Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
Ubuntu quietly tracking information about our servers through opt-out curls to motd.ubuntu.com
diff -Nru base-files-9.6ubuntu9/debian/base-files.dirs base-files-9.6ubuntu10/debian/base-files.dirs
--- base-files-9.6ubuntu9/debian/base-files.dirs 2016-04-22 06:29:32.000000000 +0000
+++ base-files-9.6ubuntu10/debian/base-files.dirs 2017-02-15 19:28:11.000000000 +0000
@@ -9,6 +9,7 @@
etc/update-motd.d
home
lib
+lib/systemd/system
proc
root
run
diff -Nru base-files-9.6ubuntu9/debian/changelog base-files-9.6ubuntu10/debian/changelog
--- base-files-9.6ubuntu9/debian/changelog 2016-12-17 15:19:59.000000000 +0000
+++ base-files-9.6ubuntu10/debian/changelog 2017-02-15 20:09:56.000000000 +0000
@@ -1,3 +1,19 @@
+base-files (9.6ubuntu10) zesty; urgency=medium
+
+ * debian/rules, debian/motd-news.service, debian/motd-news.timer:
+ - rework the motd-news, using a systemd timer, LP: #1637800 comment #4
+ - timer fires the first time, 1 minute after boot, and then every 12 hours
+ thereafter
+ - timer calls "/etc/update-motd.d/50-motd-news --force", which forces a
+ background fetch of the news, written to /var/cache/motd-news
+ * debian/motd-news:
+ - change the variable name of the list of news sources from SERVER to URLS
+ * update-motd.d/50-motd-news, debian/postinst:
+ - renamed file, to be consistent, "motd-news"
+ - remove the old conf file /etc/update-motd.d/50-news
+
+ -- Dustin Kirkland <kirkland@ubuntu.com> Sat, 21 Jan 2017 10:34:26 -0500
+
base-files (9.6ubuntu9) zesty; urgency=medium
* Fix LP: #1649352
diff -Nru base-files-9.6ubuntu9/debian/control base-files-9.6ubuntu10/debian/control
--- base-files-9.6ubuntu9/debian/control 2016-04-22 06:31:28.000000000 +0000
+++ base-files-9.6ubuntu10/debian/control 2017-02-15 19:28:11.000000000 +0000
@@ -4,13 +4,13 @@
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
XSBC-Original-Maintainer: Santiago Vila <sanvila@debian.org>
Standards-Version: 3.9.7
-Build-Depends: debhelper (>= 9)
+Build-Depends: debhelper (>= 9), dh-systemd
Package: base-files
Provides: base
Architecture: any
Pre-Depends: awk
-Depends: ${misc:Depends}
+Depends: ${misc:Depends}, systemd
Essential: yes
Priority: required
Replaces: base, miscutils, dpkg (<= 1.15.0)
diff -Nru base-files-9.6ubuntu9/debian/motd-news base-files-9.6ubuntu10/debian/motd-news
--- base-files-9.6ubuntu9/debian/motd-news 2016-12-16 16:42:03.000000000 +0000
+++ base-files-9.6ubuntu10/debian/motd-news 2017-02-15 19:33:22.000000000 +0000
@@ -1,12 +1,19 @@
# Enable/disable the dynamic MOTD news service
+# This is a useful way to provide dynamic, informative
+# information pertinent to the users and administrators
+# of the local system
ENABLED=1
# Configure the source of dynamic MOTD news
# White space separated list of 0 to many news services
# For security reasons, these must be https
# and have a valid certificate
-SERVER="https://motd.ubuntu.com"
+# Canonical runs a service at motd.ubuntu.com, and you
+# can easily run one too
+URLS="https://motd.ubuntu.com"
# Specify the time in seconds, you're willing to wait for
# dynamic MOTD news
-WAIT=2
+# Note that news messages are fetched in the background by
+# a systemd timer, so this should never block boot or login
+WAIT=5
diff -Nru base-files-9.6ubuntu9/debian/motd-news.service base-files-9.6ubuntu10/debian/motd-news.service
--- base-files-9.6ubuntu9/debian/motd-news.service 1970-01-01 00:00:00.000000000 +0000
+++ base-files-9.6ubuntu10/debian/motd-news.service 2017-02-15 19:28:11.000000000 +0000
@@ -0,0 +1,8 @@
+[Unit]
+Description=Message of the Day
+After=network-online.target
+Documentation=man:update-motd(8)
+
+[Service]
+Type=oneshot
+ExecStart=/etc/update-motd.d/50-motd-news --force
diff -Nru base-files-9.6ubuntu9/debian/motd-news.timer base-files-9.6ubuntu10/debian/motd-news.timer
--- base-files-9.6ubuntu9/debian/motd-news.timer 1970-01-01 00:00:00.000000000 +0000
+++ base-files-9.6ubuntu10/debian/motd-news.timer 2017-02-15 20:02:11.000000000 +0000
@@ -0,0 +1,12 @@
+[Unit]
+Description=Message of the Day
+
+[Timer]
+OnUnitActiveSec=12h
+RandomizedDelaySec=1h
+AccuracySec=10min
+Persistent=true
+OnStartupSec=1min
+
+[Install]
+WantedBy=timers.target
diff -Nru base-files-9.6ubuntu9/debian/postinst.in base-files-9.6ubuntu10/debian/postinst.in
--- base-files-9.6ubuntu9/debian/postinst.in 2015-10-22 17:05:54.000000000 +0000
+++ base-files-9.6ubuntu10/debian/postinst.in 2017-02-15 20:09:18.000000000 +0000
@@ -125,4 +125,9 @@
if dpkg --compare-versions "$2" lt-nl "7.7"; then
install_directory mnt 755 root
fi
+ # Remove the short-lived (within zesty dev cycle) /etc/update-motd.d/50-news file,
+ # which was renamed to /etc/update-motd.d/50-motd-news
+ [ -e /etc/update-motd.d/50-news ] && rm -f /etc/update-motd.d/50-news
fi
+
+#DEBHELPER#
diff -Nru base-files-9.6ubuntu9/debian/rules base-files-9.6ubuntu10/debian/rules
--- base-files-9.6ubuntu9/debian/rules 2016-11-11 15:58:05.000000000 +0000
+++ base-files-9.6ubuntu10/debian/rules 2017-02-15 19:28:11.000000000 +0000
@@ -11,7 +11,7 @@
VENDORFILE = ubuntu
%:
- dh $@
+ dh $@ --with systemd
override_dh_auto_build:
sh debian/check-md5sum-etc profile
@@ -43,6 +43,8 @@
install:
install -p -m 644 etc/* $(DESTDIR)/etc
install -p -m 644 debian/motd-news $(DESTDIR)/etc/default
+ install -p -m 644 debian/motd-news.service $(DESTDIR)/lib/systemd/system/
+ install -p -m 644 debian/motd-news.timer $(DESTDIR)/lib/systemd/system/
install -p -m 644 licenses/* $(DESTDIR)/usr/share/common-licenses
install -p -m 644 origins/* $(DESTDIR)/etc/dpkg/origins
install -p -m 644 share/* $(DESTDIR)/usr/share/base-files
@@ -57,3 +59,11 @@
sed -e "s&#OSNAME#&$(OSNAME)&g" etc/os-release > $(DESTDIR)/etc/os-release
mv $(DESTDIR)/etc/os-release $(DESTDIR)/usr/lib/os-release
ln -s ../usr/lib/os-release $(DESTDIR)/etc/os-release
+
+override_dh_systemd_enable:
+ dh_systemd_enable -pbase-files motd-news.timer
+ dh_systemd_enable -pbase-files motd-news.service
+
+override_dh_systemd_start:
+ dh_systemd_start -pbase-files motd-news.timer
+ dh_systemd_start -pbase-files motd-news.service
diff -Nru base-files-9.6ubuntu9/update-motd.d/50-motd-news base-files-9.6ubuntu10/update-motd.d/50-motd-news
--- base-files-9.6ubuntu9/update-motd.d/50-motd-news 1970-01-01 00:00:00.000000000 +0000
+++ base-files-9.6ubuntu10/update-motd.d/50-motd-news 2017-02-15 19:54:04.000000000 +0000
@@ -0,0 +1,117 @@
+#!/bin/sh
+#
+# 50-motd-news - print the live news from the Ubuntu wire
+# Copyright (C) 2016-2017 Canonical Ltd.
+# Copyright (C) 2016-2017 Dustin Kirkland
+#
+# Authors: Dustin Kirkland <kirkland@canonical.com>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along
+# with this program; if not, write to the Free Software Foundation, Inc.,
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+##############################################################################
+# This program could be rewritten in C or Golang for faster performance.
+# Or it could be rewritten in Python or another higher level language
+# for more modularity.
+# However, I've insisted on shell here for transparency!
+# - Dustin
+##############################################################################
+
+# Source the local configuration
+[ -r /etc/default/motd-news ] && . /etc/default/motd-news
+
+# Exit immediately, unless we're enabled
+# This makes this script very easy to disable in /etc/default/motd-news configuration
+[ "$ENABLED" = "1" ] || exit 0
+
+# Ensure sane defaults
+[ -n "$URLS" ] || URLS="https://motd.ubuntu.com"
+[ -n "$WAIT" ] || WAIT=5
+[ -n "$CACHE" ] || CACHE="/var/cache/motd-news"
+[ "$1" = "--force" ] && FORCED=1
+
+# Ensure we print safely, maximum of the first 10 lines,
+# maximum of the first 80 chars per line, no control chars
+safe_print() {
+ cat "$1" | head -n 10 | tr -d '\000-\011\013\014\016-\037' | cut -c -80
+}
+
+
+# If we're not forcing an update, and we have a cached motd-news file,
+# then just print it and exit as quickly as possible, for login performance.
+# Note that systemd should keep this cache file up to date, asynchronously
+if [ "$FORCED" != "1" ] && [ -r $CACHE ]; then
+ echo
+ safe_print $CACHE
+ exit 0
+fi
+
+# If we've made it here, we've been given the --force argument,
+# probably from the systemd motd-news.service. Let's update...
+
+# Generate our temp files, clean up when done
+NEWS=$(mktemp)
+ERR="$NEWS.err"
+trap "rm -f $NEWS $ERR" HUP INT QUIT ILL TRAP KILL BUS TERM
+
+# Construct a user agent, similar to Firefox/Chrome/Safari/IE to
+# ensure a proper, tailored, accurate message of the day
+
+# Curl browser version, for debug purposes
+curl_ver="$(dpkg -l curl | awk '$1 == "ii" { print($3); exit(0); }')"
+
+# Distribution version, for messages releated to this Ubuntu release
+. /etc/lsb-release
+lsb=$(echo "$DISTRIB_DESCRIPTION" | sed -e "s/ /\//g")
+codename="$DISTRIB_CODENAME"
+
+# Kernel version and CPU type, for messages related to a particular revision or hardware
+platform="$(uname -o)/$(uname -r)/$(uname -m)"
+arch="$(uname -m)"
+cpu="$(grep -m1 "^model name" /proc/cpuinfo | sed -e "s/.*: //" -e "s:\s\+:/:g")"
+
+# Some messages may only be pertinent before or after some amount of uptime
+read up idle < /proc/uptime
+uptime="uptime/$up/$idle"
+
+# Piece together the user agent
+USER_AGENT="curl/$curl_ver $lsb $platform $cpu $uptime"
+
+# Loop over any configured URLs
+for u in $URLS; do
+ # Ensure https:// protocol, for security reasons
+ case $u in
+ https://*)
+ true
+ ;;
+ https://motd.ubuntu.com)
+ u="$u/$codename/$arch"
+ ;;
+ *)
+ continue
+ ;;
+ esac
+ # If we're forced, set the wait to much higher (1 minute)
+ [ "$FORCED" = "1" ] && WAIT=60
+ # Fetch and print the news motd
+ if curl --connect-timeout "$WAIT" --max-time "$WAIT" -A "$USER_AGENT" -o- "$u" >"$NEWS" 2>"$ERR"; then
+ echo
+ # At most, 10 lines of text, remove control characters, print at most 80 characters per line
+ safe_print "$NEWS"
+ # Try to update the cache
+ safe_print "$NEWS" 2>/dev/null >$CACHE || true
+ fi
+done
+rm -f "$NEWS" "$NEWS.err"
+exit 0
diff -Nru base-files-9.6ubuntu9/update-motd.d/50-news base-files-9.6ubuntu10/update-motd.d/50-news
--- base-files-9.6ubuntu9/update-motd.d/50-news 2016-12-17 15:19:44.000000000 +0000
+++ base-files-9.6ubuntu10/update-motd.d/50-news 1970-01-01 00:00:00.000000000 +0000
@@ -1,60 +0,0 @@
-#!/bin/sh
-#
-# 50-news - print the live news from the Ubuntu wire
-# Copyright (C) 2016 Canonical Ltd.
-#
-# Authors: Dustin Kirkland <kirkland@canonical.com>
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License along
-# with this program; if not, write to the Free Software Foundation, Inc.,
-# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
-# Source our configuration
-[ -r /etc/default/motd-news ] && . /etc/default/motd-news
-ENABLED=1 || exit 0
-[ -n "$SERVER" ] || SERVER="https://motd.ubuntu.com"
-[ -n "$WAIT" ] || WAIT=2
-# Generate our temp files, clean up when done
-NEWS=$(mktemp)
-ERR="$NEWS.err"
-trap "rm -f $NEWS $ERR" HUP INT QUIT ILL TRAP KILL BUS TERM
-
-# Construct a user agent, with debug information, similar to Firefox/Chrome
-curl_ver="$(dpkg -l curl | awk '$1 == "ii" { print($3); exit(0); }')"
-. /etc/lsb-release
-lsb=$(echo "$DISTRIB_DESCRIPTION" | sed -e "s/ /\//g")
-platform="$(uname -o)/$(uname -r)/$(uname -m)"
-cpu="$(grep -m1 "^model name" /proc/cpuinfo | sed -e "s/.*: //" -e "s:\s\+:/:g")"
-read up idle < /proc/uptime
-uptime="uptime/$up/$idle"
-USER_AGENT="curl/$curl_ver $lsb $platform $cpu $uptime"
-
-for s in $SERVER; do
- # Ensure https:// protocol, for security reasons
- case $s in
- https://*)
- true
- ;;
- *)
- continue
- ;;
- esac
- # Fetch and print the news motd
- if curl --connect-timeout "$WAIT" --max-time "$WAIT" -A "$USER_AGENT" -o- "$s" >"$NEWS" 2>"$ERR"; then
- echo
- # At most, 10 lines of text, remove control characters, print at most 80 characters per line
- cat "$NEWS" | head -n 10 | tr -d '\000-\011\013\014\016-\037' | cut -c -80
- fi
-done
-rm -f "$NEWS" "$NEWS.err"
-exit 0

timrchavez commented Jun 29, 2017

The implication I made is that Ubuntu is tracking, but I have no proof of that, so that was an irresponsible statement. It could be that the information is just being used to make decisions on what to send back and then it's being discarded. I simply do not know but I should not imply something I do not know as fact.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment