[01:23] Hi i am trying todo a snap login [01:23] get an error error: cannot get snap access permission from store: Post https://myapps.developer.ubuntu.com/dev/api/acl/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers) (see "snap login --help") [04:20] PR snapcraft#1318 opened: tests: refactor the travis jobs using stages === chihchun_afk is now known as chihchun [05:47] mvo: morning! [05:47] mvo: can you have a look at https://github.com/snapcore/snapd/pull/3308 and https://github.com/snapcore/snapd/pull/3307 ? [05:47] PR snapd#3308: tests/lib: introduce pkgdb helper library [05:47] PR snapd#3307: tests: abstract common dirs which differ on distributions [05:49] hey morphis! good moring. sure, I have alook now [05:49] mvo: thanks! [05:51] AdamH_: specifically apparmor/profiles, seccomp/profiles [05:51] 07:49 < zyga> AdamH_: intetesting, yes that does help [05:51] 07:49 < zyga> AdamH_: can you use beta and collect all the security profiles? go to /var/lib/snapd/ [05:51] 07:49 < zyga> AdamH_: and in each directory look for a file named after the application [05:51] 07:49 < zyga> AdamH_: intetesting, yes that does help [05:51] 07:49 < zyga> AdamH_: can you use beta and collect all the security profiles? go to /var/lib/snapd/ [05:51] 07:49 < zyga> AdamH_: and in each directory look for a file named after the application [05:51] AdamH_: then go to edge and collect the same set of files [05:52] zyga: btw. we should add a page on snapcraft.io which explains how to collect necessary debug material [05:52] zyga: we do something similar for our stack documentation (e.g. https://docs.ubuntu.com/core/en/stacks/network/network-manager/docs/report-bug) [05:55] morphis: good idea, I will write something like that! [05:57] morphis: how is everything so far, any fires? [05:57] zyga: no fires I know of :-) [05:58] good :) [06:03] zyga: only fire is that my spread/qemu setup times out a lot today .. [06:14] morphis: on a specific test or on preparation? [06:16] zyga: it times out when running "dnf update" [06:17] must be my network or such a like [06:19] morphis: maybe setup a local proxy? [06:20] morphis, zyga: can you guys get robert ancell to properly tag releases on GitHub [06:21] it's very annoying that he's making releases that don't exist :/ [06:21] Son_Goku: sure [06:21] Son_Goku: huh? in what way? [06:21] Son_Goku: can you just drop him a mail with zyga and me in CC? [06:21] zyga: snapd-glib [06:21] I mean, he's making the tarballs on LP, but they don't have corresponding git tags [06:22] I guess he just releases into the lp/archive [06:22] yeah [06:22] it's just annoying because while I can "guess" where the tarball comes from [06:22] I don't know it [06:23] Son_Goku: not very professional, I know [06:23] Son_Goku: if you don't want to write a mail, a forum topic would be good too [06:23] I'll send an email later [06:24] as it is, I'm desperately trying to go back to sleep [06:24] it's 2:24am here :( [06:25] Son_Goku: do that! [06:48] pedronis, mvo: https://forum.snapcraft.io/t/gadget-snap-config-defaults-dont-work/409/5 should be added to https://forum.snapcraft.io/t/next-snapd-2-27/572 , shouldn't it? [06:49] morphis: ü1 [06:49] morphis: +1 [06:49] mvo: actually is there a list of things planed for 2.27? [06:49] mvo: ah sorry, it is already in the post :-) [06:52] mvo: good morning :) [06:53] hey zyga [06:53] morphis: :) [06:53] mvo: too early :-) [06:54] morphis: no problem at all [06:57] mvo, quick question, is snapd 2.26.1 in the edge core snap already? [06:58] abeato: yes [06:58] mvo: something is wrong with core [06:58] abeato: well, it should be, looks like there is a upload bug in our edge snap right now, let me double check what is going on [06:58] zyga: with core uploads? [06:58] mvo: amd64 core (edge) is still pre-version change [06:58] mvo, ahm, ok [06:58] mvo: and in fact gets no updates [06:58] zyga: I think its the new version string [06:59] mvo: well, I wish I had the new version string, I think it didn't build since [06:59] mvo: note that i386 did build [06:59] zyga: but that should have got fixed last week, so maybe something less is broken [06:59] zyga: oh? [06:59] woah [06:59] * mvo looks [06:59] mvo: are you on edge? [06:59] mvo: I'm on edge and I have 1909 [06:59] refreshed: 2017-05-12 06:20:00 +0200 CEST [06:59] zyga: what does snap version tells you? [06:59] snap 2.26.1+201705112259.git.e719341~ubuntu16.04.1 [07:00] zyga: ok, at least abeato gets a pretty recent snapd this way :) but yeah, edge-edge is 5 days old :/ [07:00] mvo: btw, update-ns landed [07:00] mvo, recent enough for us, thanks :) [07:00] mvo: but I noticed we don't run any tools from core (discard-ns, update-ns) [07:00] zyga: holly cow [07:00] mvo: so it will be broken [07:00] mvo: I'm fixing that now [07:00] zyga: please describe it in the forum post for 2.27, thats a huge thing [07:00] mvo: not in tests but in practice [07:01] mvo: yes, I was planning to already :) [07:01] zyga: ok [07:01] zyga: thank you :) [07:01] mvo: I'll be fixing the run-from-core aspect of discard/update ns as I watch the town hall [07:02] zyga: TestLokcUnlockWorks fails in traivs [07:02] zyga: meh :( [07:03] mvo: oh? missing dependency or something else? [07:03] mvo: do you have a log? [07:05] zyga: [07:05] https://travis-ci.org/snapcore/snapd/builds/232709633?utm_source=github_status&utm_medium=notification [07:05] zyga: it looks like its simply not working for whatever reason, not super important right now, I will just skip the test on travis for now, but slightly strange [07:06] PR snapd#3324 opened: Androidboot [07:06] mvo: thanks, I see now [07:07] mvo: weird, it passed tests before [07:07] zyga: we did not run the unit tests for a while on travis [07:07] zyga: only inside spread indirectly [07:08] mvo: aaah [07:08] mvo: I see [07:08] hum hum hum, maybe weird filesystem [07:08] mvo: interesting find [07:08] zyga: anyway, just wanted to mention it, its not a big deal right now :) [07:18] hi mvo good morning :) during the 2.26.1 validation at beta i had two panics on pi2 http://paste.ubuntu.com/24581585/ and pi3 http://paste.ubuntu.com/24581419/, it would be great if you could take a look [07:19] morning [07:22] fgimenez: thanks, checking now [07:24] mvo: ah, obvious bug :/ [07:24] mvo: we don't check for the length of l [07:24] mvo: probably data corruption but could be something else [07:25] zyga: obvious bug in the above pastebins or flock or something else :) ? [07:25] mvo: thank you, i also wanted to mention, i've been using the new --extra-snaps capability of prepare-image (to include assertions along with sideloaded snaps), it works fine but i have an issue, probably it is expected, if i download the kernel snap from stable and then create the image with --channel beta, then kernel tracks beta and is automatically refreshed to the latest version on that channel [07:25] mvo: yes [07:26] mvo: in the pastebins from fgimenez [07:26] fgimenez: indeed, that is expected behaviour [07:26] zyga: aha, ok [07:26] mvo: do you want me to propose a PR? [07:26] mvo: ok thanks [07:28] zyga: sure, if you have it all tracked down already +1 [07:29] great :) [07:29] zyga: I have not even looked yet properly :) [07:31] mvo: interestingly we vendor an older version of your package [07:31] mvo: but your package is also panicking in master [07:31] mvo: is api brakage acceptable? [07:32] zyga: hm, any chance we could avoid it :) ? [07:33] mvo: yes, let me tweak things [07:33] ah, it's just internal API, no worries [07:33] all good :) [07:37] fgimenez: any idea why this crash is triggered now, did we just not test before? [07:37] fgimenez: test for this before? [07:37] fgimenez: the code in this area has not really changed recently afaict [07:37] PR core#42 opened: fix version number length [07:38] mvo: yes we executed the same tests before (there have been changes in the suite but not much disruptive), no idea why this is happening now [07:39] mvo: i created the image using the new prepare-image capability, is the only difference i think [07:39] mvo: FYI the crash looks like data corruption on the card [07:40] zyga: aha thanks! but it happens on two different cards and boards (pi2 and pi3), is it possible that both are corrupted? [07:41] fgimenez: maybe, though less likely [07:41] fgimenez: can you do a dump of the uboot environment file please? [07:42] zyga: sure, i need to reproduce first, (now i'm running the tests after refreshing from stable) will ping you when i have it [07:43] fgimenez: if it was random it may not happen again [07:43] fgimenez: thank you. keen to see the dump [07:44] mvo: https://github.com/mvo5/uboot-go/pull/2 [07:44] PR mvo5/uboot-go#2: Detect and return errors from Open in case of malformed data [07:44] zyga: the api of uenv should not allow to write something without "=" but maybe something else is going on :/ [07:44] mvo: well, whatever you write, you may read smurfs back [07:44] mvo: have a look at the PR [07:45] zyga: yeah, your fix is great [07:45] mvo: separately I think we want two more changes [07:45] mvo: a change that lets open skip malformed data [07:45] (better than failing outright) [07:45] mvo: and an update to snapd vendor commit [07:45] mvo: shall I make those? [07:47] zyga: yes, thank you! [07:47] zyga: first branch is in [07:48] zyga: quick review for https://github.com/snapcore/core/pull/42 would be great [07:48] PR core#42: fix version number length [07:50] mvo: looking [07:51] mvo: done [07:53] hi guys, what part of gpg bundle snapcraft register-key upload on the store? [07:54] PR core#42 closed: fix version number length [07:58] NicolinoCuralli: only the public bits [07:58] pedronis: thanks [07:59] mvo: https://github.com/mvo5/uboot-go/pull/3 [07:59] PR mvo5/uboot-go#3: Add OpenWithFlags and OpenBestEffort flag [08:00] * zyga thinks about breakfast [08:01] zyga: very nice, thank you! [08:02] mvo: I'll get the snapd copy updated now [08:06] zyga: \o/ [08:17] o/ [08:17] mvo: spread has "residual artifacts" [08:18] Chipaca: aha, interessting. you mean for the coverage results? [08:18] mhmm [08:18] https://github.com/snapcore/spread#residue [08:18] you then have to decide which of the 8 coverage files we get you want :-) [08:18] eee [08:18] Chipaca: I can look into that, however I also kind of like the run of the unit tests in an extra step mostly because if something is wrong there things fail early [08:18] our first codecov report came in :-D [08:19] Chipaca: weeeee [08:19] 77% :-/ [08:19] yeah [08:19] that's dropped a lot since we looked at it last [08:19] this is why I want it :) [08:19] mvo: thanks for doing this :-) [08:20] oh, mondrian pictures! [08:20] spamming the comments is maybe not that great, I wonder if that can be disabled [08:20] mvo: the problem with doing it in a different step is that we eat up a travis slot [08:20] Chipaca: its being done in the same travis run, it just takes a bit of extra time [08:20] fgimenez, mvo: https://github.com/snapcore/snapd/pull/3325 [08:20] PR snapd#3325: vendor,partition: fix panics from uenv [08:20] ah! [08:20] that's alright then :-D [08:20] PR snapd#3325 opened: vendor,partition: fix panics from uenv [08:21] Chipaca: I will look how much extra time exactly [08:21] mvo: we could always have it in spread just after --static [08:21] Chipaca: indeed, this is what I did now [08:22] mvo: I'll focus on run-from-core for internal tools now [08:22] oh? [08:22] zyga: thank you [08:22] * Chipaca clicks 'view all' [08:22] Chipaca: or was I just dreaming this ? [08:22] Chipaca, mvo: FYI: travis has added "build stages", that may be of some help to you (perhaps) [08:22] mvo: no, it's there [08:23] mvo: it's early [08:23] mvo: i thought i was looking at spread.yaml :-) [08:24] * ogra_ sees the core uploads succeed and hugs mvo [08:24] :) no worries [08:24] ogra_: yay [08:24] more cores! [08:24] :D [08:26] * zyga looks at delta update for core [08:26] niiiiice :) [08:27] mvo: hmm [08:27] mvo: I broke edge [08:27] - Setup snap "core" (1934) security profiles (cannot setup mount for snap "core": cannot update mount namespace of snap "core": cannot update preserved namespace of snap "core": cannot update snap namespace: not implemented) [08:27] mvo: (this is the thing I mentioned) [08:27] mvo: we may want to revert edge to previous for a sec [08:27] mvo: and land a change that fixes this first [08:27] mvo: (update-ns runs from distro) [08:27] mvo: not from core [08:28] zyga: dude, you owe us so much cake [08:28] zyga: ok [08:28] * ogra_ guesses zyga was just distracted by the townhall :P [08:28] * Chipaca forgot about the town hall, but slept 8 hours \o/ [08:29] Chipaca: it would be caught by the upgrade test but those don't run on each PR [08:29] (i think) [08:29] it still running, IoT just up right now [08:29] *it is [08:31] zyga: thanks for the branch! trying to get the dump in a bit, will let you and mvo know how it goes [08:34] fgimenez: if you can not get the dump but just the binary uboot.env that is fine too [08:36] mvo: ok thanks [08:37] zyga: could you finish your review of snapd#3321? [08:37] PR snapd#3321: wrappers: service start/stop were inconsistent [08:37] then i can land that and be happy [08:37] * Chipaca penciled in 6 hours of being happy today [08:37] pencilled* [08:41] Chipaca: yes, after the tools from core branch [08:45] Chipaca: wdyt, a single coverage report that is kept being updated is ok? codecov will not spam, it will have one report per branch and keeps updating it. do you think this is acceptable? [08:45] mvo: yes, i think that's fine (also i don't mind it posting the report as a comment on the pr) [08:46] because only the author of the pr, and people who've already commented, will get that email [08:46] Chipaca: ok, I will bring it up in the standup [08:46] ok [08:46] mvo: will you add the widget? [08:47] Chipaca: I can :) [08:47] Chipaca: the badge you mean? [08:47] yeah [08:47] Chipaca: let me add it [08:47] i'm a sucker for badges [08:47] Chipaca: hahaha [08:47] * mvo hugs Chipaca === longsleep_ is now known as longsleep [09:02] Chipaca: badge added now [09:02] mvo: yep! thanks :-) [09:03] tried to add a <3 to the commit, but github won't let me [09:03] PR snapd#3326 opened: cmd,interfaces/mount: run snap-update-ns and snap-discard-ns from core if possible [09:04] mvo: can you please look at https://github.com/snapcore/snapd/pull/3326 [09:04] PR snapd#3326: cmd,interfaces/mount: run snap-update-ns and snap-discard-ns from core if possible [09:05] mvo: the main/listing test needs update again [09:07] mvo: and with lower priority, can you look at https://github.com/snapcore/snapd/pull/3308 - this will define how all our spread tests look like in wake of support of non-debian distributions; [09:07] PR snapd#3308: tests/lib: introduce pkgdb helper library [09:07] mvo: I feel somewhat strongly about it but I will accept your call [09:08] zyga: asked mvo already this mornign to have a look :-) [09:08] zyga, morphis it is on my list, unfortunately its a longish list but I will definitely get to it today [09:09] mvo: no hurry [09:10] mvo: don't need a full review yet, just your call on the discussion I had with zyga on it [09:10] morphis zyga: you are mostly interessted in the centralized vs non-centralized approach? [09:10] mvo: yes [09:11] mvo: thank you [09:11] thanks, I will read the PR and scratch my head a little bit over it [09:12] hi guys another question about signing : what ubuntu-image deposits on image of gpg bundle? [09:12] is anyone handling the main/listing test? [09:16] mvo, Chipaca, fgimenez: ^ [09:16] zyga: what's going on with main/listing? [09:17] Chipaca: new edge version broke it [09:17] again :) [09:17] augh [09:17] 16-2.26.1+201705151555.git.d15bf would do that, yes [09:17] that's a nasssty version number [09:17] (also, is that a unique hash, or has it been truncated?) [09:17] truncated :/ [09:17] hash snippet i mean [09:17] mvo: I'd say we should drop the date [09:18] and just go with the hash [09:18] we really need to drop the time from the timestamp [09:18] yes [09:18] date is totally enough if we keep the hash anyway [09:18] well, hash has the date if you git show it ;) [09:18] zyga: I think there was a discussion with gustavo about that, he was keen to keep the timestamp but considered the git hash clutter [09:18] ok, i'll fix the test [09:19] Chipaca: truncated [09:19] I think the timestamp is more immediately useful [09:19] Chipaca: so we can cut it out [09:19] mvo: is this long version ever going to leave edge? [09:19] (should it?) [09:19] Chipaca: no, only edge will have ugly versions [09:20] ok [09:20] so yeah, I can push another PR to kill the git hash :) [09:20] mvo: so how will we do beta builds? [09:20] mvo: separately from edge builds? [09:21] mvo: let me know what it will look like, so i can fix the listing test to match [09:22] zyga: right now all beta builds are syncronised with uploads of a snapd with a proper version number [09:22] Chipaca: I think just 16-2.26.1+201705151555 [09:23] zyga: not sure if this reply makes sense, I can write more if its unclear :) [09:24] zyga, well, athe actual plan was to do different chasnnels from different archives (beta/stable without PPA) ... [09:24] but we're still far from that [09:24] which is why mvo makes sure to have a stable snapd in the PPA before a beta snap gets rolled atm [09:25] mvo: I think the git hash would be more useful [09:25] mvo: than the date [09:25] mvo: certainly to answer "is this commit in that build already" [09:26] zyga: fair enough, we can discuss this in the standup. I would like to have both but there is no enough space on this margin for this wonderful version [09:26] * ogra_ also thinks to remember that in the last discussioon we agreed to cutting the date shorter and leave the hash instead [09:27] hm, maybe [09:27] mvo: another idea, let the version be whatever but teach snap info to publish key-value meta-date like git-hash build-date and other nice stuff [09:27] * mvo looks at it [09:27] mvo: no need to cram it into version and also useful for other [09:28] we want a clear distinction between stable and non stable builds in the snap version too though [09:28] fine, I bet we can do that somehow too [09:29] (so that you dont need to actually run an image to determine the version) [09:29] PR snapd#3327 opened: tests/main/listing: tweak core version regexp [09:30] zyga, mvo: ^ [09:31] reviewed [09:35] * zyga -> coffee break [09:36] zyga: i'm going to need a timeframe on "this test needs to be different because this thing will change at some time when the stars align" :-) [09:37] mvo: hi, could you look at snapd#3323 again ? [09:37] PR snapd#3323: overlord/snapstate: avoid creating command aliases for daemons [09:38] Chipaca, zyga, ogra_: how about this as a compromise? http://paste.ubuntu.com/24586017/ [09:38] Chipaca: hmm? [09:38] mvo: does it fit one more character? [09:39] Chipaca: yes [09:39] in fact does it fit five more :-( [09:39] Chipaca: no [09:39] Chipaca: ;) [09:39] figured as much [09:39] mvo: do we really need the date? [09:39] mvo: zyga says the 16-2 at the start will change to 16-2.24.1 [09:40] at which point this will not fit [09:40] zyga: I thought we did but I may misremember [09:41] zyga: did you saw you're going to look into the problem with the unnecessary bind call snapctl issues and then gets killed by seccomp? [09:41] zyga, Chipaca: we could shorten 2017 to 17 and get two chars [09:42] Chipaca, zyga: but I think we should keep it as is for now (fix the test of course) and talk about it in the standup, I have the feeling in the discussion there it may change anyway (because high bandwidth discussion etc) [09:45] morphis: yes, I recall this but I need to fix update-ns run-from-core and unit tests first [09:45] mvo: 17 will look confusing, how about just date and hash? [09:45] zyga: so something you're going to look into for 2.27? [09:45] mvo: 16-2.24.1-20170516+git.... [09:46] morphis: yes, certainly [09:46] zyga: ok, lets add that to https://forum.snapcraft.io/t/next-snapd-2-27/572/2 [09:46] will see if there is a bug [09:47] mvo: can you add https://bugs.launchpad.net/snappy/+bug/1644573 to the 2.27 page? [09:47] Bug #1644573: snapctl causes hooks to attempt to open ip/ipv6 tcp connection [09:47] zyga: mvo: agreed to not change until discussed, seems there are lot of options [09:47] zyga: mvo: and not sure at this point what questions we want to answer from that information :-) [09:48] Chipaca: one option is to raise the limit :) [09:48] if we have just the timestamp, you need to check master to see what commit we were at at that timestamp, and then check if that contains whatever branch it is you're interested in [09:48] whereas if what you're wanting to answer is "is this edge from last night", you're done [09:48] if you have the commit, you need to check master to see if that commit contains whatever it is you're after [09:49] morphis: sure, will do. the page should be a wiki so you can also add it if you want [09:49] and if you're wanting to answer "is this edge from last night", you need to check what commit it was [09:49] mvo: last time I checked, I couldn't [09:49] or rather, you need to check if that commit is one of the ones from last night [09:49] which means looking for one random string in a collection of random strings, which is worse [09:50] which is why i prefer the timestamp [09:50] morphis: that means I suck, let me fix it [09:50] morphis: maybe something else is funny, it is marked as a wiki [09:52] morphis: added it now [09:52] mvo: maybe just for a few people? [09:52] morphis: good question [09:53] fgimenez: any news on that uboot.env file? just curious because I'm slightly worried about this one [09:56] mvo: not yet, still running the scenario in which we execute the suite after upgrading from stable, it'll finish soon though (91/116 pi3 and 57/116 pi2) [10:01] * Chipaca takes a coffee break [10:03] re [10:05] Chipaca: can you have a look at https://github.com/snapcore/snapd/pull/3326 when you're back please [10:05] PR snapd#3326: cmd,interfaces/mount: run snap-update-ns and snap-discard-ns from core if possible [10:05] zyga: i didn't get to leave yet [10:06] looking [10:06] Chipaca: I need to re-add some of the logging [10:06] Chipaca: for tests to be happy [10:06] Chipaca: but this (or similar) has to land to unbreak edge [10:07] zyga: having a list of distros not to reexec in seems weird [10:07] (yes i know that's already there) [10:07] Chipaca: yes but there's a good reason for that for now [10:08] Chipaca: once we have CI I'd like to pop fedora from that list [10:08] zyga: which is that reason? [10:08] Chipaca: snap-confine still has some build-time choices [10:08] zyga: it sounds to me like we should have a list of distros to reexec in, not the other way around [10:08] Chipaca: and we must build snap-confine in a way to have more flexibility there (talk to snapd) [10:08] OTOH, infinite derivatives [10:08] Chipaca: I think this list can be removed soon [10:09] Chipaca: it's more like "do I ship with patches" [10:09] Chipaca: and "is snap-confine from core useful to me" [10:09] Chipaca: but those can be patched in the distro as well :) [10:09] Chipaca: so master is broken ? [10:09] Chipaca: we also don't re-exec in places that are not tested, it makes it more likely that we get a working result [10:10] pedronis: well, there's a failing test [10:10] pedronis: master is broken wrt the new core version [10:10] pedronis: and edge is broken wrt update-ns not running from core [10:10] pedronis: (but not broken in any test) [10:10] well, I see this too: subprocess.CalledProcessError: Command 'tail -n 10 /var/log/syslog' returned non-zero exit status 1 [10:11] in interfaces-log-observe [10:11] is that fixed somewhere [10:11] zyga: we don't have CI for core ? [10:12] or not enough of it [10:12] I mena the project [10:12] s/mena/mean/ [10:12] pedronis: as soon as snapd#3327 lands we're good again [10:12] PR snapd#3327: tests/main/listing: tweak core version regexp [10:12] pedronis: ah. ouch. [10:12] Chipaca: is log-observe stuff already fixed? [10:12] no [10:12] :( [10:12] i'll fix that when i come back from my break [10:12] but now, i'm going to go take that break [10:12] * Chipaca has been trying for a while now :-) [10:13] pedronis: our upgrade tests are very basic and don't catch this issue [10:16] zyga: sounds like core project CI should run all the spread tests too, before we break snapd own development (maybe base snaps will claritfy this) [10:16] pedronis: all from that version, yes [10:27] * zyga runs spread locally to fix some issues [10:32] i'm going to piggyback the log-observe fix on the listing fix [10:37] Chipaca: I'll merge master into my fix, hopefully this will unbreak everything [10:37] (when your branch lands) [10:38] here's hoping [10:42] mvo: zyga the crash happened again while executing the suite on a pi2 stable image with core refreshed to beta, this is uboot.env https://dl.dropboxusercontent.com/s/8c4yfyfca5rldza/uboot.env?dl=0, the output of fw_printenv http://paste.ubuntu.com/24586332/ and syslog http://paste.ubuntu.com/24586332/ let me know if you need anything else [10:42] fgimenez: ! thank you [10:43] fgimenez: I think the sylong link is incorrect [10:43] heh [10:43] incrementing URL by one yields some homework [10:44] zyga: mvo yep sorry, this one http://paste.ubuntu.com/24586341/ [10:44] thanks [10:48] there's also this failure in the execution of tests/main/ubuntu-core-classic http://paste.ubuntu.com/24586382/ it happens before the crash and seems unrelated [10:51] fgimenez: interesting, that doesn't fail with master (I can load the file) [10:51] fgimenez: (master uboot-go) [10:52] fgimenez: I'm checking what the problem might be [10:52] still, the panic is in parseData as before [10:52] May 16 08:46:18 localhost snapd[1174]: github.com/snapcore/snapd/vendor/github.com/mvo5/uboot-go/uenv.parseData(0x34e68005, 0x1fffb, 0x3fdfb, 0x5d18aa1) [10:56] Chipaca: rewrote your branch description a little [10:57] fgimenez, mvo: this is actually fixed by an earlier commit that we didn't simply use in snapd [10:57] fgimenez: 69978a3e4b05cca9d7cfee489b3453dfed45e72c fix incorrect handling of \0\0 EOF in a uboot.env fil [10:57] fgimenez: so simply syncing vendor.json will fix it [10:58] fgimenez: we should add a periodic task to sync vendor.json on each new dev cycle [10:58] mvo: ^^ [10:58] (and review the changes) [11:05] * zyga vents mind [11:10] zyga: sounds very good, i'll prepare a spread-cron branch for it, do you think that proposing a PR to snapcore/snapd should be ok? [11:11] zyga: yeah [11:11] zyga: thanks for investigating [11:11] zyga, fgimenez: we just need to make sure we carefully review those dependency updates, but +1 otherwise [11:14] fgimenez: yes, I think this is even better as long as we review it carefully each time [11:19] zyga: go go go [11:19] Chipaca: thanks! [11:19] PR snapd#3327 closed: tests: fix failing tests (snap core version, syslog changes) [11:21] Chipaca: 2nd review on https://github.com/snapcore/snapd/pull/3289 will make us have just 20 PRs open :) [11:22] PR snapd#3289: daemon: do not allow to install ubuntu-core anymore [11:22] PR snapd#3321 closed: wrappers: service start/stop were inconsistent [11:26] mvo: can you please do the 2nd review on https://github.com/snapcore/snapd/pull/3326 [11:26] PR snapd#3326: cmd,interfaces/mount: run snap-update-ns and snap-discard-ns from core if possible [11:26] mvo: this will unbreak edge builds [11:26] mvo: and once it lands we should try to build another core snap [11:26] PR snapd#3289 closed: daemon: do not allow to install ubuntu-core anymore [11:28] hi guys another question about signing : what ubuntu-image deposits on image of gpg bundle? [11:29] NicolinoCuralli: what is "gpg bundle"? [11:30] NicolinoCuralli: ubuntu-image drops assertions into the image [11:30] NicolinoCuralli: and assertions are signed with various keys [11:33] zyga: thank, you mean "sudo ubuntu-image -c beta -o pi3-test.img pi3.model" drops assertion pi3.model into the image pi3-test.img [11:36] NicolinoCuralli: yes, it drops a feed of assertions that snapd imports on first boot === chihchun is now known as chihchun_afk [11:39] zyga: the previous question is preparatory to another about serial-assertion , serial-vault configuration and Store [11:41] how store check that serial assertion is signed from the same key which signed model assertion? it seem a feature of brand store [11:42] NicolinoCuralli: I think this is a pedronis question [11:42] NicolinoCuralli: that's not exactly what the store checks, what the store can check is that the brand store brand matches the authority-id of the serial [11:44] and that the serial embedded key is the key of the device [11:44] how the device key is generated? [11:45] at the moment is a software key, but we do plan to support hardware keys at some point [11:45] is this device key unique for device ? [11:46] yes [11:46] of course the store also checks that the signature of the serial itself was done with one of the authority-id == brand keys [11:47] looks like we'll be supporting the android bootloader soon \o/ [11:47] NicolinoCuralli: there are 3 flows involved here, device registration that produces the serial, then exchanging a serial + device key proof with a device session, and then using of the device session [11:48] * zyga lunch [11:48] lunch! what a good idea [11:49] * Chipaca is feeling lazy today though [11:49] pedronis: is it a good idea open a thread about this on forum ? [11:49] NicolinoCuralli: it's all in the code [11:51] yes, i see but it is more accessible explain the flow with a sequence diagram ( i can make it) [11:52] NicolinoCuralli: ah, I misunderstood your question [11:53] i wiould like open a thread on forum with answer from you about my previous question and describe the process with a sequence diagram [11:53] NicolinoCuralli: yes, you can open a forum topic [11:54] another question: in Serial Vault what is the paramenter for pointing the private part of gpg key [11:55] NicolinoCuralli: that's configured afair [11:55] model -> private key [11:57] Hi. Is there a way to get the real home path of the user inside a snap? [11:58] File dialogs are currently broken because the Home-button doesn't take the user to the real $HOME directory, but the shadowed one that points to $HOME/snap/appname/version. [11:59] pedronis: it means here serial-vault:8080/models/keypairs/new? [11:59] there is an interface for accessing home, yes [11:59] but not sure that influences the default path of the file manager [12:00] NicolinoCuralli: yes, somewhere there [12:05] dragly: hey, not yet [12:05] dragly: I was thinking about this actually and I'll add something [12:05] ogra_: it doesn't [12:06] yeah, thought so [12:06] dragly: I think home cannot change back and forth (environment cannot be changed in existing processes) [12:06] dragly: but we should expose the old value of HOME [12:06] zyga: Great! In the meantime we will just `export HOME=/home/$USER` [12:07] or does that break everything? :-) [12:08] dragly: well, that will break everyrthing [12:08] dragly: and that will never be the proper fix [12:08] yes, I figured something was wrong when it ended up exposing all the hidden files in $HOME as well [12:09] app config files are also loaded non-sandboxed [12:09] dragly: I think that the long-term proper fix is to use xdg portals [12:09] dragly: but we can teach specific software, during a transition phase, to load say $SNAP_OLD_HOME [12:09] dragly: but this is very very specific to special cases [12:09] dragly: and won't work as a generic solution [12:10] dragly: for that morphis is looking at portal code [12:11] zyga: seems like a security issue though. snap developers can give their apps access to hidden files by setting $HOME in their launcher scripts. [12:12] zyga: yes, seems like Qt, Gtk and alike also would need to use a different env variable for the home button in their dialogs. [12:15] dragly: no [12:16] dragly: security is totally not dependant on HOME [12:16] dragly: for qt and gtk they are already being made to use portals [12:24] mvo: hi, would appreciate a review of #3322 , do you some PRs that neeed my review ? [12:25] snapd#3322 [12:25] PR snapd#3322: overlord: make config defaults from gadget work also at first boot [12:35] PR core#43 opened: remove generated logs, cleaner lsb-release removal [12:35] PR snapd#3328 opened: Snapctl outside hooks v2 [12:38] mvo, ogra_: do we support cloud-init today on our ubuntu-core iamges? [12:38] PR snapcraft#1311 closed: add missing VCS dependencies to HACKING.md [12:38] PR snapcraft#1312 closed: state: fix the name of the source details [12:38] morphis, kind of (if we dont yet, it is definitely in the works) [12:39] ogra_: kind of means I can sideload a cloud-script and it gets executed on boot? [12:39] morphis, we recently landed a bunch of changes from rharper that are supposed to make clud-init fully work [12:40] iirc your gadget needs to ship the initial config ... not sure about sideloading [12:40] hm [12:40] morphis, talk to rharper [12:40] ogra_: so not possible to put one into the writable partition? [12:40] rharper: ping :-) [12:41] (i assume you could just put it there, after all the gadget does the same ... but i dont know if ubuntu-image does anything additionally) [12:47] PR snapcraft#1309 closed: meta: read and write the desktop file with utf-8 encoding [12:53] PR snapcraft#1308 closed: allow capital Y to accept the dev agreement [12:55] zyga: that is strange, because when we override $HOME, we were able to access hidden folders. The only difference was that it was installed with dangerous AFAIK. [12:55] I can see if I'm able to reproduce it with a minimal example [12:55] dragly: it was probably devmode? (dangerous doesn't control confinement) [12:56] No, it was strict [12:56] weird [12:56] Haven't tested devmode in weeks [12:56] dragly: that means that confinement is off [12:56] dragly: no need to reproduce [12:57] dragly: --dangerous installs your snap with confinement set to non-enforcing mode [12:57] dragly: --dangerous implies --devmode AFAIR [12:57] * zyga looks [12:57] ah, the reverse [12:58] what does snap info that-snap-name tells you [12:58] Oh... But how do you test confinement? I can't installinstal local snaps without dangerous because of signing. [12:58] I'll check when I'm at my machine [12:59] dragly: I was wrong, [12:59] dragly: it should be confined [12:59] --devmode implies --dangerous, not the other way around [13:00] yes [13:19] elopio, sergiusens, may I get feedback on https://forum.snapcraft.io/t/in-progress-snapcraft-2-30/347/13 ? I'm interested into knowing if that work would be relased into 2.30 or not [13:19] roadmr, ↑ [13:26] PR snapcraft#1304 closed: cleanbuild: set the container language to C.UTF-8 [13:30] mvo: http://paste.ubuntu.com/24586959/ [13:30] mvo: this is the diff if we sync all vendorized bits [13:30] pedronis: it also includes golang.org/x/crypto [13:31] PR snapd#3292 opened: wrappers: make StartSnapServices cleanup any services that were added if a later one fails [13:32] zyga: if we are doing this there's a couple we can remove [13:32] I think [13:32] pedronis: yes, I think we can drop a few [13:32] let me see if govendor helps with this [13:32] (websocket I think) [13:32] vu github.com/gorilla/websocket [13:32] vu github.com/testing-cabal/subunit-go [13:32] we can drop those [13:33] mvo: do you want a PR that removes those? [13:33] zyga: yes please [13:34] zyga: Apologies been away from the desktop. If providing those files is still useful let me know and will sort out [13:35] PR snapd#3329 opened: vendor: remove unused pacakges [13:36] AdamH_: yes, it might be useful though if you don't want to just report a bug about this with enough details [13:42] zyga: Chipaca: main change seems we get some assembler opt for sha3 on amd64, hopefully the code is correct [13:43] pedronis: amd64 or arm64? [13:43] amd64 [13:43] pedronis: ok, if you want I can propose a isolated patch for that [13:44] ? [13:44] pedronis: for that part of vendor.json [13:47] morphis: here, what's up ? [13:49] zyga: that change is from Dec 2016, so it's been out a bit [13:49] as you prefer [13:51] fgimenez: what revision is the pi2 gadget snap of the failing image? [13:51] mvo: let me check 1sec [13:51] even earlier actually [13:55] mvo: in pi3 it is rev6 http://paste.ubuntu.com/24587045/ i'm currently using the pi2 for double checking 2.25, i can reflash it later with 2.26 if needed [13:58] fgimenez: is the https://dl.dropboxusercontent.com/s/8c4yfyfca5rldza/uboot.env?dl=0, from the pi2 or the pi3? [13:58] fgimenez: pardon my ignorance here [13:58] morphis: reading backscroll, there are a few things to be resolved before it's all blessed; Testing the edge image last week, ran into this issue https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1689944, will need to get that fixed in cloud-init or workaround it by creating one of the two files/dirs checked already by cloud-init; Next is for now, when building images, snap prepare will disable cloud-init unless [13:58] you provide a config in the gadget; I've a branch which would remove that given that current cloud-init won't automatically run anymore unless you provide it configuration; (https://github.com/raharper/snapd/commit/3e83b3aa281f02bce9a230a812ad4f02d0d66c22) ; both can be worked around with some massaging of the image in the short term; I'm happy to help out there; After that, it's a matter of supplying cloud-config via [13:58] Bug #1689944: util.system_is_snappy needs additional checks [13:58] a ConfigDrive or some other DataSource that cloud-init understands (http://cloudinit.readthedocs.io/en/latest/topics/datasources.html) [13:58] mvo: pi2, it is the last one that failed [13:59] fgimenez: thank you, then lets wait for the results of pi2 with 2.25 [13:59] fgimenez: still a bit of a mystery :) [13:59] * pedronis break [14:00] mvo: yep :) let's see, will let you know how it goes [14:04] rharper: when you say "cloud-init won't automatically run anymore unless you provide it configuration", does that really mean it doesn't run, or does that mean it starts up, sees it has no configuration, and exits? [14:05] at systemd-generator time it checks for known cloud signatures and files which indicate there is data to consume; this is non-python code which determins if we actually invoke /usr/bin/cloud-init later on in start-up [14:05] this avoids invoking the python binary and library load unless you actually need to (ie, you have cloud configuration or user-data you want to apply) [14:05] excellent [14:15] rharper: ok, good to know, was using an image build from stable and did remove the flag prepare-image put in to disable cloud-init [14:15] stable requires more work [14:15] as it does not yet have an updated cloud-init [14:16] spread is sad [14:16] travis is sad [14:16] are we using all test slots? [14:16] * Chipaca hugs zyga [14:16] don't you be sad as well [14:16] I see just two yellow boxes on PRs [14:16] but travis is not starting [14:17] PR snapd#3330 opened: fail if unused dependencies are found === rye is now known as ryebot [14:20] rharper: I see, but with edge I should get a cloud-config I supply with ubuntu-image working? [14:20] PR snapcraft#1319 opened: kernel plugin: config check: remove DMIID option [14:36] Hi, getting a weird (*new*) error while installing prometheus snap (using juju charm) [14:37] basically the promtool binary is failing with: cannot perform readlinkat() on the mount namespace file descriptor of the init process: Permission denied [14:38] it gets "fixed" after rebooting the instance/machine [14:38] verterok: hey [14:38] zyga: hola! [14:38] verterok: can you tell me more about your system, what does 'snap version' say? [14:38] zyga: Chipaca told me you would be interested in that ^ :) [14:38] verterok: hola :) [14:39] zyga: it's trusty, let me get the version [14:39] aha [14:39] using 14.04 kernel/ [14:39] or LTS enablement kernel? [14:39] zyga: http://paste.ubuntu.com/24587234/ [14:39] I see [14:40] well that is interesting [14:40] can you get me dmesg | grep DENIED [14:40] zyga: this is prodstack4.5 [14:40] and is that the latest kernel you can get (from the 4.4 series) [14:40] I want to eliminate known issues that may be lurking [14:41] zyga: it's a freshly booted instance, let me apt update and see what is available [14:41] verterok: please! [14:41] verterok: and if you can also check dmesg [14:41] verterok: I think it is most interesting here [14:41] zyga: http://paste.ubuntu.com/24587246/ [14:41] verterok: and if you see a kernel upgrade available, take it and reboot [14:41] dmesg ^ [14:41] zyga: it worked after rebooting [14:41] oh [14:41] [ 16.794142] audit: type=1400 audit(1494943609.127:13): apparmor="DENIED" operation="change_onexec" info="label not found" error=-2 profile="unconfined" name="snap.prometheus.prometheus" pid=1020 comm="snap-confine" [14:42] does prometheus (I don't know what it is) tries to run other snap commands? [14:42] zyga: the son of iapetus [14:43] Chipaca: well that fixes it ;) [14:43] also of clymene [14:43] got his liver eaten by a vulture [14:43] zyga: prometheus is a timeseries DB + scrapper to collect metrics [14:43] verterok: ok, is it a strictly confined snap? [14:44] zyga: no idea, how can I check? [14:44] verterok: snap list | grep prometheus [14:44] Chipaca, with apples and onions ? [14:44] zyga: snap list | grep prometheus [14:44] prometheus 1.5.2 11 jacek - [14:44] ok [14:44] ogra_: also the guy that stole fire from olympus and gave it to mankind [14:44] verterok: so this seems to be a strictly confined snap [14:44] yeah [14:44] morphis: not yet, we need to fix the cloud-init bug I mentioned earlier ; ogra_ do you know when or why the /etc/system-image/config.d directory got removed? looking at the previous core snaps it had been present but empty; was it just pruned? [14:44] * Chipaca shuts up about the greeks [14:44] verterok: but it seems to want to run apps from other snaps [14:44] heh [14:45] verterok: do you have any idea why? [14:45] zyga: “snap list ” works :-) [14:45] Chipaca: oh, thanks [14:45] zyga: “snap list [snap...] [14:45] ” [14:45] zyga: it's failing to run an utility command provided by the prometheus snap itself [14:45] rharper, well, we havent used system-image since 15.04 ... [14:46] so that dir is a dead thing since quite a while [14:46] verterok: looks like a bug in the snap [14:46] zyga: worth noting it was working last week (I made a couple deploys of it) [14:46] writable-paths will soon move one level up and it will be gone completely [14:46] verterok: that utility should be invoked using internal name [14:46] verterok: not using the name exposed to the outside world [14:46] Chipaca: i am looking at the new completion functionality. If I use python3-argcomplete, is there a trivial way to hook into it? Do I basically take what python3-argcomplete's global enable and make that may app's completer? Note that I have to have two completers, actually, because 'git-ubuntu' and 'git ubuntu' go through different executables. Is that supported? [14:47] zyga: the juju charm fails while trying to tun: /snap/bin/prometheus.promtool version [14:47] nacc: there's no support for aliases yet [14:47] verterok: too many facts, I don't know all those snaps [14:47] rharper, do you mean between two stable versions ? i think /etc/system-image/config.d is gone since a lot longer already [14:47] verterok: snaps cannot run commands from other snaps [14:47] zyga: no idea what promtool is doing, but I think it's just a compiled go thing, no way to look inside easily [14:47] verterok: or even from their own snap [14:47] verterok: nothing from /snap/bin [14:47] Chipaca: aliases in what sense? you mean that `git-ubuntu` and `git ubuntu` both work? [14:47] nacc: but other than that, the completer is just the snippet you'd drop in /usr/share/bash-completion/completions [14:48] Chipaca: that's default git behavior [14:48] verterok: they can only run stuff they find locally (e.g. via $SNAP/bin/stuff) [14:48] ogra_: interesting, so maybe it was always gone in edge for quite some time then ? [14:48] yeah [14:48] verterok: default PATH should make that happen [14:48] I had typically built with stable or beta [14:48] nacc: sorry, maybe i misunderstood [14:48] did you use it for anything ? [14:48] verterok: that is, for snap application /snap is not on path [14:48] Chipaca: i already have (in my snap) `git-ubuntu` and `git ubuntu`. [14:48] cloud-init used to determine if the system was ubuntu-core or not [14:48] rharper: does cloud-init touch /etc/netplan? [14:48] nacc: are you snapping "git-ubuntu"? [14:48] rharper, uuuh [14:48] morphis: cloud-init support rendering netplan [14:48] verterok: I'm wondering why it sometimes "works" for you [14:49] rharper: more concrete, /etc/netplan/00-snapd-config.yaml? [14:49] verterok: can you tell me more about it [14:49] Chipaca: yeah, and both commands become available via the same snap [14:49] Chipaca: becuase of how `git` itself works (in a classic world where git is already installed, say) [14:49] nacc: right, but not via an alias but because git does that magic? [14:49] Chipaca: yeah [14:49] zyga: not sometimes, let me explain :) [14:49] nacc: and how does git plug into completion of its subcommands? [14:49] morphis: , yes, http://cloudinit.readthedocs.io/en/latest/topics/network-config-format-v2.html [14:49] zyga: I'm using juju to deploy a prometheus "service" juju deploy cs:~prometheus-charmers/prometheus [14:49] Chipaca: right, it looks for me to add a shell snippet that defines _git_ubuntu into the .bashrc (or i think it if was in the completion directory that would work too) [14:50] zyga: that boot a openstack instance (trusty) [14:50] rharper: I enabled cloud-init in my image build with edge now and get an error in console-conf that the netplan file is invalid [14:50] Chipaca: but `git-ubuntu`'s completion is different [14:50] ogra_: at the time we added support it was the 15.04 image, (a/b partitions), then the new snaps came and os-release still had Xenial information; [14:50] Chipaca: so can i hve two completers for the same 'app'? [14:50] zyga: and run the prometheus charm, all that is classic stuff apt based [14:50] rharper: ala "set-name requires match properties" [14:50] rharper, yeah, for 15.04 that was okayish .. [14:50] zyga: then it install the prometheus snap [14:50] rharper: but could be console-conf too [14:50] zyga: and tries to use it, which is when it fails [14:51] morphis: that's a known issue with console-conf and cloud-init; cloud-init recognizes the baked in snap config, and should remove it; I've not yet determined why it failed to remove it, so you'll find two files in /etc/netplan/ [14:51] zyga: if I reboot the instance/machine, it works ok after [14:51] the 00-snapd one, as well as one that cloud-init rendered [14:51] rharper: ah I see [14:51] zyga: but until the instance is reboot, it keeps failing [14:51] verterok: wait, what is "it" in the sentence: < verterok> zyga: and tries to use it, which is when it fails [14:51] nacc: to answer your last question, no [14:51] zyga: the charm, think of it as a set of scripts to setup a service in a machine/instance [14:52] Chipaca: ok :( I guess I could write one that sources my two? :) [14:52] verterok: is any of this running inside containers? [14:52] zyga: nope [14:52] zyga: is all running in "real" VMs [14:52] nacc: there is no way to define _git_ubuntu in the user's shell from inside the snap [14:52] nacc: so that is not going to work, even if you did it [14:53] verterok: hmm hmm hmm [14:53] ogra_: I've a bug against cloud-init to add additional methods to detect cloud-init is on ubuntu-core (https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1689944) ; [14:53] Bug #1689944: util.system_is_snappy needs additional checks [14:53] mvo: it looks that https://github.com/snapcore/snapd/commit/08f60b88c28416dc627308b619b6ffdbbb2cd593 somehow made it to the release/2.25 branch and is making tests/main/snap-connect fail (no --last option in 2.25's snap tasks), other than that the tests on pi2 are good so far (28/115) [14:53] verterok: I need to play with this more, can you tell me how to reproduce this? I have 14.04 around [14:53] verterok: just a few basic commands, maybe just the snap part [14:53] verterok: the charm/juju side feels like not a factor [14:54] zyga: indeed [14:54] zyga: let me extract the commands run by the charm [14:54] ogra_: would it be terrible in the core-build config to re-create the config.d dir (would something eles break if it were present but empty) ? [14:54] nacc: OTOH, git-ubuntu is a classic snap, so it can do anything [14:54] rharper, it would be very ugly [14:54] Chipaca: in classic there is, just not automatically [14:54] ogra_: ok [14:54] Chipaca: right :) [14:55] rharper, it shouldnt have been used in the first place really ... use os-release ... thats reliable ... or if you need the info earlier, use the cmdline [14:55] nacc: if it's going to remain classic, I don't think the confined completion support really buys you anything [14:55] ogra_: the os-release at the time it was added didn't yet differ from Xenial [14:55] verterok: thanks! [14:56] nacc: and it can do things automaticall by, for example, dropping a file in /usr/share/bash-completion/completions from the configure script [14:56] rharper, yes, but that was fixed :) [14:56] (actually in 15.04 already IIRC) === shadeslayer_ is now known as shadeslayer [14:57] Chipaca: are there explicit post-install steps? Or do you mean, I can just organize my snap to write there? [14:57] nacc: (note we don't yet have an "uninstall" hook, so make it resilient to your snap not being there...) [14:57] /etc/os-release is definitely not dropping the ID=ubuntu-core [14:57] pedronis: i have some problem to understand where SerialVualt take the authority-id for build the serial assertion for a device [14:58] ogra_: ok; I'd appreciate a comment on that cloud-init bug w.r.t which you feel are the most stable moving forward, and we'll fix up the detection and likely include as many that are stable [14:58] * rharper eyes another cloud-init sru to xenial [14:59] nacc: post-install steps, no. There's a configure hook. [14:59] nacc: which is called on install [15:00] Chipaca: ah i see it now [15:00] Chipaca: sorry, wasn't there before (when i was using snaps earlier, i mean). Will read. [15:00] nacc: https://github.com/snapcore/snapd/wiki/hooks#configure [15:00] Chipaca: thanks! [15:01] nacc: and AIUI there will be more hooks, better suited for what you want, but I might be wrong (haven't been paying attention), and no idea what timeframe [15:02] zyga: it's basically this: http://paste.ubuntu.com/24587337/ [15:03] zyga: let me try to repro manually [15:03] verterok: Thank you [15:03] booting 14.04 now [15:03] verterok: I have a theory but let me try it first :) [15:05] NicolinoCuralli: in which sense? it's the brand-id in the serial-request [15:06] that comes from the model assertion of the device [15:13] pedronis: brand-id is always equal to authority-id? what is the sense of duplicate use on serial assertion response? [15:14] NicolinoCuralli: all assertions have an authority-id (the authority emitting them, and right now also the signer) [15:14] zyga: damn, I can't reproduce it manually (without juju and the charm) :( [15:14] jacekn: ^ FYI [15:14] Chipaca: thanks! [15:14] Pharaoh_Atem: did my log help you to update the snap-mgmt script? [15:14] verterok: aha, [15:14] * zyga found the charger for his VM host laptop [15:14] NicolinoCuralli: we decided it was more consistent to repeat the info (than to have different fields for that per assertion in some cases) [15:14] verterok: hmm hmm [15:15] verterok: I can install a server image and do more if that helps [15:15] morphis: yeah, I'm going to prepare the 2.26.1 update during my lunch hour with the changes [15:15] Pharaoh_Atem: nice! [15:15] NicolinoCuralli: also we are planning to support some cases where authority-id != brand-id (though atm they must be == ) for serial [15:15] verterok: but please give me instructions on how to reproduce [15:15] zyga: thanks, these are the full logs of my manual test: http://paste.ubuntu.com/24587397/ [15:15] mvo, lloking at our images ... there is still init=/lib/systemd/systemd --- shouldnt we be able to finally drop that ? [15:16] verterok: after installing manually you can add /snap/bin to path manually [15:16] verterok: ah but this then works OK [15:17] hmm hmm [15:17] zyga: yup, now trying to reproduce with juju and charm. doing a capture of the full logs (at least what the charm logs) [15:17] verterok: thank you! [15:18] mvo, testing with it dropped seems to work fine ... [15:19] mvo: merged and iterating [15:19] mvo: but edge should no longer be broken (just need a build) [15:19] PR snapd#3326 closed: cmd,interfaces/mount: run snap-update-ns and snap-discard-ns from core if possible [15:21] zyga: ok, I'm not crazy...it seems :) reproduced, collecting full logs now [15:21] verterok: good! [15:23] mvo, oh ! ... seems i spoke to early [15:23] zyga: thanks for unbreaking master. will you do a followup to 3326 with the review comments? [15:23] ogra@pi3:~$ snap list [15:23] error: cannot list snaps: cannot communicate with server: Get http://localhost/v2/snaps: dial unix /run/snapd.socket: connect: connection refused [15:23] wow [15:23] ogra_: yeah, its still 16.04 so init itself is still upstart [15:23] * zyga goes to build core again [15:24] zyga and pedronis: I am unable to reproduce the case where I had access to hidden files in $HOME now. [15:24] dragly: good :) [15:24] dragly: though it might be better if we did [15:25] We were trying out --classic earlier, so it might just have been because of that. [15:25] That we somehow had a version with --classic installed while testing. [15:26] pedronis : a question: on SerialVault i can upload a different gpg bundle different from Store? [15:27] NicolinoCuralli: in which sense? [15:27] the store needs to check the signature of serials, so any key used to sign serials need to be registered with the store [15:30] pedronis: it means the i need to upload one of the key uploaded to Brand store? [15:30] one of the keys registered (In snapcraft register-key) sense, yes [15:30] i mean upload a Brand Store key to Serial Vault by Admin UI? [15:31] a brand key, registered with the store, yes [15:32] (public) keys are not per store [15:34] pedronis : i mean one of gpg key registrered on the Brand Store [15:35] NicolinoCuralli: we are probably talking about the same thing, but keys are registered with the store, not a specific substore [15:35] pedronis: ok we are talking about the same thing [15:42] Chipaca, verterok: so FYI, this issue is caused by running on top of 3.13 before a reboot applies a new kernel [15:42] jacekn: ^ this will surely affect new deploys using trusty. xenial is cool [15:42] mvo: we need to do something smarter in snapd/snap; I'd suggest that we bail out if on Ubuntu 14.04 and we're not on a 4.x kernel [15:42] with a simple message [15:42] this would be unique to "snap run" [15:43] which should catch "my snaps don't work at all" [15:43] but I worry about installing and running hooks [15:43] perhaps snapd should also refuse to do anything [15:43] (which may mean it cannot update itself either) [15:43] actually, it should not do anything at all (snapd) [15:43] zyga: what is 3.13? [15:43] mvo: ^^ I'll open a forum thread about this [15:43] Chipaca: 3.13 kernel that 14.04 systems start with [15:43] Chipaca: they only pull the LTS enablement kernel by installing snapd [15:43] zyga: uh, so the "snap version" verterok posted was post-reboot? [15:44] yes [15:44] we got to the bottom of this in a private chat where we exchanged more logs [15:44] verterok: so, yeah, installing a new kernel requires a reboot ¯\_(ツ)_/¯ :-) === JamieBen_ is now known as JamieBennett [15:44] (we didn't want to leak any magic passwords or anything by accident) [15:44] Chipaca: sure but snapd packaging make this unobviou [15:44] zyga: that's fine [15:44] Chipaca: and the effects will worsen with time [15:44] Chipaca: I live in a world of ksplice and livepatch...never reboot! ;-) [15:45] zyga: anything that gives me a reason to make fun of verterok is good [15:45] zyga: (those chances are rare) [15:45] verterok, until the next systemd update indeed :P [15:45] (or upstart in case of 14.04) [15:45] verterok: well, if it were something newer than 14.04, you could've kexec'ed :-p [15:46] Chipaca: the problem is not snapd, but the charm that tries to use it right away and allow deploying on trusty :) [15:46] 14.04, or as we called it back then, MCD.IV [15:46] hmm launchpad times out for me... [15:48] + su -c 'SNAPPY_USE_STAGING_STORE=0 snap prepare-image --channel edge --extra-snaps snapweb /tmp/root/model.assertion /tmp/root' test [15:48] error: Please buy pi2 before installing it. [15:48] I thought we'd gotten rid of the bug where it thinks it needs to buy something? [15:48] zyga: something changed recently? this same deploy worked last week [15:48] verterok: no [15:48] verterok: well [15:48] verterok: maybe [15:48] maybe a bug fix? :) [15:49] verterok: but "work" is exaggerated [15:49] verterok: it's just it was never ever intended to work :-) [15:49] zyga: quite probably :) [15:49] verterok: as 3.13 is definitely too old to have working apparmor [15:50] so, we "just" need a could image with 4.x cooked in [15:50] verterok: for snaps, definitely [15:50] verterok: in fact, this is some feedback for clould team [15:50] verterok: for those that want 14.04 and snaps they need to start producing an image that works ootb [15:50] verterok: (good kernel at least, but maybe snapd preinstalled too) [15:52] mvo, niemeyer: shouldn't https://forum.snapcraft.io/t/in-progress-snapd-2-25/414 be marked as done? [15:52] mvo, niemeyer: or does the "In progress" just confuse me? [15:53] ah 2.25 isn't yet in stable [15:54] ogra_: thanks for the comments [15:55] np [15:55] Chipaca: no, discussion was that it needs to be fixed on the store side [16:05] pstolowski: feedback on 3328 [16:05] morphis: correct, not quite in stable yet [16:05] zyga, thanks [16:08] mvo: just got a bit confused by the forum, sorry for the noise :-) [16:08] morphis: no worries [16:10] pstolowski: tomorrow I'll find my work on regexp-free validation [16:10] zyga, great, thanks! [16:24] PR snapd#3325 closed: vendor,partition: fix panics from uenv === JanC_ is now known as JanC [16:34] mvo: +1 to merge coverage report? [16:34] mvo: I'd love to see it [16:35] zyga: +1 [16:36] PR snapd#3313 closed: send things to codecov.io [16:37] mvo: do you have the time to voice your preference on https://github.com/snapcore/snapd/pull/3308 [16:37] PR snapd#3308: tests/lib: introduce pkgdb helper library [16:39] zyga: sorry :( looking now [16:40] zyga: after I uploaded 2.26.2 [16:48] PR snapd#3331 opened: tests: remove unit tests task [16:49] mvo: thank you for getting 2.26.2 out [16:49] * zyga hugs mvo [16:53] mvo: is 2.26.2 a .1 + cherry pick or master snapshot? [16:55] mvo: I want to build snapd master and rebuild the core snap but I don't want to mess up your work [16:55] * zyga wonders if this abbreviates to "I should EOD" [16:56] zyga: you could review snapd#3292 if not [16:56] PR snapd#3292: wrappers: make StartSnapServices cleanup any services that were added if a later one fails [16:56] also could use one other review [16:56] so feel free, other reviewers :-) [16:59] or that :) [16:59] * zyga does that now [17:00] mvo: no crashes on the 2.25 execution http://paste.ubuntu.com/24587949/ the ubuntu-core-classic error also happened on 2.26.1, maybe something has changed in the classic snap [17:08] mvo: somebody was mentioning problems with classic snap the other day [17:10] mvo: Any body else get the following when trying to install classic snap? Failed to fetch http://ports.ubuntu.com/ubuntu-ports/dists/xenial/InRelease Could not resolve 'ports.ubuntu.com' [17:11] imma gonna eod [17:15] Chipaca: hey [17:15] Chipaca: have a look [17:15] I think there's a bug in your PR [17:16] pedronis: it's a bug that people mention [17:16] pedronis: but I don't know the cause yet [17:16] pedronis: do you see any errors in journalctl? [17:17] zyga: where? [17:17] pedronis: maybe we got hit by something like DNSSEC? [17:17] pedronis: just run journalctl -f while this rusn [17:17] that's not me reporting that [17:17] *run [17:17] it's a user [17:17] pedronis: aaah [17:17] * zyga misread that [17:17] sorry ;) [17:18] well I misread "a clasisic snap" vs "the classic snap" when he reported it [17:18] so fun [17:21] PR snapd#3329 closed: vendor: remove unused packages [17:23] zyga: mvo: fun, just disovered timeutil.Next takes 1s+ when last is 0 [17:23] because we have unittest now trying to schedule/running refreshes :/ [17:27] PR snapd#3332 opened: interfaces/seccomp: document Backend.NewSpecification [17:35] PR snapd#3333 opened: vendor: refresh everything [17:43] zyga: responded (with code!) [17:43] zyga: basically, you're wrong, neener neener neener [17:56] Issues while validating snapcraft.yaml: snapcraft validation file is missing from installation path [17:56] snapcraft validation file is missing from installation path [17:56] anyone know how to fix that? [17:57] i can't build anything anymore [18:03] kenvandine, are you running from source? [18:04] kyrofa, no [18:04] i'm on artful [18:04] using the package [18:04] it was fine a few minutes ago... [18:04] made a little change to my snapcraft.yaml and hit this [18:04] now i can't build anything [18:05] pedronis: meh :/ not cool. thanks for finding this! [18:05] mvo: it seems we haven't really decided explicitly what to do when last-refresh is 0 [18:07] Chipaca: I'm glad to be shown wrong, thanks :) [18:09] kyrofa, any insight? [18:10] kenvandine, it should be looking in /usr/share/snapcraft/schema . Do you see anything in there? [18:10] yes [18:10] pedronis: indeed [18:11] kenvandine, try running with `-d` to turn on debugging mode. You'll see where that exception is thrown. Do you see what file it's trying to open? [18:12] * zyga really EODs [18:12] take care! [18:12] FileNotFoundError: [Errno 2] No such file or directory: '/snap/gedit/x16/share/snapcraft/schema/snapcraft.yaml' [18:13] it thinks it should still be installed [18:13] niemeyer, hey, here I have some results using the xunit branch https://platform-qa-jenkins.ubuntu.com/view/snapd/job/snapd-spread-full-execution/lastCompletedBuild/testReport/ [18:13] oh [18:13] geez [18:13] * kenvandine is in a snap run --shell :) [18:13] sigh [18:13] kyrofa, thx! [18:13] kenvandine, hahahahahahaha [18:13] niemeyer, of spread to run the snapd test suite on jenkins [18:13] kenvandine, I NEVER would have guessed that [18:59] PR snapd#3334 opened: Release snapd 2.26.2 [19:00] PR snapd#3330 closed: fail if unused dependencies are found [19:07] PR snapd#3323 closed: overlord/snapstate: avoid creating command aliases for daemons [19:07] mvo: is there some problem with autopkgtests? except off ppc64el they seem to be running forever [19:19] noise][1, I'm getting 504's when trying to view stats in dashboard.snapcraft.io [19:21] kyrofa: which snap? [19:21] noise][1, nextcloud [19:21] i know we have perf. issues there still w/snaps with a lot of revisions [19:21] but i'll take a look [19:22] noise][1, slow is okay. Perhaps timeouts simply need to be upped a bit [19:22] And indeed, I can see stats on other snaps [19:46] Bug #1689301 changed: Can't set program_usb_boot_mode pi-config option [19:56] PR snapd#3335 opened: daemon: teach the daemon to wait on active connections when shutting down [20:00] mvo https://forum.snapcraft.io/t/snapd-2-26-fails-to-start-in-lxd/651 [20:26] Now I'm getting proxy errors when trying to upload snaps. And status.snapcraft.io is all green [20:27] Gotta be honest... I largely don't even look there anymore [20:33] pedronis, is there currently a way for brand stores to be restricted to specific models? [20:33] kyrofa: yes, you need to ask for that to be turned on [20:33] and those models will need proper serials [20:34] pedronis, a store-side assertion, then? How is it associated with the model in question? [20:34] kyrofa: not a store side assertion, store config that you need to ask for [20:35] pedronis, ah, okay. How does that work? What information do they need? [20:35] kyrofa: store, brand, model names as specified in the model assertions for those [20:36] pedronis, alright, thank you :) === mardy_ is now known as mardy [23:45] Hello, I was wondering if snappy sounds like the right tool for this job. I am trying to build some code that requires the boost library at a newer version than what is available in my distro's repository. Since this code requires many libraries, it occurred to me that maybe it might be easier to build a snap with just the newer library and then build the full app normally. Is it possible to have a snap [23:45] that just exposes a library? Or does it need to expose a binary? (like in the example's hello) [23:46] jorian: snaps are confined and aren't (by default) visible to each other (there is some feature work here that maybe i'm not fully aware of) [23:46] jorian: a libary is more like a 'part' in snap parlance than an app [23:46] that was kind of the vibe i got [23:46] thanks for clarifying [23:46] jorian: snaps are more designed around packaging the application