Ubuntu quietly tracking information about our servers through opt-out curls to motd.ubuntu.com

gistfile1.txt

diff -Nru base-files-9.6ubuntu9/debian/base-files.dirs base-files-9.6ubuntu10/debian/base-files.dirs
--- base-files-9.6ubuntu9/debian/base-files.dirs	2016-04-22 06:29:32.000000000 +0000
+++ base-files-9.6ubuntu10/debian/base-files.dirs	2017-02-15 19:28:11.000000000 +0000
@@ -9,6 +9,7 @@
 etc/update-motd.d
 home
 lib
+lib/systemd/system
 proc
 root
 run
diff -Nru base-files-9.6ubuntu9/debian/changelog base-files-9.6ubuntu10/debian/changelog
--- base-files-9.6ubuntu9/debian/changelog	2016-12-17 15:19:59.000000000 +0000
+++ base-files-9.6ubuntu10/debian/changelog	2017-02-15 20:09:56.000000000 +0000
@@ -1,3 +1,19 @@
+base-files (9.6ubuntu10) zesty; urgency=medium
+
+  * debian/rules, debian/motd-news.service, debian/motd-news.timer:
+    - rework the motd-news, using a systemd timer, LP: #1637800 comment #4
+    - timer fires the first time, 1 minute after boot, and then every 12 hours
+      thereafter
+    - timer calls "/etc/update-motd.d/50-motd-news --force", which forces a
+      background fetch of the news, written to /var/cache/motd-news
+  * debian/motd-news:
+    - change the variable name of the list of news sources from SERVER to URLS
+  * update-motd.d/50-motd-news, debian/postinst:
+    - renamed file, to be consistent, "motd-news"
+    - remove the old conf file /etc/update-motd.d/50-news
+
+ -- Dustin Kirkland <kirkland@ubuntu.com>  Sat, 21 Jan 2017 10:34:26 -0500
+
 base-files (9.6ubuntu9) zesty; urgency=medium
 
   * Fix LP: #1649352
diff -Nru base-files-9.6ubuntu9/debian/control base-files-9.6ubuntu10/debian/control
--- base-files-9.6ubuntu9/debian/control	2016-04-22 06:31:28.000000000 +0000
+++ base-files-9.6ubuntu10/debian/control	2017-02-15 19:28:11.000000000 +0000
@@ -4,13 +4,13 @@
 Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
 XSBC-Original-Maintainer: Santiago Vila <sanvila@debian.org>
 Standards-Version: 3.9.7
-Build-Depends: debhelper (>= 9)
+Build-Depends: debhelper (>= 9), dh-systemd
 
 Package: base-files
 Provides: base
 Architecture: any
 Pre-Depends: awk
-Depends: ${misc:Depends}
+Depends: ${misc:Depends}, systemd
 Essential: yes
 Priority: required
 Replaces: base, miscutils, dpkg (<= 1.15.0)
diff -Nru base-files-9.6ubuntu9/debian/motd-news base-files-9.6ubuntu10/debian/motd-news
--- base-files-9.6ubuntu9/debian/motd-news	2016-12-16 16:42:03.000000000 +0000
+++ base-files-9.6ubuntu10/debian/motd-news	2017-02-15 19:33:22.000000000 +0000
@@ -1,12 +1,19 @@
 # Enable/disable the dynamic MOTD news service
+# This is a useful way to provide dynamic, informative
+# information pertinent to the users and administrators
+# of the local system
 ENABLED=1
 
 # Configure the source of dynamic MOTD news
 # White space separated list of 0 to many news services
 # For security reasons, these must be https
 # and have a valid certificate
-SERVER="https://motd.ubuntu.com"
+# Canonical runs a service at motd.ubuntu.com, and you
+# can easily run one too
+URLS="https://motd.ubuntu.com"
 
 # Specify the time in seconds, you're willing to wait for
 # dynamic MOTD news
-WAIT=2
+# Note that news messages are fetched in the background by
+# a systemd timer, so this should never block boot or login
+WAIT=5
diff -Nru base-files-9.6ubuntu9/debian/motd-news.service base-files-9.6ubuntu10/debian/motd-news.service
--- base-files-9.6ubuntu9/debian/motd-news.service	1970-01-01 00:00:00.000000000 +0000
+++ base-files-9.6ubuntu10/debian/motd-news.service	2017-02-15 19:28:11.000000000 +0000
@@ -0,0 +1,8 @@
+[Unit]
+Description=Message of the Day
+After=network-online.target
+Documentation=man:update-motd(8)
+
+[Service]
+Type=oneshot
+ExecStart=/etc/update-motd.d/50-motd-news --force
diff -Nru base-files-9.6ubuntu9/debian/motd-news.timer base-files-9.6ubuntu10/debian/motd-news.timer
--- base-files-9.6ubuntu9/debian/motd-news.timer	1970-01-01 00:00:00.000000000 +0000
+++ base-files-9.6ubuntu10/debian/motd-news.timer	2017-02-15 20:02:11.000000000 +0000
@@ -0,0 +1,12 @@
+[Unit]
+Description=Message of the Day
+
+[Timer]
+OnUnitActiveSec=12h
+RandomizedDelaySec=1h
+AccuracySec=10min
+Persistent=true
+OnStartupSec=1min
+
+[Install]
+WantedBy=timers.target
diff -Nru base-files-9.6ubuntu9/debian/postinst.in base-files-9.6ubuntu10/debian/postinst.in
--- base-files-9.6ubuntu9/debian/postinst.in	2015-10-22 17:05:54.000000000 +0000
+++ base-files-9.6ubuntu10/debian/postinst.in	2017-02-15 20:09:18.000000000 +0000
@@ -125,4 +125,9 @@
   if dpkg --compare-versions "$2" lt-nl "7.7"; then
     install_directory mnt 755 root
   fi
+  # Remove the short-lived (within zesty dev cycle) /etc/update-motd.d/50-news file,
+  # which was renamed to /etc/update-motd.d/50-motd-news
+  [ -e /etc/update-motd.d/50-news ] && rm -f /etc/update-motd.d/50-news
 fi
+
+#DEBHELPER#
diff -Nru base-files-9.6ubuntu9/debian/rules base-files-9.6ubuntu10/debian/rules
--- base-files-9.6ubuntu9/debian/rules	2016-11-11 15:58:05.000000000 +0000
+++ base-files-9.6ubuntu10/debian/rules	2017-02-15 19:28:11.000000000 +0000
@@ -11,7 +11,7 @@
 VENDORFILE = ubuntu
 
 %:
-	dh $@
+	dh $@ --with systemd
 
 override_dh_auto_build:
 	sh debian/check-md5sum-etc profile
@@ -43,6 +43,8 @@
 install:
 	install -p -m 644 etc/*      $(DESTDIR)/etc
 	install -p -m 644 debian/motd-news $(DESTDIR)/etc/default
+	install -p -m 644 debian/motd-news.service $(DESTDIR)/lib/systemd/system/
+	install -p -m 644 debian/motd-news.timer $(DESTDIR)/lib/systemd/system/
 	install -p -m 644 licenses/* $(DESTDIR)/usr/share/common-licenses
 	install -p -m 644 origins/*  $(DESTDIR)/etc/dpkg/origins
 	install -p -m 644 share/*    $(DESTDIR)/usr/share/base-files
@@ -57,3 +59,11 @@
 	sed -e "s&#OSNAME#&$(OSNAME)&g" etc/os-release > $(DESTDIR)/etc/os-release
 	mv $(DESTDIR)/etc/os-release $(DESTDIR)/usr/lib/os-release
 	ln -s ../usr/lib/os-release $(DESTDIR)/etc/os-release
+
+override_dh_systemd_enable:
+	dh_systemd_enable -pbase-files motd-news.timer
+	dh_systemd_enable -pbase-files motd-news.service
+
+override_dh_systemd_start:
+	dh_systemd_start -pbase-files motd-news.timer
+	dh_systemd_start -pbase-files motd-news.service
diff -Nru base-files-9.6ubuntu9/update-motd.d/50-motd-news base-files-9.6ubuntu10/update-motd.d/50-motd-news
--- base-files-9.6ubuntu9/update-motd.d/50-motd-news	1970-01-01 00:00:00.000000000 +0000
+++ base-files-9.6ubuntu10/update-motd.d/50-motd-news	2017-02-15 19:54:04.000000000 +0000
@@ -0,0 +1,117 @@
+#!/bin/sh
+#
+#    50-motd-news - print the live news from the Ubuntu wire
+#    Copyright (C) 2016-2017 Canonical Ltd.
+#    Copyright (C) 2016-2017 Dustin Kirkland
+#
+#    Authors: Dustin Kirkland <kirkland@canonical.com>
+#
+#    This program is free software; you can redistribute it and/or modify
+#    it under the terms of the GNU General Public License as published by
+#    the Free Software Foundation; either version 2 of the License, or
+#    (at your option) any later version.
+#
+#    This program is distributed in the hope that it will be useful,
+#    but WITHOUT ANY WARRANTY; without even the implied warranty of
+#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#    GNU General Public License for more details.
+#
+#    You should have received a copy of the GNU General Public License along
+#    with this program; if not, write to the Free Software Foundation, Inc.,
+#    51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+##############################################################################
+# This program could be rewritten in C or Golang for faster performance.
+# Or it could be rewritten in Python or another higher level language
+# for more modularity.
+# However, I've insisted on shell here for transparency!
+#                                                                     - Dustin
+##############################################################################
+
+# Source the local configuration
+[ -r /etc/default/motd-news ] && . /etc/default/motd-news
+
+# Exit immediately, unless we're enabled
+# This makes this script very easy to disable in /etc/default/motd-news configuration
+[ "$ENABLED" = "1" ] || exit 0
+
+# Ensure sane defaults
+[ -n "$URLS" ] || URLS="https://motd.ubuntu.com"
+[ -n "$WAIT" ] || WAIT=5
+[ -n "$CACHE" ] || CACHE="/var/cache/motd-news"
+[ "$1" = "--force" ] && FORCED=1
+
+# Ensure we print safely, maximum of the first 10 lines,
+# maximum of the first 80 chars per line, no control chars
+safe_print() {
+	cat "$1" | head -n 10 | tr -d '\000-\011\013\014\016-\037' | cut -c -80
+}
+
+
+# If we're not forcing an update, and we have a cached motd-news file,
+# then just print it and exit as quickly as possible, for login performance.
+# Note that systemd should keep this cache file up to date, asynchronously
+if [ "$FORCED" != "1" ]  && [ -r $CACHE ]; then
+	echo
+	safe_print $CACHE
+	exit 0
+fi
+
+# If we've made it here, we've been given the --force argument,
+# probably from the systemd motd-news.service.  Let's update...
+
+# Generate our temp files, clean up when done
+NEWS=$(mktemp)
+ERR="$NEWS.err"
+trap "rm -f $NEWS $ERR" HUP INT QUIT ILL TRAP KILL BUS TERM
+
+# Construct a user agent, similar to Firefox/Chrome/Safari/IE to
+# ensure a proper, tailored, accurate message of the day
+
+# Curl browser version, for debug purposes
+curl_ver="$(dpkg -l curl | awk '$1 == "ii" { print($3); exit(0); }')"
+
+# Distribution version, for messages releated to this Ubuntu release
+. /etc/lsb-release
+lsb=$(echo "$DISTRIB_DESCRIPTION" | sed -e "s/ /\//g")
+codename="$DISTRIB_CODENAME"
+
+# Kernel version and CPU type, for messages related to a particular revision or hardware
+platform="$(uname -o)/$(uname -r)/$(uname -m)"
+arch="$(uname -m)"
+cpu="$(grep -m1 "^model name" /proc/cpuinfo | sed -e "s/.*: //" -e "s:\s\+:/:g")"
+
+# Some messages may only be pertinent before or after some amount of uptime
+read up idle < /proc/uptime
+uptime="uptime/$up/$idle"
+
+# Piece together the user agent
+USER_AGENT="curl/$curl_ver $lsb $platform $cpu $uptime"
+
+# Loop over any configured URLs
+for u in $URLS; do
+	# Ensure https:// protocol, for security reasons
+	case $u in
+		https://*)
+			true
+		;;
+		https://motd.ubuntu.com)
+			u="$u/$codename/$arch"
+		;;
+		*)
+			continue
+		;;
+	esac
+	# If we're forced, set the wait to much higher (1 minute)
+	[ "$FORCED" = "1" ] && WAIT=60
+	# Fetch and print the news motd
+	if curl --connect-timeout "$WAIT" --max-time "$WAIT" -A "$USER_AGENT" -o- "$u" >"$NEWS" 2>"$ERR"; then
+		echo
+		# At most, 10 lines of text, remove control characters, print at most 80 characters per line
+		safe_print "$NEWS"
+		# Try to update the cache
+		safe_print "$NEWS" 2>/dev/null >$CACHE || true
+	fi
+done
+rm -f "$NEWS" "$NEWS.err"
+exit 0
diff -Nru base-files-9.6ubuntu9/update-motd.d/50-news base-files-9.6ubuntu10/update-motd.d/50-news
--- base-files-9.6ubuntu9/update-motd.d/50-news	2016-12-17 15:19:44.000000000 +0000
+++ base-files-9.6ubuntu10/update-motd.d/50-news	1970-01-01 00:00:00.000000000 +0000
@@ -1,60 +0,0 @@
-#!/bin/sh
-#
-#    50-news - print the live news from the Ubuntu wire
-#    Copyright (C) 2016 Canonical Ltd.
-#
-#    Authors: Dustin Kirkland <kirkland@canonical.com>
-#
-#    This program is free software; you can redistribute it and/or modify
-#    it under the terms of the GNU General Public License as published by
-#    the Free Software Foundation; either version 2 of the License, or
-#    (at your option) any later version.
-#
-#    This program is distributed in the hope that it will be useful,
-#    but WITHOUT ANY WARRANTY; without even the implied warranty of
-#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-#    GNU General Public License for more details.
-#
-#    You should have received a copy of the GNU General Public License along
-#    with this program; if not, write to the Free Software Foundation, Inc.,
-#    51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
-# Source our configuration
-[ -r /etc/default/motd-news ] && . /etc/default/motd-news
-ENABLED=1 || exit 0
-[ -n "$SERVER" ] || SERVER="https://motd.ubuntu.com"
-[ -n "$WAIT" ] || WAIT=2
-# Generate our temp files, clean up when done
-NEWS=$(mktemp)
-ERR="$NEWS.err"
-trap "rm -f $NEWS $ERR" HUP INT QUIT ILL TRAP KILL BUS TERM
-
-# Construct a user agent, with debug information, similar to Firefox/Chrome
-curl_ver="$(dpkg -l curl | awk '$1 == "ii" { print($3); exit(0); }')"
-. /etc/lsb-release
-lsb=$(echo "$DISTRIB_DESCRIPTION" | sed -e "s/ /\//g")
-platform="$(uname -o)/$(uname -r)/$(uname -m)"
-cpu="$(grep -m1 "^model name" /proc/cpuinfo | sed -e "s/.*: //" -e "s:\s\+:/:g")"
-read up idle < /proc/uptime
-uptime="uptime/$up/$idle"
-USER_AGENT="curl/$curl_ver $lsb $platform $cpu $uptime"
-
-for s in $SERVER; do
-	# Ensure https:// protocol, for security reasons
-	case $s in
-		https://*)
-			true
-		;;
-		*)
-			continue
-		;;
-	esac
-	# Fetch and print the news motd
-	if curl --connect-timeout "$WAIT" --max-time "$WAIT" -A "$USER_AGENT" -o- "$s" >"$NEWS" 2>"$ERR"; then
-		echo
-		# At most, 10 lines of text, remove control characters, print at most 80 characters per line
-		cat "$NEWS" | head -n 10 | tr -d '\000-\011\013\014\016-\037' | cut -c -80
-	fi
-done
-rm -f "$NEWS" "$NEWS.err"
-exit 0

The implication I made is that Ubuntu is tracking, but I have no proof of that, so that was an irresponsible statement. It could be that the information is just being used to make decisions on what to send back and then it's being discarded. I simply do not know but I should not imply something I do not know as fact.