elopiosergiusens: can you add snappy-m-o to snapcraft and give him pull and push requests?00:05
sergiusenselopio, sure00:14
sergiusenselopio, what does that guy do?00:14
elopiosergiusens: trigger the examples tests in jenkins and report back the results.00:14
sergiusenselopio, should be there now; same team as us so should be able to do the right stuff00:15
sergiusenselopio, nice00:15
elopiosergiusens: https://github.com/ubuntu-core/snappy-jenkins/pull/4000:16
sergiusenselopio, your bug link should live in the commit https://github.com/ubuntu-core/snapcraft/pull/226/commits00:20
sergiusensnot the merge commit00:20
sergiusenselopio, look at the blue here https://github.com/sergiusens/snapcraft/commit/143579fb4b68c2d79846c9b6de0a837a8f40bb5400:20
sergiusenselopio, when compared to here https://github.com/elopio/snapcraft/commit/accb773a7fb46bbaf0d83cd798ee289a592f187200:21
elopiosergiusens: yes, I got it from your last comment. I'm sorry.00:21
elopioI can add it when I hit the Merge button.00:21
sergiusenselopio, no worries; the merge commit is not the same though00:21
elopiosergiusens: I almost got this right: https://github.com/ubuntu-core/snapcraft/commit/5fe67a88ca6c7d35c210758869e0882aae6196c500:23
sergiusenselopio, pergect00:27
sergiusenswell, if written correctly :-P00:27
elopionext time :)00:28
sergiusenselopio, I'll check all your PRs later, need to spend some family quality time now00:31
elopiosergiusens: don't worry. This will be blocked until tomorrow.00:31
Armentahow to make work webdm behind a internet proxy? I do not know how to setup a proxy in ubuntu-core00:38
=== blr_ is now known as blr
sergiusenselopio, what does 'okay' mean? :-)01:13
ArmentaHello people. I have a dimmie question, how to make work webdm behind a internet proxy? I know I need to configure the proxy, I try using  export http_proxy=ht***** in sudo and normal session but only affects the session, don't affect the wide system and the webdm complains: "Error: Get https://search.apps.ubuntu.com/api/v1/search?**** read: connection refused"01:24
sergiusensArmenta, I don't think proxies are supported01:31
sergiusensnot hard to add, maybe log a bug01:32
ArmentaThank you sergiusens, I will try to log a bug01:33
liuxgsergiusens, ping01:40
=== chihchun_afk is now known as chihchun
=== chihchun is now known as chihchun_afk
dholbachgood morning07:41
wxlevening dholbach. just got through with a heated game of moon-buggy07:41
dholbachwxl: that was more of a test of snapcraft's features :-)07:42
wxldholbach: i know. still fun. but you should have done nethack XD07:43
dholbachsee if you can do it :)07:43
dholbachfor moon-buggy the "packaging" was just:07:43
wxlthankfully ogra_ took care of that07:43
dholbachah, great07:43
wxllike really whoa!07:44
wxlhm i'll have to snap something up now XD07:44
wxlyep. working on getting my way over there. had a heck of a time getting the download to get the right image.07:45
wxli need to play with ubuntu-device-flash and create my own07:46
wxlit seems there's no ubuntu-core for i386, eh?07:46
dholbachsomebody asked the question before, but I can't remember the answer07:47
dholbachmvo: ^ do you know?07:47
mvowxl: no official release but you can build one using ubuntu-device-flash07:48
mvodholbach: good morning!07:48
dholbachmvo: hola muchacho07:48
wxlmvo: ubuntu-device-flash query --device generic_i386 --channel ubuntu-core/15.04/stable --list-images → nil07:54
mvowxl: yeah, no stable image, sorry for that, please try "edge" that should be ok, very little churn on the 15.04 channel.07:54
wxlohhh great thanks mvo07:55
wxlcreating image yay :)07:57
zygagood morning! :)08:01
* zyga needs to finish a few tests and push the changes for review08:07
JamesTaitGood morning all; happy Wednesday, and happy Skeptics Day! 😃10:00
seb128mvo__, hey, did you notice that ubuntu-snappy was blocked in xenial-proposed because it fails to build on powerpc/s390x? the new snapshot you just upload still has the issue it seems...10:37
mvo__seb128: I have a look, but I think it would be good if it could be allowed through even though it fails on these two arches. but let me check what it takes to fix it10:43
xnoxmvo__, to be allowed through, you should request binaries to be removed for those arches from xenial-release.10:50
seb128mvo__, what xnox said11:01
sergiusenselopio, kyrofa I need to take the car to the shop for maintenance today; I might barely make it to the standup11:10
renatHi all! Its Renat from Screenly.11:11
zygaone more test and caps simplification will work :)11:18
renatI'm trying to setup a service using a snapcraft tool. Here is the snapcraft yaml.: http://pastebin.com/SnzKHX2n11:51
renatBut for the some reason - systemd is killing my service11:51
renatHere is its output. http://pastebin.com/UDG5ZS5C11:52
renatI can't see any reason, why application is killed, in journalctl output.11:53
renatAlso - no security warnings I get.11:53
renatWhen I export all environment variables from the service file, and then execute ExecStart command - everything goes ok.11:54
renatNothing interesting in dmesg too=(11:56
renatAnd here is the wrapper  script itself. http://pastebin.com/08hSijtW12:01
renatOne more question. Is it possible to run a snap chrooted?12:04
kyrofasergiusens, no problem :)12:18
LefterisJPhey guys click-review tools giving a lint error for a framework with (MANUAL REVIEW) specified basically means that in order to get that approved to be in the store I would need a manual review. I can still siedload and test of course?12:21
enoch85kyrofa, online :)12:21
kyrofaenoch85, hey there!12:24
enoch85kyrofa, how is your day today? I have around 3 hours I can work on the snappy right now12:27
kyrofaenoch85, works for me! Let's take it private12:27
tzununbekovbeuno, hey. We are trying to upload our snap to app store but getting reject "(NEEDS REVIEW) 'security-policy' not allowed security_yaml_policy_present"13:13
tzununbekovbeuno, could you please explain how can we pass review?13:14
LefterisJPI am working on a framework called ethereum. Sideloading it at the moment, and have a single service in it. Using an unconfined apparmor profile and a modified seccomp profile. The service's binary tries to use /root/ as it's home directory. It does so by reading the $HOME variable from what I know. Should it not be set to something like /apps/ethereum/VERSION/ ?13:14
beunojdstrand, ^^13:15
tzununbekovaccording to the https://developer.ubuntu.com/en/snappy/guides/security-policy/ , custom "security-policy" will be manually reviewed, but not rejected :)13:17
beunotzununbekov, jdstrand can tell you more, but in general we don't allow apps to escape confinement13:23
beunoa manual review just means you ask a human to make the decision13:23
beunomost of the time, the decision is to not allow it  :)13:24
beunobut we might have solved whatever you're trying to do differently13:24
tzununbekovbeuno, our app is working on the top of lxc and we took security profiles from lxd package which is available in store13:26
LefterisJPanyone got any ideas about my question posted above?13:30
tzununbekovbeuno, anyway, our app needs a custom security policy. With whom we can discuss it?13:30
beunotzununbekov, jdstrand, who should be on in a short while13:33
=== mvo__ is now known as mvo
tzununbekovbeuno, thanks13:33
dshihovtsevHi all, is there any way to read history of this channel somewhere online?13:41
seb128dshihovtsev, http://irclogs.ubuntu.com/2016/01/13/%23snappy.html13:43
dshihovtsevseb128, thanks13:43
* zyga pushed https://github.com/ubuntu-core/snappy/pull/320 for review13:47
zygacapabilities as interfaces and types!13:47
=== rickspencer3_ is now known as rickspencer3
tzununbekovjdstrand, hey. What is a requirements for custom security policy to make it acceptable for uploading to store?14:01
=== chihchun_afk is now known as chihchun
sergiusenskyrofa, but I made it back :-)14:31
sergiusensand waiting in the hangout :)14:31
sergiusenselopio, hangout?14:31
=== chihchun is now known as chihchun_afk
rickspencer3sergiusens, so, here is my snapcraft.yaml: http://bazaar.launchpad.net/~rick-rickspencer3/+junk/rest-cam/view/head:/snapcraft.yaml14:50
rickspencer3the snap builds and runs no problem14:50
rickspencer3but when I uploaded it to the store, I got this error:14:51
rickspencer3Missing required field 'description' snappy-systemd_package_yaml_required_key (rest-cam, description)14:51
rickspencer3required description field not specified snappy-systemd_package_yaml_description_present (rest-cam)14:51
elopiosergiusens: https://github.com/elopio/snapcraft/commit/eab93d52b4cd5fdca8191b8e25a17285683615f9 yay!14:51
rickspencer3any idea what I did wrong?14:51
kyrofarickspencer3, your service needs a description14:54
kyrofasergiusens, should snapcraft catch that? ^^14:54
sergiusenskyrofa, 2.0 it is generated automatically14:55
kyrofasergiusens, ah14:55
sergiusenskyrofa, in 1.x it might be a required field14:55
sergiusenskyrofa, more so, in 2.0 it is not a required field in the internal format; for backwards compat it is generated automatically for package.yaml14:55
sergiusenselopio, well done ;-)14:56
kyrofarickspencer3, are you still running out of master?14:56
rickspencer3kyrofa, I was never running out of master so far as I know14:56
rickspencer3I am on Xenial14:56
sergiusenskyrofa, I don't think he updated or else he would be complaining about 'apps' changing ;-)14:56
rickspencer3and I did sudo apt-get snapcraft in classic dimension14:56
kyrofasergiusens, erhm, yes I suppose so14:57
kyrofasergiusens, so it must not be required in 1.0 then14:57
sergiusenskyrofa, oh, it certainly isn't; the review tools do capture it though so it is all not that bad14:57
kyrofaOkay very good. Yeah rickspencer3 just add the description, you should be good to go14:57
rickspencer3thanks kyrofa, I'll get to is asap14:58
rickspencer3for our phone SDK, the IDE automatically runs the review tools locally after building a click14:58
rickspencer3so you can iterate on your packaging very easily14:58
rickspencer3without roundtripping through the store14:59
rickspencer3that would be a nice feature of snapcraft, to run those tools14:59
sergiusensrickspencer3, in 1.x it is run if installed14:59
kyrofasergiusens, oh cool, I didn't know that either14:59
rickspencer3thanks sergiusens and kyrofa14:59
rickspencer3I really appreciate your help14:59
kyrofarickspencer3, any time!14:59
* rickspencer3 hugs snappy community14:59
rickspencer3I am loving snappy these days, it is a joy to develop for15:00
kyrofarickspencer3, then we're meeting our goal!15:00
kyrofasergiusens, ignoring bug #1531481, I'm trying to understand how one builds part A from source, and then builds part B from source where part B depends upon part A15:02
ubottubug 1531481 in Snapcraft trunk "snapcraft should setup search paths/flags for parts built after parts" [High,In progress] https://launchpad.net/bugs/153148115:02
kyrofasergiusens, using the `after` key, does that mean part A is staged before B is ever built?15:02
kyrofaAh, yes, okay docs for the win15:04
elopiokyrofa: sergiusens: tomcat built on xenial fails to install on rolling: tomcat-webapp-demo_1.0_amd64.snap failed to install: could not find specified cap: networking (&{apparmor /usr/share/apparmor/easyprof})15:04
kyrofasergiusens, which makes you fix make sense, then. And using the `after` key is the official way to do exactly that (my A-B example, I mean)15:04
kyrofasergiusens, assuming so, let's say I get to the point where A is built and staged, and now B is building. However, the process of building B not only requires access to headers and libs, but the ability to actually run a binary from A. However, said binary was built with a prefix and a destdir that are both invalid in the stage dir. How do I patch that binary to be runnable?15:07
kyrofasergiusens, the only way I can think of right now is to patch the binary upon install (where it goes to 'parts/foo/install') to actually point to 'stage' so it's runnable when staged. That feels yucky, fragile, and very snapcraft-centric to me, which I think is not ideal15:10
sergiusenskyrofa, the latter is the only way I think so without patching upstream to make the script location independent15:12
sergiusenskyrofa, which is the other thing that can be done, make the script itself location independent15:13
kyrofasergiusens, true... but yeah I don't see that happening for apache. The way apache modules are built is by calling the apxs binary which sets up all the include paths and stuff, which means it must be pointing to somewhere15:15
sergiusenskyrofa, hmm, we might then need and apache plugin :-/15:16
kyrofasergiusens, hmm... yeah maybe. I'll keep that in mind as I continue. For now I'll just continue doing it all in one part15:17
kyrofasergiusens, once I have something working I'll step back and see how complex it turned out to be :P15:17
sergiusenselopio, right, caps changed in xenial I think 'networking' is no longer required or not longer exists or changed name; tyhicks or jdstrand care to refresh my feeble mind?15:19
sergiusensmvo, does that recently released image have the env var changes too?15:23
jdstrandsergiusens, elopio: networking is now network-client15:27
mvosergiusens: yes, sorry, forgot to mention that in the annoucement15:27
mvosergiusens: the existing vars SNAP_* are still there for compatiblity though15:28
elopiojdstrand: let me try thtat.15:28
sergiusensmvo, yeah, but I'll get a PR now to be completely up to date15:28
sergiusensjdstrand, thank you15:28
sergiusensmvo, thanks :-)15:28
mvosergiusens: yw!15:35
tzununbekovjdstrand, hey, beuno said that you can help with security policies for package16:15
tzununbekovwhat is a requirements for custom security policy to make it acceptable for uploading to store?16:16
jdstrandtzununbekov: if you own your own store, you can upload/accept custom policy for your store. otherwise, the framework author (iirc, you had a question about frameworks) would need to engage with Canonical16:20
jdstrandtzununbekov: so, if this is for the public store, it might make sense to bring up your framework on the snappy-devel mailing list (regardless of security policy), especially since the notion of frameworks is changing in 16.0416:21
tzununbekovjdstrand, and what if it's not a framework?16:36
jdstrandtzununbekov: Canonical policies are such that we don't allow apps into the public store with custom security policy unless the app author has a relationship with Canonical. if the author has a private store, then the author can have whatever policy they want16:39
jdstrandtzununbekov: what are the accesses you need?16:39
jdstrandperhaps you don't actually need custom policy or there is a bug fix we can add16:40
fgimenezelopio, PR is on its way16:43
elopiofgimenez: cool :)16:44
tzununbekovjdstrand, we are running lxc containers and using cgroup manager to change the parent process id. Security profile that was applied for parent process blocks the commands inside the containers16:53
tzununbekovdoes it fit into the application functionality or it's more like framework?16:56
jdstrandtzununbekov: fyi, there is already the lxd framework that is in the store16:59
jdstrandtzununbekov: but to bundle it yourselves it could be either an app or a framework, but on 15.04 there is no policy that you can specify to allow this (obviously, running containers requires privileged access to the system (though not user containers and we are making those work, but I digress))17:00
beowulfhayalp, i can't seem to build an image with u-d-f on vivid: http://pastebin.ubuntu.com/14488444/17:03
tzununbekovjdstrand, btw, LXD is unrestricted, it has full access to the root17:06
jdstrandyes, but the author is a Canonical employee17:06
tzununbekovIt would be nice to have a similar security privileges :)17:10
tzununbekov actually, our app is pretty complex package and we have a several security related points to discuss with Canonical. How it's better to do?17:10
jdstrandtzununbekov: probably bring it up with manik or mectors or asac17:12
jdstrandtzununbekov: asac is here now, he may privmsg you, otherwise you can look for the others17:12
sergiusenskyrofa, https://github.com/ubuntu-core/snapcraft/pull/22917:13
* zyga works on a capability type interface 17:13
tzununbekovjdstrand, thanks a lot for advise)17:13
jdstrandtzununbekov: np17:14
* zyga -> some scotch and back to hacking17:31
sergiusenselopio, do you know what's going on with travis?17:56
sergiusenselopio, oh, this https://www.traviscistatus.com/17:57
bellyfeelis there a way to get more verbose output from snapcraft pull?18:31
kyrofabellyfeel, still running into i386 issues on amd64?18:31
bellyfeelyes sir18:31
kyrofaYou may have missed me yesterday-- Snapcraft isn't setup that way. It uses the sources for the host arch. Try running on a i386 VM18:32
sergiusenskyrofa, did you see my PR btw? seems to be network errors everywhere :-P18:33
bellyfeelinteresting, thanks18:33
kyrofasergiusens, haha, yeah I keep disconnecting too18:33
kyrofabellyfeel, compiling for i386 on amd64 is cross compiling, just like compiling for armhf from amd64. Snapcraft doesn't support that yet18:34
bellyfeelahh, okay.18:35
bellyfeelYea I'm still learning snappy and understanding my workflow.18:36
sergiusenskyrofa, you know why the test is fragile though? They depend on get_arch_triplet :-P18:55
sergiusensI'll fix that18:55
kyrofasergiusens, yeah mine do too... :P18:55
sergiusenskyrofa, yeah, I'm fixing it in setUp ;-)18:55
kyrofasergiusens, yay!18:55
* zyga pushed pull request 32219:03
zygathis makes capability types extensible19:04
zygaplease have a look if you are interested in capabilities19:04
jerryGChipaca: hi19:25
wxlhow do i debug ubuntu-device-flash complaing about issues when partitioning?19:26
anpoksergiusens: hi.. still around?19:30
sergiusensanpok, yes19:30
anpokdo you have a branch for #1531481 i could continue to play with.. and then also fix nfs-utils19:30
sergiusensanpok, yes https://github.com/ubuntu-core/snapcraft/pull/22919:44
elopioI'm sorry, I had a blackout19:48
kyrofaelopio, it really does sound like you're in a jungle :P19:50
kyrofaHoly crap fingers. cp != rm -rf19:52
sergiusenselopio, did this work for you https://github.com/ubuntu-core/snapcraft/pull/228/files ?19:55
sergiusenselopio, no worries, travis died while you were gone19:55
sergiusenskyrofa, indeed, be careful19:56
kyrofasergiusens, long day :P19:56
sergiusenskyrofa, the ubuntu unpacking needs more work; it isn't making it to the snap dir :-/19:58
kyrofasergiusens, hmm...19:58
sergiusenskyrofa, because all matches originate from installdir ;-)19:58
kyrofasergiusens, ah, right yeah. All the catkin env stuff uses the installdir, too19:59
kyrofasergiusens, is that going to matter?19:59
sergiusenskyrofa, yes, I have another trick under my sleeve20:00
sergiusenskyrofa, too bad python apt doesn't give me a list of downloaded packages20:01
sergiusenswould of been easier20:01
rickspencer3does anyone know if there is a sensible way for a snap to get its own version number?20:02
sergiusensrickspencer3, load the yaml from its meta dir20:02
sergiusensthat's what we do in webdm fwiw20:03
rickspencer3just parse the yaml?20:03
* rickspencer3 shrugs20:03
rickspencer3sounds straightforward enough20:03
ChipacajerryG: 'sup20:12
jerryGChipaca: Do you know what darren landol's username is on irc?... is he ever online?20:31
ChipacajerryG: no, i don't20:31
ChipacajerryG: i also don't know who darren landol is20:32
sergiusenskyrofa, check the branch again20:35
zygaI've pushed some more bits to https://github.com/ubuntu-core/snappy/pull/32220:37
sergiusenskyrofa, hmm, there are some corner cases to this...20:38
sergiusensdarn stage-packages...20:39
tedgsergiusens: Looking at snapcraft, and when making the squashfs it mentions my uid. Is my UID encoded into the snap?21:12
elopiosergiusens: yes, it worked for me.21:29
=== rickspencer3_ is now known as rickspencer3
amriunixinstall RPI2 GPIO API on snappy ?22:05
rickspencer3hey all22:33
rickspencer3fyi, I got my rest-cam snap into the store today22:33
rickspencer3It should be reasonably easy to use22:34
kyrofaenoch85, ping22:41
enoch85kyrofa, here22:42
jerryGChipaca: k thx22:50
sergiusenstedg, now, the snapid is generated by the store, but beuno and friends are still working on that23:08
tedgsergiusens, thinking about the uid/guid stuff in the squash fs output https://www.irccloud.com/pastebin/YHD0RJqm/23:12
tedgSeems odd that's getting encoded into my snap23:13
sergiusenstedg, oh, now I see what you mean23:14
sergiusensI guess it needs some fakerooting magic ;-)23:14
tedgYeah, perhaps, or some crazy command line argument. As kernel tools do.23:15
=== JanC_ is now known as JanC
liuxgChipaca, ping23:37
liuxgsergiusens, ping23:38
fazersergiusens, Can I have some help squashing my commits? I used git rebase -i master but I wasn't allowed to squash all the commits, so I rebased a couple, but I over rebased and now I have a big mess of commits. This is the pr: https://github.com/ubuntu-core/snapcraft/pull/21723:48
wxlanyone know how to debug a partitioning issue with ubuntu-device-flash?23:54
tsimonq2wxl: RTFM? :P23:55
fazerelopio, kyrofa ^^23:55
wxltsimonq2: you show me in the manual where that's covered23:55
tsimonq2wxl: heheheh, partitioning specifications? :P23:56
wxltsimonq2: ubuntu-device-flash --verbose core --device generic_i386 --channel ubuntu-core/15.04/edge --output mysnappy.img23:58
* tsimonq2 remains silent and waits for the experts XD23:59

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!