seshucwayne: How can I import self signed certificates into Ubuntu Core 16 system?00:50
=== JanC_ is now known as JanC
cwayneseshu: what exactly is it you're trying to do?01:34
seshucwayne: Our EDM server allows user to upload self signed certificates to talk over https. So the user will have to import/export the same certificates to their devices so they can talk over https.01:35
cwayneseshu: hmm, I'm not 100% sure how we could do that, would be worth a mail to the list so some more security-minded people could take a look02:16
stokachuhow far away is series (or branch?) support for multiple versions of a snap?02:34
popeyogra_: my laptop just died (battery) and when it came back, packageproxy didn't load, I suspect because /var/snap/packageproxy/1/lockfile.lock still exists. Perhaps needs a sanity check when it launches?08:09
zygagood morning08:18
mupPR snapd#2751 opened: 14.04/integrationtests: rely on upstart to restart ssh <Created by vosst> <https://github.com/snapcore/snapd/pull/2751>08:24
Son_GokuI hate being awake this early08:31
zygaSon_Goku: hey08:40
zygaSon_Goku: good morning :)08:41
* zyga goes to dig into the kernel 08:41
* Son_Goku grumbles about zsync and garbage fire build systems08:41
Son_GokuI hate autotools08:41
zygaSon_Goku: I share the sentiment08:41
Son_GokuI'm porting zsync to use meson as an exercise to learn meson and also because DNF upstream wants to libify zsync to use with librepo for doing zsync downloads of metadata08:43
Son_Gokumight as well kill two birds with one stone08:44
Son_Gokubut holy crap the source autotools build system is annoying to figure out08:44
ogra_popey, well, there is a check (that is why it doesnt start) ... the prob is that i'd need access to the process-control interface to actually check if the pid still exists to kill the potentially hanging former process ... when i created that snap there was no such interface ... :)08:59
popeyogra_: :)09:08
ogra_i'll try to come up with something though, that behaviour is indeed not acceptable :)09:09
popeyjdstrand: http://askubuntu.com/questions/873495/how-do-i-use-snappy-debug-to-debug-a-snap/878204#878204 - perhaps snappy-debug description should be updated to remove mention of tools it doesn't contain? :)09:09
popeyogra_: thanks09:09
=== wesleyma` is now known as wesleymason
cos-hm, my .desktop file appeared in the menu today (=after reboot). perhaps some command must be run after snap installation to update the menu.10:02
om26erWhere can I find documentation regarding paid snaps ? I didn't see a reference to that on snapcraft.io10:09
om26erpopey: ^ do you know ?10:11
popeyom26er: not landed yet10:11
om26erpopey: hmm, what does `snap buy`  do ?10:12
popeyom26er: nothing yet, as it hasn't all landed yet10:13
jamespageanyone know whether the launchpad builders can build classic snaps yet?10:28
mupPR snapd#2732 closed: snapenv: do not append ":" to the SNAP_LIBRARY_PATH <Created by mvo5> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/2732>10:52
mupPR snapd#2596 closed: tests: parameterize kernel snap channel <Created by fgimenez> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/2596>10:53
mupPR snapd#2731 closed: store: always log retry summary when SNAPD_DEBUG is set <Created by mvo5> <Merged by zyga> <https://github.com/snapcore/snapd/pull/2731>10:56
bulldguys how to play youtube in snap packaged app??12:14
bulldanyone on ??12:17
bulldhi popey12:18
zygabulld: can you be more specific please?12:21
bulldzyga, flash support in snap packages12:24
bulldhow my qt app with qwebviw cant play youtube videos12:25
flexiondotorgzyga You were on one of the Hangouts recently and we talked about running snapd on a kernel without AppArmor.12:38
flexiondotorgMy memory was that you said something to the effect that it would "work" albeit without confinement.12:39
flexiondotorgIs my memory wrong?12:39
ogra_flexiondotorg, that is how it works on fedora for example12:39
flexiondotorgOK, so I've made a "Ubuntu" image with a 3rd party kernel.12:40
flexiondotorgWhich has no AppArmor patches at all.12:40
ogra_bad idea :P12:40
flexiondotorgI know it's a bad idea.12:40
flexiondotorgThis was the outcome12:41
zygaflexiondotorg: no, that's accurate12:41
zygaflexiondotorg: but it needs some hand-holding to enable12:41
zygaflexiondotorg: specifically there's no runtime detection yet, you'd have to do two things:12:41
flexiondotorgOK, can you point me at something.12:41
zygaflexiondotorg: (both can be done permanently later)12:42
zygaflexiondotorg: snap-confine needs to be rebuilt without apparmor, simply pass the --disable-apparmor switch and that should do it12:42
zygaflexiondotorg: then snapd may need to be patched slightly depending on the state of your apparmor userspace12:42
jdstrandpopey: done (it wasn't in the 15.04 snap. the series 16 and yaml was fine)12:42
zygaflexiondotorg: if changing snap-confine is not sufficient you need to edit (in snapd tree) release/release.go12:43
zygaflexiondotorg: and in there look at the function ForceDevMode12:43
zygaflexiondotorg: and have it return true for "ubuntu"12:43
flexiondotorgzyga OK, thanks for the info.12:43
zygaflexiondotorg: it would be good to give your system a different /etc/os-release12:43
zygaflexiondotorg: so that it doesn't register as ubuntu, that will kick in devmode automatically12:43
flexiondotorgzyga So this is "ubuntu" userspace right now.12:43
zygaflexiondotorg: (you still need to rebuild snap-confine but there are patches there (see debian/rules) to do that12:43
flexiondotorgBut the end game here is the vendors own distribution.12:44
zygaflexiondotorg: a proper fix would be to fix snap-confine and snapd to do runtime detection12:44
ogra_then tweaking os-release should happen anyway12:44
flexiondotorgWe spoke to them yesterday, they have agreed to work together to add snapd support to their distro.12:44
zygaflexiondotorg: btw, if you change the kernel and it's that wildely different you should not call it ubuntu anymore12:44
ogra_that too ...12:44
zygaflexiondotorg: would you mind waiting a little (~hour)12:44
zygaflexiondotorg: I have a meeting soon and my family calls me for lunch12:45
flexiondotorgIt is a very popular SBC manufacturer with a distro based on Debian, with a similar sounding name.12:45
zygaflexiondotorg: (still not ubuntu)12:45
flexiondotorgI  know :-)12:45
popeyjamespage: jdstrand nice one12:46
flexiondotorgzyga I'll be here later. Enjoy lunch.12:46
ogra_flexiondotorg, in the snappy core team we dont have lunch ... we have meetings instead :P12:48
flexiondotorgAh yes, meetings. The practical alternative to work ;-)12:49
ogra_and to lunch :)12:49
jdstrandflexiondotorg: I don't think you could call a system Ubuntu if it doesn't have the Ubuntu kernel (ie, apparmor, etc)12:50
ogra_but zyga lives in spain anyway ... lunch time isnt before 4pm there :)12:50
ogra_jdstrand, tell that to OpenVZ :)12:50
ogra_(they offer ubuntu on 2.6 kernels :) )12:50
flexiondotorgjdstrand It is not Ubuntu.12:50
ogra_we recently had some support fun here with that12:51
jdstrandogra_: that can't possibly meet the trademark standards12:51
flexiondotorgIt was the quickest way for me test test their kernel with our userspace and snapd.12:51
ogra_FSVO "fun"12:51
jdstrandbut, I'll let others decide on that12:51
ogra_jdstrand, https://openvz.org/Download/template/precreated12:51
jdstrandogra_: I don't doubt they have things called 'ubuntu', I doubt that they should be able to do that. IANAL12:52
ogra_i fully agree, especially after wasting 2h to support someone trying to run snappy on such an image12:53
jdstrandbut to me, a system isn't Ubuntu unless it has apparmor and our kernel configs. that is especially true for snappy. again, IANAL12:53
ogra_i couldnt really belive the uname output when i first saw it12:53
jdstrandI wrote 'check-requirements' for ufw all those years ago because of people saying ufw didn't work on some hosted machine. "yep, it doesn't, you don't have connection tracking in your kernel"12:54
* jdstrand shakes head12:54
zygajdstrand: hey :)13:07
zygajdstrand: looking at the kernel and the apparmor bug, trying to reproduce it with a smaller test case, interestingly it doesn't fail there13:07
zygajdstrand: I'm trying to grow the test case to the point where the same behavior we have in snap-confine happens and the failure re-surfaces13:07
jdstrandthat is annoying13:08
zygajdstrand: I wasted some time because /home is nosuid for me but now progressing13:08
=== hikiko is now known as hikiko|ln
mupPR snapcraft#1094 opened: core: switch to using rpath for clasic confinement <Created by sergiusens> <https://github.com/snapcore/snapcraft/pull/1094>13:44
bulldzyga, how application get access to flash player when snapped ??13:47
bulldmy qt app cant play videos from youtube13:47
bulldproject is based on qt 5.5.113:48
ogra_did you include flash in your snap ?13:48
ogra_i guess you'd need the player inside13:48
bulldogra_, it wont work13:48
bulldogra_, flash player installer as stage package wont install flash layer13:48
bulldogra_, flash player installer as stage package wont install flash player13:48
ogra_no, indeed13:49
ogra_and i didnt say flashplayer-installer :)13:49
bulldogra_, how to install f.p then ?13:49
stokachudoes snapcraft require the CLA for people to contribute?13:50
ogra_teh same way you would do it without flashplayer-installer on a desktop ... put the binaries in the right place etc13:50
bulldogra_, also my qt 5 app cursor dont look as  it looks in the normal deb install13:50
mupPR snapcraft#1080 closed: python plugin: avoid the use of PYTHON* env vars <Created by sergiusens> <Closed by sergiusens> <https://github.com/snapcore/snapcraft/pull/1080>13:50
mupPR snapcraft#1090 closed: core: classic with no exported variables <Created by sergiusens> <Closed by sergiusens> <https://github.com/snapcore/snapcraft/pull/1090>13:50
sergiusensstokachu: yes13:50
bulldsergiusens, hi13:50
stokachusergiusens, thanks13:50
mupPR snapd#2749 closed: interfaces/default: allow mknod for regular files, pipes and sockets <Created by jdstrand> <Closed by jdstrand> <https://github.com/snapcore/snapd/pull/2749>13:51
sergiusensjamespage: they cannot yet13:51
bulldogra_, i placed the libflashplayer.so in the right place and it still dont work13:51
zygabulld: hey13:51
zygabulld: if you bundle the flash player in your snap it should jsut work13:51
bulldsergiusens, my qt 5 app mouse cursor looks odd13:51
ogra_bulld, well, you'Äd have to ship the right cursor theme in your snap (not sure there is an interface planned for that in the future, but for today you'd have to ship it)13:51
* zyga goes to debug kernel issues, please ping/mention me explicitly if you need my attention13:52
bulldogra_, sergiusens   http://paste.ubuntu.com/23899428/ here is my snapcraft file13:52
sergiusensjamespage: for one reason or another, it is good as these need to happen https://github.com/snapcore/snapcraft/pull/1093 https://github.com/snapcore/snapcraft/pull/109413:52
mupPR snapcraft#1093: python plugin: do the right thing with classic <Created by sergiusens> <https://github.com/snapcore/snapcraft/pull/1093>13:52
mupPR snapcraft#1094: core: switch to using rpath for clasic confinement <Created by sergiusens> <https://github.com/snapcore/snapcraft/pull/1094>13:52
sergiusensbulld: I cannot help you with that, no idea about GUIs13:52
bulldogra_, i also tried [desktop-qt5] to build13:53
bulldsergiusens, thanks13:53
ogra_that should at least give you a themed cursor13:53
* mvo hugs popey for his emoj snap13:53
bulldsergiusens, am having issues with youtube video playback my project is using qt5.5.1 and qwebview13:53
bulldogra_, same happedned with my previous application13:54
ogra_note that i have no clue how to make flash work, but i'd start with placing libflashplayer.so inside the snap in a place where the app can find it and then stracing the whole thing to see what it tries to do and how it actually fails13:54
bulldogra_, did you checked my craft file ??13:54
ogra_i'm also not sure if qtwebkit would even have support for flash at all13:55
ogra_yes, i see it13:55
=== mardy_ is now known as mardy
bulldogra_, it works fine when i play video in normal deb install13:55
ogra_why are you building qt from source ?13:55
bulldam not building qt from source13:55
bulldthats the name of part , my app source code is in /src folder13:56
ogra_oh, right, thats just your app13:56
bulldogra_, am bulldog you remember me ??13:56
ogra_well, for the cursor thing i'd include the qt desktop bit ... and for flash i'd debug it like i said above13:57
ogra_but as i said, i'd be surprised if qtwebkit could even woirk with it13:58
bulldogra_, konqueror webbrowser works with flash13:59
ogra_libflashplayer is built for being used with a plugin framework and i doubt qtwebkit provides that13:59
bulldand qwebview works with flash am sure about it13:59
ogra_well, then you know more than me ... just make it work :P13:59
bulldQWebSettings::globalSettings()->setAttribute(QWebSettings::PluginsEnabled, true);14:00
bulldthis line enable webview to use external plugins14:00
bulldogra_, i will open this url in my snapped application from webview to verify whats wrong https://helpx.adobe.com/flash-player.html14:04
bulldit is saying Sorry, Flash Player is either not installed or not enabled.14:06
mupPR snapd#2748 closed: seccomp-support.c: add PF_* domains which can be used instead of AF_* <Created by jdstrand> <Merged by zyga> <https://github.com/snapcore/snapd/pull/2748>14:10
zygajdstrand: I ased in one of the reviews but I was wondering if there's any specific thing you'd like to do with seccomp14:15
zygajdstrand: (any changes to default policy or some kind of new interface)14:16
jdstrandzyga: that is very open ended. I saw the question about quotactl and answered it. did you have another question?14:20
mupPR snapd#2752 opened: snap: add support user-sessions from snaps <Created by mvo5> <https://github.com/snapcore/snapd/pull/2752>14:20
jdstrandzyga: all of the PRs (except the PF_* one, which was just an omission in the original implementation) are to meaningfully improve policy14:21
jdstrandwell and the cleanups one14:21
jdstrandok, so the quotctl, mknod and ioctl ones are all to fix real world issues14:22
jdstrandonce I fix mknod I' going to work on chown/setuid/friends to 'daemon'14:22
jdstrandzyga: I don't know if any of that answers your question, but there you go14:23
bulldogra_, how i can trace what my app looking for ??14:23
zygajdstrand: thanks, yes, that answers it14:23
zygajdstrand: I was just curious about where this is going14:23
ogra_bulld, put strace into your snap and run the app under strace14:23
=== hikiko|ln is now known as hikiko
bulldguys any working example snap with flashplayer and html5 video playback ??14:24
bulldogra_, i have no idea how to do that :(14:24
ogra_"and html5" ?14:25
ogra_it is either/or14:25
jdstrandzyga: mostly everywhere where there is a TODO in the policy to fix it with seccomp arg filtering, fix it. then fix bugs, then fix other things I noticed. fix, fix, fix :)14:25
ogra_there is no and ...14:25
bulldogra_, html5 video playback14:25
* ogra_ wouldnt use flash at all for youtube ... 14:25
zygajdstrand: I was thinking about changing how some of the tests look like, it'd be good to add a few lines of documentation to each one14:25
bulldogra_, yes14:25
ogra_i'D just use the ubuntu webbrowser-app isnide my snap14:25
ogra_that works fine with youtube14:25
zygajdstrand: I grok them after a while but I have to double check each time if my feeling is right14:26
bulldogra_, qwebkit support html5 video playback idk if youtube is trying with html5 why cant my app play videos14:26
ogra_no idea, really... it is your app14:26
bulldogra_, it work with debian install man14:27
ogra_and we never used qtwebkit in ubuntu anywhere so i have no clue about it14:27
jdstrandzyga: can you give an example of a test that was hard to understand?14:27
zygajdstrand: I specifically mean each of the seccomp test14:27
bulldogra_, you telling me to include ubuntu webbrowser app in my snap ??14:27
ogra_on the phone we use oxide inside a webapp-container or the webbrowser-app ... if we want tio use Qt based stuff14:28
jdstrandzyga: yes, I figured, but like, what is hard to understand about it? (I'd like to clarify meaningfully rather than guessing)14:28
zygajdstrand: hard is perhaps an overstatement but making it obvious like "check that $SYSCALL is denied when it is not in the filter" or something like this would help, I think14:28
ogra_https://github.com/fcole90/fcole-hexgl-webapp is an example i think14:28
bulldomg :914:28
jdstrandzyga: as a comment or test output?14:28
zygajdstrand: the name encodes the meaning but it's also limietd by length/readability14:28
zygajdstrand: as a comment really14:28
ogra_(i actually thougth qtwebkit was dead since years)14:28
bulldogra let me check14:28
bulldogra_,  no14:29
jdstrandok, I'll add a todo for that. I'll do that after I finish my policy updates14:29
zygajdstrand: I was wondering if we could stick most of those tests into spread with preapre/execute and details section (details would be that comment)14:29
ogra_anyway, thats all i know about web apps14:29
bulldyou are so nice :)14:29
zygajdstrand: thanks, this is not urgent in any way :)14:29
jdstrandzyga: I think we need to always have these build tests to make sure the C code is right. adding spread tests on top is fine of course. I am also working on a snap to test various parts of policy that I figured a spread test could drive14:30
jdstrandin fact, it was that exercise where I found bug #165821914:31
mupBug #1658219: flock not mediated by 'k' <AppArmor:Triaged> <https://launchpad.net/bugs/1658219>14:31
bulldogra_,  my app http://imgur.com/a/o2GPq14:31
zygajdstrand: yes, ideally we could run those via spread (like unit tests)14:31
zygajdstrand: I wish there was a "more declarative" way of defining them14:32
bulldogra_, how is it ??14:32
zygajdstrand: nice14:33
zygajdstrand: btw, it would be helpful if you or anyone you know could answer a question with authority: is it possible to reliably determine that something is a bind mount by looking at /proc/self/mountinfo14:36
mhall119sergiusens: is there any way to inject version numbers into a snapcraft.yaml at build time?14:36
zygajdstrand: not urgent but something that will block update-ns when we return there14:36
jdstrandzyga: I would have to investigate. perhaps tyhicks or jjohansen would know14:36
zygajdstrand: I can post this to a mailing list (not sure where) so that others can reply14:36
jdstrandzyga: stgraber might be someone else otoh14:41
bulldmhall119, hi14:51
=== bulld is now known as bulldog
bulldogmhall119,  my new app http://imgur.com/a/o2GPq14:52
bulldogmhall119, is not talking with me on telegram either :(14:53
balloonsany suggestions in trying to debug what's happening with my config hooks? I'm trying to use the dump plugin to put files on the filesystem for a classic snap14:58
didrocksballoons: I did just echo to $SNAP stdout from a shell script personally15:00
didrocks(and look in /var/log/syslog for denials)15:01
mhall119bulldog: in a call atm15:01
balloonshmm, I was thinking a script might be easier to see what's happening. I need to kick a service anyway15:01
mhall119bulldog: what was your question?15:06
mhall119balloons: if you have a non-daemon app defined in your snap, you can "snap run --shell <command>" to get a shell promot in the snap environment15:06
balloonsmhall119, interesting15:07
zygaballoons: that's true for shell apps as well15:08
zygadaemon apps15:08
zygajdstrand: I don't know if you saw my earlier ping about that but I'd love if you could review https://github.com/snapcore/snapd/pull/274515:08
balloonsso what I'm trying to do actually is get bash completion to work, along with installing a sysctl file15:08
mupPR snapd#2745: cmd: add sc_must_stpcpy <Created by zyga> <https://github.com/snapcore/snapd/pull/2745>15:08
zygajdstrand: I plan to use that for all "strcat" like code15:08
jdstrandyes. I'll look at it after I fix the mknod branch15:09
zygajdstrand: thanks!15:09
mhall119zyga: oh? Is that a recent change? When I tried to do that with a daemon in the past it didn't work15:09
zygamhall119: it doesn't care if it's a daemon or not, --shell just causes us to run /bin/bash15:09
zygamhall119: you get the same confinement as whetever would run otherwise15:09
mupPR snapd#2753 opened: tests: install ubuntu-core from the same channel as core <Created by fgimenez> <https://github.com/snapcore/snapd/pull/2753>15:10
zygamhall119: if you saw otherwise I'd love to know more15:10
mhall119zyga: well I can't reproduce that error now, so I guess it was user-error all along :)15:11
bulldogmhall119, you there ?15:19
bulldogmhall119, my app uses qwebview to play youtube videos , on normal debian install it plays well and when i snap it the youtube player saus videos cant be played n this device15:20
mardypstolowski: hi! got a minute?15:20
pstolowskimardy, hello! sure, what's up?15:20
mardypstolowski: I'm trying snapd from master, + your interface hook branch (step 3)15:21
pstolowskibrave man ;)15:21
mardypstolowski: if I run snapd with SNAP_DEBUG=1, should I see the lines "Run hook %s of snap %q" in the output?15:21
mardypstolowski: or, to make the question more meaningful, how can I check whether my hook is being run?15:22
pstolowskimardy, I think (but haven't actually used debug mode) you would see 'Running task ...'. but isn't it SNAPD_DEBUG (not SNAP_DEBUG)?15:24
pstolowskiyeah, it's SNAPD_DEBUG15:24
mardypstolowski: indeed, sorry, I launched the proper command, just misspelt it here on IRC15:25
zygamardy: look at syslog/journal15:26
zygamardy: how are you running snapd?15:26
mhall119bulldog: have you tried adding the browser-support plug?15:26
mhall119the qwebview might need that15:26
mardyzyga: sudo SNAPD_DEBUG=1 ./snapd15:26
bulldogmhall119, yes15:26
jamespagesergiusens, ack - thanks for confirming - have a few classic snaps landing into /openstack today - but holding off on the auto-build to edge bit for now then!15:26
zygamardy: (funny that it works like that now, we used to require socket activation)15:26
mardyzyga, pstolowski: I see quite a few lines there, including "Run configure hook of "amazon-webapp" snap if present" but nothing about interface hooks15:27
bulldogmhall119,  my craft file http://paste.ubuntu.com/23899846/15:27
mardypstolowski: are the hooks run for interfaces which do autoconnect?15:27
pstolowskimardy, they will only run when you connect (sorry if that's obvious)15:27
mhall119bulldog: I'm not sure then, I imagine it has something to do with the html5 video playback, have you checked dmesg for DENIAL?15:28
pstolowskimardy, no, not yet15:28
mardypstolowski: ah, that explains it15:28
bulldogmhall119, how to do that ?15:28
pstolowskimardy, also, this branch doesn't actually use the attributes you set in hooks. this will come in the next branch15:28
mardypstolowski: you mean the "step 3" branch, or another one?15:29
bulldogok let me check15:29
pstolowskimardy, the upcoming 'step 4' should (hopefully) make it possible to apply the attributes to the interface15:30
mhall119bulldog: dmesg |grep DENIAL15:30
mhall119bulldog: are you running in --devmode or in strict confinement?15:31
bulldogmhall119, strict15:31
mhall119ok,then if it's confinement causing your errors,it should show up in dmesg15:31
bulldogmhall119, i installed with --devmode flag too but it still says this device cant play videos15:32
pstolowskimardy, although with step 3 branch it's already possible to exchange data between slot and plug side, as you can see in the attached spread tests15:32
mhall119hmm, might be a configuration thing then, not sure15:32
mhall119or a missing dependency15:32
mardypstolowski: ok, thanks15:32
mhall119bulldog: does it need flash to work?15:33
mardypstolowski: and about running hooks for interface which are autoconnected, is that planned?15:33
bulldogmhall119, this is very sad that my some of apps are still not running fine with snap15:33
pstolowskimardy, yes, afaict this needs to be supported (I don't see a reason why we wouldn't support this). it'll just come separately as for some reason autoconnect currently bypasses this execution path completely and needs to be treated separately15:35
ogra_mhall119, he is using his own custom webapp built around qt-webkit and trying to use adobe-flash ... (instead of just using an oxide webapp container ... i already pointed to the hexgl snap but ...)15:35
bulldogwhat support  browser-support gives :D15:35
pstolowskimardy, (separately as in a separate PR)15:35
bulldogogra_, mhall119 , its not a webapp15:36
ogra_ita an app to play back youtube videos, no ?15:36
bulldogogra_, my app is a qt gui qpp , with more then 5k lines of code15:36
mardypstolowski: ok, thanks a lot, I'll keep an eye on your branches :-)15:36
ogra_well, you wrote it,. you should know how to debug it too then15:36
bulldogyes it does , the question is if my app  can play video in normal install why it cant do that in snap15:37
pstolowskimardy, sorry it's taking so long... but we're making progress15:37
ogra_first of all strace it to see how/where it looks for libfalshplayer ... if it finds it ... if it execs it etc etc ... the standard stuff you do for debugging15:37
bulldogqt is not changing its api for snap right after compilation right ?15:37
bulldogogra_, i think it is not looking for flash player15:37
ogra_well, find out why ... and fix that15:38
bulldogi renamed the libflashplayer.so in my system and it plays videos15:38
bulldogogra_, yes i will :(15:38
bulldog i renamed the libflashplayer.so in my system and it plays videos that mean app not looking for flash layer15:39
ogra_so it likely simply uses html5 and you dont need the flash player at all ...15:39
ogra_(like i said in the beginning of our conversation)15:39
tyhickszyga: no, I don't know of a reliable bind mount check from userspace :/15:39
zygatyhicks: I see, thanks15:40
zygatyhicks: is there any place better than mountinfo to see the mount table?15:40
bulldogso i added - libavcodec-ffmpeg56 - ffmpeg in stage-packages but still no luck15:40
zygatyhicks: I'm reading kernel documentation but I'm not that far yet15:40
ogra_anyway, look at the hexgl snap that i pointed to, try to add the same interfaces and connect them ... also try to build your app unconfined and see if it works tghen15:40
tyhickszyga: nope, that's the best15:40
ogra_if it doesn, thats not a confinement issue15:40
zygatyhicks: thanks15:40
ogra_not sure why you would add ffmpeg15:41
bulldogogra_, it even wont play , when i install app with  --devmode15:41
ogra_so its an issue with your app ... debug it15:41
bulldoglibffmpeg.so is what makes play H264 vids15:41
ogra_and fix the errors you find15:41
bulldogogra_, i said it is running fine on normal system15:42
bulldogi do not write buggy code :D15:42
zygabulldog: I'd suggest doing as ogra_ suggested earlier, use strace to figure out what happens when your app runs outside of a snap (it probably accesses something on your host and uses that to work)15:42
bulldogzyga, ok15:43
zygabulldog: then do the same inside a snap15:43
zygabulldog: and compare to get an idea of what is missing15:43
bulldogok :(15:43
zygabulldog: remember that snaps run in a chroot of sorts15:43
zygabulldog: why the sad face?15:43
zygabulldog: so I suspect you just rely on the fact that something on your host is being automatically loaded15:43
bulldogi dont knnow strace and chroot and sorts15:43
zygabulldog: and that thing is not present in the core snap (or your own snap) and it doesn't work15:44
zygabulldog: strace works like strace15:44
zygabulldog: just strace ./program15:44
zygabulldog: --help and manual page has useful things,15:44
tyhickszyga: from a real quick scan, MS_BIND is missing in fs_info struct in show_sb_opts() of fs/proc_namespace.c15:44
zygabulldog: my suggestion is to limit it just to open() so that you see a very small set of data15:45
tyhickszyga: I assume that is intentional but don't know why15:45
mupPR snapd#2744 closed: overlord: move configstate.Transaction stuff into configstate.config.Transaction <Created by mvo5> <Merged by niemeyer> <https://github.com/snapcore/snapd/pull/2744>15:45
bulldogzyga, am trying15:45
zygatyhicks: interesting, thanks15:45
zygatyhicks: I'll build a test kernel with a change there, maybe I can get some insight15:46
bulldogzyga, i got my terminal filled with stuff15:46
bulldogzyga, do i need to play video to find what it is using to play video ?15:47
zygabulldog: strace -o is useful15:47
zygabulldog: yes, use a realistic test case (do what it usually does)15:47
tyhickszyga: one last idea about it... I can't fully remember but MS_BIND may not actually be set in the superblock's flags when you do a bind mount. It may just clone the mount flags from the source superblock.15:52
zygatyhicks: I see, I'll read that code and see what I can find15:52
tyhickszyga: that'll be the case if your test kernel doesn't end up showing "bind" in mountinfo15:52
bulldogzyga, i got something interesting man :)15:53
bulldogzyga, please check this out http://imgur.com/a/TFoCm15:54
bulldogogra_, grep ffmpeg and flash of strace of my application http://imgur.com/a/TFoCm15:55
zygabulldog: I'm sorry I cannot check it out now16:06
bulldogzyga, ok16:06
bulldogzyga, you cant check image ??16:07
bulldogzyga, i want to know how to create those mimes files i think the player first read the mime files and then choose what codec is needed to play video and then call ffmpeg16:08
bulldogi added shared-mime-infot to stage-package now16:09
zygabulldog: no, I'm digging through kernel code, sorry16:14
zygabulldog: mime files don't do anything on ubuntu-core16:14
zygabulldog: and I doubt they are related16:14
bulldogzyga, plyer tries to find he mime type am sure of this16:15
zygabulldog: the server sends the mime type16:16
bulldogor it may be dynamic at runtime16:16
zygait always is as the server sends it16:16
bulldogif it was not why strace showing mime stuffs16:16
zygaI'm sorry but I cannot dig into your code right now16:17
bulldogserver sends several url to playable streams16:17
bulldogmy code has nothing to do with that16:17
mhall119bulldog: are you using desktop-launch from the desktop-qt5 remote part?16:18
bulldogi have to pack it in deb :(16:18
bulldogmhall119, yes16:18
bulldogmhall119, two things not working , video playback and mouse cursor looks odd16:18
bulldogrest of application works fine16:19
zygawow, MS_BIND is really used just twice in the whole kernel16:19
bulldogand both issues are when i pack with snap16:19
bulldogmhall119, can i run update-mime-database before my app starts ??16:20
bulldogoh it is already done by desktop-launcher16:21
flexiondotorgzyga I've been asked what the RAM overhead for adding AppArmor to a kernel is. Any idea?16:32
tyhicksflexiondotorg: I've got no numbers for that off the top of my head16:34
flexiondotorgOK, thanks.16:34
mupPR snapcraft#1095 opened: Plainbox providers run validate <Created by jocave> <https://github.com/snapcore/snapcraft/pull/1095>16:41
ogra_pstolowski, poke ...16:43
pstolowskiogra_, hey16:46
ogra_pstolowski, so i'm trying to extend our core snap for an option to turn syslog on/off ...16:47
ogra_looking at https://github.com/snapcore/snapd/wiki/hooks16:47
ogra_apparently i cant get any info about what option the snap set that hands over the value was called with16:47
ogra_there is nothing in the shell env or in the arg list16:48
ogra_does that mean that ... if i would package ... say postfix which can easily have 500 config options the confgure script would have to parse each single of them with a snapctl call ?16:48
mupPR snapd#2749 opened: interfaces/default: allow mknod for regular files, pipes and sockets <Created by jdstrand> <https://github.com/snapcore/snapd/pull/2749>16:49
ogra_(and would also set all these options every time i change one of them)16:49
ogra_that doesnt look actually scalable ... is there a way for the configure script to find out what was called in snap set ?16:50
zygaflexiondotorg: no16:52
zygaflexiondotorg: I think jjohansen is the person to ask but you can measure that yourself16:53
zygaflexiondotorg: boot ubuntu on x8616:53
zygaflexiondotorg: then disable apparmor16:53
zygabschaefer: (you have to pass somthing on command line, I could check later)16:53
zygaflexiondotorg: ^^16:53
zygabschaefer: sorry, tab-mistake16:54
zygaflexiondotorg: then you can compare16:54
zygaflexiondotorg: but I don't suspect it is significant16:54
flexiondotorgzyga OK, thanks.16:54
flexiondotorgFrom some research papers is indicates maybe 1Mb of RAM.16:55
flexiondotorgBut I'll need to test.16:55
tyhicksflexiondotorg: apparmor=0 is the kernel command option, which zyga is referring to, that disables apparmor16:55
zygathanks :)16:56
flexiondotorgYep :-)16:56
zygaflexiondotorg: once you do find out can you please give us a note16:56
flexiondotorgYeah, will post on the ML.16:56
zygaflexiondotorg: include the test procedure as well, could be useful to repeat and measure16:56
zygagreat, thanks16:56
* ogra_ gives zyga a ♫16:56
flexiondotorgWon't be for a couple of days though.16:57
tyhicksflexiondotorg: just to check that you've properly disabled apparmor after booting, run aa-enabled and make sure that it doesn't print "Yes"16:57
ogra_flexiondotorg, he has a note now, no hurry, that will persist for a few days ;)16:57
flexiondotorgtyhicks Thanks for the tip.16:58
pstolowskiogra_, hmm, not really17:03
ogra_do we plan to extend that in the future ?17:04
pstolowskiogra_, i know this is not answer to your question, but I feel like it's worth mentioning - you can structure your options in a map, and then get them all in one go17:04
* ogra_ imagines shell script hooks with 100s of lines of snapctl get at the top17:04
pstolowskiogra_, e.g. snapctl set author='{"name":"pawel", "age":18}'17:04
ogra_yeah, that doesnt help much ... especially in the context of the core snap where i probably only want to toggle a few options of the OS17:05
pstolowskiogra_, and then "snap(ctl) get -d ... author" will give you a formatted json document will both options17:05
ogra_i think we need a way to make the script knwo what option is being changed17:06
pstolowskiogra_, i think the idea was to use that as input to generate the target config17:06
ogra_thats fine for initial install17:06
ogra_but not if you want to change a single value17:06
pstolowskiogra_, I don't know of any plans to do that. this is the first time I hear about this limitation. but I think you're right17:06
ogra_in a snap that has tons of options17:06
pstolowskiogra_, yes.. sounds like a lots of work for script author to handle anything more complex than a few options17:07
ogra_well, i'm already stuggling with more than one :)17:07
ogra_morphis_ created a configure script for the core snap17:08
ogra_i'm trying to add a second option but seemingly cant do that without also parsing his option every time i set mine17:08
pstolowskiogra_, yeah, it's worth discussing. i'm about eod, need to pack things for the trip. back on monday but feel free to discuss tomorrow on standup17:08
morphis_ogra_: yeah you don't get a info which option is set17:09
ogra_i'll drag it to the ML17:09
morphis_ogra_: niemeyer talked about something to improve this17:09
ogra_morphis_, yeah, imagine you package postfix ... 500-800 possible options ...17:09
morphis_ogra_: but currently the only optio is to save state ..17:09
morphis_ogra_: I know, configure hook is pretty limited17:09
ogra_the configure script would probably end up bigger than the whole postfix source17:10
morphis_ogra_: and my problem is that it is sometimes orthogonal to existing configuration systems as both can change and then don't match anymore17:10
morphis_so you need to go state both ways etc.17:10
morphis_pretty complex17:11
morphis_raised that already back when the hook was introduced but I guess this is still just the beginning and to be improved in the future17:11
ogra_i hope so :)17:11
ogra_well, i'll just add my option to it then ...17:12
pstolowskiit sounds to me like snap config options should only be used for some fundamental settings and not try to replicate all apps settings17:12
pstolowskie.g. what port to listen to or some such17:12
morphis_ogra_: wait, snapd does not update gadget snaps?17:13
ogra_morphis_, nope17:13
morphis_awe_: ^^17:13
ogra_i was the same :)17:13
morphis_ogra_: why is that the case?17:13
ogra_safety net i think17:13
ogra_ask mvo17:13
morphis_so if a vendor updates its gadget snap in the store it doesn't get pulled and installed?17:14
ogra_we actually have a bug (though regarding the config.txt on the pi, but it applies to all gadget content afaik)17:14
morphis_ogra_: so lets say I add another plug to the gadget snap for a serial-port it doesn't get available on the device ever?17:14
zygamorphis_: plugs are processed (that's snap.yaml)17:15
ogra_i dont know if any parts get updated ... if there are any they are selectz bits17:15
zygamorphis_: but we don't process any of the gadget artefacts17:15
bulldoggood night guys , i was not able to play videos in qwebview :(17:15
zygamorphis_: we don't bundle the equivalent of what ubuntu-image does17:15
ogra_yeah, you wont get a new grub config or a fix in the grub binary today17:15
morphis_zyga: right, so just gadget.yaml is ignored, correct?17:15
zygamorphis_: yes17:16
morphis_zyga: but lets say I change my configure hook in the gadget snap its still being updated and executed?17:16
ogra_thats in the snap.yaml, right ?17:16
zygamorphis_: yes17:16
zygamorphis_: it's just like any other snap17:16
zygamorphis_: we just don't have code that goes over what is done by the gadget at build time17:16
ogra_we need that though :)17:17
mvomorphis_: there is a bit of a misunderstanding here it seem. we update the gadget snaps, we just don't update the bootloader bits and apply them to /boot/{uboot,grub}17:17
morphis_ogra_: then your comment on the bug does not apply17:17
ogra_morphis_, yeah, sorry17:17
ogra_seems i misunderstood17:17
morphis_mvo: yeah I just figured that ..17:17
mvoaha, thanks zyga, you already said this17:17
morphis_ogra_: can you correct that on the bug?17:17
zygamvo: thinking about it17:19
zygamvo: perhaps it would be better in general17:19
zygamvo: to have a special hook that gadgets could have17:19
zygamvo: that lets them upgrade themselves17:19
zygamvo: this feels more flexible than teaching snapd to understand all the random devices out there17:20
zygamvo: and we could then leverage ubuntu-image codebase to construct gadget update hooks17:20
ogra_that sounds like a plan17:20
zygamvo: (where the hook would run a new tool built from the same codebase)17:20
zygamvo: and since the hook can inspect the system (kernel, what not) it could be smarter about hard cases17:20
zygamvo: it could even be the configure hook though I somewhat share ogra_'s opinion about scalability17:21
zyga(as in what the hook is supposed to do when invoked)17:21
zygamvo: and over time this could do other funky stuff like push a new gadget to update firmware on some oddball attached device17:22
zyga(e.g. reflash arduino with new program)17:22
ogra_well, i'd already be happy to be able to update bugfixes in the bootloader binary17:22
ogra_we do that all the time on classic17:22
ogra_so there is no reason to not do it on core17:23
mvozyga: interessting idea, I think this aligns with the discussions we had at the sprint17:23
seb128sergiusens, what email client are you using? those colored lines in your replies are weird :-)17:38
sergiusensseb128: I am using dekko :-P17:53
sergiusensseb128: I've been notified17:53
seb128k, it's just weird looking :-)17:53
DanChapmansergiusens: I presume that's the wonky reply quoting your talking about? where you get loads of >>>>> in place of text. A fix for that will be landing shortly.18:12
sergiusensDanChapman: \o/18:28
Pharaoh_AtemYo all18:28
mupPR snapd#2753 closed: tests: install ubuntu-core from the same channel as core <Created by fgimenez> <Merged by pedronis> <https://github.com/snapcore/snapd/pull/2753>18:37
Pharaoh_Atemsergiusens: have you had a chance to take a look at breaking up the (stage|build)-packages backend up like we discussed at the October sprint?18:37
Pharaoh_Atemin snapcraft18:38
jdstrandzyga: I think it would probably be a good idea to do 'sysctl -w kernel.printk_ratelimit=0' for all spread tests. where would be the best place to put that in your opinion (otoh only). "I'm not sure" is an ok answer18:58
zygajdstrand: ... in tests/lib/prepare.sh19:05
zygatyhicks: you were right about MS_BIND, I patched the kernel a little bit (though this is a dead-end IMHO) to learn how things work19:06
zygatyhicks: I've added MNT_BIND that gets set on bind mounts and printed in mountinfo19:06
zygatyhicks: I kicked off another build19:06
zygatyhicks: I start to think that I could use the tree structure to figure things out, I'll write a small helper for that tomorrow (to graph the mount structure)19:07
zygatyhicks: if you know of one already then please drop me a line, otherwise I'll write one tomorrow (probably based on the existing mountinfo parser and dot/graphviz)19:08
jdstrandzyga: findmnt -a?19:09
jdstrandof maybe some other incantation19:10
* zyga trie19:10
zygaoh, groovy19:10
jdstrandzyga: thanks for prepare.sh19:11
zygajdstrand: findmnt seems to do _something_ to figoure out bind mounts :)19:12
zygajdstrand: that's very promising19:12
zygajdstrand: my patch actually worked19:15
zyga257 24 8:1 /hacking/source /hacking/target rw,relatime,bind shared:1 - ext4 /dev/sda1 rw,errors=remount-ro,data=ordered19:15
zyganot very pretty but ... it shows bind mounts ;)19:15
jdstrandneat :)19:17
zygajdstrand: http://paste.ubuntu.com/23901026/19:22
zygajdstrand: what?19:23
jdstrandjust surprised that wasn't done already19:24
zygajdstrand: I had a look at findmnt19:31
zygajdstrand: and it treats anything that has mnt_root != "/"19:37
zygajdstrand: it doesn't technically list bind mounts19:38
zygajdstrand: it just has special syntax for btrfs and bind mounts19:39
zygajdstrand: in any case this may be sufficient19:39
zygajdstrand: do you think I should try to submit my MNT_BIND patch anywhere?19:39
jdstrandzyga: you might want to ask the kernel team about that19:44
ogra_jdstrand, you totally missed the classic snap that installs the classic dimension in which you can then develop classic snaps with classic confinement !19:48
ogra_(in your list in the mail)19:48
jdstrandogra_: heh, I did actually think about it, but I was trying to focus on the two things that he may have been conflating19:52
ogra_yeah, i wasnt serious :)19:53
jdstrandit is pretty overloaded :)19:53
zygaogra_: that's a classic joke now19:53
* zyga hides19:53
jdstrandoh, boo :P19:53
balloonsjdstrand, do all classic snaps have to have an initial manual review?19:57
jdstrandballoons: yes20:10
stokachujdstrand, can i pm you about something?20:12
jjohansenflexiondotorg, zyga, jdstrand: the amount of ram overhead is highly dependent on policy, and cpu count. apparmor preallocates some per cpu work buffers. so a no policy base cost is you are looking at 2-4 pages/cpu + a few other small allocations. Policy is a lot harder to pin down, as it can vary drastically by what rules are used, how many profiles are loaded etc. Each profile will vary from just a few kb up to say a few 100 kb. 20:14
jjohansenIt also depends on what compiler options are used. The policy is compiled and usually minimized and then compressed. There are flags to tune at each stage (they usually don't make huge differences, unless you disable a given stage entirely) but I have seen differences as large as 40%. We try to set the compiler to a good default, that balances cpu time for policy size.20:14
jjohansenAnd yes, kernel side the policy stays compressed, its a compression that allows us to directly us the data, (more of a packing but it can do state differences etc)20:14
zygajjohansen: hey20:16
jjohansenhey zyga20:16
zygajjohansen: I was working on a smaller test case for the bug you may remember, so far no luck (it works)20:16
zygajjohansen: the original test is still broken20:17
zygajjohansen: I'll continue this work tomorrow20:17
jjohansenzyga: ack, poke me to look at it again, I have been side tracked by other work20:17
zygajjohansen: I asked a question in #ubuntu-kernel about a small patch, not sure if you want to review it (not sure if it makes sense to track MS_BIND flags)20:17
zygajjohansen: I'll poke you tomorrow (hopefully with a simple C program that shows this issue)20:18
jjohansenzyga: I'll have a look20:19
jdstrandstokachu: of course20:19
jdstrandnessita: fyi, https://myapps.developer.ubuntu.com/dev/click-apps/5570/rev/652/ is stuck with "Automated review not yet completed.". These are coming from balloons' LP build and ther are now 80 revisions queued cause r652 is stuck. I granted classic confinement, hopefully if r652 gets unwedged, everything will just flow20:21
jdstrandnessita: Submission date for r652 is 2017-01-28 06:15 - 3 days, 14 hours ago20:21
nessitajdstrand, hum, checking20:27
stokachunessita, hi! sent you and michael an email20:28
nessitastokachu, hi! is that a snap that we really want canonical to "sponsor"?20:28
stokachunessita, yes20:29
nessitaas in, is a canonical product?20:29
HumbleBeaverHello gents, I'm chasing down a Seccomp issue my program seems to be triggering20:29
stokachunessita, ah yes it is a canonical product20:29
nessitastokachu, ack, thanks; as soon as mvo replies with some ack I will do the transfer (likely tomorrow, is late for him and I'm close to EOD). Is that ok?20:30
stokachunessita, yea that's great ty! also ill still have upload rights to it?20:30
jdstrandHumbleBeaver: do you have a denial in syslog? eg, grep -F type=1326 /var/log/syslog20:31
nessitastokachu, yes, the transfer automatically give you collaborator rights20:31
stokachunessita, perfect ty!20:32
nothalHumbleBeaver: No such command!20:33
jdstrandHumbleBeaver: can you paste the output to paste.ubuntu.com? (you might also be interested in 'sudo snap install snappy-debug ; sudo snappy-debug.security scanlog')20:35
kyrofaogra_, what is the state of SPI on ubuntu core?20:36
HumbleBeaverjdstrand its been pasted, and I've got the debugger installed.20:38
jdstrandHumbleBeaver: can you give me the link with the paste?20:39
HumbleBeaverjdstrand yes one moment20:39
HumbleBeaverjdstrand http://paste.ubuntu.com/23901389/20:40
jdstrandHumbleBeaver: cat you paste the contents of /var/lib/snapd/seccomp/profiles/snap.codebreakers.<your command>?20:41
HumbleBeaverjdstrand http://paste.ubuntu.com/23901416/20:44
sergiusensPharaoh_Atem: I am going to take a spike at it this week or weekend; was thinking about it this past weekend but I got sick (two weekends in a row)20:46
jdstrandHumbleBeaver: ok, you have two choices. adjust your code to use 'sched_setscheduler(0, ..., ...)' or add 'plugs: [ process-control ]' to your snapcraft.yaml20:46
jdstrandHumbleBeaver: is this an open source project? if so, is the code hosted somewhere?20:47
Pharaoh_Atemsergiusens: I know that feeling well20:48
Pharaoh_AtemI was sick the entire month of December20:48
Pharaoh_Atemit sucked a lot20:48
HumbleBeaverjdstrand Yes its on github, https://github.com/bflanagin/CodeBreakers20:50
jdstrandHumbleBeaver: we allow sched_setscheduler to be used with '0' as the first argument because that limits changing the scheduler to a process for this snap. other values for the first argument allow changing the scheduler for other pids that aren't from your snap20:54
HumbleBeaverjdstrand do you know how I might have caused the issue. It only occured when I tried to use the LocalStorage20:55
jdstrandHumbleBeaver: the process-control interface allows you to use sched_setscheduler with any arguments. looking at your code, it seems that it is something in the qt libraries that might be doing this. are you explicitly setting the scheduler in some way?20:55
jdstrandmaybe it is sqlite20:56
HumbleBeaverIt must be, I have timers for some things, for animations but thats it20:56
HumbleBeaverjdstrand I've got it repackaged, let me see what happens now20:57
jdstrandHumbleBeaver: this is a thread scheduler unrelated to timers20:57
HumbleBeaverjdstrand I figured as much, its really a simple game.20:59
jdstrandI see sqlite3 uses sched_setparam but not sched_setscheduler21:00
nessitajdstrand, I gotta run now, Daniel (roadmr) is helping me debugging but I may unblock the revision tomorrow, sorry21:01
jdstrandnessita: thanks, sorry for pinging you at your eod. balloons, fyi ^21:02
nessitajdstrand, long story short I can file an RT to get that unblock, but would like to fidn what caused the blockeage first to be able to fix21:03
jdstrandmakes sense21:03
nessitajdstrand, will keep you posted21:07
HumbleBeaverjdstrand I've added process-control to plugs, as well as network-control (this was suggested by the debugger)21:09
HumbleBeaverboth seem odd for a QML app that only uses javascript to make it do what it does21:10
jdstrandHumbleBeaver: you shouldn't need network-control. what was the denial?21:10
balloonsty all21:10
HumbleBeaverjdstrand I thought it was odd too, one moment21:11
kgunnogra_: fwiw, the link to db image seems broken from this page21:18
HumbleBeaverjdstrand I removed network-control but left network (I'm going to need it later anyway). It was the debugger that suggested I add network-control, but I don't know what it was complaining about.21:19
jdstrandHumbleBeaver: the debug command will make several suggestions. it's possible there was a cascasding failure since you didn't have process-control21:20
mupPR snapd#2558 opened: snapstate: move refresh from a systemd timer to the inernal snapstate Ensure() <Created by mvo5> <https://github.com/snapcore/snapd/pull/2558>21:20
jdstrandHumbleBeaver: I've taken a todo to look into why qml apps need sched_setscheduler21:21
HumbleBeaverjdstrand That makes sense, with process control my app still fails to start, but there are no more debug errors when in devmode21:21
HumbleBeaverthanks for looking into this I'll see if I can set the scheduler like you suggested21:22
mupPR snapcraft#1088 closed: Release changelog for 2.26 <Created by sergiusens> <Merged by sergiusens> <https://github.com/snapcore/snapcraft/pull/1088>21:24
jdstrandHumbleBeaver: I don't think there is anything for you to do. I think it is in the guts of QThread: http://sources.debian.net/src/qtbase-opensource-src/5.7.1%2Bdfsg-3/src/corelib/thread/qthread_unix.cpp/?hl=721#L72121:26
* jdstrand hugs sergiusens for releasing 2.26 ('desktop' in snap.yaml has been annoying :)21:27
* sergiusens hugs back21:28
sergiusensjdstrand: would of pushed on Friday, but we had unexpected adt failures which were sorted21:28
jdstrandsergiusens: no worries, it hasn't been too bad21:29
HumbleBeaverjdstrand I hate it when that is the case, and I forgot to connect process-control to codebreakers. It now works in Scrict mode21:32
HumbleBeaverForgive my ignorance, but will other users have to do that as well to use the application on their system?21:32
jdstrandHumbleBeaver: yes. like I said, I need to look into what is happening and see what to do to fix it21:35
HumbleBeaverjdstrand thanks for your help, I'll rewrite the code to use an online leader board while you get things sorted.21:39
ogra_kgunn, bah, looks like slangasek's re-arranging for automatic builds broke all links ... there was a new "/current" layer added21:41
slangasekogra_: what links?21:42
ogra_i'm not actually sure we need current and pending there21:42
ogra_slangasek, https://developer.ubuntu.com/core/get-started/dragonboard-410c21:42
slangasekthe extra layer is there by discussion with QA (jibel)21:42
slangasekwe have the same promotion process for images for the stable channel as elsewhere: we produce the image, it's put through QA, then it's published as current after it's been confirmed to work21:43
ogra_except that they (used to) test candidate21:43
slangasekwe can retrofit some compat symlinks, but can we also please update the pages?21:43
slangasekthe candidate image is a separate image build21:44
slangasekbecause the channel has to be changed within the image21:44
slangasekand we want QA of the actual output of the image build21:44
ogra_of snaps that get promoted through the store levels21:44
ogra_the only thing you woulld test there is ubuntu-image :)21:44
slangasekmaybe you have confidence that ubuntu-image will always produce correct output21:44
slangasekI am more conservative about my own code ;)21:44
ogra_heh, k21:44
slangasek(also, jibel wanted it ;)21:45
ogra_the thing is that we are duplicating the processes ... snaps should layer through the store21:45
slangasekogra_: so, I'm willing to do this any way that the team thinks is correct, but when I asked jibel how he wanted these done this is what he asked for21:47
ogra_the snap is identical in candidate and stable ... that should be true for kernel, core and the gadgets21:47
slangasekanyway, compat symlinks are now in place21:47
slangasekwill you take care of updating the documentation?21:47
ogra_i'll file the PRs yeah21:47
ogra_kgunn, ^^ all back21:48
ogra_kyrofa, hmm, should all work on a low level, though i'm not sure if we might need extra interface love ...21:49
kyrofaogra_, just saw this pop up: https://askubuntu.com/questions/878445/error-illegal-arguments-for-construction-of-exports-spi21:49
kyrofaogra_, which is from classic mode, which should be devmode21:50
ogra_ogra@localhost:~$ grep spi /boot/uboot/config.txt21:51
ogra_i'll fix that tomorrow ... can you tell him to remove the comment for now21:52
kyrofaogra_, that's writable? Will do21:54
ogra_yeah, it is ... but isnt upgraded when we update the gadget21:55
ogra_so he would have to re-install an edge image ... just uncommenting is the least painless21:55
stokachudo we know if the launchpad snap builds support the /snap directory now?21:57
kyrofaogra_, perfect, thank you for investigating. Shall I log a bug?21:57
ogra_kyrofa, nah, i'll do it with the next gadget update21:57
kyrofastokachu, I don't think so-- that's snapcraft 2.26 which isn't quite out yet21:57
kyrofastokachu, but once it's in -updates LP will support it21:57
stokachukyrofa, ok thanks, ill continue building manually until then21:57
ogra_the fact that installed gadgets do not get updated is known and has bugs21:58
kyrofaogra_, alright, sounds good21:58
sergiusenswgrant: do you remember the snap directory conversations? ^21:59
wgrantsergiusens: ie. having buildds mount the core snap for classic builds?21:59
sergiusenswgrant: no, snapcraft.yaml inside snap/snapcraft.yaml22:00
wgrantOh that.22:01
wgrantsergiusens: I don't think LP needs specific support for that, does it?22:01
sergiusenswgrant: not out yet, but lp detection of that as a valid thing might be a thing; both you guys are subscribed to the bug, not sure if I need to do more next time22:01
wgrantIt doesn't use snapcraft.yaml except via snapcraft itself.22:01
wgrantSo it should Just Work.22:01
sergiusenswgrant: I think, I don't know; does the +Create a snap button show regardless?22:01
wgrantOh right.22:02
wgrantbuildd doesn't, but the app does, to autoparse the name.22:02
wgrantcjwatson is working on some stuff in that area atm, so might be able to sort it out.22:02
wgrantsergiusens: IIRC /snapcraft.yaml, /.snapcraft.yaml and /snap/snapcraft.yaml are all valid now?22:03
wgrantAnything else?22:03
kyrofawgrant, you got it22:03
sergiusenswgrant: correct22:04
sergiusensok, I am EODing now!22:04
wgrantNote that all this breaks is the name autodetection when creating a new snap.22:04
wgrantBuilds will work fine, and when creating a new snap that uses a new location you'll just need to enter the name manually.22:05
sergiusenswgrant: good to know, I won't block on releasing then22:05
mhall119bzoltan: zbenjamin: have you guys had any issue with QML/SDK apps running as fully confined snaps? HumbleBeaver is experiencing a problem related to SQLite22:15
odysseywestraHi I was wondering if someone could help me package MyPaint. I read through the tutorial, but I would like someone to help me walk through the process so I can get it.22:42
HumbleBeaverodysseywestra Howdy, I'm still learning too, but I've got one or two snaps under my belt.22:48
HumbleBeaverI'll try my best to get you running, where are you at in the process22:48
HumbleBeaverand then my dogs demand I take them on a walk.22:51
odysseywestraYeah, and one of my family member came over unexpectedly.22:52
HumbleBeaverodysseywestra lol, well I'll hit you up after the walk, if someone isn't helping you I'll see what I can do for you22:52
odysseywestraOkay thank you.22:53
zygajdstrand: replied on must_stpcpy, I think I misunderstood you initially, strncat is mostly useless for preventing bufer overflows IMO23:34
zygajdstrand: if you want we can discuss this here quickly or back in the pull request slowly23:35
PugnaciousOneAnyone awake in this channel?  I'm having some issues installing snapd.  The error i'm getting is: failed to synchronize cache for repo 'zyga-snapcore'23:38
kyrofaPugnaciousOne, what OS?23:39
PugnaciousOnei would have used ubuntu but the company i work for has issues if i use anything other than centos23:40
kyrofazyga, can you take a look at that? ^^23:40
PugnaciousOnei'm trying to adapt the fedora guide to it23:40
zygaPugnaciousOne: hey, centos is not supported yet23:40
kyrofaPugnaciousOne, understood, I've been in that situation as well23:40
zygaPugnaciousOne: I'm sorry but I didn't build a centos package23:40
zygaPugnaciousOne: we're trying to get a working package but it's been somewhat starved by other things23:41
zygaPugnaciousOne: if you want to help I could use someone to work on a centos package23:41
PugnaciousOneah, i'll have to try and get them to make an exception then.  it's very similar to fedora though.23:41
PugnaciousOnewhat type of help do you need?23:41
zygaPugnaciousOne: just on the packaging itself23:41
zygaPugnaciousOne: I can work with you, I think we could reuse some of the work that went into the (incomplete because of selinux) fedora package23:42
PugnaciousOnei have about 4 hours.  i can test whatever, but i'm currently vpn'd back into my company network so i can access the server through ssh23:42
PugnaciousOneif it makes you feel any better, i run selinux in permissive mode so it shouldn't be an issue on my end23:42
PugnaciousOnethe vpn connection means that i'm a bit slower than i normally would be.  i'm on a little laptop at home23:43
zygaPugnaciousOne: right now the package that I was trying to build for fedora is a few releases behind and stuck on selinux policy; there's no centos package available as that was planned as the next step23:43
zygaPugnaciousOne: which version of centos do you need to use?23:43
PugnaciousOnethe security guys have a cow even if linux is mentioned.  it took me months to get permission to use centos 723:44
zygaPugnaciousOne: ok, I cannot give you anything concrete but have a look at this: https://github.com/snapcore/snapd/wiki/Distributions#centos23:44
zygaPugnaciousOne: if you want to contribute and help make the package happen I can giude you23:45
zygaPugnaciousOne: but I cannot work on it full time yet23:45
zygaPugnaciousOne: I wish I had better news23:45
PugnaciousOnei'll help as much as i can.  just let me know what info/input you need from me23:46
zygaPugnaciousOne: well, to work on the package itself23:46
PugnaciousOnei was hoping to setup a rocketchat server to demo to the guys visiting from corporate tomorrow.  trying to get them to move out of the stone age and use actual communication23:46
PugnaciousOnelet me check and see if i have the dependencies first and i'll get back to you in a few minutes23:47
zygaPugnaciousOne: if you cannot work on the package then don't worry, I'll get around to work on it soon (~1-2 weeks probably)23:47
zygaPugnaciousOne: you may want to talk to Pharaoh_Atem23:48
zygaPugnaciousOne: he was working with me on the initial fedora package and has helped me a lot with RPM specific knowledge23:48
PugnaciousOneok.  i'll look into it.  to be honest my coding is rusty and i don't use linux enough.  do you think it would be possible to build it from source?23:49
zygaPugnaciousOne: yes although you'd have to glue the bits together manually23:49
zygaPugnaciousOne: that doesn't sound like a good demo material23:49
zygaPugnaciousOne: I'd recommend trying this out on debian/ubuntu for now23:50
PugnaciousOnesadly, i'm familiar with gluing bits together.  i'll just see if i can build a debian install tomorrow23:50
zygaPugnaciousOne: on sid you can apt-get install snapd23:50
zygaPugnaciousOne: or xenial, that's the most tested release23:50
PugnaciousOneyeah.  the info sec team is going to have a field day, but...if i strip the install down enough i should be able to get them to accept it23:51
PugnaciousOnewhat's xenial?23:51
zygaPugnaciousOne: codename of ubuntu 16.0423:51
mupPR snapcraft#1096 opened: schema,copy plugin: better errors when item has no value <Created by kyrofa> <https://github.com/snapcore/snapcraft/pull/1096>23:51
PugnaciousOnei've mostly been using arch for the past 3 years23:51
zygaPugnaciousOne: there's an arch package but it is outdated as well23:52
PugnaciousOnei'll stick with debian i think23:53
PugnaciousOneit'll be the easiset for me to get them to accept23:53
zygaPugnaciousOne: on xenial you will get much stronger security than on ubuntu23:54
zygaPugnaciousOne: on debian the confinement system is not enabled as apparmor patches are not all available in the kernel there23:54
kyrofazyga, how does snapd work on openembedded and/or yocto? Do we have recipes upstreamed for snapd, snap-confine, etc?23:54
zygaPugnaciousOne: s/than on ubuntu/than on debian/23:54
zygaPugnaciousOne: it's a matter of time but for now ubuntu is the best host for snapd23:54
zygakyrofa: I didn't work on openembedded23:55
kyrofazyga, do you know who did?23:55
zygakyrofa: no, I'm sorry23:55
zygakyrofa: that may have been asac23:55
kyrofaWonder who's maintaining that nowadays23:55
zygaI suspect nobody23:56
kyrofaAs do I23:57
kyrofazyga, are there any other distros on snapcraft.io that you're uncertain about?23:58

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!