[00:46] PR snapcraft#1891 closed: lifecycle: use in-snap mksquashfs if running from snap [01:50] jdstrand, I have requested manual review for the other architectures of snap test-snapd-gpio-memory-control [01:50] jdstrand, when you have a minute, could you please approve them [01:50] tx [02:18] cachio: done [02:47] jdstrand, tx [04:38] PR snapd#4563 opened: tests: new spread test for gpio-memory-control interface [06:01] morning [06:40] forum is down? [06:41] mvo: morning [06:48] mborzecki: good morning [06:48] mborzecki: yeah, looks down from here as well [06:53] * mvo still needs a review for 4342 [06:55] good morning [06:55] https://github.com/snapcore/snapd/pull/4560 is ready for 2nd review [06:55] PR #4560: cmd/snap-confine,data/systemd: fix removal of snaps inside LXD [06:55] and I'll work on breakfast for kids, see you soon [06:57] PR snapd#4560 closed: cmd/snap-confine,data/systemd: fix removal of snaps inside LXD [06:57] zyga-ubuntu: I already commented, one tiny nitpick about a comment but that should be a followup, no need to hold this PR back [06:57] zyga-ubuntu: I need a review for 4342, its blocking ~rc2 currently [07:00] I know, I will do your review after kids go to school [07:00] ta [07:02] zyga-ubuntu: morning [07:22] oka [07:22] daughter is all set and ready for school [07:23] mvo: thank you for the feedback, I'll update the PR and merge it [07:26] ah, it's merged now :) [07:26] k, looking at that zenity branch [07:27] mvo: btw, I'm very sorry for not looking at it yesterday, I saw your requests but I was busy with the feedback from gustavo [07:27] mvo: will you do a RC3 for 2.31? [07:27] PR snapd#4564 opened: data/systemd: tweak comment [07:27] mvo: I really want to land 4471 today [07:27] mvo: and make it into the release [07:27] otherwise we should probably back out the new content interface features [07:28] gustavo approved the design but requested tweaks on how that code operates to drop the helper function (tryIt etc) [07:28] zyga-ubuntu: if 4471 is ready today +1, if not I think we need a revert PR [07:28] zyga-ubuntu: how was the feedback yesterday? all looking good to fix it today? [07:29] mvo: yes [07:29] Is the forum down for anyone else? Nginx 502 bad gateway. [07:29] mvo: I need to inline that function back [07:29] mvo: nothing major [07:29] ok [07:29] bashfulrobot: it's down for me too [07:30] zyga-ubuntu thanks for the confirmation! [07:35] woah, the wind today is very strong [07:35] trees are swinging like grass! [07:52] jdstrand: are you in US or still sprinting somewhere? [07:56] good morning [07:56] I'm getting a 502 on forum.snapcraft.io [07:56] is it just me? [07:56] no, it's everyone [08:01] jdstrand: if you could moderate the updated base-18 in the store that would be great [08:08] mvo: what is %[1]q - is that golang syntax for fmt? [08:09] hey there spineau [08:10] morning zyga-ubuntu [08:11] mvo: nitpick 2018 in your new files [08:11] mornings [08:12] hey pawel [08:12] the forum is borked? [08:13] yes [08:13] mvo: so I get what \0 is but \00 ? is that the same thing or {'\0', '0'} in C syntax? [08:14] man, today is windy :/ [08:14] sliff [08:15] zyga-ubuntu: %[1]q is fmt syntax [08:15] zyga-ubuntu: \00 should be \0, let me check, maybe I made a silly mistake [08:16] mvo: at line ... 43 and 44 [08:17] mvo: so meta-comment, nothing -1, I want to play with it [08:17] but we need the desktop team to help and I don't know, roll this into gnome settings [08:17] or into other appropriate place [08:17] right now it feels like a hack that keeps us walking till we can run [08:18] mvo, hey, shall I squash #4440 for easy cherry-picking into 2.31? [08:18] PR #4440: state: unknown tasks handler [08:18] pstolowski: its fine as is, I looked over master this morning and all is fine for .31 [08:19] mvo, ok [08:19] zyga-ubuntu: aha, sorry. this should read \0\0 [08:19] zyga-ubuntu: i.e. a double \0 marks the end of a command [08:19] zyga-ubuntu: let me fix this [08:20] thank you! [08:20] * zyga-ubuntu reads rest [08:21] zyga-ubuntu: hmm looking at 4565 i was wondering why i'm ending up with snap.mount on arch [08:21] mvo, hi, it seems there was an issue uploading the base-18 build: https://code.launchpad.net/~mvo/+snap/base-18/+build/138724 [08:21] PR snapd#4440 closed: state: unknown tasks handler [08:22] zyga-ubuntu: turns out i'd really like to switch data to autotools [08:22] mborzecki: no objection, fire a PR and let's do it [08:36] mvo: and in strings, is \000 just {'\0'} or is it something else [08:36] e.g. here: +call = strings.TrimSuffix(call, "\000") [08:45] ackk: yeah, I ask jamie to moderate the upload, it is currently stuck in the review queue [08:46] zyga-ubuntu: this should be \0 as well, sorry for this [08:46] oh ok, thanks [08:50] mvo: did you run it in practice? [08:54] zyga-ubuntu: just running the tests [08:55] zyga-ubuntu: but the zenity tests use \n in their args [08:55] zyga-ubuntu: so it should work [08:55] mvo: how about setting this thing in practice, getting the prompt and all of that [08:55] * zyga-ubuntu is still reading the code [09:04] do we have to wait for niemeyer to get the forum back up? [09:07] sparkiegeek: I'm afraid so, we're not sure what caused it [09:10] zyga-ubuntu: I tested this with the brave browser [09:10] zyga-ubuntu: sorry for the delay in answering [09:10] zyga-ubuntu: if that is what you mean with "testing in practise" or do you mean something else? [09:15] no that's fine [09:15] did you test both kde and non-kde paths? [09:20] zyga-ubuntu: yeah, i tested once with kdialog and once with zenity [09:21] zyga-ubuntu: I think mborzecki has a point that ideally it would check the desktop env too, I can make a PR for that too [09:21] mvo: yeah, I responded to that part as well [09:21] * kalikiana coffee [09:22] mvo: reviwed [09:22] reviewed* [09:23] mvo: can you have a quick look at https://github.com/snapcore/snapd/pull/4564 please [09:23] PR #4564: data/systemd: tweak comment [09:23] let's either merge it or tell me to tweak the install code [09:25] PR snapd#4564 closed: data/systemd: tweak comment [09:25] zyga-ubuntu: I think its fine, we can always tweak further [09:25] thanks! [09:26] hi, is the forum down (502) ? [09:26] yes [09:26] I think we need a post mortem on the forum and some plan for gustavo being on holidays [09:26] *cough* IS *cough* [09:29] kalikiana: https://regexper.com/ [09:31] `/home/ubuntu/goroot/pkg/tool/linux_386/link: running gcc failed: exit status 1` uhh not my lucky day [09:32] mborzecki: it's your NaNth lucky day [09:33] oh hey, also gnome-shell crashed out of the blue [09:33] pff strace to the rescue: [pid 8615] write(2, "/usr/bin/ld", 11) = -1 ENOSPC (No space left on device) [09:34] uhh [09:34] careful with those torrents [09:34] qemu can eat a lot of space on -snapshot [09:35] zyga-ubuntu: it's xenial cloud image [09:35] * zyga-ubuntu takes a break to look through bugs befor jumping onto PR feedback [09:35] didn't know those are 2gb [09:35] hey Chipaca! [09:35] mborzecki: uh [09:35] Chipaca: morning [09:36] mborzecki: zyga-ubuntu: hiya [09:36] pstolowski: can you please look at https://bugs.launchpad.net/snapd/+bug/1611638 [09:36] Bug #1611638: snap upgrade hook [09:36] I think it's fixed so we can just update the bug but I wanted you to confimr [09:36] *confirm even [09:37] zyga-ubuntu, looking [09:38] zyga-ubuntu: Hmmm looks quite nice. Although it seems very "analyze afterwards". It's not live and there's no test string [09:38] mborzecki: I assigned a bug about testing on arch to you (since you're doing that anyway) [09:39] kalikiana: yeah, not perfect but it's nice to see those cute railroad diagrams [09:41] zyga-ubuntu: ack [09:43] zyga-ubuntu, commented on the bug, it's implemented, although now as I checked only on of those was released (post-refresh) and pre-refresh will come with 2.31 [09:44] pstolowski: perfect, thank you! [09:45] * Chipaca carries on refactoring unseen code [09:49] Chipaca: I do that a lot though sometimes I think I'm doing the coding version of modern art ;) [09:49] zyga-ubuntu: not art, but craft [09:50] zyga-ubuntu: the difference is mostly around how we get paid :-) [09:51] haha [09:51] art is when you don't get paid [09:52] I often write a piece of code and the refactor it, sometimes many many times, before sending out the first PR [09:54] pstolowski: another one for you https://bugs.launchpad.net/snapd/+bug/1664155 [09:54] Bug #1664155: Interface hooks slots should know the name of the client snap [09:54] mvo: trivial conflict on https://github.com/snapcore/snapd/pull/4443 [09:54] PR #4443: [RFC] snap: improve error for snaps not available in the given context [09:54] pedronis: you around? [09:55] PR snapd#4565 opened: httputil: include Go runtime version in user agent string [09:55] trivial PR ^^ [09:56] kalikiana: can you look at https://bugs.launchpad.net/snapd/+bug/1669291, perhaps a low hanging fruit [09:56] Bug #1669291: 'snap info' does not handle versions that end in 0 well [09:56] kalikiana: at least triage it please [09:56] zyga-ubuntu, k, will comment on it when forum is back, I think it was discussed long time ago (and Gustavo was against doing it) [09:56] mborzecki: nie! [09:56] nice! [09:56] :) [09:56] pstolowski: just give some feedback on the bug report, we don't have to move the discussion elsewhere [09:57] mborzecki: what is the runtime string like? [09:57] zyga-ubuntu: added a comment in the PR [09:57] mborzecki: and another hint, send it in the / request so that (perhaps) snap version can show it [09:57] zyga-ubuntu, sure, I just need to try find that discussion [09:57] mborzecki: looks good [09:58] zyga-ubuntu: Aye [09:59] Chipaca: yes [09:59] pedronis: hiya, welcome back :-) [09:59] hi [09:59] pedronis: while you were away I was wondering whether a local snapd could "sign" stuff [09:59] kalikiana: thank you [10:00] pedronis: and thought you were the person to ask [10:00] Chipaca: sign stuff in which sense? [10:00] pstolowski: perhaps another bug for you https://bugs.launchpad.net/snapd/+bug/1672747 -- feel free to ignore, I'm just combing the bug tracker [10:00] Bug #1672747: configure hook missing reason it was invoked [10:00] hm good news, i can reproduce the segfault when building snapd on xenial with go1.9.3 [10:00] pedronis: as a way of ensuring not only the integrity of a snapshot, but also its origin [10:01] ah [10:01] zyga-ubuntu, the bug makes sense, but it's slowly improving with new hooks [10:01] Chipaca: if it has a serial yes, then it has a device key [10:02] that can be tracked to the serial [10:02] pedronis: snapshots have a metadata file with hashsums of the archives themselves, so AFAIUI if I signed that (relatively small) file and included the signature, I'd be able to warn or block people from restoring snapshots that weren't created by their own host [10:03] should be doable in some way [10:03] (i imagine adding a --ignore-signature or something) [10:03] pedronis: ok, good to know. I'll pester you about it once everything else is shipshape. [10:03] depends on the attack you are trying to avoid, or is just not mismatching stuff? [10:05] guys, is #4487 good to be merged now? [10:05] PR #4487: cmd/snap: snap refresh --time with new and legacy schedules [10:06] mborzecki: looking [10:07] with 4 +1s, sure! [10:07] pedronis: the attack is fairly contrived, in that you'd have to either be able to write to the spool directory where snapshots live (and in a properly configured system users won't even be able to read it), or convince an admin to accept a snapshot file somehow [10:07] PR snapd#4487 closed: cmd/snap: snap refresh --time with new and legacy schedules [10:15] mvo: can we do something about seccomp before 18.04? [10:16] zyga-ubuntu: do somethng about it in what sense? [10:18] Chipaca: just saying that if you are root you can get the key that is used for signing [10:19] pedronis: yeah [10:19] mvo: make it so that on 18.04 we can enable the non-kill behavior [10:19] Chipaca: anyway I suppose if people ship them somewhere and back it's a bit more interesting [10:19] pedronis: I expect snapshots will be part of a backup solution that includes remote backups, yes [10:19] but those things should be signed at a separate layer anyway [10:19] pedronis: I think I'll check with jamie, and if he agrees it's too tenuous, i'll forget it [10:20] ok, np [10:20] pedronis: thanks [10:21] zyga-ubuntu: its tricky the updated libseccomp is not out, but we might be able to split out this part of the work in a separate pr [10:23] idk theres something charming about a security stack that opts to commit seppuku to protect the user [10:23] mvo: upstream has not released it or it hasn't found its way into ubuntu? [10:23] ikey: did snap-confine refuse to run for you? :) [10:24] ikey: (hey :-) [10:24] hey :) nah not recently, i meant the seccomp thing [10:24] ikey: ah [10:24] well, that's not seppuku, IMO it's like us shooting a thread because it asked to go to the loo [10:24] the thread _asked_ [10:24] just saying no wasn't in the vocabulary [10:24] yeh but i mean, going to the loo, during class time [10:24] idk man.. [10:24] >_> [10:25] yeah, so mean [10:25] it's an _internal_ problem ;) [10:25] lol [10:25] I'd love to see that bug fixed, I'm wondering what we can do [10:25] the kernel part is done now [10:25] and everyting else is just userspace [10:25] so distros just need to update libseccomp? [10:26] it's complicated [10:26] yes [10:26] and golang bindings on top [10:26] and it seems it's not even out upstream yet [10:26] orite [10:26] PR snapd#4565 closed: httputil: include Go runtime version in user agent string [10:27] mborzecki: make sure the store team can parse that ^ talk to ... perhaps noise][ ? [10:27] zyga-ubuntu: upstream has not released an new golang-seccomp [10:28] its looking likely im going to need to rework my nvidia PR to account for some fedora weirdness [10:28] mvo: is the upstream for the C and golang lib the same? [10:28] looks like they stuff their entire tree under /usr/lib64/nvidia-304xx/* [10:28] so idk if i need to do that as separate PR, commit or what [10:28] given the one i have is marked accepted.. [10:28] ikey: no, just stack on top there [10:28] thank you for caring about fedora! [10:29] well we're all cousins in this world [10:29] (not literally. that'd make christmas so freakin awkward) [10:30] with RMS and linus smiling from a family photo on the wall [10:31] ... [10:31] weird silence [10:31] XD [10:33] hmm no segfault with go1.8.3 [10:34] * Chipaca gives up on emacs and goes back to paper [10:37] zyga-ubuntu: its two different people. but the upstream C is also not released yet [10:37] zyga-ubuntu: its just part of git [10:37] zyga-ubuntu: and the golang is not yet part of git because there is no libseccomp yet released with the bits needed [10:40] mvo: aha, I see; we can ask them to release or distro patch in ubuntu but I wonder how that complicates building the packages and the snaps [10:40] mvo: craazy idea: what if snap-seccomp was a .. snap itself [10:41] and we could pull it in to build the profiles [10:41] (it's a bit chicken-eggy) [10:41] but would work around building issues [10:41] zyga-ubuntu: we distro patchi n ubuntu already, thats fine. but e.g. fedora is not distro patching [10:42] aha. smoke break granted me the wisdom to fix the gl thing.. [10:42] zyga-ubuntu: mborzecki: that format is not standard afaik (it would need to be system/version) [10:42] zyga-ubuntu: if fedora would allow us to bundle the problem would also not exist [10:42] mvo: I think we can bundle but we could also patch the packages there if maintainers agree [10:42] pedronis: oh, thank you for noticing [10:42] pedronis: so golang/... [10:42] the forum seems very 502y today [10:42] (or similar) [10:42] something like that [10:43] yes [10:43] Chipaca: yes, it's 100% reliably 500s today [10:43] Chipaca: input on #4565 [10:43] PR #4565: httputil: include Go runtime version in user agent string [10:43] it's merged but I think it needs tweaks [10:44] pedronis: opening a followup with fixes in a minute [10:44] hmmm [10:44] that should be go/xyz [10:45] Chipaca: pedronis: runtime.Version() already returns `go1.9.3`, that would make it golang/go1.9.3 [10:45] mborzecki: what does it look like with gccgo? [10:45] also a bit unclear whether it's useful? [10:46] mborzecki: what's the goal here? [10:46] I'd be ok with go/goX.Y.Z if goXYZ is what runtime.Version returns [10:46] getting this in the logs? [10:46] pedronis: yes [10:46] pedronis: it'd be in error reports also [10:46] both could be done without changing the user agent [10:46] it's a bit strange to put the compiler there [10:47] otoh it's also the standard lib [10:47] mborzecki: what does go itself does? [10:47] it has a default user-agent afaik [10:47] pedronis: also stdlib carries the http client [10:47] that we are overriding [10:47] we probably should do something similar [10:50] pedronis: probably Go-http-client/1.1 (that's what they expect in the tests anyway) [10:51] mborzecki: zyga-ubuntu: anyway I fear this will also break the store [10:51] we need to be a bit careful [10:52] Chipaca: pedronis: `golang/go1.9.3` then? [10:52] why the repeated go? [10:53] anyway I also need to check where to put it if at all [10:53] * zyga-ubuntu -> important errand [10:54] hmm [10:54] mborzecki: problem [10:54] i can always move the go runtime version string to daemon.go and log it there, after all i just want to see the version somewhere, don't really care if it's the user agent string [10:55] go1.6.1 gccgo (Ubuntu 6.0.1-0ubuntu1) 6.0.0 20160414 (experimental) [trunk revision 234994] [10:55] ^ runtime.Version() with gccgo [10:55] fun [10:55] right, and go returns go1.9.3 [10:55] oh, w8, that's the whole string? [10:55] mborzecki: "go1.6.1 gccgo (Ubuntu 6.0.1-0ubuntu1) 6.0.0 20160414 (experimental) [trunk revision 234994]" [10:56] mborzecki: that's printed with %q for your enjoyment [10:56] damn [10:56] ok, i'll log it in the daemon [10:56] and the store can keep guessing which buggy version of go http.Client was that :) [10:57] mborzecki: anyway, indeed as it is it would break the store parsing of it [10:57] ok, i"ll open a pr reverting the change [10:58] the issue there is mostly putting it at the end I think [11:00] PR snapcraft#1892 opened: meta: warn if version is not a string [11:00] PR snapd#4566 opened: Revert "httputil: include Go runtime version in user agent string" [11:01] what do you use to format the C files in snapd? [11:01] ikey: indent [11:01] any sample invocation? i tried indent but it mangled the file [11:01] don't laugh though please :) [11:02] * ikey is only used to clang-format [11:02] there's .indent in cmd [11:02] `make fmt` should do the trick [11:02] mborzecki: or not, maybe I'm confused (regexps are fun that way) [11:03] ah ty [11:03] mvo, i see xnox just made systewmd default to persistent journald logging ... https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1618188 for your base 18 you might want to turn it off to not wear out MMCs [11:04] Bug #1618188: systemd journal should be persistent by default: /var/log/journal should be created Bionic):Fix Released by xnox> [11:05] mborzecki: https://golang.org/pkg/runtime/#Version says it could also be a hash and date [11:05] (oh, and indeed make sure /var/log/journal is writable [11:05] ) [11:06] ogra_: base-18 has everything writable [11:06] ouch [11:06] will you keep it that way ? [11:06] ogra_: we will see if it works out, but whats the downside? [11:07] https://forum.snapcraft.io/t/forum-offline-today-post-mortem/3760 [11:08] ogra_: thanks for the heads up, I will look into making sure this is not written to disk by default then [11:11] niemeyer: Apologies for any inconvenience this may have cause*d* you. [11:11] niemeyer: and thank you for getting it back up :-) [11:11] niemeyer: hey [11:12] niemeyer: woot, thank you for for the post morterm [11:12] Chipaca: Thnaks [11:12] * zyga-ubuntu makes lunch and reads [11:12] Chipaca: *Thanks* :) [11:12] niemeyer: I thought that was on porpoise [11:12] :-) [11:13] niemeyer: it's at least very comforting to know the forum died while making a backup :) [11:13] Chipaca: afaict runtime.Version() can be whatever :/ [11:13] zyga-ubuntu: Yeah [11:14] pedronis: well, at least we know it's a string :-D [11:15] zyga-ubuntu: We also have daily backups stored since August [11:17] of the data, plus daily and weekly backups of the whole machine [11:17] We have so many backups that I killed the system doing it [11:18] niemeyer: sweet [11:32] pedronis: Chipaca: #4566 [11:32] PR #4566: Revert "httputil: include Go runtime version in user agent string" [11:33] I could use another review on #4556 and #4557 i think [11:33] PR #4556: strutil/quantity: new package that exports formatFoo (from progress) [11:33] PR #4557: osutil: add DirExists and IsDirNotExist [11:34] PR snapd#4566 closed: Revert "httputil: include Go runtime version in user agent string" [11:35] Hmmmm [11:35] "snap lxd cannot use current base snap core because existing process are still using the old revision" [11:35] That's a weird error. Was doing `lxc exec` there [11:35] mborzecki: I did +1 it, but zyga merged it before github took my +1 and i think it then lost it [11:35] ¯\_(ツ)_/¯ [11:35] kalikiana: that's a warning [11:35] kalikiana: it means you could hop onto new core [11:36] kalikiana: but you're using the old one because some lxc process is still alive [11:36] zyga-ubuntu: you're on fire :-) [11:36] PR snapd#4556 closed: strutil/quantity: new package that exports formatFoo (from progress) [11:36] Chipaca: _high voltage_ :) [11:36] kalikiana: if you restart your lxc things it should go away and you will see new core being used [11:36] kalikiana: all processes belonging to a given snap see consistent filesystem [11:37] zyga-ubuntu: I feel the message should've told me exactly that :-) [11:38] zyga-ubuntu: Does the error come from snapd? Or LXD? [11:40] so [11:41] zyga-ubuntu: I'll file a bug. Let's see if it can be improved [11:41] my machine crashed because when I went out of range BT went nuts [11:41] kissiel: ^ [11:41] kalikiana: re [11:41] kalikiana: so about that, how would you rephrase that so that it's more useful [11:42] kalikiana: just tell me :) [11:42] or open a forum thread [11:42] it's a sub-optimal situation, we could perhaps have a hook for this [11:42] if there's no hook we could print a short line of text + forum link [11:42] and if there's a hook we could signal snapd and not print anything === zyga-ubu1tu is now known as zyga [11:46] zyga: first of all it should reveal itself as a warning, for example by starting with "Notice:" [11:46] zyga: although by showing me this message every single time I practically consider it an error since I can't actually ignore it [11:49] zyga: It'd also be nice if it was phrased more like 'Notice: The "lxd" snap will continue to use "core" 3958 as a base until all its processes have been restarted via "snap restart lxd".' [11:50] kalikiana: it's not true [11:50] kalikiana: that's the problem :) [11:50] kalikiana: the first part is okay [11:50] but the remainder is not accurate [11:51] snap restart lxd is not sufficient [11:51] _all_ processes, including non-services, must terminate [11:51] zyga: Well, if it's not accurate it's because I had to guess since it did not in fact tell me :-D [11:51] (I lost my log) can you paste the original message again please? [11:52] zyga: `snap lxd cannot use current base snap core because existing process are still using the old revision` [11:52] phew. back to working snapd.. [11:53] zyga: 4342 is ready for a re-review (cc mborzecki I addressed your comments as well iirc) [11:53] 4559 will need re-review too [11:53] kalikiana: hmm hmm [11:53] zyga: The "cannot use" wording makes it look like an error. And it's not telling me how to fix it. [11:53] mvo: ack [11:53] kalikiana: I don't dismiss the wording could be better [11:53] just pondering on what it should be [11:53] decided to be nice to those darn pesky fedora kids :p [11:54] zyga: This is why I suggested to file it, didn't expect you to fix it on the spot :-P [11:55] Oh, forum's back. I could also make a topic for it then [11:56] kalikiana: yeah, let's do a forum topic, we can tweak that message before 2.31 [11:56] thank you for rising this [12:02] jdstrand: hey, thank for the review of https://github.com/snapcore/snapd/pull/4545 Question on the AppArmorConnectedSlot advice - each snap has it's own /tmp - I was stuck on how a file in x11's /tmp is made available to another snap's /tmp. Is the rule label causing snapd doing some fancy /tmp combining? Or is it up to the plug's launch script to dig into the slot's /tmp and find the socket it needs? [12:02] PR #4545: interfaces/x11: allow X11 slot implementations [12:02] s/it's/its/ [12:07] greyback: if you put the socket in $SNAP_COMMON [12:07] you could use new content sharing features to inject that anywhe [12:07] *anywhere [12:08] so for the snap holding the socket and being the server it can be in $SNAP_COMMON [12:08] and for any client snaps it could be in /tmp/somethingappropriatethatisdefault [12:08] *magic* [12:09] does snapd expose changelog functionality? like when i publish a new revision can i inform users of changes? [12:09] you can do that in the store but I don't know if this is visible in many places [12:09] ah ok [12:09] future stuffs then [12:09] it's a nice thing if it was accessible [12:09] I mean [12:09] you can fill it for each release [12:09] sure [12:09] and at some point in the future hook up UI bits [12:10] zyga: https://forum.snapcraft.io/t/cannot-use-current-base-snap-core/3763 [12:11] ack [12:12] zyga: I would if I could, but I'm snapping x11. It has /tmp/.X11-unix/X* hardcoded in [12:13] zyga: I can't actually seem to get rid of it [12:13] very broad use of killall doesn't help [12:14] greyback: no, you didn't understand [12:14] greyback: you can do that without touching x11 [12:14] * greyback re-reads [12:14] greyback: the content interface lets you do those bind mounts [12:15] greyback: I haven't tried this on a socket though so you may run into a limitation [12:15] greyback: but even a tiny patch in x11 (or config tweak) to store the socket in $SNAP_COMMON is enough [12:16] zyga: ack. I see what you mean. I'll give that a go. [12:16] greyback: you must use master though [12:16] greyback: and stick to $SNAP_COMMON for now [12:16] ok [12:16] greyback: (or edge) [12:16] greyback: try it with dummy snaps and a writable file [12:17] greyback: and the content interface [12:17] in the end we can move this into the x11 interface properly [12:17] *nod* [12:17] more toys to play with! [12:18] :D [12:18] indeed [12:18] and my child so let's see how it works, I'm eager to get feedack [12:18] *feedback [12:22] popey: Seen the announcement of godot 3.0 final being released yesterday.. did you ever get that to work? [12:24] mvo: Chipaca: can the 2_32 tag be created in the forum [12:24] sure [12:25] pedronis: but i can only create it by tagging something [12:25] pedronis: ideally something that needs to be there for 2.32 :-D [12:26] ok, I suppose I should talk with mvo about the when of those [12:26] PR snapd#4558 closed: cmd/snap-mgmt: fix out of source tree build [12:26] pedronis: i think i have something i can tag [12:27] pedronis: there [12:27] and now, lunch [12:36] * ogra_ grins about zygas comments on #4563 ... you should really talk to the devmem2 developers to have this fixed upstream :) [12:36] PR #4563: tests: new spread test for gpio-memory-control interface [12:37] (that c file is just devmem2.c renamed ;) ) [12:40] ahh [12:40] well, I'm just a C coder [12:41] :) [12:42] bisecting go toolchain, so much fun [12:50] pstolowski: you can't fallthrough a type switch [12:51] Chipaca, aha! thanks, still learning about some corners of Go [12:53] pstolowski: you also can't usefully enumerate things (i.e. if you do "case typeA, typeB:" you'll get the interface-y object in the case [12:53] ) [12:58] k [13:22] PR snapd#4567 opened: cmd/snap-confine,tests: hide message about stale base snap [13:41] greyback: you're right about the per-snap /tmp. if these were named sockets, there would be a problem, but they are abstract sockets (path starts with '@') so they aren't file backed and not affected by the mount namespace [13:54] PR snapd#4567 closed: cmd/snap-confine,tests: hide message about stale base snap [14:00] * kalikiana off for lunch, back soon [14:01] zyga_: but before I leave, great to see this extremely quick PR , you are awesome:-D [14:01] * kalikiana now really off for lunch [14:04] jdstrand: aha. Ok. I didn't know that [14:05] can someone remind me why I have multiple (more than 2) loop devices for a snap? [14:05] I understand 2 for the theoretical purposes of rollback [14:05] but why more than 2? [14:05] bisecting the -linkshared segfault, the first bad commit is https://github.com/golang/go/commit/4808fc444307fa683bf3df6d55f9ad1828891a36 [14:07] PR snapd#4568 opened: tests: new spead test for openvswitch-support interface [14:16] Beret: 3, so you can always rollback even in the worst case [14:17] Beret: we might make it tunable at some point (there's a feature request for this already) [14:17] Beret: but in any case you can already remove the prior ones with "snap remove --revision " [14:18] Beret: (the worst case is: you're on a "good" revision, you refresh to something newer, but it's a dud so you manually revert back to the known-good one; because we keep 3, you can still revert from there as well) [14:19] Beret: hth [14:26] sergiusens: is anyone on your team in fact working on the project to convert LP to be able to consume snapcraft as a snap? I'm concerned about that having possibly fallen between the cracks [14:42] Chipaca, ok, thanks [14:44] PR snapd#3456 opened: many: add interfaces.SystemKey() helper [14:51] brb [15:00] cjwatson no, no one is; sorry, the communication has. I did discuss this with sparkiegeek [15:01] sergiusens: was that today? I talked about this with sparkiegeek this morning [15:02] cjwatson capetown sprint [15:05] sergiusens: must have slipped his mind. I can take it over if it will otherwise end up not being done, just didn't want to duplicate work [15:09] re [15:09] sorry, small interrupt for kids [15:17] cjwatson that would be appreciated. I am sorry it fell through the comm cracks [15:17] all right, let's see what I can fit in === zyga_ is now known as zyga [15:32] pstolowski: sorry it took a bit, looks it's going in the right direction, did a pass over #4401 [15:32] PR #4401: snapstate/ifacestate: auto-connect tasks [15:33] pedronis, hey, no problem, and thanks! [15:39] sliff [15:41] * kalikiana seems to be online again, for some reason wlan didn't see any network for a while [15:43] * kalikiana once again fell for the DENIED messages caused by the telegram snap looking for helpful logs [15:43] zyga: what's the status of #4471 ? [15:43] PR #4471: cmd/snap-update-ns: refactor and improve Change.Perform to handle EROFS [15:47] pedronis: refactoring after feedback from a call, I'll push it in ~hour [15:47] thx [15:47] PR snapd#4550 closed: cmd/snap: improve output when snaps were found in a section or the section is invalid [16:07] jdstrand, hey, just for info I started as topic as discussed in CT, https://forum.snapcraft.io/t/confined-snaps-dont-work-on-live-images-due-to-apparmor-path-mapping/3767 [16:07] seb128: interesting, it's probably the same problem that prevented us from using overlayfs [16:07] * zyga reads [16:08] zyga, right [16:11] seb128: replied [16:11] zyga, thanks [16:15] mvo: #4342 reviewed.. trivials only, thanks [16:15] PR #4342: userd: add support for a simple UI that can be used from userd [16:15] niemeyer: \o/ thank you [16:16] mvo: Thank you! Nice abstractions [16:22] pedronis: do you know offhand about seeding --classic snaps? https://forum.snapcraft.io/t/seed-yaml-documentation/3050/4 [16:22] blackboxsw: on a classic image? [16:23] on non-snappy environments [16:23] classic: true in the seed entry for the snap afair [16:23] so stock ubuntu cloud-images [16:24] ahh nice [16:24] will try that [16:24] thanks [16:24] and will update the post with the results [16:25] blackboxsw: I'm just back from holidays, I put looking at that post in my queue [16:26] cheers. yeah I heard. Welcome back :) [16:35] hmm mhmm [16:42] seb128: thanks, noted and commented [16:42] * jdstrand -> travel [16:42] Q: what happens if you accidentally switch the implementations of, in essence, 'rm' and 'md5sum -c'? [16:42] A: giggles [16:43] * Chipaca takes a break [16:44] jdstrand: safe travels! [16:44] Chipaca: A: backups [16:57] zyga: dude [16:57] yes? [16:57] zyga: i'm implementing snapshots [16:57] ie backups [16:57] zyga: :-) [16:57] Chipaca: snap my home directory ;) [16:57] i had the handlers for 'lose' and 'check' reversed [16:57] :-) [16:58] happy to have tests :-) [16:58] lose drops the snapshot? [16:58] zyga: yes [16:58] Chipaca: just document it, it's not a bug if it's documented ;) [16:58] * Chipaca takes note [17:01] ikey: is 4559 good to go? [17:02] em [17:02] is that the one i did today i cant remember [17:02] pr #4559 [17:02] PR #4559: snap-confine/nvidia: Support legacy biarch trees for GLVND systems [17:03] ah [17:03] so the thing i wanted clarification on from Son_Goku was the libdir stuff [17:03] like are we making this a compile time option or is it being vendor patched or what [17:04] or do we just do more of the populate calls? cheap and cheerful [17:04] more of the populate calls [17:04] the issue with the other two is the multi-base snap nature of things [17:04] so do you have a lib32 directory in fedora? [17:04] nope [17:05] and we really don't have any more permutations to worry about [17:05] so populate isnt going to be the right approach [17:05] we have /usr/lib and /usr/lib64 [17:05] because you're going to get inverse libraries [17:05] 32s in the 64 [17:05] ah, right [17:05] i mean it'll still technically *work* but its not "right" [17:05] and i think the rest of the world is lib64/lib32 [17:06] most of the world is lib/lib64 [17:06] with lib + lib64 being the same thing [17:06] eh idk about that [17:06] even arch uses lib32 [17:06] Arch and Solus are lib32 / lib64 [17:06] right [17:06] Gentoo is fuck all [17:06] lol [17:06] though they default to lib / lib64 [17:06] so ok we need to use --libdir as our /usr/lib there atm [17:06] Fedora, SUSE, Mageia, et al are lib / lib64 [17:06] and we need a new option for emul32 [17:07] so that we no longer assume [17:07] assuming ofc on fedora you configure --libdir=/usr/lib64 [17:07] right [17:07] and we add like --with-emul32-libdir=/usr/lib ? [17:07] sure [17:07] alright [17:07] gimme a wee second here [17:08] ty btw :] [17:08] you could also do detect-y things for this [17:08] eh [17:08] the smartest way to be smart is by not being smart [17:08] just sayin' [17:08] heh [17:08] hm. autotools crap. [17:09] so libdir will be wrong [17:10] what is emul32? [17:10] -m32 [17:10] zyga: it's Solus' term for secondary arch [17:10] i.e. 32-bit library [17:10] no its the proper term [17:10] emul32 == -m32 :P [17:11] you're emulating 32-bit vdso on x86_64 [17:11] well, -m64 also exists, are you saying that's emul64? [17:11] with -m32 [17:11] no [17:11] is that like x86 [17:11] because you have native binaries and libraries [17:11] well you guys pick a name [17:11] zyga: on multiarch architectures, you can build from the same compiler for 32-bit and 64-bit [17:11] idc what its called :P [17:11] is that like x86? <- question [17:11] so on x86, you have x86_64 and x86_32 [17:11] -m32 will spit out x86 on x86_64 toolchain [17:12] technically i686 [17:12] but ya [17:12] on aarch64 you have aarch64 and aarch32 [17:12] ikey: sure, but but that's a compiler switch [17:12] (which technically is also known as armv8hnl) [17:12] sure and we're talking about biarch here [17:12] what is the relationship to a filesystem path [17:12] not multiarch [17:12] biarch is locked to the notion of -m64 vs -m32 [17:12] ikey: we could get into x32 [17:12] ikey: I see [17:12] which is why -m32 is the emulated vdso [17:12] * zyga likes multiarch [17:12] someones gotta :P [17:12] zyga: debian platform libdirs has other issues [17:13] everything has issues [17:13] so what we calling this emul32 dir [17:13] just lib32 ? [17:13] --with-lib32-dir [17:13] before i get dead cats mailed to me from gentoo devs [17:13] ikey: --with-lib32-dir, --with-lib64-dir [17:13] why --with-lib64-dir? [17:13] --i-wish-we-had-fat-objects-like-apple-did-decades-ago [17:13] ikey: Gentoo dev dead cat avoidance :) [17:13] but --libdir is the native arch [17:13] true [17:14] back to work [17:14] lol [17:14] ikey: meeeby --with-alt-libdir ? [17:14] god damn naming things is hard :/ [17:15] fuck it [17:15] XD [17:15] Son_Goku, "defaults" [17:15] lol [17:15] --lib32dir [17:15] #define NATIVE_LIB_DIR "${exec_prefix}/lib" [17:15] i hate your face autotools [17:15] man [17:16] fat objects [17:16] that's so simple :/ [17:16] nope [17:16] zyga: then make it happen [17:16] don't want your bloat :P [17:16] ah mind you i can use -D defines [17:17] for native libdir [17:17] Son_Goku: impossible, no way to reach consensus on something that is x10 nicer and x0.1 slower or more "computer has to do work" vs "humans need to do work" in our our community [17:17] niemeyer: can you look at https://github.com/snapcore/snapd/pull/4471/files again please [17:17] PR #4471: cmd/snap-update-ns: refactor and improve Change.Perform to handle EROFS [17:18] zyga: Looking [17:18] niemeyer: I'm trying to balance it so that I don't have to re-architect my stacked unit tests heavily and we can ship it in 2.31 with confidence; I postponed the idea to check if we need to poke holes [17:18] niemeyer: I can do that after this RC because it will have impact on existing unit tests [17:18] (sequence of things will change, churn, can cause bugs) [17:18] niemeyer: I'll cherry pick the spread test into this PR so that it is really tested [17:18] zyga: My suggestions would not involve any test changes at all [17:19] niemeyer: yes, but we also discussed the idea to look at the filesystem to see if it's read only ahead of time [17:19] and those would (we test the syscalls we do) [17:19] (the order of syscalls would change and that's churn I want to avoid for 2.31) [17:20] zyga: I understand.. just saying that the real goal was simplifying it [17:20] zyga: Rather than changing behavior [17:20] pedronis: do you remember in what situation a task's change could be nil? when looping over all tasks from state [17:20] yeah, I think it's shorter now, we can go further but I want to not break it [17:20] Chipaca: looping how? [17:21] I will now look at that spread tets and then at the PR with individual new unit tests [17:21] pedronis: for _, tsk := range st.Tasks() {...} [17:21] Chipaca: that should filter out tasks that have no change [17:21] see its code [17:21] pedronis: i see [17:22] it might be we are paranoid in a couple of places because historical reasons [17:22] * ikey has a potential fix for that patch now [17:22] just gonna test it.. [17:22] * zyga runs the new tests and waits for them to finish [17:22] tea time :) [17:22] pedronis: in snapstate's CheckChangeConflictMany there's an explicit check for nil which threw me :-) [17:22] ikey: thank god no one here cares about /usr/libx32 right now [17:22] i guess that's one of the places [17:22] ikey: and yes, that's a thing [17:22] Chipaca: I don't think, it's needed nowadays [17:22] i know it is [17:22] but in our context no we dont care [17:23] pedronis: thanks [17:23] we have the lock and Tasks() check for us [17:23] ikey: --with-alt-libdir is the best I can come up with [17:23] doesn't make sense [17:24] its strictly for "im 64-bit and need 32-bit" [17:24] * ikey finds out if patches are borked from that [17:24] * kalikiana wrapping up for today, can't decide if this was a productive day where trying to fix one bug lead to several other bug reports without solving the first one [17:25] ikey, fuck it, --with-32bit-libdir? [17:25] cool, didn't hose it [17:25] well my patch has --with-lib32-dir=DIR [17:26] lol [17:26] ill change [17:26] though im not sure how good autotools is with numeric prefixes? [17:26] guess we'll find out [17:27] * Son_Goku groans at autotools [17:27] why isn't this Meson already...? [17:27] --with-32bit-libdir -- Use an alternate lib32 directory [17:27] works [17:27] oh right, because 14.04 isn't dead yet [17:27] Son_Goku: hold on, what are you tweaking? [17:27] ive had to safe guard this change.. [17:28] you'll see in a sec [17:28] ikey: I'm guessing it defaults to lib64 and lib32? [17:28] not /quite/ [17:28] you'll also need to change autogen for fedora i imagine [17:28] fuck [17:28] that's going to suck [17:28] oho, linode handshake timeouts [17:29] that's fine, I'll push the spread test on top anyway [17:29] Son_Goku, https://github.com/snapcore/snapd/pull/4559/commits/c724c06a6a58e64c0a701cc78f9f5154164abe32 [17:29] PR #4559: snap-confine/nvidia: Support legacy biarch trees for GLVND systems [17:29] so instead of assuming /usr/lib, we set native libdir to `--libdir=` from configure time [17:29] i.e. host arch [17:29] if we're 64-bit, we'll then try to mount/copy the 32-bit alt set. [17:30] otherwise don't do anything [17:30] right [17:30] so that looks roughly sane [17:30] because we could clobber ourselves on 32-bit pure [17:30] its about the only dumb-clever way i can think of right now [17:30] ikey: this means you need to add the logic to the Fedora spec :) [17:30] otherwise it can't test :P [17:30] and i cant test fedora [17:30] so idk what you want me to do there [17:30] spread will do that [17:30] help a brutha out [17:31] I can give you a patch to add to your PR, if that helps [17:31] i wont object [17:31] lol [17:31] as long as your autogen uses libdir logic (which it should already) you should be fine [17:31] but for your packaging you'll want to expressly set 32bit-libdir now [17:31] or w/e the hell we caleld it [17:31] *called [17:32] as the day closes, so does my mind. [17:32] hehe [17:32] I regenerate the autofoo on every build [17:32] zyga: Definitely nicer.. sent another round [17:33] niemeyer: thanks, looking now [17:36] zyga: Sorry, please ignore my comment on the for loop [17:36] zyga: I removed it, but not quickly enough [17:36] zyga: This is much simpler as a recursive call [17:36] niemeyer: ok [17:36] niemeyer: I think you reviewed an earlier version I pushed and then I pushed the patches that dropped flags [17:36] niemeyer: so some of your questions as in places that got removed now [17:37] I'll start with the low hanging fruit and iterate, let's see what remains [17:38] zyga: Ouch, thanks [17:38] error: received an unexpected http response code (504) when trying to download https://api.snapcraft.io/api/v1/snaps/download/eFe8BTR5L5V9F7yHeMAPxkEr2NdUXMtw_6.snap [17:38] hmm, store hicckups [17:39] ikey: http://kinginuyasha.enanocms.org/downloads/0001-Enable-support-for-handling-the-NVIDIA-proprietary-g.patch [17:39] zyga: I still don't understand your comment on why lowLevelPerform is there [17:39] zyga: It's a very awkward side effect whihc would be nice to avoid [17:39] what in the shite is that [17:39] niemeyer: mount and umount don't care if the medium is read only [17:39] niemeyer: symlink needs to drop a new inode [17:39] zyga: You say file creation relies on existing inodes, which doesn't make a lot of sense to me [17:39] niemeyer: it is there to triggere the read-only-filesystem fallback [17:39] Son_Goku, honestly i dont feel comfortable applying that which i dont know [17:39] ikey: a patch you apply with git-am ? [17:39] alright [17:40] but everyone saw that Son_Goku made me do it [17:40] ikey: unconditionally turns on nvidia-biarch [17:40] oh, did I, sorry, I meant mounting [17:40] and also sets the libdir in arches that are configured for multilib [17:40] zyga: I realize it's there for that reason.. I don't understand why it's there for that reason [17:40] gotcha [17:40] i pushed it Son_Goku and now we'll wait for the sound of screams [17:40] :D [17:40] cheers :] [17:40] kanpai! [17:41] well, I'm a dumbass [17:41] niemeyer: right, the reason is that the code is like [17:41] ikey: can you fix the title of the patch [17:41] it should be prefixed with "packaging/fedora:" [17:41] niemeyer: both mount and create symlinks is in the low-level part [17:41] zyga: Again, per above, zyga: You say file creation relies on existing inodes, which doesn't make a lot of sense to me [17:41] niemeyer: now if you had a path like /rofs/symlink -> target [17:42] niemeyer: ^ (I meant *mounting*, not file creation) [17:42] Son_Goku, but [17:42] but i pushed it [17:42] rewrite it :P [17:42] niemeyer: and assuming that /rofs exists [17:42] and they get angry when i force push [17:42] meh [17:42] just do it [17:42] but they can hear us [17:42] ._. [17:42] niemeyer: that won't do anything in the part [17:42] XD [17:42] niemeyer: it will proceed to c.lowLevelPerform where we just create the symlink [17:42] zyga: Again, can we please talk about the difference between these branches [17:42] niemeyer: and that's when we will notice EROFS [17:42] zyga: how can + err = secureMkfileAll(path, mode, uid, gid) [17:42] zyga, humbly request permission to force push fixed patch to PR [17:43] zyga: do the right thing, but + err = secureMkdirAll(path, mode, uid, gid) [17:43] not? [17:43] Son_Goku, but now your commit message is too long [17:43] fuck [17:43] ima leave it. :3 [17:43] niemeyer: those both do the right thing, the problem is not between directories and files but between the actual symlink at the end of some directories; [17:43] zyga: I see.. so this links with the other part of the code [17:44] zyga: Regarding the comment below on "Curious that this isn't the case for files. What's the catch?" [17:44] hold on, I didn't read that comment yet [17:44] ikey: noooo [17:44] ah [17:44] zyga: Looks like a special case is creating more special cases [17:45] lol @ describing hacker news [17:45] ikey: http://kinginuyasha.enanocms.org/downloads/0001-packaging-fedora-Enable-support-for-the-NVIDIA-propr.patch [17:45] there, fixed title [17:45] but it runs off [17:45] niemeyer: files and directories are completely created by secureMk* helpers, you end up with the complete thing, the error is correct if something goes wrong [17:45] like a terrified thomas the tank engine suddenly bereft of child to push it [17:45] zyga: I understand :) [17:45] ikey: it won't run off in GH [17:45] niemeyer: for symlinks we don't have a helper like that, we use the secure dir helper to create the parent, that's it [17:45] and that's all that matters :) [17:46] Son_Goku, but zyga didnt give me a yay [17:46] zyga: These comments are supposed to raise awareness and discuss ceratin things [17:46] zyga: >:| [17:46] zyga: I can tell that createFlie creates a file :) [17:46] lol.. [17:46] damn it, I've burned my entire lunch period on this :( [17:46] I gotta go get food [17:47] zyga: In this case, we have a special case that chains up into more special cases, which cause functions to be called in different places, which creates more special cases [17:47] disappear, its not like i do anything or go anywhere [17:47] zyga: This is part of the reason why we get white hair [17:47] niemeyer: but we reuse code that was reviewed for security, this is deliberate [17:47] zyga: /o [17:47] \ [17:47] niemeyer: I think it can be simplified but post 2.31, by doing the "look before you try" [17:47] then we can drop the low-level perform exception paths [17:48] and the special case for symlink will go away [17:48] zyga: We can do whatever we want later, sure.. but we want this logic to not suck to begin wiht [17:49] zyga: https://hangouts.google.com/hangouts/_/canonical.com/snappy-devel?authuser=1 [17:50] joining [17:50] or [17:50] joined [17:50] empty? [17:50] That's also part of why we get white hair [17:50] niemeyer: can you hear me [17:55] zyga, I am installing uuid-runtime package in a snap and it is not starting the uuid daemon [17:55] zyga, should it happen automatically as if I install the deb package, or I need to manually do it ? [18:03] how do I debug this error "error: cannot install snap file: snap is unusable due to missing files; contact developer"... I am the developer :-) [18:05] sergiusens: Looks like you have a completely broken snap [18:05] sergiusens: you should use snapcraft ;P [18:08] hey, random question, has the concept of "serverless snaps" ever been discussed? [18:09] cachio, ikey, Pharaoh_Atem: I if you can wait for a few quarters I would like to finish this branch for 2.31 first please [18:09] zyga, sure [18:09] quarters? [18:09] quarters? [18:09] bdx: what do you mean by that? [18:09] mvo, I am installing uuid-runtime package in a snap and it is not starting the uuid daemon [18:09] like, a few quarters would be years [18:09] * ikey is puzzled [18:09] mvo, should it happen automatically as if I install the deb package, or I need to manually do it ? [18:10] Pharaoh_Atem: ikey was responding to zyga [18:10] mvo, should I do it with the configure hook? [18:10] hmmm hmm sorry, [18:10] nacc: like a snap that is built to run on a serverless architecture [18:10] nacc: I was highlighted too? [18:10] I meant few multiples of 15 minutes [18:10] oh [18:10] xD [18:10] how do I say that properly? [18:10] ahhh [18:10] quarters is right, it's just no one says it [18:10] in that context [18:11] idk id say like "half hour" "45 minutes" "feck off im busy" [18:11] :D [18:11] etc [18:11] mvo, or in a wrapper? [18:11] * zyga hugs ikey [18:11] ikey: yes, go push [18:11] bdx: you mean without a store? [18:11] * ikey doesn't do normal though [18:11] lol [18:11] cachio: dunno, I will check soon, if you need uuid's you don't need a daemon tho, maybe there's a cheaper way? [18:12] * ikey coughs while -f goes through [18:12] zyga, I want to test that [18:12] nacc: No, he's likely thinking of Google AppEngine, Amazon Lambda, etc [18:13] niemeyer: oh [18:13] niemeyer: seems like you'd have a better answer for that than me :) [18:13] bdx: The purpose of snaps is to install software on a machine, so it's not a great fit for the idea of not having a machine. With that said, ... [18:13] heh [18:13] take aws lambda for example [18:14] bdx: We've been working from day one with the idea of minimalist operating systems that are built entirely around the idea of snaps [18:14] ahh I guess it wouldnt be a snap because a snap needs snapd huh [18:14] ahh I see [18:15] bdx: That's what Ubuntu Core is, for example.. there's very little other than snaps in the machine [18:15] cachio, cat /proc/sys/kernel/random/uuid [18:15] (if your snap has access to that node indeed) [18:15] niemeyer: totally, I see [18:15] bdx: Even the root filesystem itself is a snap, so read-only and mostly unchangeable [18:16] * ikey suddenly twigs that all parts of ubuntu core are segregated into domains with ACL and is impressed [18:16] cachio: test the daemon? [18:16] niemeyer: [18:16] I see [18:16] ogra_: yep, thanks! cachio, that was my suggestion (I didn't spell it out) [18:17] zyga, I need to see if the daemon is able to read from /run/uuidd/request [18:17] cachio, then our snap will need an app entry for the daemon [18:17] in snapcraft.yaml [18:18] cachio: I see, that's for some interface test? [18:18] zyga, yes [18:18] nacc, niemeyer: it was just a wild idea, I've been using lambda quite a bit lately, and getting to put my eyes on how the packaging is done via different serverless frameworks [18:18] PR snapd#4569 opened: osutil: add ContextWriter and RunWithContext helpers [18:18] bdx: sure, interesting question [18:19] I have the service script in /etc/init.d/uuid [18:19] yeah, not useful [18:20] check what the iit.d script calls and translate that into an app entry [18:20] see the bottom of https://forum.snapcraft.io/t/how-to-set-hwclock-on-a-realtime-clock/3684 [18:20] niemeyer thanks for getting back to me, I stripped everything and even simplified the command https://paste.ubuntu.com/26490731/ (I am beta for core btw) [18:20] I still see the issue [18:20] bdx: Yeah, it's a nice idea, but that kind of platform almost always requires custom coding towards it [18:21] entirely [18:21] bdx: Which conflicts a bit with the underlying goal of snaps.. snaps need to support people's software as their developers choose to work [18:22] This is also an advantage, as the approach encourages less lock in [18:22] right, i see that, but what if there was a "snap type" [18:23] lets say, a "serverless" snap type, would package for a targeted serverless platform [18:23] https://github.com/Miserlou/Zappa/#how-zappa-makes-packages [18:24] bdx: Sure, that would work fine.. but most of the problem of creating a "serverless" platform is still there [18:24] zappa (though young) has an interesting approach of just swapping out the packages with ones for the target serverless platform (just aws right now) [18:24] ogra_, trying that, tx [18:24] but other serverless frameworks will build the deps on a docker target platform and etc etc [18:24] bdx: I doubt it [18:25] ? [18:26] bdx: The hard problem in serverless is the software lifecycle.. you want something lightweight, and you need to control when it comes and goes very tightly.. often you need to be in the loop for controlling sockets, etc, because you don't want these aspects to be visible to the world [18:26] ah yes [18:26] bdx: You can put that software inside a snap, docker image, rpm, deb, tarball.. it matters little [18:26] totally [18:27] bdx: It ends up just as an implementation detail on something that you need to cook for from the ground up [18:27] bdx: You could use snaps as a lightweight confined space for the application, but that would be 3% of the problem IMO [18:28] so I have snap/ dir in my projects now, and also a serverless.yml file ... I feel like the packaging the serverless frameworks are doing is such small subset of what snapcraft can do [18:29] just an idea [18:30] niemeyer: thanks for the insight [18:31] nacc: ^ [18:31] bdx: No problem.. and yeah, the packaging is indeed the easy part of serverless, but it's also the hard part of solving software distribution [18:31] bdx: We focus on the latter [18:31] I see that, totally [18:31] bdx: As a side note, I deploy all of the services I'm responsible for as snaps in tiny machines [18:32] bdx: Not serverless, but cheaper than serverless, and almost as neat [18:32] bdx: and nicer, from the perspective of giving me freedom of technology [18:32] yay for marketing misnomers [18:32] "serverless" [18:32] neimeyer: totally [18:33] ikey: I will drop my job and work electricityless cloud [18:33] ikey: It's like "sugar free".. :) [18:33] I will call it "BYOM" [18:33] niemeyer, nah that one makes sense [18:33] they don't charge you any extra for the sugar [18:33] ikey: Until you figure what they use instead [18:33] mm [18:34] niemeyer: please have another look [18:34] niemeyer: I'll double check I didn't miss anything [18:34] zyga: Thanks [18:34] btw apparmor made my boot slow. :P [18:34] its half of my boot time in a VM now [18:34] I will do the proper secure symlink next, though it won't affect this code, just the implementation of secureMklinkAll [18:34] assertions assertions ... [18:34] ikey: caching can be improved [18:34] im tackling it this week [18:34] ikey: apparmor has a cache, maybe you're not using it? [18:34] solus isn't known for slow boot lol [18:35] ikey: each time a profile is compiled it can (optionally) be cached [18:35] ikey: also loads can use cache (even exclusively, without compilation) [18:35] ya im gonna teach usysconf to recompile them [18:35] and then an early unit to load the cache [18:35] already got plans, just wanted to complain :P [18:38] niemeyer: I think it's all done (except the ", or create" typo I didn't push to let this spread batch finish) [18:38] niemeyer: I'll work on itty bitty more secure mksymlink now that I have it un utils [18:39] niemeyer: oh, and one more thing, please look at the new spread test as well [18:39] I'll warm my tea up and be back in a moment [18:40] zyga: Haven't seen the test, but what I've seen look GREAT, thank you! [18:40] zyga: Just one final note there and LGTM [18:40] niemeyer: thank *you* :) [18:44] niemeyer: that's not an error there, it's a "was it present" flag, I guess we can just error out if it's empty but we don't usually do that kind of validation here (we just try and fail) [18:46] zyga: I don't understand what the code is suggesting right now [18:47] zyga: It surely doesn't seem sensible to create symlinks with completely wrong values [18:47] zyga: Sending garbage to the kernel for validation is unwise [18:49] Chipaca: problem with snap validation (CC sergiusens) [18:51] posted to the forum [18:52] mvo: ^ we may need rc3 if we relase with this bug [18:52] https://forum.snapcraft.io/t/snap-is-unusable-due-to-missing-files-contact-developer-i-am-the-developer-no-idea-what-to-do/3771 [18:53] now that this is approved I will pull in unit tests, too many changes for critical feature not to test this [18:53] I'll make a separate PR and mark it for 2.31 [18:53] mvo: do you plan to release tonight? [19:06] stgraber Odd_Bloke the simplestream images on Ubuntu seem to have lost their aliases (lxc launch ubuntu:xenial works no longer, does by hash) [19:09] sorry, bad first root causing of that, there are aliases, but `lxc launch ubuntu:xenial` does not work, using `images:` does [19:10] confirmed that the aliases are there `lxc image info ubuntu:069b95ed3a60` [19:13] ah, I know what I broke now ^_^ [19:14] stgraber a reinstall of the snap solved it, but I disabled ipv6 and switched from zfs to dir [19:23] elopio: when you have a minute, can you take a look at https://travis-ci.org/snapcore/snapcraft/jobs/335296918 ? I am trying to fix the snapstore pre-rollout checks (broken since snapcraft started using stages). Apparently I have no access to the cache where the snapcraft is stored. [19:31] cprov: yes, give me a minute. I'm sorry we broke you :S [19:32] elopio: no worries, in theory, it's much simpler to do what we need now [19:33] cprov: I'm not quite sure, because we were able to use the cache by not using the environment variables. I totally forgot that you sent environment variables to set the credentials. [19:34] maybe it's that. I'm digging into the logs. [19:35] elopio: `error: cannot open: "snaps-cache/snapcraft-prfalse.snap"` from `sudo snap install snaps-cache/snapcraft-pr$TRAVIS_PULL_REQUEST.snap --dangerous --classic`, I assume [19:36] cprov: can you show me the script that you are calling to trigger the api? [19:37] elopio: moreover I don't think we need the snapcraft snap installed to run `snapcraft/tests/integration/store` tests, do we ? [19:38] cprov: yes, it uses the snapcraft command. What you don't need is to build the snap, you could just install from edge. [19:38] cprov: but this one is different than the one you linked: https://travis-ci.org/snapcore/snapcraft/builds/335153368 I was wondering if you are doing something to select the stage. [19:40] elopio: the job you linked was the 'old' way that didn't consider stages, it was running everything and taking 4h+ [19:42] right. We could readd the skips, and make sure that we install from edge, not from cache. [19:45] cprov: so, you added that "stage" keyword? [19:45] * zyga eats supper, secure symlink helper almost done :) [19:46] PR snapcraft#1893 opened: cli: use C.UTF-8 if locale not set [19:47] elopio: yes, I am overriding 'jobs' completely, but the 'cache' config is preserved, I think I just don't have perms to access it [19:53] cprov: what would you think about this? https://paste.ubuntu.com/26491166/ [19:53] you send SNAPCRAFT_COMMAND_INSTALL="sudo snap install snapcraft --edge --classic" [19:55] sergiusens: journalctl -u snapd | grep container <- should show you the errors from 'snap try' [19:55] sergiusens: I'll push a PR to make snap try log to stderr instead of journal, I think [19:56] but not today, mostly because I think it might be tricky :-) [19:56] is there an example of snapping a php/composer application? [19:56] elopio: looks good, let me know when it lands in trunk [20:05] re, :) [20:05] one last patch and I'm goooood :) [20:05] and I celebrate [20:07] kyrofa: cprov: https://github.com/snapcore/snapcraft/pull/1894 [20:07] PR snapcraft#1894: tests: allow to overwrite the snapcraft install command [20:07] please double check my bash ^_^ [20:08] PR snapcraft#1894 opened: tests: allow to overwrite the snapcraft install command [20:25] sergiusens: hmm, might have been a bad cache of the streams, would have self-corrected after an hour, restarting the daemon (systemctl reload snap.lxd.daemon) would also have done the job if that was the issue [20:25] SIGH [20:25] there is no syscall.Symlinkat in golang [20:28] .. but why golang, why :/ [20:32] zyga: because it's in x/sys/unix [20:33] zyga: but before you get too excited, that means it's not buildable on ppc [20:33] Chipaca: I just found https://github.com/golang/sys/blob/master/unix/zsyscall_linux_amd64.go#L111 [20:34] thank you for pointing out x/sys/unix, let me see if it works [20:34] I need it [20:34] or I need that single generated function [20:34] zyga: grab the generated one for now until we drop ppc [20:35] Chipaca: yeah, sounds like a plan [20:35] zyga: but [20:35] zyga: SYS_SYMLINKAT will be per-something [20:36] but you have a ppc box so you should be able to figure it out [20:36] hehe yes :) [20:36] it's allright [20:37] the weirder ones might require you go grep includes :-) [20:37] Chipaca: or ... you know... put - [20:37] -1 [20:37] not that someone will test them, right? [20:38] ;-) [20:38] zyga: autopackagetest is a harsh mistress [20:38] autopkgtest* [20:38] haven't seen it fail in too long, already forgetting its face [20:38] offtopic [20:38] Chipaca: hey, this `snap try` issue from the forum, what is your take on it? sorry, missed some discussion so just want to get up-to-speed [20:38] // mksyscall.pl -tags linux,amd64 syscall_linux.go syscall_linux_amd64.go [20:38] FRELLING PERL? [20:39] zyga: ideal for the job [20:39] Chipaca: ... but... python [20:39] frobbing text? hell yeah perl [20:39] hell no cobol [20:39] zyga: not as widely available as perl [20:39] it's like cobol but misassociated wiht the text tool [20:39] Chipaca: not buying that [20:39] mvo: the snap wouldn't work with the older snapd [20:39] Chipaca: especially at google where they don't give a *** about non google arches [20:40] mvo: (i know not only because i wrote the verifier, i also checked :-) ) [20:40] zyga: ¯\_(ツ)_/¯ [20:40] Chipaca: ok, so anything that needs to be done for 2.31 there? or can I ignore it for 2.31? [20:40] zyga: you work for a company that doesn't give a flying asterisk for some architectures, but you still don't paint yourself into a corner just in case the company has a change of heart [20:41] Chipaca: I mean python works anywhere, BSDs, windows, macos, you name it [20:41] mvo: there's an argument for making 'snap try' write the errors to stderr for the same reasons 'snap pack' does [20:41] it's not like it's less portable than perl [20:41] and people who write competent perl are ... older [20:41] zyga: you're talking about people that worked on the implementation of plan 9 [20:42] oh [20:42] Chipaca: that sounds reasonable, is that something I should wait for? i.e. will it happen soon(ish)? [20:42] zyga: I don't think they think perl is for older people [20:42] that's a very valid point [20:42] Chipaca: i.e. before tomorrow lunchtime :) [20:42] Chipaca: perl is that new thing :) [20:42] mvo: it's not going to be a simple change [20:42] Chipaca: ok, then I will not wait [20:42] Chipaca: out of curiosity, why is it not simple? [20:42] mvo: there's another argument for changing the error message [20:42] mvo: but nobody has suggested changing it to _what_ :-) [20:43] mvo: because 'snap try' is async, meaning the logs would need to get shipped, and it might mean we need to make the roundrobin logs in tasks be bigger, and some tweaks to how 'wait' prints them [20:43] Chipaca: meh, sounds horrible. ok [20:44] Chipaca: just error with the 1st error :) [20:44] tasks have logs, but they're either informational (in which case if you miss printing them, oh well), or errors in which case they're not changing (because the thing died) [20:44] Chipaca: I will ignore this for now until I'm told otherwise. especially if this is a broken snap (not a false positive) [20:44] I _could_ make the whole thing die, yes [20:44] Chipaca: we don't vendor x/sys/unix today, do we? [20:44] return strings.Join(allTheErrors, " ¯\_(ツ)_/¯ ") [20:45] it'd be a re-addition? [20:45] Chipaca: its all good, I need to rest anyway [20:45] zyga: it does not build on ppc [20:45] mvo, is rc2 comming? [20:45] meh meh [20:45] ok [20:45] cachio_: :( tomorrow, sorry [20:45] I think today is my time [20:45] zyga: i'm sure they take patches though [20:45] I'll watch and merge 4471 [20:45] cachio_: there is this one PR from zyga that we want in [20:45] and fight the symlinkat problem tomorrow [20:45] Chipaca: as self-documenting perl files ;) [20:45] mvo, sure [20:46] zyga: hey, i've written literate perl [20:46] zyga: wait [20:46] zyga: you called me old! [20:46] * Chipaca is old [20:46] hehehe [20:46] * zyga is old [20:46] * zyga hugs Chipaca [20:47] * mvo hugs Chipaca and zyga [20:47] * Chipaca hides http://ftp.tudelft.nl/cpan/authors/00whois.html [20:47] * cachio_ laugh [20:47] OMG :D [20:48] the journey of each generation [20:48] the internet does not forget [20:48] sadly [20:49] ok [20:49] I'll break now [20:49] travis is stuck [20:49] please merge 4471 if green [20:59] Chipaca: did you see the original code was about java and PATH: $SNAP/... ? I suppose it doesn't change anything [20:59] pedronis: yes; the commands are not looked up in the path [21:00] that seems to be the source of the problem [21:01] or rather, of the misunderstanding [21:24] sergiusens: you around? [21:31] zyga: 4471 not green [21:31] getting lots of failed prepare project :-( [21:31] yeah :/ [21:31] I'm watching [21:32] like a western with intense action :/// [21:38] Chipaca at the snapcraft summit currently, might be faster if we do a call [21:39] sergiusens: I should be in bed. Tomorrow? [21:41] Chipaca ok; also tired the completer changes using the snap name and it still doesn't work; I'll send you the link to the built snap [21:41] sergiusens: thanks [21:41] tabs are for UI purposes [21:41] sergiusens: _vertical_ tabs? [21:42] Chipaca yes [21:42] 013 is \v is vertical tabs; a very strange choice (but then, if that's indeed what they're doing, it should be fine) [21:42] ok :-) [21:44] + tar -C/ -xf /home/gopath/src/github.com/snapcore/snapd/snapd-state.tar.gz [21:44] tar: /home/gopath/src/github.com/snapcore/snapd/snapd-state.tar.gz: Cannot open: No such file or directory [21:44] hmmmmm [21:49] zyga: everything is terrible [21:50] Chipaca: mvo will _love_ the release tomorrow [21:50] wililupy: 11 [21:50] (also known as window 11) [21:51] ? [21:53] wililupy: sorry, bad tab completion [21:53] THERE IS NO MISSILE INCOMING TO HAWAII [21:53] zyga: no worries ha [22:20] PR snapcraft#1895 opened: docker: beta should use beta, edge use edge [22:32] PR snapcraft#1894 closed: tests: allow to overwrite the snapcraft install command [22:38] PR snapcraft#1893 closed: cli: use C.UTF-8 if locale not set [22:41] PR snapcraft#1895 closed: docker: beta should use beta, edge use edge [22:44] sergiusens: thanks, let me try the test suite hack [23:28] so i've got a snap (git-ubuntu) that builds its own python3 (we need a version more recent than 16.04's) [23:28] what is the "right" way to CI the code upstream so that our tests are running against hte version in the snap [23:41] PR snapcraft#1896 opened: elf: do not strip rpaths that contain $ORIGIN [23:56] PR snapcraft#1897 opened: docker: user proper tags in Readme.md