/srv/irclogs.ubuntu.com/2016/04/14/#snappy.txt

General-BeckWho can tell what kind of error? http://paste.ubuntu.com/15822298/00:22
kyrofaGeneral-Beck, looks like that error is specific to the service you're trying to install00:24
kyrofaGeneral-Beck, and it's restarted several times fast enough that systemd just stopped trying00:24
General-Beckthe fact that the restart is clear, but the error indicated `ubuntu-core-launcher ERROR: Error upgrading parity data: CannotLockVersionFile`00:26
General-Beckcode https://github.com/ethcore/parity-snappy/tree/master/snap00:50
General-BeckI think I know the reason00:58
testping elopio02:38
=== test is now known as Guest70089
Guest70089ping elopio02:42
Guest70089ping elopio02:49
=== chihchun_afk is now known as chihchun
netphreakhi, guys!04:21
ypwonginstalled snapd and ubuntu-clock-app-mvo, but when launching ubuntu-clock-app-mvo.clock it complains "can not find a snappy os"04:52
ypwongWhat do I miss?04:52
Mikaelaypwong: some snap which started with ubuntu, which name I don't remember, something about core or base04:55
ypwongMikaela, you're right, install ubuntu-core snap and now it can be run05:11
ypwongbut now got "QXcbConnection: Could not connect to display :0"05:12
=== devil is now known as Guest28671
=== Guest28671 is now known as devil__
=== not_phunyguy is now known as phunyguy
zygagood morning06:08
=== sgclark_sleeping is now known as sgclark
=== attente_ is now known as attente
zygamvo: telegram seems to be down07:16
zygamvo: I've posted a trivial branch https://github.com/ubuntu-core/snappy/pull/93607:16
zygamvo: and I found a bug (maybe) when we install the 1st snap and automatically install ubuntu-core with it, we don't seem to have a task for setup-snap-security07:17
zygamvo: so iface manager doesn't ever see ubuntu-core07:17
zygamvo: so we don't add implicit slots and get all the auto-connection magic to happen07:17
mvozyga: interessting, the code should do exactly the same as for the first download, hmmm07:17
zygamvo: try it, wipe your state, then install hello-world07:18
zygamvo: and list interfaces07:18
zygamvo: (on master)07:18
zygamvo: (maybe merge the branch above so that it's not painful if snapd doesn't start07:18
zygamvo: then restart snapd and it will see ubuntu-core interfaces (I do a scan on startup)07:18
mvozyga: I'm not disputing that you see this :) I'm just puzzled why it happens07:18
* zyga would love _some_ logging to be there for tasks 07:19
mvozyga: yeah, I think we need a verbose mode in the taskrunner for exactly this, at least see what is in the queue and running etc07:21
zygamvo: yeah, I think we could just log all runner activity in general, by default, it's not like it's going to hurt07:21
zygamvo: and now it's walking blind all the time, I have a patch that sprinkles logging everywhere for development but it's silly to need such a thinig and not have it merged07:21
zygamvo: fyi, telegram sends every other message I wrote; I'll switch to irc for now07:25
zyga(the remaining messages are marked as queued)07:25
davidcalleMorning o/07:27
davidcallezyga: Telegram has finally realized this group was using half of its bandwith ;)07:29
zygadavidcalle: and 90% of the cat photo traffic ;)07:29
davidcallezyga, quick question about something I'm not sure to fully understand with Snappy. Why do we have "ack" and interfaces connectivity commands since snaps should be doing this on their own at install time? Is it for testing?07:31
zygadavidcalle: snappy auto-connects certain interfaces that are deemed safe or important, e.g. network, network-bind, x11 and unity707:32
zygadavidcalle: for other interfaces we will add auto-connection when assertions are in place07:32
zygadavidcalle: because those interfaces give a lot of power07:32
zygadavidcalle: and lastly users still can disconnect anything they want07:32
davidcalleI see07:33
zygadavidcalle: later on with hardware interfaces you will need to pick stuff, e.g. which GPIO pin goes to "mr blinky" snap07:33
zygadavidcalle: this is why plugs and slots have interface type -- there will be multiple interoperable ways to connect snaps to hardware07:33
davidcalleYeah, makes sense then07:34
zygadavidcalle: e.g. a rasbperry pi 2 camera slot could be connected to only one snap at a time and you can pick which one gets it07:34
fgimenezgood morning07:46
zygafgimenez: morning :)07:46
fgimenezhey zyga :)07:47
fgimenezhi @mvogt :) it seems that today udf doesn't accept origins/developers for generating images, ie each snap flag without the '.canonical' at the end, is that going to stay, should we change integration tests and snappy-cloud-image?07:47
fgimenezmvo, ^07:47
mvofgimenez: I think that is a store change that triggered this behavior. you need to always use the short name now, right? only "ubuntu-core" works but not "ubuntu-core.canonical". is that what you see?07:49
fgimenezmvo, yes, "sudo ubuntu-device-flash core rolling --channel edge --os ubuntu-core --kernel canonical-pc-linux --gadget canonical-pc --developer-mode  -o /tmp/tmp.HBTcxb4rHN/udf.raw" works07:49
mvofgimenez: ok, please modify it for now so that it uses the short names. at some later point we will support long names again but thats not a concern right now (this will happen once publisher != developer which is not the case right now)07:51
fgimenezmvo, ok thx, on it07:51
morphis_ogra_`: do we alreay support the raspberry pi 3 with snappy today?07:52
zygafgimenez: hmm, I should update ubuntu-image then07:53
mvoyay, tests are green again07:53
mvoonce https://github.com/ubuntu-core/snappy/pull/938 gets merged07:54
zygamvo: merged07:56
zygamvo: can you run "go test" in daemon/ for me it seems to hang...07:57
zygaah, no it's just slow07:59
zygasorry :)07:59
zygamvo: latest u-d-f fails to find OS snap08:08
zygaah, ignore me08:09
Gunther_Good morning08:09
Gunther_If a snapcraft.yaml contains multiple 'parts', is it possible to refer from 'part2' to the build or install directories of 'part1'?08:11
didrocksGunther_: hey! you can if set you parts2 to be "after: parts1" (this is withing the stenza of parts2) and set for instance with the copy plugin: files: file1: ../../parts1/build for instance08:13
Gunther_didrocks: thanks I will try that08:15
=== EkePoetry is now known as ToyKeeper
didrocksyw! keep us posted :)08:16
Gunther_didrocks: My idea is to use this to separate a kernel build from the build of a customized device driver. The device driver (part2) refering to the kernel source tree (part1)08:19
didrocksGunther_: yeah, that should be doable this way then.08:23
* zyga has connect + security working, fights through mock layers to let daemon tests go08:29
zygamvo: I have a simple daemon branch for review, do you have a moment?09:22
zygaChipaca: ^ ditto09:23
zygahttps://github.com/ubuntu-core/snappy/pull/94209:24
zygamvo: https://github.com/ubuntu-core/snappy/pull/943/files09:29
morphis__ogra_: ping09:39
zygamorphis__: once you know about pi3 support please ping me, I'd like to support it in ubuntu-image09:41
morphis__zyga: will do :-)09:51
zygamvo: around?09:55
zygamvo: (I don't know if you see my pings on telegram)09:55
ogra_zyga, morphis, there is still a bug  that makes the serial console on the pi2 unusable with the pi3 enabled uboot ... not sure we'll get that fixed before 16.04 release (but luckily nothing in the gadget comes from the archive so we will surely get it fixed by snappy release) http://people.canonical.com/~ogra/snappy/all-snaps/rpi3/09:56
morphisogra_: sounds great!09:56
ogra_long term plan is to have the 32bit image work on both ... and eventually have a 64bit img additionally09:57
morphisogra_: one other thing, is http://cdimage.ubuntu.com/ubuntu-snappy/daily/current/ supposed to be the new place for daily snappy images?09:57
ogra_morphis, well, the store is ... but yes, these snaps go to the store09:58
morphisogra_: for snaps, yes, the store is the place, but talking about .img files I can flash09:59
ogra_ah09:59
ogra_no, thats a 15-04 dir ...09:59
ogra_sorry missed that you had the wrong path in there09:59
ogra_http://cdimage.ubuntu.com/ubuntu-core/daily-preinstalled/current/10:00
ogra_thats the path for the roilling dailies10:00
ogra_we will release underneath http://cdimage.ubuntu.com/ubuntu-snappy/ though ... in a 16.04 subdir10:00
ogra_(with img files)10:01
morphisogra_:  ok, so what do I take from daily-preinstalled to flash? xenial-preinstalled-core-amd64.tar.gz   for example?10:01
ogra_sudo ../ubuntu-device-flash core --developer-mode --channel edge --os xenial-preinstalled-core-amd64.os.snap  --kernel  xenial-preinstalled-core-amd64.kernel.snap --gadget canonical-pc.canonical -o test.img10:03
ogra_that creates test.img which you can flash10:04
ogra_you need the u-d-f from http://people.canonical.com/~mvo/all-snaps/ for that10:04
morphisogra_: so u-d-f with support for that wasn't yet released?10:04
ogra_oh, there is a "rolling" missing in the command10:04
ogra_sudo ../ubuntu-device-flash core rolling --channel edge --os xenial-preinstalled-core-amd64.os.snap  --kernel  xenial-preinstalled-core-amd64.kernel.snap --gadget canonical-pc.canonical -o test.img10:05
ogra_sadly not ... mvo is planning an SRU i think10:05
morphishm10:05
ogra_(effectively there is a new tool in the works but that wont make the release most likely)10:06
morphisogra_: tool to replace u-d-f-?10:06
ogra_kernal and gadget snaps are still supposed to be re-designed in the next weeks as well, so the code will still change in u-d-f10:06
ogra_yes, a tool to replace u-d-f10:06
morphisinteresting10:08
morphisogra_: however, will we end up with actual .img files for the release?10:08
ogra_perhaps :)10:09
morphisok10:10
ogra_(it doesnt make much sense to have imgs when the gadget and kernel snaps are comepletely redesigned ... perhaps in an incompatible way so that you need to re-flash)10:10
morphisI see10:10
dakerogra_: hi, anyidea how can i compile an armhf snap ?10:11
ogra_daker, do you have an armhf board ?10:11
dakeryes rpi2 & bbb10:11
ogra_with a snappy install ?10:11
dakernot yet10:12
dakerdoes snappy/snapcraft comes with the ubuntu-core img ?10:12
dakersnapcraft 1.x i mean :D otherwise i have to rewrite the snapcraf yaml again10:13
ogra_oh10:13
ogra_1.x10:13
* ogra_ hasnt used that in ages :P10:14
ogra_thats a bit tricky ... you need to compile natively ... in 16.04 we have the classic shell on the snappy image for that10:14
ogra_(you can then just apt-get what you need and build your stuff)10:14
ogra_i suspect in 15.04 you need to grab an ubuntu-core tarball (not the snappy one) and do it in a chroot in there10:15
ogra_from http://cdimage.ubuntu.com/ubuntu-core/daily/current/10:15
Gunther_hmm is someone interested in reviewing a kmodule.py plugin for snapcraft? http://paste.ubuntu.com/15826883/10:17
zygaGunther_: send it to sergiusens_ on github10:18
Gunther_ok10:18
Gunther_zyga: as pull request?10:22
pedronisniemeyer: telegram is not quite working for european people atm, they said it was fixed but seems back to not working again10:31
niemeyerpedronis: Ah, I thought everybody was taking a good rest :-)10:36
niemeyerzyga: Some feedback on #94310:36
niemeyerzyga: 942 is in10:39
niemeyerzyga: 943 has a few comments10:40
niemeyermvo: 941 is missing update-pot it seems10:44
mvoniemeyer: let me fix that10:49
mvoniemeyer: thank you10:50
Gunther_is there an easy way to look into a .snap package?10:59
ogra_Gunther_, mount it ... it is a squashfs file ;)11:00
Gunther_too much work :)11:00
ogra_haha11:00
ogra_you can also use unsquashfs indeed11:01
ogra_i think "unsquashfs -l" lists the content without unsquashing11:02
Gunther_mounting worked great :)11:04
zygare11:14
zyganiemeyer: hey!11:14
zyganiemeyer: looking, thanks11:14
zyganiemeyer: refreshed https://github.com/ubuntu-core/snappy/pull/94311:21
zyganiemeyer: have a look please, we can get connect/disconnect security working after that :)11:21
niemeyerLooking11:22
* zyga worries that communication breaking down today is the most unfortunate thing that could have occured; is telegram working for anyone?11:22
niemeyerzyga: Yeah, most people are in I think11:24
zyganiemeyer: I pinged mvo, pedronis and Chipaca without effect11:25
zygamaybe just not looking at irc notificaction (desktop integration)11:25
niemeyerzyga: I see their messages, but not your pings11:25
zyganiemeyer: I also tried in snappy-internal11:25
zyganiemeyer: as long as I can talk to you we're good :)11:26
niemeyerzyga: I don't see your pings in snappy-internal either11:26
zygahmmm11:26
* zyga restarts irc11:26
* zyga loves technology11:26
niemeyerzyga: I think it'd be trivial to have SetupCallback  recording the calls instead of the fake public value11:27
niemeyerzyga: But it's okay to do that later11:27
zygairc should have a "no emergency calls" disclaimer11:27
zyganiemeyer: yes, I agree, I'll try to do that today after all the feature work is in place11:27
niemeyerzyga: It's okay, let's focus on the release.. this is an easy TODO for next week after things have calmed down11:27
niemeyerzyga: It's in11:28
zygaperfect, now for the meat11:29
zyganiemeyer: https://github.com/ubuntu-core/snappy/pull/94811:35
zyganiemeyer: that's getting us 90% there11:35
zyganiemeyer: I'll work on setup-snap-security to be fully operational11:35
zyganiemeyer: and on remove-snap-security11:35
zyganiemeyer: along with some tests for both11:35
zyganiemeyer: _after_ that I'd like to get developer mode working11:36
zyganiemeyer: and switch connect/disconnect to async REST11:36
zyganiemeyer: and lastly kill bits needed only for old security (some branches for that are already up, I have more but I didn't finish it)11:36
niemeyerzyga: I can do the async rest thing immediately11:36
zyganiemeyer: please do, thanks!11:36
niemeyerzyga: Will look at the branch first11:36
zyganiemeyer: does the plan above look good, anything to shuffle or change?11:36
niemeyerzyga: What's still pending about setup-snap-security?11:37
zyganiemeyer: we still disconnect and don't reconnect11:37
niemeyerzyga: In which sense?11:37
zyganiemeyer: there's a TODO in the code that needs to be changed; to support upgrades we disconnect and remove the snap from the repo; then add it back (the new one) and autoconnect but we don't restore connection that were made explicitly11:38
zyganiemeyer: and perhaps auto-connect should not reconenct something that was disconnected by the user11:38
zyganiemeyer: that's all for setup (plus tests)11:38
zyganiemeyer: for remove AFAIR we don't remove the connection from the state (+ tests)11:39
zyganiemeyer: I feel I can do those very quickly with the testing helpers I now have11:39
niemeyerzyga: Sounds good.. quite a few items there.. best to do those piecemeal11:40
zygayep, that's my plan!11:40
niemeyerzyga: For autoconnect,11:40
niemeyerzyga: Indeed we shouldn't reconnect.. it's easy to do that by, before disconnecting the former snap, obtaining a list of all the interface which are automatic but not established11:41
niemeyerzyga: Then, use that as a blacklist when reconnecting11:41
zyganiemeyer: mmm, yep, that sounds doable11:41
niemeyerzyga: Also an easy fix after it's all working11:42
zygayep11:42
=== devil is now known as Guest8551
=== Guest8551 is now known as devil_
zyganiemeyer: I have setup-snap-security, how about we land https://github.com/ubuntu-core/snappy/pull/94812:15
kyrofaGood morning12:36
zygakyrofa: hey12:37
kyrofaHey zyga :) . How are things going?12:38
zygakyrofa: irc/telegram is flaky today12:38
zygakyrofa: almost all interface features are implemented, just last few bits and I'm happy12:38
kyrofazyga, excellent!12:38
kyrofazyga, we're releasing snapcraft with that interface change pretty quick (if not already done)12:39
zygakyrofa: sounds like a good day :)12:39
kyrofazyga, indeed!12:43
sergiusens_kyrofa, zyga it just passed adt, so it is making its way out of proposed12:43
kyrofasergiusens_, morning! Thanks for the update :)12:44
zygasergiusens: great news12:44
zyganiemeyer, mvo: what is the release plan for today?12:44
sergiusenskyrofa yeah, and I just built shout irc and running it in the snappy dimmension :-)12:44
sergiusenschatting from a browser now :-)12:45
kyrofasergiusens, nice-- so the network interfaces are working now?12:45
mvozyga: definitely12:46
mvozyga: a release12:46
mvozyga: later today, evening most likely. anything I should wait for?12:46
zygamvo: I should be done with essentials in < 1 hour (all implemented, pending review)12:47
zygamvo: I'll do more apparmor work and I'll try to get developer mode in12:47
ogra_sergiusens, hah, now install my ircproxy snap and chain them :P (wont work, fully relies on snappy config :/ )12:47
zyganiemeyer: all done on https://github.com/ubuntu-core/snappy/pull/94812:48
mvozyga: sounds great12:48
sergiusenskyrofa seems so12:48
sergiusensogra_ I want to install shout on some server somewhere eventually (but I need to solve https without snappy config)12:49
zygawith developer mode we could at least install some desktop snaps in devel mode and see what's missing to get them fully confined12:49
ogra_sergiusens, yeah, it is rather awful to lose snappy config :/ ... only one of my packages doesnt use it12:49
kyrofaogra_, yeah when I saw that email I immediately thought of you12:50
* ogra_ hopes it will be back soon12:50
mvozyga: yes12:50
sergiusenskyrofa so now more cleanups ahead12:53
kyrofasergiusens, the example tests still fail-- have you tried shout on snappy instead of snappy dimension recently?12:53
sergiusenskyrofa we need a new `ubuntu-core` for that13:02
kyrofaAh, okay gotcha13:02
zyganiemeyer: https://github.com/ubuntu-core/snappy/pull/948/commits/bf0ce588cace658bd20a09850a453e2ef973911e13:02
zyganiemeyer: https://github.com/ubuntu-core/snappy/pull/948/commits/ec305bef724e84519150160265ecdcbe3e3240ab13:06
zyganiemeyer: both done  (perhaps stale browser diff?)13:06
=== mariogrip_ is now known as mariogrip
zyganiemeyer: ^^ I don't know if you saw those two commits above13:41
zyganiemeyer: is that what you meant earlier or is something missing still?13:41
niemeyerzyga: Did you get my comments in Telegram?13:42
niemeyerzyga: Or are you still having connectivity issues/13:42
niemeyer?13:42
zyganiemeyer: no13:42
zyganiemeyer: apparently so13:42
niemeyerGustavo Niemeyer, [14.04.16 09:56]13:42
niemeyer@zyga_pl We don't have any logic at all that does per snap backends, I believe, and it doesn't even sound like a great idea13:43
niemeyerGustavo Niemeyer, [14.04.16 09:56]13:43
niemeyer@zyga_pl The boilerplate being added everywhere as a side effect is unnecessary13:43
niemeyerGustavo Niemeyer, [14.04.16 09:57]13:43
nothalniemeyer: No such command!13:43
nothalniemeyer: No such command!13:43
niemeyer@zyga_pl So securityBackends can actually be simply []interfaces.SecurityBackend, no function calls13:43
nothalniemeyer: No such command!13:43
niemeyernothal: shh!13:43
ogra_poor bot :)13:43
zyganiemeyer: ahh13:43
=== beuno_ is now known as beuno
zyganiemeyer: you are right, this will be killed with old-security13:43
niemeyerzyga: The comments described that13:43
niemeyerzyga: Even with code :)13:43
zyganiemeyer: if you want I can do it right now13:44
niemeyerzyga: Yeah, I think it'd be useful13:44
niemeyerzyga: As I see it growing legs elsewhere13:44
zyganiemeyer: it is one of the places that still had connection to old-security having special needs13:44
zygaone moment13:44
dakerogra_: thanks i will test that13:45
zyganiemeyer: pushed13:48
sergiusenszyga jdstrand hey, would it be sensible to allow something like $EDITOR?13:55
zygasergiusens: what do you mean?13:55
zygasergiusens: for a snap to run $EDITOR?13:55
sergiusenszyga shout has this facility where it you can do `shout config` which just runs `$EDITOR <path-to-config>` which is sort of nice given snap directories13:56
zygahmmm13:57
jdstrandthat isn't going to work great13:57
zygasergiusens: we cannot expand $EDITOR that the user has13:57
zygasergiusens: we'd have to whitellist a range of editors but that would never work reliably13:57
jdstrandcause EDITORs write all over the place13:57
* jdstrand agress with zyga 13:57
sergiusensjdstrand right, so my solution is to provide a minimal editor in my snap and set $EDITOR up to use that, right?13:58
jdstrandthat is why we don't allow it now13:58
zygasergiusens: it could be done with an editor interface13:58
jdstrandsergiusens: sure, you could do that13:58
zygasergiusens: not sure if the UX for that would be good though13:58
jdstrandsergiusens: you then can configure the editor to point at whatever files are in your snap/writable by your snap13:58
sergiusenszyga and editor interface (or a vim.tiny or nano one) which only allows read/write to SNAP_<dirs> if possible would be great13:59
jdstrandI did something like that for a personal snap of mine13:59
jdstrandI shipped vim and setup all the various .vimrc, etc to look in the right places13:59
zygasergiusens: then the OS snap would create a range of slots of type 'editor' and you could pick the one that gets to run but without hooks that'd still suck13:59
jdstrandwell13:59
jdstrandthat interface would require support from the os snap14:00
sergiusensjdstrand ok, sounds good, I'm going to see if I can find something more light weight and less dep heavy14:00
sergiusensyeah, longer term, it would be nice to think of something for this, I don't mind today14:00
jdstrandie, if nano and vim.tiny, then we'd have to ship nano and vim.tiny in the os that worked under the confinement provided by the interface14:00
jdstrandI guess the snap could ship its own nano or vim.tiny14:01
jdstrandbut then what good is the interface. just set your editor to work in your writable areas14:01
=== sergiusens74 is now known as sergiusens
zygamvo: around?14:22
zygaI need a 2nd +1 on https://github.com/ubuntu-core/snappy/pull/94814:22
sborovkovHi. How do I debug application in the snap? Do I have to bundle gdb-server with snap, and run it instead of application? Or is there some simpler way?14:26
jdstranddholbach: I'm making some updates to https://docs.google.com/spreadsheets/d/1xBHxFwBNk3HjomnxzOjrohy-E3eyjAGX8ZLvXPqOG84/edit#gid=014:34
dholbachthanks a lot jdstrand!14:37
jdstranddholbach: I see a lot of old-security in the snap-playpen, so fixing that as I come across it14:37
zygajdstrand: I have 90% of security side of interfaces implemented; should be released today14:38
dholbachjdstrand, thanks... most of the contents of the branch is old... it's from last week!14:38
zygajdstrand: I'll try to get developer mode as well14:38
dholbachdpm, ^14:38
zygajdstrand: can you quickly review https://github.com/ubuntu-core/snappy/pull/93314:39
zygajdstrand: (trivial)14:39
dpmawesome, thanks jdstrand!14:39
zygajdstrand: without old-security I'd like to simplify that futher still but this needs to land first14:39
halflinehey i have some questions about snappy if anyone is game !  1) it's like a container system for applications right?  2) is the underlying technology different for server apps and desktop apps, or is it all the same under the hood?14:39
=== stgraber_ is now known as stgraber
ysionneausergiusens: hi! sorry to bother you with this again but any idea on my ubuntu-device-flash issue I posted on the mailing list?14:39
zygahalfline: 2) same thing 1) not exactly (we don't use most namespaces AFAIR)14:40
halflinezyga: and how does it relate to docker? similar technology but different implementation ?14:43
zygahalfline: it has the same perception; we don't put apps in a container14:43
zygahalfline: we use apparmor and seccomp to sandbox them14:43
halflinezyga: ah okay thanks14:43
zygahalfline: we use some namespaces but just for confinement14:44
halflinebut not a chroot14:44
jdstrandhalfline: the reason why is we want snaps to be more integrated into the system (but in controlled ways) than a docker or lxd container. note that docker and lxd work great on snappy if you like those technologies14:45
jdstrandwe do not use a file namespace-- apparmor handles that14:45
halflinejdstrand: gotcha ! thanks much14:46
* zyga will start collecting FAQs14:46
zygajdstrand: can I also remove (harcode) /snap as INSTALL_DIR or is that used by any of the include files?14:55
jdstrandzyga: INSTALL_DIR is used by policy. I suggest not removing it unless you want to update the policy files to sub in a go variable. I don't think there is any benefit to doing that work14:57
zygajdstrand: right, I remember something like that being mentioned, fine with me14:57
zygajdstrand: can I at least drop /gadget from it?14:57
jdstrandzyga: if /gadget no longer exists14:58
zyganiemeyer: ^^ opinion on keeping /gadget in the policy as a place where snaps can be installed? (I think it's not needed but I'd like to check)14:58
jdstrandI don't know the status of what gadgets are doing14:58
zygajdstrand: https://github.com/ubuntu-core/snappy/pull/95514:59
zygajdstrand: (without any changes to INSTALL_DIR)14:59
jdstrandzyga: btw, autoconnect is working nice in 1.9.214:59
sergiusenskyrofa https://github.com/ubuntu-core/snapcraft/pull/45114:59
zygajdstrand: cool!14:59
niemeyerzyga: Huh14:59
niemeyerzyga: What's /gadget?14:59
zyganiemeyer: it's a directory where snaps can be installed to according to the apparmor template15:00
zyganiemeyer: it feels like some really old leftover15:00
jdstrandin days past, gadget snaps were installed in /gadget15:01
jdstrandaiui15:01
jdstrandif all snaps are in /snap, then fine to remove /gadget15:01
* jdstrand just didn't know the status of gadget snaps15:01
* zyga has huge lag on internal IRC15:04
Gunther_Could somebody provide me with a snapcraft.yaml for a standard xenial kernel (amd64)? Mine is currently stuck after grub with "grep: /proc/device-tree/model: No such file or directory"15:06
noizerHi, is there any news over the new stable version?15:08
noizerOr will it be next week the release?15:10
niemeyerzyga, jdstrand: Yeah, let's kill it15:10
zyganiemeyer: ack, will do15:11
=== chihchun is now known as chihchun_afk
ogra_noizer, snappy images will happen later15:11
niemeyerfgimenez, elopio: Any news about the int tests?15:11
niemeyerFileNotFoundError: [Errno 2] No such file or directory: '/home/jenkins-slave/workspace/github-snappy-integration-tests-cloud/jenkins-github-snappy-integration-tests-cloud-1676/output/artifacts/results.subunit'15:12
ogra_noizer, all focus for the 16.04 release is to make snaps fully work on desktop and server ... then the focus turns back to images15:12
fgimenezniemeyer, yep, they are currently broken because of scalingstack failures, IS is already looking into it15:12
niemeyerfgimenez: Super, thank you15:13
noizerogra_: Ok15:13
fgimenezniemeyer, yw, i'll ping you when ready15:14
niemeyerfgimenez: Appreciated, thanks!15:14
noizerogra_: Wil the image be ready this month for the raspberry pi 3?15:15
zyganiemeyer: while we wait for unit tests to pass on the other branch: https://github.com/ubuntu-core/snappy/pull/955/files15:15
Gunther_Other question: I installed a defect kernel.snap. The system boot fails, but grub successfully returns to the last kernel. When I try to remove the defect kernel snap, I get "snappy package cannot be removed"15:15
zyganiemeyer: this is just removal of old security and changes to internal-only apparmor variables to make more sense15:15
ogra_noizer, no promises ... but yeah, pi3 is on my prio list15:15
ogra_it will definitely be ready by snappy release15:16
noizerOk15:16
zyganiemeyer: and (more importantl actually) we can now look at this :-) https://github.com/ubuntu-core/snappy/pull/950/files15:16
noizerogra_: Will libsnaps be available in the stable release?15:18
ogra_libsnaps ?15:19
sergiusensogra_to compress ;-)15:21
zyganiemeyer: https://github.com/ubuntu-core/snappy/pull/95815:23
noizerogra_: I though i heard about a snap where you can put all your libraries in and that your snaps can uses this libraries15:25
sergiusensChipaca do you have your branch handy where you worked on the store api changes? I need to do the same15:25
ogra_noizer, you mean snapcraft ?15:26
noizerogra_: nono :p Ok I imagined it. So maybe a good thing to add later on. So that maybe make an other type of snap. the meaning of this snap can be a Library snap so that an other snap can use this library. this can be as an advantage that the developer dont need to download always the library thats he needed when he making different snaps15:28
zyganoizer: that will be done wtih interfaces15:29
zyganoizer: but it's not supported yet15:29
ogra_noizer, oh, that ... i think thats already possible ... but only for your own snaps15:29
ogra_ah ... zyga is surely more up to date here :)15:29
zyganoizer: we will probably prototype that with the SDK runtime15:30
zyganoizer: I don't know now15:30
edsiperhi, where are the Snappy images for the Dragonboard 410c ?15:30
zygaedsiper: you can use https://github.com/zyga/devtools but I don't think we guarantee that they work this week15:30
noizerzyga: ogra_ Will there be later on in the development of snappy.  be possible to share it with other users that develops snaps?15:30
elopiofgimenez: I'm following the discussion in #ubuntu-on-air. It's interesting.15:31
zyganoizer: perhaps not, use snapcraft for that, we don't want to get into deb dependency15:31
ogra_yeah, very unlikely15:31
noizerzyga ogra_ ok thx for the information.15:32
noizerogra_: zyga I needed this information because i have tomorrow a meeting with Maarten Ectors. Do you know him?15:33
ogra_not personally ... but yeah15:34
zyganoizer: sorry, I'm busy now I cannot help you; we're working on the release still15:34
noizerogra_: zyga Ok keep up the good work!15:35
almejoI guys. :D I have a technical question. I develop an app for desktop. This app is started from the browser when the user clicks a button. For this I developed a plugin in c++ to start my app. I can not use firefox addons becouse it needs zero interaction of the user. My question is: can I bundle a Firefox plugin and a Gui App in a single snap package? Can firefox plugins be bundled in a snap?15:46
edsiperzyga, ok, thanks15:48
zygaalmejo: this was just answered by beuno in ubuntu-on-air15:48
almejoyes.. I was writing here just when he was talking and lost half of the answer :(...15:49
almejothanks guys for your time15:49
dholbachsergiusens, Running snapcraft for one package seems to fail because of apt issues (404, or some less secure hashes, etc.), when I try 'snapcraft cleanbuild' I get: http://paste.ubuntu.com/15832645/15:51
dholbachI guess I'm doing something wrong, I ran 'sudo lxd init' and lxd is working for autopkgtest stuff for me15:51
dholbachor kyrofa ^ :)15:53
* kyrofa jolts awake15:53
sergiusensdholbach I need to see what broke since the latest lxd release and why this stopped working15:54
sergiusensdholbach I think I am creating instance names that are too long15:55
sergiusensdholbach about the 404; check your sources lists or run with `--enable-geoip`15:56
kyrofadholbach, yeah can you use apt okay?15:56
dholbachsergiusens, I think it's because of PPAs and stuff like that15:56
jdstranddholbach, davidcalle, popey, mhall119: fyi, I went through a bunch of the apps in https://docs.google.com/spreadsheets/d/1xBHxFwBNk3HjomnxzOjrohy-E3eyjAGX8ZLvXPqOG84/edit#gid=0 and updated the bzr trees for snapcraft.yaml for various things of yours15:57
jdstranddholbach, davidcalle, popey, mhall119: and I updated the notes and pastebins when things were different15:58
dholbachjdstrand, wow wow wow!15:58
dholbachthanks a lot15:58
dholbachsergiusens, with enable-geoip it now works15:58
zygajdstrand: https://github.com/ubuntu-core/snappy/pull/96216:00
zygajdstrand: simplified version of earlier approach16:00
popeyjdstrand: thanks16:01
sergiusensdholbach that means that one of your apt sources is not in perfect condition wrt gpg keys ;-)16:02
dholbachok16:03
morphisjdstrand, zyga: I am currently trying to get the network-manager snap back working and also create a itnerface definiton for it, however I see the small bash script we have in fron of starting the actual daemon causing a segfault16:05
zyganiemeyer, mvo: I have all the essentials and I can now work on developer mode CLI or on respecting disconnect when looking at auto-connection16:05
morphisjdstrand, zyga: https://paste.ubuntu.com/15833025/16:05
zygamorphis: looking16:05
sergiusensjdstrand mind looking at https://myapps.developer.ubuntu.com/dev/click-apps/3989/rev/6/16:05
morphisjdstrand, zyga: I am wondering if that is due to not having any confinement in place16:05
zygamorphis: BTW, can you look at the bluez template and update it to match changes made here: https://github.com/ubuntu-core/snappy/pull/95516:06
morphisssweeny: ^^16:06
zygamorphis: [    7.637370] audit: type=1400 audit(1460649837.912:8): apparmor="STATUS" operation="profile_load" profile="unconfined" name="network-manager.sideload_nmcli_LWMlnkcXLVbp" pid=711 comm="apparmor_parser" ?? how did it get unconfined16:06
zygamorphis: how are you testing this?16:07
zygamorphis: with 1.9.2?16:07
morphiszyga: 1.9.2?16:07
ssweenyzyga, morphis I'll take a look after my current meeting16:07
zygawhich version of snappy16:07
zygassweeny: thanks16:07
morphiszyga: where do I find the version?16:07
zygamorphis: can you try with master now? it has connect/disconnect support16:07
zygamorphis: if dpkg then it's too old16:07
zygamorphis: until we release again16:07
jdstrandsergiusens: that's a funky snap name16:09
zygamorphis: you may want to merge in a few branches:16:09
morphiszyga: mazon.de16:09
sergiusensjdstrand shout? :-)16:09
morphisnarf16:09
morphiszyga: https://git.launchpad.net/~morphis/+git/nm-snap/tree/ is what I use16:09
jdstrandDownload: ts3xPzy5QRvFDfdApSp1SPRIsqQGQbok_6.snap16:09
morphiszyga: I suspect the old-security stuff doesn't work anymore16:09
jdstrandsergiusens: approved16:09
ogra_jdstrand, i see that everywhere now16:09
zygamorphis: no, I mean, latest version of snappy itself16:09
zygamorphis: correct, you need to make an interface now16:10
morphiszyga: ok16:10
zygamorphis: old-security is officially dead16:10
morphisok16:10
morphiszyga: so where do I find the snappy version?16:10
morphissnappy --version doesn't exist16:10
jdstrandzyga: in a call and then an appt. will review 962 after16:10
zygamorphis: if it is installed from dpkg/apt then it is probably too old16:10
zygamorphis: you have to build from source or wait for today's release16:11
zygajdstrand: thanks16:11
morphiszyga: no, running a kvm x86 instance here with an image created by u-d-f16:11
zygamorphis: hmm, then use my devtools to put more recent snappy inside16:11
morphiszyga: can you give me the link again?16:11
zygamorphis: that should at least eliminate issues related to snappy being out of date16:11
zygamorphis: sure, github.com/zyga/devtools16:12
zygamorphis: look at refresh-bits --help16:12
zygamorphis: note that this assumes you can built snappy with "go build" (gopath set, deps pulled, etc)16:12
morphisI see16:12
sergiusensjdstrand ty; btw the checks say "valid click package"; is that known?16:12
zygamorphis: if you want to track bleeding edge that helps16:12
zygamorphis: if you want more stability then wait one more day but this would let you develop the interface right now so I think it is useful16:13
niemeyerzyga: devmode would be my vote16:13
morphiszyga: absolutely16:14
niemeyerzyga: Hmm16:14
zyganiemeyer: I'm already on it16:14
morphislet me get started with this16:14
niemeyerzyga: Cool16:14
Chipacasergiusens: yes, 1 sec16:14
jdstrandsergiusens: that is a store thing. beuno, see sergiusens question ^16:14
Chipacasergiusens: it's not a pretty branch16:14
sergiusensChipaca thanks, my os.snap download logic broke in snapcraft :-)16:14
sergiusensChipaca there is no such thing as useful and pretty code ;-)16:15
Chipacasergiusens: https://github.com/ubuntu-core/snappy/pull/92816:15
sergiusensdholbach my suspicion is you installed the bluejeans deb ;-)16:15
sergiusensChipaca ty!16:16
dholbachsergiusens, I didn't16:16
beunojdstrand, sergiusens, hm16:16
Chipacasergiusens: I mean, it's not at all clear from looking at the branch what is the important change and what is dross16:17
josephtMikaela: nmap 7.12SVN-0.4 should fix your issue16:17
beunoroadmr, hi!16:17
roadmrhey :)16:17
jdstrandbeuno: fyi: https://myapps.developer.ubuntu.com/dev/click-apps/3989/rev/6/16:17
beuno12:12 < sergiusens> jdstrand ty; btw the checks say "valid click package"; is that known?16:17
beuno12:14 < jdstrand> sergiusens: that is a store thing. beuno, see sergiusens question ^16:17
jdstrandbeuno: under '3 passes': OK Is a valid click package16:17
beunoroadmr, seems our code has "click" hardcoded there16:17
roadmrbeuno: let me check the strings16:18
beunothanks roadmr16:18
Mikaelajosepht: stupid question, but how do I update?16:18
beunoUnexpected output from click-review. click-review16:18
beunoalso, maybe we should rename that  :)16:18
josephtMikaela: for me it was 'snap refresh --channel edge nmap'16:18
roadmrbeuno: they do, yes.16:18
Mikaelajosepht: thanks, I will check soon16:18
beunoroadmr, can you queue that up, without panicking anyone?  :)16:19
zygaroadmr: hey, long time no see, how are you16:19
roadmrbeuno: so should it say it's a valid $TYPE package, where $TYPE in ['click', 'snap'] ?16:19
roadmrzyga: hey!16:19
Chipacasergiusens: if I had to sum it up in a single line diff, it'd be:16:20
Chipaca -   curl -s -H "accept: application/hal+json" -H "X-Ubuntu-Release: 15.04-core" https://search.apps.ubuntu.com/api/v1/package/8nzc1x4iim2xj1g2ul64.chipaca16:20
Chipaca +curl -s -H "accept: application/hal+json" -H "X-Ubuntu-Release: rolling-core" -H "X-Ubuntu-Device-Channel: edge" 'https://search.apps.ubuntu.com/api/v1/search?q=package_name:"8nzc1x4iim2xj1g2ul64"'16:20
Chipacasergiusens: oops, add a /edge after the .chipaca in the - line16:20
sergiusensChipaca so search 15.04 first? or was that a typo?16:21
Chipacasergiusens: in 15.04, do that; in 16, do this16:21
Chipacasergiusens: s/rolling-core/16-core/ if you wish :-)16:21
Chipacasergiusens: basically we never hit the details uri, now; just do an exact search by name16:22
Chipacasergiusens: then shout if you get anything other than 1 package in the results16:22
Chipacasergiusens: and where you used to be able to specify channel in the query, now it goes in a header16:23
sergiusensChipaca but package_name looks like a hash in that example :-P16:23
sergiusensack on channel16:23
Chipacasergiusens: don't diss the famous 8nzc1x4iim2xj1g2ul64.16:23
sergiusensoh, right!16:24
Chipaca:-)16:24
zyganiemeyer, Chipaca: the API for side-loading snaps just shoves the snap across the connection, is there a way to pass developer mode flag there? multipart? different endpoints?)16:24
Chipacazyga: it already passes other flagas16:24
Chipacaflags*16:24
zygaChipaca: oh? Where?16:24
Chipacazyga: two different ways :-)16:25
Chipacazyga: give me a mo'16:25
zygaChipaca: I'm looking at client.InstallSnapFile16:25
zygaChipaca: shall I use headers for that?16:25
Chipacazyga: https://github.com/ubuntu-core/snappy/blob/master/daemon/api.go#L76416:25
Chipacazyga: ah, look at daemon.sideloadSnap16:25
Chipacazyga: the flags might not be exposed to the client16:26
Chipacazyga: there are two ways of side-loading a snap, and only one of them is "just shoving it across" :-)16:26
niemeyerzyga: We'll probably want to distinguish between discard-snap-conns and disable-snap-security16:26
Chipacazyga: the other involves following an rfc :-D16:26
* niemeyer looks at some more code16:26
sergiusensChipaca I don't see a download_url when I run curl -s -H "accept: application/hal+json" -H "X-Ubuntu-Release: rolling-core" -H "X-Ubuntu-Device-Channel: edge" 'https://search.apps.ubuntu.com/api/v1/search?q=package_name:"ubuntu-core"'16:27
zygaChipaca: client is just pushing one across, how should I pass a flag there? header?16:28
zygaChipaca: it seems that current client doesn't use multipart16:28
sergiusensChipaca I do if I follow the href in there though16:28
zyganiemeyer: what do you mean by discard-snap-conns?16:28
Chipacasergiusens: ah16:28
Chipacasergiusens: you'll need to specify all the fields you want16:28
niemeyerzyga: Please finish your conversation with Chipaca first.. we'll need some focused attention on this16:28
zygaok16:29
nessitasergiusens, you can request specific fields, with: https://search.apps.ubuntu.com/api/v1/search?q=package_name:"ubuntu-core"&fields=package_name,download_url,binary_size16:29
Chipacasergiusens: we have to do some fun things with reflect, but from python it's probably just "".join($type.__dict__.keys()) :-p16:29
nessitaetc16:29
sergiusensnessita do we still have an anon download url for ubuntu-core? or can we download using download_url without a login?16:30
Chipacazyga: https://github.com/ubuntu-core/snappy/blob/master/docs/rest.md#input16:30
Chipacazyga: headers16:30
zygaChipaca: thanks!16:30
nessitasergiusens, we still have the anon url, but that will be removed soon for new snaps, all downloads needs to be authenticated16:30
nessitasergiusens, so yes, we still have the anon url, but hopefully no code relies on that16:31
sergiusensnessita even ubuntu-core? I thought beuno said the os snap would not require a login16:31
Chipacanessita: that's not right16:31
Chipacai think?16:31
Chipacanessita: or your definition of "soon" is more generous than mine :-D16:31
nessitaChipaca, tell me more16:31
nessitaChipaca, soon == as soon as matiasb work lands?16:32
Chipacanessita: any snaps that come with the system need to be updated with just the system's creds, which does not (yet) count as authenticated16:32
Chipacanessita: because if nobody has authenticated, we still want to update whatever is on there16:32
nessitaChipaca, yes, there is a hand waving in there; we expect this to be the minimal amount of cases16:33
Chipacaright16:33
sergiusensright, things in the model assertion shouldn't require auth16:33
Chipacasergiusens: well, the model assertion should count as auth maybe :-)16:33
Chipaca*handwaving intensifies*16:33
nessitasergiusens, "the final plan" assumes there will be a device authentication in all cases16:33
Chipacanessita: but it being minimal does not mean we should delete the code that does it :-D16:33
Chipacaunitl device authentication is a thing16:34
Chipacauntil*16:34
nessitaand user authentication for most cases16:34
nessitaChipaca, yes, agreed, and I understand you are being so explicit due to recent events, and I thank that16:34
Chipacanessita: no, it's just me being my usual ornery self16:34
niemeyerChipaca: It'd probably be nicer to offer a consistent JSON document either as the header or as one of the parameters..16:34
niemeyerChipaca: So we can have a parameter in the InstallSnap(File)..16:35
nessitaChipaca, removal of anon, if any, will be announced and coordinated. What I was trying to warm sergiusens is not to rely on that for the common case (as a concept)16:35
niemeyerChipaca: (which is consistent with everything else..)16:35
niemeyerNot sure if I can get to that today..16:35
Chipacasergiusens: nessita: https://github.com/ubuntu-core/snappy/blob/master/store/snap_remote_repo.go#L39016:36
Chipacasergiusens: nessita: that's what snap is doing today16:36
Chipacaniemeyer: sorry, i'm tracking n+1 conversations, where n is the number i can track16:36
Chipacaniemeyer: what was this about? sideloading?16:37
niemeyerChipaca: Sorry, yeah..16:38
Chipacaniemeyer: sending json as a header sounds like a bad idea16:38
niemeyerChipaca: The form, feels a bit off from everything else16:38
niemeyer(in the API)16:38
Chipacaniemeyer: it's the only method that isn't json, because sending binary in json would be zany16:39
niemeyerChipaca: Well, the multipart seems fine and elegant16:39
nessitaChipaca, where/who shall I contact about a few comments on that code?16:39
nessitaI see some issues but would not like to increase to n+2 your current conversations16:39
ogra_nessita, ho would i do a port to a new SoC if i cant obtain the ubuntu-core snap unauthenticated ?16:39
Chipacanessita: matiasb might already have code that changes that i pointed at16:40
Chipacanessita: maybe start there16:40
nessitaogra_, hi! what is a SoC?16:40
Chipacanessita: s/that i pointed/what i pointed/16:40
* ogra_ thinks the os snap should be excluded from auth reqs. 16:40
asacogra_: how does the overlay dtb feature work on pi2?16:40
ogra_nessita, a new "board"16:40
asacwe put the dtbs in the /boot/ dir and then it automatically picks it up?16:40
niemeyernessita: System on Chip, Summer of Code, Something of Curiosity16:40
ogra_asac, you need to extract the tarball in /boot16:40
ogra_asac, err /boot/uboot16:40
ogra_asac, then you can define it in config.txt16:41
nessitaogra_, so there are (will be) 2 levels of authentication: device and user. The former will be (when available) mandatory for all opertaions16:41
ogra_nessita, the point is that for bringing up new hardware i need to be able to freely create my gadget and kernel snaps and combine them with the os snap ... for that i somehow need to get the os snap16:41
niemeyerzyga: Some comments on 958, including a high-priority one16:42
asacogra_: how do we define that in config.txt?16:42
nessitaogra_, for anything that is not check for updates for existing snaps (and download those) user authentication will be required16:42
asaccant see a field with list of dtbs16:42
nessitaogra_, I understand there is a factory process that solves this, but not 100% familiar with the details16:42
ogra_asac, https://www.raspberrypi.org/documentation/configuration/config-txt.md16:43
nessitaogra_, as in, the board will be shipped with an initial snap that will be updateable with device auth only16:43
ogra_asac, or rather https://www.raspberrypi.org/documentation/configuration/device-tree.md16:43
ogra_nessita, as some home guy who wants to get his favourite board supported i wont use some factory process16:44
ogra_there needs to be some community friendly process16:44
zyganiemeyer: looking16:44
Chipacaogra_: "factory process" does not mean for a factory16:45
Chipacaogra_: necessarily16:45
Chipacaogra_: and all these steps need to be fleshed out still16:45
ogra_Chipaca, yeah, i got catched by the buzzword :)16:45
niemeyerzyga: Is 955 ready for merging? It looks good, but was it tested for real?16:45
niemeyerzyga: Lots changing on the core template there16:45
ogra_Chipaca, sounds like a sprint topic :)16:45
nessitaogra_, I don't have the fine details for that use case, (nor sure anyone has)16:45
Chipacaogra_: yeap16:45
ogra_nessita, well, that usecase is my everyday job ;)16:46
Chipacaogra_: also, you might be interested in chasing up on "embryonic state", if my memory serves16:46
niemeyerWhy do we not have integration tests for 955?16:46
zyganiemeyer: I thin 955 is okay, bulk of the changes are automatic16:46
zyganiemeyer: I'll give it a round of real testing with and without developer mode and if anything is off we can still correct that today16:46
niemeyerzyga: Okay, I'll merge because integration test infrastructure is on holiday today, but please verify that in practice so mvo doesn't pack something broken16:47
zyganiemeyer: understood16:47
=== chihchun_afk is now known as chihchun
zyganiemeyer: https://github.com/ubuntu-core/snappy/pull/958#discussion_r5975235016:56
zyganiemeyer: I just want to clarify if I understand the proposed tasks correctly16:56
dpmjdstrand, thanks a lot for looking into this! Would you mind expanding on "the other issues are due to packaging"? On bug 1570435, that is16:59
ubottubug 1570435 in Snappy Desktop Examples "Desktop example ubuntu-clock-app is broken" [Undecided,New] https://launchpad.net/bugs/157043516:59
* zyga wonders what is the difference between os snap and core snap16:59
ogra_is there one ?=17:00
sergiusensChipaca nessita I get 401s when trying to download17:02
Chipacasergiusens: you're doing it wrong then :-)17:03
* sergiusens ponders just downloading from cdimage17:03
ogra_sergiusens, i'd do that17:03
Chipacasergiusens: what're you trying to download? (or how?)17:03
ogra_Chipaca, ubuntu-core17:04
ogra_the os snap17:04
niemeyerzyga: See reply17:04
Chipacaogra_: ok; from where?17:04
Chipacasergiusens: ?17:05
ogra_srote vs http://cdimage.ubuntu.com/ubuntu-core/daily-preinstalled/current/17:05
ogra_*store17:05
Chipacaright17:05
Chipacathat's what i'm wanting to know17:05
ogra_cdimage is indeed a little newer17:05
Chipacathat thing that's on the right of the vs? is a url17:05
Chipacai want that, for the left of the vs17:05
ogra_http://cdimage.ubuntu.com/ubuntu-core/daily-preinstalled/current/ vs store17:06
ogra_better ?17:06
ogra_:)17:06
Chipacaogra_: I'm going to send you a weaponized emoji17:06
Chipacaogra_: :-D17:06
ogra_lol ... you telegram kiddos ... so spoiled17:06
sergiusensChipaca https://github.com/ubuntu-core/snapcraft/pull/45217:06
Chipacasergiusens: you're using download_url without being authenticated17:07
nessitasergiusens, what URL is giving you 401?17:07
Chipacanessita: download_url :-)17:07
* ogra_ notes how good it feels to have everyone back in one place :) (sad that telegram will work again at some point and yall will be gone again *sniff*)17:07
nessitaChipaca, great answer17:07
sergiusensChipaca I am authenticated17:07
Chipacasergiusens: get anon_download_url as well, and/or do the dance17:07
Chipacasergiusens: no you're not :-p17:07
sergiusensnessita I am authenticated17:07
nessitasergiusens, then your credentials are likely incorrect/expired17:08
sergiusensChipaca I just uploaded a snap17:08
sergiusensnessita ^17:08
nessitasergiusens, are you using staging or prod?17:08
sergiusensprod17:08
ogra_sergiusens, the question is ... did your money transfer arrive yet17:08
sergiusensright17:08
nessitasergiusens, what package did you upload?17:08
sergiusensshout17:08
sergiusens30 minutes or so ago17:09
nessitanoise][, can you confirm CUD is working fine in prod for authenticated snap downloads?17:09
nessitasergiusens, checking17:09
Chipacasergiusens: what revision?17:09
zyganiemeyer: read and replied; I don't know what should happen right now;17:09
Chipacasergiusens: anyway, nessita and you can figure it out17:09
Chipacai've got to start thinking about dinner17:10
niemeyerzyga: The problem is actually rather simple, I think17:10
noise][nessita: should be, but lemme double check17:10
niemeyerzyga: We can have multiple snaps with the same name but different revisions installed in the system at any one point17:10
zyganiemeyer: yep, agreed17:11
niemeyerzyga: When a user sets up connections for a given snap, the natural expectation I think is that it will last for the duration of that snap being in the system17:11
nessitasergiusens, any chance you can print your request with the url and headers?17:11
noise][nessita: looks good from what I can tell. Note that download-snap will redirect17:11
nessitanoise][, yes, but sergiusens says he got a 40117:12
niemeyerzyga: Imagine you've just installed firefox 2 and 1 is still installed.. if we remove firefox 1 for whatever reason, should we kill the connections for firefox altogether, despite the fact that firefox 2 is not only available but active (!)?17:12
zyganiemeyer: yes, that I agree with; what I don't know what to do about is the fact that don't keep multiple profiles (per revision) so remove-snap-security task is not scoped correctly (neither is setup-snap-security)17:12
nessitasergiusens, you 100% is a 401 and not a 302?17:12
sergiusensnessita no I am not fwiw17:12
sergiusensI'm not familiar with this api pindonga used17:12
niemeyerzyga: We don't need multiple profiles per revision. that would also be awkward..17:13
sergiusensanon download url seems to work fine17:13
niemeyerzyga: Imagine you ask to drop a connection for firefox 2.. and then for whatever reason in two weeks decide to use firefox 1 again17:13
nessitasergiusens, I was referring to the download request; is that something that pindonga did as well?17:13
niemeyerzyga: I switched the revision, not my authorization17:13
niemeyerzyga: I'd not expect interface connections to be magically given back to the snap because I rolled back17:13
sergiusensnessita I did the download request, it is in the branch I shared above17:13
zyganiemeyer: right, I understand this; what I'm saying is that I don't quite understand what the tree tasks you've listed are responsible for17:14
niemeyerzyga: What we need right now is really simple: we need to disentangle the discarding of user-driven connection information from the removal of a particular snap from the system17:14
nessitasergiusens, yes, but I'm asking if you can retry and print the exact url you are hitting and the headers you are passing17:14
niemeyerzyga: Okay, again17:14
nessitasergiusens, not the code, but the specific values you are sendinf17:14
zyganiemeyer: that sounds like interfaces are not a part of that, if you remove a snap that is not the one that's active, security is not affected17:14
niemeyerzyga: setup-profiles.. put the profiles in the system17:14
niemeyerzyga: remove-profiles.. remove profiles from the system for a given snap17:15
noise][nessita: sergiusens: FYI, auth on CUD is still oauth unless i have missed something17:15
niemeyerzyga: discard-conns.. drop connection information for a given snap17:15
zyganiemeyer: okay17:15
zyganiemeyer: how would remove-profiles be used by $ snap install $ snap remove and $ snap refresh?17:15
niemeyerzyga: setup-profiles and remove-profiles will _just_ add and remove profiles to the system17:15
zyganiemeyer: right, I understand what you mean, I'm trying to match that to snap operation17:16
zyga*operations17:16
niemeyerzyga: setup-profiles will also auto-connect, actually, because that's a handy place to do it17:16
niemeyerzyga: I see17:16
sergiusensnessita noise][ ok; fwiw this worked fine 2 days ago17:17
niemeyerzyga: on snapstate.Remove, if len(SnapSetup.Sequence) == 1, add discard-conns to the end of the pipe17:17
* sergiusens blames python17:17
sergiusens;-)17:17
ogra_just use cdimage :P17:18
nessitasergiusens, we can definitely help you more debugging this if you can print the URL you are hitting, the headers you are sending, and the response code you are getting17:18
niemeyerzyga: On discard-conns itself, double-check to ensure len is 1, just in case17:18
niemeyerzyga: Or rather, zero (or no state)17:18
sergiusensnessita yeah, I need to read the docs and figure out how to do that, one sec17:18
niemeyerzyga: Makes sense?17:19
zygare (sorry, IRL interrupt) catching up17:20
nessitasergiusens, thanks!17:20
zyganiemeyer: so I disagree with what you said here:17:20
sergiusensnessita it is indeed a 40117:20
zyganiemeyerzyga: on snapstate.Remove, if len(SnapSetup.Sequence) == 1, add discard-conns to the end of the pipe17:21
sergiusensnessita http://paste.ubuntu.com/15835131/17:21
zyganiemeyer: if you have two versions of firefox and you run remove-snap-security task for a revision you are not using, it will break the one you are using17:21
nessitasergiusens, "GET /download-origin/local/canonical/ubuntu-core.canonic..." is not the store17:21
zyganiemeyer: you said that remove-profiles should just remove the profiles17:22
nessitasergiusens, that is something in snappy code, before the download server is hit (or after, but 401 may be a lie)17:22
zyganiemeyer: but those are global, they are not scoped to a snap revision17:22
zyganiemeyer: so I'm must be missing something or this is not going to do the right thing17:22
zygas/remove-snap-security/remove-profiles/17:22
sergiusensnessita there is no snappy in this code17:23
niemeyerzyga: What does it mean for it to be global?17:23
niemeyerzyga: and about the first quote, that's exactly what I mean! :)17:23
zyganiemeyer: not being scoped to a revision, remove-profiles is really simple, it just looks at the snap name and kills all the profiles of that snap *name*17:23
niemeyerzyga: THat's why we don't want to remove connections there17:23
zyganiemeyer: I think I understand connections now17:24
niemeyerzyga: I see, yes17:24
zyganiemeyer: can you give me a quick example that shows how two revisions of a single snap would interact?17:24
zyganiemeyer: wrt CLI commands and tasks?17:24
niemeyerzyga: But I don't see the disagreement.. remove-profiles just removes profiles for the given snap, okay17:24
nessitasergiusens, ok, let me rephrase: the store does not provide any /download-origin/local/canonical/ API, so that is not the store17:24
niemeyerzyga: We still want that17:24
zyganiemeyer: sure, that's okay :-)17:24
nessitasergiusens, is something else, and once identified, we could use knowing what URL is that hitting, which headers, and what actual return code is getting17:25
niemeyerzyga: Yes, remove-snap-security for firefox when removing firefox.1, drops all connections17:25
zyganiemeyer: if that's good in snapstate then there is no disagreement; I'm just confused as to how having multiple snaps with the sname name (and different revision) really works today17:25
niemeyerzyga: activate firefox.217:25
noise][nessita: that's the redirect in CUD17:25
niemeyerzyga: Where are the connections I set up for it previously?  GONE!17:25
nessitanoise][, oh, now you make me look bad :-D17:25
zygaAHHH17:25
zyganiemeyer: I'm dumb :)17:25
zyganiemeyer: I get it17:26
niemeyerzyga: \o/17:26
niemeyer;)17:26
noise][for CDNs - and currently we redirect to "local", which is /download-origin/… with a token for auth17:26
zyganiemeyer: sorry for taking so much of your time on this, I understand17:26
nessitanoise][, is the signature validated before ther redirect?17:26
zyganiemeyer: I'll make that happen quickly17:26
niemeyerCheers!17:26
noise][nessita: yes, oauth is validated in download-snap, then redirect to download-origin w/that token to allow the actual download17:26
noise][and is working fine for me in my tests17:26
zyganiemeyer: can you look at https://github.com/ubuntu-core/snappy/pull/95017:26
zyganiemeyer: while the topic is still hot17:26
zyganiemeyer: this is reload in setup-snap-security17:27
zyganiemeyer: (see the TODO it removes)17:27
noise][not sure what's different for sergiusens17:27
sergiusensnessita so don't lie to me please ;-) http://paste.ubuntu.com/15835258/17:27
nessitasergiusens, yes, this was my bad, things are changing too fast17:27
nessitasorry17:27
sergiusensdownload_url I get back from the store points to https://public.apps.ubuntu.com/download-snap/canonical/ubuntu-core.canonical/ubuntu-core.canonical_16.04+20160409.16-42_amd64.snap17:27
zyganiemeyer: I think this is okay, no changes (apart from loooooooong test function names) are needed based on the conversation above17:27
sergiusensso I am either missing a header or something else17:28
nessitanoise][, so, how can we debug why sergio is getting a 401?17:28
sergiusenszyga anon download url works fine for downloading the os snap ;-)17:28
zygasergiusens: and the core snap?17:28
zygasergiusens: what's a core snap?17:28
sergiusenszyga that's what I'm trying to get, `ubuntu-core`17:28
zygasergiusens: ubuntu-core is currently an OS snap AFAIR17:29
sergiusensyes17:29
ogra_sergiusens, 16.04+20160409.16-42 ?17:29
ogra_thats ancient17:29
nessitanoise][, can we assume that if download-snap was a 302, the Oauth was a success?17:29
sergiusenszyga don't get confused because people shorten names and use the name half complete and the type interchangeably17:29
beunoso17:29
beunoI know what it is!17:29
sergiusensogra_ it is what the store gives back to me :shrug:17:30
beuno+17:30
nessitaoh, a martin17:30
* ogra_ wonders why sergiusens gets such an old version in return17:30
noise][nessita: correct, so no clue why the subsequent token would be bad17:30
beuno16.04+2016040917:30
beunousing + in URLs messes things up17:30
ogra_16.04+20160414.05-0017:30
beunoit gets urlencoded in some layer, things to match17:30
beunoboom, etc17:30
ogra_thast the current one17:30
ogra_so the search is also returning the wrong thing17:31
beunoI'm looking forward to us switching to revisions for URLs  :)17:31
beunoquick fix, re-upload with a less whacky version17:31
beunoproper fix, we switch to revisions for urls17:31
sergiusensbeuno is there a reason the anon download works and the auth requiring one doesn't?17:32
ogra_the version is generated by cdimage17:32
beunomaybe disallow +'s until we do17:32
noise][aha17:32
beunosergiusens, because oauth17:32
beunoand comparing URLs17:32
beunoand layers17:32
sergiusensoh17:32
beunoand software developers are terrible17:32
sergiusensic17:32
beunoall of us17:32
sergiusensI know; I doubt myself every second!17:32
noise][good catch beuno17:32
ogra_beuno, so i need to re-do the cdimage code ?17:32
sergiusensso is upload automated?17:32
ogra_not yet17:32
sergiusensfor ubuntu-core17:32
sergiusenswho does that, is it you ogra_ or mvo?17:33
ogra_i was holding back because elopio said he could do it super easy with his jenkins instance17:33
sergiusensbeuno since you are here, is anon download supposed to go away for ubuntu-core?17:33
* noise][ has to go pickup food, bbiaf17:33
beunosergiusens, it'll go away when there's device auth17:33
ogra_all i could do it to use the click-toolbelt ... since i cant run snapcraft on the 12.04 cdimage server17:33
beunountil then, it'll likely stay around just for the OS snap17:33
noise][sergiusens: note we are going to be doing this same redirection thing to anon- as well17:34
noise][likely by monday17:34
ogra_beuno, could we keep it for the os snap even later ?17:34
sergiusensbeuno the definition and resolution of the word "then" makes my path different for this17:34
beunoogra_, why so?17:34
sergiusensas this download of the os snap is a hack until the kernel snap is redefined17:34
ogra_beuno, makes porting easier ... a sa porter you need to have the os snap around17:34
sergiusensbeuno enablement I guess17:34
sergiusensbut then again ogra can run snapcraft login and forget about it17:35
beunoright17:35
beunothat's the idea17:35
ogra_sergiusens, i cant17:35
ogra_sergiusens, unless you port snapcraft to 12.0417:35
ogra_our cdimage server is ooold17:35
beunoogra_, well17:35
beunothat's what needs fixing then17:35
beuno;)17:35
sergiusensogra_ to download the os snap, not upload!17:35
ogra_you wont get IS to move17:35
sergiusensto upload you need auth no matter what!17:35
ogra_sergiusens, oh17:35
beunoogra_, we'll just go on a hunger strike17:36
ogra_sergiusens, right, but that adds an extra hurdle for someone wanting to port17:36
beunoyes, I think it's an acceptable hurdle though17:36
beunogets you in the right mindset17:36
ogra_if i just want ot evaluate snappy for my new shiny board i probably dont even want to have or iuse an account at a canonical server17:36
ogra_which will simply make me go to bitbake and yocto ... done17:37
beunoit sounds like a pretty small hurdle  :)17:37
ogra_for you and me perhaps :P17:37
beunoif that's what's going to tip the scales, the scales are probably already tipped17:37
ogra_not for the enbedded people i talk to17:37
beunothe problem with exceptions is that they are essentially technical debt17:38
ogra_(which is why i send them off to cdimage anyway, sionce there they can get the same thing without any authentication)17:38
beunothere are areas like authentication where technical debt is a bit worst than others17:38
beunobut17:38
beunothere's a sprint coming up, and you'll be there17:38
ogra_right17:38
beunoso keep this in your back pocket  :)17:38
ogra_i definitely will ... especially sicne i expect gadget and kernel changes to be discussed there too17:39
ogra_i really think all three of these snaps should go without any auth for the community images we provide17:39
beunohold on17:40
ogra_(totally fine to have the auth req. for oem products )17:40
beunodevice auth is automatic17:40
beunoyou don't need an SSO account17:40
ogra_once you have a working port, yes17:40
beunowell, that can be bridged by snapcraft17:40
ogra_if i sideloaded all three snaps, then there will likely not be device auth17:40
beunoanyway, the requirement is auth one way or another17:41
beunodevices can be created in the fly17:41
beunoso it could be a transparent process17:41
beunoas long as you use snapcraf17:41
ogra_so snapcraft will replace u-d-f ?17:41
ogra_or how do i get a new board ported17:41
ogra_(my focus is realyl on creating an initial image for not yet supported devices)17:42
beunoor u-d-f could create a device17:42
beunowhatever  :)17:42
sergiusensubuntu-image!17:43
ogra_thats a merger of snapcraft and u-d-f ?17:43
ogra_:)17:43
zygaogra_: and it will be written in ruby, between python and go ;)17:44
ogra_zyga, wrapped in .net i hope17:44
ogra_so it runs on windows too17:44
zygaogra_: with perl 6 installer17:45
* zyga goes back to wrok17:45
ogra_as long as that has a TkTcl GUI i'm all fine17:45
kyrofazyga, ogra_ ahhhh ruby17:54
ogra_yep ... in ayear from now we'll all be hipsters !17:55
kyrofaHaha, that's been one of my favorites for a long time now17:56
kyrofaI guess I'm a hipster :P17:57
ogra_hah17:57
ogra_and you didnt convince sergiusens yet to rewrite snapcraft ?17:58
kyrofaogra_, it would probably involve bundling rvm somehow :P18:00
ogra_just snap it !18:01
kyrofadpm, a docs update if you want to review: https://github.com/ubuntu-core/snapcraft/pull/45418:07
dpmthanks kyrofa18:12
kyrofadpm, ah, that was meant for davidcalle, sorry about that. But it got to the right place :)18:18
dpm:)18:18
zygassweeny: bluez merged, please open a new pull request if you need changes18:18
ssweenyzyga, thanks! will do18:22
MichaelTunnellare there any plans for other flavors to get Snappy? I assume 16.04 won't but do we know about 16.10 yet?18:29
MichaelTunnellKubuntu, Ubuntu MATE, Xubuntu, etc18:29
MichaelTunnellis what I meant18:29
MichaelTunnellQUESTION: what if someone were to install a DEB for an app and then a SNAP becomes available? Will there be a process for SNAPs to overwrite the DEBs or would it be a case of "uninstall DEB and install the SNAP"?18:30
beunoMichaelTunnell, the snap will win over the deb when run18:31
beunothey can both be co-installed18:31
beunobut when you run the app, it'll run the snap18:32
MichaelTunnellbeuno: ahh nice so it just uses a priority structure18:32
beunoright18:32
beunoMichaelTunnell, flavours can pull in snaps today, if they wanted18:32
beunodpm might know more about what their plans are18:32
beunoyou can also ask them directly  :)18:33
=== JanC_ is now known as JanC
MichaelTunnellI asked Kubuntu but so far their unsure too :)18:34
MichaelTunnellI figured that would be the case but worth asking :)18:34
dpmMichaelTunnell, essentially all flavours can already use the command line interface to install/remove/manage apps. The question is whether they decide to go the full integration route and add a plugin to their software installer to talk to the store18:34
beunoMichaelTunnell, so we're both in wait and see mode!18:35
dpmfor those that already use gnome software, they'll get the full story already18:35
MichaelTunnellbeuno: :)18:35
MichaelTunnelldpm: so Ubuntu GNOME could transition super easy in theory?18:35
dpmI know at least MATE already put the CLI tools in their seeds, and others are interested18:35
dpmMichaelTunnell, yeah, it'd be a matter of having the right packages put to their seeds to have it preinstalled (optimal situation) - or flavour users can also install the packages manually18:36
davidcallekyrofa, thanks for the quick update! I'll have a look when I'm not on mobile18:36
MichaelTunnellwas about to answer the user part . . . again you read my mind18:37
MichaelTunnellscary18:37
MichaelTunnellask* the user part18:37
MichaelTunnelldpm: how well would Snappy work in a VM like if I were to install Snappy now could I demo everything in a VM?18:41
MichaelTunnelland by install Snappy I mean 16.04 Daily18:42
dpmMichaelTunnell, I've not tried it, but I guess it should work with no issues. In any case, if you're on 16.04 already, you can already try it today on your desktop. However, there is only a small subset of apps available and not all work atm, which is what we're right now trying to fix before we publish the documentation18:43
crash_how do you know in the gnome-software which package is a snap or just a regular deb?18:45
popeyMichaelTunnell: yes, you should be able to use snappy in a vm running 16.04 in that vm18:48
popeya good test actually as you'll be able to snapshot it, test it, revert and then do a demo live "on camera"18:48
popeybetter than screwing your man pc up ㋛18:49
MichaelTunnellpopey: thats a good idea. I wanted to have a stable recording of it so hence a VM but the rollback idea is great. :)18:55
bhdouglasshey guys, popey sent me here for some help with the click store api in relation to snappy packages. Currently uApp Explorer is only getting one architecture for most snaps even when they have more than one. I played around with the api and it looks like I need to explicitly specify the arch in the request in order to show anything different. I was hoping that uApp Explorer could get all the supported archs per package in one reque19:26
dduffeyis the correct command to sideload a local snap in 16.04:19:28
dduffeysudo snappy install file:///home/ubuntu/blahlbah.snap?19:28
MichaelTunnelldduffey: snappy is gone basically, look at the man stuff for snap19:29
MichaelTunnellsnappy the command is gone I mean :)19:30
popeyyeah, sudo snap install ./foo.click19:32
dduffeypopey, thanks "snappy package not found"19:35
popeydid you do ./ in front?19:35
dduffeyyep, but this is a .snap19:35
dduffeynot a .click19:35
popeyoh, duh19:35
dduffeybrb19:35
popeyyeah, sorry19:35
dduffeybut still19:36
dduffeyfails when I give it a local file19:36
popeyodd19:36
popeydduffey: what does "snap list" show?19:36
code1o6Hey has anyone since manik?19:41
zygapopey: list of installed snaps19:43
popeyzyga: yeah, that was aimed at dduffey :)19:48
dduffeypopey, sorry not in a position to cut and paste... but is says "unkown command list" and wanst ack, activate, cok...20:02
dduffeypopey, ah, got some more info ... snappy install ./blah.snap says20:03
popeynot snappy install... snap install20:03
dduffey"unkown header: "!<arch>\ndebian-binar"20:03
popeyah, known bug20:05
dduffeypopey, work-around?20:06
popeyI don't know, sorry.20:06
popeyI'm a user, not a dev20:06
dduffeypopey, okay, thanks20:07
dduffeyapparently this snappy image / snap worked last week ... so not sure what changed or they knew a work-around (they are out this week)20:07
zygaFYI, snappy (the command) was replaced by snap20:10
sergiusensdduffey <arch>\ndebian-binar" means you are trying to install a 15.04 snap on 16.0420:17
mariogripcan i build arm python2 apps with snapcraft on amd64?22:41
mariogripif yes, how?22:42
MichaelTunnellcross architecture compiling? I doubt it. You could have the snappy build server do it23:42

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!