/srv/irclogs.ubuntu.com/2017/06/02/#snappy.txt

=== mup_ is now known as mup
morphis_	Pharaoh_Atem: ping	06:10
=== JanC is now known as Guest29977
=== JanC_ is now known as JanC
zyga	good morning	06:59
pstolowski	morning	07:13
fgimenez	good morning mvo, i saw your post on the forum about 2.26.4 and have already started the beta validation, will let you know how it goes	07:13
fgimenez	hey pstolowski	07:13
mup	PR snapcraft#1327 closed: tests: small updates for manual kernel tests <Created by elopio> <Merged by sergiusens> <https://github.com/snapcore/snapcraft/pull/1327>	07:13
mup	PR snapcraft#1341 closed: Release changelog for 2.30.1 <Created by sergiusens> <Closed by sergiusens> <https://github.com/snapcore/snapcraft/pull/1341>	07:13
mvo	fgimenez: great, thank you	07:15
fgimenez	pstolowski: i had a chance yesterday to have a look at the snapctl test issue, fwiw it looks to me that we are disabling autorefresh before putting the outer binaries in the core snap, IMO this https://github.com/snapcore/snapd/blob/master/tests/lib/prepare.sh#L139 shoulb be done after the update_core_snap_for_classic_reexec call, anyway that only explains the warning messages we get and not the actual error	07:16
zyga	mwhudson: hey	07:18
zyga	mwhudson: still around by any chance?	07:18
pstolowski	fgimenez, hi! yes, i saw this and yes, it's jut the warning. it's ok	07:18
zyga	mwhudson: https://forum.snapcraft.io/t/build-failure-for-2-26-4-on-artful-on-arm-arm64/866 does this error ring any bells?	07:18
fgimenez	pstolowski: yep, if i change the order and reexecute the test i still get the same error, you are probably aware but putting in place some debug info it seems that it keeps failing after "snap set core refresh.schedule=Sun@12:00-14:00" but the actual failure happens in the daemon when it gets "get service.ssh.disable" (not sure why it gets this after trying to set another property), in that case the cookieID received is empty	07:21
pstolowski	fgimenez, is this with all my changes from that branch, or did you comment the SNAP_CONTEXT compatibility line out?	07:23
fgimenez	the context seems to be correctly set map[yltR4VFx0ryHTjNpvGVHmvHbpvsg47sv5M7S7JtmTtkm:core]	07:23
fgimenez	pstolowski: with all the changes in your branch and removing the compatibility line	07:23
mup	PR snapd#3427 opened: interfaces/builtin: silence ptrace denial for network-manager <Created by morphis> <https://github.com/snapcore/snapd/pull/3427>	07:27
fgimenez	pstolowski: probably that "get service.ssh.disable" comes from the core's configure hook itself https://github.com/snapcore/core/blob/master/hooks/configure#L111	07:35
pstolowski	fgimenez, yes, this failure is expected then without that compatibility line; lack of this line causes all hooks to fail	07:44
pstolowski	fgimenez, how can I test all possible scenarios (with re-exec disabled)? is setting this env var before running spread locally with qemu enough?	07:45
fgimenez	pstolowski: yes, just export SPREAD_SNAP_REEXEC=0 before executing, there's also export SPREAD_MODIFY_CORE_SNAP_FOR_REEXEC=0 if you want the core snap to be untouched, and also SPREAD_CORE_CHANNEL for selecting the channel from which core is going to be installed	07:47
pstolowski	fgimenez, nice, thank you. do we have any tests that need to be run manually (e.g. expensive tests?) and are not normally executed on travis?	07:50
fgimenez	pstolowski: anyway, executing from the branch will give you always an outer version higher than the inner one and the reexec is not going to happen, it would be better IMO to use the external backend and execute against a running machine	07:52
fgimenez	pstolowski: yes, we are triggering manually tests executed on ubuntu-core systems (this will be done soon on jenkins for most of the archs)	07:53
pstolowski	fgimenez, yes, i understand the re-exec will not be triggered becuase of that. what do you mean with 'external backend and execute against a running machine'?	07:53
fgimenez	pstolowski: the external backend lets you connect to an external machine and excute the tests there https://github.com/snapcore/snapd/blob/master/tests/external-backend.md, but if you need your changes in places that wouldn't help (or putting your changes in places could be hard)... i think that just export SPREAD_SNAP_REEXEC=0 is enough	07:58
mup	PR snapd#3417 closed: httputil,store: extract retry code to httputil, reorg usages <Created by pedronis> <Merged by pedronis> <https://github.com/snapcore/snapd/pull/3417>	08:00
pstolowski	fgimenez, is there any semi-automatic way of creating a core image with my changes in it, and then simulatic a system with old binaries + this new core and re-exec disabled?	08:05
pstolowski	s/simulatic/simulating/	08:05
zyga	morphis_: you got reply on the factory ML	08:05
zyga	morphis_: I spoke with jjohansen yesterday and upstreaming is his sole focus	08:06
zyga	morphis_: but let's make it clear that snapd can work in development mode without strong security, and it is no worse than appimage so we'd like to pursue on all fronts (kernel and userspace)	08:06
fgimenez	pstolowski: not that i know, you could begin with a image generated with ubuntu-image, copy the binaries built from your branch to it and bind mount them, run the tests and find a way to re bind mount them early enough if any of the tests you run involve a reboot :)	08:08
morphis_	zyga: I've answered already	08:08
morphis_	zyga: but feel free to reply as well	08:08
fgimenez	pstolowski: not sure if just the binaries would include all your changes though	08:09
zyga	morphis_: thank you!	08:09
morphis_	zyga: you submitted all PRs we talked about yesterday?	08:14
zyga	morphis_: no, working on them	08:14
morphis_	ok	08:14
zyga	morphis_: I've started with a regression test before I start to meddle there	08:14
morphis_	zyga: can you note them on the forum topic once done?	08:14
zyga	morphis_: then the refactor	08:14
zyga	morphis_: and then comments	08:15
zyga	morphis_: on https://forum.snapcraft.io/t/including-snapd-in-the-opensuse-factory-branch/863/5 ? yes sure!	08:15
morphis_	yes!	08:15
morphis_	thanks	08:15
zyga	I commented briefly just now but I will refer to each PR as they show up	08:17
pedronis	zyga: have you seen this https://forum.snapcraft.io/t/problem-with-installing-canonical-livepatch-service/850 (it doesn't seem specific to livepatch)	08:46
zyga	pedronis: looking	08:49
zyga	pedronis: thanks, I'll handle that	08:51
jjohansen	zyga: not only are we upstreaming, we have made the switch to an upstream first policy. So we won't get in this position again	08:57
pstolowski	fgimenez, with SPREAD_MODIFY_CORE_SNAP_FOR_REEXEC=0, it's expected some tests to fail (such as reexec-test), right?	09:03
mup	PR snapcraft#1346 opened: Multi arch build deps <Created by kalikiana> <https://github.com/snapcore/snapcraft/pull/1346>	09:04
fgimenez	pstolowski: if you don't combine it with SPREAD_SNAP_REEXEC=0 yes, we use it for instance in SRU validations https://github.com/snapcore/spread-cron/blob/snapd-xenial-sru/run-checks	09:06
zyga	jjohansen: thank you for re-affirming that! :)	09:07
pstolowski	fgimenez, i see, thanks	09:07
mup	PR snapcraft#1347 opened: cli: do not duplicate errors <Created by sergiusens> <https://github.com/snapcore/snapcraft/pull/1347>	09:07
mup	PR snapcraft#1348 opened: Foreign arch src <Created by kalikiana> <https://github.com/snapcore/snapcraft/pull/1348>	09:07
sil2100	Hello! I have some questions regarding classic confinement	09:10
ogra_	it is awful, dont use it :P	09:10
ogra_	sil2100, i guess caused by my bug ?	09:10
sil2100	ogra_: yeah, I just don't seem to understand classic confinement at all	09:10
ogra_	sil2100, it is like a deb just differently packaged in the end	09:11
sil2100	ogra_: as per your bug, for instance, libparted is present in the snap but it's just not visible	09:11
sil2100	ogra_: as everything seems to just look for the libraries in the standard directories, not in the snap ones	09:11
ogra_	sil2100, righrt, you would need to hack up wrappers that make the shipped libs used in LD_LIBRARY_PATH	09:11
sil2100	...	09:11
sil2100	This is just silly	09:12
ogra_	(or just switch back to proper strict confinement ;) )	09:12
sil2100	Yeah, I seriously don't think that doing wrapper hacks is what I would like to have, I guess barry wasn't aware of that	09:12
ogra_	it is for special cases where snaps cant really achieve their goal with any of the existing interfaces	09:12
ogra_	editors that need access to all of the system for example ...	09:13
ogra_	or compilers	09:13
ogra_	by default a classic snap will simply get executed like it was a deb ... using the whole rootfs as is ... if you want your libs found you need to specifically mangle LD_LIBRARY_PATH ... prehaps also the python path etc	09:14
sil2100	That's a bit too simplistic for our usecase, I'll bring this up at our sprint next week	09:15
ogra_	this is alsoo one of the reasons classic only works on ubuntu based distros atm ... else you cant be sure the paths are correct	09:15
sil2100	I knew about having access to the whole system, yes, but I thought it's still working similarily to all other snaps by mangling the library paths to point at the snap as well	09:16
ogra_	sil2100, http://paste.ubuntu.com/24746613/ is an example	09:18
Chipaca	zyga: an apparmor DENIED from core's configure related to mounting etc/ssl is probably version skew, yes?	09:38
zyga_	hmm	09:38
zyga_	let me check but I think so	09:38
zyga_	yes	09:39
zyga_	apparmor mismatch vs binary	09:39
Chipaca	ok	09:39
zyga_	hacking or production?	09:39
Chipaca	(i always run snapd with _TESTING so you won't see this in errors)	09:40
Chipaca	well, always, always on this machine	09:40
zyga	hmm	09:43
zyga	dh_install: usr/bin/uboot-go exists in debian/tmp but is not installed to anywhere	09:43
mup	PR snapcraft#1349 opened: Clarify wording of cross-compilation unsupported error <Created by kalikiana> <https://github.com/snapcore/snapcraft/pull/1349>	09:46
* zyga_ has some hectic stuff at home		09:47
zyga_	we're moving TOMORROW	09:48
pstolowski	zyga, back to Poland?	09:56
Chipaca	zyga_: <gif of that guy waving his arms around in panic>	09:58
zyga_	pstolowski: yes	09:58
pstolowski	good :)	09:58
zyga_	pstolowski: we just ordered the transport as it is in the town next to us and the price is very competetive	09:58
zyga_	Chipaca: that'd be my wife	09:58
Chipaca	:-)	09:58
zyga_	we have to pack everything that won't fit into the car now	09:58
zyga_	like ... now	09:58
zyga_	well	09:58
mvo	zyga_: woah, goooooood luck!	09:59
pstolowski	fgimenez, i found out I need compatibility fix also in snap-confine (and in snapctl as discussed yesterday in standup), otherwise those other combinations we test are failing on my new spread test which checks the new feature	10:02
kunal	Hello community	10:07
ogra_	hey kunal	10:07
kunal	I have a problem... I am trying to build a snap for python script / app	10:07
kunal	I have read alot of documents but still unable to figure out the solution for some problems	10:08
kunal	dear community, please help	10:09
kunal	I need your help	10:09
zyga_	pstolowski: apart from the fix, how will people upgrade or downgrade?	10:09
zyga_	pstolowski: we learned the hard way that changing formats in snap-confine is not nice or easy	10:09
kunal	I want to know how to add data folder in snap for my python app because it requires data to run. And all the data is collected in a single folder	10:11
zyga_	kunal: read-only data that is distributed with your snap?	10:12
zyga_	kunal: just add a part that contains this data	10:12
ogra_	have a look at the dump plugin	10:12
kunal	how to add it in the snap folder	10:13
kunal	I am sorry to disturb you by asking such kind of stupid questions, but I have already tried that dump plugin and unable to understand how to add the folder	10:14
zyga_	kunal: no worries, look at the dump plugin and experiment	10:14
pstolowski	zyga, for the new feature (snapctl usable not only in hooks) they need latest everything. the second change related to this feature is reanaming of SNAP_CONTEXT var to SNAP_COOKIE. I made compatibility fixes to basically set both and check of existience of either, so that hooks are not affected if re-exec is disabled. does that answer your question?	10:14
zyga	pstolowski: can people revert from the new feature back to previous release?	10:15
zyga	pstolowski: I'm mainly asking if this is a flag day change or not	10:15
kunal	Folder name is dataFolder. So where should I place my dataFolder. Should it be there in src folder or in the top or parent folder	10:15
zyga	kunal: in your source tree it can be anywhere	10:16
zyga	kunal: but your snapcraft.yaml must say that it must be installed into the snap	10:16
zyga	kunal: ogra_'s advice was correct, look at examples of dump plugin	10:17
zyga	kunal: also if this is a python appication you should be able to install the data throuh python	10:17
zyga	kunal: good luck	10:17
kunal	Thanks. But how to point the folder in yaml file so that it can be included in snap	10:17
zyga	kunal: using a part and the dump plugin, is one way, there are others that may be more straightforward, depending on other parts you use	10:18
pstolowski	zyga, yes, with the compatibility workarounds I made it's ok to revert. of course a snap which uses the new functionality and calls snapctl from an app will fail and not be able to use the new featue	10:18
zyga	pstolowski: that's fine	10:18
zyga	pstolowski: we have some tests missing in revert	10:18
zyga	pstolowski: when is this scheduled to land? 2.27?	10:19
pstolowski	zyga, I think it would be pretty useful to have a matrix of all upgrade (and revert) paths that takes snapd + snapctl + snapconfine into account.. i find it difficult to think of these scenarios. and it seems that our recent issues show it's generally hard not to forget about something. perhaps we could have such a matrix as a template to fill in when a new feature is proposed	10:21
pstolowski	zyga, not scheduled really, but soon once the rename of env var is addressed	10:21
kunal	Dear Sir, should I write plugin: dump source: .	10:23
kunal	What should be the destination if I want to keep executable and data folder at the same place so that it can use it as per reference in python script	10:24
zyga	kunal: https://snapcraft.io/docs/reference/plugins/dump	10:26
zyga	kunal: but if you have a correctly written python app you don't need dump	10:26
zyga	kunal: your python's setup.py should install data	10:26
kunal	how to do it, dear Sir, in setup.py to instruct system to install data files properly at desired place. Please help sir	10:27
zyga	kunal: this is widely documented on python setuptools project, please look there	10:28
zyga	kunal: if you have a free software project or wish to share your setup.py that might help	10:28
zyga	kunal: but I cannot help you in detail today (look above, I'm moving my life to another country)	10:28
zyga	kunal: needles to say there are 100s of examples of python projects shipping data files around	10:28
zyga	kunal: and accessing them irrespectively to how they are installed (which is a nice advantage)	10:29
zyga	kunal: I recommend you to look that up	10:29
kunal	Thank you so much dera Sir. Thanks alot for giving me your precious time to guide in right direction. Thanks alot dear sir!	10:30
zyga	good luck :)	10:30
zyga	and note that you may also try the forum (forum.snapcraft.io) as there are plenty of people snapping software that can help you out	10:30
zyga	and it works somewhat better across timezones than IRC	10:30
zyga	many of the snapcraft developers are in the US timezne	10:30
kunal	Thank you so much sir. Thanks alot.....	10:31
kunal	Sir, One last question, Please tell me the location where the python executable script or app be installed in snap so that I may take proper reference .	10:38
zyga_	kunal: it's variable at runtime, the snap content is mounted in some place and you can look that up via the $SNAP environment variable	10:39
kunal	so how will it look for the data folder. Will the data folder be also variable at runtime along with its executables	10:41
zyga_	what is "the data folder?"	10:41
kunal	Folder that contain data required by the python script at runtime	10:43
Chipaca	kunal: for reading, or for reading and writing?	10:44
* zyga_ hugs Chipaca		10:44
Chipaca	zyga_: go pack :-)	10:44
ogra_	geez, is he traveleing again ?	10:45
kunal	Sir for both the purpose	10:45
ogra_	:)	10:45
Chipaca	kunal: is this your python code, or are you snapping somebody else's?	10:45
kunal	My own code.	10:46
Chipaca	kunal: and is it a daemon (a service), or is it a standalone executable?	10:46
kunal	I wrote a piece of code used setup.py and made it work . Dear Sir, Its a standalone executable.	10:47
Chipaca	kunal: and is this data needed across revisions? i.e. if you have revision 1, and refresh to revision 2, do you need to still have that data accessible from revision 2 as it was when last modified by revision 1?	10:47
kunal	Yes sir	10:47
zyga_	Chipaca: I'd not confuse this with data-common-across-revisions (remember that we copy data around so it's fine to just use $SNAP_DATA / $SNAP_USER_DATA for everything)	10:48
Chipaca	true	10:48
kunal	i need these data files at runtime.	10:49
Chipaca	kunal: so, os.getenv("SNAP_USER_DATA") will give you a directory you can read and write to, which is intended for this sort of thing	10:49
zyga_	kunal: snaps differentiate immutable "data" that is shipped with the snap and updated with the snap from the writable data (either global or per-user)	10:49
zyga_	kunal: e.g. app icon is the former and just goes anywhere in $SNAP (into your snap image)	10:49
zyga_	kunal: user preferences are writable and should go to $SNAP_USER_DATA	10:50
zyga_	kunal: if you have a service it can keep its mutable state in $SNAP_DATA	10:50
zyga_	kunal: and all of those can obviously access anything they want (immutable code and data) stored in $SNAP	10:50
kunal	Dear sir, May I know , how to set it up to be used by script	10:50
kunal	How should I add Data Files and Folder to this location while writing yaml file . How to point to these locations	10:51
zyga_	kunal: if you struggle with this I'd suggest going through the snapcraft tutorial	10:53
zyga_	kunal: as I mentioned the dump plugin is a very simple way of doing what you want	10:53
zyga_	kunal: I also suggested that for python you may not need the dump plugin as python plugin can install both code and read-only data	10:53
zyga_	kunal: as for writeable data your application must create it relative to the directory pointed by the $SNAP_DATA or $SNAP_USER_DATA environment variables	10:54
zyga_	kunal: I suggest that you install hello-world	10:54
zyga_	kunal: and play around in the shell, look at where those variables point	10:54
zyga_	kunal: good luck :)	10:54
kunal	Ok sir. Thanks. Now every doubt is clear. Thank you so much sir. and thanks community ... Open Source Community . Thanks alot	10:55
mup	PR snapcraft#1334 closed: tests: use the fake apt cache in deb unit tests <Created by elopio> <Merged by sergiusens> <https://github.com/snapcore/snapcraft/pull/1334>	11:13
mup	PR snapd#3428 opened: tests: add snap-confine privilege test <Created by zyga> <https://github.com/snapcore/snapd/pull/3428>	11:18
zyga_	jdstrand: ^^	11:19
zyga_	morphis_: ^ first PR	11:26
morphis_	zyga_: nice!	11:26
Son_Goku	zyga, morphis_, for snapd 2.27, I'm considering flattening the packaging some more in Fedora	11:45
Son_Goku	the original reason I kept snap-confine and snapd separate was because there was a separation of C and golang code	11:45
Son_Goku	but as zyga rewrites more bits from C to Go, it makes less sense	11:45
morphis_	Son_Goku: you mean droping the snap-confine package?	11:46
Son_Goku	yes	11:47
morphis_	+1	11:47
morphis_	Son_Goku: btw. if you submit those changes first upstream we can review them together	11:47
morphis_	want to do the same with the suse bits in the future	11:47
Son_Goku	SUSE already works this way	11:47
morphis_	it doesn't	11:48
Son_Goku	it doesn't generate a snap-confine subpackage	11:48
morphis_	will still maintain the real .spec file on OBS and have no backported a few changes	11:48
morphis_	ah, we're talking about different things :-)	11:48
Son_Goku	also, the SUSE changes I will submit to OBS first	11:48
Son_Goku	there's no value in doing it in snapd git	11:49
Son_Goku	as it does no testing of packaging	11:49
morphis_	there is, there we have the entire test suite running	11:49
zyga_	Good idea, what do you have in mind specifically?	11:49
Son_Goku	not helpful when the goal is to change the snapd packaging	11:49
morphis_	Son_Goku: we have such upgrade tests for .deb	11:49
Son_Goku	I'm not touching the debian crap	11:49
morphis_	that is not what I mean	11:49
Son_Goku	it's impossible to figure out what that stuff even does	11:49
Son_Goku	look, my fixes for the SUSE spec are small things to enable some of the tests that are already enabled in the Fedora package	11:50
morphis_	Son_Goku: I simply mean we have an entire spread test suite which verifies a lot of things and once the Fedora spread setup lands you can easily craft your own rpm upgrade tests	11:50
morphis_	Son_Goku: great, IMHO it would make sense much easier if we keep the snapd git repo the central place for the suse, fedora, deb packaging bits	11:51
Son_Goku	morphis_: I'm not worried about Fedora upgrade tests, and I'm not even sure I'm going to do it yet	11:51
morphis_	we can then push from there to fedora/obs/..	11:51
Son_Goku	hardly	11:51
Son_Goku	first of all, for that to be possible, we need the first class packaging tests for fedora, suse, etc.	11:51
Son_Goku	we don't yet	11:51
Son_Goku	second, snapd git is BROKEN for all distributions except Ubuntu	11:51
Son_Goku	and I don't foresee that getting fixed soon	11:52
Son_Goku	maybe in 2.28	11:52
Son_Goku	which is a couple of months out	11:52
morphis_	Son_Goku: what is broken in master?	11:52
Son_Goku	seccomp, for one	11:53
Son_Goku	unless a proper fix was merged in recently	11:53
morphis_	what exactly do you mean?	11:53
Son_Goku	http://pkgs.fedoraproject.org/cgit/rpms/snapd.git/tree/snapd-2.26.1-interfaces-seccomp-allow-bind-for-Fedora.patch	11:53
Son_Goku	that ^	11:53
morphis_	Son_Goku: you saw https://github.com/snapcore/snapd/pull/3394 ?	11:53
mup	PR snapd#3394: interfaces/seccomp: add bind() syscall for forced-devmode systems <Created by morphis> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/3394>	11:53
Son_Goku	well, no	11:54
morphis_	so what else is broken? :-)	11:54
pedronis	mvo: should snapd#3446 be merged?	11:54
Son_Goku	I guess at that point nothing that isn't already broken	11:55
Son_Goku	I'm also not doing the golang flags override in Fedora	11:55
morphis_	which one do you mean?	11:55
Son_Goku	https://github.com/snapcore/snapd/pull/3365/commits/4942a9f9e7c570a44b554d8cc924c9343331ca16	11:56
mup	PR snapd#3365: tests,packaging: add package build support for Fedora for our spread setup <Created by morphis> <https://github.com/snapcore/snapd/pull/3365>	11:56
pedronis	mvo: sorry, should snapd#3426 be merged?	11:56
mup	PR snapd#3426: release: 2.26.4 <Created by mvo5> <https://github.com/snapcore/snapd/pull/3426>	11:56
mvo	pedronis: yes	11:56
morphis_	Son_Goku: then you can't drop that single patch, but you know this is a bug only on F25 which is coming from the rpm macros, right?	11:56
Son_Goku	I'm aware	11:57
morphis_	good	11:57
Son_Goku	if you want, you can switch spread to fedora-26	11:57
Son_Goku	then you can drop that	11:57
morphis_	we will add a f26 instance too	11:57
morphis_	Son_Goku: we could make this conditional for f25 too if you want	11:58
Son_Goku	it'd be F25 and lower, actually	11:58
Son_Goku	but yes	11:58
morphis_	yes	11:58
morphis_	Son_Goku: it's better than keeping this libtool patch	11:58
Son_Goku	0%{?fedora} && 0%{?fedora} < 26	11:58
Son_Goku	meh, the libtool patch is easy to rebase	11:58
pedronis	fgimenez: snapd#3414 has 2 +1 but the spread tests have failed	11:58
mup	PR snapd#3414: tests: show available entropy on error <Created by fgimenez> <https://github.com/snapcore/snapd/pull/3414>	11:58
morphis_	it is, but it separates us from what happens in master	11:59
morphis_	however if you want to keep it I am fine	11:59
morphis_	we should just try to avoid that snapd git and fedora git get out of sync for the .spec file	11:59
morphis_	as as soon all changes for the spread setup land developers will be required to touch the .spec file too	11:59
Son_Goku	you think they will?	11:59
morphis_	otherwise CI will break :-)	12:00
Son_Goku	I'd be surprised to see mvo generating changelogs for the spec files in parallel to the debian/changelog file	12:00
morphis_	Son_Goku: I am not talking about changelogs	12:00
morphis_	but all the other packaging bits	12:00
Son_Goku	I know	12:00
Son_Goku	but it'd be surprising if that happened too ;)	12:01
pedronis	mvo: also snapd#3413 could go in with a 2nd pass from you (if the tests pass)	12:01
Son_Goku	I'd initialize the repository with tito if tito supported spec files in subdirs :/	12:01
mup	PR snapd#3413: tests: fix for econnreset test checking that the download already started <Created by sergiocazzolato> <https://github.com/snapcore/snapd/pull/3413>	12:01
morphis_	zyga_: joining us?	12:02
fgimenez	pedronis: thx, looking	12:05
fgimenez	pedronis: yes, not related to this PR but we are getting quite a few errors related to reexec lately "re-exec disabled by user" https://travis-ci.org/snapcore/snapd/builds/237854333#L1281	12:07
pedronis	some test not restoring something properly and order issues?	12:08
pstolowski	fgimenez, I've pushed one more compatibility workaround to my branch (the one mentioned earlier).	12:10
fgimenez	pedronis: no idea, we are getting those random errors, i've checked some reexec variants and they happen after reexec0 and reexec1, maybe there's another place where this is changed	12:15
fgimenez	pstolowski: ok thanks, btw let me know how can i help with the testing matrix you mentioned, we have some scenarios for reexec currently being executed in spread-cron and maybe we could extend them with more checks, or create new ones from scratch	12:16
fgimenez	pstolowski: tbh i still don't understand why the test prepare doesn't fail in your when SNAP_CONTEXT is set, the inner and outer binaries should understand SNAP_COOKIE and ignore SNAP_CONTEXT, not sure what is left behind that makes things go well when SNAP_CONTEXT is set	12:19
fgimenez	doesn't fail in your branch	12:19
pedronis	well edge has something that understand only SNAP_CONTEXT	12:20
pedronis	atm	12:20
fgimenez	pedronis: but in prepare we modify the core snap and put in place the outer binaries, maybe i'm missing something	12:21
pstolowski	fgimenez, but we modify it too late	12:23
pedronis	fgimenez: yes, but as pstolowski explained before we do that we do snap install --"$CORE_CHANNEL" core	12:23
pedronis	that ends up using the snapctl from edge core I think (because of the configure hook)	12:24
fgimenez	pstolowski: i'm trying locally modifying it before calling "snap set core.." and the error is the same	12:24
pstolowski	yes	12:24
pedronis	install core will call the hook already	12:24
pedronis	not need to do a set	12:24
pedronis	to trigger that	12:25
pstolowski	fgimenez, yes, as pedronis says	12:25
pedronis	which thinking of it is all a bit weird	12:25
pedronis	anyway	12:26
fgimenez	pedronis: yes, but that doesn't trigger the error, the errors on install seem to be ignored	12:27
pedronis	that doesn't make sense to me	12:27
pedronis	we don't ignore configure errors	12:28
pedronis	afaik	12:28
pstolowski	fgimenez, about the upgrade path matrix.. one scenario that would be nice to test is: old versions in the system, newest versions shipped with core, but re-exec disabled. the new feature will not work but hooks shouldn't break	12:28
fgimenez	pedronis: the error happens only after snap set from what i'm seeing here, let me paste a log	12:28
pstolowski	fgimenez, I saw prepare failed	12:28
abeato	hey, is it possible to specify a concrete core snap revision in "snap prepare-image"? or to use a local core snap?	12:31
fgimenez	pedronis: i'm using a prepare.sh like this one http://paste.ubuntu.com/24748009/ to make sure that update_core_snap_for_classic_reexec is called before "snap set" (around line 140)	12:32
pedronis	abeato: yes, to the 2nd just --extra-snaps core.snap , to the first kind of , if you have it around already and it came from the store then you can again using --extra-snap core.snap with a recent enough snap which I don't know if it's the case or not with ubuntu-image	12:33
abeato	pedronis, ok, 2nd option is good enough for me, thanks!	12:34
pedronis	sorry what I meant the version of snap (the binary) shipped with ubuntu-image needs to be recent enough	12:34
fgimenez	pedronis: with that in place i get a log like this after the error http://paste.ubuntu.com/24748007/ (with some additional debug info added) the configure hooks errors on install doesn't make the test to stop, the final error at the end is after "snap set core refresh.schedule="$(date +%a --date=2days)@12:00-14:00""	12:35
abeato	pedronis, but if I use a local fine, there will be any issue with assertions? as you get some of them when dowloading from the store	12:35
abeato	*local file	12:35
pedronis	abeato: well, it wil be unasserted so no updates	12:35
abeato	pedronis, ok, I see	12:35
pedronis	unelss as I said the .snap came from the store then ubuntu-image finds the assertions anyway	12:35
abeato	ah, good	12:36
pedronis	but this is implemented by snap prepare-image only recently	12:36
pedronis	and I lost a bit track what is shipped where	12:36
abeato	ok, I will just try, thanks	12:36
pedronis	fgimenez: something seems really weird, I don't understand why we don't die on that first error	12:38
pstolowski	fgimenez, can you share the log too?	12:40
fgimenez	pstolowski: sure, this is spread's log http://paste.ubuntu.com/24748076/	12:42
fgimenez	and the corresponding journalctl (the other one was from a previous execution) http://paste.ubuntu.com/24748082/	12:44
pedronis	anyway a --debug run one test should show where we die	12:46
fgimenez	pedronis: looks like the "ERROR ignoring failure in hook "configure"" comes from https://github.com/snapcore/snapd/blob/master/overlord/hookstate/hookmgr.go#L243	12:48
pstolowski	fgimenez, right.. i see we set ignoreerror flag for configure hook depending on some state flags	12:50
mup	PR snapd#3413 closed: tests: fix for econnreset test checking that the download already started <Created by sergiocazzolato> <Merged by pedronis> <https://github.com/snapcore/snapd/pull/3413>	12:51
pedronis	ah, yes	12:51
pedronis	only for core	12:51
pedronis	because confgure hook of core gave us so much grief trying to update core	12:52
mvo	thanks pedronis	12:55
pstolowski	fgimenez, ok.. i don't understand why it's failing after you copied new binaries into core	12:56
fgimenez	pstolowski: no idea, i've double checked that the only snapctl files in the testbed are the inner and outer ones, and that the md5sum is the same	12:58
pstolowski	fgimenez, just to double-check, what's the latest commit id from my branch you're testing? can you push the changes you made to the scripts or send me a diff?	13:00
fgimenez	pstolowski: sure 1sec	13:01
pstolowski	fgimenez, after standup is ok ;)	13:01
zyga_	Chipaca: standup?	13:01
Chipaca	yeap	13:02
mup	PR snapd#3392 closed: interfaces: add minimal seccomp resolver to avoid backward compatiblity issues <Created by mvo5> <Closed by mvo5> <https://github.com/snapcore/snapd/pull/3392>	13:17
mup	PR snapd#3407 closed: interfaces: move seecomp profiles to /var/lib/snapd/seccomp/profiles-v2/ <Created by mvo5> <Closed by mvo5> <https://github.com/snapcore/snapd/pull/3407>	13:17
zyga_	hmmm	13:30
zyga_	hangouts froze for me	13:30
pstolowski	zyga, for me tto	13:31
pstolowski	zyga, i can't reconnect...	13:31
Chipaca	oh nice	13:31
Chipaca	now it kicked me	13:31
Chipaca	is it sso o'clock	13:31
pstolowski	no sso prompt, just spinning	13:32
mup	PR snapd#3429 opened: interfaces/snapd-control: also allow use of /usr/bin/snap <Created by jdstrand> <https://github.com/snapcore/snapd/pull/3429>	13:42
pedronis	niemeyer: is this one snapd#3418	13:53
mup	PR snapd#3418: tests: prefer ipv4 over ipv6 <Created by fgimenez> <https://github.com/snapcore/snapd/pull/3418>	13:53
pedronis	needs 2nd review and now it's green finally, well or green enough at least	13:53
mup	PR snapd#3430 opened: tests: modify core before calling set <Created by fgimenez> <https://github.com/snapcore/snapd/pull/3430>	13:55
fgimenez	pstolowski: this is the patch http://paste.ubuntu.com/24748672/, i've executed after pulling again your branch (and removing the compatibility changes) and got the same error, somehow snapctl still doesn't understand SNAP_COOKIE	14:03
niemeyer	pedronis: Cheers!	14:03
pstolowski	fgimenez, thanks, i'll look into it	14:04
niemeyer	fgimenez: Why the full block instead of just echo 'precedence ::ffff:0:0/96 100' >> /etc/gai.conf?	14:04
fgimenez	thank you pstolowski	14:04
pedronis	niemeyer: because that's what "man gai.conf" tells to do	14:04
pedronis	it doesn't add , it replaces the whole table	14:05
niemeyer	pedronis: That doesn't sound like a good reason :)	14:05
fgimenez	niemeyer: yep pedronis suggested it "the presence of a single precedence line in the configuration file causes the default table to not be used"	14:05
pedronis	niemeyer: because the RFC also suggested the change in terms of an update table	14:05
fgimenez	niemeyer: and we just want to change one of them?	14:05
pedronis	and just putting in a single precedence doesn't produce that	14:06
pedronis	s/update table/updated table/	14:06
niemeyer	pedronis: I'm not reading that there	14:07
niemeyer	pedronis: Specifically, "Complete absence of data of one kind causes the appropriate default information to be used."	14:08
pstolowski	fgimenez, can you give me last commit id you're using? git log -n1 ?	14:08
niemeyer	pedronis: Note the "of one kind"	14:08
fgimenez	pstolowski: the last two are merges and conflic resolutions, the next is 5da6cd162745d96120fa2dadc2beba4e3dbeba93 "Further compatibilty changes to support SNAP_CONTEXT in transition period."	14:09
pedronis	niemeyer: Once again, the presence of a single precedence line in the configuration file causes the default table to not be	14:09
pedronis	used.	14:09
niemeyer	pedronis: You said this was in the manual.. I can't find it..	14:09
pedronis	that line is in man of gai.conf	14:10
niemeyer	pedronis: What I'm reading, also from the documentation, is what I pasted above, which means something else	14:10
pedronis	niemeyer: are we reading different versions of the docs	14:11
pedronis	?	14:11
pedronis	because I don't see that "one kind" bit	14:11
niemeyer	pedronis: Maybe.. can you paste what yours says?	14:11
niemeyer	pedronis: THis is in the docs in the configuration file	14:11
pedronis	niemeyer: ?	14:12
niemeyer	pedronis: Sorry, I don't know what the question is	14:12
pedronis	niemeyer: why you think your sentence help	14:12
pedronis	if one present in there then the info is not missing	14:12
Chipaca	mwhudson: BTW, the locks around clone/exec make the EAGAIN not happen, for me. If you (or anybody) can confirm this, and you backport this, you can probably un-backport the other	14:12
pedronis	so the default table is not used	14:12
Chipaca	mwhudson: (this confirms the original hypothesis about why those eagains were happening, fwiw)	14:13
pedronis	niemeyer: also see https://www.rfc-editor.org/rfc/rfc3484.txt "10.3. Configuring Preference for IPv6 or IPv4"	14:13
niemeyer	pedronis: Because so far I found nothing saying "the default is not used"	14:13
pedronis	niemeyer: man gai.conf	14:13
niemeyer	pedronis: The RFC is irrelevant.. this is a configuration file which modifies an implementation detail	14:13
niemeyer	pedronis: There's a default table in glib proper	14:13
niemeyer	glibc	14:13
pedronis	precedence netmask precedence	14:14
pedronis	This keyword is similar to label, but instead the value is added to the precedence table as specified in RFC 3484.	14:14
pedronis	Once again, the presence of a single precedence line in the configuration file causes the default table to not be	14:14
pedronis	used.	14:14
pedronis	this is compatible also with the the first lines in gai.conf which sort of refers to the reverse	14:14
niemeyer	pedronis: Ok, thanks.. I missed that part..	14:15
niemeyer	pedronis: I was basing my assumption on the documentatino provided in gai.conf itself	14:15
niemeyer	and in my own experience doing the simple addition, which does work	14:15
niemeyer	Perhaps for non-obvious reasons	14:15
pedronis	it's all a bit unclear	14:15
pedronis	it's a bit bad that there's no command to print the actual table	14:16
pedronis	that will be used	14:16
pedronis	afaict	14:16
pedronis	but the full table should be good because is also what's listed in the RFC	14:16
pedronis	to achieve this	14:16
niemeyer	pedronis: It's probably safer as well considering we're dealing with mulitple images	14:16
pedronis	yes	14:16
niemeyer	(which might have different values)	14:16
niemeyer	pedronis: Anyway, thanks, learned something	14:17
pedronis	yes, it would best if you could do punctual changes, but the explanation for the docs sounds like is not possible, is either or the defaults or start from scratch	14:19
pedronis	s/or the/the/	14:19
mup	PR snapd#3418 closed: tests: prefer ipv4 over ipv6 <Created by fgimenez> <Merged by niemeyer> <https://github.com/snapcore/snapd/pull/3418>	14:24
mvo	pedronis: if someone can ack 3426 we can merge that one too	14:27
mup	PR snapcraft#1329 closed: tour: use https for source urls <Created by tim-sueberkrueb> <Merged by sergiusens> <https://github.com/snapcore/snapcraft/pull/1329>	14:29
mup	PR snapcraft#1350 opened: Rust rust: Add support for cross-compilation <Created by kalikiana> <https://github.com/snapcore/snapcraft/pull/1350>	14:29
mup	PR snapd#3426 closed: release: 2.26.4 <Created by mvo5> <Merged by niemeyer> <https://github.com/snapcore/snapd/pull/3426>	14:30
abeato	zyga, finally got a good test run for https://github.com/snapcore/snapd/pull/3353 , time for merging?	14:32
mup	PR snapd#3353: Add support for reboot parameter <Created by alfonsosanchezbeato> <https://github.com/snapcore/snapd/pull/3353>	14:32
fgimenez	pedronis: mvo niemeyer snapd#3408 is only missing one review (green with some autopkgfailures)	14:32
mup	PR snapd#3408: tests: add alsa interface spread test <Created by fgimenez> <https://github.com/snapcore/snapd/pull/3408>	14:32
niemeyer	Looking	14:33
fgimenez	and it would be great to have snapd#3348 landed too, so that we can put in place the spread-cron branches for executing it	14:34
mup	PR snapd#3348: tests: add core revert test <Created by fgimenez> <https://github.com/snapcore/snapd/pull/3348>	14:34
mup	PR snapcraft#1344 closed: git: don't use --remote for updating submodules <Created by Saviq> <Merged by sergiusens> <https://github.com/snapcore/snapcraft/pull/1344>	14:35
daker	hey popey, can i PM you (snap testing)?	14:35
popey	of course, anytime	14:36
morphis_	niemeyer: do you have time for another look at https://github.com/snapcore/snapd/pull/3365 ?	14:42
mup	PR snapd#3365: tests,packaging: add package build support for Fedora for our spread setup <Created by morphis> <https://github.com/snapcore/snapd/pull/3365>	14:42
niemeyer	morphis_: Yep	14:42
morphis_	niemeyer: awesome! I have a few more you had comments on but lets start with that one	14:43
mup	PR snapd#3408 closed: tests: add alsa interface spread test <Created by fgimenez> <Merged by niemeyer> <https://github.com/snapcore/snapd/pull/3408>	14:43
aisrael	I could use a sanity check. I'm trying to get an Adafruit PiTFT touchscreen working with Ubuntu Core. It looks like I need to build a kernel snap to pull in Adafruit's PiTFT kernel. Does that sound right, or am I overlooking another solution?	14:51
mup	PR snapcraft#1351 opened: cli: remove double congrats messaging <Created by sergiusens> <https://github.com/snapcore/snapcraft/pull/1351>	14:53
niemeyer	morphis_: Are there tests enabled?	14:53
niemeyer	morphis_: For fedora?	14:53
morphis_	niemeyer: a single one	14:53
morphis_	tests/main/help	14:53
morphis_	enabling a lot more is another PR	14:53
morphis_	https://github.com/snapcore/snapd/pull/3411	14:54
mup	PR snapd#3411: tests/main: enable a first set of test cases for Fedora and openSUSE <Created by morphis> <https://github.com/snapcore/snapd/pull/3411>	14:54
niemeyer	morphis_: I'd prefer to invert the logic then: whitelist the one test	14:54
niemeyer	morphis_: Instead of blacklisting every single one	14:54
morphis_	niemeyer: how? when I tried to blacklist the suite none of the suite tests were considered no matter if whitelisted or not	14:54
niemeyer	morphis_: That'd be a bug in spread.. let me try to reproduce	14:55
fgimenez	pstolowski: fwiw the debs built from your branch (including the compatibility changes) work great on classic xenial (with a previous core from stable) http://paste.ubuntu.com/24749105/	14:57
morphis_	niemeyer: https://github.com/snapcore/snapd/pull/3365/files#r119012848	14:57
mup	PR snapd#3365: tests,packaging: add package build support for Fedora for our spread setup <Created by morphis> <https://github.com/snapcore/snapd/pull/3365>	14:57
pstolowski	fgimenez, great! thanks for checking that	14:57
morphis_	niemeyer: that is what I get with the suite blacklisted and a single test below whitelisted	14:58
pstolowski	fgimenez, btw, i've reproduced the failure with your diff and investigating it	14:58
fgimenez	pstolowski: without the compatibility changes i get this error http://paste.ubuntu.com/24749114/ (even when it seems to not being reexec-ing, snap version seems to report the outer)	14:58
fgimenez	pstolowski: great thanks!	14:58
niemeyer	morphis_: Worked fine here	15:01
morphis_	niemeyer: hm, you have a newer spread version?	15:01
morphis_	hm, spread -v does not exist	15:01
mvo	Chipaca: can you walk me through the process of contributing to go? https://github.com/golang/go/issues/20556 is what I need	15:01
morphis_	niemeyer: 2017.01.30 is what I used	15:02
niemeyer	https://www.irccloud.com/pastebin/dPGI43zd/	15:02
morphis_	hm	15:03
niemeyer	morphis_: That sounds super old	15:03
niemeyer	morphis_: Most likely the issue	15:03
morphis_	niemeyer: that is what is in the store .. :-)	15:03
niemeyer	morphis_: Let me update that then	15:04
niemeyer	Interesting that my snapcraft.yaml says 2017.04.25, which is up-to-date.. I probably screwed up by not uploading	15:04
morphis_	niemeyer: time to use build.snapcraft.io :-)	15:05
niemeyer	Yes!	15:05
morphis_	then we have at least an up to date version in edge	15:05
morphis_	niemeyer: btw. what about moving the spread snap to be a classic snap?	15:05
morphis_	that way we could easily use it together with kvm	15:05
morphis_	form the host	15:05
niemeyer	morphis_: Might be a good idea	15:06
morphis_	great	15:06
niemeyer	morphis_: Ok, rev 28 is up	15:06
niemeyer	morphis_: Please give it a shot and let me know	15:06
morphis_	niemeyer: will do	15:06
morphis_	niemeyer: ok, then you vote for changing that, fine for me	15:06
morphis_	niemeyer: any other comments?	15:06
niemeyer	morphis_: Yeah, it makes more sense for that status of the PR	15:07
niemeyer	morphis_: Otherwise you'll immediately break every other spread PR that is up for review, for example	15:07
pedronis	mvo: interesting x/net, might take a while	15:07
pstolowski	fgimenez, right. this is because without these compatibility fixes we don't have env variable set. i may need to think if this shouldn't lead to some ohter error	15:07
niemeyer	morphis_: No, I think we're aligned about the rest	15:07
morphis_	good, so can you approve based on that or do you want to review again on Monday?	15:08
mvo	pedronis: yeah, need to sign the CLA there I guess, anyways, it took me a little bit to figure this one out, I though I just did the byte packing wrong myself	15:10
fgimenez	mvo: i just got this error on pi2 http://paste.ubuntu.com/24749264/ (test scenario beginning with stable, refreshing to beta and excuting the suite) if you could take a look that would be great	15:18
mup	PR snapd#3431 opened: interfaces: simplify snap-confine by just loading pre-generated bpf code <Created by mvo5> <https://github.com/snapcore/snapd/pull/3431>	15:18
mvo	fgimenez: woah	15:18
mvo	fgimenez: are you in the machine? if so, what does "ls -l /snap/core/current/usr/lib/snapd/snap-confine" show? maybe there is a refresh going on at the same time and current is not valid? that is a bit of a strange one	15:19
fgimenez	mvo: the execution hasn't finished yet, let me check on another session	15:20
mvo	fgimenez: thank you, strange that /snap/core/current/usr/lib/snapd/snap-confine is not there. the logs do not indicate a refresh so that is porbably not it	15:20
fgimenez	mvo: http://paste.ubuntu.com/24749363/	15:25
mvo	fgimenez: do you see an apparmor denial in syslog?	15:26
mvo	fgimenez: what happens if you run on this shell su test -c 'sh -c "SNAP_NAME=test-snapd-tools /snap/core/current/usr/lib/snapd/snap-confine snap.test-snapd-tools.cmd /bin/true " ?	15:26
fgimenez	mvo: seems to be empty now, the suite is still running...	15:27
mvo	fgimenez: with correct quoting	15:27
mvo	(sorry for that paste error)	15:27
fgimenez	mvo: yep, i've tried, complains about elevated permissions, let me paste the output	15:28
mvo	fgimenez: ok, strange, could you re-run this test once the suite finished?	15:28
fgimenez	mvo: http://paste.ubuntu.com/24749391/ sure, will let you know how it goes, thx!	15:29
mvo	fgimenez: this looks ok, odd	15:30
mvo	jdstrand: I get a build failure of snap-confine on arm on artful, https://launchpadlibrarian.net/322177974/buildlog_ubuntu-artful-armhf.snapd_2.26.4+17.10_BUILDING.txt.gz - it looks like /lib/arm-linux-gnueabihf/libapparmor.a have changed and no longer allow static linking. do you happen to know anything about this?	15:50
jdstrand	mvo: I do not. I saw the forum post. tyhicks or sbeattie might have an idea	16:06
jdstrand	tyhicks, sbeattie: https://forum.snapcraft.io/t/build-failure-for-2-26-4-on-artful-on-arm-arm64/866	16:07
jdstrand	otoh idk if new defaults are being used in artful that would trigger that	16:08
pstolowski	fgimenez, that error you found is curious, still haven't found what's causing it	16:08
jdstrand	tyhicks: if you need me to dig into that instead of you or Steve, let me know and I can take a look after appt/lunch	16:08
tyhicks	sbeattie: your wiki page (https://wiki.ubuntu.com/SecurityTeam/PIE) suggests to me that apparmor simply needs a no-change rebuild now that PIE is enabled by default on armhf/arm64 - does that sound right to you?	16:11
tyhicks	(specifically, the "Relocation Linking Failure" section)	16:11
fgimenez	thank you pstolowski, don't spend too much time on it, maybe somehting is wrong with the tests, i'll take a look on monday	16:16
pstolowski	fgimenez, no no, thank YOU! I want to understand why this is happening. maybe it's a sign of a bug. all binaries the same, should work	16:16
tyhicks	sbeattie: I followed up in the forum - please post there if you have any corrections to make to my advice	16:16
fgimenez	pstolowski: yep, it's super weird	16:17
zyga	jdstrand: I commented on https://github.com/snapcore/snapd/pull/3428 and fixed it on Debian (secure path doesn't have /snap/bin, bummer)	16:24
mup	PR snapd#3428: tests: add snap-confine privilege test <Created by zyga> <https://github.com/snapcore/snapd/pull/3428>	16:24
mvo	tyhicks: thanks a bunch, if a rebuild would be enough, that sounds great. if sbeattie is of the same opinion I can do a no-change build1 upload if wanted (or let you guys handle it, either way works for me :)	16:31
tyhicks	mvo: feel free to do a quick no-change yourself once sbeattie chimes in	16:32
* Chipaca out		17:20
Chipaca	o/ EOW \o/	17:21
om26er	Hi! Is there a way for my code to check if its running inside a snap ?	18:53
nacc	om26er: i'm not sure. Why do you want that? Sort of defeats the purpose/goal it seems :)	18:54
om26er	nacc, our code reads /var/lib/dbus/machine-id on a normal linux system but inside a snap that path is not available, we have a fallback mechanism, but I want to do something better than just a try/except	18:55
mup	PR snapd#3432 opened: tests: clean journalctl logs on trusty <Created by sergiocazzolato> <https://github.com/snapcore/snapd/pull/3432>	18:56
nacc	om26er: try/except seems totally reasonable (to handle an assumed path not existing). or do you mean the try/except is too broad and reflects only that path not existing, not whether you are in a snap or not?	18:57
om26er	nacc, right, the former	18:58
nacc	om26er: i don't know, sorry -- i'm not sure there is a way to detect 'in a snap' explicitly	19:01
ogra_	om26er, chek your env ;)	19:02
ogra_	*check	19:02
ogra_	there is tons of things	19:02
nacc	ogra_: that does make sense, even for things like SNAP_	19:03
ogra_	yep	19:03
nacc	ogra_: but is there a 'canonical' (little c) way?	19:03
nacc	ogra_: checking the env seems ... iffy, only because the env can be manipulated (it's more of a hint than an assertion to me)	19:04
ogra_	true ...	19:04
ogra_	dunno if there is a more canonical way	19:04
nacc	i guess om26er could do ... try / except, in the except check if SNAP_ is defined and then assuem it's a snap	19:04
om26er	ogra_, its a production software so which the most reliable (not likely to change) env var, if you were to suggest ?	19:04
ogra_	i'd just check if $SNAP is set	19:05
ogra_	you can easily take a look by "snap install hello-world; hello-world\|grep SNAP"	19:05
ogra_	err	19:05
ogra_	"snap install hello-world; hello-world.env\|grep SNAP"	19:06
* nacc wonders if one days we'll have a snap-ok command like kvm-ok to tell us we are in a snap		19:06
nacc	or there was another one that told you you were in a VM	19:06
ogra_	in-container ?	19:06
ogra_	or some such	19:06
om26er	on a different note, is there a way to read /var/lib/dbus/machine-id inside a confined snap ?	19:06
nacc	ogra_: yeah that sounds familiar	19:06
nacc	om26er: are you able to if you connect to the dbus interface?	19:07
om26er	nacc, do you mean "you are able to if you connect dbus interface" ?	19:07
nacc	om26er: i meant, (sorry for the bad typing) -- if you connect to the dbus interface, are you able to read /var/lib/dbus/machine-id ?	19:08
nacc	om26er: it was a question, honestly -- i don't know (and can't tell immediately from reading the snapcraft docs)	19:08
om26er	of the top of my head, I think that path should not be available to a confined snap, but maybe ogra_ can confirm.	19:09
nacc	om26er: right it won't be, i agree -- but if you connect to an interface that allows it, maybe it would be	19:09
om26er	*even with dbus interface connected. But that's just my limited understanding of Ubuntu Core.	19:09
nacc	om26er: but i dont' know what the dbus interface exposes exactly :)	19:10
ogra_	https://github.com/snapcore/snapd/blob/master/interfaces/builtin/dbus.go doesnt give any file access it seems ... only actual bus access ...	19:10
nacc	om26er: do you use this file to generate a unique key or something?	19:10
nacc	ogra_: oh i see, it's for registering to be on/listen on dbus	19:10
ogra_	yep	19:11
om26er	nacc, that file is automatically generated with a unique ID, when the system starts for the first time, doesn't change during the lifetime of an install as I understand.	19:11
ogra_	and no, a snap can not see /var/lib/dbus/machine-id	19:11
nacc	om26er: right -- that still doesn't tell me why you need it? :)	19:11
om26er	nacc, reason: http://0pointer.de/blog/projects/ids.html	19:11
nacc	om26er: fwiw, on ubuntu that file is just a symlink to /etc/machine-id :)	19:12
ogra_	also note that the /var/lib/dbus/machine-id gets explicitly removed from the core snap at build	19:13
ogra_	ogra@styx:~$ LC_ALL=C ls -l /snap/core/current/var/lib/dbus/	19:13
ogra_	total 0	19:13
nacc	ogra_: ah interesting	19:13
nacc	ogra_: why is that? (if you know)	19:13
ogra_	(else all core snaps would have the same ID)	19:13
nacc	ogra_: ah right	19:14
nacc	ogra_: probably similar to containers issue	19:14
om26er	apparently /etc/machine-id comes from systemd, so maybe I could somehow ask it.	19:14
ogra_	if the core snap is not used as rootfs, the file wont be there .... on an ubuntu core image it gets created on first dbus startup	19:14
om26er	in a python/dbus way	19:14
om26er	hmmm..	19:15
nacc	ogra_: that makes sense	19:15
ogra_	yeah, you can probably use the dbus to actually query for it	19:15
nacc	yeah, i wonder if you can use the API (or do what the API does) to query dbus	19:16
ogra_	if your snap is actually confined that would in any case be the better way ... the snap is executed on top of the core snap ... but the dbus you connect to is the actual hosts dbus ... and that has a mschine ID	19:17
ogra_	(while the file would never be visible even if you run unconfined)	19:17
nacc	ogra_: yep, that's the right abstraction to operate at, it seems	19:18
nacc	om26er: with, based upon that post, maybe a fallback to the filesystem if that dbus query fails (for some reason)	19:18
om26er	ogra_, making it a strict snap is the aim.	19:19
ogra_	i was assuming so :)	19:19
Flagada	Hello I'm Trying to install Ubuntu Core 16 with KVM. I got a "Creating user failed" when I enter my SSO email adress	19:22
om26er	ogra_, is the behaviour going to be the same on Ubuntu Core and classic ubuntu install with snapd ?	19:22
Flagada	Someone can help me with that?	19:22
om26er	nacc, I guess that's what I'd have to go for.	19:23
ogra_	om26er, yep	19:23
cachio	niemeyer, 2017-06-02 19:29:33 Error preparing linode:ubuntu-core-16-64:tests/main/ : kill-timeout reached, cannot reconnect to linode:ubuntu-core-16-64 (Spread-09) after reboot: dial tcp 50.116.46.101:22: i/o timeout	19:37
cachio	niemeyer, it just happened	19:37
cachio	the machine is lost	19:38
cachio	no ping no ssh	19:38
cachio	niemeyer, seem to be a problem of linode	19:38
cachio	niemeyer, perhaps spread could allocate another machine when that happens or move the current task to another one	19:45
=== nacc_ is now known as ancc
=== ancc is now known as nacc
mup	PR snapcraft#1338 closed: go plugin: Add support for cross-compilation <enhancement> <Created by kalikiana> <Merged by sergiusens> <https://github.com/snapcore/snapcraft/pull/1338>	20:14
pmatulis	how does one specify what "track" to install?	20:47
om26er	assuming track == channel, use --track_name e.g. snap install hello-world --edge. If otherwise, please ignore my comment.	20:49
om26er	pmatulis, ^	20:49
nacc	pmatulis: track/channel, iirc	20:50
nacc	https://snapcraft.io/docs/reference/channels	20:50
nacc	pmatulis: down in the "installing a snap" section, first example	20:50
nacc	om26er: tracks are new	20:51
om26er	nacc, thanks, reading into it now.	20:52
nacc	om26er: np, niemeyer's forum post (looking for it now to share) is pretty helpful too	20:53
nacc	GitUbuntuRepository: optimize treeishs_identical	20:53
nacc		20:53
nacc	If we can peel() to treeishs, we can just compare the hashes.	20:53
nacc	bah	20:53
nacc	https://forum.snapcraft.io/t/channel-terminology-and-policy/551	20:53
pmatulis	i thought channels and tracks were distinct	20:54
pmatulis	where a channel was akin to a series (2.0, 2.1) and a track was the level of development (experimental, devel, stable)	20:55
nacc	pmatulis: they are distinct	20:56
nacc	track/risk/branch is what niemeyer's post says	20:56
pmatulis	i still don't know how to specify the channel	21:04
pmatulis	:(	21:04
nacc	pmatulis: i told you above? (and it was in the link)	21:04
pmatulis	not really	21:05
nacc	snap install <snap> --channel=<track/channel>	21:05
pmatulis	where is that in the page you linked to?	21:05
nacc	pmatulis: as i said, "down in the "installing a snap" section, first example"	21:06
nacc	pmatulis: on https://snapcraft.io/docs/reference/chan	21:06
nacc	pmatulis: on https://snapcraft.io/docs/reference/channels, rather	21:06
pmatulis	ohh	21:06
pmatulis	i was looking at the other one	21:06
pmatulis	forum whatever	21:06
nacc	pmatulis: ah sorry, two different links	21:07
pmatulis	it's odd. i think it depends how some snaps are actually made	21:10
pmatulis	for instance, this doesn't work:	21:10
pmatulis	sudo snap install maas --channel=latest/stable	21:11
pmatulis	even though:	21:11
pmatulis	snap info maas \| grep latest/stable	21:11
pmatulis	latest/stable: 2.2.0+bzr6057-snap (91) 98MB -	21:11
nacc	pmatulis: interesting, '--channel=stable' does work though	21:12
pmatulis	yeah	21:12
nacc	pmatulis: i wonder if the snap we are running isn't aware of tracks?	21:12
pmatulis	that's the thing. it depends on how it's made	21:13
pmatulis	which isn't great at all	21:13
nacc	pmatulis: i think it (obviously) depends on `snap` support	21:15
nacc	pmatulis: is that what you mean by 'it'?	21:15
nacc	pmatulis: oddly, the changelog for snapd in 17.04 (what i'm on) only mentions:	21:17
nacc	- many: show available "tracks" in `snap info`	21:17
nacc	pmatulis: i also wonder, if (big if) that if there's only one track -- that it doesn't work	21:18
nacc	pmatulis: to specify a track, i mean	21:18
pmatulis	right, no idea	21:19
nacc	pmatulis: i'd file a bug or forum post	21:19
pmatulis	i would also like to know how to query for extra options. the maas snap, for instance, accepts '--devmode'. is that standard?	21:20
pmatulis	this snap will not install without it	21:20
nacc	pmatulis: well the snap doesn't accept that, `snap` does	21:20
nacc	pmatulis: right, the default is `snap install` tries to install a confined snap	21:20
nacc	pmatulis: with the name provided	21:20
nacc	pmatulis: in the `snap info` output for maas, you can see that one mentions devmode	21:20
nacc	pmatulis: that means it's a devmode snap (not confined)	21:21
pmatulis	oh it mentions it?	21:21
nacc	http://paste.ubuntu.com/24752362/ is what i get from `snap info maas`	21:21
nacc	pmatulis: stable is not a devmode snap, but edge is	21:22
pmatulis	no, i installed stable with devmode	21:22
nacc	pmatulis: given the security implications (and trust implications) of not using confined snaps, you have to tell `snap` to install it in anything other confined mode (e.g., --classic, --devmode).	21:23
nacc	pmatulis: hrm, let me let it complete here	21:23
nacc	pmatulis: did you get this: http://paste.ubuntu.com/24752396/ ?	21:26
pmatulis	nacc, yes, you need --devmode	22:19
nacc	pmatulis: right, i think it's a bug in the snap	22:21
nacc	pmatulis: they aren't declaring you need devmode for the stable snap	22:21
nacc	pmatulis: you might file a bug with maas	22:21
pmatulis	nacc, ah ok	22:23
nacc	pmatulis: i think they 'fixed' this in edge (hence it asks for devmoe) and maybe just haven't updated stable yet -- i've asked them	22:25
nacc	pmatulis: but EOD on a friday, so probably won't hear back :)	22:25
pmatulis	nacc, you've asked them where?	22:25
nacc	pmatulis: internal IRC :)	22:26
nacc	pmatulis: you might ask in #maas, though, i guess	22:26
pmatulis	nacc, right, but i'm in the maas channels. there must be one i'm not aware of	22:27
=== ejat is now known as fenris
=== fenris is now known as ejat
=== Saviq_ is now known as Saviq
nacc	pmatulis: apparently, this was done so that the snap could be published in stable at all (which doesn't allow devmode)	22:44
nacc	pmatulis: but it still needs devmode ...	22:44
nacc	pmatulis: not a great UX :)	22:45
=== stgraber_ is now known as stgraber
pmatulis	yeah	22:49
Chipaca	niemeyer: (and for zyga, but he's not here): from HN: https://www.weave.works/blog/linux-namespaces-and-go-don-t-mix	23:47
niemeyer	Chipaca: Oh, handy	23:47
Pharaoh_Atem	I'm really not surprised by that	23:48
niemeyer	Chipaca: Ah, uh	23:48
niemeyer	Chipaca: That sounds like the basic issue we're aware off	23:48
Chipaca	Pharaoh_Atem: heh	23:48
niemeyer	Chipaca: That's why we have the C hackery in e.g. snap-update-ns	23:48
Pharaoh_Atem	wait, what	23:49
niemeyer	Chipaca: Trick is to basically switch namespaces before Go has a chance to screw up	23:49
Chipaca	yeap	23:49
Pharaoh_Atem	grossness	23:49
* Pharaoh_Atem smacks himself		23:49
Pharaoh_Atem	of course I remember when that happened	23:49
Chipaca	same for a bunch of things like setuid, drop privs, etc	23:49
Pharaoh_Atem	it was switched from C to Go with Cgoop	23:49
niemeyer	Chipaca: Note that this is not true of all namespaces	23:49
Pharaoh_Atem	stuff like this makes me wonder if Go is really a good idea for a lot of this stuff...	23:50
niemeyer	Which I think the article fails to point out	23:50
niemeyer	Pharaoh_Atem: There's basically a cost benefit to be measured for sure	23:50
niemeyer	Pharaoh_Atem: The amount of C in snap-update-ns is minimal, so worth it	23:51
Chipaca	HN discussion is here: https://news.ycombinator.com/item?id=14470231 fwiw	23:51
Chipaca	anyway, thought you'd enjoy / find it interesting	23:53
niemeyer	"Personally I really wish people had just gone with Rust earlier on rather than implementing everything in Go. I've had nothing but pain from Go."	23:54
niemeyer	Personally, I wish people wouldn't be so superficial and one-sided.. :P	23:54
niemeyer	Chipaca: The hnews discussion is much more interesting than the article itself	23:55
niemeyer	Still, even there, there's a lot of "editor wars" conversation	23:55
Chipaca	rah rah c++ rah rah nim	23:55
niemeyer	People get too passionate about the tools..	23:55
Pharaoh_Atem	I like C++	23:56
Pharaoh_Atem	at least modern C++ (C++11)	23:56
niemeyer	Hah, they even managed to bring up Go generics into the conversation.. :)	23:56
Chipaca	Pharaoh_Atem: the big c++ abi brouhaha a couple of years back makes me uneasy about supporting it for things meant to live a long time	23:57
niemeyer	Me, I would definitely not choose Go for this stuff, but the point is that the whole project is in Go, which means all of our libraries are in Go, and our testing infra, and etc etc	23:57
Pharaoh_Atem	Chipaca: I think it practice, it doesn't matter	23:58
niemeyer	The cost of picking something else needs to account for that	23:58
niemeyer	I wouldn't pick Rust either, though, most probably at least	23:58
Pharaoh_Atem	Rust is a bit on the young side right now	23:58
niemeyer	I think Rust is going the C++ route a bit too early	23:58
Pharaoh_Atem	how so?	23:58
Chipaca	Pharaoh_Atem: I agree it doesn't matter; in 40 years time all this will be dust	23:59
Pharaoh_Atem	Chipaca: well, I mean that usually ABI changes are system wide, and c++stdlib supports both anyway	23:59

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!