=== JanC_ is now known as JanC [03:27] Hiya === chihchun_afk is now known as chihchun [08:53] <__chip__> my main machine is doing the cute "don't POST, blink some leds" routine, so I'll probably spend some time with a screwdriver and a cursebook [08:53] re [08:53] <__chip__> zyga: o/ [08:53] __chip__: hey :) [08:53] <__chip__> zyga: how's poland? [08:54] __chip__: just as we left it, I think [08:54] not much has changed [08:55] (including the reasons for not being here in the first place) [08:55] in other news, we're looking to move out ASAP [08:55] but unable to for some time [08:55] how's UK? [08:55] still U? [08:55] <__chip__> zyga: out of the place, or the country? [08:55] the place [08:55] <__chip__> ah, phew [08:55] being in the country for now will help [08:56] <__chip__> UK still divided, still better than ar :-) [08:56] "universally divided, we stand united" or something [08:56] <__chip__> sounds about right [08:57] <__chip__> anyway, i need to go find a screwdriver [08:57] how are things, I'm sorry I was off all morning but I was stuck in "register your company" webbrowser windows hell [08:58] <__chip__> zyga: <__chip__> my main machine is doing the cute "don't POST, blink some leds" routine, so I'll probably spend some time with a screwdriver and a cursebook [08:59] wow, i hadnt one doing that in a decade i think [09:00] __chip__: ouch, I hope it's nothing serious [09:00] __chip__: in case you need a spare machine, I have some still boxed, just come to warsaw and collect it [09:00] __chip__: PC speaker helps [09:00] but if it doesn't post and you didn't pour coffee on it, it's the RAM [09:01] hey ogra_ for a moment I was wondering if you were referring to setting up a company or having a machine not post [09:01] must be morning [09:01] mvo: how's everything? [09:01] lol [09:02] zyga: good morning, looking at the tsync issue on trusty currently, mostly understood I think [09:03] zyga: there is the open question what to do about it, I will write a forum post about it I think, we have some options, not exactly sure which is the best one just now [09:05] <__chip__> zyga: numlock and scroll lock on, caps lock blinking, led machine --> RAM issue [09:06] <__chip__> zyga: https://www.parts-people.com/blog/2014/07/02/dell-latitude-e6400-led-post-codes-diagnostic-indicators/ [09:06] <__chip__> s/led machine/dell machine/ :-) [09:08] __chip__: did anything happen to your machine or power grid since it last worked? [09:08] your obsolescence-counter is full :) [09:08] mvo: this is about the "re-execed" version of the tool being unsuitable for older systems? [09:09] zyga: correct, its a combination of issues. [09:10] zyga: the best option is probably to statically link snap-seccomp on the core snap - the downside is that the debian/rules modification is ugly [09:10] mvo: is that a per "go build" option? [09:11] mvo: one idea we might try is to run ld-so on snap-seccomp [09:11] mvo: not sure if you think this is sensible [09:12] zyga: I tried that and things segfaulted [09:13] oh, that's interesting (and unfortunate) [09:13] how did you run it? [09:13] zyga: I did not investigate the segfault further tough [09:13] (I was hoping to use this approach for other things0 [09:13] zyga: I can look again [09:13] not urgent, just curious [09:22] zyga: I don't get anything useful from gdb, i use the same commandline as CommandFromCore() is using [09:22] I see [09:23] zyga: funny enough, even LD_LIBARARY_PATH=... ldd ./usr/lib/snapd/snap-seccomp core dumps [09:25] zyga: ok, anything does, hm, hn [09:26] huzzah! [09:27] zyga: aha, getting closer, broken symlinks [09:29] lip 10 11:28:47 fyke kernel: audit: type=1400 audit(1499678927.313:439): apparmor="DENIED" operation="capable" profile="/snap/core/2329/usr/lib/snapd/snap-confine" pid=19314 comm="snap-confine" capability=4 capname="fsetid" [09:31] mvo: curious if this is not one of our chown's [09:34] zyga: could be, where do you see this? [09:45] Chipaca, #3569 updated [09:46] pstolowski: looking [09:48] hmm, something is still not happy with this box [09:54] psftw: thank you! [09:54] uh [09:54] pstolowski: ^ [09:54] Chipaca, ty! [09:55] zyga: CommandInCore now also works, things look good, need to clean that up a bit more though [09:55] zyga: but at least things move forward [09:56] mvo: just running hello-world.evil [09:56] mvo: I installed aa-notify [09:57] wellp, and now a kernel BUG thing [09:58] sounds like i need to re-reseat the memory and run memtest for a while [10:17] * Chipaca declares victory over the ram monster, in order to tempt it early [10:59] PR snapd#3576 opened: tests: snap debug confinement does not exists yet in 2.26.x [11:04] zyga: I created the forum topic now about the snap-seccomp, I wonder what the best way forward is, it could be either static linking or using osutil.CommandFromCore() - I lean towards the later [11:11] mvo: let me read and comment [11:11] * zyga experiments with apparmor tracing on 2nd computer [11:13] * Son_Goku grumbles about fontconfig [11:14] libfontconfig isn't thread-safe, woo :( [11:18] Son_Goku: party yeah party woo [11:18] this happened, which is why I'm grumbling about libfontconfig: https://github.com/hughsie/appstream-glib/issues/177 [11:19] Son_Goku: (that's a reference to https://www.youtube.com/watch?v=4niz8TfY794&feature=youtu.be&t=212 fwiw -- sorry if it was obscure :-) ) [11:20] anyway, machine seems moderately happy, i'm off for a run and lunch will bbl [11:31] Good mornings [11:37] niemeyer: morning [12:38] jdstrand: hey jdstrand, good morning! I looked into the tsync issue with snap-seccomp on trusty this morning and wrote whats going on in https://forum.snapcraft.io/t/2-26-8-libseccomp-on-trusty/ - let me know what solution you prefer [12:48] mvo: good morning, lookingn [12:48] looking* === Son_Goku is now known as Conan_Kudo === Conan_Kudo is now known as Son_Goku [12:54] jdstrand: hey, after you are done with that, can you please have a look at https://forum.snapcraft.io/t/apparmor-profile-caching/1268 and https://forum.snapcraft.io/t/using-snap-update-ns-from-snap-confine-to-initialize-mount-namespaces/1266/1 please === Son_Goku is now known as Conan_Kudo === Conan_Kudo is now known as Son_Goku [13:02] mvo: done [13:02] Sorry, running late for the standup.. will be there in a second [13:06] zyga: looking [13:10] PR snapcraft#1400 opened: lxd: Distingish FileNotFoundError if not installed [13:13] jdstrand: thank you :) [13:37] mvo, zyga, about the snap-seccomp error? any idea why the lib is not there? is it related to the other issue? [13:40] cachio: could you please pastebin the exact error again? I suspect it is just a spec file update, i.e. I think the binary is not copied into the right place for some reason. is this happening with master? [13:41] mvo, it is happening with the fedora branch [13:42] mvo, https://paste.ubuntu.com/25061349/ [13:43] I'll rebase again to discard any other problem [13:43] cachio: could you please also show e the link for the fedora branch? [13:43] mvo, https://github.com/snapcore/snapd/pull/3505 [13:43] PR snapd#3505: PLEASE IGNORE: Enable more tests for suse and fedora [13:44] cachio, mvo: I'll resolve 3505 [13:44] zyga: ta [13:51] mvo: was your "thank you" on sil's snapd#3574 a +1? [13:51] PR snapd#3574: snap find only searches stable [14:10] PR snapd#3531 closed: interfaces: updates default, mir, optical-observe, system-observe, screen-inhibit-control and unity7 [14:11] PR snapd#3574 closed: cmd/snap: snap find only searches stable [14:15] cjwatson, hey! do you want to make the simple change to #3501 suggested by Samuele, so we can land it? [14:17] sure, give me a minute to run tests and such [14:24] woo, mwhudson got the golang fix backported and sitting in xenial-proposed :-D [14:27] pstolowski: done [14:29] PR snapd#3409 closed: tests: fix snap confine from core test to check the restart was done [14:29] cjwatson, thanks [15:01] snapd#3478 is a nice easy review, if anybody's looking for something to do [15:01] PR snapd#3478: tests: extend upower-observe test to cover snaps providing slots [15:02] (it's already got one +1) [15:08] ogra_: i'm using this ubuntu core pi3 img: http://releases.ubuntu.com/ubuntu-core/16/ubuntu-core-16-pi3.img.xz [15:08] ogra_: but i can't get any overlay to load, how is that? [15:08] snapd#3481 is a slightly more involved PR, but still straightforward, needing a second review [15:08] PR snapd#3481: tests: add avahi-observe interface test [15:09] ppisati, you need to unpack the overlays.tgz [15:09] iirc in stable we still had that only as tarball [15:11] ppisati, this got fixed shortly after the first stable release, but since we cant update gadget content yet tsble still has the initial setup with the tgz [15:11] s/tsble/stable/ [15:11] ogra_: i unpacked that in /boot/uboot where the rest of the boot fw resides, modified config.txt accordinlgy but nothing is loaded [15:12] it needs to be in an "overlays" subdir [15:12] ogra_: if i build a beta image, would it work? or is there a pre-baked image that i can use? [15:12] the blob has the path hardcoded [15:12] ogra_: yes, it's in /boot/uboot/overlays/* [15:12] ppisati, http://people.canonical.com/~ogra/snappy/all-snaps/daily/current/ [15:12] * ppisati tries the current [15:13] that loads the vc4 overlay by default [15:13] ogra_: ok [15:13] so i'm 100% prositive that overlays work [15:13] ogra_: ooook [15:35] PR snapd#3501 closed: store: orders API now checks if customer is ready [15:40] PR snapd#3481 closed: tests: add avahi-observe interface test [15:41] PR snapd#3399 closed: many: add the interface command === chihchun is now known as chihchun_afk [16:12] PR snapd#3495 closed: tests: remove snapd before building from branch [16:20] PR snapcraft#1401 opened: Correct capitalisation for PyPI [16:51] hey! how do you delete a snap from the store? [16:55] niemeyer: I updated https://forum.snapcraft.io/t/2-26-8-libseccomp-on-trusty/1265 - if you have a moment, it would be great if you could have a look and comment. no rush, I have dinner now and call it a day soon [16:55] mvo: Will definitely do, thanks for that === alan_g is now known as alan_g|EOD [18:04] zyga, any idea why it could be failing? https://paste.ubuntu.com/25062665/ [18:04] zyga, it is happening on fedora [18:48] tyhicks: jdstrand hi there, mind directing me to the snappy security whitepaper? [18:50] hey sergiusens [18:51] jdstrand: I'm getting a 404 for the whitepaper (https://developer.ubuntu.com/snappy/guides/security-whitepaper) is this an updated copy? http://people.canonical.com/~davidcalle/core/Whitepaper:%20Ubuntu%20Core%2016%20-%20Security.pdf [18:52] * sergiusens waits for confirmation [18:58] Son_Goku, hey [18:58] cachio: hi? [18:58] z [18:58] cachio: looking [18:59] Son_Goku, I am now working on morphis stuff to make snapd tests work on fedora [18:59] cachio: who are you? [18:59] Son_Goku, I am sergio, we meet on london [18:59] cachio: no idea [18:59] ah [18:59] * zyga returns to fighting his network issues :/ [19:00] zyga, any idea bout the issue with snap-seccomp ? [19:00] did you take a look? [19:03] Son_Goku, I am trying to fix the tests for fedora and I see this issue trying to build the snapd binary [19:03] error: File not found: /usr/src/packages/BUILDROOT/snapd-1337.2.26.4-2.x86_64/usr/lib/snapd/snap-seccomp [19:03] Son_Goku, did you see that before? [19:03] morphis told you something about that one? [19:04] cachio: I guess the snapd rpm packaging isn't yet updating to include that binary [19:06] morphis, you mean the spec to build it is missing? [19:06] I guess so [19:06] snap-seccomp seems to be a really recent addition [19:07] morphis, ok, I'll try to add that [19:07] morphis, thanks [19:07] great [19:07] np [19:16] davidcalle: hey, it appears https://developer.ubuntu.com/snappy/guides/security-whitepaper is 404 [19:16] davidcalle: also, http://people.canonical.com/~davidcalle/core/Whitepaper:%20Ubuntu%20Core%2016%20-%20Security.pdf is out of date, should be rc9 [19:17] tyhicks, sergiusens: fyi ^ [19:18] jdstrand: thanks, do you have it on your p.c.c ? [19:18] sergiusens: I do not, davidcalle manages it, but I gave you the link to the source doc in privmsg [19:19] you could export to pdf from there [19:27] Is there a way to use the ubuntu core without snaps? I used to use the core on minimalist builds to have only what I need/want kind of like a archlinux/gentoo style build if you will [19:30] DeeJayh: others may say point you at something different, but Ubuntu Core must use snaps and isn't a building block for an apt-based system. you probably want to consider the netboot images: http://cdimage.ubuntu.com/netboot/ [19:31] DeeJayh: actually, I think http://cdimage.ubuntu.com/ubuntu-base/ is better for that [19:31] DeeJayh: see https://wiki.ubuntu.com/Base [19:32] you're a god [19:32] *bows* [19:32] Thanks jdstrand I had no idea this existed [19:32] it has gone through a few different names over the years [19:33] I was aware of netboot but it didn't fit my needs, that base build is exactly what I've been dreaming of lol [19:33] I used to compile core before it became snappy [19:33] cool, glad it fits your needs :) [19:33] right [19:33] that was one of the names. since ubuntu-core as a minimal os and Ubuntu Core were confusing, they renamed ubuntu-core ubuntu-base [19:37] sounds like a good call on their part lol [19:38] the only other question I have, because I am unfamiliar with the architectures, for ARM devices, is the arm64 64bit and armhf the 32bit? [19:44] nvm quick google search alleviated my curiousity lol thank you again [20:01] jdstrand: pdf should be up to date now, PR for redirects waiting to be merged and deployed, sorry for the delay [20:01] Will update the source comments once it's done [20:34] davidcalle: ok, thanks! (tyhicks, fyi ^) [20:35] thanks === grumble is now known as gurmble [21:26] Chipaca: you ok to do the verification on that?