[00:34] <mwhudson> er i thought there was some way i could embed a part's git sha1 into the snapcraft version, am i making that up
[00:34] <mwhudson> ?
[01:46] <sergiusens> mwhudson: that has been discussed but not possible yet
[01:46] <sergiusens> in should be soonish but I need to send a proposal out
[01:47] <mwhudson> sergiusens: ah i'll stop looking for how to do it in the source then :-)
=== chihchun_afk is now known as chihchun
=== chihchun is now known as chihchun_afk
=== chihchun_afk is now known as chihchun
=== chihchun is now known as chihchun_afk
=== chihchun_afk is now known as chihchun
[07:39] <zyga> o/
[07:56] <mup> PR snapd#2995 closed: interfaces: extend location-control out-of-process provider support <Created by vosst> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/2995>
[08:48] <outsidecontext> hi. I have searched a lot, but found no definitive answer. is there some generic way to give my snapped app access to call a DBus interface?
[08:48] <outsidecontext> or does this always require implementing a snapd interface which gives access to the specific DBus interface?
[08:49] <zyga> outsidecontext: it depends, we now have a generic dbus interface
[08:51] <outsidecontext> zyga: ok. would it allow me to configure my snapped app to access e.g. org.freedesktop.FileManager1 ?
[08:51] <mup> PR snapd#3026 opened: cmd/snap-confine: use defensive argument parser <Created by zyga> <https://github.com/snapcore/snapd/pull/3026>
[08:52] <zyga> outsidecontext: if that thing is running unconfined then the answer is no, for that you need a proper interface
[08:53] <zyga> outsidecontext: we have a dbus interface for apps that want to provide dbus services
[08:53] <zyga> outsidecontext: or talk to dbus services provided by other snaps
[08:53] <zyga> outsidecontext: but if you want to talk to something outside of the sandbox you need a new interface as this has unpredictable security impact
[08:54] <outsidecontext> zyga: I see. I am aware that I can expose a DBus interface, but that doesn't help in this case
[08:56] <outsidecontext> zyga: so a generic interface to access unconfined DBus interfaces will not happen? that's a pitty :(
[08:57] <outsidecontext> zyga: but thanks for confirming my suspicion. that makes it a bit hard to package anything that relies on DBus services not covered by the existing interfaces
[08:57] <zyga> outsidecontext: it's the only way to make security sensible
[08:58] <zyga> outsidecontext: would you feel comfortable knowing that any snap you install can talk to *anything* on your system session or service bus?
[08:58] <zyga> outsidecontext: outside of any supervision?
[08:59] <outsidecontext> zyga: wouldn't it be similar to e.g. the x11 interface? or any other available service granting me access to dbus services? any app can use those, too
[08:59] <zyga> outsidecontext: no, it would not; x11 is going away and we cannot mediate it (if we could, it would be confined already)
[08:59] <zyga> outsidecontext: all the other interfaces that grant dbus access were reviewed by the security team
[08:59] <zyga> outsidecontext: in many cases new services are created as old services were insecure
[09:00] <zyga> outsidecontext: and many sensitive apis are blocked
[09:00] <zyga> outsidecontext: the security review goes into reviewing the actual code on the other side of the dbus connection
[09:00] <outsidecontext> zyga: ok, I see. so the idea is to have interfaces only for secure, well behaving DBus services. makes sense
[09:00] <zyga> outsidecontext: well, in general the idea is not to give blank checks
[09:00] <zyga> outsidecontext: that give you access to unconfined processes
[09:01] <zyga> outsidecontext: please file a bug on snapd, describe your case and we can simply add an interface for what you need
[09:01] <outsidecontext> zyga: how would one go forward with general services like  org.freedesktop.FileManager1 ? does it make sense for me to open a feature request for snapd?
[09:01] <outsidecontext> zyga: was too slow, you already gave the answer. I will do that
[09:01] <zyga> outsidecontext: I'm not sure yet, but the way to start is to file a bug I think :)
[09:02] <zyga> outsidecontext: the security team will review the code and we can make decisions
[09:02] <outsidecontext> zyga: thanks a lot :)
[09:02] <zyga> outsidecontext: I'm sorry security isn't easier :)
[11:04] <gbisson> Hi all, what is the best way to debug snapd modules mounting? I'm asking because since Friday I can't seem to create an image which loads the modules/firmware in /lib/, don't know why
[11:05] <gbisson> I've looked at the syslog/journalctl/snap changes etc... the only thing I can see is that lib-firmware.mount and lib-modules.mount (systemctl) don't happen any more
=== chihchun is now known as chihchun_afk
[11:30] <mup> PR snapd#3027 opened: snap: run snap-confine from core if snap is also running from core <Created by mvo5> <https://github.com/snapcore/snapd/pull/3027>
=== alan_g is now known as alan_g|afk
=== chihchun_afk is now known as chihchun
=== alan_g|afk is now known as alan_g
[13:03] <mup> PR snapd#3028 opened: interfaces: seccomp tests cleanup <Created by stolowski> <https://github.com/snapcore/snapd/pull/3028>
[13:47] <mup> PR snapcraft#1189 closed: core: resolve ld link first <Created by sergiusens> <Merged by sergiusens> <https://github.com/snapcore/snapcraft/pull/1189>
=== chihchun is now known as chihchun_afk
[14:08] <mup> PR snapd#3020 closed: osutil: fix double expand in environment map code and add test <Created by mvo5> <Merged by niemeyer> <https://github.com/snapcore/snapd/pull/3020>
[14:29] <gbisson> I'm answering my own question, /lib/modules or /lib/firmware is only mounted if the folders are in the root directory of the kernel snap https://bugs.launchpad.net/snapcraft/+bug/1658177
[14:29] <mup> Bug #1658177: snapcraft kernel plugin puts module and firmware under 15.04-era lib/ directory <Snapcraft:Fix Released by lool> <https://launchpad.net/bugs/1658177>
[14:31] <gbisson> my snapcraft version was apparently too old
[14:52] <barry> hi all.  is there anything i have to explicitly do in order to get my classic snap reviewed?
=== nacc_ is now known as nacc
[15:15] <alecu> ogra_, morphis: any idea why bluetoothctrl on the raspi3 with core can't find any bluetooth controller?
[15:16] <alecu> I'm trying out the steps here: https://docs.ubuntu.com/core/en/stacks/bluetooth/doc/overview
[15:16] <alecu> but it gets stuck waiting for the line that reads: "[NEW] Controller 1C:C3:E4:79:43:4C localhost.localdomain [default]"
[15:21] <morphis> alecu: don't know, need to check with koza
[15:34] <alecu> Sounds good, let's ask koza then
[15:36] <Son_Goku> zyga, any luck on those two golang deps?
[15:44] <pmcgowan> ogra_, question about time updates on core images
[15:44] <Marco_> Hi
[15:45] <Marco_> I have a question about installing snapd on debian
[15:45] <Marco_> Can someone help me ?
[15:45] <pmcgowan> zyga, maybe
[15:46] <seb128> or you can just ask and see if somebody knows the answer
[15:47] <Marco_> I just have one question, what debian sources i need to add to  my sources list, because now apt install snapd does not work
[15:47] <Marco_> Ty :)
[15:47] <nacc> Marco_: what version of debian are you on?
[15:48] <Marco_> nacc, Last one debian 8,4
[15:48] <nacc> Marco_: that's stable, right?
[15:48] <Marco_> nacc: Yup :)
[15:48] <nacc> Marco_: snapd is only in testing and unstable curently
[15:49] <Marco_> Ah, thats maybe why, because i want to install Rocket.Chat but i have some issues, and it seems easier with snapd
[15:50] <Marco_> Thanks also for you help
[15:50] <nacc> slangasek: funny 'snapd' in sid says "Manage an Ubuntu system with snappy." and "Tool to interact with Ubuntu Core Snappy."
[15:50] <nacc> slangasek: which i guess might be true, but is odd to read in Debian
[15:50] <nacc> Marco_: yeah, that's my guess -- i don't know much beyond that, was just reporting what i saw in rmadison
[15:51] <Marco_> OK, So thank you all for helping me,
[15:51] <Marco_> Have a great day
[15:53] <mup> PR snapcraft#1187 closed: tests: take into account the new current link <Created by elopio> <Merged by sergiusens> <https://github.com/snapcore/snapcraft/pull/1187>
[16:14] <mup> PR snapcraft#1190 opened: .travis.yml: Don't use sudo to install dependencies as it's not even installed yet <Created by Roadmaster> <https://github.com/snapcore/snapcraft/pull/1190>
[16:40] <mup> Bug #1672803 opened: Console-conf crashes on db with wrong wlan SSID <Snappy:New> <subiquity (Ubuntu):New> <https://launchpad.net/bugs/1672803>
[16:54] <mup> PR snapd#3013 closed: cmd/libsnap: simplify sc_string_quote default case <Created by zyga> <Merged by niemeyer> <https://github.com/snapcore/snapd/pull/3013>
[17:05] <mup> PR snapcraft#1191 opened: tests: run the CLA check in a docker container <Created by elopio> <https://github.com/snapcore/snapcraft/pull/1191>
[17:08] <mup> PR snapcraft#1190 closed: .travis.yml: Don't use sudo to install dependencies as it's not even installed yet <Created by Roadmaster> <Closed by elopio> <https://github.com/snapcore/snapcraft/pull/1190>
[17:14] <marcoceppi> How do I prime packages from a PPA?
[17:15] <mup> PR snapd#3029 opened: snapstate: introduce helper to apply to disk a alias states change for a snap <Created by pedronis> <https://github.com/snapcore/snapd/pull/3029>
[17:16] <elopio> marcoceppi: you can't. There are a few whishlist bugs, like https://bugs.launchpad.net/snapcraft/+bug/1493081
[17:16] <mup> Bug #1493081: Ubuntu plugin: allow downloading of binary packages from PPAs <first-steps> <Snapcraft:Triaged> <https://launchpad.net/bugs/1493081>
[17:16] <marcoceppi> elopio: not even with like, scriptlets?
[17:17] <elopio> marcoceppi: oh, well, on a scriptlet you can do whatever you want, even add-apt-repository. And then add to stage-packages something from that repository.
[17:17] <marcoceppi> elopio: is there an example of that?
[17:17] <elopio> that's not like, really supported, but you can.
[17:18] <elopio> marcoceppi: no. The guideline is to support snaps as build-packages and snaps as remote parts first. We shouldn't recommend to use PPAs.
[17:19] <elopio> I recently updated my go examples to use the go part, instead of the go ppa.
[17:53] <mup> PR snapcraft#1192 opened: repo: refactor into a package <Created by sergiusens> <https://github.com/snapcore/snapcraft/pull/1192>
[18:02] <mup> Bug #1672472 opened: Date and time reports the wrong timezone <Snappy:New> <snapweb:Confirmed for justinmcp> <https://launchpad.net/bugs/1672472>
[18:09] <mcphail> kyrofa: is there any way to set snapd to email me when nextcloud updates, so I can re-enable the apps?
[18:25] <mup> PR snapd#3030 opened: assertstate,snapstate: have assertstate.AutoAliases use the "aliases" header <Created by pedronis> <https://github.com/snapcore/snapd/pull/3030>
[18:44] <King_InuYasha> sergiusens: first round of comments on the PR :)
=== ssweeny_ is now known as ssweeny
[20:01] <coreycb> sergiusens, hi, i narrowed this down a bit more: https://bugs.launchpad.net/snappy/+bug/1670852
[20:01] <mup> Bug #1670852: python console_scripts not installed into /snap/<snap>/current/bin <openstack> <Snappy:New> <https://launchpad.net/bugs/1670852>
[20:09] <sergiusens> coreycb: interesting, btw, this is a dup, now I don't know which to make a dup of which
[20:09] <coreycb> sergiusens, oh ok.  well it doesn't matter to me.
[20:11] <mwhudson> oh ho
[20:11] <mwhudson> has anyone tried reproducing this setuid issue on a newer kernel, say zesty?
[20:12] <mwhudson> oh hm
[20:12] <mwhudson> kernel git is slightly different in a way that i have no idea is important or not
[20:12] <mwhudson> but zesty does not have that change yet
[20:13] <sergiusens> coreycb: https://bugs.launchpad.net/bugs/1670323
[20:13] <mup> Bug #1670323: binary entry (and lib) for python projects not installed in final snap <amd64> <apport-bug> <xenial> <Snapcraft:New> <snapcraft (Ubuntu):New> <https://launchpad.net/bugs/1670323>
[20:14] <sergiusens> coreycb: but you raise an interesting point, isn't pip_command a list in your tests? such as `python -m pip install ...' ?
[20:14] <sergiusens> King_InuYasha: thanks!
[20:15] <King_InuYasha> sergiusens: np, I'm glad to see us finally moving forward on it! :D
[20:15] <coreycb> sergiusens, you mean as opposed to a string?
[20:31] <sergiusens> coreycb: yeah, a list of those elements in the string I gave you above
[20:39] <mup> Bug #1672872 opened: error while loading shared libraries: libpython2.7.so.1.0 <openstack> <Snappy:New> <https://launchpad.net/bugs/1672872>
[20:43] <coreycb> sergiusens, it is in fact a list
[21:05] <sergiusens> coreycb: ah, good, so then I need to be smarter about pip_command
[21:05] <sergiusens> python is really messy sometimes :-/
[21:06] <coreycb> sergiusens, :)
[21:07] <sergiusens> can't wait to see what other ripple effects there are after changing this
[21:11] <coreycb> sergiusens, happy to give it a test run if you want
[21:26] <mup> PR snapcraft#1193 opened: asset-tracking: track per-part build-packages <Created by josepht> <https://github.com/snapcore/snapcraft/pull/1193>
=== JanC_ is now known as JanC
[22:05] <mup> PR snapcraft#1140 closed: [WIP] catkin plugin: support building with an underlay <Created by kyrofa> <Merged by sergiusens> <https://github.com/snapcore/snapcraft/pull/1140>
[23:39] <mup> PR snapd#3031 opened: cmd/snap-confine-suid-trampoline: add new helper <Created by zyga> <https://github.com/snapcore/snapd/pull/3031>