is it safe to remove apport?

Yes, you can remove apport but unless you actually agree(d) on apport sending information it will never send any data.

Even better: The automatic crash interception component of apport is disabled by default in stable releases for a number of reasons:

  • Apport collects potentially sensitive data, such as core dumps, stack traces, and log files. They can contain passwords, credit card numbers, serial numbers, and other private material. This is mitigated by the fact that it presents you what will be sent to the bug tracker, and that all crash report bugs are private by default, limited to the Ubuntu bug triaging team. We can reasonably expect developers and technically savvy users, who run the development release, to be aware of this and judge whether it is appropriate to file a crash report. But we shouldn't assume that every Ubuntu user of stable releases is able to do so.

  • During the development release we already collect thousands of crash reports, much more than we can ever fix. Continuing to collect those for stable releases is not really useful, since

    • The most important crashes have already been discovered in the development release.
    • The less important ones are not suitable for getting fixed in stable releases (see https://wiki.ubuntu.com/StableReleaseUpdates
    • Asking users to send crash reports to us is insincere, since we can't possibly answer and deal with all of them.
  • Data collection from apport takes a nontrivial amount of CPU and I/O resources, which slow down the computer and don't allow you to restart the crashed program for several seconds.


If apport is currently active you can disable it by editing...

sudo nano /etc/default/apport

and follow the comments:

# set this to 0 to disable apport, or to 1 to enable it
# you can temporarily override this with
# sudo service apport start force_start=1
enabled=1

Set it to 0.


It is probably safe to remove Apport, but doing so is completely unnecessary for protecting your privacy.

Apport's core dump interception is disabled by default on stable versions of Ubuntu. To completely disable Apport, edit /etc/default/apport. Change enabled=1 to enabled=0. (1 means it's enabled. 0 means it's disabled.) Then reboot (or manually stop the service) to apply the change. See the Apport documentation, and especially the section on current versions of Ubuntu, for more details.

Apport does not use gconf or dconf for setting whether or not it is enabled. It is a system service, and whether or not it runs (i.e., whether or not it intercepts crashes, creates crash dumps, and makes it possible for the user to submit them to Launchpad or other web services) is not determined by any user's per-user settings.

If you do remove Apport, you will lose the ability to use it to report non-crash bugs (with Help > Report a Bug) or running ubuntu-bug. If then you or another administrator decides to reinstall it for this purpose, then depending on how you removed it and what system you are running when you reinstall it, it might then become enabled for intercepting crashes and creating/submitting core dumps.

So if you're vigilant (or even if you're not), disabling Apport should be quite sufficient. If you're not vigilant, then uninstalling Apport might actually make it more likely to intercept and submit crash data in the future (as described above), if you reinstall it for its other functionality and forget to check if the crash reporting service is enabled.

If you do decide to remove Apport, you can check first to see if doing so would break everything, by simulating its removal:

apt-get -s remove apport

That will show you what other packages would be removed as a consequence. Then, to actually remove it:

sudo apt-get remove apport

Please note that you probably do not want to purge it, since if you remove it you'll want to keep the apport configuration file in /etc/default that has enabled=0. (Just know that this doesn't necessarily guarantee that the crash reporting service will never be enabled upon reinstallation, in any future version.)