| mwhudson | er i thought there was some way i could embed a part's git sha1 into the snapcraft version, am i making that up | 00:34 |
|---|---|---|
| mwhudson | ? | 00:34 |
| sergiusens | mwhudson: that has been discussed but not possible yet | 01:46 |
| sergiusens | in should be soonish but I need to send a proposal out | 01:46 |
| mwhudson | sergiusens: ah i'll stop looking for how to do it in the source then :-) | 01:47 |
| === chihchun_afk is now known as chihchun | ||
| === chihchun is now known as chihchun_afk | ||
| === chihchun_afk is now known as chihchun | ||
| === chihchun is now known as chihchun_afk | ||
| === chihchun_afk is now known as chihchun | ||
| zyga | o/ | 07:39 |
| mup | PR snapd#2995 closed: interfaces: extend location-control out-of-process provider support <Created by vosst> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/2995> | 07:56 |
| outsidecontext | hi. I have searched a lot, but found no definitive answer. is there some generic way to give my snapped app access to call a DBus interface? | 08:48 |
| outsidecontext | or does this always require implementing a snapd interface which gives access to the specific DBus interface? | 08:48 |
| zyga | outsidecontext: it depends, we now have a generic dbus interface | 08:49 |
| outsidecontext | zyga: ok. would it allow me to configure my snapped app to access e.g. org.freedesktop.FileManager1 ? | 08:51 |
| mup | PR snapd#3026 opened: cmd/snap-confine: use defensive argument parser <Created by zyga> <https://github.com/snapcore/snapd/pull/3026> | 08:51 |
| zyga | outsidecontext: if that thing is running unconfined then the answer is no, for that you need a proper interface | 08:52 |
| zyga | outsidecontext: we have a dbus interface for apps that want to provide dbus services | 08:53 |
| zyga | outsidecontext: or talk to dbus services provided by other snaps | 08:53 |
| zyga | outsidecontext: but if you want to talk to something outside of the sandbox you need a new interface as this has unpredictable security impact | 08:53 |
| outsidecontext | zyga: I see. I am aware that I can expose a DBus interface, but that doesn't help in this case | 08:54 |
| outsidecontext | zyga: so a generic interface to access unconfined DBus interfaces will not happen? that's a pitty :( | 08:56 |
| outsidecontext | zyga: but thanks for confirming my suspicion. that makes it a bit hard to package anything that relies on DBus services not covered by the existing interfaces | 08:57 |
| zyga | outsidecontext: it's the only way to make security sensible | 08:57 |
| zyga | outsidecontext: would you feel comfortable knowing that any snap you install can talk to *anything* on your system session or service bus? | 08:58 |
| zyga | outsidecontext: outside of any supervision? | 08:58 |
| outsidecontext | zyga: wouldn't it be similar to e.g. the x11 interface? or any other available service granting me access to dbus services? any app can use those, too | 08:59 |
| zyga | outsidecontext: no, it would not; x11 is going away and we cannot mediate it (if we could, it would be confined already) | 08:59 |
| zyga | outsidecontext: all the other interfaces that grant dbus access were reviewed by the security team | 08:59 |
| zyga | outsidecontext: in many cases new services are created as old services were insecure | 08:59 |
| zyga | outsidecontext: and many sensitive apis are blocked | 09:00 |
| zyga | outsidecontext: the security review goes into reviewing the actual code on the other side of the dbus connection | 09:00 |
| outsidecontext | zyga: ok, I see. so the idea is to have interfaces only for secure, well behaving DBus services. makes sense | 09:00 |
| zyga | outsidecontext: well, in general the idea is not to give blank checks | 09:00 |
| zyga | outsidecontext: that give you access to unconfined processes | 09:00 |
| zyga | outsidecontext: please file a bug on snapd, describe your case and we can simply add an interface for what you need | 09:01 |
| outsidecontext | zyga: how would one go forward with general services like org.freedesktop.FileManager1 ? does it make sense for me to open a feature request for snapd? | 09:01 |
| outsidecontext | zyga: was too slow, you already gave the answer. I will do that | 09:01 |
| zyga | outsidecontext: I'm not sure yet, but the way to start is to file a bug I think :) | 09:01 |
| zyga | outsidecontext: the security team will review the code and we can make decisions | 09:02 |
| outsidecontext | zyga: thanks a lot :) | 09:02 |
| zyga | outsidecontext: I'm sorry security isn't easier :) | 09:02 |
| gbisson | Hi all, what is the best way to debug snapd modules mounting? I'm asking because since Friday I can't seem to create an image which loads the modules/firmware in /lib/, don't know why | 11:04 |
| gbisson | I've looked at the syslog/journalctl/snap changes etc... the only thing I can see is that lib-firmware.mount and lib-modules.mount (systemctl) don't happen any more | 11:05 |
| === chihchun is now known as chihchun_afk | ||
| mup | PR snapd#3027 opened: snap: run snap-confine from core if snap is also running from core <Created by mvo5> <https://github.com/snapcore/snapd/pull/3027> | 11:30 |
| === alan_g is now known as alan_g|afk | ||
| === chihchun_afk is now known as chihchun | ||
| === alan_g|afk is now known as alan_g | ||
| mup | PR snapd#3028 opened: interfaces: seccomp tests cleanup <Created by stolowski> <https://github.com/snapcore/snapd/pull/3028> | 13:03 |
| mup | PR snapcraft#1189 closed: core: resolve ld link first <Created by sergiusens> <Merged by sergiusens> <https://github.com/snapcore/snapcraft/pull/1189> | 13:47 |
| === chihchun is now known as chihchun_afk | ||
| mup | PR snapd#3020 closed: osutil: fix double expand in environment map code and add test <Created by mvo5> <Merged by niemeyer> <https://github.com/snapcore/snapd/pull/3020> | 14:08 |
| gbisson | I'm answering my own question, /lib/modules or /lib/firmware is only mounted if the folders are in the root directory of the kernel snap https://bugs.launchpad.net/snapcraft/+bug/1658177 | 14:29 |
| mup | Bug #1658177: snapcraft kernel plugin puts module and firmware under 15.04-era lib/ directory <Snapcraft:Fix Released by lool> <https://launchpad.net/bugs/1658177> | 14:29 |
| gbisson | my snapcraft version was apparently too old | 14:31 |
| barry | hi all. is there anything i have to explicitly do in order to get my classic snap reviewed? | 14:52 |
| === nacc_ is now known as nacc | ||
| alecu | ogra_, morphis: any idea why bluetoothctrl on the raspi3 with core can't find any bluetooth controller? | 15:15 |
| alecu | I'm trying out the steps here: https://docs.ubuntu.com/core/en/stacks/bluetooth/doc/overview | 15:16 |
| alecu | but it gets stuck waiting for the line that reads: "[NEW] Controller 1C:C3:E4:79:43:4C localhost.localdomain [default]" | 15:16 |
| morphis | alecu: don't know, need to check with koza | 15:21 |
| alecu | Sounds good, let's ask koza then | 15:34 |
| Son_Goku | zyga, any luck on those two golang deps? | 15:36 |
| pmcgowan | ogra_, question about time updates on core images | 15:44 |
| Marco_ | Hi | 15:44 |
| Marco_ | I have a question about installing snapd on debian | 15:45 |
| Marco_ | Can someone help me ? | 15:45 |
| pmcgowan | zyga, maybe | 15:45 |
| seb128 | or you can just ask and see if somebody knows the answer | 15:46 |
| Marco_ | I just have one question, what debian sources i need to add to my sources list, because now apt install snapd does not work | 15:47 |
| Marco_ | Ty :) | 15:47 |
| nacc | Marco_: what version of debian are you on? | 15:47 |
| Marco_ | nacc, Last one debian 8,4 | 15:48 |
| nacc | Marco_: that's stable, right? | 15:48 |
| Marco_ | nacc: Yup :) | 15:48 |
| nacc | Marco_: snapd is only in testing and unstable curently | 15:48 |
| Marco_ | Ah, thats maybe why, because i want to install Rocket.Chat but i have some issues, and it seems easier with snapd | 15:49 |
| Marco_ | Thanks also for you help | 15:50 |
| nacc | slangasek: funny 'snapd' in sid says "Manage an Ubuntu system with snappy." and "Tool to interact with Ubuntu Core Snappy." | 15:50 |
| nacc | slangasek: which i guess might be true, but is odd to read in Debian | 15:50 |
| nacc | Marco_: yeah, that's my guess -- i don't know much beyond that, was just reporting what i saw in rmadison | 15:50 |
| Marco_ | OK, So thank you all for helping me, | 15:51 |
| Marco_ | Have a great day | 15:51 |
| mup | PR snapcraft#1187 closed: tests: take into account the new current link <Created by elopio> <Merged by sergiusens> <https://github.com/snapcore/snapcraft/pull/1187> | 15:53 |
| mup | PR snapcraft#1190 opened: .travis.yml: Don't use sudo to install dependencies as it's not even installed yet <Created by Roadmaster> <https://github.com/snapcore/snapcraft/pull/1190> | 16:14 |
| mup | Bug #1672803 opened: Console-conf crashes on db with wrong wlan SSID <Snappy:New> <subiquity (Ubuntu):New> <https://launchpad.net/bugs/1672803> | 16:40 |
| mup | PR snapd#3013 closed: cmd/libsnap: simplify sc_string_quote default case <Created by zyga> <Merged by niemeyer> <https://github.com/snapcore/snapd/pull/3013> | 16:54 |
| mup | PR snapcraft#1191 opened: tests: run the CLA check in a docker container <Created by elopio> <https://github.com/snapcore/snapcraft/pull/1191> | 17:05 |
| mup | PR snapcraft#1190 closed: .travis.yml: Don't use sudo to install dependencies as it's not even installed yet <Created by Roadmaster> <Closed by elopio> <https://github.com/snapcore/snapcraft/pull/1190> | 17:08 |
| marcoceppi | How do I prime packages from a PPA? | 17:14 |
| mup | PR snapd#3029 opened: snapstate: introduce helper to apply to disk a alias states change for a snap <Created by pedronis> <https://github.com/snapcore/snapd/pull/3029> | 17:15 |
| elopio | marcoceppi: you can't. There are a few whishlist bugs, like https://bugs.launchpad.net/snapcraft/+bug/1493081 | 17:16 |
| mup | Bug #1493081: Ubuntu plugin: allow downloading of binary packages from PPAs <first-steps> <Snapcraft:Triaged> <https://launchpad.net/bugs/1493081> | 17:16 |
| marcoceppi | elopio: not even with like, scriptlets? | 17:16 |
| elopio | marcoceppi: oh, well, on a scriptlet you can do whatever you want, even add-apt-repository. And then add to stage-packages something from that repository. | 17:17 |
| marcoceppi | elopio: is there an example of that? | 17:17 |
| elopio | that's not like, really supported, but you can. | 17:17 |
| elopio | marcoceppi: no. The guideline is to support snaps as build-packages and snaps as remote parts first. We shouldn't recommend to use PPAs. | 17:18 |
| elopio | I recently updated my go examples to use the go part, instead of the go ppa. | 17:19 |
| mup | PR snapcraft#1192 opened: repo: refactor into a package <Created by sergiusens> <https://github.com/snapcore/snapcraft/pull/1192> | 17:53 |
| mup | Bug #1672472 opened: Date and time reports the wrong timezone <Snappy:New> <snapweb:Confirmed for justinmcp> <https://launchpad.net/bugs/1672472> | 18:02 |
| mcphail | kyrofa: is there any way to set snapd to email me when nextcloud updates, so I can re-enable the apps? | 18:09 |
| mup | PR snapd#3030 opened: assertstate,snapstate: have assertstate.AutoAliases use the "aliases" header <Created by pedronis> <https://github.com/snapcore/snapd/pull/3030> | 18:25 |
| King_InuYasha | sergiusens: first round of comments on the PR :) | 18:44 |
| === ssweeny_ is now known as ssweeny | ||
| coreycb | sergiusens, hi, i narrowed this down a bit more: https://bugs.launchpad.net/snappy/+bug/1670852 | 20:01 |
| mup | Bug #1670852: python console_scripts not installed into /snap/<snap>/current/bin <openstack> <Snappy:New> <https://launchpad.net/bugs/1670852> | 20:01 |
| sergiusens | coreycb: interesting, btw, this is a dup, now I don't know which to make a dup of which | 20:09 |
| coreycb | sergiusens, oh ok. well it doesn't matter to me. | 20:09 |
| mwhudson | oh ho | 20:11 |
| mwhudson | has anyone tried reproducing this setuid issue on a newer kernel, say zesty? | 20:11 |
| mwhudson | oh hm | 20:12 |
| mwhudson | kernel git is slightly different in a way that i have no idea is important or not | 20:12 |
| mwhudson | but zesty does not have that change yet | 20:12 |
| sergiusens | coreycb: https://bugs.launchpad.net/bugs/1670323 | 20:13 |
| mup | Bug #1670323: binary entry (and lib) for python projects not installed in final snap <amd64> <apport-bug> <xenial> <Snapcraft:New> <snapcraft (Ubuntu):New> <https://launchpad.net/bugs/1670323> | 20:13 |
| sergiusens | coreycb: but you raise an interesting point, isn't pip_command a list in your tests? such as `python -m pip install ...' ? | 20:14 |
| sergiusens | King_InuYasha: thanks! | 20:14 |
| King_InuYasha | sergiusens: np, I'm glad to see us finally moving forward on it! :D | 20:15 |
| coreycb | sergiusens, you mean as opposed to a string? | 20:15 |
| sergiusens | coreycb: yeah, a list of those elements in the string I gave you above | 20:31 |
| mup | Bug #1672872 opened: error while loading shared libraries: libpython2.7.so.1.0 <openstack> <Snappy:New> <https://launchpad.net/bugs/1672872> | 20:39 |
| coreycb | sergiusens, it is in fact a list | 20:43 |
| sergiusens | coreycb: ah, good, so then I need to be smarter about pip_command | 21:05 |
| sergiusens | python is really messy sometimes :-/ | 21:05 |
| coreycb | sergiusens, :) | 21:06 |
| sergiusens | can't wait to see what other ripple effects there are after changing this | 21:07 |
| coreycb | sergiusens, happy to give it a test run if you want | 21:11 |
| mup | PR snapcraft#1193 opened: asset-tracking: track per-part build-packages <Created by josepht> <https://github.com/snapcore/snapcraft/pull/1193> | 21:26 |
| === JanC_ is now known as JanC | ||
| mup | PR snapcraft#1140 closed: [WIP] catkin plugin: support building with an underlay <Created by kyrofa> <Merged by sergiusens> <https://github.com/snapcore/snapcraft/pull/1140> | 22:05 |
| mup | PR snapd#3031 opened: cmd/snap-confine-suid-trampoline: add new helper <Created by zyga> <https://github.com/snapcore/snapd/pull/3031> | 23:39 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!