What data are transmitted to Canonical for livepatch?
Solution 1:
Given that the livepatch client is proprietary, I don't have a complete answer.
That said, the client (/snap/canonical-livepatch/*/canonical-livepatchd
) is written in Go. Debugging with Delve, here's some information to start with:
(dlv) bt
0 0x00000000006ad140 in main.(*client).check
at /home/c/Canonical/go/livepatch/src/github.com/CanonicalLtd/livepatch-client/parts/canonical-livepatch/build/daemon/client.go:212
1 0x00000000006acfeb in main.(*client).Check
at /home/c/Canonical/go/livepatch/src/github.com/CanonicalLtd/livepatch-client/parts/canonical-livepatch/build/daemon/client.go:200
2 0x00000000006b8415 in main.refresh
at /home/c/Canonical/go/livepatch/src/github.com/CanonicalLtd/livepatch-client/parts/canonical-livepatch/build/daemon/refresh.go:60
3 0x00000000006bf957 in main.newDaemon.func1
at /home/c/Canonical/go/livepatch/src/github.com/CanonicalLtd/livepatch-client/parts/canonical-livepatch/build/daemon/daemon.go:76
4 0x00000000006b86a3 in main.(*refreshLoop).loop
at /home/c/Canonical/go/livepatch/src/github.com/CanonicalLtd/livepatch-client/parts/canonical-livepatch/build/daemon/refresh.go:120
5 0x00000000006c0bfd in main.(*service).Start.func1
at /home/c/Canonical/go/livepatch/src/github.com/CanonicalLtd/livepatch-client/parts/canonical-livepatch/build/daemon/service.go:151
6 0x0000000000457b31 in runtime.goexit
at /home/c/.gobrew/versions/1.10/src/runtime/asm_amd64.s:2361
(dlv) locals
rendered.cap = 0
rendered.len = 0
rendered.ptr = *uint8 nil
status = main.ClientStatus {ClientVersion: "8.0.1", MachineId: "bfcf169468f641528ac653c41ff1797d", MachineToken: "",...+7 more}
(dlv) print status
main.ClientStatus {
ClientVersion: "8.0.1",
MachineId: "bfcf169468f641528ac653c41ff1797d",
MachineToken: "",
Architecture: "x86_64",
CpuModel: "Intel(R) Core(TM) i7-6920HQ CPU @ 2.90GHz",
LastCheck: time.Time {
wall: 0,
ext: 0,
loc: *time.Location nil,},
BootTime: time.Time {
wall: 0,
ext: 63662149770,
loc: *(*time.Location)(0x963f60),},
ApplyTime: time.Time {
wall: 0,
ext: 0,
loc: *time.Location nil,},
Uptime: 3472,
Kernels: []main.KernelStatus len: 1, cap: 1, [
(*main.KernelStatus)(0xc4201883c0),
],}
The fields in the status
variable are:
- Client Version
- Machine ID (the value from
/etc/machine-id
) - Machine Token (Ubuntu One token?)
- CPU Model and (OS?) Architecture
- Last check time
- Boot time (time taken to boot?)
- Apply Time (?? - possibly, when the last update was applied?)
- Uptime
- List of Kernels
Boot time and Uptime could be considered to be included in statistics and performance metrics.
Again, this is a starting point. Make of it what you will, and hopefully somebody else can provide more definite information.
How can I be sure it will not change suddenly to transmit more than I want?
You can't. The source code isn't available, and snaps are automatically refreshed, IIRC.
Solution 2:
I asked Canonical sales team what data the live patch service transmits. They got back to me with this:
This is the information we send about the client:
- Machine ID from /etc/machine-id
- Machine Token from livepatch server
- Architecture of machine
- CPU model of machine
- When was the client last updated
- When was the system booted
- When was livepatch last applied?
- Current system uptime
- Kernel version
Also they mentioned that they also transmit some snap statistics, which might change with the GDPR requirements.