[00:56] Bug #1747794 opened: cannot resolve host name with avahi interface [04:18] Bug #1702095 changed: snap enable removes complain for daemons === mup_ is now known as mup === mup_ is now known as mup === mup_ is now known as mup [06:18] morning [06:29] good morning [06:33] zyga: hey [06:42] -6 outside now [06:42] so pretty [06:49] coffee and back to spread [06:49] I wrote a new feature and a test together [06:49] need to split those out [07:11] hm tried to reproduce this https://forum.snapcraft.io/t/oneshot-daemon-freezes-install-on-start-snap-foo-unset-services/3894 but no luck, nothing 'hangs' [07:18] looking at that I wonder if the original deamon did something "fancy" that made it hang [07:18] like get stuck on a syscall or whatever [07:21] the next thing that happens after starting the services is running configuration hooks [07:22] wonder if he had any [07:25] oh [07:25] shit [07:25] oh? [07:25] did you find something nasty? [07:25] yeah, so whena snap is installed we run all the services [07:25] this one is 'oneshot' [07:27] so? [07:27] it should run and stop [07:28] hahaha [07:28] but it does not [07:29] is this a regression in 2.31? [07:29] (do we need rc4) or 2.31.1 [07:29] it's named usb_mount, suggesting that's it will mount a usb device, if there's none then it will apparently wait [07:29] oh [07:29] so oneshot services block until they exit? [07:29] so i made a simple service that loops infinitely, and it hangs 'Start snap "daemon-oneshot" (unset) services' [07:29] yeah [07:29] oh, wow [07:29] that's not great [07:30] we also probably shoulnd't start them when installing a snap [07:30] actually, what should happen for oneshot services isn't clear to me [07:30] who should start them? [07:30] the snap itself? [07:32] the way i used oneshot is either as a dependency before other service (eg. generate ssh keys) or as a response to something that happens (path conditions, or a template unit) [08:06] --no-block may be a reasonable workaround, but this doesn't change the fact that the service should not wait indefinitely [08:08] heyas! [08:09] pstolowski: morning [08:09] moin moin [08:10] everyone joining :) morning mvo & kalikiana [08:10] good morning mborzecki [08:10] hey kalikiana [08:21] hey guys [08:21] mborzecki is the service bug a regression? [08:21] if so I bet mvo will want to know [08:21] zyga: I do want to know [08:22] mvo: https://forum.snapcraft.io/t/oneshot-daemon-freezes-install-on-start-snap-foo-unset-services/3894 [08:22] zyga: not a regression, technically it was there before [08:25] mborzecki: nice find [08:26] mvo: what happens is that if a oneshot service hangs/loops/does not termine, snapd will be stuck in start-snap-services task [08:26] s/termine/terminate/ [08:26] mborzecki: yeah, I was just readoing it [08:27] mborzecki: thats really unfortunate, I wonder if --no-block in systemctl might help [08:28] i'm looking at some options, like not starting oneshot tasks, adding --no-block (complicates systemd interface internally), adding TimeoutSec= in *.service (the timeout is fairly arbitrary and probably incorrect in some edge cases) [08:28] mborzecki: thanks for looking into this [08:29] mvo: frankly i'm leaning towards not starting oneshot services at all [08:29] PR snapd#4621 closed: tests: skip alsa interface test when the system does not have any audio devices [08:30] PR snapd#4618 closed: tests: new snaps to test installs nightly === mthaddon` is now known as mthaddon [08:38] * zyga iterates on layouts and testing [08:38] next up: refreshes that change layouts :) [08:38] *that* will be interesting [08:41] jamesh, hey, good morning [08:55] did you guys watch the falcon heavy launch yesterday? [08:58] zyga: yeah, quite spectacular. [08:59] I watched it by accident (I got a tip from kissiel) and wow, it was crazy, like watching a sci-fi movie [08:59] *live* [08:59] :) [08:59] * zyga found some bugs in layout validation [08:59] time to fix that [08:59] (too conservative) [08:59] nothing to worry about [09:00] mvo remember before we had spread? [09:00] it was like driving blind [09:00] zyga: I don't, my therapist helped me with that [09:00] * mvo pats the emacs therapist [09:00] haha, good one [09:01] zyga: but indeed, totally agree [09:01] -5C outside, brrr [09:01] let's rethink that validator === chihchun_afk is now known as chihchun [09:23] PR snapd#4623 opened: wrappers: do not start oneshot services [09:23] there's probably a spread test that will fail as a result of ^^ [09:29] * kalikiana coffeeeeee [09:30] * zyga notices a movie crew outside his house [09:30] kalikiana khaaaaaaan [09:31] there's a fake police car, fake news crew and fake people doing an interview [09:31] they use this site for some sitcom or other local TV thing once in a while [09:31] I wonder if I was in the shot, helping my daughter go to school [09:31] they didn't stop filming, maybe just a dry run [09:32] zyga: they are shooting a new sitcom - the big O theory - guess who the starts will be ? [09:32] haha :) [09:33] * mvo stops being silly and makes more tea [09:33] is it also freezing for you mvo? [09:38] zyga: a little bit of snow fell this morning, ~5am [09:38] zyga: it's just sitting on the glass patio table, pondering life [09:38] melting away [09:38] like all of us [09:38] ;-) [09:38] no, actually [09:38] * zyga is in a good mood today [09:39] zyga: your comment on my MatchCounter PR, could you expand it? [09:39] yeah, let me pull the diff tab [09:39] w.partial is empty [09:39] oh [09:39] man [09:39] I should not comment late at night === chihchun is now known as chihchun_afk [09:39] nothing :) [09:40] I got rid of it [09:40] I somehow read that bytes.IndexByte() was called on w.partial [09:40] ueh ueh ueh, or something [09:40] zyga: its around 0 here [09:41] Chipaca: I guess you want to rebase my PR on top of this ;)? [09:43] zyga: https://i.imgur.com/Wcj6Swd.png [09:43] zyga: censorship! [09:43] :-) [09:43] oh? [09:43] I didn't delete your comment, I just deleted mine [09:43] I guess it killed your comment that wasn't loaded in my tab [09:44] mvo: more like: if you think it'll improve things, I can push a commit to your PR that uses this [09:44] Chipaca: its more general than mine, so +1 for this [09:44] mvo: ok, i'll push a commit to yours as soon as this lands [09:44] ta [09:45] that was a subtle clue that I should review it, right? [09:45] today I'm going into london, so a lot of time on public transport with little/bad connectivity, and I'm going to miss the standup [09:45] mvo: not at all [09:45] mvo: I mean, I wasn't subtle [09:45] :-D [09:45] lol [09:46] * mvo hugs Chipaca [09:46] Chipaca: i have mixed feelings about 4632 too, idk, maybe it'd be best to leave the code as it is now, this guys code is probably wrong [09:47] mborzecki: FWIW i think we _should_ expose startup timeout, and conditionals, and have some extra magic for oneshots where we don't hang but still handle it, but it's a lot of work for something that, in this case, is probably dev error [09:47] I mean: why would a mount process hang [09:47] Chipaca: otoh, it's not really possible to interrupt this, ^C has no effect [09:48] mborzecki: in that abort doesn't abort? [09:48] Chipaca: yeah, i have a snap with an app that loops inside and i cannot abort the installation [09:48] mborzecki: we probably want to make systemctl use the brand new osutil.RunWithContext :-) [09:48] and bubble context into systemd [09:49] OTOH it might be better to make start use --no-block and then poll, like we do with stop [09:49] zyga: what are fake people? robots? ;-) [09:49] (i mean, without it, systemctl is doing the polling) [09:49] kalikiana just actors ;) [09:49] kalikiana: kardashains [09:49] lol [09:50] Chipaca: hmm right, let me take another look at the code [09:50] s/kardashians/osbournes/ [09:50] mborzecki: OTO²H context + (no-block + poll) is probably the real winner [09:51] mborzecki: OTO³H probably a lot of work [09:51] yeah, sounds backlog worthy [09:51] mborzecki: OTO⁴H I'm running out of superscripts [09:51] * sparkiegeek wonders how many hands Chipaca has [09:52] mborzecki: OTO⁽ⁿ⁺¹⁾H, you'll never know [09:52] Chipaca: RunWithContext was merged right? [09:52] mborzecki: yes [09:53] mborzecki: but killing systemctl might not dtrt wrt systemd, which is why i said it might be better to do the more detailed work [09:53] but you could use it as a base, or phase 1, or sth [09:53] * Chipaca gives up, and starts getting ready to leave [09:53] probably better than stalling [09:54] mborzecki: first, see if killing systemctl stops the eternal oneshot [09:54] 'eternal oneshot' [09:54] if so then robert is your mother's brother [09:54] or something [09:55] Chipaca: right, it did, the unit was stopped [09:56] perfect then :-) [09:56] trivial PR for someone, pretty please [09:57] 4624 [09:57] PR snapd#4624 opened: snap: apply some golint suggestions [09:58] mmm, golint fixes [09:58] zyga: ValidAppName returns true if if given string is a valid application name. [09:59] zyga: and if if not? [09:59] well, it returns false ;) [09:59] zyga: I mean, too many ifs [09:59] oh [09:59] I see now [09:59] thanks [10:00] this isn't me getting into the "oh it should be whether" thing [10:00] which I have learned is pedantic :-) [10:00] another good point [10:00] I never write that word [10:00] because I'm always afraid I will say weather [10:00] or actually, write weather [10:00] if if you see what I mean [10:00] zyga: maybe it's just a tsundere comment [10:01] a what comment? [10:01] PR snapd#4625 opened: daemon: remove redundant UserOK markings from api commands [10:01] Chipaca: ^- is what we talked about last night [10:01] zyga: maybe you don't want to know [10:01] mvo: ack [10:01] * Chipaca looks [10:01] Chipaca: I hope this makes things for my future self easier to grok [10:03] mvo: when the mythical "no more features, just fixes and cleanup" year arrives, I grab "rewrite daemon" [10:03] anyhow, I need to run [10:03] o/ [10:04] telegram is your best bet to reach me (or whatsapp fwiw) [10:04] mvo "what the canAccess() policy." ... what? [10:04] Chipaca: see you [10:05] zyga: not sure I follow, did I write something in an unclear way? [10:06] I think it ends abruptly [10:06] "what the canAccess() policy means." maybe? [10:07] unless it was meant to be "polices" (the verb) [10:08] PR snapd#4626 opened: daemon: improve ucrednet code for the snap.socket [10:08] ah, just the "what" is too much [10:10] mvo, hey, #4579 can land, right? it got +1 from security in the old PR? [10:10] PR #4579: many: add interfaces.SystemKey() helper [10:13] pstolowski: I think so, but zyga asked for a tweak (which I can do in a followup if this helps you) [10:13] mvo can be in a follow-up yeah [10:13] mvo especially since there's a new function to extract out of that logic [10:14] pstolowski, zyga I work on the followup and then work on the other two (smaller) ones [10:14] mvo, no, it doesn't change much for me (need other PRs as well), it's just 1 less to look after ;) [10:14] PR snapd#4579 closed: many: add interfaces.SystemKey() helper [10:15] FYI: the snappy store is in a maintenance window until 11:00 UTC (see https://forum.snapcraft.io/t/snap-store-maintenance-dashboard-february-7-10-00-11-00-utc/3866 ) [10:15] oh, thanks for the heads up sparkiegeek [10:18] zyga: hm, the release/apparmor.go code is doing the inverse of what I need, so I guess I just move my code there? or am I missing something? [10:18] yes [10:18] just move it there and perhaps reuse your code in the computation of what was already there, if feasible [10:19] hmm, store is doing 503 [10:19] is that expected sparkiegeek [10:21] zyga: yes, but it should be coming back up now [10:36] PR snapd#4627 opened: release, interfaces: add new release.AppArmorFeatures helper === mborzeck1 is now known as mborzecki [10:37] pstolowski: left you a comment about truncation, feel free to ignore it, i think it would complicate the internals a bit too much [10:40] mvo 4627 is almost good [10:40] mborzecki, thx, will check [10:45] PR snapd#4623 closed: wrappers: do not start oneshot services [10:46] whee [10:46] spread now passes [10:47] ok, let's upstream the changes and work on hardening so that jdstrand doesn't turn grey on release day [10:52] store maintenance is now over, please report any issues on the forum thread: https://forum.snapcraft.io/t/snap-store-maintenance-dashboard-february-7-10-00-11-00-utc/3866 [11:26] PR snapd#4613 closed: release: snapd 2.31 [11:26] woot :) [11:26] mvo, hey, we are ready to go to candidate [11:27] so no more RCs? :) [11:27] no [11:27] cachio_: yes [11:28] cachio_: actually, give me ~20min to check the autopkgtest results on bionic [11:28] mvo, sure [11:28] cachio_: if these are bad we *migth* need a .1 [11:29] uhhn the changes allwoing cancelling of systemctl start are ugly [11:30] cachio_: looks like we do have some issues in autopkgtest due to the different environment. oh well. [11:30] mvo, which is the link? [11:31] mvo, could I take a look? [11:31] cachio_: http://autopkgtest.ubuntu.com/browse.cgi/packages/s/snapd and follow the bionic links [11:31] cachio_: one strange one is unit test for TestDoREquestSerialErrorsOnNoHost [11:31] cachio_: but it looks like a random assortion [11:35] mvo, I see that a failure in the interfaces-timeserver-control is breaking the whole suite [11:35] for amd64 [11:36] cachio_: yeah, I have not looked into the details yet but it seems there are some failures we need to look at :/ [11:36] cachio_: slightly annoying that its so hard to test autopkgtest for real [11:38] PR snapd#4628 opened: spread: add missing ubuntu-18.04-arm64 to available autopkgtest machines [11:39] cachio_: some is rather trivial like -^ [11:39] mvo, yes, I'll work on that [11:40] cachio_: thanks [11:40] zyga: looks like we need an s390x build for snapd-hacker-toolbelt [11:40] cachio_: and one for test-snapd-kernel-module-consumer for s390x [11:40] cachio_: but I guess we should focus on amd64/i386 first [11:41] mvo, yes, agree [11:41] mvo, isn't it nice, that s390x is no longer a restricted arch and one can just tick the tickbox for it ;-) [11:41] mvo aha [11:41] mvo in a moment, I'm busy for 15 minutes [11:41] mvo, not sure if we are able to create a bionic image in linode [11:42] xnox: it is! [11:42] as it is not stable [11:42] cachio_: I don't think this will help us much [11:42] cachio_: my feeling is that the images are not the problem [11:42] cachio_: its that the autopkgtest env is more restricted [11:42] mvo, ah, ok [11:42] cachio_: for whatever reason [11:43] cachio_: it really should not be, we run in a full VM and added hints that we mess the host up but e.g. timezone setting is denied [11:43] mvo, thanks for 4627! [11:43] mvo, how do you do to trigger the tests? [11:43] cachio_: or maybe it is actually bionic, might be easiest to just run against qemu to see if something in e.g. systemd failed [11:43] cachio_: s/failed/changed/ [11:44] cachio_: thats the sad part - to trigger the tests I need to upload the package to the real archive [11:44] cachio_: this is my grief with adt - there is no easy way to test against e.g. a ppa [11:45] mvo, ok, I'll start runnig in qemu and then if we have a 100% we can go forward [11:45] cachio_: great, I keen to know if e.g. the timezone failure is related to bionic or adt [11:48] mvo, so, should I promote to candidate? [11:49] mvo, I can do it after the standup [11:51] mvo, I have a doc appointment now, I'll be bac for the standup [11:52] * cachio_ afk [11:58] mvo sorry I'm back now [11:58] I just sold my x250 [11:58] so, about that build for s390x [12:02] mvo, I wonder how we can build one, will snapcraft.io do it? [12:03] zyga: launchpad can do it, if you have snap building enabled on it [12:03] zyga: then you can just click on s390x as an arch [12:03] pstolowski: the next one (re-generate on system-key change) will arrive as soon as 4627 is green [12:04] mvo, great! [12:04] mvo, let me look, I honestly don't remember how I built it [12:04] pstolowski: then i think its just #3471 and its done [12:04] PR #3471: snap: make `snap run` look at the system-key for security profiles [12:04] pstolowski: not sure if you need this piece for your work though [12:04] cool [12:04] ah, it's on launchpad allright [12:04] mvo: shall I just rebuild for all arches? [12:05] zyga: +1 [12:05] mvo, ah, if this is only about snap-run then no [12:05] mvo, man, I can even build for powerpc :) [12:05] would that work? [12:05] or is it just fake? [12:06] zyga: I think it will work [12:07] zyga: we could even build a core for powerpc now if that is fully enabled [12:07] https://launchpad.net/~zyga/+snap/snapd-hacker-toolbelt [12:07] builds are pending [12:11] that will be an interesting refresh :) [12:12] I should adopt one of the new features in snapcraft and generate version dynamically [12:13] * pstolowski lunch [12:14] mvo all done [12:14] wow, [12:17] PR snapd#4624 closed: snap: apply some golint suggestions [12:20] * zyga re-reads 4622 === jospoortvliet is now known as jos === jos is now known as jospoortvliet [13:00] PR snapd#4627 closed: release, interfaces: add new release.AppArmorFeatures helper [13:04] PR snapd#4629 opened: ifacestate: only rewrite security profiles if the system-key changes [13:12] PR snapd#4630 opened: snap: sort layout elements before validating [13:25] + systemctl stop snapd.service snapd.socket [13:25] Job for snapd.socket canceled. [13:25] I wonder what this was, is this something that we fixed in another context before? [13:25] ^ cachio_ (perhaps you remember) [13:30] mvo ^ trivial 4630 [13:30] zyga: ta! [13:31] I have one more on top, also trivial but separate issue [13:32] jdstrand 4631 is super trivial but for you [13:33] PR snapd#4631 opened: cmd/snap-confine: allow mounting anywhere, effectively [13:33] jdstrand this is a side effect of a fully working spread test, which is coming up in two branches from now [13:34] once the test lands I will start pushing hardening for snap-update-ns, knowing that I didn't break anything [13:53] PR snapd#4626 closed: daemon: improve ucrednet code for the snap.socket [13:56] what's a "gated snap"? [13:57] diddledan snaps can use gating to ensure QA constraints [13:57] * diddledan read the snapcraft --help and found `snapcraft gated` and `snapcraft validate` [13:57] you can use it to ensure that refreshes will happen only after you sign that off as not breaking your snap [13:57] so what's "gating"? [13:58] so. you can, for example, have a super important snap that you want to support 24/7 [13:58] gating is the whole process [13:58] and you control your snap so that part is easy [13:58] but the core snap can introduce bugs so you want to have a way to validate them [13:59] if you have validation control on the core snap you can say that the core snap will refresh only if you say that your snap works with a given revision of the core snap [13:59] (core can by any other snap but it's typically core) [13:59] obviously this only applies if your snap is installed [13:59] it's a way to check that you can conform to your contractual agreements most likely [13:59] where you can check each new core revision and "ack" it [13:59] (for the purpose of your snap) [13:59] does that make sense? [13:59] no [14:00] clear as mud :-p [14:00] can you be more specific? [14:00] I'm just thick [14:00] I can give you an example if that helps [14:01] "Get the list of snaps and revisions gating a snap." means nothing to me [14:01] gets the list of snaps and revisions that _block the snap from refreshing_ [14:01] can we change the verbiage then? [14:02] change what, sorry? [14:02] "gating" is a term which requires intimate knowledge of what it means to "gate" [14:02] yes, we use many words that require one specific knowledge [14:02] "block", "blocks" and "blocking" are much more appropriate words if that's what is happening [14:02] but I think that's unavoidable and not a problem as long as they are clearly explained somewhere accessible [14:03] it's not just blocking, it's more subtle [14:03] ... which they're not (explained somewhere accessible) [14:03] the users can override that [14:03] diddledan please raised this with kalikiana as I think this is a snapcraft documentation [14:04] PR snapd#4632 opened: Fixing denial for when using avahi-observe slot [14:06] * zyga -> lunch [14:09] diddledan: It's not really explained there, that's true. Would you mind filing a bug for it? [14:20] jdstrand thank you, I replied to your question if you want to look at why I needed this [14:21] PR snapd#4631 closed: cmd/snap-confine: allow mounting anywhere, effectively [14:35] * kalikiana hopping on a tram towards coffee shop for lunch, back in ~60min max [14:41] PR snapd#4628 closed: spread: add missing ubuntu-18.04-arm64 to available autopkgtest machines [14:42] PR snapd#4633 opened: snap: introduce timer service data types and validation [14:47] mborzecki can you please look at 4630, it's tiny and it's just adding sorting + tests [14:47] looking [14:47] cool, thanks [14:48] * zyga looks at other PRs [14:48] mvo: cachio_: here are the failures for linode:ubuntu-16.04-64:tests/main/... with SPREAD_REMOTE_STORE=staging , I think most of them are missing snaps/old snap revisions, not sure about the core transition; canonical-livepatch and lxd we could skip though I think, the other it would be good to fix: https://pastebin.ubuntu.com/26534904/ [14:49] mborzecki you have a conflict on 4633 [14:50] and it looks like what I did, sorry [14:50] pedronis: I think core-transition, lxd, livepatch we should skip yes [14:50] zyga: /me nods [14:50] mvo do you think we could disable tests for core transition? [14:50] zyga: probably [14:50] jdstrand thanks for acking the dbus fix [14:51] mvo if you do 2.31.1 I would suggest cherry-picking 4632 [14:51] zyga: we do a .1 [14:51] I'll mark it [14:52] zyga: ta [14:52] zyga: ok if i rebase? [14:52] mborzecki quickly :) [14:53] haha ok [14:54] pedronis, ok, I'll take a look [14:55] zyga: pushed [14:59] PR snapd#4605 closed: snap: detect unsquashfs write failures [15:00] oh, kids home [15:00] brb [15:02] zyga: you reviewed 4491 earlier but did not do a +1 - did you forgot or was the review not complete? [15:04] checking [15:06] mvo I need to re-read that [15:10] PR snapd#4634 opened: tests: check if snapd.socket is active before stoping it [15:16] mvo: I'm trying to allow store login in the installer. One possible solution would be to: [15:16] 1) stop/disable snapd.service/snapd.socket (the one running in the live session) [15:16] 2) manually start snapd inside the /target chroot [15:16] 3) a client can now talk with the chrooted snapd through /run/snapd.socket [15:16] Do you think that (1) and/or (2) could create any side effect? [15:18] andyrock: do you expect to be able to run snaps in the end? [15:19] andyrock I didn't check what would happen with chroot [15:19] probably it'd be okay [15:19] snapd has some logic to reassociate itself with the mount namespace of pid 1 [15:20] but since this is the same namespace, just different chroot, it should not trigger [15:20] zyga: that's not necessary [15:20] for livepatch we can actually enable it at first run without problems [15:20] I just need to login into the store [15:20] so that the state.json has the valid entries [15:22] I need (1) otherwise the live-session-snapd will activate [15:25] andyrock: I don't see any immediate problem, give it a go [15:27] thanks [15:34] mvo do you want me to cherry-pick 4632? [15:35] PR snapd#4632 closed: Fixing denial for when using avahi-observe slot [15:39] zyga: sure go for it [15:43] pushed [15:47] re [15:49] mvo: mborzecki: did either of you mean to +1 #4622 and didn't? [15:49] PR #4622: strutil: introducing MatchCounter [15:50] or -1 or sth :-) [15:50] Chipaca +1 from me [15:50] though I didn't comment [15:50] let me [15:50] I read it a few times but I was in some wrong zone I guess [15:50] it's fiddly :-) [15:51] rather like round.Robin [15:51] :-) [15:54] hmmm [15:54] Chipaca so [15:54] do you need a flush? [15:54] on diff line 62 there [15:54] what guarantees that w.partial will be eventually inspected [15:55] zyga: it only matches full lines [15:55] zyga: either you wrote a full line, and got counted, or you didn't and it's in partial [15:55] \n is a flush, in that sense [15:55] mhm [15:55] to make it generic and not line-oriented a flush or something would be needed [15:56] okay [15:56] I think it's fine, YAGNI untill we need to do that [15:56] hmm [15:56] actually [15:56] you could use it without being line oriented [15:56] though I don't need that either [15:56] just wonder if it would be equally genreric [15:56] *generic [15:57] zyga: it very much uses the \n as the flusher [15:57] I'll let others comment [15:57] yeah [15:57] so yes you can use it, but it'd be unpredictable [15:57] regexpes are hard :) [15:57] and that :-) [15:57] it could compute the derivative of the re based on the partial input [15:57] and reset the re when it is empty [15:57] not needed [15:57] ;) [15:59] zyga: OTOH, instead of w.Flush() do w.Write([]byte{'\n'}) :-) [16:00] zyga: a more general thing would have two regexps (or deduce one from the other but that's Hard), one for matching, one for deciding whether to keep a chunk [16:01] eh [16:01] I think you can just use one RE and feed it incrementally (computing the derivative) [16:01] though I haven't seen any stdlib implementation that does that [16:01] essentially streaming [16:02] it'd require the regexp be front-anchored though, i think [16:02] i mean, the regexp for the sqlite failures is literally `.*[Ff]ailed.*` [16:03] mmmm [16:03] (it could be made to be `.*\b[Ff]ailed\b.*` for more nitpickiness) [16:03] I don't think it would, why would it? [16:03] derivative is a generic operation [16:04] zyga: because as soon as it starts with .*, you can't decide ahead of time [16:04] the answer always is 'yes this might match' [16:05] the derivative of ".*" over any character is ".*" [16:06] (aside: I'd love to understand why it's called the derivative) [16:06] but ".*foo.*" over "f" is "oo.*|.*foo.*" (probably) [16:06] dunno, you can ask the inventor [16:06] he's still alive [16:07] 82 and at princeton, huh [16:07] * zyga reads that page again [16:07] https://en.wikipedia.org/wiki/Brzozowski_derivative [16:07] zyga: but, er, i'm not sure how the derivative would let you decide whether to discard it early [16:09] I think the re will effectively remember what you threw at it [16:12] ahhh [16:12] I'd misunderstood :-) [16:12] * Chipaca reading pdf [16:13] Suppose we are given an RE r and a string u and we want to determine if u ∈ L[[r]]. We have u ∈ L[[r]] if, and only if, ε ∈ L[[∂u r]], which is true exactly when ε = ν(∂u r). Combining this fact with the definition of ∂u leads to an algorithm for testing if u ∈ L[[r]]. [16:13] * Chipaca puts pdf down [16:18] Chipaca always read the conclusion first [16:18] then the abstract [16:18] then the rest [16:19] Chipaca I have a problem, wondering if I solved it right [16:19] https://github.com/zyga/snapd/commit/2784dc9bed05c9afb06ecbcec43328b61563c125 [16:20] zyga: am I looking at the problem, or the solution? :-) [16:21] the solution [16:22] zyga: ok tell me about the problem [16:23] zyga: or is that what's in the commit message? [16:23] yeah, that [16:23] feels hackish [16:24] maybe correct but hackish [16:24] zyga: at what point are these paths getting cleaned? [16:25] they are not cleaned, they are verified to be clean [16:25] it's on line 468 in the diff context (left hand side) [16:25] isAbsAndClean [16:26] zyga: right, so, filepath.Clean drops trailing /s (except for root) [16:27] that is, filepath.Clean("/foo/") is "/foo" [16:27] yes, right [16:27] we require that (and check for it) [16:27] ok [16:27] and then for directories we slam that "/" at the end [16:27] and where "for directories" I mean for tmpfs mounts and for non-file bind mounts [16:27] zyga: then why the check for trailing /s in effectivePath? [16:28] ah, good question [16:28] in case $SNAP expands to /snap/core/123/ [16:28] vs 123 [16:28] I just didn't want to be fragile there [16:30] ok [16:30] zyga: i wasn't concerned about being defensive, i was concerned about a muddled "clean filepath" barrier [16:31] OTOH I suspect whatever expands $SNAP should be cleaning it as well [16:31] mmm [16:31] I'm not cleaning there [16:31] yeah [16:31] separate patch, let's see it [16:32] done now [16:32] zyga: isn't this blocking a file /foo/bar if /foo/bartholomew is in the blacklist? [16:33] aha, indeed [16:33] hmm hmm :) [16:33] first, let's add a test so that I know it's broken [16:34] zyga: ExpandSnapVariables does clean its returns fwiw (maybe it should document this) [16:35] it does? [16:35] I tweaked it to do it now [16:35] or are you saying that os.Expand cleans [16:35] zyga: I'm saying it returns things that are the result of filepath.Join [16:35] as for the /foobarthomesomething, we could check for prefix if the blacklist item ends with / [16:35] zyga: and filepath.Join is documented as cleaning its result [16:35] and check for equaility otherwise [16:35] aah [16:36] zyga: would it be hard to keep files and dirs separate? [16:36] not sure I know how [16:36] can you be more specific? [16:37] zyga: have two blacklists, and have effectivePath return whether it's one or the other as a bool? [16:37] hmm [16:37] but I'd have to check the directory blacklist for files as well [16:37] if /foo is a tmpfs mount then I must reject /foo/bar [16:38] even if /foo/bar is a file bind mount [16:38] zyga: hmm [16:39] zyga: another option is for effectivePath to return interfacy things, and use separate concrete classes for one and t'other [16:39] i'm not sure i'm communicating sense [16:39] such as IsBlacklisted() os something [16:39] yeah, that would work [16:39] I mean, I'd still check the same thing but it might be less magic [16:39] zyga: it'd keep the / fiddliness isolated [16:40] zyga: the blacklist check would be 'for interfacyThing in blacklist: interfacyThing.frobbles(otherInterfacyThing) [16:40] or sth [16:40] yeah [16:41] thank you for spotting the bug :) [16:41] heh, np [16:43] https://github.com/snapcore/snapd/pull/4633 needs a 2nd review [16:43] PR #4633: snap: introduce timer service data types and validation [16:43] PR snapd#4622 closed: strutil: introducing MatchCounter [16:43] zyga: tea, and i'll look at it [16:43] ha [16:43] I found my old tea [16:43] from yesterday evening [16:43] it has rum in it :) [16:43] sadly i have no rum (and it's a little early) [16:44] best i can do is port [16:44] but that doesn't sound like it'd work [16:44] see also https://www.youtube.com/watch?v=JImcvtJzIK8 [16:45] hehe, someone is triggered on rum :D [16:46] so [16:46] the travis log page officially sucks [16:46] it's horrible [16:46] it's so slow an iframe would be a godsend [16:46] and it's forcibly loaded when all I want to do is to hit "retry" [17:10] Chipaca I wrote the dumb version and I'll rebase and work on the smarter version next [17:16] mvo: you around? [17:20] Chipaca: ish - what can I do? [17:20] niemeyer: hey, a lot of our builds started failing over the past couple of days, it's usually a single run that times out on travis because the task seems stuck at updating apt (https://travis-ci.org/MirServer/mir/builds/338519402) - I tried enabling debugging from spread, but travis didn't like the amount of logging (https://travis-ci.org/MirServer/mir/builds/338550499) [17:20] mvo: i'm tweaking the error output of unsquashfsStderrWriter, thought I'd check with you first [17:20] niemeyer: any idea how to proceed? [17:20] Saviq: disable ipv6? [17:20] at a guess [17:21] * Saviq raises brow [17:21] Saviq: we had a lot of hangs in linode during apt update with ipv6 enabled [17:21] Saviq: seems to be a problem with talking with whatever the mirror was? cachio__ might know more [17:22] interesting! [17:31] jhodapp hey [17:32] zyga, hey there [17:33] Chipaca: sure, tweaking sound sgood [17:34] mvo: any rationale for it being 10 failures long, for example? it seems to result in a rather long message :-) [17:34] man, travis doesn't love me [17:36] Chipaca: no good reason, 4 is probably equally fine [17:36] mvo: perfect :-D [17:37] Chipaca: or 3 [17:37] Chipaca: I just think too little is not ideal as we really have no idea [17:37] mvo: are they always in groups of 3? [17:37] mvo: otherwise, 4 seems better [17:37] Chipaca: I need to look, I suspect not [17:38] Chipaca: gtg, but will read backlog [17:38] mvo: ok, if you could at some point, it can be part of your review of this ;-) [17:38] * Chipaca hugs mvo [17:38] Chipaca: sure [17:38] * mvo hugs Chipaca and vanishes [17:40] Saviq: That timeout on apt is usually associated with IPv6 [17:40] Saviq: Disable IPv6 on the prepare script before trying to use apt and it should work [17:41] Saviq: https://github.com/snapcore/snapd/blob/master/spread.yaml#L294 [17:44] yeah, /me just stole that [17:44] erm [17:44] borrowed, you know [17:44] I'll give it back [17:50] mvo: https://github.com/mvo5/snappy/pull/17 is the thing (i also pushed a merge of master to your pr directly, to make this one's diff easier on you) [17:50] PR mvo5/snappy#17: snap/squashfs: change unsquashfsStderrWriter to use MatchCounter [18:09] PR snapd#4630 closed: snap: sort layout elements before validating [18:10] PR snapd#4635 opened: snap: add support for `snap run --gdb` [18:11] oh, cool stuff mvo [18:12] oo [18:15] mvo quick review out [18:15] zyga: cool, thanks [18:16] Chipaca 4636 is what we talked about sans the interface indirection [18:16] zyga: good feedback, thank you. will address those, the message also needs tweaking I think. it was mostly a flash of inspiration that I wanted to check if it would work (i.e. use gdb from outside and the shim to break at the right point) [18:16] PR snapd#4636 opened: snap: understand directories in layout blacklist [18:18] Saviq, sorry for the delay, which images are you using? [18:19] sabdfl, we have ipv6 disabled in linode images to avoid timeouts/connection issues [18:19] mvo I looked at your earlier PR but I'm at a stage where thinking requires a 7AM freshness [18:19] zyga: haha, no worries [18:19] zyga: I think I could probably untangle them but there will be conflicts [18:19] no, that's fine [18:19] zyga: so that stacking was easier [18:19] zyga: ta! [18:20] I just need to look at it carefully as it changes a few things in an area that is tricky [18:20] cachio: do we need 4634 for .31 ? [18:21] cachio: if we do, please shoot me a quick mail with the commit id and I will cherry-pick [18:21] mvo, no, it is just for an error that we see in linode [18:21] cachio: ok [18:21] PR snapd#4634 closed: tests: check if snapd.socket is active before stoping it [18:22] woot, I'm one PR away for spread test for layouts [18:23] niemeyer, do you have any idea about what could be causing this error on linode? https://paste.ubuntu.com/26537045/ [18:27] cachio: probably https://twitter.com/gniemeyer/status/961273050707693569 [18:27] Chipaca, nice [18:28] tx [18:34] * zyga -> afk [19:23] niemeyer, I still can't run tests on linode, is it the same issue that we faced previously? [19:23] cachio: I'll soon be with you [19:23] sure [19:30] hmm, potential ux regression in 2.31? https://bugs.launchpad.net/snapd/+bug/1747992 [19:30] Bug #1747992: Refreshing to a newly created channel but immediately stopped tracking [20:23] sparkiegeek: Huh.. weird [20:23] sparkiegeek: Yeah, definitely worth looking into [20:54] cachio: Still there? [20:59] niemeyer, [20:59] cachio: So yeah, these errors look like Linode breaking down [20:59] niemeyer, https://paste.ubuntu.com/26537730/ [21:00] these kind of errors I see [21:00] cachio: In general Spread can automatically recover from them, though, and the fact we have several workers per systems means no big deal [21:00] niemeyer, it is related to the quota limits? [21:00] niemeyer, it is trying to connect to the vm and nothing [21:01] it tries until it breaks [21:01] it fails [21:01] cachio: It's not quota.. it's corruption [21:01] cachio: They have severe bugs in their API services.. apparently races [21:01] niemeyer, I checked debian-9 and we have ipv6 enabled there [21:02] I could not check in trusty [21:02] cachio: Let me see which machine is creating problems.. just a sec [21:02] niemeyer, sure [21:03] cachio: There are machines with an empty plan ID [21:04] cachio: Which gives you an idea of how nice it is [21:04] niemeyer, ouch [21:07] niemeyer, are you killing these ones? [21:08] davidcalle (cc sergiusens): fyi, https://docs.snapcraft.io/deprecation-notices/dn5 uses the wrong header 'DN2'. It should be 'DN5' [21:09] cachio: I've run a full pass of garbage collection [21:09] cachio: Please give a shot [21:11] niemeyer, it is still having same issue [21:11] Okay, hold on [21:11] niemeyer, well, now got 1 serve [21:11] r [21:12] cachio: What does that mean? [21:12] niemeyer, it is workfing now [21:12] cachio: Phew, cool [21:13] niemeyer, thanks [21:20] cachio: np, let me know if you have more bad cases blocking you [21:20] cachio: I'll need to speed up our move over, likely to Google Compute [22:09] now to get some rest and fight tomorrow [22:35] Hi everyone, I'm struggling to build an Ubuntu Core image as per the steps on the introduction page: https://docs.ubuntu.com/core/en/guides/build-device/image-building [22:35] I keep getting COMMAND FAILED: sudo cp -dR --preserve=mode,timestamps,ownership /tmp/tmpuv44url8/root/* /tmp/tmp7yr_gzqx/root-mount cp: error writing '/tmp/tmp7yr_gzqx/root-mount/system-data/var/lib/snapd/snaps/core_3884.snap': No space left on device cp: error writing '/tmp/tmp7yr_gzqx/root-mount/system-data/var/lib/snapd/snaps/pi2-kernel_22.snap': No space left on device cp: cannot create directory '/tmp/tmp7yr_gzqx/root-mount/s [22:35] When I try to do the "ubuntu-image" command [22:36] slanigan, any chance you're out of HD space? [22:37] df -h reports this: [22:37] Filesystem Size Used Avail Use% Mounted on udev 7.8G 0 7.8G 0% /dev tmpfs 1.6G 9.7M 1.6G 1% /run /dev/sda1 432G 259G 157G 63% / tmpfs 7.8G 130M 7.7G 2% /dev/shm tmpfs 5.0M 4.0K 5.0M 1% /run/lock tmpfs 7.8G 0 7.8G 0% /sys/fs/cgroup ... /dev/loop8 3.9M 52K 3.3M 2% /tmp/tmpvn70tzdq/root-mount <<<<<<<< [22:38] That's a shortened list, but the /dev/loop8 entry is while ubuntu-image is trying to do its thing