/srv/irclogs.ubuntu.com/2017/01/26/#snappy.txt

kyrofa	ogra_, I suppose you're long gone into the night?	00:07
kyrofa	ogra_, when you get in tomorrow: how hard would it be to fix https://bugs.launchpad.net/snappy/+bug/1650207 ? No ROS stuff will build in classic mode	00:26
kyrofa	Oh, it's writable in classic, handy	00:44
stokachu	if i have an additional top level command 'conjure-down' for this do i need to register with the store to have that alias created?	02:43
mhall119	ahoneybun: it would be better off with a Qt5 part, it doesn't need all of KDE	02:44
=== chihchun_afk is now known as chihchun
mup	PR snapd#2666 closed: interfaces: add ability to set system time zone to timeserver_control interface <Created by justincan> <Closed by justincan> <https://github.com/snapcore/snapd/pull/2666>	08:43
mup	PR snapd#2679 opened: Ubuntu/14.04 <Created by vosst> <https://github.com/snapcore/snapd/pull/2679>	08:43
mup	PR snapd#2585 closed: debian: move systemd files out of ./debian and into ./data/systemd <Created by mvo5> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/2585>	08:43
mup	PR snapd#2680 opened: interfaces: shutdown: also allow shutdown/reboot/suspend via logind <Created by morphis> <https://github.com/snapcore/snapd/pull/2680>	08:43
mup	PR snapd#2681 opened: tests: only build test binaries if they are not present <Created by fgimenez> <https://github.com/snapcore/snapd/pull/2681>	08:43
diddledan	jdstrand: I may have an idea why other snaps than my own corebird-diddledan aren't able to launch URLs via xdg-open. I need to test it, but I did NOT build my snap with the snapd-glib interface but bundled glib into my snap directly	09:06
zyga	o/	09:14
zyga	diddledan: hey, I think this part is broken/needs love	09:14
zyga	diddledan: it's on our roadmap but always has low priority and gets postponed	09:14
zyga	mvo: ^^ FYI	09:14
zyga	(snapd-xdg-open)	09:14
diddledan	zyga: the confusing bit was my own snap works as it should, but jdstrand had noticed other snaps not working correctly which prompted questions as to what was different about my snap that made mine work	09:16
zyga	diddledan: so to make it work you need two pieces	09:16
zyga	diddledan: and because it has been a bit neglected we don't have a well designed responsiblity as to who owns them	09:16
zyga	diddledan: on the desktop side you need snapd-xdg-open installed, in theory snapd should recommend that on the destkop	09:17
zyga	diddledan: on the othoer hand, core snap (or ubuntu-core) should ship the shim xdg-open from snapd-xdg-open	09:17
zyga	diddledan: AFAIK neither are true now	09:17
zyga	diddledan: if you install snapd-xdg-open on your desktop manually	09:17
zyga	diddledan: and build and install the shim in your snap manually	09:17
zyga	diddledan: then I believe, apart from bugs in the actual shim, it should work	09:18
zyga	diddledan: it's just not what we want people to have to go through :/	09:18
diddledan	zyga: I only installed snapd-xdg-open. jdstrand tested on his system so it's not something specific to my system	09:18
diddledan	zyga: as I say, corebird-diddledan WORKS CORRECTLY. it is OTHER snaps ON THE SAME SYSTEM WHERE MINE WORKS that fail	09:19
diddledan	I wasn't shouting there, but wanted to highlight the important bits, sorry if it appears aggressive - wasn't meant to be	09:20
zyga	diddledan: no, that's fine	09:21
zyga	diddledan: if corebird works ok but others don't then I suspect they don't ship the shim	09:21
diddledan	I don't ship the shim in mine	09:21
diddledan	I did absolutely nothing special apart from installing snapd-xdg-open on the host	09:22
zyga	diddledan: feels like magic, is there xdg-open in the core/ubuntu-core snap?	09:23
diddledan	but even if it is in the core snap, that would suggest that other snaps should also work when they currently do not ON THE SAME SYSTEM	09:24
diddledan	ok, the xdg-open shim is NOT in core NOR is it in corebird-diddledan	09:26
diddledan	it doesn't exist	09:26
diddledan	at all	09:26
zyga	diddledan: as I said, this story is neglected, I may be missing something, those other snaps may have tried to make it work but did something that made it more roken	09:26
zyga	*broken	09:26
diddledan	yeah that's what we want to understand. the WHY	09:27
diddledan	personally I'm happy that mine works. for the project it needs to be understood what is different	09:28
zyga	diddledan: hmm	09:31
zyga	diddledan: is your snap classic?	09:31
zyga	diddledan: (it should never work then)	09:31
zyga	diddledan: how do you observe it working?	09:31
zyga	diddledan: (in any case, there's a well-known list of things to do to fix this)	09:31
zyga	diddledan: do hello-xdg-open snap	09:31
zyga	diddledan: I bet it won't work if you run xdg-open	09:31
zyga	diddledan: maybe there's a dbus service that also opens URLs that is somehow allowed via unity	09:31
* zyga has huge lag to IRC network		09:31
diddledan	my snap is strict confinement	09:31
diddledan	I observe it working by clicking links or other actions that open a url directly from corebird	09:32
zyga	diddledan: and then your browser opens?	09:34
zyga	diddledan: I don't have time to investigate this now	09:34
zyga	diddledan: if you want to do that, I suggest stracing your application to see if it fork/execs something	09:34
diddledan	yes it does	09:34
diddledan	well blow me down. it's _stopped_ working now	09:39
diddledan	I've not changed _anything_ and now it no longer works	09:40
zyga	well, at least that is good	09:41
zyga	it should not have worked	09:41
zyga	did you run the app outside of confinement / sandbox by any chance	09:41
zyga	e.g. running it directly from /snap/$SNAP_NAME/current/...	09:41
diddledan	I'm unsure now	09:42
zyga	well,	09:43
zyga	do what I suggested	09:43
zyga	you may get it to work for real then	09:43
ogra_	hmm, still all bots gone	09:47
niemeyer	mup: you ok?	11:19
mup	niemeyer: I really wish I understood what you're trying to do.	11:19
ogra_	bug 12345	11:19
mup	Bug #12345: isdn does not work, fritz avm (pnp?) <isdnutils (Ubuntu):Fix Released by doko> <https://launchpad.net/bugs/12345>	11:19
niemeyer	ogra_: mup back with its usual mood	11:19
ogra_	yeah, looks fine	11:19
mup	PR snapd#2724 opened: overlord,tests: have enable/disable affect security profiles <Created by zyga> <https://github.com/snapcore/snapd/pull/2724>	11:53
mup	PR snapd#2725 opened: overlord/ifacestate: use ParseConnRef <Created by zyga> <https://github.com/snapcore/snapd/pull/2725>	12:09
mup	PR snapcraft#1079 opened: Add snapcraft plugin for Qt Build Suite (qbs) <Created by dpniel> <https://github.com/snapcore/snapcraft/pull/1079>	12:24
mup	Bug #1659534 opened: userdel doesn't supports extrausers <Snappy:New> <shadow (Ubuntu):New> <https://launchpad.net/bugs/1659534>	12:29
=== yofel_ is now known as yofel
mup	PR snapd#2726 opened: interfaces: core-support: also allow enable/disable of a systemd unit <Created by morphis> <https://github.com/snapcore/snapd/pull/2726>	13:26
mup	PR snapd#2725 closed: overlord/ifacestate: use ParseConnRef <Critical> <Created by zyga> <Merged by zyga> <https://github.com/snapcore/snapd/pull/2725>	13:33
zyga	kirkland: hey, any update on that bug?	13:39
zyga	er	13:39
zyga	kissiel: ^	13:39
zyga	(sorry kirkland)	13:39
kissiel	zyga: https://bugs.launchpad.net/snapd/+bug/1659272; nope; @ mtg	13:41
mup	Bug #1659272: dbus access denied in nested python <snapd:New> <https://launchpad.net/bugs/1659272>	13:41
zyga	kissiel: thanks	13:41
jdstrand	kyrofa: hi! remember the ca-certificates-java thing? I have an extra clue. if I build a snap that stage-packages openjdk-8-jre-headless and ca-certificates-java but doesn't have either of those installed on the system as debs, I get snapcraft creating a dangling symlink:	13:44
jdstrand	/home/ubuntu/snappy-apps/minecraft-snap/parts/minecraft/install/usr/lib/jvm/java-8-openjdk-amd64/jre/lib/security/cacerts will be a dangling symlink	13:44
zyga	jdstrand: hey, morning :)	13:45
jdstrand	kyrofa: if I use the same stage-packages but install the debs on the system, snapcraft finds it and uses the system one and the snap is fine:	13:45
jdstrand	Copying needed target link from the system /etc/ssl/certs/java/cacerts	13:45
jdstrand	hey zyga :) fyi 2718 and 2658 are at the top of my list today	13:46
zyga	jdstrand: no worries, we're busy with a release :)	13:46
zyga	jdstrand: the update-ns PR is does not need a deep review now (it should not land yet), I just wanted to get first impression	13:46
zyga	*impressions	13:46
jdstrand	ok	13:46
* kirkland waves at zyga		14:06
stokachu	slangasek, what day does the SRU team normally process verification-done bugs?	14:21
stokachu	slangasek, or if you could flip the bit on snapd 2.21 so it'll make it into xenial-updates today that would be even better :)	14:24
mhall119	rmescandon: ping, I saw that you have a Solr snap in the store, have you been in contact with the upstream to see if they will adopt it?	14:27
rmescandon	mhall119, nope	14:28
rmescandon	mhall119, https://issues.apache.org/jira/browse/SOLR-10044	14:45
jdstrand	mhall119: hey, fyi, I issued snap declarations for dbus for two kde snaps and approved them, but they still need to be released (btw, why isn't apachelogger here?)	14:46
rmescandon	mhall119, no problem in moving code to another organization/place if needed	14:46
slangasek	stokachu: the SRU team releases SRUs Mon-Thu; I'll look at snapd now	15:29
stokachu	slangasek, awesome ty!	15:29
morphis	ogra_: how do I do a let n=n+1 with /bin/sh?	15:32
ogra_	morphis, n=$((n+1))	15:33
morphis	ok!	15:33
morphis	ogra_: thanks	15:33
ogra_	np :)	15:33
mhall119	thanks rmescandon	15:40
mhall119	thanks jdstrand	15:40
ogra_	morphis, you kept "let n=n+1" in the upper function ...	15:53
morphis	uups	15:53
ogra_	also check if it works with non-integers ... i'm not sure it does	15:54
ogra_	(or probably set wait_time=1 instead)	15:54
ogra_	ogra@localhost:~$ n=$((n+0.1))	15:55
ogra_	-bash: n+0.1: syntax error: invalid arithmetic operator (error token is ".1")	15:55
ogra_	yeah	15:55
morphis	ogra_: can you comment that in the MP?	15:58
mup	PR snapd#2727 opened: overlord/ifacestate: register all security backends with the repository <Created by zyga> <https://github.com/snapcore/snapd/pull/2727>	15:58
ogra_	morphis, oh, sorry, i mis-took wait_time for wait_attempts ... all good	15:59
morphis	ok :-)	15:59
ogra_	morphis, btw, probably good to bookmark this https://wiki.ubuntu.com/DashAsBinSh has all the POSIX vs bashism bits	16:02
ogra_	(including let)	16:03
morphis	ogra_: thanks	16:03
Chipaca	morphis, o/	16:05
Chipaca	morphis, dunno if my review made sense	16:05
Chipaca	the `while $n -lt 10 $wait_attempts ! is_ssh_unit_enabled` line is fairly borked :-)	16:05
morphis	Chipaca: thanks	16:07
kyrofa	jdstrand, interesting-- the broken symlink is an absolute one, I assume?	16:19
jdstrand	kyrofa: it points to /etc/ssl/certs/java, yes	16:20
jdstrand	which doesn't exist in core	16:20
jdstrand	the review tools notice that, but a locally installed snap user might not	16:21
kyrofa	jdstrand, indeed... hmm. Perhaps the repo should be rewriting stage package symlinks	16:21
mup	PR snapd#2728 opened: tests: add extra debugging to security-setuid-root test <Created by zyga> <https://github.com/snapcore/snapd/pull/2728>	16:23
kyrofa	Hey ogra_, how hard of a bug is https://bugs.launchpad.net/snappy/+bug/1650207 ?	16:49
ogra_	kyrofa, i landed a potential fix for it today ... not sure if mvo did re-build the edge core snap already since	16:50
ogra_	there was a release going on today to i didnt touch the build button	16:50
kyrofa	And will the fix mean that /etc/lsb-release is different in the core snap, or only in the classic shell?	16:50
kyrofa	ogra_, awesome, thanks for working on that :)	16:51
ogra_	kyrofa, in the classic shell	16:51
kyrofa	ogra_, will it be exactly xenial's, then?	16:52
ogra_	but the classic shell tarball is created during build of the core snap ;)	16:52
ogra_	the classic snap just unpacks it	16:52
ogra_	so the fix is in the core snap build itself	16:52
kyrofa	I suppose that does make sense. So they're intrinsically tied, eh?	16:52
ogra_	yes	16:52
ryebot	Are there docs for the snapd-control interface?	16:53
ogra_	the tarball contains all bits that we rip out during build :)	16:53
ryebot	not a pressing thing, just curious about it	16:53
kyrofa	ogra_, heh. So the /etc/lsb-release in the classic shell will be exactly xenial's?	16:53
ogra_	if the fix works, yes	16:54
kyrofa	ogra_, excellent, thanks for the update!	16:54
ogra_	havent tested it yet ... i simply "dpkg -i" the original base-files package	16:54
kyrofa	ryebot, what kind of documentation are you looking for?	16:54
ogra_	(but i'm not 100% sure it will overwrite the modified lsb-release file ... thats up for testing still)	16:55
ryebot	I just want to know what it can do, more or less	16:55
kyrofa	ryebot, we have an Interfaces wiki: https://github.com/snapcore/snapd/wiki/Interfaces#snapd-control	16:55
kyrofa	But it doesn't say much	16:55
ryebot	Does it allow you to launch other snap's apps?	16:55
kyrofa	ryebot, it allows the snap to talk to the snapd socket (install/update/remove snaps over REST API)	16:55
kyrofa	ryebot, no	16:55
mup	PR snapd#2729 opened: tests: use test snap <Created by fgimenez> <https://github.com/snapcore/snapd/pull/2729>	16:56
ryebot	okay, understood; thanks for the typically quick response :)	16:56
kyrofa	ryebot, that interface is used for example by snapweb. Have you used that?	16:56
ryebot	I have, yes	16:56
ryebot	I was toying with the idea of writing a snap that hooked into custom urls to install/launch other snaps	16:57
kyrofa	ryebot, that's a confined snap, but it allows you to search for/install snaps by talking to snapd. The only way it can talk to snapd like that is via the snapd-control interface	16:57
ryebot	makes sense	16:57
kyrofa	ryebot, I think such a utility would need to be outside confinement. It sounds like the snap-xdg-run utility that supports opening URLs from snaps	16:58
kyrofa	(not sure that's actually what it's called... but it's something like that :P )	16:58
ryebot	oh cool, thanks, I'll look into that	16:58
kyrofa	ryebot, talk to jdstrand, he knows all	16:58
ryebot	:D	16:58
jdstrand	ryebot: snapd-control does not allow launching other snaps. nothing does in strict confinement atm. snapd-xdg-open allows running a url handler, but that isn't tied into snaps yet	17:01
ryebot	that's understandable	17:02
mvo	ogra_: not rebuild anything yet, feel free to do that	17:02
jdstrand	ryebot: you are probably interested in https://bugs.launchpad.net/snappy/+bug/1639746	17:02
mup	Bug #1639746: Snap launching other snaps <snapd-interface> <Snappy:Triaged by zyga> <https://launchpad.net/bugs/1639746>	17:02
ryebot	jdstrand: yep! just signed up, thanks :)	17:03
jdstrand	ryebot: the point of confinement is that snaps can't interfere with each other. transitioning from one confinement to another while honoring that requirement is tricky	17:05
kyrofa	ogra_, if you happen to get a new classic into edge, I'd be happy to test it	17:05
ogra_	kyrofa, core you mean :)	17:05
ogra_	it is all in core	17:06
kyrofa	ogra_, well, both, right? :P	17:06
ogra_	nope	17:06
ryebot	jdstrand: yeah, no doubt	17:06
kyrofa	ogra_, wait... how does the classic snap update?	17:06
kyrofa	ogra_, so the classic snap literally installs and then unpacks something that core is holding onto?	17:06
kyrofa	I thought you extracted that from core and put it into the classic snap, they were just released in lockstep	17:06
ogra_	the classic snap unsquashes core ... then unpacks the tarball (from insiode core) on top	17:07
ogra_	if classic gets updated nothing happens	17:07
kyrofa	ogra_, what if I've already run that step? Will classic notice it's out of date?	17:07
ogra_	no, we dont fiddle with developer chroots once they are created	17:07
ogra_	its up to you to apt update/upgrade it then	17:07
kyrofa	ogra_, ah interesting. So if I've already created that chroot, will an apt upgrade get me a new /etc/lsb-release?	17:08
ogra_	nope	17:08
kyrofa	ogra_, can I kill the chroot and re-create it, then?	17:08
ogra_	apt-get install --reinstall base-files perhaps	17:08
ogra_	yeah	17:09
ogra_	that should work	17:09
kyrofa	ogra_, where is it, so that I can kill it?	17:09
ogra_	snap remove classic	17:09
ogra_	;)	17:09
kyrofa	Oh, well.	17:09
ogra_	its in the common dir of the classic snap	17:09
kyrofa	ogra_, perfect, thank you. Okay so then: if you happen to publish a new core snap with this change, please let me know, I've got a dragonboard setup I can use to test it	17:11
ogra_	ok	17:11
kyrofa	ogra_, thanks for the explanation, I understand classic mode quite a lot more now	17:11
ogra_	i just triggered a new core build ... in ~30min there should be a new one in edge	17:12
stokachu	slangasek, thanks for the push to updates	17:19
stokachu	question, I'm about to upload a new revision of my conjure-up snap that has a new binary called 'conjure-down' do I need to ask someone to register an alias to conjure-down?	17:21
kyrofa	stokachu, good question. Do you already have an alias?	17:21
kyrofa	stokachu, I mean, do your aliases already auto-connect?	17:21
stokachu	kyrofa, not that i know of	17:22
stokachu	so i have https://github.com/conjure-up/conjure-up-snap/blob/master/snapcraft.yaml	17:22
kyrofa	Ah, then you don't need to talk to anyone. You can declare interfaces all day long, but snapd won't automatically enable them for you (or your users) without someone flipping a switch in the assertion store-side	17:22
jdstrand	stokachu: you can have as many aliases as you want to declare. users manullay add them to the system so there is nothing to worry about on the store end. only if you weant the alias auto-added do you need to ask a reviewer to grant that to you	17:22
kyrofa	Argh, not interfaces-- aliases	17:22
kyrofa	I type that word too much	17:22
jdstrand	man, I can't type	17:23
stokachu	so i would like to have them auto connected, do i need to upload the snap with the alias defined beforehand?	17:23
kyrofa	jdstrand, you always make me feel better	17:23
jdstrand	kyrofa: thanks? :P	17:23
kyrofa	jdstrand, :P	17:23
jdstrand	stokachu: it doesn't matter	17:23
kyrofa	I suspect just uploaded PERIOD so it has an ID	17:24
stokachu	jdstrand, so i want to create the conjure-down alias for https://github.com/conjure-up/conjure-up-snap/blob/master/snapcraft.yaml#L15	17:24
stokachu	my snap is already uploaded it just doesn't have that latest build	17:24
jdstrand	stokachu: done	17:25
stokachu	jdstrand, awesome ty!	17:25
stokachu	now that 2.21 is in xenial-updates i can finally flip the switch to pure snap of conjure-up	17:25
stokachu	well classic snap anyway	17:25
stokachu	jdstrand, do i still need to add the aliases: [conjure-down] in my snapcraft?	17:26
stokachu	snapcraft.yaml*	17:26
jdstrand	stokachu: yes	17:27
kyrofa	jdstrand, are aliases individually granted? Or do you just say "yes, this snap can automatically have any aliases it declares"?	17:27
stokachu	perfect thanks	17:27
mup	PR snapd#2730 opened: snap: be more helpful in the `snap install <already-installed>` error message <Created by mvo5> <https://github.com/snapcore/snapd/pull/2730>	17:28
jdstrand	stokachu: you have to let snapd know what the aliases are. once it knows what they are, it looks at the snap declaration to see what to auto add	17:28
stokachu	jdstrand, ack, makes sense ty	17:28
niemeyer	jdstrand: ping	17:34
jdstrand	niemeyer: hey	17:34
niemeyer	jdstrand: Heya	17:35
niemeyer	jdstrand: Today we've been having a long debate about the configure script for core	17:35
niemeyer	jdstrand: Lot's of back and forth on several details	17:36
niemeyer	jdstrand: By now it's getting pretty obvious that we want direct systemctl access on it	17:36
jdstrand	niemeyer: morphis let me in a few of those details	17:36
jdstrand	niemeyer: I thought he was able to use dbus-send fine?	17:37
niemeyer	jdstrand: I know you were against that, and I could see why.. wondering if some of your worries are relieved by having the interface as core-support	17:37
niemeyer	jdstrand: No, that was the first impression, but it's actually very messy	17:37
=== chihchun is now known as chihchun_afk
* jdstrand notes he say later commits to his hook		17:37
niemeyer	jdstrand: We can't easily tell the result of the call.. the original hook was doing stop, but we really want stop+disable	17:38
niemeyer	jdstrand: So there's a loop in there, which isn't nice because it's waiting regardless of knowing why	17:38
niemeyer	etc etc	17:38
niemeyer	jdstrand: So the proper thing to do was to wait for the job, as systemctl does, ...	17:38
niemeyer	jdstrand: This is getting unwise to pursue, IMO	17:39
jdstrand	niemeyer: from my perspective, the security policy is clean right now with core-support, and that was my primary concern. the fact that only core can use it is important, yes, but systemctl isn't written with mediation in mind, so I didn't like all the extra unrelated security policy	17:39
jdstrand	niemeyer: if you want systemctl, then just put systemctl Uxr, in the policy	17:39
jdstrand	niemeyer: then we aren't pretending anything with the confinement	17:40
niemeyer	jdstrand: +1	17:40
niemeyer	jdstrand: Given this is just an extension of snapd, I think that's okay	17:40
jdstrand	'Uxr' says systemctl can run unconfined	17:40
niemeyer	jdstrand: It's not quite ideal, but an excellent start IMO	17:40
niemeyer	jdstrand: The high-level goal of that one setting is precisely to have a properly abstracted way to enable and disable ssh in pure snap systems	17:41
jdstrand	niemeyer: it is good for the configure hook. it is poor from a security policy perspecitve. it is acceptable based on base declaration restrictions	17:41
niemeyer	jdstrand: If we render it technically flaky, or end up giving up altogether and putting the logic into the snapd binary proper, it won't be any better	17:42
jdstrand	niemeyer: this achieves that goal, but does not restrict it to only that goal	17:42
jdstrand	which is what I really didn't like	17:42
niemeyer	jdstrand: It doesn't on itself, but arguably the configure of core, specifically, is bound to be doing system-level configuration on behalf of the user and of other snapd that have snapd access	17:43
jdstrand	there are ways to do stopping/starting/disabling/enabling services properly, but that couldn't be implemented today	17:43
jdstrand	niemeyer: that's why I said the base declaration makes it 'acceptable'	17:43
niemeyer	jdstrand: Ok, thanks	17:44
niemeyer	jdstrand: Let's move on with this then, and learn our lessons on the way	17:44
jdstrand	niemeyer: can someone ping me on the updated PR if this is time-sensitive?	17:44
niemeyer	jdstrand: It is time sensitive, and morphis plans to be doing work on it tomorrow morning	17:46
niemeyer	(his)	17:46
niemeyer	jdstrand: I'll mail him with the outcome of our conversation and one more detail today	17:46
jdstrand	roadmr: hi! would you mind pulling r833 of the review tools. it isn't terribly urgent (next week would be 'ok'). sonner is better, but don't feel like you have to do extraordinary measures	17:49
jdstrand	roadmr: also, I had the idea of shipping the review tools as a snap and floated that out to cprov. He loved it. that would allow staging to point at edge and prod stable and then no more pulls	17:50
jdstrand	sergiusens: this also means snapcraft could call the review tools if the command was available (ie, the snap installed) and we'd never have to worry about an out of date deb	17:51
jdstrand	sergiusens: ^	17:51
jdstrand	sergiusens: you could finally run the review tools and have confidence that what they and the store report was the same	17:53
roadmr	jdstrand: awesome idea on the snap!!!!	17:57
cprov	jdstrand: yup, instead of channels we we actually need refresh-control server side, but having the review-tools as a snap will be definitely an improvement	17:58
roadmr	jdstrand: having the service be mutable and update some component out-of-release-cycle sounds a bit scary, we try not to have mutable services, but totally worth a think. cprov this would be my main concern	17:59
roadmr	(so don't think I'm opposed, on the contrary, but we need to consider implications)	17:59
roadmr	jdstrand: also... sure, r833 coming up in a sec !	17:59
jdstrand	roadmr: a nice property is that the review tools run confined	17:59
jdstrand	moving to a snap is not super soon in the queue, but I'll let you guys know when it is then you can start using it whenever you want	18:00
roadmr	thanks jdstrand ! yes, because it'll have implications on how the service is deployed and hosted. Weighing immutability vs. confination will make for a fun exercise	18:05
jdstrand	roadmr: I was mostly saying that it is a benefit. wasn't arguing immutability	18:07
roadmr	jdstrand: yes, I absolutely agree on the benefit of confination	18:08
roadmr	jdstrand: hehe so again please don't take my ramblings as any sort of pushback, I think it's an awesome idea and once the snap is available I'm happy to push for that to be the way we use the tools. I'll find a way to deal with any other concerns	18:09
jdstrand	sounds great :)	18:09
mup	PR snapd#2717 closed: interfaces: builtin: mir: allow recv and send <Created by albaguirre> <Merged by jdstrand> <https://github.com/snapcore/snapd/pull/2717>	18:17
mup	PR snapcraft#1076 closed: autotools: extend Make plugin instead of repeating code <Created by 3v1n0> <Merged by sergiusens> <https://github.com/snapcore/snapcraft/pull/1076>	18:36
KristijanZic	Hello, got one question	18:38
kyrofa	Hey there KristijanZic, fire away :)	18:38
KristijanZic	Does snappy hard depend on Systemd? Could it be ported one day to BSD?	18:38
KristijanZic	kyrofa: ^	18:44
kyrofa	KristijanZic, at the moment yes, systemd is a hard dependency. But the spec doesn't require it	18:44
kyrofa	KristijanZic, when one writes a snap that declares a service, the keys one uses to describe the service behavior (simple daemon, forking, etc.) would need to be satisfiable by the given system, and snapd would need to support it	18:45
mup	PR snapcraft#1080 opened: python plugin: avoid the use of PYTHON* env vars <Created by sergiusens> <https://github.com/snapcore/snapcraft/pull/1080>	18:45
kyrofa	KristijanZic, as of right now, the only system supported is systemd	18:45
kyrofa	KristijanZic, but that may be refactored at some point	18:46
dstolfa	kyrofa, it would be beneficial to make it extensible so that other service management systems could easily be hooked in with a form of a plugin or something. Once they're stable enough, potentially upstreamed	18:46
KristijanZic	kyrofa: ah, not what I was hoping for but I hope that gets redesigned.	18:46
sergiusens	jamespage, stokachu, marcoceppi_ hey, mind testing this branch https://github.com/snapcore/snapcraft/pull/1080 ? It sort of solves the PYTHON* env var leaking but want to be sure it still works for you	18:47
mup	PR snapcraft#1080: python plugin: avoid the use of PYTHON* env vars <Created by sergiusens> <https://github.com/snapcore/snapcraft/pull/1080>	18:47
KristijanZic	kyrofa, thanks! :)	18:47
kyrofa	dstolfa, I wholeheartedly agree, but there's always work to be done. The question is the priority that should be associated to such work	18:47
marcoceppi_	sergiusens: how do I test that branch? you got a snap ;)	18:49
dstolfa	kyrofa, well, it could be done in a privsep way, that is separating the actual plugin that does it into different components, such as systemd, launchd, SMF, ..., and then have the standard functionality that it needs to provide. Somewhat similar to what the MAC framework does in FreeBSD. Now, that's probably not so much of an urgency, but I would be willing to write such a plugin once we have a service management system in place in FreeBSD(current w	18:49
dstolfa	I believe that people would find use of it on Apple systems though, through launchd which can provide such behaviour	18:50
sergiusens	marcoceppi_, from source right now; I intend to have a solid snap on classic thing going soon but this branch needs to get in first	18:50
kyrofa	dstolfa, well, you're assuming that the REST of snapd's dependencies are available on such systems as well	18:50
kyrofa	Which isn't necessarily the case	18:50
marcoceppi_	sergiusens: I'll add it to my todo, won't have much time today	18:50
kyrofa	dstolfa, I'm really talking about apparmor here	18:50
dstolfa	kyrofa, I'm not aware of all the dependencies, is there a list somewhere?	18:50
sergiusens	marcoceppi_, no problem, thanks	18:50
kyrofa	dstolfa, the confinement tech isn't available everywhere	18:51
kyrofa	dstolfa, in fedora they have selinux, for example	18:51
dstolfa	Ah, well that's really just a form of access control, couldn't it be extensible?	18:51
sergiusens	marcoceppi_, if not, give me your branch and tell me what to run to ensure it all works ok (to smoke it a bit)	18:51
kyrofa	dstolfa, indeed, but you see how this blossoms	18:51
dstolfa	That way, if someone wanted to, one could apply even things like grsec RSBAC to it	18:51
dstolfa	kyrofa, well, it does. There is work to be done, but imo would be useful to do eventually, as the need arises :)	18:51
kyrofa	dstolfa, right, I completely agree	18:52
marcoceppi_	sergiusens: https://github.com/juju-solutions/charm-pkg it's here for now, need to move the snapcraft yaml into the project root now that I've removed all the weird workaround files	18:52
marcoceppi_	sergiusens: once built and installed, try `charm version; charm create foobar; cd foobar; charm build`	18:52
kyrofa	dstolfa, don't get me wrong, I think we can all agree we'd like to see snapd everywhere. But I'd rather have a good product in less places than a bad product everywhere because we devoted all our time to that	18:52
marcoceppi_	sergiusens: if you get tracebacks, you know something went wonky	18:53
dstolfa	The only requirement in doing so really, is just keeping the dependencies in check -- that is, not allowing dependencies to branch out too much, rather wrapping them so that it's an easier job later on.	18:53
dstolfa	kyrofa, agreed there.	18:53
marcoceppi_	sergiusens: just pushed up the latest changes	18:54
dstolfa	Either way, be right back. Food :)	18:54
sergiusens	marcoceppi_, thanks!	19:00
mup	PR snapcraft#1081 opened: local source: preserve symlinks to directories <Created by kyrofa> <https://github.com/snapcore/snapcraft/pull/1081>	20:45
mup	PR snapd#2697 closed: cmd,snap,wrappers: systemd reload command support <Created by cyberb> <Merged by niemeyer> <https://github.com/snapcore/snapd/pull/2697>	20:46
mup	PR snapd#2728 closed: tests: add extra debugging to security-setuid-root test <Created by zyga> <Merged by zyga> <https://github.com/snapcore/snapd/pull/2728>	20:49
mup	PR snapd#2696 closed: spread: set SNAPD_DEBUG=1 in the core snap as well <Created by mvo5> <Merged by niemeyer> <https://github.com/snapcore/snapd/pull/2696>	21:00
mup	PR snapd#2690 closed: daemon: add location header to reply for snap operations like install/remove <Created by mvo5> <Closed by niemeyer> <https://github.com/snapcore/snapd/pull/2690>	21:08
mup	PR snapcraft#1073 closed: project: snapcraft.yaml in a snap directory <Created by sergiusens> <Merged by sergiusens> <https://github.com/snapcore/snapcraft/pull/1073>	21:18
sabdfl	evening	22:35
qengho	o/	22:39
mup	PR snapcraft#1082 opened: project: new plugin directory location <Created by sergiusens> <https://github.com/snapcore/snapcraft/pull/1082>	23:09

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!