os
(obj) operating system -
-
name
(string)
-
-
-
version
(string)
-
-
reporter
(obj) identification of the client application -
-
name
(string)
-
-
-
version
(string)
-
-
core_backtrace
(list) list of frames (following objects): -
-
thread
(int) thread number
-
-
-
frame
(int) frame number
-
-
-
path
(string) associated file
-
-
-
buildid
(string) build-id of the file
-
-
-
offset
(int) offset within the file
-
-
-
funcname
(string) function name
-
-
-
funchash
(string) function hash
-
-
os_state
(obj) -
-
suspend
(string) eitheryes
orno
-
-
-
boot
(string) eitheryes
orno
-
-
-
login
(string) eitheryes
orno
-
-
-
logout
(string) eitheryes
orno
-
-
-
shutdown
(string) eitheryes
orno
-
-
selinux
(obj) -
-
mode
(string) either ofenforcing
permissive
disabled
-
-
-
context
(string) the affected context
-
-
-
policy_package
(obj) same format asinstalled_package
-
Example:
{
"ureport_version": 1,
"type": "python",
"reason": "TypeError",
"uptime": 1,
"component": "faf",
"executable": "/usr/bin/faf-btserver-cgi",
"installed_package": { "name": "faf",
"version": "0.4",
"release": "1.fc16",
"epoch": 0,
"architecture": "noarch" },
"related_packages": [ { "installed_package": { "name": "python",
"version": "2.7.2",
"release": "4.fc16",
"epoch": 0,
"architecture": "x86_64" } } ],
"os": { "name": "Fedora", "version": "16" },
"architecture": "x86_64",
"reporter": { "name": "abrt", "version": "2.0.7-2.fc16" },
"crash_thread": 0,
"core_backtrace": [
{ "thread": 0,
"frame": 1,
"buildid": "f76f656ab6e1b558fc78d0496f1960071565b0aa",
"offset": 24,
"path": "/usr/bin/faf-btserver-cgi",
"funcname": "<module>" },
{ "thread": 0,
"frame": 2,
"buildid": "b07daccd370e885bf3d459984a4af09eb889360a",
"offset": 190,
"path": "/usr/lib64/python2.7/re.py",
"funcname": "compile" },
{ "thread": 0,
"frame": 3,
"buildid": "b07daccd370e885bf3d459984a4af09eb889360a",
"offset": 241,
"path": "/usr/lib64/python2.7/re.py",
"funcname": "_compile" }
],
"user_type": "root",
"selinux": { "mode": "permissive",
"context": "unconfined_u:unconfined_r:unconfined_t:s0",
"policy_package": { "name": "selinux-policy",
"version": "3.10.0",
"release": "2.fc16",
"epoch": 0,
"architecture": "noarch" } },
"kernel_taint_state": "G B ",
}
- Although uReport1 was designed to be independent on the operating system, it is closely related to Fedora.
- New types of problems are appearing, uReport1 is not generic enough to handle differences (SELinux AVC denial does not contain stacktrace, kerneloops does not contain executable...)
- All reports are handled in the same way. This either results into special-casing in code (
if type != "python"
etc.) or into lower-quality results (clustering kerneloops and C/C++ with the same parameters does not work well).
uReport MUST NOT contain any private data. uReports are considered public and may be accessed through the web UI or web API, forwarded to other instances or archived. Clients need to think about the data they are sending. These may contain passwords, credit card numbers, private keys etc.
Example:
Why not to include the message from python exception? Think about the following:
ValueError: invalid literal for int() with base 10: 'my_secret_password'
uh oh!