[00:02] does snapcraft create snappy apps for armhf architecture? [05:35] ERROR: 'my-scope' is not a directory [05:35] I'm getting ^that^ error when running 'snap build .' [05:35] Any idea what that means? I have many things called 'my-scope' so it's hard to know where to look [05:36] Excuse me, 'click build .' is the command that gave me that error [05:46] Think I solved it. Asked here: http://askubuntu.com/questions/726536/error-building-click-package-with-click-build-is-not-a-directory === chihchun_afk is now known as chihchun [06:38] Solved it and posted the answer here: http://askubuntu.com/a/726543/125596 [08:04] good morning [10:00] Good morning all! Happy Thursday, and happy Data Privacy Day! 😃 [10:02] with snapcraft can I create snappy apps for armhf devices/ [10:02] ? [10:22] JamesTait: good morning! how it the snap.yaml stuff going .) ? [10:36] mvo, good morning! Almost there, I think, although it looks like the solution won't be quite as clean as I'd like (just due to the way the current code is structured). [10:37] I'm just writing up a quick follow-up to my earlier mail and will add a couple of details to the Trello card for completeness and transparency. [10:39] I'll propose a first cut to unblock you guys, and then see about cleaning it up. [10:42] hi all, I need some help to create a snappy app for raspberry pi 2 [10:42] JamesTait: \o/ [10:43] i have a simple app written in python and when i use snapcraft it creates this output: test_0.1_amd64.snap [10:44] how instead of an amd64 I can produce a armhf [10:44] ? [10:46] mvo, actually, I just realised - when you said "we need to support snappy 1.0 until 15.04 EOL", did you mean 15.10? Because 15.04 EOL is next week. [10:46] JamesTait: snappy has a bit more EOL [10:47] JamesTait: until snappy 16.04 is there [10:47] Ah, OK. That makes more sense. ☺ [10:47] * JamesTait tries to keep up. [10:50] vir17: if its pure python you can set the the yaml to: architectures: [all] [10:51] thank you mvo i will try it [10:59] Hi guys, sorry had to run yesterday. Installed the all-snaps image in the meantime, but cant find any starce in there too. Any hints? [11:09] Sweet5hark: the best I can offer right now is to scp it in, we want htis to be part of the snappy-debug snap but its not quite there yet === chihchun is now known as chihchun_afk [11:11] mvo: k [11:11] mvo: thx === chihchun_afk is now known as chihchun [11:21] how can I use "snappy try"? I'm on 16.04 so there's nothing in the snappy-dev/tools ppa [11:22] and "snappy try" just responds "did you mean activate?" [11:32] diwic: snappy try is not implemented yet, as a workaround you can just install it [11:34] mvo, sorry if this is a newbie question, but how do I install a snap that's not in the store yet? [11:35] (I just made the snap myself, and it's not ready for the store yet) [11:42] and another newbie/stupid question from me, how do I run an application that I have install [11:43] diwic: if you build it with snapcraft you should have a snap file, just scp it to the snappy system (or use snappy-remote) and then you can install it via "sudo snappy install ./path/to/snap.snap" [11:44] vir17: it will generate a command with "snapname.binaryname", check /snaps/bin to see if its there. note that the metadata in meta/package.yaml must be there, i.e. you need to declare what binaries the snap has (or services) [11:44] * mvo is away for some minutes [11:50] mvo, snappy-remote seems not available for xenial, so I'm going to try the scp approach. thanks [12:17] mvo: lool: ok, so do we need a chat to decide what we do on kernel snap now? [12:18] asac, ah, that reminds me ... regarding the snapcraft.yaml you showed me yesterday ... how do you make sure the minimal requirements if the kernel config are fulfilled (apparmor, various cgroups and namespace settings etc) [12:19] do you have some config checker script ? [12:22] ogra_: no, but we have default configs later thaht you have to explicitely disable...for now its raw DIY :) ... [12:23] well, then you need at least a fat README that lists the required options ;) [12:23] think we would need default config options that are hard to disable + some patch checker or something to ensure all the right apparmor patches are in [12:23] yeah for sure [12:23] the kernel pacfkage has all this already [12:23] think thats polishing [12:23] i wonder if you could just steal it from there [12:23] well [12:23] creating a unusable kernel isnt fun [12:24] if you have pointers for the patch checking that would be cool [12:24] (missing apparmor patches and such cause snaps to become non-executable) [12:27] do you have the list handy? otherwise i am sure i will hit this convenience problem when we get to point where we want to boot it :) [12:27] asac, well, i only know the config file used for the config enforcer, probably ppisati can point to the right person to talk about the code [12:27] where is the config enforcer? is that a snappy specific one? [12:27] it usually lives in linux-source-$ver/debian.$subarch/config/annotations [12:28] (in the source package ... not sure where in git) [12:28] the linux-lts-vivid-3.19.0$ find debian/ | grep annotat [12:28] doesnt have that [12:28] will check a xenial one i guess [12:29] might be arm specific, not sure [12:29] its a loooong time i have built an x86 kernel :P [12:31] asac, i think in x86 kernels it is in debian.master/config/annotations [12:32] when I run in a raspberry pi with ubuntu snappy "sudo snappy install" I have this error: Signature verification failed: No signatures, or no origin signature. (exit code 10) [12:32] Good morning [12:33] anyone has a clue why this is happening? [12:37] vir17, are you properly on the network ? [12:38] vir17, are you sideloading an app, or installing from the store? [12:39] sideloading [12:39] and i try both ssh and using a keyboard in the raspberry pi itself [12:39] and I have the same error [12:40] i can only install it with snappy remote [12:40] but then there is nothing in the bin file [12:40] to run the app [12:40] vir17, are you using --allow-unauthenticated? [12:40] no [12:41] kyrofa: so it is: sudo snappy install [snappy app] --allow-unauthenticated ? [12:42] * ogra_ always puts it after "install" [12:43] vir17, indeed [12:43] no idea if adding at the end works too :) [12:43] ogra_, heh, it does [12:43] clever go parser ;) [12:43] hi, is rpath encouraged/discouraged in snap executables? [12:43] diwic, indeed [12:43] which one of them? [12:43] diwic, since depending on the type it takes precedence over LD_LIBRARY_PATH [12:44] diwic, dt [12:44] I currently have a binary in /snap/pulseaudio.sideload/weirdcombinationofcharacters/bin and some libraries in /snap/pulseaudio.sideload/weirdcombinationofcharacters/lib [12:45] how is the binary supposed to find its needed libraries? [12:45] vir17, so here's the issue you ran into. Snappy checks the signature of all packages it installs to ensure it comes from a valid source. When you upload a package to the store it gets signed by the store, so Snappy verifies that signature. If however you're sideloading it, then it hasn't been signed at all. Make sense? [12:45] diwic, when your snap is actually generated, the binary gets a wrapper generated for it [12:46] diwic, within that wrapper, many lib directories are added to LD_LIBRARY_PATH. If you're using a non-standard one you may need to write a wrapper script for your binary [12:46] kyrofa: yes it makes sense thank you [12:47] diwic, trace through the process starting at the /apps/bin/. script that was generated. You'll see what I'm talking about === chihchun is now known as chihchun_afk [12:47] diwic, er... /snaps/bin on your version, sorry [12:49] kyrofa: another question, i cannot find it in apps/bin [12:49] kyrofa, /snaps/bin is empty [12:49] i suppose something is wrong with my yaml file isnt it [12:49] diwic, did you declare your binary in the YAML? [12:50] Ha, vir17 to you as well [12:50] kyrofa, thanks, probably not, will check that next [12:52] sergiusens, got some network issues there? [12:56] kyrofa, no, I just connected to a VPN for a sec [12:56] sergiusens, oh [12:56] kyrofa, another draw back when using irc :-P [12:56] kyrofa: no i am not 100% sure how I do this, i will try and come back [12:57] kyrofa, can you review #270? [12:57] vir17, check out some of the examples in snapcraft: https://github.com/ubuntu-core/snapcraft/tree/1.x/examples [12:57] thank you :) [12:58] sergiusens, yeah, just catching up on emails real quick [12:58] vir17, any time! [12:59] diwic, by the way, regarding the rpath, I meant DT_RPATH [13:00] diwic, DT_RUNPATH would probably be fine [13:00] ok [13:01] diwic, and you can use DT_RPATH, just remember that it will override anything snappy tries to do for you, so you'd better get it right :P (this comes from experience) [13:01] I found an RPATH entry inside the executable, will try to remove it [13:01] diwic, what build system? [13:02] autotools [13:03] diwic, I _think_ --disable-rpath is standard there [13:04] kyrofa, if I'm supposed to set a correct rpath, I need to know the correct path, right? I e, how would I figure out the final installation directory ( /snaps/pulseaudio.sideload/weirdcombinationofcharacters ) ? [13:04] diwic, exactly [13:05] diwic, you'd have to use $ORIGIN I suppose [13:05] diwic, i.e. relative paths [13:10] diwic, but try using --disable-rpath first and add the binary to the YAML. See if that fixes things [13:17] kyrofa, ok, so now I got a wrapper (or actually two wrappers). Now to figure out why --disable-rpath actually didn't disable any rpath. Thanks so far! [13:17] kyrofa, diwic during SCaLE with didrocks we found out that setting --prefix= (to nothing) libtool or some other tool enables RPATH [13:17] diwic, try setting --prefix to something (reasonable) [13:18] diwic, ah, too bad [13:18] sergiusens, aha, interesting, what is something reasonable? [13:18] diwic, --prefix=/ or --prefix=/usr [13:19] diwic, just remember that the prefix will actually affect the placement within the .snap [13:19] this can fail depending on the m4 macro's smarts though (from what I recall mterry mentioning) [13:21] sergiusens, question for you regarding that. For instance, when building apache it takes its prefix and actually writes it all over the place-- shell scripts, config files, you name it. What I ended up doing is choosing a prefix of essentially REPLACEME and then as part of the build replaced all that stuff with the snappy environment variables [13:21] sergiusens, that's nasty. How would you have tackled that? [13:22] sergiusens, rather, I did the search/replace after install [13:25] mvo, just got your email to the list. Is that stuff in rolling, or all snaps? I'm starting to get confused with our options here :P [13:25] kyrofa: its on all snaps with the next update, just literally landed ~5min ago [13:26] kyrofa: I'm preparing updates as we speak [13:26] mvo, alright. Rolling has, uh, stopped rolling, has it not? I'm assuming all-snaps will be rolling eventually, correct? [13:28] diwic, the current install dir is always a link from /snaps/pulseaudio.sideload/current to /snaps/pulseaudio.sideload/weirdcombinationofcharacters ... and in a store snap (not sideloaded) it will actually be: /snaps/pulseaudio.$maintainer/$snap-version (with the "current" link pointing to it) [13:28] also there is an envv variable pointing to it at runtime [13:28] kyrofa: yes it has, see https://lists.ubuntu.com/archives/snappy-devel/2016-January/001381.html [13:29] kyrofa: the all-snap images are getting all the love now :) [13:30] mvo, ah, right, I remember seeing that. So if I want to release a package for all snaps, do I target rolling in the store then? [13:31] kyrofa: yes, rollling is fine [13:31] kyrofa: the store does not parse snap.yaml yet but for snapcraft thats fine because it will generate compat package.yaml files [13:33] mvo, okay. Will all snaps eventually become rolling, or are we moving away from that structure completely? [13:33] kyrofa: all-snaps is rolling, the previous rolling just is not there anymore (sorry, I think that sounds confusing) [13:33] kyrofa, once 16.04 is released I'm sure beuno will add the option (not sure everything in rolling will be auto moved/tagged for 16.04 as well) [13:34] yeah, I think we'll add 16.04 soon [13:34] mvo, hmm, snappy lets me install old snaps on rolling ... but fails to actually install them [13:34] beuno, ^^ [13:35] shouldnt they be hidden ? [13:35] http://paste.ubuntu.com/14688116/ [13:35] ogra_, they should, yes, we're sorting all of that out [13:35] ah, k [13:35] ogra_: yes, its a known issue, I meant to write to all the developers but didn't yet because its actually two changes that are needed: the rebuild with squashfs and the convertion to snap.yaml [13:36] right [13:36] ogra_: the best option (for now) is to unpublish on rolling [13:36] well, after all i need to snapcraftify all my snaps anyway [13:36] (again :P ) [13:37] mvo, okay so u-d-f can still use "rolling" and it'll be all-snaps? On xenial only, it sounds like? [13:38] mvo, one question I forgot to ask; are all rolling apps all of the sudden broken due to the use of skills (migration-skill) instead of the known caps, security-? [13:39] mvo: lool: no answer :)? [13:46] mvo: related question, has migration-skill landed on the image? [13:51] jdstrand, from the latest email, it seems it has [13:52] mvo, do we support the unversioned data path already? (ref email on list) [13:53] * jdstrand is not caught up on email today [13:54] Hi guys i packaged an example snap from the github snapcraft. the py2-project is the project but how does i start it? [13:54] or run the snap [13:55] noizer, it has a binary in there, right? [13:55] That binary causes a script to be placed in /apps/bin (or /snaps/bin if you're on rolling) [13:55] noizer, which is in your PATH [13:56] noizer, so try running spongeshaker.sha3sum [13:59] spongeshaker.sha3sum is not a command :s [13:59] noizer, take a look in /apps/bin. What is there? [13:59] sergiusens, how far off is clean build, you think? [14:00] sergiusens, and what does it actually entail? (i.e. how would it work) [14:00] kyrofa some helloworld things from the helloworld application [14:00] but nothing from spongeshaker [14:00] noizer, ah, have you installed it yet? I may have jumped the gun [14:01] sudo snappy install --allow-unauthenticated /home/ubuntu/spongeshaker_0_armhf.snap [14:01] that did i [14:01] to install it [14:03] noizer, hmm... what folders are contained within /apps? [14:03] (and did the install actually succeed?) [14:03] noizer, do you see it if you run `snappy list`? [14:05] hey guys, today my Raspberry PI has 5 times already rebooted due to snappy autopilot [14:05] is that normal? [14:05] (RaspberryPi2)ubuntu@localhost:~$ [14:05] Broadcast message from root@localhost.localdomain (Thu 2016-01-28 14:00:35 UTC): [14:05] [14:05] snappy autopilot triggered a reboot to boot into an up to date system -- temprorarily disable the reboot by running 'sudo shutdown -c' [14:05] [14:05] here you can see the output of snappy list [14:05] kyrofa and hi exists in the dir /apps [14:05] kyrofa [14:05] http://pastebin.com/LkTP0mTH [14:06] kyrofa, we just need to do it; maybe a week or two away [14:06] kyrofa, I'm still too slow this week; juggling with all the changes that happened while away [14:06] kyrofa, cleanbuild is basically lxd [14:07] sergiusens, hey, you're fine man! I'm just asking if maybe we should just drop my go PR if that's close [14:07] sergiusens, because that changes a lot of things [14:07] kyrofa, the thing is, your PR will work for the simple case, but imagine building some lib; then have your go project build after that one [14:08] sergiusens, yeah... I feel like the REAL FIX is cleanbuild [14:08] sergiusens, drop it? [14:08] kyrofa, I would argue that we sometimes do want to export vars ourselves from the system [14:09] kyrofa, if not, we should clean all vars for everything before snapcraft runs at all [14:09] sergiusens, fair point. Though isn't that what cleanbuild will essentially do? [14:09] LefterisJP, 5 times ? i'm sure there werent 5 images built. do you perhaps mean it warned you 5 times like above ? (it should start that 10min before it reboots every 2 mins so you have a chance to stop it with the command it tells you if you feel like) [14:10] sergiusens, obviously it will do more as well. But no environment leakage, I mean [14:10] noizer, something is weird there. Try uninstalling/reinstalling the spongeshaker package [14:11] kyrofa does not work :s [14:11] noizer, pastebin the logs [14:12] kyrofa while installing? [14:12] noizer, yeah, pastebin the result of installing [14:13] ogra_: so whenever there is a new image this message goes out as long as you have auto pilot config on? [14:14] ogra_: perhaps not 5, but 3 times definitely, and no I meant the actual restarting and installing a new version. [14:14] kyrofa http://pastebin.com/Xaf3XGbe [14:17] LefterisJP, did you verify that it was a new version each time? Or is it failing for some reason? [14:17] noizer, wait... I thought you said it didn't work [14:17] no no it worked the installation [14:17] kyrofa but how can i start correctly the snap [14:18] noizer, pastebin the result of `ls /apps` and `ls /apps/bin/` [14:19] kyrofa http://pastebin.com/s80aA5Nj [14:19] kyrofa, sergiusens, where there any changes to the ability to override plugins in snapcraft 2.0? I used this to add a patching step to the autotools plugin, but snapcraft doesn't seem to be detecting and/or running my local plugin anymore [14:20] kyrofa: no I did not actually. Good point. [14:20] LefterisJP, weird ... and yes, autopilot runs every ten mins and checks for a new image ... if there is one, it notifies you for 10 mins a few times and then reboots if you dont intercept [14:20] LefterisJP, I mean... still a problem... but yeah :P [14:20] awe_ no I believe that should still be working [14:21] kyrofa, ok... I'll poke at it some more and see if I can figure out what's going wrong [14:21] awe_ we need to cover that in integration tests. I'll check it out right now as well [14:21] awe_, no, there has been no changes; I just used it last week mself [14:21] kyrofa, I know you mentioned that the --help was caused by a lack of LOCALE [14:21] kyrofa, it is covered [14:22] maybe that impacts plugins too? [14:22] sergiusens, oh. Well then, ignore me! [14:22] sergiusens: unfortunately not yet [14:22] anyways, I'll dig into it some more after our net/telephony mtg [14:22] I hit this late last night, and took it as a sign to end my day [14:22] ;)- [14:22] kyrofa, https://github.com/ubuntu-core/snapcraft/blob/master/integration_tests/test_local_plugin.py [14:22] mvo_, err, not yet to what? :-) [14:23] sergiusens, thanks for the reference :) [14:23] awe_, give me a `find . | pastebinit` and a `cat snapcraft.yaml | pastebinit` and I'll take a look [14:24] sergiusens: the data dir is not there yet [14:24] sergiusens: the fixed one [14:24] mvo_, ah, k, thanks! [14:24] sergiusens, ack... I have to dive into a patch quickly before my next meeting, so I'll get this for you a bit later [14:25] kyrofa: how can I verify that I am at the latest version? snappy info shows release: ubuntu-core/15.04/stable and snappy list shows: ubuntu-core 2016-01-20 6 [14:25] sergiusens: it is on the todo though [14:25] sergiusens, I want to make sure it's not my mistake first [14:25] mvo_, as everything :-) [14:25] :q! [14:25] awe_, yeah ping us if you need us to take a look [14:25] !$#%%! haven't done that in a while! lol [14:25] awe_: I am only a bot, please don't think I'm intelligent :) [14:26] Awww, awe_ be nice to ubottu [14:26] awe_, heh, well the first thing to check is make sure your ref is a file named parts/plugins/x_.py (notice the underscore) [14:26] sergiusens, is the x actually required? [14:27] kyrofa how does i solve it? [14:27] hmmmm; looks like my parts plugin dir got clobbered at some point [14:27] kyrofa, to override, yes [14:27] noizer, what version of snapcraft are you using? [14:28] kyrofa, well, I think it is always required; just to note it is an extension and not an official one [14:28] release: ubuntu-core/15.04/stable kyrofa [14:28] sergiusens, what if its named something totally different, though? [14:28] pretty sure I didn't do an rm -rf; but I'll take the blame for now, unless I can prove otherwise... [14:28] sergiusens, ahh, okay [14:28] noizer, and you try to run a snapcraft 2.0 created snap on int ? [14:28] kyrofa, oh, you can override or name it whatever you want [14:28] *it [14:28] awe_ there are times when I must scold my fingers for typing rm -rf instead of cp [14:29] haha, yea... [14:29] kyrofa, you could just set an alias from rm -rf to cp ... that would solve it :P [14:29] ogra_, hahaha [14:29] ogra kyrofa my snapcraft where i build it is snapcraft 1.0 [14:29] dholbach, bah, that thunderbird conversation view wiped my reply as didrocks's email came in :-P [14:30] sergiusens, I'm wondering now-- does snapcraft clean make sure no custom plugins are in parts before it blows it away? [14:30] noizer, ah, that should still work then [14:30] I have a similar case like noizer I think , this pastebin (http://pastebin.com/gf2qF1g8) included all my steps, I think I have something wrong with my .yaml files [14:30] kyrofa, yup; it doesn't blow away the plugins dir, it only cleans up from defined parts and you can't name a part 'plugins' [14:30] kyrofa, way ahead of you ;-) [14:30] ogra_ kyrofa so i tought it too but what does go wrong? [14:31] vir17, you need to include python in your snap [14:31] noizer, where are you getting the example you're snapping? [14:31] check the snapcraft-examples and take a look at the python2 example [14:31] https://github.com/ubuntu-core/snapcraft/tree/master/examples ogra_ kyrofa [14:31] sergiusens: oh, you are using that plugin? How come did my answer wiped yours? :p [14:31] sergiusens, ah, I believed in you. Just curious :) [14:32] noizer, these are most likely 2.0 examples ... a lot changed between 1.0 and 2.0 [14:32] noizer, exactly, what ogra said [14:32] noizer, use the examples by doing this: `sudo apt-get install snapcraft-examples` [14:32] ogra_ kyrofa ok where can i get the snappy then for snapcraft 2.0 [14:33] (but 2.0 snaps wont run on 15.04 ... so try to grab the 1.0 examples package instead ) [14:33] didrocks, I was typing a reply within the same view and your email arrival updated the view and my reply went bye bye [14:33] :-) [14:33] sergiusens, ahh thunderbird [14:33] (or switch your target device install to 16.04 ) [14:33] ogra_, and now, no snaps will run on 16.04 ;-) [14:33] sergiusens, oh ? [14:34] ogra_, look at snappy-devel@ [14:34] sergiusens: urgh, I know why I'm not using that plugin then! (I remembered to have tried it some years ago, but was unconvinced :p) [14:34] kyrofa, hey [14:34] standup time [14:34] * ogra_ wishes his mailserver wouldnt be so stuck :P [14:34] sergiusens, oh oops [14:35] be agile ! [14:35] :P [14:38] ogra_: in order to include python all I have to do is to include "plugin: python2" in the .yaml file? [14:38] check the example for the exact syntax [14:38] there is a snapcraft.yaml in it [14:39] ok [14:45] kyrofa what is de difference between snapcraft 1.0 and 2.0 [14:45] new features ... new yaml syntax ... and most important 2.0 uses squashfs files [14:46] all these bits are only supported in rolling (16.04) [14:48] ok i think i will switch to it but what are squeashfs files? ogra_ [14:49] it is a compressed readonly filesystem [14:49] saves a lot of diskspace and download time [14:50] (and you cant just mount it rw, so it adds extra security) [14:51] can packages running on ubuntu 14 be compiled to run on snappy [14:53] alella, theoretically you could even run packages from last century inside a snap (snaps need to include their dependency chain) [14:55] ogra_ so but is it possible to mount because for me i need to do that for installing main things [14:56] noizer, in 16.04 everything is a snap and snaps all ship suqashfs inside, so no, you wont be able to modify any of the writable bits anymore [14:57] 16.04 ships the classic dimension though, that gives you a rw container on top of the readonly fs for development etc [14:58] so when i mount it on a other ubuntu system i cant do changes? [14:58] ogra_: the container is just for developping, right? It's not started at reboot (and so you can't have services running in it), or am I wrong? === xnox is now known as s390x [14:59] didrocks, it is the intended purpose [14:59] so if you a packaga designed for ubuntu 14 you cant use snappy commands to compile for snappy [15:00] didrocks, right [15:00] ok, got it right then :) [15:00] it is good enough to run snapcraft in it :) [15:00] what else would anyone want anyway ;) [15:00] ;) [15:01] alella, snaps only contain binaries, you can put whatever you want into it [15:01] i bet you could even put some redhat 4.x binaries into one and make it run as long as you ship all linkedf libs inside :) [15:02] * genii shivers in disgust [15:02] hahaha [15:03] yeah, scary example, i admit that [15:03] but technically it might work [15:11] ogra_ could you tell me about pxe in uboot? will we be able to use it on rpi? [15:12] i cant tell you about PXE but we can surely support some kind of network boot (bootp or so) [15:12] ogra_: it buys some security, perhaps. if you have the ability to remount, you have the ability to bind mount, so... [15:13] i think i didnt remove the netboot setup defaults from the uboot env [15:13] (in fact, that is exactly how I am testing certain things on all snaps) [15:13] just intercept the boot in uboot and check with printenv [15:13] actually, I think I used an overlay not a bind mount. still [15:14] jdstrand, well, it prevents me from hacking on my shell script wrappers directly on the running system [15:14] overlayfs /snaps/bin [15:14] hack away [15:14] sure i could do some overlay magic etc ... but ui cant modify the actual squashfs [15:14] that is true [15:14] and that is definitely an important quality for integrity [15:14] well, i can ... but only trhrough repacking [15:14] right [15:15] it is annoying in the develo0pment process though ... [15:15] I realize I'm being pedantic [15:15] it is [15:16] jdstrand, oh, btw ... does your ufw package do anything with bridging ? [15:16] * ogra_ recently had someone asking if there was bridge support in snappy [15:16] I've wondered if we shouldn't just straight up have a tool to create a cow overlayfs on /snaps/foo, etc for this sort of thing [15:16] i assume ufw sits a layer above ? [15:16] ogra_: not natively, no [15:17] yeah, thats what i suspected [15:17] ogra_: there are hooks scripts that you can put whatever you want in them for bridges, qos, etc, but it is all on the admin [15:17] and packaging bridge tools might be a pain wrt securing it [15:17] jdstrand, wait... can you use overlayfs to hack on the mounted squashfs snap? Or are you guys saying that's exactly what's NOT possible? [15:17] pitti: is it possible to allow some autopkgtests to access the internet? or are there no exceptions, is it strictly blocked for everybody? [15:17] kyrofa, you can ... but you wont hack on the squashfs [15:18] elopio: they can all access the internet, as long as they respect the $*_proxy env vars [15:18] only on the writable overlay [15:18] elopio: and a lot of them actually do [15:18] ogra_, right, so it doesn't actually save upon reboot. But it allows you to tinker anyway? [15:18] yeah [15:18] kyrofa: let me give a concrete example. I have root on the device. I want to test the new ubuntu-core-security package before uploading it. I create a cow overlayfs so I can unpack my ubuntu-core-security deb in it and have the system see the update [15:18] kgunn, ^^ you might like that [15:19] kyrofa: the same thing could be done for an app snap (the above was for the os snap) [15:20] jdstrand, interesting, I need to do some overlayfs research [15:20] note that we do not have it on all kernels (i thinnk) [15:21] ogra_: that is probably true and if it isn't now, it will be for sure [15:21] yeah [15:22] but, for working with vms or the bbb and rpi2, it should be fine [15:22] at least in xenial [15:22] * jdstrand is assuming since bbb uses generic and rp2 a modern kernel, it is there [15:22] I've only done it on amd64 [15:22] yeah interesting [15:23] one could do it with just a bind mount, but then you have to copy everything in [15:24] ogra_: still no success, this is my new .yaml file http://pastebin.com/RfPVJn0f based on this one: https://github.com/ubuntu-core/snapcraft/blob/1.x/examples/py2-project/snapcraft.yaml and these are the outputs of "ls /apps" and "ls/apps/bin" http://pastebin.com/XMJK272q [15:24] kgunn: from my notes (I'm not a huge overlayfs user, but this worked for me) [15:24] Say I want to update the templated policy on the device: [15:24] $ mkdir /tmp/overlay /tmp/work [15:24] $ sudo mount -t overlayfs -o lowerdir=/usr/share,upperdir=/tmp/overlay,workdir=/tmp/work overlayfs /usr/share [15:24] $ sudo dpkg-deb -x ./tmp/ubuntu-core-security-seccomp_16.04.10_all.deb / [15:24] $ sudo dpkg-deb -x ./tmp/ubuntu-core-security-apparmor_16.04.10_all.deb / [15:25] that is how I tested an ubuntu-core-security update on all snaps === s390x is now known as xnox [15:31] jdstrand, excellent notes, thank you! [15:34] pitti: I see. Our tests are timing out doing a git clone, so I could fix them with something like [15:34] git config --global http.proxy $... [15:34] right? [15:35] elopio: no, the env vars should already be set in /etc/environment [15:35] kyrofa: you're welcome :) [15:35] elopio: didrocks' ubuntu-make tests use git clone as well and that works [15:36] great, I'll check there. [15:36] elopio: confirming, I don't need to export any env variable (only for docker config, but that's different) [15:36] didrocks: and do you clone git http: or with git: ? [15:37] elopio: the https:// scheme [15:37] the git one (ssh) isn't opened [15:38] I can change the tests to use https instead of ssh, as sergiusens suggested. [15:38] ogra_: could you please remind me how the kernel (device) tarball is created on cdimage nowdays? [15:38] I wanted to keep at least a test using the git protocol, but that's alright. [15:43] ogra_, jdstrand so that is one of the things snappy try is supposed to bring to the table; from you dev area you could `snappy try DIR` and it would just put it in the right place, activate and you can play easily from your classic env [15:43] neat ! [15:44] sergiusens: yeah, I think we will use something like jdstrand is doing with overlayfs for that [15:45] I think that is where we may get into the issues of overlayfs and apparmor though [15:45] snappy try could easily use a bind mount though [15:45] mvo_, well if it is a first time snap, overlayfs won't exactly work, will it? [15:46] that's another reason for a bind mount [15:46] jdstrand, I think bind mounts are going to be straight forward as well [15:46] just copy stuff in there [15:46] sergiusens: sorry, I was too terse, I was thinking that we use the overlay for /snaps/bin and bind mount the actual app dir [15:46] ah [15:46] sergiusens: and services probably also as overlay [15:46] mvo_, makes sense [15:46] sergiusens: to avoid leaving stale files around [15:47] that should work fine [15:47] kyrofa is snapcraft 2.0 and ubuntu LTS 16.04 already available for raspberry pi? [15:48] noizer, yes, but it's still in development [15:48] noizer, both, rather [15:48] ok its not a stable version [15:48] noizer, indeed [15:48] kyrofa ok and what is the expected release date? [15:48] noizer, 16.04 is actually a date [15:48] noizer, April, 2016 [15:49] noizer, the previous version is wily, 15.10, released in October 2015. Make sense? [15:50] Can anyone help me please, this is my .yaml file http://pastebin.com/RfPVJn0f based on this one: https://github.com/ubuntu-core/snapcraft/blob/1.x/examples/py2-project/snapcraft.yaml and these are the outputs of "ls /apps" and "ls/apps/bin" http://pastebin.com/XMJK272q [15:51] kyrofa but snapcraft 2.0 is much better i think? [15:51] a few dependencies added and some files moved later - now pulseaudio does not complain about missing libraries any more, but it exits immediately with "Bad system call" instead. [15:51] noizer, well, it's newer anyway. What feature are you looking for? [15:51] any idea how to troubleshoot? gdb and/or strace does not seem available [15:51] diwic, seccomp [15:52] kyrofa none but i need to choose for my development [15:52] diwic, are you familiar with snappy-debug? [15:52] kyrofa, nope, but I tried to install it and installation failed [15:52] noizer, 15.04 is stable right now, but it reaches end-of-life soon. rolling (what will become 16.04) is still in development, so it can break sometimes [15:53] diwic, you're on rolling? [15:53] ok and will snapcraft 1.0 apps work on snapcraft 2.0 [15:53] noizer, no, but the YAML changes aren't too bad [15:53] kyrofa, the 16.04 image from ~two weeks ago [15:54] kyrofa ok i will make my application then in snapcraft 2.0 [15:54] diwic, ah, yeah a new version on rolling was released that breaks things. Some packages need to be rebuilt [15:55] ogra_: hey [15:55] diwic, so check /var/log/syslog for seccomp denials [15:56] I have this dragonboard u-boot tree from github, I've built u-boot there; can I just throw it on the SD card, or do I need to run the image tool first? [15:56] diwic, are you familiar with seccomp filters? It's one of the confinement technologies used by snappy [15:56] (mkbootimg) [15:56] [264059.140132] mmcblk1: error -110 sending status command, retrying [15:56] uh [15:57] not happy :-( [15:57] lool, i followed the docs in the tree ... one sec [15:57] kyrofa, there is one, but I'm not sure how to interpret the numbers. syscall=135, which is "sys_personality" judging from a quick googling [15:57] ogra_: the last step is: [15:57] 5) run img.sh to wrap u-boot into fastboot compatible img [15:58] but wasn't sure if we need this [15:58] oh hey diwic! [15:58] diwic, do you have scmp_sys_resolver on there? [15:58] lool, i think we do, i just followed the step by step guide [15:59] diwic, you should be able to run `scmp_sys_resolver 135` [15:59] kyrofa, it says "personality" [15:59] kyrofa where can i download the development version of it? [15:59] diwic, huh. No idea what that does :P [15:59] hi lool [16:00] diwic, but it's not in your seccomp profile [16:01] jdstrand, is the personality syscall a security issue? [16:01] I'm guessing yes [16:03] kyrofa: I'd want to exercise caution with that one. tyhicks may have an opionion [16:03] I need to step away for a little bit [16:03] jdstrand, yeah the manpage is a little tough to understand, but it sounds iffy [16:04] I'm mostly worried about exposing that part of the kernel to apps. eg, these different personalities that aren't used much might have future vulnerabilities [16:05] but this is really to enable truly legacy binaries [16:05] I don't know much personality(2) off the top of my head [16:06] I'll have to look into it [16:06] maybe there are other use cases... [16:07] diwic, do you know why it's being used? [16:08] kyrofa: There it goes again, my system is going down for reboot [16:08] (for update) [16:08] how can I confirm it worked? [16:08] LefterisJP, okay when it comes back up compare the version to what you saw last time [16:08] and version is? [16:09] kyrofa, not yet, I'm trying to figure out how to change seccomp profile (if possible?) since there is no info about that in the snapcraft.yaml reference [16:09] snappy info? [16:09] tyhicks: we don't have an explicit use case for it. it seems dodgy overall (not keen on how it would add to the attack surface). it does seem to only be for the process itself (the only thing going for it) [16:09] the PER_SVR4 and PER_UW7 personalities look nasty since they allow page 0 to be memory mapped [16:09] or snappy list -v ? [16:10] tyhicks: I suggest not getting distracted by it. we can investigate/add it at a later date if people need it [16:10] (and people can use security-override today to workaround it) [16:10] jdstrand, tyhicks thanks for the quick look guys-- sounds like we should avoid it if we can [16:10] jdstrand: ok - my vote is 'no' until it becomes more of an issue down the road [16:11] lool, so i just checked ... i ran run.sh and then dd'ed it to the SD cards boot partition [16:11] tyhicks: sounds fine. thanks for the quick glance [16:11] diwic, check out some of the snapcraft examples-- the gopaste one has an override for a syscall [16:11] err [16:11] img.sh [16:11] ogra_: could you please remind me how the kernel (device) tarball is created on cdimage nowdays? [16:11] LefterisJP, I think it was 6 according to you last paste? Which actually doesn't sound right [16:11] LefterisJP, are you running 15.04? [16:12] LefterisJP, or rolling? [16:12] mvo_, in a fresh chroot from live-build/auto/build after the rootfs was done === JanC_ is now known as JanC [16:12] ogra_: thanks! [16:12] * ogra_ digs up the line number [16:13] mvo_, 344 to 487 [16:13] ogra_: heh, thanks :) [16:14] ogra_: the right file would have been enough but I'm of course thankful for every piece of info [16:14] heh [16:14] for that one we can just run mksquashfs [16:14] the rootfs will be a little trickier [16:15] kyrofa, jdstrand, I believe I found the place in the PA code, it says "Maybe we're autospawned, try to clean up our environment as much as possible". I think I can comment it out since we won't autospawn on snappy [16:15] ogra_: yeah, I am looking at creating some manifest data for jdstrand right now [16:15] thanks to the fact that "-preinstalled" hardcodes tarball or ext2 [16:15] ah [16:15] I think it's trying to do restrict itself, i e increase security somehow [16:15] diwic, I've had to do similar things to other codebases [16:15] mvo_, there is already a find call that dumps it to the log [16:15] ogra_: sweet [16:16] * ogra_ tries to find the find [16:16] ogra_: all good [16:16] ogra_: no worries [16:16] 471 # dump the content list into the log [16:16] 472 echo "I: device tarball contents for $PREFIX.$tarname:" [16:16] 473 find . -type f [16:16] just redirect it to a .manifest file in parallel [16:17] ok, need to EOD. Thanks kyrofa and others for all your help so far [16:17] diwic, any time :) [16:17] diwic, thanks for pulse work !!! [16:18] * ogra_ is fiddling with a mycroft snap ... urgently waiting for some audio love :) [16:18] ogra_, heh, haven't got that far yet [16:21] kyrofa: 15.04 [16:21] LefterisJP, and you said an rpi2, right? [16:21] yeah still says 6 [16:21] yes it's an rpi2 [16:22] LefterisJP, hmm... I'm on version 20 here [16:23] LefterisJP, you've just left my realm of experience. I'll need to refer you to sergiusens or mvo_ [16:23] LefterisJP, I'm not sure how to debug the failed update [16:23] kyrofa, LefterisJP that is an mvo_ or ogra_ topic, sorry [16:24] all right I am all ears if anyone can help. Good to know at least that the update is failing. That's progress already :) [16:24] LefterisJP, maybe elopio or fgimenez can help as well [16:24] btw is any of you going to be in London next week? [16:25] LefterisJP, is there anything interesting happening there? [16:26] LefterisJP: are you in rpi2 snappy stable #6 and trying to update to #7? [16:26] elopio: I am in version #6 from what snappy list seems to tell me. [16:26] And the auto update kicks in [16:27] LefterisJP: sorry, I think I miss some context. so you have a 15.04 stable rpi2 and it fails to update? [16:27] and when it restarts I am still at the same version [16:27] LefterisJP: could you pastebin the exact error output? [16:27] ofc, but can you help me find it? Where should I look for the error output? [16:27] LefterisJP: do you have a serial cable for that rpi2? [16:28] elopio: not on the ready but I can find one [16:28] can't I see something on the logs? [16:29] Is it possible to specify a particular version of a package in 'stage packages' section? Will something like "-libmypackage-dev (= version)" work? [16:29] camako, no; we only support the latest in the archives [16:32] LefterisJP: I'm flashing stable #6 to give it a try here. [16:32] This is how I monitor the boot and reboot: http://elopio.net/blog/connecting-to-snappy-through-the-serial-console/ [16:32] and dmesg should have all the boot logs. But I think it doesn't keep the ones from the previous boot failure. [16:33] sergiusens: As for London, I am gonna be there in the canonical offices next week and heard some snappy core devs will be there so was wondering if I could meet some of you [16:33] looks like 6 was released on the 20th and 7 was released today ? [16:33] elopio: thanks. Nice link. Will also try to do that when I get the serial cable. [16:33] since when do we do weekly releases ? [16:34] LefterisJP, wasn't aware of that, from whom may I ask? [16:36] sergiusens: Thibaut Rouffineau [16:37] sergiusens, yeah I think his team is sprinting there [16:39] LefterisJP, you might be able to go and meet didrocks then [16:39] yeah it's some kind of sprint and I am gonna be there since it's a nice chance to meet some snappy people and get help with the framework snap we are working on [16:40] will be happy to chat with you LefterisJP :) [16:40] didrocks: sergiusens: nice :D, would be nice to put some faces on some nicks. Lurking in IRC and the developer lists is nice but has its limits [16:43] LefterisJP, I have not been invited to that sprint; sort of glad since I would like to be grounded for a bit :-) [16:45] mvo_, does the migration-skill support security-template and security-policy? [16:45] sergiusens: yes, all of the security stuff is supported 1:1, just a different place now [16:46] mvo_, k, so files from -policy are used in the same way, good to know. I recall it in the code now [16:46] thanks [16:46] sergiusens: yw [16:47] sergiusens: I know what you mean :) [16:48] elopio: Here is my dmesg output in case it can mean anything to you. I just noticed there are quite a few errors with the SD card. Could very well be related. [16:48] https://gist.github.com/LefterisJP/500f1907d9cae8471caf [16:51] LefterisJP: update from 6 to 7 worked here. [16:51] we'll need that serial log to understand what's failing during your reboot. [17:00] yeah I see. Then I guess I will need to order that cable. I don't have it after all. For the time being if I simply download and flash a newer raspberry pi image all should be good though I suppose. [17:01] elopio: ^ [17:02] sergiusens, if I want to test out the upload stuff on the staging server rather than actually doing an upload, do you know the URL off the top of your head? [17:02] LefterisJP, yeah that'll work [17:02] LefterisJP: yes, if you don't care about losing your work on that one. [17:03] pindonga, actually my question might be better directed to you [17:04] pindonga, if I want to test out the upload stuff, I figure I'd best do it on the staging server [17:04] mvo_, so i finally got around to try that all snaps dragonboard image ... hangs at the lk for me .... [17:04] * ogra_ re-flashes the SD to make sure its not a flashing issue [17:04] elopio: yeah no worries about that, it's my testing Pi. Should get that cable though. I had communicated with Samsung's Artik via serial USB and assumed I could do the same with the Pi but it seems that I need the cable you mentioned. [17:07] lool, didnt you say mvo_'s all-snap image booted for you ? [17:08] ogra_: which one? [17:08] ogra_: I didn't try the dragonboard one, no [17:08] http://people.canonical.com/~mvo/all-snaps/ [17:08] ah [17:08] I'm tring the efi v2 patchset on top of dragonboard u-boot right now [17:08] just trying to figure the right grub2 binary to load [17:09] well, perhaps we should first ahve a working image before modifying it :P [17:15] [260] ERROR: Could not do normal boot. Reverting to fastboot mode. [17:15] [270] Invalid partition index [17:15] [270] Invalid partition index [17:15] hmmm [17:16] i wonder if mvo_'s changes to my u-d-f patch caused that [17:18] ogra_: I had some SD errors on an SD here, and then it wouldn't boot on it anymore [17:18] I wrote a fresh image to a new SD and then it worked [17:18] might not be related but thought I'd mention it [17:18] yeah, unklikely to be related [17:19] the partition table looks fine [17:20] sadly it doesnt print much more than the above .... no actual reason mentioned .... grmbl [17:20] kyrofa, hi there [17:22] kyrofa, run it like this UBUNTU_STORE_API_ROOT_URL='https://myapps.developer.staging.ubuntu.com/dev/api' UBUNTU_STORE_UPLOAD_ROOT_URL='https://upload.apps.staging.ubuntu.com/' UBUNTU_SSO_API_ROOT_URL='https://login.staging.ubuntu.com/api/v2/' snapcraft upload [17:22] pindonga, excellent, thank you! [17:23] let me know how it goes [17:23] sorry, the first one make sure it ends with / (ie, ../dev/api/) [17:30] ogra_: hm, I thought I did not really modify anything except for resolving conflcits. sad that it fails to boot now [17:32] pindonga, how do I get a token for this? I'm getting "No valid creds" [17:32] yeah, i cant really get it past the little kernel, something is wrong with the partition ids ... i guess due to calling sgdisk differently after your change [17:32] * ogra_ checks the tree [17:33] jdstrand: I'm making some progress on the manifest stuff, hopefulyl by tonight you have what you need [17:33] Oh, login [17:34] kyrofa, right, snapcraft login [17:34] msg should be clearer about this possibly [17:34] pindonga, indeed [17:35] kyrofa, unless you have 2fa enabled on your account when it asks you about OTP just press enter [17:35] dholbach, hey what's the status of the auto document sync? [17:35] kyrofa: we're just deploying it on staging right now [17:35] dholbach, woo hoo! [17:35] ran into some issues with juju and mojospec [17:35] so I hope it'll be done beginning of the week [17:35] mvo_, which dragonboard snap did you use ? [17:36] (bootloader etc) [17:36] ogra_: when I compare https://code.launchpad.net/~ogra/goget-ubuntu-touch/dragonboard/+merge/280320 with http://bazaar.launchpad.net/~snappy-dev/goget-ubuntu-touch/all-snaps/revision/251 it looks like I call sgfisk the same way [17:37] mvo_, oh, i was referring to https://code.launchpad.net/+branch/~mvo/goget-ubuntu-touch/dragonboard [17:37] ogra_: I used what I got from linux-image4.2.0-2004 kernel snap and your gadget snap [17:37] jdstrand, are you around? [17:37] i thought you landed that alongside [17:37] mvo_, that kernel wont work [17:37] ogra_: I don't think I merged that [17:37] ogra_: aha, thats good to know [17:37] yeah, i see that now [17:38] ogra_: so I have an updated u-boot for dragonboard, I've ran img.sh on it, it looks similar to the one I found in mmcblk1p7, but it seems boot goes straight to emmc, any idea what could be missing? [17:38] you need ppisatis kernel [17:38] ogra_: I need to leave for dinner now, if you could point me to the right kernel I can update the snap later [17:38] lool, you need the right UIDS on the partitions [17:38] it is very fragile :/ [17:38] mvo_, right, the boot stalls on the bootloader with a partition error though [17:39] before u-boot [17:39] so there is something else [17:39] all right my friends - I call it a day - see you all tomorrow! [17:40] lool, see my scripts at http://bazaar.launchpad.net/~ogra/+junk/dragonboard/files/5 ... the IDs are in http://bazaar.launchpad.net/~ogra/+junk/dragonboard/view/head:/parts.txt (used as input for the partitioner script) [17:40] ogra_: I didn't touch the part table though [17:40] of the SD ? [17:40] yeah [17:40] hmm [17:41] I just overwrote u-boot payload [17:41] can I stop the boot somehow? [17:41] so the "boot" partition ? (not "aboot") [17:41] S - QC_IMAGE_VERSION_STRING=BOOT.BF.3.0-00261 [17:41] oh [17:41] [...] [17:42] Android Bootloader - UART_DM Initialized!!! [17:42] [0] [0] welcome to lk [17:42] actually ... on mvo_'s all-snaps image there isnt any boot partition ... hah [17:42] [90] [90] boot_verifier: Device is in ORANGE boot state. [17:42] [100] [100] Device is unlocked! Skipping verification... [17:42] [100] [100] Loading boot image (16521216): start [17:42] mvo_: awesome, thanks! [17:42] JamesTait: I am [17:42] but then it's [ 0.000000] Linux version 3.10.49-g0b014e2-00001-gebe2063 (buildslave@aosp-x86-64-08) (gcc version 4.9.x-google 20140827 (prerelease) (GCC) ) #9 SMP PREEMPT Wed Dec 2 10:33:57 UTC 2015 [17:42] lool, ok so that finds uboot and loads it it seems [17:42] hmm [17:42] oh [17:43] ogra_: [740] [740] Updating device tree: done [17:43] [740] [740] booting linux @ 0x80080000, ramdisk @ 0x82000000 (795398), tags/device tree @ 0x81e00000 [17:43] [750] [750] Jumping to kernel via monitor [17:43] lool, did you set the dip switch to SD on the bottom of the board ? [17:43] yes [17:43] weird [17:43] ogra_: I was booting from SD, updated hte contents and ran "reboot" [17:43] jdstrand, I might have figured out the problem, actually: does click-reviewers-tools currently handle squashfs snaps with just meta/snap.yaml? [17:44] lool, try re-powering ... might be it needs re-init [17:44] ogra_: speaking of dragonboards-- I got one in the mail. I don't know what to do with it though (ie, to get it running). I don't need to today or next week even-- I assume instructions will come out sometime (or maybe I missed them already)? [17:44] for the Sd controller [17:44] I did try power cycling already :-( [17:44] jdstrand, there are instructions already ... and an early image [17:45] JamesTait: the review tools know about squashfs to some extent. they don't know about snap.yaml yet. those two things are what I will be focusing on [17:45] jdstrand, http://people.canonical.com/~ogra/snappy/dragonboard/README [17:45] that doesn't surprise me at all [17:45] thanks! :) [17:45] :) [17:45] lool, got a full log ? [17:45] ogra_: not really [17:46] jdstrand, will that also encompass this error: "1 Warning: Unknown field 'daemon' snappy-systemd_package_yaml_unknown_key (server); 1 Fail: (NEEDS REVIEW) squashfs pkg lint_is_squashfs"? [17:46] * These errors. [17:46] ogra_: ah I might miss your u-boot patch [17:46] JamesTait: yes. the new snap.yaml is not supported yet [17:46] but I'll get all working [17:46] lool, well, it should still go to uboot instead of the kernel [17:47] mvo_, ^^ [17:47] Thanks, jdstrand. [17:47] nessita, beuno too ^^ [17:47] * lool drops for dinner and will check again later [17:47] I had a card on it-- and upped the priority when I saw it landed [17:48] jdstrand, similar story here. ☺ [17:48] pindonga, I can't seem to be able to login to staging [17:48] JamesTait, ack [17:48] heh [17:48] pindonga, no 2fa there [17:48] kyrofa, be aware that staging sso is a separate db from prod [17:48] so your account may not exist there, or have a diff passwd? [17:48] pindonga, yeah-- I can login online [17:49] k [17:49] mvo_, sergiusens: iirc, snappy build is going away and everything is going to use snapcraft, correct? [17:49] does it give you any error msg? [17:49] pindonga, just "login failed" [17:50] pindonga, I use the same environment variables you gave me before with `snapcraft login` [17:50] pindonga, is that the right way to authenticate for staging? [17:50] yes, should be [17:50] let me try it as well [17:51] jdstrand, correct [17:51] JamesTait, thanks. So we can land our work waiting for the new click-reviewer-tools and then do the cleanup [17:53] sergiusens: ok, so two things: 1) I'm likely going to need to submit a patch to snapcraft to make sure it uses a particular set of options for mksquashfs (I'll submit that) so the store and snapcraft agree and 2) does snapcraft have a way to simply mksquashfs a directory? [17:53] sergiusens: I'm not sure yet what those options are otherwise I'd give them to you [17:53] nessita, indeed, it looks that way. I just mangled the snap mvo_ gave me to also include a package.yaml, and the reviewers tools now handle it, but fails with the squashfs manual review and lack of a readme.md [17:54] nessita, the click-reviewers-tools work will address both of those and the handling of snap.yaml [17:54] jdstrand, yessir! [17:54] sergiusens: the second question might be a nice thing to have so that everyone always uses the right options [17:54] kyrofa: was that an answer to '2'? [17:54] JamesTait, perfect. So you are a bit blocked now? [17:54] kyrofa, just logged in and uploaded a file successfully... checking your sso account now [17:54] jdstrand, it was [17:55] jdstrand, only 2.0 though [17:55] excellent [17:55] sure [17:55] jdstrand, well, obviously [17:55] * jdstrand nods :) [17:55] jdstrand, yeah, just `snapcraft snap ` [17:55] nessita, my branch is ready for review, but might not make much sense without that update. [17:56] JamesTait, if we land *and* deploy that we will block all squashfs uploads, correct? [17:56] jdstrand, for your reference: https://github.com/ubuntu-core/snapcraft/blob/master/snapcraft/commands/snap.py#L80 [17:56] handy [17:56] kyrofa: thanks! :) [17:57] jdstrand, obviously feel free to make a PR, but if you make a bug for it we can take of it too :) [17:57] ack [17:57] nessita, new squashfs uploads (without package.yaml) are blocked already. [17:59] kyrofa, ok, bug [17:59] am on it [17:59] pindonga, ah, thank you! :) [17:59] mvo_, dd'ing my u-boot.img in place gets me gurther [18:00] *further [18:00] it's passing the otp even when empty [18:00] which causes sso to fail auth [18:00] so something is wrong with that u-boot binary [18:00] JamesTait, ok, so we could move forward landing and eventually deploying that, correct? [18:00] nessita, I think we're also depending on beowulf's icon_url piece, which I think is waiting until Monday? [18:00] pindonga, ah, excellent [18:01] If that's the case, maybe we should land this on Monday as well? [18:02] JamesTait, not for this, no [18:02] JamesTait, is independent, I think [18:03] nessita, currently I'm unable to publish the package I just uploaded because it needs an icon. [18:03] JamesTait, yeah, that is fine [18:03] meaning is independant of your change [18:04] OK, great! 😃 [18:05] mvo_, the next issue is that for some weird reason you added the uboot partition to the end of the disk ... the partition to load uboot.env from is hardcoded at build time in the dragonboard u-boot (and currently points to mmc 1:8 ... while the boot partition on your image is 1:9 ...) [18:05] In which case I'll await a review of my branch and land it when we get approval, and I'm ready for something new. [18:06] kyrofa, sergiusens now that upload is part of snapcraft we might also need to update the examples; this is because the store will only accept a package icon if it's 256x256 px in size [18:06] the upload will get accepted, but the icon will not [18:06] I should probably catch up on e-mails till my EOD in ~40 mins though. 😉 [18:06] ie, if you upload eg gopaste you'll see it there eventually but without the right icon [18:07] pindonga, I'm writing an example doc for uploading right now [18:07] pindonga, that's only for .pngs I assume? [18:08] yes, probably.. tbh don't know for sure if the store currently supports other icon formats [18:08] pindonga, svgs [18:09] pindonga, by the way I'm happy to fix that 2fa bug if you can point me in the right direction [18:10] almost there [18:10] I'll let you review it :) [18:10] + I introduced the bug so I feel responsible for fixing it [18:10] :) [18:11] pindonga, kyrofa our solution could be to just remove all the icons ;-) [18:11] sergiusens, I'm on board with that [18:11] pindonga, haha, okay sounds good [18:11] kyrofa, but they are examples, so we probably need an example with how to do it [18:13] sergiusens, did forking turn into a boolean in package.yaml somewhere along the line? [18:16] kyrofa, yeah [18:16] kyrofa, package.yaml is going away in my skill migrationbranch though [18:17] sergiusens, alrighty [18:17] kyrofa, when you fix the upload stuff messages, can you silence the unit tests as well? [18:17] sergiusens, yup [18:18] kyrofa, thanks! [18:18] kyrofa, https://github.com/ubuntu-core/snapcraft/pull/274 [18:20] pindonga, can you add a # to the bug ref in the commit? It _might_ work with git-dch, but all the man examples have the # [18:21] do I need to commit --amend or just update it in github ui? [18:21] updated in ui [18:22] pindonga, you need to amend I'm afraid-- we need it in a commit [18:22] ack, doing so then [18:22] pindonga, thanks :) [18:23] sergiusens, hello! quick question, how can I build a snap without an icon? I'm using snapcraft from ppa:snappy-dev/tools and when running it complains: Issues while validating snapcraft.yaml: 'icon' is a required property [18:23] pushed [18:23] nessita, you need snapcraft 2 [18:24] kyrofa, thanks for helping! any instructions where to get it from? [18:24] pindonga, I don't see any changes... [18:25] ah [18:25] nessita, that's the xenial release [18:25] bad push [18:25] kyrofa, is there any way of getting it in willy? [18:25] upgrading to xenial for this feels a bit overkill :-) [18:25] nessita, not unless you feel like running from source-- pre-xenial is all Snapcraft 1.x [18:26] kyrofa, I see, thanks [18:26] nessita, what are you targeting? [18:27] kyrofa, I'm working on the store and needed to debug issues when uploading a snap without icon [18:27] kyrofa, so basically I need an iconless valid snap [18:27] JamesTait, do you happen to have that? ^ [18:27] nessita, I'm not sure .snaps without icons are valid in 15.04 [18:28] nessita, I have a couple you could use. [18:28] kyrofa, they are not, but I don't really need to target any specific snappy, my focus is the store [18:28] JamesTait, highly appreciated! [18:28] nessita, ah, I see. Yeah sorry about that. Running from source is pretty easy for what it's worth [18:29] kyrofa, it is? anywhere I can read about how to? [18:30] https://github.com/ubuntu-core/snapcraft is the github repo [18:30] nessita, yeah just don't use the upload stuff, it's prereqs aren't available pre-xenial. The rest should work though. Here's the general hacking guide: https://github.com/ubuntu-core/snapcraft/blob/master/HACKING.md [18:31] nessita, but really, just clone is and run the bin/snapcraft script [18:31] kyrofa, amazing! thank you [18:31] nessita, check debian/control for all its deps. If you're running 1.0 you probably have most of them [18:32] nessita, the master branch is 2.x, but not always released. I suggest `git checkout 2.0.1` to get the most recent release-worthy stuff [18:33] kyrofa, super helpful, thank you (still cloning) [18:33] nessita, note that 2.x generates .snaps that will only run on xenial. Not sure if that matters for the store stuff you're doing [18:33] kyrofa, still need to update the integration tests and examples https://github.com/ubuntu-core/snapcraft/pull/275 [18:33] but it is a start [18:33] need to run for a bit [18:33] nessita, any time :) . Let me know if you need help with that [18:33] sergiusens, sounds good! [18:33] kyrofa, it does not matter, thanks, I'm just using them to upload to my local store [18:36] nessita, whatever you do, don't install it using the setup.py [18:36] Just use it straight out of the src [18:36] yes, yes [18:36] or install in a venv [18:37] nessita, pssh, you know more about this stuff than I do. You'll be fine :P [18:37] hunting for docopt now [18:37] * nessita apt-get installs it [18:38] * kyrofa goes to plug in the external monitor. If he drops that's why [18:39] Hey! Still here === rickspencer3_ is now known as rickspencer3 [18:42] kyrofa, hey... looks like travis choke on that PR [18:42] what do we do about that? [18:42] kyrofa, so! I ran snapcraft build with this output https://pastebin.canonical.com/148649/ but I don't have a .snap at sight [18:42] pindonga, nah it's still going [18:42] do I need to re-push? is it possible to manually trigger a new job? [18:42] pindonga, have faith [18:42] I mean, the static test suite failed [18:42] but bc of some lxc related issue [18:42] pindonga, oh. So it did [18:43] ah, looks like it's restarting the job by itsel [18:43] itself [18:43] * pindonga is new to these things [18:43] :) [18:43] pindonga, I poked it [18:43] coo [18:43] pindonga: is not automatic, there's a button. [18:44] nessita, yeah things changed a bit [18:44] nessita, run `snapcraft snap` [18:44] ah! [18:44] [Errno 2] No such file or directory: 'mksquashfs' [18:44] installing! [18:44] nessita, squashfs tools [18:45] o/ [18:45] Snapped foobar_1.1_amd64.snap [18:45] SUCCESS! [18:45] Hey hey, there you go! [18:46] and now the store chokes with it "The upload does not appear to be a valid click package" so this may be the fix we await from reviewer-tools [18:46] kyrofa, thanks a lot for your help [18:46] nessita, no problem, it's why I'm here :) === marcoceppi is now known as marcoceppi|airpl [18:51] elopio, git-dch does not seem to be in git-buildpackage in xenial. Do you know where it went? [18:53] elopio, ahh, things were renamed to gbp it seems [18:54] kyrofa: yes, same package, new name. [18:55] kyrofa, ok, looks like it's all green now [18:57] pindonga, excellent, thanks for that :) === marcoceppi|airpl is now known as marcoc|airplane [19:28] ogra_: oh, interessting - so there is a off-by-one error in the partition setup? [19:28] ogra_: one too many? [19:31] jdstrand: snappy build is goind away yes, we need to have something internal though for our build-in tests, so its going away and also not quite going away [19:32] jdstrand: looks like I missed all the action around the new snap.yaml :/ so click-reviewers-tools need an update too? will it just warn or outright reject the snap? [19:35] is there a ready version of snappy for raspberry pi that uses snapcraft 2? [19:36] vir17, yes indeed [19:36] vir17, look here: http://people.canonical.com/~mvo/all-snaps/ [19:37] vir17, note that snappy and snapcraft are different though. You need to enable the classic dimension before you can use snapcraft on snappy [19:37] vir17, do you know what I'm talking about? [19:38] I think you talk about running snapcraft from snappy? [19:38] or i am wrong? [19:39] vir17, indeed. Were you wanting something else? [19:39] I use another machine to create the apps [19:40] apps that packed with snapcraft2 could not run in the older version of snappy [19:41] vir17, correct. Yeah, you want that app-snaps image then [19:41] vir17, do note that a snappy update today breaks .snaps created with snapcraft though. A fix will be out soon [19:41] ok so it is safer to stay with the older version [19:42] and with snapcraft 1 [19:42] ?? [19:42] vir17, for right now yes, but we're trying to stabilize soon [19:42] :) [19:43] I found it easier to follow the example in the new snapcraft [19:43] this is the reason I asked [19:43] vir17, which example? [19:45] I had installed in my system the new snapcraft [19:45] and the examples i tried to re-create didnt work for me [19:46] so I thought I could try the new snappy [19:46] Ah, okay [19:47] I have to understand now what is wrong with my .yaml file [19:47] because my app doesn't appear in the /apps/bin after a successful installation [19:47] Hey pindonga, if you have a minute, would you mind looking this over? https://github.com/ubuntu-core/snapcraft/pull/277 [19:47] sure [19:47] vir17, you need to refer to the examples from the right release [19:48] vir17, I suggest installing the snapcraft-examples package and using those [19:48] I just install it to a spare raspberry pi running ubuntu mate [19:48] pindonga, just make sure I didn't lie in there anywhere :P [19:48] so I will try again [19:48] :) [19:49] ogra_: is my gadget snap maybe wrong? I think I just took yours but: http://bazaar.launchpad.net/~snappy-dev/snappy-hub/snappy-systems/view/head:/dragonboard/meta/package.yaml - i.e. might this explain the off-by-one issue? [19:52] kyrofa: if I have both the new snapcraft and snapcraft-examples in my system, how I can choose which version of snapcraft to use to pack my app? [19:52] is it possible? [19:52] vir17, I'm afraid having them both installed isn't possible [19:52] i will use the raspberry pi then to pack my app [19:52] thank you :0 [19:52] :) [19:52] vir17, sure :) [20:01] kyrofa, comments added [20:01] do you need to me +1 somewhere? [20:01] pindonga, no, that's exactly what I needed, thank you! [20:02] pindonga, actually why don't you give it a thumbs up just in an overall comment, if you don't mind [20:02] k [20:04] Alright now that I know that it's actually correct, elopio take a look at https://github.com/ubuntu-core/snapcraft/pull/277 when you have a minute [20:18] kyrofa: reviewed. pindonga: I left in that PR some comments about possible bugs. Could you please check if you agree? [20:18] already replied :) [20:18] * pindonga checks again, just in case [20:20] yep, all replied to [20:21] kyrofa: are you still there [20:21] ? [20:24] vir17, I am [20:25] elopio, pindonga thanks guys :) [20:26] cool. thanks kyrofa for all the bugs. [20:26] do you have any clue about this error: FileExistsError: [Errno 17] File exists: '/home/vir17/Desktop/serial-test4/parts/serialdev/build' [20:26] this is my .yaml [20:26] http://pastebin.com/mRbXAkb2 [20:27] vir17, well, your YAML looks fine for Snapcraft 1.0 [20:27] vir17, try running `snapcraft clean` and then run `snapcraft` again [20:27] ok [20:29] kyrofa, is there any documentation about how to build snaps on a device running snappy? trying to figure out the best way to build my snap so it can be run on an ripi2? [20:29] awe_ not that I know of but I can walk you through it [20:30] i *just* got the latest rolling image up & running [20:30] awe_ as soon as all-snaps is a bit more stable I think we'll have docs on it [20:30] ok [20:30] awe_ first question: which version of ubuntu core are you targeting? [20:30] the latest rolling [20:31] Excellent. Then all you need to do is enabled classic with `sudo snappy enable-classic` [20:31] i have a snap built using snapcraft 2.0 [20:31] ok [20:31] awe_ that command will setup the "Classic Dimension," allowing you to use .debs [20:31] awe_ once that finishes, you'll be able to apt-get install snapcraft [20:32] ok [20:32] awe_ the rest should be easy [20:32] and then what happens when i want to test? [20:32] does that still all work as expected? [20:32] eg. sudo snappy install [20:32] ... [20:32] or do i need to disable classic mode once i've finished building? [20:33] awe_ good question, I haven't actually done it [20:33] ;)- [20:33] awe_ I actually ran into a make bug when I tried this last time-- make was segfaulting [20:33] well, good thing i bought two new sd cards [20:33] ;D [20:33] * awe_ crosses his fingers [20:33] awe_ so I ended up installing regular-old Ubuntu on there to build [20:34] ah, ok [20:34] well, let's try this out first [20:34] maybe i'll get lucky [20:34] awe_ keep that in mind-- if you hit some weird make segfaulting thing, other people have too [20:34] elopio, I can't remember-- did you report that somewhere? [20:35] kyrofa: the same thing happened again [20:35] the complete log: http://pastebin.com/dWhUT36X [20:35] so how involved is installing regular xenial on the ripi2? [20:36] awe_ I actually did trusty (I was targeting vivid so that worked for me) [20:36] awe_ there was a prebuilt image on the wiki I stole [20:36] awe_ not sure about xenial [20:36] k [20:36] we'll see how classic goes then [20:36] to give you more info, the app i try to build is just a simple python file http://pastebin.com/XphBGzUA [20:37] kyrofa: https://bugs.launchpad.net/ubuntu/+source/make-dfsg/+bug/1536727 [20:37] Launchpad bug 1536727 in make-dfsg (Ubuntu) "make crashes in xenial lxc" [High,Confirmed] [20:37] elopio, oh yeah. I confirmed it :P [20:38] vir17, you aren't running snapcraft twice, are you? [20:38] vir17, just snapcraft clean followed by snapcraft? [20:38] yes [20:39] vir17, after snapcraft clean, can you verify that the parts directory has been removed? [20:39] elopio, is a OTP prompt of "One-time password (just press enter if you don't use 2FA):" too long? [20:41] kyrofa: it's long, but better than OTP [20:41] kyrofa: but now you introduced the word 2fa [20:41] kyrofa: http://pastebin.com/4hxArVaj [20:41] elopio, heh, I knew you'd pick on that [20:41] what about "if you don't use it" ? Still confusing? [20:41] i can snapcraft clean and restart the system to be sure [20:42] elopio, yeah that brings up "What's a one-time password? Well, maybe I don't use it" :P [20:42] vir17, looks like it's indeed gone. Can you push your entire project somewhere so I can take a look? [20:43] I wouldn't mind making it even longer saying two-factor authentication. But then we might be making it more confusing. [20:43] elopio, hrmm... so it sounds like the only good solution is to somehow detect if it's not necessary [20:43] elopio, if you agree, I'll make that a separate bug [20:43] ok I will send you the link in 1min, thank you :) [20:44] kyrofa: well, that's the perfect solution. We can live with less than perfect for now. [20:45] there should be a nice way to do it, because it's how it's done on the web. You hit log in, and if you have 2fa enabled the next page asks for it. [20:45] here instead of clicking log in, we press enter after the password. [20:45] elopio, agreed. I figure if we can change the prompt to something better that would be a decent intermediate step [20:46] awe_, kyrofa in case it wasn't answered; you `sudo snappy enable-classic`; then you `snappy shell classic`; in there you apt all you want; you exit the shell or from a different login `snappy install *.snap` [20:47] elopio, it's the "decent" bit that's difficult [20:47] sergiusens, ah, thank you! [20:47] * elopio leaves for lunch [20:52] kyrofa: you can check here my entire project https://github.com/lmbn/serial/tree/master [20:55] vir17, ah, run `snapcraft help python2` [20:56] vir17, you're not using it quite right [20:57] Nooooo ubuntu bring my mouse pointer back... [20:59] kyrofa: make sense now, I need a lot more parts to use python [20:59] is this the only way? [20:59] or I can do something else to make a snappy app with just the files I already have [21:00] i mean if I run my code straight into the terminal [21:00] the code is working [21:00] can I create a snappy app out of it? [21:00] vir17, it works on your terminal because you already _have_ all those dependencies [21:00] vir17, but they need to be put into the .snap itself [21:01] vir17, make sense? [21:02] Alright, reaching EOD around here [21:02] ok so in other words I need to include dependencies for all my imports (import serial, import time, import os) [21:02] ? [21:02] vir17, yes, but snapcraft will take care of that for you if you setup the part correctly. Reference the python2 example [21:03] i will try then :) thank you again kyrofa [21:03] Sure thing :) . Have a nice evening everyone! [21:03] you too [21:22] kyrofa, https://github.com/ubuntu-core/snapcraft/pull/275 [21:22] also wouldn't mind a review from jdstrand and mvo (not connected https://github.com/ubuntu-core/snapcraft/pull/275) [21:25] sergiusens: hey, so reading mvo's mail about additional changes coming like icon having to be in meta/icon etc [21:25] is that going to be pushed onto snapcraft2.0 ? [21:25] I'll add it to my todo-- I may not get to it today though [21:25] or later....like a 3.0 [21:26] kgunn, it is already in snapcraft [21:26] kgunn, but that is internal formatting [21:26] I can also review after the fact. I quickly perused it and see you added the 4 directives under the migration-skill, which is good [21:26] kgunn, from a snapcraft perspective you still do icon: path-to-icon [21:26] sergiusens: ah [21:26] kgunn, and snapcraft puts everything in the right place [21:27] * kgunn likes it when things get put in the right place magically [22:05] thanks sergiusens! it actually worked. still need some tweaks to the snap to get things functional, but good progress! [22:25] awe_, nice! [22:40] Hi guys just a question the doc on de developer.ubuntu website is that for snapcraft 2.0 kyrofa [23:06] kyrofa it is snapcraft 2.0 syntax on the dev site of ubuntu?