From b14396f9f86b6694471a9418024ffb39cf7abd47 Mon Sep 17 00:00:00 2001 From: Matej Habrnal Date: Wed, 3 Aug 2016 12:43:51 +0200 Subject: [PATCH] cli: introduce unsafe reporting for not-reporable problems Parameter unsafe ignores security checks and allows to report not-reportable problems. What makes the problem not reportable: - A kernel problem occurred, but your kernel has been tainted (flags:%s). - A kernel problem occurred because of broken BIOS. Unfortunately, such problems are not fixable by kernel maintainers." - The problem data are incomplete. - Crashed application has locked memory regions We have decided to call the new command line argument "unsafe" because - either the reporter can leak some private data - or the reporter could be facing anger from maintainers when they get to the report Related to #1257159 Related to abrt/abrt#1166 Signed-off-by: Matej Habrnal --- doc/abrt-cli.txt | 7 +++++-- src/cli/builtin-cmd.h | 8 +++++++- src/cli/process.c | 34 ++++++++++++++++++++++++---------- src/cli/report.c | 27 ++++++++++++++++++++------- 4 files changed, 56 insertions(+), 20 deletions(-) diff --git a/doc/abrt-cli.txt b/doc/abrt-cli.txt index 0f18784..87a74ad 100644 --- a/doc/abrt-cli.txt +++ b/doc/abrt-cli.txt @@ -13,13 +13,13 @@ SYNOPSIS 'abrt-cli' remove [-v] DIR... -'abrt-cli' report [-v] [--delete] DIR... +'abrt-cli' report [-v] [--delete] [--unsafe] DIR... 'abrt-cli' info [-v] [--detailed] [-s SIZE] DIR... 'abrt-cli' status [-vb] [--since NUM] -'abrt-cli' process [-v] [--since NUM] DIR... +'abrt-cli' process [-v] [--since NUM] [--unsafe] DIR... GLOBAL OPTIONS -------------- @@ -49,6 +49,9 @@ COMMAND OPTIONS --since NUM:: Selects only problems detected after timestamp +-u, --unsafe:: + Ignore security checks to be able to report all problems + --until NUM:: Selects only the problems older than specified timestamp diff --git a/src/cli/builtin-cmd.h b/src/cli/builtin-cmd.h index c6cd691..9773f13 100644 --- a/src/cli/builtin-cmd.h +++ b/src/cli/builtin-cmd.h @@ -24,7 +24,13 @@ extern int cmd_list(int argc, const char **argv); extern int cmd_remove(int argc, const char **argv); extern int _cmd_remove(const char **dirs_strv); extern int cmd_report(int argc, const char **argv); -extern int _cmd_report(const char **dirs_strv, int remove); +enum { + /* Remove successfully reported */ + CMD_REPORT_REMOVE = 1 << 0, + /* Ignore security checks - i.e not-repotable */ + CMD_REPORT_UNSAFE = 1 << 1, +}; +extern int _cmd_report(const char **dirs_strv, int flags); extern int cmd_info(int argc, const char **argv); extern int _cmd_info(problem_data_t *problem_data, int detailed, int text_size); extern int cmd_status(int argc, const char **argv); diff --git a/src/cli/process.c b/src/cli/process.c index 401ef60..9ccc271 100644 --- a/src/cli/process.c +++ b/src/cli/process.c @@ -32,7 +32,7 @@ enum { ACT_SKIP }; -static int process_one_crash(problem_data_t *problem_data) +static int process_one_crash(problem_data_t *problem_data, int report_flags) { if (problem_data == NULL) return ACT_ERR; @@ -60,10 +60,10 @@ static int process_one_crash(problem_data_t *problem_data) const char *not_reportable = problem_data_get_content_or_NULL(problem_data, FILENAME_NOT_REPORTABLE); /* if the problem is not-reportable then ask does not contain option report(e) */ - if (not_reportable != NULL) - action = ask(_("Actions: remove(rm), info(i), skip(s):")); - else + if ((report_flags & CMD_REPORT_UNSAFE) || not_reportable == NULL) action = ask(_("Actions: remove(rm), report(e), info(i), skip(s):")); + else + action = ask(_("Actions: remove(rm), info(i), skip(s):")); if(strcmp(action, "rm") == 0 || strcmp(action, "remove") == 0 ) { @@ -73,11 +73,12 @@ static int process_one_crash(problem_data_t *problem_data) ret_val = ACT_REMOVE; } - else if (not_reportable == NULL && (strcmp(action, "e") == 0 || strcmp(action, "report") == 0)) + else if (((report_flags & CMD_REPORT_UNSAFE) || not_reportable == NULL) + && (strcmp(action, "e") == 0 || strcmp(action, "report") == 0)) { log(_("Reporting '%s'"), dir_name); const char *dirs_strv[] = {dir_name, NULL}; - _cmd_report(dirs_strv, /*do not delete*/0); + _cmd_report(dirs_strv, report_flags); ret_val = ACT_REPORT; } @@ -98,7 +99,7 @@ static int process_one_crash(problem_data_t *problem_data) return ret_val; } -static void process_crashes(vector_of_problem_data_t *crash_list, long since) +static void process_crashes(vector_of_problem_data_t *crash_list, long since, int report_flags) { for (unsigned i = 0; i < crash_list->len; ++i) @@ -117,7 +118,7 @@ static void process_crashes(vector_of_problem_data_t *crash_list, long since) if(i != 0) printf("\n"); - int action = process_one_crash(crash); + int action = process_one_crash(crash, report_flags); if (i != crash_list->len - 1) { @@ -135,23 +136,36 @@ static void process_crashes(vector_of_problem_data_t *crash_list, long since) int cmd_process(int argc, const char **argv) { const char *program_usage_string = _( + "& process [options]\n" + "\n" "Without --since argument, iterates over all detected problems." ); + enum { + OPT_v = 1 << 0, + OPT_s = 1 << 1, + OPT_u = 1 << 2, + }; + int opt_since = 0; struct options program_options[] = { OPT__VERBOSE(&g_verbose), OPT_INTEGER('s', "since" , &opt_since, _("Selects only problems detected after timestamp")), + OPT_BOOL( 'u', "unsafe", NULL, _("Ignore security checks to be able to " + "report all problems")), OPT_END() }; - parse_opts(argc, (char **)argv, program_options, program_usage_string); + unsigned opts = parse_opts(argc, (char **)argv, program_options, program_usage_string); vector_of_problem_data_t *ci = fetch_crash_infos(); g_ptr_array_sort_with_data(ci, &cmp_problem_data, (char *) FILENAME_LAST_OCCURRENCE); - process_crashes(ci, opt_since); + int report_flags = 0; + if (opts & OPT_u) + report_flags |= CMD_REPORT_UNSAFE; + process_crashes(ci, opt_since, report_flags); free_vector_of_problem_data(ci); diff --git a/src/cli/report.c b/src/cli/report.c index cc4035e..1e9067b 100644 --- a/src/cli/report.c +++ b/src/cli/report.c @@ -22,7 +22,7 @@ #include "abrt-cli-core.h" #include "builtin-cmd.h" -int _cmd_report(const char **dirs_strv, int remove) +int _cmd_report(const char **dirs_strv, int flags) { int ret = 0; while (*dirs_strv) @@ -39,10 +39,14 @@ int _cmd_report(const char **dirs_strv, int remove) const int not_reportable = test_exist_over_dbus(real_problem_id, FILENAME_NOT_REPORTABLE); if (not_reportable != 0) { - error_msg(_("Problem '%s' cannot be reported"), real_problem_id); - free(real_problem_id); - ++ret; - continue; + if (!(flags & CMD_REPORT_UNSAFE)) + { + error_msg(_("Problem '%s' cannot be reported"), real_problem_id); + free(real_problem_id); + ++ret; + continue; + } + log_info(_("Problem '%s' is labeled as 'not-reportable'?"), real_problem_id); } const int res = chown_dir_over_dbus(real_problem_id); @@ -58,7 +62,7 @@ int _cmd_report(const char **dirs_strv, int remove) | LIBREPORT_RUN_CLI); /* the problem was successfully reported and option is -d */ - if(remove && (status == 0 || status == EXIT_STOP_EVENT_RUN)) + if((flags & CMD_REPORT_REMOVE) && (status == 0 || status == EXIT_STOP_EVENT_RUN)) { log(_("Deleting '%s'"), real_problem_id); delete_dump_dir_possibly_using_abrtd(real_problem_id); @@ -82,11 +86,14 @@ int cmd_report(int argc, const char **argv) enum { OPT_v = 1 << 0, OPT_d = 1 << 1, + OPT_u = 1 << 2, }; struct options program_options[] = { OPT__VERBOSE(&g_verbose), OPT_BOOL('d', "delete", NULL, _("Remove PROBLEM_DIR after reporting")), + OPT_BOOL('u', "unsafe", NULL, _("Ignore security checks to be able to " + "report all problems")), OPT_END() }; @@ -101,5 +108,11 @@ int cmd_report(int argc, const char **argv) load_abrt_conf(); free_abrt_conf_data(); - return _cmd_report(argv, opts & OPT_d); + int report_flags = 0; + if (opts & OPT_d) + report_flags |= CMD_REPORT_REMOVE; + if (opts & OPT_u) + report_flags |= CMD_REPORT_UNSAFE; + + return _cmd_report(argv, report_flags); } -- 1.8.3.1