/srv/irclogs.ubuntu.com/2018/08/21/#snappy.txt

=== wgrant_ is now known as wgrant
mup	Bug #1760252 changed: starting slack crashes xwayland on 18.04 <bionic> <xorg-server (Ubuntu):New> <https://launchpad.net/bugs/1760252>	01:33
mup	PR snapd#5690 opened: Add an error code for Polkit auth cancels <Created by robert-ancell> <https://github.com/snapcore/snapd/pull/5690>	03:05
mborzecki	morning	05:09
mborzecki	mvo: hey	05:42
mborzecki	mvo: easy win https://github.com/snapcore/snapd/pull/5687	05:42
mup	PR #5687: cmd/snap-confine: switch to validation of SNAP_INSTANCE_NAME <Parallel installs> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/5687>	05:42
mborzecki	mvo: hey, you probably missed that, https://github.com/snapcore/snapd/pull/5687 is an easy win, same as https://github.com/snapcore/snapd/pull/5684	05:50
mup	PR #5687: cmd/snap-confine: switch to validation of SNAP_INSTANCE_NAME <Parallel installs> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/5687>	05:50
mup	PR #5684: cmd/snap: create snap user directory when running parallel installed snaps <Parallel installs> <Simple> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/5684>	05:50
mvo	mborzecki: yeah, missed that, looking. thank you	05:53
zyga	good morning!	05:53
* zyga tries to shift to 6AM wake-ups		05:54
zyga	not there yet	05:54
zyga	but slowly :)	05:54
mvo	zyga: good morning	05:54
zyga	I'll make coffee and join you guys shortly	05:54
mborzecki	zyga: hey	05:54
mborzecki	zyga: you're still 2h behind the schedule :P	05:54
mup	PR snapd#5687 closed: cmd/snap-confine: switch to validation of SNAP_INSTANCE_NAME <Parallel installs> <Created by bboozzoo> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/5687>	05:57
mvo	mborzecki: 5684 waits for john, no?	05:57
mborzecki	mvo: yay, thanks	05:57
mborzecki	mvo: yes, i pinged him and pawel yday	05:57
mborzecki	feels good to be back at the proper screen	05:58
=== mborzeck1 is now known as mborzecki
zyga	:-)	06:24
zyga	Yeah but I’m shifting	06:25
zyga	When I woke up today I felt like it’s autumn ready	06:26
zyga	Is it OK to say I already miss the summer?	06:27
zyga	My plan for today is to talk with Paweł about the system snap	06:28
zyga	And to finish off the two remaining PR I have open	06:29
zyga	And then work and user mounts	06:29
zyga	mvo: When do you plan to release the next point release?	06:29
mborzecki	zyga: https://github.com/snapcore/snapd/compare/master...bboozzoo:bboozzoo/parallel-install-snap-namespace-mapping i'd love to hear your thoughts	06:30
mborzecki	zyga: also need to look info why /snap/foo is mounted rw	06:31
zyga	I’ll check it out very soon but just as an observation snap foo cannot be a mount point, because there’s nothing out there is just a directory	06:32
mborzecki	zyga: rbind & ro are a no go (you added that comment?), guess it's not much of a problem for /snao/foo_bar -> /snap/foo	06:52
zyga	re	06:53
zyga	mborzecki: looking	06:54
=== pstolowski\|afk is now known as pstolowski
pstolowski	mornings	07:10
mvo	zyga: I have no plans yet for a point release. what do we need in it?	07:23
zyga	some things are tagged with 2.35	07:23
mvo	zyga: we can do in a week after the real release	07:23
zyga	and 2.35.0 is in the release page	07:23
mvo	zyga: aha, let me check	07:23
zyga	so I assumed you would do another one	07:23
zyga	is 2.35 out?	07:23
zyga	or am I just mistaken about the assumption	07:23
mvo	zyga: I thought I had moved them to .36	07:23
mvo	zyga: its in beta now	07:23
zyga	ah, that must be it then	07:23
mvo	zyga: https://github.com/snapcore/snapd/pulls?q=is%3Aopen+is%3Apr+milestone%3A2.35	07:24
mvo	zyga: but we can do a point release i fneeded	07:24
zyga	ah, ok	07:24
zyga	:)	07:24
mborzecki	zyga: mount profiles for test-snapd-layout{,_foo} https://paste.ubuntu.com/p/JvmWd88tKp/ unfortunately the _foo one explodes on startup https://paste.ubuntu.com/p/8ZYtzf7sgG/	07:42
zyga	https://www.irccloud.com/pastebin/d39eugoc/	07:43
zyga	mborzecki: that's "expected", aka known issue	07:44
zyga	mborzecki: rm the symlink on your host to fix it	07:44
zyga	mborzecki: that's the "trespassing" bug that I was trying to fix for many months now	07:44
zyga	mborzecki: it manifests itself as dangling symlinks and empty files in /etc	07:45
mborzecki	zyga: ok, removing files made it go away	07:46
mup	PR snapcraft#2220 opened: schema: allow license field <Created by mvo5> <https://github.com/snapcore/snapcraft/pull/2220>	08:04
alexlarsson	zyga: hey, do you know if there is any work going on to backport the new xdg-desktop-portal releases (in particular, 1.0) to bionic?	08:12
alexlarsson	zyga: I'm considering whether to add it to the bionic flatpak ppa	08:13
mup	PR snapd#5691 opened: spdx: allow Other-Open-Source <Simple> <Created by mvo5> <https://github.com/snapcore/snapd/pull/5691>	08:24
seb128	jamesh, ^ you might know?	08:24
jamesh	alexlarsson: we want to backport xdg-desktop-portal to xenial. I think it might make that backport 1.0, and push it to bionic, assuming there aren't compat issues	08:26
alexlarsson	jamesh: Should be no compat issues	08:26
alexlarsson	I have x-d-p 1.0 for xenial in the flatpak ppa, but historically i didn't add it to bionic, because it had 0.11 already	08:27
zyga	whee, thank you alexlarsson and jamesh :)	08:27
jamesh	alexlarsson: I'll talk about it with Ken	08:27
mborzecki	zyga: parallel installs + layouts spread test running now	08:34
zyga	cool	08:35
alexlarsson	jamesh: cool	08:35
=== chihchun_afk is now known as chihchun
zyga	mborzecki: any luck?	08:44
mborzecki	zyga: heh, stopped at the trespassing thing, fixed the test to cleanup /etc/demo* stuff and retrying now	08:46
zyga	kk	08:47
zyga	once it passes (if it does) look around, as I said it's more about just ensuring the outcome makes sense than looking at the boolean pass/fail value	08:47
mup	Bug #1533899 changed: Add support for proxies <canonical-is> <proxy> <webdm> <cloud-init:New> <Snap Layer:Fix Released by stub> <Snapcraft:Invalid> <Snappy:Fix Released> <snapweb:Invalid> <snapd (Ubuntu):Fix Released> <snapd (Ubuntu Trusty):Fix Released> <https://launchpad.net/bugs/1533899>	08:47
mborzecki	zyga: yeah, modified it a bit to write different content to locations and added some steps to verify if the things look ok from the outside	08:48
mborzecki	zyga: once https://github.com/snapcore/snapd/pull/5670 i'll be able to open a PR with mapping changes along with a spread test	08:48
mup	PR #5670: daemon, overlord/snapstate: set instance name when installing from snap file <Parallel installs> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/5670>	08:48
mborzecki	hm actually most of the spread tests, there's one that depends on https://github.com/snapcore/snapd/pull/5614	08:49
mup	PR #5614: interfaces: parallel instances support, extend unit tests <Parallel installs> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/5614>	08:49
Chipaca	zyga: next time you're feeling smug about your mac, have you looked at the uname implementation for darwin vs the one for linux	08:58
zyga	mmm, nope/	08:58
zyga	what's the difference?	08:59
Chipaca	zyga: https://github.com/golang/sys/blob/master/unix/syscall_darwin.go#L368 vs https://github.com/golang/sys/blob/master/unix/zsyscall_linux_amd64.go#L1378	08:59
Chipaca	zyga: the darwin one is five syscalls and a loop	08:59
zyga	interesting, I knew apple did some unusual things with their sys call layers	09:02
zyga	notably for compatibility at the extreme	09:02
zyga	and also flexibility	09:02
zyga	some system calls don't have numbers	09:03
zyga	only names	09:03
zyga	and to call them you literally have to pass the string to the kernel	09:03
zyga	then again apple sys calls are executed differently due to (last time I looked at 32bit systems) 4/4 split	09:03
zyga	where the whole address space flips (except for a tiny page that has the flip code and arg buffers)	09:03
zyga	Chipaca: but yeah, cool stuff :)	09:04
zyga	and apparently it doesn't matter (marketshare :)	09:04
Chipaca	zyga: :-)	09:04
Chipaca	what does userd use SIGUSR1 for?	09:11
Chipaca	morphis: do you remember?	09:11
=== chihchun is now known as chihchun_afk
mup	PR core#93 opened: hooks: unwind /etc/alternatives <Created by mvo5> <https://github.com/snapcore/core/pull/93>	09:15
mborzecki	zyga: that's the test currently https://paste.ubuntu.com/p/KfNJC6tJV2/	09:23
zyga	mborzecki: looking	09:25
zyga	mborzecki: what I would look for in this test is something that verifies that both instances don't step on each other's data	09:26
mborzecki	zyga: that's towards the end	09:26
zyga	mmm, I don't see that	09:27
mborzecki	zyga: lines 85+, unless you have something else in mind	09:27
zyga	mborzecki: I mean that one snap should say "snap-a" and the instance snap should say "snap-b"	09:28
zyga	they should both write	09:28
zyga	and only after that we should verify the data seen by both	09:28
zyga	so that it's not "snap-a" in all the places (or snap-b in all the places)	09:28
mborzecki	zyga: that's exactly what's there	09:29
zyga	hmm?	09:29
zyga	but you write foo-1, 2, 3 for _both_	09:29
zyga	so how can you check that	09:29
mborzecki	zyga: $name foo-1 ..	09:29
zyga	either I don't see it or the pastebin is wrong :D	09:29
zyga	aaah	09:29
zyga	$name :D	09:29
=== chihchun_afk is now known as chihchun
zyga	I didn't notice that at a ll	09:29
zyga	++	09:29
zyga	it's good :)	09:29
mborzecki	heh :)	09:29
zyga	thank you	09:29
mborzecki	zyga: ok, i'll add it to the tests and integration branches, and deal with that change in mount spec that you suggested layer	09:31
mborzecki	have to deal with UpdateMany() now	09:31
mvo	zyga: do you know what (bind) mounts /var/lib/extrausers in snap-confine - git grep extrausers is very quiet for me	09:33
zyga	let me think	09:33
zyga	I don't think that's us	09:33
zyga	isn't that the test setup?	09:33
zyga	or core boot process?	09:33
zyga	(us as in the cli tools)	09:34
mvo	zyga: snap run --shell test-snapd-tools.echo gives me a valid /var/lib/extrausers inside the mount namespace	09:34
mvo	zyga: so I assume that is us doing it	09:34
zyga	ok, let me look deeper	09:34
zyga	probably my memory is just rusty	09:34
zyga	ah	09:35
zyga	I know	09:35
zyga	just let me check to be 100% sure	09:35
zyga	yep	09:35
zyga	it's the LXD quirk	09:35
zyga	we have a "quirk" system in snap-confine that we only used after a particular release of snap-confine broke lxd	09:35
zyga	we make /var/lib/lxd (which is not in the base snap)	09:36
zyga	and we bind mount the host's version there	09:36
zyga	to do that we construct an (older implementation of) a writable mimic over /var/lib	09:36
zyga	I would like to disable that code but perhaps hard to ensure it's not a backwards incompatible change now	09:36
mvo	zyga: and this runs only if core is the base? not core18 ? or how is that decided?	09:36
zyga	(and we could tie that code to the lxd interface perhaps)	09:36
zyga	it runs on all classic systems for sure	09:36
zyga	let me look	09:36
zyga	yes	09:37
mvo	zyga: aha, ok	09:37
zyga	sc_setup_quirks is called if distro is SC_DISTRO_CLASSIC	09:37
zyga	but I would like to drop that, really	09:37
zyga	it pollutes the mount table with stuff for one snap but runs for all the snaps	09:37
zyga	and it's very very very likely to be unused now	09:37
zyga	and it can move to an interface (for sure)	09:38
mvo	zyga: hm, something else is going on - I see this on !classic, on uc16	09:38
zyga	though all such transitions are non-trivial because we have no mechanism to update in-place the	09:38
zyga	oh	09:38
zyga	maybe there's a bug in core / classic classification on uc16	09:38
mvo	zyga: could be, not super important right now, I was mostly looking why core18 was not displaying a username on core18 devices inside the mount namespace	09:39
zyga	mvo: what's the /etc/os-release file you see?	09:39
mvo	zyga: https://paste.ubuntu.com/p/XkFW7hYYTX/	09:40
zyga	ID=ubuntu-core	09:40
mvo	zyga: silly question - in sc_mount_config what does "normal mode" mean?	09:41
zyga	normal mode is the preferred mode of operation where pivot root happens	09:41
zyga	the exceptional mode is only on core16 when we don't do that	09:41
zyga	(for compatibility reasons)	09:41
zyga	the exceptional mode is called "legacy mode"	09:42
mvo	zyga: do we have two normal modes? on in the struct and one global?	09:42
zyga	nope	09:42
zyga	normal == used on classic, used on core 18 +	09:43
zyga	legacy == used only on core16	09:43
zyga	brb, coffee	09:43
mvo	zyga: thank you	09:43
mvo	zyga: enjoy coffee, I will dig a bit around myself	09:43
mup	PR snapd#5683 opened: overlord/patch: support for sublevel patches <Created by stolowski> <https://github.com/snapcore/snapd/pull/5683>	09:44
zyga	mvo: back	10:04
zyga	I was getting coffee making lessons actually (unexpectedly)	10:04
zyga	mvo: I can spin up a core16 VM and check as well if you want	10:04
mborzecki	need to go to the car shop, will work from there, bbiab	10:05
zyga	kk	10:05
zyga	mvo: you can also get a trace with SNAP_CONFINE_DEBUG=yes	10:06
zyga	perhaps that will shed some light as to what is going on	10:07
mvo	zyga: ok	10:08
zyga	mvo: if you pastebin that I will gladly look	10:08
zyga	mvo: just remember that on 2nd run it will use the persisted namespace	10:09
zyga	so you may want to discard it before collecting the log	10:09
mvo	zyga: https://paste.ubuntu.com/p/mTqsSKSfTz/	10:10
mup	PR snapd#5692 opened: snap-confine: map /var/lib/extrausers into snaps mount-namespace <Created by mvo5> <https://github.com/snapcore/snapd/pull/5692>	10:10
mvo	zyga: oh, what was the command again to discard it?	10:10
mvo	zyga: ^- the PR above is the actual problem I want to fix :)	10:10
mvo	zyga: this is a bit of a side-issue	10:10
zyga	mvo: /usr/lib/snapd/snap-discard-ns $SNAP_NAME	10:10
mvo	zyga: https://paste.ubuntu.com/p/26bb6N4mVQ/	10:11
zyga	mvo: if you use SNAP_DEBUG=1 you will also get snap-update-ns feedback	10:12
zyga	mvo: hmm	10:12
zyga	mvo: so this says nothing happened really pretty much	10:12
mvo	zyga: https://paste.ubuntu.com/p/FtqGCYzTnT/ <- with SNAPD_DEBUG=1	10:15
mwhudson	niemeyer: https://github.com/snapcore/snapd/blob/master/overlord/configstate/configcore/corecfg.go#L119-L125 <- means that snap set core proxy.http doesn't do anything on non-core, right?	10:25
mvo	mwhudson: correct	10:25
mwhudson	mvo: context https://bugs.launchpad.net/snapcraft/+bug/1533899	10:26
mup	Bug #1533899: Add support for proxies <canonical-is> <proxy> <webdm> <cloud-init:New> <Snap Layer:Fix Released by stub> <Snapcraft:Invalid> <Snappy:Fix Released> <snapweb:Invalid> <snapd (Ubuntu):Fix Released> <snapd (Ubuntu Trusty):Fix Released> <https://launchpad.net/bugs/1533899>	10:26
mvo	mwhudson: aha, I see. this is about respecting it in snapd internally?	10:27
mwhudson	mvo: i don't know	10:27
mvo	mwhudson: yeah, I think thats missing but should be simple, let me have a poke	10:27
Chipaca	mwhudson: proxy on classic can be set via /etc/environment, can't it?	10:28
mwhudson	mvo: there is a tension core-aka-system-config vs core-aka-snapd-config	10:28
mwhudson	mvo: which i guess you are fixing in series 18 :)	10:28
mwhudson	Chipaca: that works about as well or badly as any other way of setting it, yes	10:28
Chipaca	mwhudson: also to keep things interesting, there's http proxying, and there's snap store proxy	10:29
mvo	mwhudson, Chipaca my gut feeling is that on core device we edit /etc/environment and thats fine. on classic we don't but we should still lookup if the config was set and respect it	10:29
zyga	brb	10:29
Chipaca	sparkieg`: the link to documentation from https://forum.snapcraft.io/t/announcing-snap-store-proxy-beta/4666 is broken	10:30
mwhudson	i think snapd.service still says EnvironmentFile=/etc/environment?	10:30
Chipaca	mwhudson: yup	10:30
mwhudson	anyway, i wouldn't want people to think that saying snap set core proxy.http=.. does anything at all on classic now, because it doesn't	10:30
mwhudson	maybe it should but i don't have an opinion on that :)	10:31
Chipaca	mvo: mwhudson: on classic, setting the proxy via unity-control-center edits /etc/environment	10:31
mvo	Chipaca: yeah, thats fine	10:31
Chipaca	I'm lost about what the bug is about tbh	10:31
Chipaca	description just talks about core	10:31
mvo	Chipaca: I was mostly thinking that we should do somehting on classic. either error if you try to set it on classic or respect it for snapd only	10:31
mvo	Chipaca: yeah, its not entirely clear to me either but there is confusion and it seems the above (either error or support it) should fix the confusion	10:32
mvo	mwhudson: ^- does this make sense?	10:32
Chipaca	mvo: hold on	10:32
mwhudson	Chipaca: should probably do something to do with environment.d(7) nowadays? don't really care though	10:33
Chipaca	mvo: "snap set system proxy.store=xyzzy" works on classic, doesn't it?	10:33
Chipaca	mwhudson: environment.d wasn't in <18 afaik	10:33
mwhudson	oh wait that's only user sessions?	10:33
mwhudson	yeah all this is fairly new	10:33
niemeyer	mvo: Don't we use the proxy internally?	10:33
mvo	mwhudson: this is not read by pam, right? so things like ssh will not use it(?)	10:33
Chipaca	mwhudson: so yeah nah	10:33
mvo	niemeyer: I think we did not add support for this, I can look into making this happen should be easy but iirc we did not do it yet	10:34
Chipaca	mvo: erroring on the ones we don't support would be good yes	10:34
mvo	mwhudson: I whish pam_env would support it, I looked at this briefly but iirc there were some complications (beside it being pam)	10:34
mwhudson	mvo: something extra fun iirc here is that go's ProxyFromEnvironment looks at the environment once	10:35
mvo	Chipaca: yeah, lets see if niemeyer prefers support or error	10:35
mvo	mwhudson: heh, fun indeed :)	10:35
mwhudson	i spent a while trying for subiquity to find a way of providing a proxy to snapd that didn't involve restarting it and failed	10:35
niemeyer	For some reason I assumed we were already using it for internal purposes at least.. just not changing the whole system configuration when !core	10:36
Chipaca	mvo: wait, that onClassic check means we don't support proxy.store on classic either	10:36
mvo	mwhudson: hm, you should talk to use more :)	10:36
niemeyer	Chipaca: Yeah, this is busted	10:36
mwhudson	mvo: probably	10:36
mvo	mwhudson: I mean, we can/should honor it internally	10:36
mvo	Chipaca: is it? this is just used internally, no?	10:36
Chipaca	mvo: which is 'this'?	10:36
mwhudson	i should also not rush to complete features before deadlines i guess	10:37
mvo	Chipaca: let me look at the code before I make more statements :)	10:37
Chipaca	mvo: ok :-)	10:37
mvo	Chipaca: what I mean is that iirc we allow setting proxy.store	10:37
mvo	Chipaca: and it is store in the internal configuration state	10:37
mvo	Chipaca: and we honor it inside our code	10:37
Chipaca	mwhudson: turns out deadlines are really only slightly-upset-lines	10:37
niemeyer	Chipaca: Ah, except we do it seems	10:37
mvo	Chipaca: but I have not looked at this	10:37
mvo	Chipaca: I mean, this is just memory	10:37
* Chipaca tries		10:38
Chipaca	hmm, proxy.store does do _something_ (it complains about a missing assertion at least)	10:39
Chipaca	proxy.http does not, though	10:39
mvo	Chipaca: yeah, thats my understanding	10:39
mvo	Chipaca: let me do a quick PR that errors and then I do a not-so-quick PR that honors it internally	10:39
mwhudson	looks like all snap set core proxy.store does is validate the args	10:40
mvo	niemeyer: ^- sounds reasonable?	10:40
mwhudson	on any system	10:40
Chipaca	bah	10:40
Chipaca	i dunno	10:40
Chipaca	validation happens, but handling does not ?	10:40
mwhudson	looks like it	10:40
mvo	Chipaca: we don't need to handle it at this level, do weß	10:40
mvo	s/ß/?/	10:40
* Chipaca gives up		10:40
* mwhudson gets back to ordering groceries (why the laptop is open at 22:40)		10:40
* Chipaca goes shopping		10:40
Chipaca	mwhudson: a solid plan	10:40
mwhudson	ha	10:40
mvo	Chipaca: I mean - for http.proxy we need to modify the filesystem but proxy.store is only used internally and does not need any external actions iirc	10:41
niemeyer	func ProxyStore(st state.State) (asserts.Store, error) {	10:41
niemeyer	tr := config.NewTransaction(st)	10:41
niemeyer	var proxyStore string	10:41
niemeyer	err := tr.GetMaybe("core", "proxy.store", &proxyStore)	10:41
niemeyer	The fact we don't do anything at set time but validation doesn't mean it's unused	10:41
mvo	+1	10:41
niemeyer	I assumed the same was being done for proxy, at least for internal purposes	10:42
niemeyer	We just shouldn't fiddle with the whole system when snapd is not on a core system	10:42
niemeyer	But respecting the variable seems reasonable	10:42
niemeyer	I mean, if people don't want snapd to have a proxy, just don't set it	10:42
mvo	niemeyer: yeah, I think we are in agreement, I have a look at this	10:43
niemeyer	mvo: The question is what's the easiest way to make sure all requests are proxied	10:43
niemeyer	mvo: It may well be to take the proxy configuration and set the environment variable	10:43
niemeyer	Both when we start, and when someone changes the conifg	10:44
niemeyer	Otherwise we'll need to tune every single *http.Client	10:44
mvo	niemeyer: yeah, this is straightforward, we need to double check that golang actually reads the env anew every time	10:44
niemeyer	mvo: +1.. I assume it does, but needs confirmation indeed	10:44
mwhudson	er no it doesn't	10:45
mwhudson	that's what i was saying above	10:45
mvo	mwhudson: hm, hm, thats unfortunate	10:46
ogra	just make people stop using that ancient classic thing ;) core for everyone !	10:46
mvo	niemeyer: the good news is that we have httputils:NewHTTPClient so hopefully a single point where we need to inject this	10:47
mwhudson	mvo: hmmm maybe i am wrong, or maybe this has changed in golang now	10:47
mvo	mwhudson: I was just looking at 1.10	10:48
mvo	mwhudson: but then we still build with 1.6 :(	10:48
mwhudson	ah no net/http's ProxyFromEnvironment still has a sync.once	10:49
niemeyer	mvo: Ah, sweet! I didn't realize we had already consolidated that, great	10:49
mvo	niemeyer: its a bit of a layering problem still because we use that in e.g. "snap download" so we need access to the state	10:50
mvo	niemeyer: we could of course cheat and set an (internal) env var snapd_http_proxy etc	10:50
niemeyer	mvo: I think we need to fix snap download to be more typical	10:50
niemeyer	mvo: Meanwhile, we might just ask for the config in the command maybe?	10:51
niemeyer	mvo: I mean, the configuration is readable from the API	10:51
mvo	niemeyer: great idea	10:51
mwhudson	aah ok you can call golang.org/x/net/httpproxy.FromEnvironment() to make a new thing from the current environment	10:54
mwhudson	(thanks to rog, it seems0	10:56
mwhudson	)	10:56
mvo	mwhudson: this will work in 1.6?	10:58
mwhudson	mvo: no idea	10:58
mwhudson	mvo: suspect not :/	10:58
mwhudson	mvo: do you have a plan for getting off 1.6?	10:59
mwhudson	juju-core uploads in xenial build golang first...	10:59
mvo	mwhudson: I hard foundations will support 1.10 in xenial :P	10:59
mvo	mwhudson: yeah, we might need to do the same, I'm not looking forward to it	11:00
mwhudson	mvo: i just do what the security team tells me to do	11:00
mvo	mwhudson: heh, sure I understand the issue(s)	11:00
mwhudson	(which is why juju does what it does!)	11:00
mvo	mwhudson: it makes me wonder (again) if we should make the snapd in the deb just a small shim that downloads the snapd snap which we then can build in whatever way we want	11:00
* mwhudson reaches for his boostraps only to find he's already standing on them		11:01
mwhudson	mvo: something about the current setup certainly smells bad	11:03
mwhudson	mvo: something something prepare-image classic something	11:03
mvo	mwhudson: I'm missing something here, what about prepare-image classic ?	11:04
* mvo might be a bit slow due to lack of lunch		11:04
mwhudson	mvo: heh i'm skipping ahead in ways that probably don't make sense	11:04
mwhudson	mvo: we already support including snaps in all the images we make	11:05
mwhudson	or will	11:05
mwhudson	why shouldn't the snapd snap be one of them?	11:05
mvo	mwhudson: \o/ I like that thinking!	11:06
mwhudson	well because it's snapd that processes the seed.yaml	11:06
mvo	mwhudson: sillly bootstraps	11:06
mwhudson	so you need something to at least partly process it at image build time	11:06
mwhudson	--> prepare image for classic	11:06
mvo	mwhudson: yeah, we would just need to extract the snapd binary and when it starts and finds a valid seed env it will DTRT (i.e. seed itself, restart itself, seed the rest)	11:07
mvo	mwhudson: so that is actually pretty simple	11:07
mwhudson	and then you can use the go snap to build snapd :)	11:08
mvo	mwhudson: \\o//	11:08
mvo	mwhudson: I will think about this over lunch	11:09
mwhudson	mvo: i'm at least somewhat procastinating about ordering groceries, please don't let me disturb your day too much	11:10
Chipaca	um, sorry if i got distracted and worked on the same thing you've been working	11:10
Chipaca	without reading all the backlog :-)	11:11
Chipaca	i can confirm proxy.store works on classic	11:11
* Chipaca hates having to set up proxy for a quick check like this		11:12
* Chipaca now wonders if he's stuck with the proxy asserts forever		11:12
mup	PR snapd#5693 opened: overlord/snapstate: verify SnapState name matches instance key <Parallel installs> <Simple> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/5693>	11:12
* Chipaca further wonders why he didn't do it in a vm		11:12
zyga	Chipaca: setting proxy on classic blows up fuses in your CPU forever	11:13
mborzecki	pedronis: i'm wondering if a change like #5693 would be useful (actually makes my life easier in the tests)	11:13
mup	PR #5693: overlord/snapstate: verify SnapState name matches instance key <Parallel installs> <Simple> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/5693>	11:13
Chipaca	zyga: 'proxy' is not settable, so neener neener	11:13
ogra	jdstrand, already around ?	11:17
Chipaca	mborzecki: which was the pr you asked me to review?	11:31
mborzecki	Chipaca: https://github.com/snapcore/snapd/pull/5670	11:34
mborzecki	Chipaca: thanks!	11:34
mup	PR #5670: daemon, overlord/snapstate: set instance name when installing from snap file <Parallel installs> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/5670>	11:34
pedronis	mborzecki: it's a bit problematic because some buggy code in a corner doesn't undo the current op, it kills snapd	11:40
pedronis	but making Set return an error is a huge change	11:40
mborzecki	pedronis: yeah, that's what i'm afraid of, either way it's no good :/	11:41
pedronis	mborzecki: otoh I don't think we have a ton of non-test places using Set	11:41
pedronis	you might just do it one level up or have a wrapping helper	11:42
mborzecki	pedronis: the reason i added it is that in the tests it's easy to do .Set(.., "foo_bar", ..) and forget to set InstanceKey in SnapState	11:42
mborzecki	pedronis: MustSet?	11:42
pedronis	I see, for tests	11:43
pedronis	that is a big change too	11:43
mborzecki	pedronis: ok, let me drop it for now	11:43
mup	PR snapd#5693 closed: overlord/snapstate: verify SnapState name matches instance key <Parallel installs> <Simple> <Created by bboozzoo> <Closed by bboozzoo> <https://github.com/snapcore/snapd/pull/5693>	11:45
pedronis	mborzecki: an approach would be some kind of global flag we set in tests	11:51
mborzecki	pedronis: right, that would work, i saw some test only flags/ifs inside the code, so the precedent is set	11:52
Facu	hi all!	11:54
Facu	may it be that snap is restarting my lxd? I have this in my /var/log/syslog: http://linkode.org/#UkaWdFxuTwqJTFFc3UqLW5	11:54
Facu	in that log, snap is telling that some of my snaps have no update available, but for lxd it doesn't say that, and some seconds later lxd is stopped	11:55
mborzecki	zyga: hah, layout test recovery has to be improved little, it leaves garbage behind, jut had tests/main/layout fail because tests/main/parallel-install-layout left the /etc/* symlinks	11:56
zyga	mborzecki: yeah, that's the (existing) bug I mentioned	11:57
mborzecki	mhm	11:57
mborzecki	zyga: the trespassing thing, something i could help you with?	11:58
zyga	yes, I have a branch that we need to go back to	11:58
zyga	I got stuck on the precise algorithm there (after loads of attempts)	11:58
zyga	we can talk about that today	11:58
mborzecki	zyga: i remember the reviewing some checkers for this	11:58
zyga	yeah, a lot of the preceding helpers landed but the "meat" did not	11:59
mborzecki	sounds familiar :)	11:59
pedronis	mvo: I saw you updated the roadmap, there is still some mistyped "topic" in the 2.34 bits	12:05
=== pstolowski is now known as pstolowski\|lunch
mup	PR snapd#5694 opened: tests/main/layout: cleanup after the test <Simple> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/5694>	12:12
mborzecki	zyga: ^^	12:12
zyga	yeah, +1	12:13
zyga	odd - we had that before	12:13
zyga	must have been lost in some PR	12:13
zyga	I remember that all of the trespassing PRs (the full blown versions that didn't land) removed that part	12:14
mborzecki	yeah, btw. cachio__ tracking of tests that executed before came in handy :)	12:14
ackk	hi, I'm trynig to implement a configure hook for a snap, but I get "snapctl: not found" when I run "snapctl get <something>" in the hook script	12:15
cachio__	mborzecki, :)	12:15
ackk	do I need special permissions for the snap to do that?	12:15
ogra	Facu, better start a forum thread ... (see channel topic)	12:16
Facu	ogra, ack, thanks	12:18
mup	PR snapd#5684 closed: cmd/snap: create snap user directory when running parallel installed snaps <Parallel installs> <Simple> <Created by bboozzoo> <Merged by bboozzoo> <https://github.com/snapcore/snapd/pull/5684>	12:29
zyga	mvo: any luck?	12:30
Gargoyle	Hi all. All my snaps have stopped working - is this likely to be related to giving kernel 4.18 a spin (I can't think of anything else I have done). "snap list" shows them all, but none of them work. lxd, discord, postman. It's as though they are just not on the system.	12:31
zyga	Gargoyle: hey, can you provide some more details? what does snap version show?	12:33
mvo	pedronis: thanks, will fix the ypos	12:33
mvo	pedronis: cough typos	12:33
pedronis	mvo: not the most important thing but I see them :)	12:33
mvo	zyga: no luck, lunch and tea and then	12:34
zyga	k	12:34
mvo	pedronis: yeah, thanks for noticing!	12:34
mvo	Chipaca: did you work on the http-proxy stuff? or just store proxy?	12:34
Chipaca	mvo: I just set up postgres and the store proxy to get the assertions and see if it actually worked (it did)	12:34
mvo	Chipaca: great	12:35
Chipaca	mvo: I also set http-proxy and confirmed it did not work	12:35
mvo	Chipaca: thanks for doing this!	12:35
mvo	Chipaca: I am looking into making http-proxy actually work	12:35
Gargoyle	zyga: https://paste.ubuntu.com/p/qFcJvTKx5Z/, I've also tried "snap remove postman" and "snap install postman" which seemed to run the installation fine, but can't launch "postman" from gnome or command line.	12:35
Chipaca	mvo: if in classic, and it's set, it overrides environ?	12:35
zyga	Gargoyle: how did you install the 4.18 kernel?	12:35
mvo	Chipaca: I would assume so, going from most generic to most specific	12:35
zyga	perhaps there's an issue with that kernel and snap confinement	12:36
Chipaca	mvo: can I bother you for a +1/-1 on #5689 ?	12:36
Chipaca	mvo: (you already looked at it)	12:36
mup	PR #5689: many: move Uname to osutil, for more DRY and easier porting <Created by chipaca> <https://github.com/snapcore/snapd/pull/5689>	12:36
Gargoyle	zyga: From the .deb files on http://kernel.ubuntu.com/~kernel-ppa/mainline/v4.18.3/	12:36
zyga	I see	12:36
mvo	Chipaca: we could also warn	12:36
zyga	Gargoyle: I can give that a spin	12:36
mvo	Chipaca: sure, looking	12:36
Chipaca	mvo: thanks	12:36
mvo	Chipaca: you stole all the comments ;) or it would be approved already	12:37
Chipaca	mvo: I put 'em back :-D	12:37
* mvo stops being silly and looks at the code		12:37
Gargoyle	zyga: Cool. I had nvidia drivers and virtualbox installed, so I removed those first and re-installed later. Everything else seems to be working a-ok.	12:38
zyga	Gargoyle: do you have any apparmor denials?	12:38
zyga	what does snap debug sandbox-features # shows	12:38
zyga	(apparmor denials can be checked with: dmesg \| grep DENIED	12:39
Chipaca	mvo: \o/	12:39
mup	PR snapd#5689 closed: many: move Uname to osutil, for more DRY and easier porting <Created by chipaca> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/5689>	12:39
Gargoyle	zyga: https://paste.ubuntu.com/p/z6xX3vwGKT/	12:40
Gargoyle	Snap core denied... that's probably not good!? :/	12:41
mup	PR snapd#5695 opened: osutil/sys: small tweaks to let it build on darwin <Created by chipaca> <https://github.com/snapcore/snapd/pull/5695>	12:41
zyga	mmm	12:41
zyga	Gargoyle: I think I've seen this, it looked like a bug in the latest kernel	12:42
zyga	jdstrand, jjohansen1: ^ do you guys remember if the ptrace(read) issue turned out to be a kernel bug?	12:42
mvo	zyga: hm, we have no notion of "optional" things to mount into a mount namespace right now? i.e. if /var/lib/extrausers exists, mount otherswise no error?	12:44
mvo	zyga: mind if I add it?	12:44
zyga	mvo: we do now (almost, just needs an ack from jdstrand)	12:44
zyga	mvo: look athttps://github.com/snapcore/snapd/pull/5307	12:44
mup	PR #5307: cmd,interfaces,tests: add /mnt to removable-media interface <Created by zyga> <https://github.com/snapcore/snapd/pull/5307>	12:44
zyga	once that lands we can use this feature	12:44
* zyga goes and fixes garbage in that PR		12:46
zyga	brb	12:48
mvo	zyga: cool, I will base my PR on yours then	12:49
mup	PR snapd#5696 opened: interfaces/builtin/opengl.go: add additional cuda bits to opengl <Created by anonymouse64> <https://github.com/snapcore/snapd/pull/5696>	12:51
Gargoyle	brb, reboot (reverting to 4.15)	12:58
=== pstolowski\|lunch is now known as pstolowski
morphis	Chipaca: hm, let me have a look	13:00
morphis	Chipaca: no, sure. I don't see any reason for it to use SIGUSR1	13:01
Gargoyle	zyga: All working fine again back on 4.15.	13:01
Chipaca	morphis: ok, thank you	13:01
zyga	Gargoyle: ack	13:02
zyga	mvo: ack	13:02
mborzecki	store hiccup?	13:06
mup	PR snapd#5690 closed: Add an error code for Polkit auth cancels <Created by robert-ancell> <Merged by zyga> <https://github.com/snapcore/snapd/pull/5690>	13:23
zyga	mvo: do you know more about the details of the core18 mount issue that cachio mentioned?	13:24
sergiusens	Chipaca: does the latest snapd in beta now default to setting the snaps in /var/lib/snapd/snaps to 600?	13:27
Chipaca	sergiusens: yes	13:28
sergiusens	Chipaca: this unfortunately breaks snap install snapcraft ....; mkdir project; cd project; snapcraft init; /snap/bin/snapcraft cleanbuild	13:28
Chipaca	sergiusens: <3 you're using beta!	13:29
sergiusens	Chipaca: not me... I got burned by beta already :-P	13:29
Chipaca	sergiusens: boo :-(	13:29
sergiusens	not on my main machine at least, I rely on too many snaps to get my work done that if anything breaks I would need to use my cellphone until I bring back my computer from backup	13:30
sergiusens	Chipaca: how many snaps do you rely on for day to day work ;-)	13:30
mborzecki	damn, was looking for bugs in snapstate.refreshCandidate(), found i'm not setting parallel-instances feature flag	13:30
popey	i too have been burned this morning by this	13:31
popey	should I refresh core to stable, or something else?	13:33
Chipaca	sergiusens: ~5 :-)	13:34
sergiusens	Chipaca: my only installed browser and code editor are from snaps :-)	13:34
popey	every application i have open is a snap	13:35
Chipaca	sergiusens: popey: you're awesome	13:37
jdstrand	zyga (cc mvo and Gargoyle): it was a kernel fix	13:44
zyga	jdstrand: I see, is it upstream now?	13:44
jdstrand	Gargoyle: if you update to snapd 2.35, it will work	13:45
Gargoyle	ahh. OK. Thanks.	13:45
jdstrand	zyga: is what upstream? the kernel fix? yes, it is in 4.18. there is a fix for this in snapd 2.35 already. there is additional work to only add the trace rule conditionally, but that needs kernel upstreaming (but is not a problem for snapd, it is just hardening)	13:46
zyga	ok	13:47
jdstrand	https://forum.snapcraft.io/t/snaps-are-not-working-with-linux-kernel-v4-18-rc/6708/3	13:47
mborzecki	going to pick up the car, bbl	13:55
Chipaca	https://www.reddit.com/r/Ubuntu/comments/992mcd/help_snaps_are_using_all_my_data/ fwiw	14:15
* Chipaca pushes a "EAT MORE DATA" PR		14:15
pstolowski	so, re system snap name - hotplug needs to know where to attach hotplug slots to; there needs to be one authoritative helper that does return snapinfo for the system i think. what kind of logic do we need for that, should these slots live on "snapd" snap if available?	14:32
Chipaca	sergiusens: so, about files being 0600, what can we do?	14:35
Chipaca	sergiusens: you were there when we decided to do this :-)	14:35
sergiusens	Chipaca: the alternatives are: break everything, wait on the release until we add logic for this or revert the change	14:36
sergiusens	Chipaca: yes, but the when was not decided :-)	14:36
sergiusens	Chipaca: I was also there when we decided on the first version of epochs, it lives in snapcraft to this date ;-)	14:36
Chipaca	sergiusens: it really sounds like you're asking for a waterfall process with deliverables and stuff which ain't gonna happen	14:37
Chipaca	:-)	14:37
Chipaca	sergiusens: hold on	14:37
Chipaca	sergiusens: this came about because, in _some_ situations, files were already 0600	14:37
sergiusens	yes, the ones with x	14:37
Chipaca	sergiusens: so you already have a workaround for those?	14:38
sergiusens	so, snaps with no assertions	14:38
sergiusens	yes, if the revision starts with x, sudo comes into play	14:38
Chipaca	ah	14:38
Chipaca	sergiusens: given the alternatives, we need to involve mvo and niemeyer	14:39
zyga	pstolowski: I'm going for lunch now, sorry; took a break to sync with family	14:39
=== chihchun is now known as chihchun_afk
Chipaca	sergiusens: so, a proposal	14:43
Chipaca	sergiusens: as a temp fix, make it always use sudo for that step (I'd like to see how it uses sudo, just in case)	14:44
Chipaca	sergiusens: then, maybe in 2.36 we can add something that lets you stream the snapfile given some constraints	14:45
Chipaca	sergiusens: how does that sound?	14:45
sergiusens	Chipaca: all the new code is already resilient, it is this old stuff, which everyone uses that will break	14:46
sergiusens	requesting sudo for non corner case will suck though	14:46
Chipaca	sergiusens: what's the code that does this?	14:48
sergiusens	Chipaca: it still begs the question, will you wait until that makes it into general availability?	14:48
Chipaca	sergiusens: I am not the one that decides that	14:48
Chipaca	ah, found the code	14:49
sergiusens	Chipaca: https://github.com/snapcore/snapcraft/blob/master/snapcraft/internal/lxd/_containerbuild.py#L345	14:50
Chipaca	hmm	14:53
Chipaca	sergiusens: when I run snapcraft from master things just worked	14:53
Chipaca	sergiusens: what's the snap doing differently?	14:53
sergiusens	Chipaca: injection is when running from the snapcraft snap	14:53
Chipaca	ah, i guess that's common.is_snap() == False and the other path	14:53
Chipaca	sergiusens: unrelated question about this code	14:54
Chipaca	sergiusens: I see the watch for auto-refresh, but i don't see the refresh.hold; is that done?	14:54
sergiusens	Chipaca: for the new code	14:56
mborzecki	re	14:57
Chipaca	mborzecki: wb	14:57
sergiusens	Chipaca: https://github.com/snapcore/snapcraft/blob/master/snapcraft/internal/build_providers/_snap.py#L263	14:57
Chipaca	mborzecki: do you remember if we check metered for the catalog refresh?	14:57
sergiusens	I asked you to look at the PR 2 weeks ago :-)	14:57
mborzecki	Chipaca: we probably don't	14:58
Chipaca	sergiusens: does it still need a look?	14:59
sergiusens	it is already in master, but yeah, a look never hurts	14:59
Chipaca	sergiusens: but the _containerbuild.py does not do/use that/	14:59
Chipaca	?	14:59
mup	PR snapd#5670 closed: daemon, overlord/snapstate: set instance name when installing from snap file <Parallel installs> <Created by bboozzoo> <Merged by bboozzoo> <https://github.com/snapcore/snapd/pull/5670>	14:59
sergiusens	Chipaca: it does not, I can point release that in the future	15:00
cachio	mvo, should I run sru for 2.35 after beta validation?	15:01
Chipaca	mvo: note sergiusens says we might want to hold off on 2.35 until snapcraft is ready for it	15:02
Chipaca	sergiusens: getting back to containerbuild, why would using sudo suck that much?	15:03
mvo	cachio: yeah, that wouldbe great. is it accepted into -proposed yet? if not we need to ask apw to have a look if snapd can go into -proposed	15:04
sergiusens	Chipaca: because it previously was not requested, that's all	15:04
mvo	Chipaca: oh, tell me more please	15:04
sergiusens	Chipaca: I will work on a fix	15:04
Chipaca	mvo: the 0600 snaps means 'snapcraft cleanbuild' fails for snapped snapcraft	15:04
mvo	ok, when does snapcraft plan to push the update?	15:05
Chipaca	mvo: we were still discussing what to do about it	15:05
sergiusens	mvo: we need to write a fix first	15:05
mvo	sergiusens: heh, ok	15:05
Chipaca	mvo: I flagged you and niemeyer above, but it's just been the two of us	15:05
mvo	sergiusens: sorry, i missed that	15:05
mvo	sergiusens: this sounds like its a couple of days away? with qa and pushing a new release and all that?	15:05
Chipaca	mvo: the easy fix sucks for users	15:06
mvo	yeah	15:06
mvo	sudo is not great	15:06
Chipaca	to be clear, it was already using sudo before, just in more cornery-cases (sideloaded files were already 0600)	15:06
sergiusens	mvo: provided that I have been running adt to push a new snapcraft for a week and just did dput I am not so confident	15:06
sergiusens	but yeah, as soon as possible	15:07
Chipaca	mvo: and then the question is, what can snapd do to make it better	15:07
cachio	mvo, sure, I'll try to promote to candidate 2.35 today and then I'll start with thtat	15:07
niemeyer	sergiusens, Chipaca: How about using download?	15:07
mvo	sergiusens: I share the adt pain	15:08
mvo	sergiusens: but yeah, that sounds unfortuante, maybe we need to remove this change on our side and re-add on 2.36	15:08
mvo	cachio: thank you!	15:08
Gargoyle	jdstrand: Will 2.35 be made available via standard packages for 18.04, or do you have to add a ppa to get the latest version?	15:08
sergiusens	niemeyer: I will try download first, it will remove the possibility to inject the currently sideloaded snap (if it existed) but would solve the greater use case	15:09
niemeyer	sergiusens: Not necessarily	15:09
niemeyer	sergiusens: But possibly, at least for now	15:10
niemeyer	sergiusens: I really hope we can stop special casing the "snap download" command.. it's only caused us pain	15:10
niemeyer	sergiusens: When that happens, we can make "snap download" pick up content from the cache.. that's already done for internal operations	15:11
sergiusens	niemeyer: oh, I am not asking for that :-)	15:11
niemeyer	sergiusens: Right, I'm the one suggesting it...	15:11
sergiusens	niemeyer: 👍	15:12
sergiusens	I will work on a fix and get a review from Chipaca	15:12
Chipaca	I'll make sure to forget to review it	15:12
zyga	Pharaoh_Atem: hey	15:12
zyga	Pharaoh_Atem: I think we need your help	15:12
=== JanC_ is now known as JanC
=== chihchun_afk is now known as chihchun
mup	PR snapd#5413 closed: tests: purge packages installed by accounts, calendar, and contacts interface tests <Created by jhenstridge> <Closed by niemeyer> <https://github.com/snapcore/snapd/pull/5413>	15:56
mup	PR snapd#5697 opened: overlord/snapstate: fix UpdateMany() to work with parallel instances <Parallel installs> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/5697>	16:01
mborzecki	pedronis: ^^	16:01
pedronis	mborzecki: thanks, I will look at it tomorrow	16:02
mborzecki	pedronis: great, thank you!	16:02
=== pstolowski is now known as pstolowski\|afk
jdstrand	Gargoyle: it will be made available to 18.04, but since you are on Ubuntu, you can simply do: sudo snap refresh core --beta	16:15
zyga	niemeyer: hey, could you please refresh spread the snap to the current release please?	16:31
Chipaca	niemeyer: i'm missing something wrt patch sublevels i'm afraid	16:32
Chipaca	niemeyer: if a user refreshes from pre-sublevels to a revno with sublevels, and then goes back, what makes the sublevel patch run again when they come back back?	16:33
ogra	whee !	16:38
ogra	i actually managed to get my wmx gui session into a confined state !	16:38
pedronis	Chipaca: we need a breaking patch to introduce them? :/	16:39
Chipaca	ogra: does your gui have a red button that says 'exec' on it	16:40
ogra	jdstrand, i'd appreciate if you could unleash wmx-kiosk-session in the snap store ... its another Xwayland snap that uses the loopback x11 setup (similar to xdmcp-client) and got stuck in review	16:40
pedronis	Chipaca: or maybe not breaking, but a release that just reset them on start	16:40
Chipaca	pedronis: we could also edit the patchlevel on exit	16:41
Chipaca	pedronis: i mean, on downgrade, it's snapd doing the downgrade	16:41
pedronis	but we don't easily know the patchlevel of the old thing	16:42
ogra	Chipaca, https://imgur.com/a/HuXpmJh	16:42
ogra	no red	16:42
Chipaca	ogra: http://okcancel.com/comic/4.html	16:42
ogra	(but i could add some red ... :) )	16:42
ogra	lol ... i love the kill -9 in green :)	16:43
=== chihchun is now known as chihchun_afk
mvo	Chipaca: an early sniff test of https://github.com/snapcore/snapd/compare/master...mvo5:use-proxy-conf?expand=1 would be great, I will expand and add tests, also ideas where the proxy handler should life would be great (maybe the place is ok)	16:58
mvo	Chipaca: hey, disconnected, sorry. did you get my earlier message	17:06
Chipaca	mvo: I got it but I hadn't seen it	17:07
Chipaca	mvo: looking now	17:07
mvo	Chipaca: thanks, no worris	17:09
Chipaca	mvo: that looks nice	17:10
mvo	Chipaca: yeah, I'm not sure where proxyHelper should live but beside that it just needs some polish and should be good to go	17:10
Chipaca	mvo: ttfn! see you tuesday!	17:26
jdstrand	ogra: ok	17:26
niemeyer	chihchun_afk: Reviewed the PR>. not sure if it clarifies your question	17:26
niemeyer	chihchun_afk: Sorry.. wrong nick	17:27
ogra	popey, now confined and shipping all basic x11 apps in the snap https://imgur.com/a/s47MQOw	17:28
ogra	(though you can indeed not use "snap run" anymore with that)	17:28
ogra	(unless you explicitly switch to --devmode)	17:28
Pharaoh_Atem	zyga: wut, what?	17:38
zyga	Pharaoh_Atem: there are some selinux issues with socket activation of services installed from snaps	17:38
zyga	Pharaoh_Atem: do you have some time to look into that?	17:38
Pharaoh_Atem	not right now	17:38
niemeyer	sergiusens: What happened here:	17:38
Pharaoh_Atem	I'm really compressed and I'm trying to squeeze time to update snapd right now	17:39
niemeyer	https://www.irccloud.com/pastebin/dPnQNNkp/output.txt	17:39
Pharaoh_Atem	zyga: I suspect that this is the consequence of not generating policies here	17:39
niemeyer	sergiusens: This snap get command doesn't make much sense...	17:39
Pharaoh_Atem	the socket path used isn't covered in the domain of snappy run applications and services	17:39
niemeyer	sergiusens: This was the snapcraft.yaml I've been using since I started packing spread as a snap	17:39
zyga	Pharaoh_Atem: mmm	17:39
Pharaoh_Atem	because properly packaged lxd works fine	17:40
niemeyer	sergiusens: The plugin can't be much simpler than this:	17:40
Pharaoh_Atem	as the SELinux policy for container runtimes already supports LXD when built and installed normally	17:40
niemeyer	https://www.irccloud.com/pastebin/CltIdxY9/	17:40
niemeyer	Sorry, I mean the part	17:40
Pharaoh_Atem	the fact that no one upstream is interested in bringing LXD to Fedora as a native package is beside the point, though	17:40
zyga	Pharaoh_Atem: is there something that needs to happen in the snapd policy or is this something to correct in the main policy?	17:41
Pharaoh_Atem	zyga: I'm not sure	17:41
Pharaoh_Atem	do we have a strict rule about where sockets are created for snapped services?	17:41
sergiusens	niemeyer: that does indeed look correct, we have not made any changes as of late to any of this.	17:41
Pharaoh_Atem	and the other question, how do we enforce the label being set?	17:41
zyga	Pharaoh_Atem: I don't know	17:42
niemeyer	sergiusens: Weird.. I wonder what's going on.. the command there makes little sense	17:42
Pharaoh_Atem	zyga: without answers to these things, this is going to be very hard	17:42
niemeyer	2.41 shows the same error	17:42
zyga	mm	17:42
sergiusens	niemeyer: can you point me to the full repo?	17:43
niemeyer	sergiusens: https://github.com/snapcore/spread/	17:43
niemeyer	sergiusens: Woah	17:50
niemeyer	sergiusens: There's apparently a serious bug there.. It seems to be getting the local source instead of checking out the remote package	17:51
sergiusens	niemeyer: paste.ubuntu.com/p/DTK8DxVXZ6/ the problem is related the fact that source is implicit and defaults to "." (I have made it explicit in that diff). It is one of the things I wanted to bring up as a requirement with the move to bases. The next entry is since the source is not in a fully qualified import path,we need a way to know where it lives. If we removed the implicit source, your snapcraft.yaml will work collocated in there	17:51
niemeyer	sergiusens: This snapcraft.yaml worked...	17:52
niemeyer	sergiusens: Which means something changed in a breaking way	17:52
sergiusens	niemeyer: that implicit source has been there for over two years, so the only thing I can think of is that it was collocated with the source just recently	17:52
niemeyer	sergiusens: Well, maybe I'm just crazy then, and it has been doing something other than what I assumed since forever	17:53
niemeyer	Which is a real possibility	17:53
sergiusens	this is on my list of things to fix without breaking the older plugins for a while now	17:53
sergiusens	fwiw, I do not like this behavior of implicit source	17:54
niemeyer	sergiusens: I can see how it's nice when that's what you want, on something simple	17:54
niemeyer	sergiusens: But this particular case makes it error prone because we _seem_ to request a particular URL, but not really	17:55
sergiusens	niemeyer: but it leads to confusing things like this, we have also had the same comment from people using npm and yarn	17:55
niemeyer	Yeah	17:56
sergiusens	niemeyer: I'll write up a proposal on the forum for the behavior and send your way	17:58
niemeyer	sergiusens: Thanks!	18:02
zyga	success! spread works for me again	18:08
zyga	man, I need to figure out why now	18:08
niemeyer	zyga: You got it	18:08
niemeyer	spread, that is	18:08
niemeyer	pstolowski\|afk: And you got a review for the patch sublevel PR, but you're rightfully out of here already	18:09
niemeyer	As should I be	18:09
niemeyer	In fact, here I go.. o/	18:10
zyga	niemeyer: thank you! I'll give it a try after this run	18:14
zyga	niemeyer: I was trying to get locally built copy to work	18:14
zyga	mvo: hey, still around\	18:15
zyga	mvo: I just wanted to comment about the extrausers topic	18:16
zyga	mvo: if you are around, I'd love to share that thought that I had during the standup	18:16
mispp	hey all, a question if i may. is it possible to define which g++ and which qt5 version is used when building snaps?	18:18
zyga	mispp: I believe that you can craft a makefile and define CC and CXX and just use that	18:19
zyga	mispp: snaps are not opinionated and snapcraft allows for a lot of flexibility	18:19
mispp	well, i can build snap on my own box with ubuntu 18.04, works perfectly	18:19
zyga	mispp: you just need enough of the dependencies to use that compiler	18:20
mispp	but now i'm trying to set up build.snapcraft.io	18:20
mispp	to pull directly from github	18:20
mispp	and it fails probalby because of the same reason why "snapcraft cleanbuild" fails - too old g++/qt5	18:20
zyga	mispp: because on your 18.04 machine you are using your local tools for building; snapcraft builder uses a virtual machine or a container with ubuntu 16.04 there	18:20
zyga	mispp: as a simple answer you will be able to use core18 instead of core16 (aka core) to use the more recent toolchain	18:21
mispp	alright, googling	18:22
zyga	mispp: please try core18 instead, I personally haven't used snapcraft for building apps against core18 (I use hand-crafted tools because we are building things before the other tools are ready),	18:22
zyga	mispp: try just adding "base: core18"	18:22
zyga	mispp: I don't know if that is supported end-to-end	18:22
zyga	mispp: but that declaration conveys multiple things: that the application will run against a ubuntu 18.04-based runtime	18:23
zyga	and that the application should be _built_ against such environment as well	18:23
mispp	thanks for the concerns, but this is still development what i'm trying	18:24
mispp	so even if it doesnt work, no harm done	18:24
ogra	note though that nothing binds you to any ubuntu release thoug, you can craft a snapcraft.yaml that even builds a toolchain, compiler and Qt from soucre if you want	18:25
mispp	i'm not that skilled that i can pull this off, so i'd rather try core18 if it works	18:25
mispp	where can i find this in docu?	18:26
popey	ogra: nice!	18:26
ogra	(it surely is a lot effort and will massively increase build time, but snapcraft is flexible enough that you can build all bits you want to ship from source)	18:26
zyga	mispp: not sure, sorry, being on the front lines is not doesn't give me the right perspective	18:27
zyga	mispp: just put "base: core18" into your snapcraft yaml and build that	18:28
zyga	I'm going for a bike ride while it's not pitch black	18:28
zyga	bbl	18:28
mvo	zyga: I'm around	18:29
mup	PR snapd#5695 closed: osutil/sys: small tweaks to let it build on darwin <Created by chipaca> <Merged by chipaca> <https://github.com/snapcore/snapd/pull/5695>	18:45
mup	PR snapd#5698 opened: osutil: reorg and stub out things to get it building on darwin <Created by chipaca> <https://github.com/snapcore/snapd/pull/5698>	18:46
mispp	core18 doesnt work, still uses old toolchain	18:54
mispp	also ... error: cannot find app "goat" in "goat"	19:06
mispp	i guess apps part was missing	19:09
mup	PR snapd#5699 opened: overlord,store: support proxy settings internally too <Created by mvo5> <https://github.com/snapcore/snapd/pull/5699>	19:28
mispp	cannot perform readlinkat() on the mount namespace file descriptor of the init process: Permission denied	19:30
mispp	what's this about?	19:30
=== kirkland is now known as Guest25977
=== chihchun_afk is now known as chihchun
zyga	re	20:28
zyga	mispp: are you on 4.18?	20:28
zyga	mispp: I believe this is one of the bugs that is fixed in mainline / snapd 2.35	20:28
=== AdmWiggin is now known as tianon
=== cjwatson_ is now known as cjwatson
kyrofa	zyga, snapd supports automatically starting snap apps on login, right? Do we have docs for that?	22:10
kyrofa	All I see is https://forum.snapcraft.io/t/how-to-autostart-a-snap-of-a-desktop-application/2449/33, which pretty much tells me nothing	22:11

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!