/srv/irclogs.ubuntu.com/2018/02/12/#snappy.txt

mborzecki	morning	06:10
mup	Bug #1700560 changed: “snap find” returns confusing results <Snappy:Fix Released> <Snap Store:Invalid> <https://launchpad.net/bugs/1700560>	06:53
zyga	hello	07:29
zyga	sorry for being late	07:29
zyga	mborzecki how are you doing? :-)	07:29
mborzecki	zyga: hey	07:29
mborzecki	it's snowing outside (again)	07:30
mborzecki	zyga: have i missed anything interesting on friday?	07:30
mvo	hey zyga and mborzecki	07:31
zyga	haha, same here :-) snow snow snow	07:31
zyga	good morning mvo	07:31
mvo	here as well!	07:31
mvo	snow!	07:31
mborzecki	mvo: morning	07:31
zyga	well, I had a great Friday EOD except for one test that made me think all weekend about it	07:31
mborzecki	zyga: what was the test?	07:33
zyga	https://github.com/snapcore/snapd/pull/4644	07:33
mup	PR #4644: tests: add a spread test for layouts <Created by zyga> <https://github.com/snapcore/snapd/pull/4644>	07:33
zyga	look at the diff first	07:33
zyga	it passes everywhere but on core	07:33
zyga	jamesh hello	07:34
mborzecki	btw. this is what mikołajki looks like this time of the year: https://imgur.com/a/1Np8S	07:36
zyga	oh, we have a bug report hidden on github: https://github.com/snapcore/snapd/pull/3889#issuecomment-364637980	07:36
mup	PR #3889: interfaces: mount host system fonts in desktop interface <Created by jhenstridge> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/3889>	07:36
zyga	mborzecki woah, nice!	07:37
zyga	warsaw is full of smog because of inefficient combustion heaters and people burning trash :/	07:37
mborzecki	sounds like every major city during the winter :P	07:38
mborzecki	there's an area in lodz, south-west, towards pabianice, mostly older housing, the air quality meters are usually going all red during the winter	07:39
zyga	yeah, it's all around poland	07:39
zyga	I miss spain, nobody burned trash, it wasn't that cold, air was clean	07:39
mborzecki	it wasn't that cold <-- that's your solution there :)	07:39
zyga	yeah but also everything was heated by gas, not coal/wood/garbage	07:40
zyga	and also a bit more money on average	07:40
mborzecki	zyga: that test failing, `cannot stat /var/lib/snapd/seccomp: No such file or directory` ? another thing, was there no /etc in the snap rootfs?	07:43
zyga	there is /etc in the core snap, we also have writable paths that change how that operates	07:43
mborzecki	zyga: there's a separate path for all this in snap-confine too?	07:45
zyga	nope	07:45
zyga	well, not for layouts	07:45
zyga	I have a suspicion what the problem might be... stay tuned :)	07:45
mborzecki	zyga: right, not for layouts, but for bootstrapping the mount namespace	07:46
zyga	yes, we do have different setup there	07:47
* zyga looks at http://aqicn.org/city/poland/mazowieckie/warszawa/ursynow/ and at http://aqicn.org/city/spain/catalunya/barcelona-eixample/		07:47
jamesh	zyga: hi	07:55
zyga	hey!	07:55
zyga	I merged master into your PR	07:55
zyga	and resolved some conflicts due to a recent big code move	07:56
zyga	jamesh I may also work on that branch further this week, mainly by chopping it down and landing parts while the last validation problem gets solved	07:59
jamesh	thanks. I've been thinking a bit more about the checks jdstrand wanted. If we can't work out a way to reliably reconstruct the mount source from the mountinfo file, I wonder if it would be enough to ensure it is on the right device?	07:59
zyga	jamesh I don't know yet, I need to think about that and focus (just barely woke up)	08:00
jamesh	i.e. if we expect the mount source to be in the user's /run/user/$UID tmpfs, we should be able to reliably check that it is still from that file system after the mount	08:01
jamesh	(e.g. hasn't been replaced by a symlink to /etc on a different device)	08:02
zyga	yes, that's doable	08:02
zyga	one thing we can do is to check that after the mount op finishes there are no more symlinks than before	08:02
zyga	but I need to think about what we might be racing with here	08:02
jamesh	of course, for the xdg-document-portal case, the mount point is in a fuse file system under $XDG_RUNTIME_DIR, so we can't just check the one device number	08:02
jamesh	I think we could do a simple walk backwards through mountinfo before the mount to find out the expected device for the source, and then check the details of the new mountinfo entry afterwards to confirm	08:04
zyga	yeah, that's doable, I think we need to walk both the mount table and the path components and see where we land at each stage (if we follow any symlinks along the way)	08:05
zyga	jamesh btw, I was also wondering about one more thing, if we can simplify the problem by 50% by doing "mount -t stuff /dev/stuff ."	08:06
jamesh	for user mounts, I think it'd be okay to consider any cross-device symlinks to be an error	08:06
zyga	if we mount in the current directory, if that's even doable, we have smaller attack surface	08:06
zyga	not sure if we're going to mount more than fuse filesystems now	08:06
mborzecki	mvo: could you upload a .vendor.tar.gz release files to github releases page for 2.31?	08:07
jamesh	zyga: what do you mean by "mount -t stuff" here?	08:07
zyga	jamesh: pushd && cd /tmp && mount -t tmpfs tmpfs . && popd	08:07
zyga	jamesh no way to attack mount target directory (mount point)	08:08
zyga	and after we cd we can take all our time to investigate where we've landed	08:08
zyga	(we can also write a secure chdir)	08:08
mvo	mborzecki: sure, let me do this	08:09
jamesh	zyga: is that more secure than doing "cd dest; mount --bind /source ." ?	08:09
mborzecki	mvo: thanks	08:09
zyga	no, that's exactly what I meant	08:09
zyga	the idea is to avoid mount /one/path /another/path	08:09
zyga	and to reduce that to /one/path	08:10
jamesh	just wanted to check what would happen when mounting over a symlink: the command line tool dereferences the symlink itself, so that doesn't help much	08:12
zyga	jamesh yeah, that happens at syscall level too, that's why mount(2) sucks so much :/	08:12
jamesh	so who wants to propose a mountat() system call? :)	08:13
zyga	there were some proposals like that	08:13
zyga	but I think it's a bit complex for reasons I don't fully understand	08:14
zyga	there is some reason why it's path based more than just FD based	08:14
zyga	the last thing I remember was ...	08:14
* zyga still searches		08:17
zyga	https://lwn.net/Articles/718638/	08:18
* zyga breaks for breakfast		08:20
alexlarsson	jamesh: hey, did you look at the document portal?	08:23
zyga	hey alexlarsson	08:26
alexlarsson	hey hey	08:26
alexlarsson	You can't get any simple mount() changes in	08:27
alexlarsson	because al viro hates the mount syscall and wants to completely redo it	08:27
alexlarsson	Thus blocking minor improvements	08:28
alexlarsson	Not that i disagree with him...	08:28
zyga	well, a no-follow flag would do wonders	08:32
zyga	but yeah	08:32
zyga	I'd love to see a new API too	08:32
jamesh	alexlarsson: I haven't done a full test of your branch yet. I'll get that done and add some feedback to the PR.	08:32
zyga	(don't really mind if both happen)	08:32
jamesh	there is a fantasy linux mount API described here: https://lwn.net/Articles/718638/	08:33
alexlarsson	What i would love is a bind mount + make readonly in a single call	08:33
alexlarsson	I have some horrendous complicated code for recursive read-only bind mounts :/	08:34
alexlarsson	https://github.com/projectatomic/bubblewrap/blob/master/bind-mount.c	08:35
alexlarsson	this is total bullshit	08:35
alexlarsson	and should just be MS_BIND \| MS_REC \| MS_RDONLY	08:35
zyga	all software evolves till it parses mountinfo ;-)	08:37
alexlarsson	I asked al, and he agreed it was bullshit. But...	08:39
zyga	but nack to small improvements?	08:39
alexlarsson	yeah	08:40
zyga	is he working on the new big API or is it just fossilisation stage and nothing happens?	08:40
alexlarsson	unclear	08:41
jamesh	If you fixed mount() so that flags other than MS_REC were respected when performing a bind mount, how would the app even know?	08:43
zyga	jamesh I think it'd require a MOUNT_EXTRA_FLAGS flag or something similar to indicate desire to use a richer interface	08:44
zyga	or an entirely new syscall	08:44
jamesh	zyga: the syscall is currently documented as ignoring other flags, and the call is likely to succeed on an old kernel anyway	08:45
jamesh	so you'd need to check after the fact to see if they were applied	08:45
zyga	too messy, the idea is to make userspace easier, not just hard but different	08:46
zyga	given what you said a new syscall is really needed	08:46
alexlarsson	jamesh: child of MS_MGC_VAL ?	08:47
jamesh	If they'd instead made it an error to specify the flags that it currently ignores, there'd be something user space could check for	08:48
alexlarsson	yeah	08:48
alexlarsson	but that would make sense!	08:48
zyga	haha	08:48
zyga	all the good choices we never did	08:48
zyga	and even once the new interface is here it will be many many cycles before it can be used as a dependency without cutting a significant chunk of users	08:50
Chipaca	morning all	09:31
mvo	hey Chipaca, good morning	09:36
Chipaca	mvo: hiya	09:36
Chipaca	I suck at naming things. What would you call this Thing, and what would you call the arguments to New after the first? https://gist.github.com/chipaca/21222a4fa23ae5d8629c84cc016f23ea	09:38
Chipaca	^ that's what i've been playing with this weekend	09:38
* Chipaca now gets back to work		09:38
mvo	Chipaca: hm, maybe Formater?	09:39
Chipaca	mvo: it's not strictly work, and it's got bugs still, but if you want to play with it, https://people.canonical.com/~john/snap-find should work on amd64	09:40
Chipaca	(needs a running snapd)	09:40
mvo	Chipaca: nice	09:41
mvo	Chipaca: Columnizer , ColumnFormater, SheetFormater for some more ideas	09:42
Chipaca	oooh, Columnizr and be all web 2.0	09:42
Chipaca	wrt the bugs, one is go's, in that i need to add code to handle double-wide characters by hand (search for 'hello' and look at hello-bluet)	09:43
Chipaca	another is that in long listings it seems to be doing something wrong and leaving too much space for things it's not going to print yet, so there's a cutoff missing its spot	09:43
Chipaca	but anyway,lots of fun rune-twiddling to be had	09:43
mvo	Chipaca: :) looks/sounds like it indeed!	09:44
=== ikey\|afk is now known as ikey
* Chipaca -> physio break		10:44
* Chipaca -> really physio break		10:59
mup	PR snapd#4648 opened: debian, snap: only static link libseccomp in snap-seccomp on ubuntu <Created by mvo5> <https://github.com/snapcore/snapd/pull/4648>	11:06
mup	PR snapd#4645 closed: snapctl: allow `snapctl get` from any uid <Created by mvo5> <Closed by mvo5> <https://github.com/snapcore/snapd/pull/4645>	11:12
mup	PR snapd#4649 opened: many: record if snap was installed with --dangerous, snow relevant annotation in `snap info` and `snap list` <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/4649>	12:01
mup	PR snapd#4650 opened: daemon: allow `snapctl get` from any uid <Created by mvo5> <https://github.com/snapcore/snapd/pull/4650>	13:00
Chipaca	hmmm, hangouts seems rather dark right now	13:01
* Chipaca turns it off and back on again		13:02
Chipaca	oh god they're trying to use opengl	13:02
mup	PR snapd#4629 closed: ifacestate: only rewrite security profiles if the system-key changes <Created by mvo5> <Closed by mvo5> <https://github.com/snapcore/snapd/pull/4629>	13:50
Chipaca	man, go-flags is terrible at formatting this stuff	13:53
Chipaca	:-(	13:53
Chipaca	https://pastebin.ubuntu.com/=dS8vNTVhrM/	13:54
Chipaca	like, wtf is going on with the option alignment	13:54
Chipaca	--hello	13:54
Chipaca	. --yes-im-over-here	13:54
Chipaca	. --WAT	13:54
mup	PR snapd#4651 opened: cmd/snap: add help for service commands (oops) <Created by chipaca> <https://github.com/snapcore/snapd/pull/4651>	13:58
* Chipaca hugs mup		13:58
Son_Goku	today is a day where I curse Go for making it so that build flags are comments in Go files	14:02
mborzecki	Son_Goku: CGO_LDFLAGS_ALLOW is your friend	14:03
* Son_Goku sighs		14:03
mborzecki	Son_Goku: they did forget to add a similar for pkg-config though :)	14:04
* Son_Goku mournfully looks over at the nice stuff in Rust with Cargo...		14:04
mborzecki	off to pick up the kids	14:17
mvo	zyga: 4643 has a trivial suggestion for a comment fix	14:19
zyga	ack	14:19
mup	PR snapd#4638 closed: devicestate: fix autopkgtest failure in TestDoRequestSerialErrorsOnNoHost <Created by mvo5> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/4638>	14:20
mup	PR snapd#4651 closed: cmd/snap: add help for service commands (oops) <Created by chipaca> <Merged by chipaca> <https://github.com/snapcore/snapd/pull/4651>	14:25
Chipaca	wooooo	14:25
Chipaca	that's got to be a record	14:25
Chipaca	23 minutes from PR to landed with 2 +1s and green spread	14:25
* mvo hugs Chipaca		14:29
mup	PR snapd#4646 closed: snap-seccomp: fix cgo pkg-config and LDFLAGS <Created by stapelberg> <Closed by mvo5> <https://github.com/snapcore/snapd/pull/4646>	14:37
mvo	the classic confinement test segfaults on bionic :( /me wants the `snap run --gdb` branch to be merged to debug this	15:11
Chipaca	jdstrand: you around?	15:11
mup	PR snapd#4643 closed: snap: disallow layouts in various special directories <Created by zyga> <Merged by zyga> <https://github.com/snapcore/snapd/pull/4643>	15:12
jdstrand	Chipaca: hey, yes	15:34
Chipaca	jdstrand: I was looking through the review tools wondering about version validation	15:34
Chipaca	jdstrand: are they still from lp:click-reviewer-tools ?	15:34
jdstrand	Chipaca: for the moment	15:35
Chipaca	jdstrand: and if so, is it _verify_pkgversion in common.py	15:35
Chipaca	jdstrand: and if so, maybe update it so it matches snapcraft's validator?	15:35
Chipaca	jdstrand: or, sync with snapcraft about it	15:35
Chipaca	there are things that one considers invalid that the other doesn't, in both directions	15:36
jdstrand	Chipaca: I can do that. it matched at one point...	15:36
jdstrand	Chipaca: is there a particular issue you are looking at?	15:36
Chipaca	jdstrand: I'm adding version validation to snapd	15:37
Chipaca	and I'd like to write that it matches what the review tools and snapcraft do	15:37
Chipaca	but currently i cannot :-)	15:37
jdstrand	then, yes, I'll adjust the review tools to match snapcraft	15:37
jdstrand	Chipaca: since you've looked at snapcraft, where is the validation happening there?	15:38
Chipaca	jdstrand: ^[a-zA-Z0-9.+~-]{1,32}$ is what snapcraft is checking fwiw	15:38
jdstrand	so '~' is a valid version?	15:39
Chipaca	jdstrand: schema/snapcraft.yaml	15:39
Chipaca	jdstrand: yes	15:39
Chipaca	jdstrand: also README.~1~	15:39
jdstrand	Chipaca: let me rephrase. '~', '.', '+' and '-' are all supposed to be valid versions?	15:40
Chipaca	jdstrand: in snapd, _anything_ is a valid version :-)	15:40
Chipaca	but yes in snapcraft those things are valid versions	15:40
jdstrand	Chipaca: the store has its own checks separate from the review-tools aiui, and the review tools reflect that	15:40
jdstrand	Chipaca: I know it is in snapcraft :P is snapcraft wrong?	15:40
Chipaca	this is turning into a Meeting, isn't it	15:40
Chipaca	gasp	15:41
Chipaca	surely not	15:41
Chipaca	sergiusens: you on national holiday today, n'eh?	15:41
Chipaca	kyrofa: kalikiana: can we talk about versions for a bit?	15:42
Chipaca	or maybe i should open a bug	15:42
kyrofa	Chipaca, sure!	15:42
jdstrand	Chipaca: honestly, I think we need the store team. iirc there are checks there	15:42
Chipaca	kyrofa: am I right in thinking that snapcraft uses the schema/snapcraft.yaml thing to validate versions?	15:42
kyrofa	Oh, looks like I have some reading to do	15:42
kyrofa	Chipaca, yes, if it's a string it's validated with that regex	15:43
Chipaca	jdstrand: ok	15:43
jdstrand	I'll change the review tools to whatever is agreed to. the version check was more important when we had the version as part of the security label	15:43
Chipaca	noise][: who knows about the version validation the store does?	15:43
Chipaca	noise][: that is, validation of the version string in a snap	15:44
kyrofa	Chipaca, yeah we have no horse in this race either-- you just tell us what you want it to be and it shall be done	15:44
Chipaca	kyrofa: basically the regexp there is suspect, but we have apparently three different ones already :-) so, this	15:44
Chipaca	kyrofa: version must match ^fantastic-.*$	15:45
Chipaca	\o/	15:45
jdstrand	I think what I was remembering was that we were doing what the store does, not what snapcraft does, since people can run the review-tools on a snap prior to upload (no one does that now, but when this was written, that was the thinking)	15:45
kyrofa	Yeah seems reasonable	15:45
kyrofa	:P	15:45
Chipaca	jdstrand: right, but I'm not sure the store enforces the "version must be debianish" rule any more	15:46
jdstrand	it's possible now that click and snapv1 are gone, the version check in the store was removed	15:46
jdstrand	right. me either	15:46
jdstrand	hence you asking them :)	15:46
pedronis	jdstrand: Chipaca: I don't see a version check in the store	15:46
Chipaca	hmmm	15:47
pedronis	there's just a max length	15:47
jdstrand	it had to do with the upload	15:47
pedronis	afaict	15:47
jdstrand	I forget what it was called...	15:47
Chipaca	maybe I should just try to upload something with a ridiculous version and see what happens	15:47
jdstrand	I don't know if the output of the test is: 'Is a valid package' or 'Stated package version matches snap.yaml'	15:49
jdstrand	those two tests are not from the review tools	15:49
jdstrand	pedronis: does what you looked at have those checks? ^	15:51
Chipaca	- malformed 'version': 'this is some silly potatoes'	15:52
diddledan	no spaces?	15:53
pedronis	Chipaca: that seems review tools tough	15:53
pedronis	not the store itself	15:53
pedronis	I don't see a pattern check for version in the store code	15:53
Chipaca	jdstrand: note review tool's [A-Za-z0-9.+:~-]+? means those things are also valid versions for this, fwiw	15:54
Chipaca	so, it's just snapcraft and review tools, beyond the length limit	15:55
jdstrand	Chipaca: yes	15:56
pedronis	there's a 32 chars max-length	15:57
Chipaca	jdstrand: and i just pushed a thing with a version of ~ just to make sure	15:57
pedronis	in the sotre	15:57
pedronis	store	15:57
jdstrand	alright, well, if there are no checks in the store, I'll just update the review tools to match snapcraft	15:57
pedronis	jdstrand: I'm double checking with other people about the store	15:57
Chipaca	kyrofa: is there any reason snapcraft explicitly disallows epoch-style versions things?	15:57
Chipaca	kyrofa: (there's no ":" in there)	15:58
kyrofa	Chipaca, not that I know of. This regex has been there as long as I can remember	15:58
jdstrand	pedronis: it was some code that westby wrote. I can't remember the name of it. it might be gone now	15:58
kyrofa	Chipaca, we don't use the version for anything other than plopping into the snap.yaml and putting it into the filename of the resulting snap	15:59
jdstrand	kyrofa: it probably should include ':'. people like to snapcraft a stage-package and just use the deb version	15:59
kyrofa	jdstrand, yeah easy peasy. Sounds like we want some other changes too though, perhaps to not start or end or have multiple [.+~-:]	16:00
Chipaca	would ^[a-zA-Z0-9]([a-zA-Z0-9:.+~-]{,30}[a-zA-Z0-9+])?$ be any better?	16:00
Chipaca	oh, oh, _ also	16:00
pedronis	jdstrand: other store people seems to confirm there's no check (atm)	16:00
Chipaca	^[a-zA-Z0-9]([a-zA-Z0-9:.+~_-]{,30}[a-zA-Z0-9+])?$	16:00
pedronis	*seem	16:00
kyrofa	Yeah seems fine to me Chipaca. You want it, you got it	16:00
Chipaca	mvo: you also know something about versions, could you eyeball it? ^	16:01
mvo	Chipaca: in a meeting right now, will look soon	16:01
Chipaca	mvo: ack	16:02
jdstrand	Chipaca: I would suggest: ^[a-zA-Z0-9]([a-zA-Z0-9:.+~_-]{,30}[a-zA-Z0-9+~])?$	16:03
jdstrand	Chipaca: (allow ~ at the end)	16:03
Chipaca	jdstrand: i don't mind; what version are you imagining that needs it?	16:05
jdstrand	1.2.3-2~	16:05
Chipaca	I left the + in there because I imagined somebody wanting a 3.2+ version	16:05
jdstrand	I've seen that before	16:05
Chipaca	ok, fair	16:05
mvo	yeah, 1.0~ will be common	16:05
mvo	(ish)	16:05
mvo	its a common pattern for e.g. backports	16:06
Chipaca	also if [+~_-] isn't an emoticon it should be	16:06
jdstrand	Chipaca: alright, adding to trello ^[a-zA-Z0-9]([a-zA-Z0-9:.+~_-]{,30}[a-zA-Z0-9+~])?$. ping me if changing	16:06
Chipaca	jdstrand: will do, thank you!	16:06
jdstrand	I'm also surprised that the review tools allow what they do... they didn't always. I remember the discussions. anyway, who cares, it is changing now :)	16:07
Chipaca	kyrofa: running with this one ^ will shout if it changes	16:07
Chipaca	also may i suggest you python people use (?: instead of plain ( :-P	16:07
Chipaca	kyrofa: actually i'm not sure what the schema validation uses for regexps; if {,30} trips it up, you can use a * and the max-length of 32 will catch it	16:10
* Chipaca breathes in, lets people deal with their problems, and gets back to his own		16:11
kyrofa	Chipaca, sounds good	16:15
kyrofa	Sorry, made the mistake of launching chrome. Had to reboot	16:16
Chipaca	written forum post ahead of PR, because why not: https://forum.snapcraft.io/t/snapd-enforcinig-snap-versions/3974	16:22
Chipaca	(currently not listed so people aren't confused :-) )	16:22
kyrofa	Chipaca, waiit.. how do you do unlisted posts?	16:23
kyrofa	jdstrand, what kind of timeline do you anticipate for that change? We should coordinate	16:24
Chipaca	kyrofa: magic	16:25
* kyrofa hears "special permissions you don't have"		16:25
Chipaca	kyrofa: (tap the gear, it should be there)	16:25
* Chipaca publishes a snap with a version of 'unpredictable-counterrevolutions'		16:26
kyrofa	I see hide details and poll	16:26
jdstrand	kyrofa: not terribly soon unless someone wants it right now	16:26
Chipaca	kyrofa: you pleb	16:26
kyrofa	jdstrand, no rush from me. I suppose snapcraft could make the change before you folks and it would be okay. It'd be bad the other way around	16:26
* kyrofa puts together a PR		16:27
mvo	Chipaca: the version of "base-18" is "very-unstable", but that should still validate right?	16:27
Chipaca	mvo: unpredictable-counterrevolutions validates :-)	16:27
mvo	Chipaca: heh	16:28
jdstrand	kyrofa: what is in the review-tools is pretty close to what we agreed to	16:29
kyrofa	Good deal	16:29
jdstrand	kyrofa: I guess just commit to snapcraft soon and these can just roll in later	16:29
kyrofa	jdstrand, sounds good	16:30
jdstrand	the only problematic one is '_' in that you'll start allowing '_' but the review tools won't	16:30
jdstrand	but, you'd have to know that all of a sudden you could use it	16:30
jdstrand	the other bits show the review tools more strict already, and people haven't been complaining	16:31
Chipaca	or we haven't heard them :-)	16:31
Chipaca	(i think it's the sort of thing that people will hit, complain, tweak the string, and move on	16:32
Chipaca	)	16:32
Chipaca	s/complain/grumble/ perhaps	16:32
jdstrand	point is, status quo if we aren't in perfect sync	16:32
jdstrand	when we are in perfect sync, no more grumbling	16:32
roadmr	hi jdstrand	16:36
roadmr	jdstrand: so nothing will change with the review tools r1000 unless I set that resquashfs env vraiable, right?	16:37
jdstrand	roadmr: not wrt resquash, no	16:38
roadmr	jdstrand: ok - right. I have r1000 on staging right now and it was happy with my usual, trivial test snap	16:39
* jdstrand nods		16:39
jdstrand	roadmr: you may have noticed all the snaps in tests/ in the bzr tree	16:39
roadmr	jdstrand: oh I did not! awesome!	16:39
jdstrand	roadmr: that was part of all the testsuite updates I did	16:40
Chipaca	jdstrand: kyrofa: you've probably realised by now that it's {0,30} not {,30} in the regexp	16:40
jdstrand	Chipaca: yes	16:40
Chipaca	the {,30} might be a perlism, or it might be a bug in my head :-)	16:40
roadmr	jdstrand: fantastic! I usually sanity-check locally against some bogus snap I have, to avoid pushing a bogus revno, but this should make all that moot!	16:40
roadmr	moot-woot!	16:40
jdstrand	roadmr: if you want to send me that snap, I can add it to the tools	16:41
jdstrand	or anything else you like to test	16:41
roadmr	jdstrand: I don't think it's needed, it's an empty snap with classic confinement and only meant to protect against that case we had once...	16:41
roadmr	jdstrand: where you had an undeclared dependency so the thing worked for you but failed when pushed to the store	16:41
jdstrand	I may already have that use case in there	16:41
roadmr	jdstrand: to be honest I think I'll switch my local testing from my crap snap to the list you have here, though again it's for sanity, if you ran that test suite at merge time that looks quite thorough	16:42
jdstrand	roadmr: note I said 'wrt resquash'. that is because there are new and updated checks, but that is all normal stuff	16:42
roadmr	jdstrand: so does resquash modify the snap-under-test? or just verifies that when resquashing, the result is identical to what was uploaded?	16:43
roadmr	jdstrand: (that's why I zeroed in on that feature - was worried it might somehow alter the uploaded snap)	16:44
roadmr	in which case many components would be unhappy	16:44
jdstrand	roadmr: there is a big matrix for testing that I use. 14.04 was tested. running 'make functest' will run the tools on tests/, but the output is different on 14.04 and 16.04 on some click stuff due to testsuite mocking	16:44
jdstrand	roadmr: that will go away when I drop click/snapv1	16:44
roadmr	that'll be awesome	16:45
jdstrand	roadmr: the resquash will not modify the original squash. it unsquashes then resquashes and makes sure they are the same	16:45
jdstrand	s/they are/it is the same as the orig/	16:45
roadmr	jdstrand: ah, nice!	16:45
jdstrand	yeah, we totally don't want to touch the original	16:46
jdstrand	roadmr: also note, that the resquashfs have always run	16:46
roadmr	ohh	16:46
jdstrand	roadmr: they are even running in r1000. I didn't change that	16:46
jdstrand	roadmr: the env vars say whether the check is enforced or not, and whether or not to use fakeroot	16:47
jdstrand	they haven't been enforced for a long time, and r1000 doesn't change that	16:47
jdstrand	once snapcraft 2.39 is is in -updates on all the releases, I'll turn enforcement back on	16:47
roadmr	jdstrand: I see. So if it's enforced it'll actually return an error if they don't match?	16:48
jdstrand	roadmr: yes	16:48
jdstrand	but the snap needs to be squash with -no-fragments, otherwise false positives	16:48
jdstrand	and snapcraft 2.39 does that	16:48
roadmr	jdstrand: ok. I was thinking how to set that variable but from this I get we shouldn't, until you ask for a tools update which enforces this, right?	16:48
jdstrand	roadmr: yes. you don't need to do anything. I was mentioning it in case you wanted to test it yourself or do something on staging, etc, but prod doesn't need to do anything	16:49
roadmr	jdstrand: ok. Sounds like we'll test that once you enable it (at which point it'll make it to staging anyway)	16:50
jdstrand	roadmr: when I turn on enforcement, it'll be by default and the tools will honor SNAP_RESQHASHFS_ENFORCE=0 to turn it off	16:50
roadmr	jdstrand: much fiddlier for me to add a feature flag to set the env var	16:50
jdstrand	yes	16:50
roadmr	jdstrand: right, we can totally add the feature flag if we see a lot of false positives and we want to be able to switch that off quickly	16:50
jdstrand	the env var was mostly for us in debugging the enforcement feature	16:50
jdstrand	I never wanted you to have to do anything	16:51
roadmr	thanks :)	16:53
roadmr	we're clear on that then. r1000 should land in prod sometime this week	16:53
jdstrand	\o/	16:53
jdstrand	thanks :)	16:53
roadmr	jdstrand: I'll be afk from tomorrow until Feb 21st	16:53
jdstrand	roadmr: ack. while I have you, you adjusted the debs to install already?	16:54
roadmr	jdstrand: yes, I did that first on staging to ensure none of the deps wrecked the world, then updated the tools, which are running fine too	16:54
jdstrand	perfect	16:54
jdstrand	thanks again! :)	16:54
jdstrand	most of those deps you probably had. a few are if you want to run parts of the testsuite there	16:55
roadmr	jdstrand: yes, we did tweak the set of deps a bit (removed python3-all since we already install python3) but there were only 5 new ones	16:56
* jdstrand nods		16:56
Chipaca	why, oh why, doesn't the go test runner tell me exactly what file it's running? There are eleventyone backend_test.go and at least five have a TestUpdatingSnapToOneWithFewerHooks :-/	17:10
mup	PR snapd#4652 opened: tests: fix spread test failures on 18.04 <Created by mvo5> <https://github.com/snapcore/snapd/pull/4652>	17:32
RobertGlick	Hello everyone I am having problems removing a snap	17:39
RobertGlick	I keep getting an error I have googled and seems like I must be the only one	17:40
RobertGlick	the error is error: cannot remove "chromium": snap "chromium" has changes in progress	17:40
RobertGlick	I did a reboot and did not open chromium and I am still getting this message	17:41
ogra_	snap changes ?	17:41
RobertGlick	no	17:41
ogra_	(i mean ... run that command to see the changes in progress)	17:41
RobertGlick	ah ok	17:41
kyrofa	RobertGlick, then run `snap change <changeid for chromium>` to see what it's doing	17:42
RobertGlick	ok got 4 errors installing chromium	17:42
RobertGlick	but then it succesfully installed	17:43
ogra_	can you just paste the output of the snap changes command to https://paste.ubuntu.com/ ?	17:44
ogra_	also "snap version" would be helpful	17:44
RobertGlick	hmm I pasted	17:46
ogra_	give us the url then :)	17:46
RobertGlick	but should there be a link	17:46
ogra_	yes, in the url bar in your browser window	17:47
RobertGlick	https://paste.ubuntu.com/=cybnndDSsC/	17:47
RobertGlick	how to see snap version	17:47
ogra_	just run "snap version"	17:48
RobertGlick	thanks	17:48
ogra_	that will print all relevant version info ybout your system	17:48
RobertGlick	2.30	17:48
ogra_	the full output please :)	17:48
RobertGlick	snap 2.30	17:48
RobertGlick	snapd 2.30	17:48
RobertGlick	series 16	17:48
RobertGlick	solus 3	17:48
RobertGlick	kernel 4.14.18-51.current	17:48
ogra_	ah	17:48
ogra_	solus ...	17:49
RobertGlick	yup	17:49
ogra_	ikey, your customer ! ^^^^^	17:49
ogra_	:D	17:49
RobertGlick	Thanks	17:49
RobertGlick	will do	17:49
ikey	ogra_, what the who	18:05
ikey	oh hey a customer	18:05
ogra_	ikey, yeah, you have them !	18:05
ogra_	:)	18:05
ikey	we need to update our snapd before we look further into bugs me thinks	18:05
ikey	so that everyone is on the same baselevel	18:06
ogra_	well, 2.30 is the current stable one	18:07
ikey	o .31 is unstable?	18:08
ogra_	candidate	18:08
ikey	o	18:09
mup	PR snapd#4642 closed: many: add nfs-home flag to system-key <Created by zyga> <Merged by zyga> <https://github.com/snapcore/snapd/pull/4642>	18:12
RobertGlick	ogra_ and ikey fixed it not sure how this worked but i did sudo snap revert chromium then sudo snap remove chromium and it removed	18:20
ogra_	great	18:20
ogra_	it was probably just still doing some delayed operation while you tried the remove the first time	18:21
RobertGlick	hmm strange i did a reboot and did not open the app	18:21
RobertGlick	and was still getting that error	18:21
RobertGlick	but happy reverting and removing worked	18:22
RobertGlick	ogra_ one last question how do I clear the cached version to download a fresh copy?	18:28
ogra_	there is no caching	18:28
ogra_	it should just download anew if you removed the snap before	18:29
RobertGlick	ok	18:29
RobertGlick	thanks	18:29
mup	PR snapcraft#1923 opened: mypy: update to 0.560 <Created by kyrofa> <https://github.com/snapcore/snapcraft/pull/1923>	18:32
mup	PR snapcraft#1914 closed: docker: add Dockerfiles for all risk levels <Created by kyrofa> <Merged by kyrofa> <https://github.com/snapcore/snapcraft/pull/1914>	19:47
jdstrand	tyhicks: so, that dbus service activation change is proving to be annoying: https://github.com/snapcore/snapd/pull/4652#discussion_r167665241	20:07
mup	PR #4652: tests: fix spread test failures on 18.04 <Created by mvo5> <https://github.com/snapcore/snapd/pull/4652>	20:07
jdstrand	tyhicks: I'm not sure why dbus isn't defaulting to 'unconfined' if AssumedAppArmorLabel is not set...	20:08
jdstrand	tyhicks: istr you saying you'd look at it, comment in a bug, something... (am I crazy?)	20:09
tyhicks	jdstrand: that sounds like something I said but I think I let it fall off my plate once it sounded like there was a usable workaround	20:10
jdstrand	tyhicks: I mean, really, it could even be configured via bus configuration	20:11
tyhicks	(I think that was mid-sprint, too, so maybe that had something to do with it)	20:11
jdstrand	<apparmor mode="(enabled\|disabled\|required)" assumedlabel="unconfined"/>	20:11
jdstrand	tyhicks: ok... how should we proceed now? what are your thoughts on what it should be doing?	20:15
tyhicks	jdstrand: I've taken a note to look into it soon	20:16
jdstrand	tyhicks: ok, thanks. holler if you want me to do anything. in the PR with mvo, I recommended adjusting systemd's timedate1 dbus service file	20:17
tyhicks	jdstrand: I don't have an answer right now but I think we discussed a new permission that may be implied by an existing permission	20:17
jdstrand	oh right	20:17
jdstrand	tyhicks: well, when you have time to look at it, feel free to ping me to discuss	20:18
tyhicks	jdstrand: will do - thanks!	20:19
roadmr	jdstrand: hey so the tools already support common-id for apps within a snap, right?	20:48
jdstrand	roadmr: as of r1000	20:49
roadmr	jdstrand: fantastic :) thanks! (just checking)	20:49
jdstrand	roadmr: 980.1.3 to be specific	20:51
roadmr	right :) cool!	20:51
jdstrand	roadmr: and 980.1.4 has your ctime fix	20:52
jdstrand	as it happens, I saw that issue today with r950. looking forward to r1000	20:53
roadmr	jdstrand: oh perfect :) yes, I haven't seen it super often but sometimes it happens	20:53
roadmr	jdstrand: haah it was fun with wxmaxima which had daily builds and when one got stuck it built a queue of like 100 revisions :/ pushing them through by hand was fun	20:53
* roadmr said fun twice, imagine how fun it actually was		20:53
jdstrand	hehe, yes :)	20:56
mup	PR snapcraft#1564 closed: setup: changes to make installable from PyPI <Created by sergiusens> <Closed by kyrofa> <https://github.com/snapcore/snapcraft/pull/1564>	22:45
mup	PR snapd#4653 opened: all: snap versions are now validated <Created by chipaca> <https://github.com/snapcore/snapd/pull/4653>	23:05
mup	Bug #1749028 opened: snapd and disks <Snappy:New> <https://launchpad.net/bugs/1749028>	23:12

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!