[Status Report - Week 03] Automated Kernel Crash Reporting System

Tzanetos Balitsaris tzabal at it.teithe.gr
Tue Jun 12 12:53:15 UTC 2012 

Work done during the third week of coding:

* Create the directory server-side/akcrs-release in my socsvn  
repository and branch /base/release/9.0.0 for the Server-side part in  
akcrs-release/9.0.0

* Experimenting with Subversion in order to sync merge my branch of  
client-side/ackrs-head with /base/head but failed.

* Define and implement my working environment. Using VirtualBox I  
created two virtual machines, one running FreeBSD 10.0-CURRENT  
emulating the client (built with sources from client-side/akcrs-head  
of my socsvn repository) and one running FreeBSD 9.0-RELEASE emulating  
the server (built with sources from server-side/akcrs-release/9.0.0 of  
my socsvn repository). Every new feature and change in both sides is  
tested using these VMs.

* Read the article "Practical rc.d scripting in BSD" in order to  
create the /etc/rc.d/crashreportd daemon.

* Define and try to implement the first tasks of the server side part.  
That is,  the security holes that the use of SSH opens and how to  
receive the reports that arrive in the server. Create the  
/etc/rc.d/crashreportd and the /usr/sbin/crashreportd daemon. The  
daemon should start at boot time and check regularly (every X seconds)  
the directory (atm /home/reporter) that reports arrive. For every  
report the daemon should create a directory in /tmp/name_of_report in  
order to perform security and validity checks. Like checking for  
malicious code and valid email address. I found some difficulties so I  
hope that the above will be fully functional until the next report.  
Finally, add three variables to /etc/defaults/rc.conf for the rc.d  
script crashreportd.

* Some changes in the Client side part after working on Server side.  
Set a unique name for every generated crash report instead of the  
generic 'report.tar.gz' in order to avoid overwrites of reports in the  
server. Also, fixed a bug in the code for transferring the reports. It  
could not accept automatically the fingerprint. Finally, rename the  
rc.conf variable 'email' to 'crashreport_email'.


-- 
Tzanetos Balitsaris

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.

More information about the soc-status mailing list