[01:30] PR snapd#5385 opened: Update SELinux policy [05:10] morning [05:43] Is there any way to see snapcraft stores most downloaded packages? Or see all the packages that are available? [06:15] Good morning [06:17] zyga: mvo: hey [06:22] hey mborzecki and zyga ! [06:25] PR snapd#5385 closed: Update SELinux policy [06:33] hey mvo [07:11] PR core18#37 opened: static: add systemd environment generator to ensure PATH contains /snap/bin [07:15] re [07:15] ok, kids are handled [07:15] mvo: re, so about those issues you saw last week [07:15] I'd like to look at the one with layouts later today === pstolowski|afk is now known as pstolowski [07:15] morning [07:15] I need to work on some leftovers from Friday [07:15] and I need to plan a rework of security profiles after the call with gustavo [07:18] mvo, hey, do you have any comments on https://forum.snapcraft.io/t/pulling-network-online-target-as-prerequisite-target-slows-down-starting-services/6063 ? Would be nice to have the opinion of some core team member there :) [07:20] pstolowski: hey [07:25] zyga: sure [07:26] abeato: let me look [07:26] zyga: a quick look at core18#37 would be great, I hope this unblocks some tests [07:26] PR core18#37: static: add systemd environment generator to ensure PATH contains /snap/bin [07:27] mvo, thanks [07:30] PR core18#37 closed: static: add systemd environment generator to ensure PATH contains /snap/bin [07:31] abeato: wondering, aside from longer times reported by system-analyze, does this dependency have any negative impact? [07:33] mborzecki, it does, it implies that starting a service can take 2 minutes more than it should. Think for instance in a system with eth0 and wlan0 configured but SSID not found: you get those additional 2 minutes [07:33] or eth0 not connected [07:35] abeato: right, but this is just snapd depending on the network (which it could not depend on because the failures are already handled in the code), but this should be fairly transparent for installed snaps and other services, i.e. you don't depend on snapd or network-online -> there's no penalty [07:36] so it's either a service depends on snaps (when it shouldn't) or it's part of graphical target (which iirc depends on mult-user, which in turn snapd is WantedBy) [07:36] mborzecki, nope, it is that the unit created by snapd when installing the snap includes the network-online.target dependency. The impact is on the service defined by the snap, not in snapd [07:37] abeato: aah ok, missed that! thanks for claryfing [07:37] np [07:39] mvo: didn't we have some proposals for expressing dependencies on external services/targets? [07:39] mborzecki: we have a request but no design for this so far :/ [07:40] still, we don't have support for Requires at this point [07:42] yep [08:00] moin moin [08:01] mvo: hi, did we add back code to wait for restarts for core/snapd ? we probably need to before 2.34 [08:04] pedronis: no code for this yet [08:04] pedronis: I will look into it later today [08:05] thx [08:06] PR core18#38 opened: hooks: add libpam-systemd [08:10] PR core18#38 closed: hooks: add libpam-systemd [08:16] sil2100: hey, good morning! I did (as an experiment) mergehttps://github.com/snapcore/core18/commit/a9c4ea6ff0732911a47fa7a1b035eb10c1e68cd4 and https://github.com/snapcore/core18/commit/28b28abd1968b75d3d201d57321a746b6912c7b1 - the background is that "su -l -c env user" on core18 has a PATH without /snap/bin and I suspect its the missing libpam-systemd. if you have more ideas they are very welcome, its not entirely clea [08:16] r to me if its that or not [08:32] anyoen feels like reviewing #5363 or #5366? [08:32] PR #5363: snap: introduce the instance key field [08:32] PR #5366: snap: helper for validating snap instance names [08:39] mvo: is the plan to add "netcat" to core18 or not ? [08:39] pedronis: I pushed a pr to core18 with it, its tiny, I think its worth adding it [08:39] pedronis: given that its useful in tests and on its own (for admins for debugging) [08:40] thanks for the reviews guys! [08:41] you ask for reviews, you get reviews [08:41] 20 reviews per pr, approximately [08:41] sil2100: hm, libpam-systemd did not cut it, I will need to dig into this a bit more it seems, very strange [08:42] mvo: yes, not against, just confused by the PR that remove tests that needs it [08:43] s/remove/disable/ === chihchun_afk is now known as chihchun [08:44] pedronis: yeah, my initial thinking was to disable those but then I realized just how many that are and I think now that the better approach is to just add it [08:45] pedronis: also it was to cut down noise from the tests, I ran the main suite against core18 over the weekend and tried to classify the failures [08:45] it's ok [08:45] also they are all about network interfaces that are quite fundamental [08:46] and they might have classic vs core differences [08:46] Chipaca: I added some questions to your snapshotstate PR, not sure that's a way to unblock that doesn't involve doing the right thing though :/ [08:47] s/that's/there's/ [08:48] pedronis: I just see one about "snapshot" -> "snapshotSetup" [08:48] Chipaca: yes [08:48] ah the others are under some of gustavo's hidden ones [08:49] pedronis: I'll look at it later today (i probably meant IsActive instead of IsInstalled there) [08:49] need to do paperwork now [08:50] Chipaca: yes, IsInstalled is just needed for the pattern I show [08:50] (I think we have one place still in the code base that has a silly one) [08:51] Chipaca: anyway I need to finish the improved error stuff before I can help unblock you [08:51] Chipaca: sounds like snapshot will 2.35 though :( [08:51] *will be [08:52] pedronis: thank you. I will update the PR once I finished digging into a strange PATH issue on core18 [08:53] mvo: which reminds me, not urgent, there's an extra ":" in the entry ': Interface hooks' in the snapd 2.34 roadmap https://forum.snapcraft.io/t/the-snapd-roadmap/1973 [08:54] pedronis: thank you, nice catch === chihchun is now known as chihchun_afk [09:12] mvo, a possible optimization: https://forum.snapcraft.io/t/are-systemctl-daemon-reload-calls-before-enabling-a-service-needed/6086 === chihchun_afk is now known as chihchun [09:22] PR snapd#5386 opened: snap: introduce a struct StoreChannel to represent store channels, and helpers to work with it [09:22] Chipaca: ^ what we discussed [10:08] PR snapd#5363 closed: snap: introduce the instance key field [10:25] * zyga struggles with apparmor profiles [10:45] PR snapd#5387 opened: snap{/snaptest}: set instance key based on snap name [10:45] another little piece of parallel installs is up for review [10:45] pedronis: ^^ [11:05] PR core18#39 opened: hooks: ensure /etc/login.defs PATHs contain /snap/bin [11:20] * Son_Goku groans to life [11:38] wtf, no power, obviously the electricity company allegedly has this info posted 'somewhere', bunch of lunatics === mborzeck1 is now known as mborzecki [11:45] mborzecki: did you electricity company not pay their bills [11:49] Chipaca: no it's just run by a bunch of a*holes, because it's easier to collect the bills rather than keep the infra in decent shape [11:50] mborzecki: in my current font, * looks just right for use in that word [11:50] Chipaca: what's the font? [11:50] mborzecki: the go one [11:50] https://blog.golang.org/go-fonts [11:50] reminds me of the old solaris console font [11:51] glad i pushed everything minutes before the power was gone [12:00] PR snapd#5329 opened: DON'T REVIEW: tests: Adding debug information to know why econnreset is failing [12:08] * zyga runs another round of layout tests [12:12] * Chipaca ~> lunch === pstolowski is now known as pstolowski|lunch [12:15] a review of core18#39 would be great, this should unblock some more tests [12:15] PR core18#39: hooks: ensure /etc/login.defs PATHs contain /snap/bin [12:23] mvo: done [12:23] Heya [12:23] I've just did an update on Spread to fix the issue reported by Google.. please let me know if you see any hiccups [12:23] I've just done === pstolowski|lunch is now known as pstolowski [12:45] PR snapd#5376 closed: tests: skip security-udev-input-subsystem without /dev/input/by-path [12:54] niemeyer: how did google report an issue on spread? [12:54] Chipaca: I got an email [12:55] niemeyer: "you're the person responsible for 98% of all api calls"? [12:55] flashbacks of linode [12:56] Chipaca: Yeah, it did bring me memories, but this time it was more like "You are the person responsible for 98% of the API calls that start with a double dash (//)" [12:56] s/dash/slash [12:56] niemeyer: so causing a lot of redirects? [12:56] let me give you this bag og 500 Internal Server Error [12:56] ah :) === mborzeck1 is now known as mborzecki [12:57] Or something.. we did get 500s [12:57] They didn't specify what the outcome was on their end, just politely asked whether we could get it fixed [12:58] and you didn't turn around and spam double-slashed endpoints with all the bandwidth you could muster? [12:58] you're too kind [12:58] PR core18#39 closed: hooks: ensure /etc/login.defs PATHs contain /snap/bin [13:21] PR snapd#5388 opened: tests: fix tests when no keyboad input detected === chihchun is now known as chihchun_afk [13:26] PR snapd#5382 closed: tests: add halt-timeout to google backend [13:31] cachio: which PR is that? [13:35] mborzecki: ha! I found *why* su -l is not working anymore in core18: https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/984390 - anyway, I will work with foundations now to see if I can get it upstream [13:35] zyga: i see 4.14 kernel in for raspberrypi in yocto [13:35] Bug #984390: $PATH is taken from login.defs not /etc/environment [13:35] mvo: thanks, intersting [13:36] mborzecki: current "production" is 4.9 for older models [13:37] heh 'production' for raspberry pi :P [13:37] mborzecki: its quite terrible, I debugged fixed this ~2y ago already but it did not land in the distro [13:37] * zyga had a full successful run on his layout patch, whee [13:37] mborzecki: I mean the one they ship with by default [13:38] wonder what's holding them back aside from gpu [13:38] probably the question is different [13:38] no need to go forward so why would they [13:38] (and totally crazy boot process, unless they changed it already) [13:38] the boot spec is part ot the hardware [13:39] mvo, niemeyer: one new interesting feature of systemd is the specification for new boot process [13:39] that's worth reading [13:39] zyga: do you have a link? [13:39] yes, one sec [13:39] mvo: https://lwn.net/Articles/758128/ [13:39] mborzecki: ta [13:39] https://github.com/systemd/systemd/blob/master/doc/BOOT_LOADER_SPECIFICATION.md [13:43] zyga: NoNewPrivileges looks interesting [13:44] yes but it is unlikely to work soon [13:44] (as stated in the docs) [13:45] mborzecki, mvo: I personally really like the idea of that single-efi file that bundles linux, initrd and os-release file [13:45] that means you can boot a single "linux.efi" file [13:45] that's self contained [13:45] that's neat IMO [13:46] zyga: sounds a bit like a snap [13:46] mvo: yes, we perhaps could adopt it [13:47] it would mean we are an easier support target down the line [13:47] well, at least an idea [13:50] brb, need to resize my partitions [13:50] heh, the hangouts call pulled 1.2GB of data on my modem [13:55] revising from break=bottom ;) [13:55] resizing* [13:56] ok, quick lunch break [13:59] when I run snapcraft should it automatically detect common-id's or do I have to manually specify them in my snapcraft.yaml? [14:07] zyga, sorry for the delay, #5343 [14:07] PR #5343: tests: adding extra check to validate journalctl is showing current test data [14:10] sitter: I don't know if it is implemented but there are specs for a system where appstream meta-data can be automatically ingested [14:10] sitter: I don't know if that's implemented yet though, perhaps kyrofa knows [14:20] PR core18#40 opened: hooks: add FIXME for /etc/login.defs changes [14:22] * zyga sincerely hopes for the weather to improve and some pressure to increase [14:22] today feels like mid winter when it's dark, gloomly and wet outside [14:22] not like first week of summer [14:28] PR core18#40 closed: hooks: add FIXME for /etc/login.defs changes [14:33] seems https://forum.snapcraft.io/t/adopt-info-from-other-metadata-sources/4370 has the information, assuming that is the latest and greatest way of doing it anyway [14:33] * zyga has IRL interrupt === chihchun_afk is now known as chihchun [14:39] PR snapd#5380 closed: tests: blacklist more main tests for core18 [14:42] pstolowski: disconnect branch seems to need now a merge from master (only test failing is spellecheck) [14:43] pedronis: thanks. it still needs some work re undo on disconnects [14:56] PR snapcraft#2168 opened: build_providers: add ssh key managemet support to the qemu build prov… [15:12] jdstrand: good day, are you back by any chance? [15:13] zyga: hi! yes. lots of catching up. what's up? [15:13] jdstrand: I will have some follow up from layouts but nothing major, just wanted to say hi :) [15:13] PR snapd#5226 closed: data: add systemd user environment generator [15:13] PR snapd#5389 opened: snap: account for parallel installs when dealing with broken snaps [15:13] I can imagine you have a lot of catchup to do [15:14] zyga: :) [15:18] * zyga thinks about a 3rd coffee [15:18] rainly gloomly summer [15:23] * cachio lunch [15:49] PR core18#35 closed: hooks: add netcat package === Sir_Gallantmon is now known as Son_Goku [16:14] PR snapd#5390 opened: data: add systemd environment configuration === pstolowski is now known as pstolowski|afk [16:37] zyga, i'm a but surprised about that snap version output in the forum, doesnt the snap command itself pull the info our of os-release and uname ? (i thought snap version does not require snapd to run to get at least the needed info from the os) [16:38] ogra_: no, it's all server side [16:38] hmm [16:38] ogra_: (which makes sense if you think about it being, one day, able to talk to remote servers) [16:38] (that makes debugging a server outage indeed a bit tricky :) ) [16:39] true ... but perhaps it should then have a --no-remote flag so it can still collect the system info for debugging [16:39] well, it's not much of use if the server is down [16:40] and the set of collected things is tricky to compute locally really [16:40] haha, systemd is always so helpful with its messages ... [16:41] "he start-up result is RESULT" [16:41] *the [16:41] shouting doesnt help ! ... not even in logs :P [16:42] It just wanted to make sure you heard it ogra_ [16:43] yeah, obviously :) [16:43] thats like "command failed with: SUCCESS" [16:45] zyga, i bet one of these php thingies he installed is some third party installer or tarball that mangles the install bad enough to break the world [16:45] ot that "magento CMS platform" or whatnot [16:46] *or [16:48] yeah, pretty horrible people make php [16:48] (as in make use of it) [16:48] also make the thing [16:49] WOW ... that log now ! [16:49] curious that *anything* works on that install [16:50] hm, hm, can someone help with "error: File must begin with "/": %{_environmnentdir}/990-snapd.conf" - I get this from rpm packaging in https://github.com/snapcore/snapd/pull/5390 but the macro should be defined inhttps://github.com/systemd/systemd/blob/master/src/core/macros.systemd.in [16:50] PR #5390: data: add systemd environment configuration [16:52] mvo, which target? [16:52] mvo: I was reviewing [16:53] Son_Goku: opensuse and fedora [16:53] Son_Goku: is this stuff just too new? git blame tells me it was added only one month ago? [16:53] zyga: ups, sorry [16:53] no worries :) [16:53] while the functionality existed for a while, the macro didn't exist until systemd 239 [16:53] we just need a compat macro ;) [16:53] also "_environmnentdir" looks like a typo [16:54] Son_Goku: aha! [16:54] and yes, someone screwed up [16:54] Son_Goku: I will push a fix [16:54] %{?!_environmentdir: %global _environmentdir %{_prefix}/lib/environment.d} [16:54] Son_Goku: \o/ === jkridner|pd is now known as jkridner [16:57] mvo, zyga: https://github.com/systemd/systemd/pull/9417 [16:57] PR systemd/systemd#9417: rpm: Fix typo in %_environmentdir [16:58] Son_Goku: heh, was about to do this, thank you! === Sixth_Doctor is now known as Son_Goku [17:14] mvo, I would have liked to see you send a PR for rpm things :P [17:19] niemeyer: btw, if I remember you said you wanted to chime in on (there is related work going on): https://forum.snapcraft.io/t/url-contact-fields-in-snap-metadata/3067/18 [17:28] Thank you Son_Goku [17:28] my son has smalled a huge sliding window on his toe [17:28] some tears and blood later, I am back [17:28] ... [17:38] mvo, hey, do you know why the econnreset test blocks the download once it is started? [17:39] mvo, it is any reason to don't block it before it starts? [17:40] because I could reproduce the error and found the download finishes after we compare the size of the partial file and before iptables is applied [17:40] mvo, this is the log https://paste.ubuntu.com/p/2yFqrXT7rd/ [17:40] it has extra debug info [17:47] pedronis: Looking [17:56] pedronis: Provided some feedback there [17:57] zyga: Ouch [17:57] Son_Goku: hehe, exactly :) [17:57] cachio: iirc in the old days it would not retry on econnectionrefused [17:58] cachio: but the retry logic has changed quite a bit so maybe now thats fine? [17:59] mvo, one day, I'll win you over to the awesome side :) [18:00] mvo, ok, I'll change the test and see what's the result [18:00] Son_Goku: :-D [18:01] cachio: cool, keep me updated [18:02] mvo, running [18:03] PR core18#36 closed: hooks: set timezone to Etc/UTC [18:06] mvo: hmm, let me also experiment with that PAT [18:07] *PATH missing /snap/bin [18:08] sil2100: I found the issue [18:08] sil2100: https://github.com/shadow-maint/shadow/pull/119 [18:08] PR shadow-maint/shadow#119: su.c: run pam_getenvlist() after setup_env [18:08] sil2100: this also links to a bug (from 2012 :) [18:09] sil2100: so we have a workaround for now, I will revert the systemd generator [18:10] sil2100: and once the fix for su.c is approved I/we can SRU the fix [18:10] sil2100: and undo the workaround [18:14] wow [18:16] ;) [18:36] * zyga moves to another room [19:18] PR snapd#5391 opened: tests: simplify econnreset test [19:34] * cachio afk [19:42] PR snapcraft#2169 opened: Rust plugin improvements [19:45] PR snapcraft#2158 closed: rust plugin: fix cargo builds and run tests [19:45] PR snapcraft#2170 opened: Rust plugin env [19:48] PR snapcraft#2169 closed: Rust plugin improvements [20:19] * zyga has a bad test day [20:19] or bad network day maybe [20:22] hi there. i just read https://github.com/canonical-websites/snapcraft.io/issues/651 and https://blog.ubuntu.com/2018/05/15/trust-and-security-in-the-snap-store and am wondinerg whether embedding (privacy impacting) trackers is currently (1) considered acceptable (b) tested for and (c) how it's being handled, if at all. [20:23] from my POV this is a major issue on android, and mostly unhandled / unsolved (or rather accepted) there. so i'm wondering whether what the situation with snaps is. [20:26] s/on android/on the google play store/ [21:46] * zyga sees the same error mvo saw [21:46] that took a while, let's fix it [23:57] PR snapcraft#2170 closed: rust plugin: fix cargo builds and run tests