402

On one of my machines I have a process running called "whoopsie". I'm running 12.04 server and never specifically installed anything with this name.

Google seems to imply that it has something to with error logs but I'm not finding too much information. The fact that I didn't manually install it and the 3 other servers I checked did in fact have no such running process OR executable made me a bit confused.

Does anyone know what the "whoopsie" process is?

Does anyone know what packages might have installed it? The server is quite plain, it has a LAMP stack, Samba and print servers and the Nagios NRPE plugin, nothing more installed, just standing there being a nice backup-server.

Some more info:

$ whoopsie -h
Usage:
  whoopsie [OPTION...]

Help Options:
  -h, --help           Show help options

Application Options:
  -f, --foreground     Run in the foreground

and

USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND  
whoopsie   913  0.0  0.4  24448  2092 ?        Ssl  May07   0:00 whoopsie

and

$ sudo cat /etc/passwd | grep whoop
whoopsie:x:107:118::/nonexistent:/bin/false
Jorge Castro
  • 71,754
Nanne
  • 8,625
  • I got rid of it in a config file following these instructions http://mschoofs.blogspot.it/2015/11/unknown-username-whoopsie-in-message.html – flyingdrifter Dec 30 '17 at 05:05

7 Answers7

370

What's whoopsie ?

  • It's the "Ubuntu Error Reporting" daemon, and is installed by default in both desktop/server installations.
  • When something crashes, whoopsie does two things:
    1. Collects the crash report generated by Apport and
    2. Can send them to Ubuntu/Canonical (specifically to https://daisy.ubuntu.com in BSON)

Whoopsie won't send your crash reports without your permission!

  • As Evan explains in his answer below, the actual transmission of crash data occurs only if you permit it via the graphical dialog (see below), or for a CLI server, explicitly run apport-cli.

    screenshot

How do I disable it on my desktop?

GNOME Shell (Ubuntu 17.10+)

screenshot

Unity (Ubuntu before 17.04)

  • Go to Settings...Privacy...

    screenshot

  • And in the Diagnostics Tab, uncheck the Send Error Reports to Canonical option:

    screenshot

How do I disable it on a server or via the command-line?

  • Just change the report_crashes parameter to false in the /etc/default/whoopsie file.
  • Then bid farewell to whoopsie with sudo service whoopsie stop.
Pablo Bianchi
  • 15,657
ish
  • 139,926
  • Do you have any clue what packages install it? – Nanne May 11 '12 at 15:40
  • apt-file search /woopsie results the woopsie package. As shown using apt-cache rdepends whoopsie and apt-cache show ubuntu-desktop, ubuntu-desktop recommends it. – Lekensteyn May 11 '12 at 15:43
  • I believe it's installed by default as part of the desktop/server installs; I haven't seen it with the expert-cli server or alternate installs though. – ish May 11 '12 at 15:45
  • Hmm, so it shouldn't be on there if this is a clean server install. I'll have to check my sources, and what the history of this thing is. I'll just uninstall it probably, unless there is something against that? – Nanne May 11 '12 at 15:54
  • 37
    No, just apt-get rid of it. – ish May 11 '12 at 15:56
  • 6
    I just did a clean install of 12.04 Server and it was installed automatically. –  May 21 '12 at 04:30
  • But did you do it in "expert-cli" mode? – ish May 21 '12 at 04:30
  • 3
    I just got a root server with a pretty-much vanilla server install, probably not expert mode but without any stuff installed (not even ntp), and got whoopsie. Did in fact get apt-get rid of it, thanks for the wonderful term :) – TheDeadSerious Aug 01 '12 at 20:08
  • 10
    There is no /etc/default/whoopsie in ubuntu – Evan Carroll Nov 08 '16 at 00:49
  • @ish, when whoopsie is disabled, will I still get the error's reported (in a msg box to see), just having the „calling home“ disabled? (that is my aim) – Frank N Aug 30 '19 at 15:13
51

Whoopsie is part of the Ubuntu error tracker. It takes the crash reports that apport creates and presents whenever an application fails and sends them to a Canonical server for further processing. The data collected from these reports help us prioritize and track the most pressing issues:

https://errors.ubuntu.com

The small (in disk space, not necessarily CPU/RAM usage) whoopsie daemon process is run by default on both Ubuntu desktop and server installations. It will only send reports out if you explicitly approve this in the dialog that appears on desktop installs, or in the case of the server, manually run apport-cli.

You can disable it by going into System Settings -> Privacy -> Diagnostics and unchecking the box labelled "Send error reports to Canonical."

To disable it on Ubuntu Server, edit the /etc/default/whoopsie file and change report_crashes= to false, then run sudo stop whoopsie.

Note that if you do this, we will not be made aware of the problems affecting your computer and may be unable to fix them. I talk about how we use your data to make Ubuntu better in this video:

Pablo Bianchi
  • 15,657
Evan
  • 5,048
  • 3
    I find it strange that it is default part of ubuntu-server? If anything, my headless server doesn't have a "system settings->privacy" . THe frivolous name made me wonder what it was, as I didn't expect it in the server version, but it seems to come default, so I'll live with having to stop it :) – Nanne Jun 13 '12 at 13:09
  • 21
    this "small whoopsie daemon" takes up over 50% of my RAM and 90% of a single CPU core – bluesmoon Jun 25 '12 at 19:13
  • 3
    So whose insane idea was it to install a daemon with such a frivolous name (and to make it report by default! - I had reporting turned off on 13.10, and it's back with 14.04!). I know there's a long tradition of frivolous program names in Unix, but at first glance this looks like malware. – Auspex May 07 '14 at 12:18
  • /etc/default/whoopsie does not exist in 16.04. The only way to stop whoopsie is to uninstall it. – musbach Feb 05 '17 at 13:04
  • 1
    @Auspex Same kind of people that decided "Dr. Watson" was a great name for MS Windows' error reporting. – Tsaukpaetra Nov 06 '17 at 23:15
  • @Tsaukpaetra Well, no. "Dr. Watson" gives you at least a hint of what it's doing (and iirc it does it in the foreground). It's this silly name operating in the background that makes people think it's malware. – Auspex Nov 08 '17 at 09:44
  • @Auspex on the contrary, Dr Watson sounds like Spyware investigating you for murder. Silly name referencing a fictional character that runs every time something bad happens that makes people think it's malware. -.- – Tsaukpaetra Nov 09 '17 at 09:55
20
$ apt --simulate purge whoopsie

The following packages will be REMOVED

whoopsie*

$ apt purge whoopsie

I've had no problems as I am in the process of building my own Ubuntu Desktop but so far that thing keeps crashing my system, but now I have got rid of it :)

Pablo Bianchi
  • 15,657
Glynn Bower
  • 225
  • 15
    It being a crash reporting tool, I suspect it simply shows up after other things crash, it's unlikely that such a simple tool could be the actual cause of the crash. – Kzqai Jan 23 '13 at 04:29
  • 7
    It's like saying "Mozilla Crash Reporter crashed firefox". Whoopsie is a crash reporting tool, so probably when some other thing crashed, whoopsie offered to send a report. – Luka Ramishvili Feb 23 '13 at 09:03
  • 9
    apt-get -s runs a simulation. When you are ready to actually remove a package, replace apt-get -s with sudo apt-get. If you just run apt-get -s, no actual uninstallation will occur. – Eliah Kagan Aug 17 '13 at 00:47
  • 1
    Whoopsie makes bad situations worse by running at 100% cpu for minutes after I intentionally blowup process with dummy data to see it's limits. – Ray Foss May 27 '21 at 21:15
  • Still good on Ubuntu 20+ (and still necessary) – Kingsley Oct 15 '21 at 02:08
3

It's Canonical's error reporting daemon.

The off-putting thing about is that you are not even asked if you want it installed, which isn't so nice if your on a budget server hardware wise

@Glynn BLower

apt-get -s purge

doesn't seem to actually deinstall the daemon, just shows you that it is there if you want to purge it

apt-get purge

did the trick on my 13.04 server install

Tobias F. Meier
  • 169
  • 2
  • how nice, a down vote without an explanation. Would you mind to elaborate as to why you down voted? Was it because I don't like a process running on my servers that automatically sends data about the system without my approval? Was it because I criticised Canonical for that? Was it because apt-get purge DOES deinstall it and the package and I made an error here? If you know more about the matter please share your insights! Especially as the post I was referring to was changed to reflect my own findings. – Tobias F. Meier Aug 19 '13 at 10:07
  • 3
    I can only guess, but I think your answer was voted down because it was not a complete answer (your commands are incomplete, at least). Another reason could be that you were commenting on another answer as an answer, rather than writing a comment on the answer as would have been appropriate. – Thorbjørn Lindeijer Nov 01 '14 at 13:36
  • 1
    Further to @ThorbjørnLindeijer comment, apt-get -s is intentionally meant to do "nothing" - -s stands for --simulate, and is written in full in the referenced answer, which just simulates what the command does. Again, in the reference answer, the next command is without the flag and performs the intended operation – Nick Bull Jun 22 '20 at 13:15
2

It is the "Ubuntu crash database submission daemon": http://packages.ubuntu.com/precise/whoopsie

pestilence
  • 1,595
1

Whoopsie has a list of dependencies, and they are redundant without Whoopsie Synaptic Package Manager does the trick

Search > Whoopsie

Mark for Complete Removal all the lib_* whoopsie related packages.

Apply

If you went the sudo apt-get -s purge whoopsie route, don't forget to sudo apt autoremove after that to get all the packages flushed.

Suggest a sudo apt-get update after everything and then service --status-all to verify that 'whoopsie' isn't on your system.

NexusInk
  • 19
  • 2
0

Today I saw the process "whoopsie" in the connections running (lsof -i -n). I couldn't stop the process, I tried "kill PID", negative. Then I logged out of the "root account" and logged in again. The process continued with the same PID, which means that the process was not ended. Then I restarted the computer and the computer could not shut down because "whoopsie" was still running and could not be ended. So I had to press and hold the power button until the computer went out. The worst thing is that "whoopsie" uploaded a large amount of data to the internet at the time and I have no idea what. After that I deleted "whoopsie" from my PC with:

apt remove --purge whoopsie && apt autoremove && apt autoclean && restart

whoopsie screenshot

---EDIT--

I forgot to say, whoopsie connected through the closed firewall. That is actually not possible.

All ports are closed, except ports 443 and 9001 are open.

Firewall screenshot

Teso
  • 304
  • You've posted this as an answer, but it doesn't seem to be an answer. We use a Q&A format here. If you have a question, please click "Ask Question". You can link to this one if it helps provide context. https://askubuntu.com/tour – Nmath Aug 04 '20 at 20:56