[systemd-devel] What information does machine-id leak?
Bryan Quigley
bryan.quigley at canonical.com
Fri Jan 20 19:54:30 UTC 2017
But what information is it carrying that is private? If it's just the
best way to identify a machine, that's really what I'm after.
Here are two of my uses (all in debugging/troubleshooting purposes):
* Sosreport captures logs/other information and currently captures the
dbus machine-id (which this is) and the whoopsie-id
* currently if you have the whoopsie-id you can lookup crashreports*
on the Ubuntu Error tracker.
Neither use is app specific, they need to identify that machine and
not be dependent on what tool you are using. In most of these cases
we have a lot of information on the machine already.
Kind regards,
Bryan
*You can see what crashed and when but not get access to anything else.
On Fri, Jan 20, 2017 at 2:06 PM, Zbigniew Jędrzejewski-Szmek
<zbyszek at in.waw.pl> wrote:
> On Fri, Jan 20, 2017 at 02:02:07PM -0500, Bryan Quigley wrote:
>> Hi there,
>>
>> I see that there is a concern that we need to keep machine-id private
>> (and local?). I haven't been able to determine exactly why though*.
>> In most cases it's randomly generated afaict.
>
> It's a unique identifier for the machine.
> It is also used to generate other unique identifiers.
>
>> I'd consider using it to replace whoopsie-id which is generated from
>> the machines BIOS information now to track bugs reported from the same
>> machine in the Ubuntu error tracker[1]. It would need to stay
>> constant for that install and be easy to get locally via file
>> collection which is why I think I'd prefer using the straight
>> machine-id to the just added app helper function[2].
> Please don't do that. The app helper function is there for a reason.
> You can use that, or do the equivalent steps in a different way.
>
> Zbyszek
More information about the systemd-devel
mailing list