You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

55 lines
2.7 KiB

Popularity-contest Frequently Asked Questions.
Q) What informations are reported by popularity-contest ?
A) popularity-contest report the Debian architecture you use, the version of
popularity-contest you use and the list of packages installed on your
system. For each packages, popularity-contest looks at the most recently
used (based on atime) files, and report the filename, its last access time
(atime) and last change time (ctime). However, some files are not considered,
because they have unreliable atime.
Q) What are the privacy consideration for popularity-contest ?
A) Each popularity-contest host is identified by a random 128bit uuid
(MY_HOSTID in /etc/popularity-contest). This uuid is used to track
submission issued by the same host. It should be kept secret. The reports
are sent by email to the popcon server. The server automatically extract
the report from the email and store it in a database for a maximum of 20
days or until the host send a new report. This database is readable only by
Debian Developers. The emails are readable only by the server admins.
Every day, the server compute a summary and post it on
<>. This summary is a
merge of all the submissions and does not include uuids.
Known weakness of the system:
1) Your email submission might be intercepted. We evaluate the possibility
to use public-key cryptography to protect the email.
2) Someone who know you are very likely to use a particular package reported
by only one person (e.g. you are the maintainer) might infer you are not at
home when the package is not reported anymore. However this is only a
problem if you are gone for more than two weeks if the computer is shut-down
and 23 days if it is let idle.
3) Unofficial and local packages are reported. This can be an issue
especially with 2) above, especially for custom-build kernel packages.
We are evaluating how far we can alleviate this problem.
Q) My submissions bounce with
550 [PERMFAIL] requires valid sender domain.
A) popularity-contest send the report as root but the email address of the root
user was not configured properly. With exim, you can add an entry for root
in /etc/email-addresses with a suitable address.
A better fix would be to change to not reject emails with
invalid sender domain in the first place, but it is out of our reach for the
time being.
Q) /usr is mounted with 'noatime'.
A) popularity-contest relies on atime to know what packages were used during
the last month. This means you will only report the list of packages
installed without usage information.