/srv/irclogs.ubuntu.com/2015/04/24/#snappy.txt

ash_charles	hello---I'm new to snappy and just learning my way around.	02:42
ash_charles	I see an error "beagleboneblack_1.0_all.snap failed to install: Signature verification failed with exit status 10" when playing with the beaglebone example oem package	02:46
ash_charles	any hints?	02:46
ash_charles	Ah---the magic seems to be adding the '--developer-mode' argument for locally built packages	03:05
=== kickinz1\|afk is now known as kickinz1
D_Cent	hi, i installed java on my snappy ubuntu and now wrote a bash script which starts a java application which should be running as a service. the problem is that apparmor won't let me execute java, it says "Operation not permitted". can i allow java to be called somehow?	06:28
D_Cent	(the service was installed as a snap)	06:29
Chipaca	D_Cent: what exactly is getting blocked?	07:00
D_Cent	Chipaca: the java call itself	07:00
Chipaca	D_Cent: dmesg \| grep DENY	07:00
D_Cent	Chipaca: hm... that doesn't give me anything	07:01
Chipaca	D_Cent: then it isn't apparmor	07:01
D_Cent	Chipaca: systemctl status says: Apr 24 07:01:04 localhost.localdomain ubuntu-core-launcher[1318]: /apps/rda-watchdog.sideload/0.1/bin/rda-watchdog: line 4: /usr/bin/java: Operation not permitted	07:01
Chipaca	D_Cent: wait, you installed java to /usr/bin/?	07:02
D_Cent	Chipaca: well, I basically just installed the raspbian debian package - I didn't find a snap or anything for snappy	07:02
Chipaca	haha	07:02
Chipaca	D_Cent: how did you install a package from a different architecture? isn't raspbian armel?	07:03
D_Cent	Chipaca: i've got "oracle-java8-jdk_8_armhf.deb", so i guess not ;)	07:03
Chipaca	D_Cent: looks like there is an armhf raspbian. fair enough.	07:04
D_Cent	Chipaca: so why is the call getting blocked? is there another way to get java working?	07:04
Chipaca	D_Cent: it's not getting blocked; it's probably entirely broken	07:05
Chipaca	D_Cent: can you run java from the terminal?	07:05
D_Cent	Chipaca: but i can execute the script when not using systemd	07:05
D_Cent	Chipaca: exactly	07:05
Chipaca	D_Cent: once you've installed a debian package onto a snappy system it is not a snappy system any more, you're pretty much on your own there. have you looked into whether seccomp is blocking it somehow?	07:06
Chipaca	i've got to go, but can probably help you a bit further when i return in an hour and half or so	07:06
D_Cent	Chipaca: okay, thank you!	07:07
Chipaca	D_Cent: meanwhile, look into seccomp	07:07
D_Cent	I'll do	07:07
ogra_	D_Cent, you either need to put the java install inside your snap or you need to create a framework package if you actually need to consume java from multiple snaps ... installing a deb will be reverted completely on updates	07:17
dholbach	good morning	07:18
ogra_	Chipaca, raspbian is armhf but ARMv6 ...	07:18
=== kickinz1 is now known as kickinz1\|afk
D_Cent	ogra_: okay, so this will be a problem for me then... for example, i need wi-fi (wpa_supplicant) and that doesn't come with ubuntu core, so i installed that with dpkg, too	08:08
davidcalle	dpm, when trying the appliance guide last night, have you been hitted by this (second part of the bug) ? https://bugs.launchpad.net/snappy-ubuntu/+bug/1447724	08:19
dpm	davidcalle, that's the bug that I fixed	08:19
davidcalle	dpm, oh! Cool :)	08:20
dpm	davidcalle, the .sideload references are now .canonical	08:20
davidcalle	dpm, ok, makes sense	08:20
dpm	davidcalle, I think it's because the original version of the guide was written with a locally-installed snapp, whereas a store snapp was made available afterwards. At least that's what I think	08:21
dpm	after changing the instructions to .canonical, the guide worked for me	08:21
* davidcalle should get a bbb		08:22
mhall119	davidcalle: dholbach: did rcj's changes to the snappy docs get made yesterday?	08:26
davidcalle	mhall119, yep	08:26
dholbach	mhall119, davidcalle responded at 23:54 CET	08:27
=== kickinz1\|afk is now known as kickinz1
JamesTait	Good morning all; happy Friday and happy Teach Your Children to Save Day! :-D	08:35
Chipaca	D_Cent: so if you need to use something like wap_supplicant, i think you need to create a framework package with that, and then make your package depend on the framework	08:54
Chipaca	D_Cent: however, i do believe the intention is for core to have some kind of wifi story soon :)	08:54
Chipaca	it might just mean that we're going to create that framework package ourselves	08:55
D_Cent	Chipaca: that would be great :)	08:57
Chipaca	D_Cent: meanwhile you might need to muddle through it on your own though :)	08:58
Chipaca	it's not even on the trello yet	08:58
Chipaca	afaik :)	08:58
D_Cent	Chipaca: so now i'm trying to put java directly into the snap and it seems to work. Now I have to deal with other issues that the usb4java library has ;) (temporary directory creation)	08:58
Chipaca	D_Cent: temp dir should be set up properly though	08:58
D_Cent	Chipaca: i guess it tries to create that directory right where you call the java command from, but i guess i can fix that :) i just hope that i won't run into problems when accessing usb devices	08:59
Chipaca	D_Cent: what directory is it trying to create?	09:00
Chipaca	D_Cent: wrt usb devices, that's what “snappy hw-assign” is for	09:00
D_Cent	Chipaca: it should be /apps/rda-watchdog/watchdog/usb4java	09:00
Chipaca	D_Cent: your thing is a framework?	09:01
D_Cent	Chipaca: right now it's just an app	09:01
Chipaca	D_Cent: that's not the path of an app though	09:01
D_Cent	Chipaca: ah wait...	09:02
D_Cent	Chipaca: /apps/rda-watchdog.sideload/current/watchdog/usb4java is the correct path	09:02
Chipaca	better :)	09:02
D_Cent	:)	09:02
* Chipaca hadn't even notice the missing version in the first one		09:02
Chipaca	D_Cent: your app is trying to write there?	09:03
D_Cent	Chipaca: the usb4java framework wants to extract a jar file temporarily to get access to a native library which it then wants to load	09:03
ogra_	so you need to ship that library inside	09:04
Chipaca	ogra_: java doesn't give you too much control over that, does it?	09:05
* Chipaca doesn't know		09:05
D_Cent	i'll try that :)	09:05
ogra_	Chipaca, i think java uses enmv vars you can shufflke around	09:06
Chipaca	D_Cent: if your java thing expects PWD to be writeable, better cd to $SNAP_APP_DATA_PATH (or $SNAP_APP_TMPDIR ?) before starting it	09:06
Chipaca	ogra_: or -Xeogijuoifvhiofiodsfqrigikvnueoicodifighiu43	09:07
Chipaca	or maybe it was 44, and 43 was "go buy beer"	09:07
Chipaca	hard to know	09:07
D_Cent	Chipaca: aah thanks, that's a better idea	09:08
Chipaca	D_Cent: if you're running on an arm board, and you know that extracion is happening every time your app starts, and you can instead ship things unextracted, go with that	09:09
Chipaca	D_Cent: save yourself some time	09:09
Chipaca	s/arm/low power/	09:11
Chipaca	probably same applies for the intel thingamajig	09:11
D_Cent	Chipaca: hmmm 2cd: /tmp/snaps/rda-watchdog.sideload/0.1/tmp: No such file or directory"	09:11
D_Cent	Chipaca: that happens when trying "cd $SNAP_APP_TMPDIR"	09:12
Chipaca	D_Cent: hm. maybe you need to mkdir -p it first?	09:12
Chipaca	if that doesn't work, double-hm :)	09:12
D_Cent	okay, double hmm ;) "mkdir: cannot create directory ‘/tmp/snaps’: Permission denied"	09:13
Chipaca	tee, hee. ok. that's a Bug	09:13
Chipaca	D_Cent: hm. the code to make it is there.	09:14
Chipaca	D_Cent: maybe you're running something old/ancient?	09:14
Chipaca	D_Cent: there's a mkdir in the wrapper in /apps/bin/<your app>	09:15
D_Cent	Chipaca: i just build my image yesterday with ubuntu-device-flash	09:15
D_Cent	*built	09:15
Chipaca	D_Cent: could you pastebin the wrapper?	09:15
D_Cent	Chipaca: you mean my script which starts the java process?	09:16
Chipaca	D_Cent: no, i mean the wrapper that's created for the binaries declared in your package.yaml and placed in /apps/bin/	09:17
Chipaca	D_Cent: which is what sets up the environ for your app before calling it with ubuntu-core-launcher	09:17
D_Cent	Chipaca: aah sure, just a sec	09:17
D_Cent	Chipaca: http://pastebin.com/sszsfZGt	09:18
Chipaca	D_Cent: so, that fine; that creates the directory	09:20
D_Cent	Chipaca: okay, but i start that as a service	09:21
=== timchen1` is now known as timchen119
Chipaca	D_Cent: you .. what?	09:21
D_Cent	Chipaca: it is supposed to be started by systemd	09:21
Chipaca	D_Cent: but then it's not a binary, it's not in /apps/bin/	09:22
Chipaca	i'm making you look in the wrong place :)	09:22
D_Cent	Chipaca: hehe so basically, i just run "sudo systemctl start rda-watchdog_rda-watchdog_0.1" and that runs the systemd script in /etc/systemd/system - seems like that doesn	09:23
D_Cent	* doesn't use /apps/bin	09:23
Chipaca	D_Cent: so, could you pastebin the service file from /etc/systemd/system/ ?	09:23
Chipaca	D_Cent: should be something like rda-watchdog_yourservice_yourversion.service	09:24
D_Cent	Chipaca: sure :) http://pastebin.com/jN2Gq3SK	09:24
Chipaca	hmmmm :)	09:25
Chipaca	dunno why i asked you to do that. no surprises there.	09:25
* Chipaca digs into it		09:26
D_Cent	hehe thanks :)	09:26
Chipaca	pitti: i've got a systemd question for you when you're around	09:26
D_Cent	Chipaca: now i see what it is trying to do - app armor reports: "audit: type=1400 audit(1429867806.982:39): apparmor="DENIED" operation="mknod" profile="rda-watchdog.sideload_rda-watchdog_0.1" name="/tmp/usb4java2636409983806462228.tmp" pid=2021 comm="java" requested_mask="c" denied_mask="c" fsuid=0 ouid=0"	09:30
Chipaca	D_Cent: good. now you need to find out what env var is needed so that it uses the "right" tmpdir	09:31
Chipaca	D_Cent: while i sort out that right tmpdir getting created, you should be able to create it yourself from outside	09:32
D_Cent	Chipaca: for the moment, i just use $SNAP_APP_DATA_PATH which exists and is writable	09:33
Chipaca	D_Cent: ok :)	09:33
Chipaca	mvo: sergiusens: I think we need to put something in tempfiles.d so the services get their tmpdir. Waiting for confirmation from pitty wrt that.	09:34
pitti	Chipaca: just shoot	09:35
Chipaca	pitti: we're telling services they should use a given TMPDIR	09:36
Chipaca	pitti: that TMPDIR does not exist	09:37
Chipaca	pitti: poking around a little it seems we need to drop a file in one of the tempfiles.d	09:37
Chipaca	pitti: is that the right way?	09:37
Chipaca	pitti: so a file named like the package, with one line of the form “d $TMPDIR 1777 ubuntu ubuntu” per service	09:41
pitti	Chipaca: that works, but TBH I'd rather set this up in ubuntu-app-launcher	09:44
pitti	Chipaca: i. e. just mount a private /tmp/ into the app's namespace, so that you don't need a $TMPDIR at all	09:45
Chipaca	pitti: that sounds a lot better; a lot of code doesn't check TMPDIR anyway.	09:45
pitti	Chipaca: yeah, that was my concern	09:46
pitti	Chipaca: I noticed that with the ROS snap, I had to sed its code to make it respect TMPDIR	09:46
ogra_	can you actually call mount from a snap ?	09:46
Chipaca	ogra_: not on my watch :)	09:46
pitti	ogra_: no, you don't need to, just the launcher	09:46
* Chipaca doesn't actually have a watch		09:47
ogra_	ah, so systemd then	09:47
pitti	?	09:47
Chipaca	ogra_: no, ubuntu-core-launcher	09:47
pitti	(not related to that)	09:47
ogra_	oh, thats a new thing ...	09:47
Chipaca	ogra_: maybe. it's also setuid.	09:47
* ogra_ only has dones service snaps yet		09:47
pitti	at least in my PoC I already create a new namespace for mounting a private /dev/pts/	09:47
pitti	it's trivial to add a tmpfs /tmp/ there	09:47
pitti	I think that might not yet be in mvo's C implementation in vivid, but at some point we want to add it	09:48
Chipaca	pitti: is that PoC on the launcher, or is it something else?	09:48
Chipaca	ah	09:48
Chipaca	ok :)	09:48
pitti	Chipaca: on ubuntu-core-launcher, yes	09:48
Chipaca	so, we probably want to do that soon	09:49
Chipaca	because services have no tmpdir right now	09:49
pitti	yeah, agreed	09:51
pitti	and also the /dev/pts/ so that apps can't spy on each other's terminals (well, apparmor would/should prevent that too, but it's still cleaner)	09:51
Chipaca	pitti: sgtm. asac also wanted private /dev/, but that's hairier	09:53
Chipaca	anyway, sounds like we have a plan for this, and either you or mvo are on it already. I'll go back to worrying about obscure error cases.	09:54
Chipaca	D_Cent: meanwhile, you'll have to create the directory by hand every time (or create a file in /etc/tmpfiles.d; man tmpfiles.d)	09:54
pitti	Chipaca: we have restricted device access already	09:55
pitti	Chipaca: private /dev/ was teh original plan and PoC, but we have something better now (using the devices cgroup)	09:55
D_Cent	Chipaca: alright, thank you!	09:59
Chipaca	pitti: ok :) i thought we'd had to go back on that for now, but glad to be wrong	10:01
Chipaca	pitti: added a comment on the /dev/pts card so we don't forget	10:02
mvo	yeah, private /tmp and /dev/pts is planed just not done yet and will be added soon(ish)	10:17
D_Cent	hm... got another problem now. i put java into an own framework package and it works completely. now i have an app, set java as a framework for the app and tried calling "java". without mentioning the path "/apps/bin/java" it doesn't find the executable. if i use that path directly, i get an "operation not permitted" error	11:47
sergiusens	fwiw, and executable shouldn't be a framework	11:48
sergiusens	a framework should be something that mediates resources	11:48
D_Cent	hm.. okay, the documentation mentions i could put binaries and services into frameworks	11:50
ogra_	sergiusens, an interpreter isnt a resource ?	11:51
sergiusens	ogra_: i felt that was coming	11:51
ogra_	lol	11:51
sergiusens	it will be very hard to claim the 'java' namespace in any case	11:52
=== erkules_ is now known as erkules
D_Cent	can somebody explain what exactly java tries doing here so it gets killed? "[24632.544408] audit: type=1326 audit(1429880585.774:262): auid=1000 uid=0 gid=0 ses=25 pid=4173 comm="java" exe="/apps/rda-watchdog.sideload/0.1/java/bin/java" sig=31 arch=40000028 syscall=370 compat=0 ip=0x76ede622 code=0x0"	13:07
jdstrand	pitti: fyi, the private /dev conversation was because cgroups don't block what the app sees, only what the app accesses. so, ls /dev shows everything even if the app can only access /dev/foo. personally, I think that is fine. we aren't trying to reimplement container solutions-- if people want containers, they can use them	13:38
mvo	D_Cent: try scmp_sys_resolver 370	13:55
mvo	D_Cent: this looks like there is a missing syscall in our seccomp whitelist	13:55
ogra_	well, he is using an ARMv6 binary ...	13:57
ogra_	could be related	13:57
mvo	yeah, we had issue with the arm private syscalls before	13:58
mvo	libseccomp did not implement them all, jdstrand send a patch upstream, maybe there are more private arm syscalls (but really I'm no expert for this)	13:58
jdstrand	I haven't sent one yet	13:59
jdstrand	err	13:59
jdstrand	haven't sent it upstream yet	13:59
jdstrand	there were 5 listed in the kernel sources and confirmed in other seccomp implementations (firefoxos, minijail)	14:00
jdstrand	we shouldn't have any more missing syscalls. our template might be missing one	14:00
jdstrand	the private syscalls have a much higher number. 370 is in the normal range and not a private arm syscall	14:01
mvo	ahah, ok	14:02
mvo	sorry	14:02
jdstrand	on bbb:	14:02
jdstrand	$ scmp_sys_resolver 370	14:02
jdstrand	name_to_handle_at	14:02
jdstrand	name_to_handle_at is explicitly denied due to "a history of vulnerabilities and are not widely used"	14:03
jdstrand	tyhicks: can you look at backscroll for 1 hour and advise?	14:04
jdstrand	tyhicks: it appears java is trying to use name_to_handle_at	14:05
D_Cent	mvo: thanks a bunch! can you also tell me how to enable the syscall by default?	14:07
jdstrand	D_Cent: please read my comments	14:08
jdstrand	this is a problematic syscall and we've disabled it	14:08
D_Cent	jdstrand: ah okay, i'm sorry	14:09
jdstrand	you now, you can add it manually to /var/lib/snappy/seccomp/profiles/<yourapp>	14:10
jdstrand	but it will be lost on upgrade	14:10
D_Cent	jdstrand: that's what i did for now :/	14:10
jdstrand	you might be able to avoid it in your java code	14:11
D_Cent	jdstrand: it's actually not my code - it happens in the usb4java library (which basically is based on a C library)	14:11
jdstrand	this gives some information on the call: http://manpages.ubuntu.com/manpages/utopic/man2/open_by_handle_at.2.html	14:12
jdstrand	D_Cent: perhaps there is a way to disable it at compilation. It was introduced in 2.6.39 kernel (~4 years ago). if this library is meant to be used on older kernels...	14:16
tyhicks	I'm looking at how/why usb4java is using that syscall	14:18
D_Cent	jdstrand: i didn't compile it myself yet, so i guess i should do that now. the library i use now was built on GCC: (Debian 4.6.3-14+rpi1) 4.6.3	14:18
jdstrand	tyhicks: hi! (and thanks)	14:18
tyhicks	jdstrand: hey :)	14:18
jdstrand	D_Cent: you might wait for tyhicks' response	14:19
tyhicks	D_Cent: hi - I've cloned the libusb4java and usb4java git trees and I'm not finding where that syscall is being made in either of them	14:20
tyhicks	D_Cent: can you give me some more info? (is it a specific version of libusb4java?)	14:21
ogra_	tyhicks, he is grabbing the binaries from raspbian ...	14:21
ogra_	which is a hacked up armhf, forced to ARMv6 instead of v7 ...	14:21
D_Cent	tyhicks: i can't find it either by just grepping, so it must be an indirect call i think	14:22
ogra_	(so they rebuild the debian archive with different compile options)	14:22
tyhicks	hrm	14:22
D_Cent	tyhicks: the function is called once i call "UsbHostManager.getUsbServices()"	14:22
tyhicks	this is really odd	14:22
tyhicks	I've never heard of anything needing that syscall other than an nfs server that was implemented in userspace	14:22
D_Cent	tyhicks: i'm also very confused. everything else in my java code is working, just not that usb library call	14:24
jdstrand	tyhicks: fyi, https://codesearch.debian.net/results/name_to_handle_at/	14:29
tyhicks	jdstrand: I'm on page 8 :)	14:29
tyhicks	btw, "UsbHostManager.getUsbServices()" is from javax-usb and I pulled down their git tree and don't see it being called in there	14:30
jdstrand	oh, interesting	14:32
tyhicks	jdstrand: I didn't see any packages actually using name_to_handle_at... only things that need to enumerate the syscall table	14:32
jdstrand	http://sources.debian.net/src/docker.io/1.3.3~dfsg1-2/contrib/mkseccomp.sample/?hl=393#L393	14:32
D_Cent	i wish i could track that system call down a bit more, like with a call stack or something	14:32
jdstrand	docker blocks it by default. of course, they have a way to add it	14:32
* jdstrand notes we have a way to add blocked syscalls to via the "security-override" mechanism, however, this particular one is explicitly denied		14:33
jdstrand	too*	14:33
D_Cent	:(	14:33
tyhicks	I'm wondering if the "hacked up armhf, forced to ARMv6 instead of v7" part is the problem	14:34
tyhicks	maybe the syscall number is different somehow??	14:35
ogra_	that was what i thought ...	14:35
D_Cent	tyhicks: the oracle JVM runs fine on raspbian on the same machine (raspberry pi 2)	14:35
tyhicks	D_Cent: what is the oracle JVM version?	14:35
D_Cent	tyhicks: they only put the major version (8) into the package name	14:36
tyhicks	ok	14:36
tyhicks	D_Cent: I pulled down the tip of the jdk8u tree (http://hg.openjdk.java.net/jdk8u/jdk8u/) and I'm still not seeing open_by_handle_at() being used	14:40
tyhicks	D_Cent: I'm pretty convinced that nothing is using that syscall and there are other low level issues at play around syscall numbering	14:41
D_Cent	tyhicks: is there a way to make sure?	14:42
tyhicks	D_Cent: I can try to find the source of the kernel that you're running	14:43
D_Cent	tyhicks: or i'll try the openjdk package from here: https://launchpad.net/ubuntu/+source/openjdk-8	14:43
tyhicks	D_Cent: you can try that but don't spend too much time on it	14:44
blackout24	Hello, I'm trying to get a better understanding of Ubuntu Snappy. I'd like to know how the system image is put together (I guess this is made from debs) and how the "ubuntu-core" package that list listed by "snappy list" is created. I looked around on launchpad, but I'm a bit lost.	14:44
tyhicks	D_Cent: I don't think it'll help since I think the problem is lower in the stack than openjdk	14:44
jdstrand	tyhicks: fyi, http://paste.ubuntu.com/10879065/	14:44
jdstrand	tyhicks: do you have a moment to go through that with me?	14:45
nessita	mvo, hey, you around?	14:46
jdstrand	tyhicks: well, a few moments	14:46
tyhicks	jdstrand: yeah, we should talk through that diff soon	14:46
tyhicks	D_Cent: what kernel version? `uname -r`	14:46
nessita	jdstrand, o/ do you know, by any chance, if the snaps define "hooks" in their manifest, or the "hooks" is just a click thing?	14:46
ogra_	tyhicks, he is not using openjdk but oracles java for RPi ... ;)	14:46
jdstrand	nessita: hooks are click only	14:47
nessita	jdstrand, great, thanks	14:47
jdstrand	(white lie-- click-apparmor is still a hook, but that will be removed in coming weeks	14:47
jdstrand	)	14:47
tyhicks	ogra_: uhh... happen to have a link to that source?	14:47
D_Cent	thecomedian: 3.19.1-4-generic-bcm2709	14:48
D_Cent	woops	14:48
ogra_	tyhicks, no, i just followed the conversation before you joined ... i guess D_Cent has one though	14:48
D_Cent	thecomedian: 3.19.1-4-generic-bcm2709	14:48
D_Cent	tyhicks: 3.19.1-4-generic-bcm2709 - now i got that right	14:48
ogra_	(and i doubt there is source .... being oracle )	14:48
thecomedian	lol	14:48
D_Cent	thecomedian: sorry, auto completion by irssi ;)	14:49
thecomedian	np :)	14:49
ogra_	tyhicks, next time you need to know D_Cent's kernel version, ask thecomedian ... he has it spare ... twice :)	14:49
tyhicks	:)	14:49
thecomedian	:-P	14:50
D_Cent	hehe	14:50
D_Cent	tyhicks: okay, the openjdk doesn't make it better	14:50
D_Cent	bbl	16:00
vmayoral\|pc	greetings	16:01
vmayoral\|pc	asac: We keep finding the issues with the boot partition getting corrupted in Snappy. Has someone addressed this in newer versions of snappy for the BBB?	16:03
jodh	davidcalle: hi - I've just noticed that https://developer.ubuntu.com/en/snappy/guides/filesystem-layout/ is outdated. The latest details are in http://bazaar.launchpad.net/~snappy-dev/snappy/snappy/view/head:/docs/system-updates.rst	16:08
jodh	davidcalle: do we plan to put that doc up as a separate one at some point?	16:09
jodh	davidcalle: bug raised - https://bugs.launchpad.net/snappy-ubuntu/+bug/1448203	16:13
jdstrand	sergiusens: hey, can you add this to your webdm profile: '@{PROC}/sys/net/core/somaxconn r,'	16:47
jdstrand	sergiusens: see snappy-dev@	16:47
jdstrand	sergiusens: there is another denial that we should address as well	16:48
jdstrand	slangasek: fyi:	16:53
jdstrand	$ sudo snappy update	16:53
jdstrand	Installing ubuntu-core (36)	16:53
jdstrand	Starting download of ubuntu-core	16:53
jdstrand	136.29 KB / 136.29 KB [=================================================================================] 100.00 % 3.35 KB/s	16:53
jdstrand	Done	16:53
jdstrand	Failed to run command '/bin/mount -obind /boot/uboot /writable/cache/system/boot/uboot': mount: mount point /writable/cache/system/boot/uboot does not exist	16:53
jdstrand	(exit status 32)	16:53
jdstrand	I think that might be what is reported in the bug on upgrade problems	16:54
jdstrand	(that is a bbb)	16:54
slangasek	jdstrand: yes, it's certainly the same bug. what was your upgrade path on this system?	17:00
slangasek	after one update on the stable channel, I've got /boot/efi and /writable/cache/system/boot/efi which I don't think were there before. I also have /boot/uboot still correctly in place	17:01
jdstrand	slangasek: r33 trying to go to r36	17:01
slangasek	jdstrand: and r33 was the initially installed version?	17:02
jdstrand	slangasek: note, I've tried several times to upgrade	17:02
slangasek	ok	17:02
jdstrand	slangasek: actually, I think I started on r30, got to r33, then tried r36	17:03
jdstrand	slangasek: not sure if you say my other comments in that bug-- previous attempts had umount errors and autopilot errors in syslog	17:03
jdstrand	s/say/saw/	17:04
slangasek	ok	17:05
yngves	What is the intended behaviour if an app specifies a framework that is not installed? Resolve the dependency by installing the missing framework? Fail, and inform the user what is missing?	18:01
tyhicks	D_Cent: Hi - I got pulled into something else for a while but I just got a chance to look at the kernel sources that you're running	18:34
tyhicks	D_Cent: it looks like name_to_handle_at is syscall 370 there, too	18:35
tyhicks	D_Cent: however, I still think something odd is going on and don't feel comfortable white listing that syscall until we see the same behavior on one of the officially supported platforms	18:35
tyhicks	D_Cent: could you please file a bug against ubuntu-core-security so that we can track the issue?	18:36
HoloIRCUser2	Hi, can anyone hell me? I tried snappy 15.04 stable and edge (in kvm). And i want to try the webdm, but there is no service which listen in a TCP port except ssh.	18:39
asac	vmayoral\|pc: not sure which version you are using	18:39
asac	vmayoral\|pc: but we surely invested into making this pretty reliable	18:39
asac	HoloIRCUser2: we are working on making webdm work on 15.04 right now... in a couple days an update will be in sotre that will bring the webserver back	18:40
HoloIRCUser2	Help not hell ^^	18:40
asac	HoloIRCUser2: its fine... i didnt even read "hell" until you mentioned it	18:40
asac	HoloIRCUser2: https://developer.ubuntu.com/en/snappy/guides/webdm/ read the box on the right	18:41
asac	:)	18:42
HoloIRCUser2	ADAC: thank you very mich!	18:42
davmor2	HoloIRCUser2: in kvm you need to set the port, you'll see other examples of it.	18:42
asac	welcome!	18:42
HoloIRCUser2	Lool, German Android keyboard	18:42
asac	davmor2: that too, but webdm we preinstall doesnt start the server because its not compatible with latest snappy tooling yet... had to make that decision to get base system rock solid for release	18:42
asac	buut couple days it will all look great and even better than before	18:43
davmor2	asac: yeah I got hit installing it and couldn't figure out why I couldn't access it	18:43
asac	HoloIRCUser2: android keyboard? wow... guess you try snappy on your laptop right now? :)	18:43
* asac uses his laptop for ubuntu core amd64 now		18:44
asac	davmor2: i am sure sergio is hacking on the plane right now to get us stuff back	18:44
asac	:)	18:44
asac	vmayoral\|pc: would you mind trying with the released image?	18:44
asac	or rather 15.04/edge	18:44
asac	if you want bleeding edge from stable	18:44
asac	vmayoral\|pc: so many things did land in last couple weeks that you surely want to update	18:45
HoloIRCUser2	davmor2: i connected to the console and searched with netstat for listening ports. I know what you mean. I am using bridge and not a internal network for the guests	18:45
asac	jdstrand: what was your upgrade series to get into that state?	18:45
asac	slangasek: you think you can try the upgrade path 30 -> 33 -> 36? i think its about the same kickinz1 had	18:46
asac	jodh: can you provide an update to just filesystem doc? and at best integrate that as a separet md	18:47
asac	we want one that is just about that	18:47
asac	the system upgrade is good, but should refer to the spec that is just about that at best	18:47
asac	thx	18:47
asac	btw, interesting discussion going on here: http://www.phoronix.com/forums/showthread.php?117235-Ubuntu-s-Desktop-Next-Switching-From-DEBs-To-Snappy	18:48
jdstrand	asac: sorry was in a meeting	18:48
asac	some folks seems to get it	18:48
asac	jdstrand: i just asked 2 minutes ago :)	18:48
jdstrand	asac: flash r30, upgrading to r33, tried to get to r36	18:48
jdstrand	I noticed autopilot errors after r33	18:49
jdstrand	r30 to r33 was ok	18:49
jdstrand	if there were errors, I didn't see them	18:49
jdstrand	(there weren't on the console for sure)	18:49
asac	right we must not send an update to the stable channel until we have figured	18:49
asac	slangasek: did you pull 3?	18:49
asac	just triple checking :)	18:50
jdstrand	I would agree with that	18:50
jdstrand	(being cautious)	18:50
HoloIRCUser2	asac: which box do you mean, I can't find such box ^^	18:56
D_Cent	tyhicks: hey, thank you very much for your help! of course, i'll do that as soon as possible!	19:02
tyhicks	D_Cent: thanks!	19:02
=== kickinz1 is now known as kickinz1\|afk
blackout24	Hi, is there any place where I can learn how the ubuntu-core system image is put togehter? I have been looking for a launchpad repo that has all the tools that are used, but could not find anything.	19:16
asac	blackout24: so we use our official infra to do that which is not very nicely documented	19:47
asac	nor available	19:47
asac	blackout24: we use livecd-rootfs	19:48
asac	afaik	19:48
asac	sorry, didnt see any pings if there were any :)	20:36
asac	slangasek: so i am in a armhf click chroot ... and i have libssl-dev:armhf installed and i have an autoconf/make project that doesnt find it without me giving very strong hints...	20:55
asac	slangasek: isnt there some magic supposed to be that does all that for me? like setting CONFIG_SITE=/etc.. ?	20:55
asac	this doesnt do anything for me ;/	20:55
asac	i even ran autoreconf to ensure i ahve all the latest stuff	20:56
asac	but nothing	20:56
asac	ok guess i really have to set libdir manually	20:58
asac	slangasek: figured it. ignore	21:21

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!