/srv/irclogs.ubuntu.com/2018/08/28/#snappy.txt

Caelumzyga: looks like we'll need to update the opensuse package again, stopped working02:34
Caelumzyga: "cannot perform readlinkat() on the mount namespace file descriptor of the init process: Permission denied"02:35
mborzeckimorning05:04
mupPR snapd#5691 closed: spdx: allow Other-Open-Source <Simple> <Created by mvo5> <Closed by mvo5> <https://github.com/snapcore/snapd/pull/5691>05:49
mupPR snapd#5728 opened: spdx: remove "Other Open Source" from the support licenses <Created by mvo5> <https://github.com/snapcore/snapd/pull/5728>05:50
mvozyga: hey, what do you think, when can we remove the experimental flag from layouts?05:55
mupPR snapd#5729 opened: many: rename ClientOpts to ClientOptions <Created by mvo5> <https://github.com/snapcore/snapd/pull/5729>06:00
mborzeckimvo: hi, is /etc/hostname not writable in core 18 devices? https://github.com/snapcore/snapd/pull/5722 hostnamectl appears to be failing with 'read only filesystem'06:06
mupPR #5722: tests: test for the hostname interface <Created by sergiocazzolato> <https://github.com/snapcore/snapd/pull/5722>06:06
mborzeckimvo: iirc layouts still have that problem with trespassing to the host's filesystem06:07
mvomborzecki: hm, etc/hostname should be a symlink on core18 to etc/writable/hostname, let me double check that06:09
mvomborzecki: yeah, its a symlink06:11
mvomborzecki: so maybe thats the problem? that the apparmor policy does not have the symlink?06:12
mvo(target)06:12
mborzeckimvo: hmm, but it failed with 'read only fs', i'd guess EROFS appeared somewhere there, with apparmort that'd be more like permission denied06:13
mborzeckimvo: wonder if hostnamectl truncates /etc/hostname or writes a new file and does a rename06:13
zygaGood morning06:15
mborzeckizyga: hey06:16
zygaI’ll start soon06:17
mvomborzecki: oh that rings a bell06:17
zygaKids had blood test today06:17
mvomborzecki: let me quickly check06:17
zygaAnd needed my “moral support”06:17
mvopedronis: is 5699 something you want to review ? or do you think its fine?06:17
mvomborzecki: this sounds a lot like https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/177893606:18
zygamvo: after trespassing bug is fixed06:18
mvozyga: aha, ok06:18
zygaThen they are ready06:18
mupBug #1778936: please re-add Support-system-image-read-only-etc.patch <patch> <systemd (Ubuntu):New> <systemd (Ubuntu Bionic):New> <systemd (Ubuntu Cosmic):New> <https://launchpad.net/bugs/1778936>06:18
mborzeckimup: heh, yes06:19
mupmborzecki: I apologize, but I'm pretty strict about only responding to known commands.06:19
mborzeckimvo: heh, yes :)06:19
zygaI’ll work with Maciej on this as it was harder to come up with precise logic than I wished last time06:19
mvomborzecki: I get the feeling I will have to do this SRU myself :/06:21
mvomborzecki: anyway06:21
mvomborzecki: I will put it on my list06:21
mupPR snapd#5730 opened:  devicestate: support getting (http) proxy from core config  <Created by mvo5> <https://github.com/snapcore/snapd/pull/5730>06:22
mupPR snapd#5704 closed:  snap: add new type "TypeSnapd" and attach to the snapd snap  <Core18> <Created by mvo5> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/5704>06:23
mupPR snapd#5728 closed: spdx: remove "Other Open Source" from the support licenses <Created by mvo5> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/5728>06:24
mvomborzecki: want to have a quick look at 5719 again? I had to change it slightly after gustavos review but should be fine (all tests still happy and errors better)06:25
mborzeckimvo: already +1'ed it06:25
mborzeckioh, w8, that's the other one :)06:25
mupPR snapd#5710 closed:  cmd: support re-exec into the "snapd" snap  <Created by mvo5> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/5710>06:32
mupPR snapd#5709 closed: configcore,snapstate: add new core.experimental.snapd-snap option <Created by mvo5> <Closed by mvo5> <https://github.com/snapcore/snapd/pull/5709>06:41
mupPR core#93 closed: hooks: unwind /etc/alternatives <Created by mvo5> <Merged by mvo5> <https://github.com/snapcore/core/pull/93>06:44
zygaBack06:44
zygamvo: re06:58
zygamvo: I have that dragon on my desk if you need any support06:58
zygamvo: it's not powered on but I can bring all the misc bits and set it up if you need me to06:58
=== pstolowski|afk is now known as pstolowski
pstolowskimornings07:16
mborzeckipstolowski: hey07:20
Caelumzyga: hi, opensuse package is broken again, something to do with apparmor, would an update fix it? If so I'll send you a PR.07:21
zygaCaelum: yes, I have the build ready, just need to pull the trigger07:21
zygaCaelum: can you review & test?07:21
Caelumzyga: yeah totally07:21
zygaok07:22
zygahold on, let me commit07:22
mvozyga: I just send an update to the etc/alternatives stuff in snapcore/core18. not urgent but you may be interessted07:22
mupPR core18#64 opened: hooks: improve /etc/alternatives unwinding <Created by mvo5> <https://github.com/snapcore/core18/pull/64>07:22
zygaack07:22
Caelumzyga: also at some point I want to talk about reviving the gentoo overlay07:23
zygasure07:24
zygaI have nothing for that so please go ahead07:24
mupPR core#94 opened: hooks: improve /etc/alternatives unwinding <Created by mvo5> <https://github.com/snapcore/core/pull/94>07:25
zygabtrfs rebalance ...07:26
zygaha07:33
zygamvo: I found a bug in our systemd unit07:33
zygasystem key refresh takes long eough07:33
zygalong enough07:33
zygathat systemd restarts us07:33
zygawe need to poke systemd using sd-notify during the security setup as it can take a lot of time07:34
zygaI guess this will continue while balancing is in progress as the system is much slower than usual07:36
Caelumit's good to cron that shit07:44
Caelummine is @daily07:44
Caelumzyga: well highlight me if you want me to do anything07:44
zygaCaelum: sure, I'll send my build as soon as btrfs stops my system from crawling07:45
zygaCaelum: I want to branch it so that it can be reviewed07:45
Caelumawesome07:46
zygaok I/O aside I managed to branch it07:56
mborzeckimvo: left you a coment in https://github.com/snapcore/snapd/pull/5729 btw. the title says it's only messing with ClientOptions, but it's adding proxy too08:02
mupPR #5729: many: rename ClientOpts to ClientOptions <Created by mvo5> <https://github.com/snapcore/snapd/pull/5729>08:03
zygahttps://build.opensuse.org/package/show/home:zyga:branches:system:snappy/snapd08:03
niemeyerGood mornings!08:06
Chipacamoin moin08:12
zygahey guys08:12
zygagood morning08:12
zyga:)08:12
pstolowskio/08:12
zygasummer is supposedly back this week (just not yet)08:12
Chipacamvo: did you see the last failure on #5722? is /etc/hostname writable on core 18?08:17
mupPR #5722: tests: test for the hostname interface <Created by sergiocazzolato> <https://github.com/snapcore/snapd/pull/5722>08:18
mvoChipaca: I did not, but i suspect its https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/177893608:26
mupBug #1778936: please re-add Support-system-image-read-only-etc.patch <patch> <systemd (Ubuntu):New> <systemd (Ubuntu Bionic):New> <systemd (Ubuntu Cosmic):New> <https://launchpad.net/bugs/1778936>08:26
Chipacamvo: ah08:26
mvozyga: nice catch08:26
mvomborzecki: 5729 is build on top of the other one, I hope I added it to the description08:27
mvomborzecki: I think I could split them maybe thats clearer08:27
mborzeckimvo: it's ok with me08:27
mvomborzecki: otoh the proxy one can land, I was just waiting to double check with pedronis if he wants to have a look at the proxy thing because it does some potentially dangerous state interactions (it needs to lock state to get the proxy)08:28
mvomborzecki: ok08:28
mvoChipaca: and WELCOME BACK08:28
Chipacamvo: :-)08:29
Chipacamvo: looking forward to all the review feedback that'll be waiting for me08:29
Chipacazyga: were you able to get your lab back up? I could use a darwin shell about now08:32
zygaChipaca: almost, I can set you up in 10 min08:32
Chipacazyga: no rush; just let me know08:32
zygaalmost done08:35
pedronismvo: hi08:36
mvopedronis: good morning! just wanted to double check if 5699  is something you want to have a look at :)08:37
pedronismvo: I'm a bit worried that we are not super consistent about releasing the lock when doing store things08:38
mvopedronis: just to clarify you don't have to, but it might be interessting because of the proxy helper and state lock interplay08:38
pedroniswe do for some main things08:38
mvopedronis: yeah, this PR would enforce that we are08:38
pedronismvo: enforce ?08:38
mvopedronis: well, it will crash or hang if we don't08:38
pedroniswouldn't call that enforce08:38
zygaChipaca: check check?08:39
mvopedronis: ok, bad wording then :/ I mean we will need it08:39
Chipacazyga: check what?08:40
Chipacaah08:40
zygaChipaca: did you see my private msg?08:40
pedronismvo: yea, re-double checking08:40
Chipacazyga: now yes08:40
zygaChipaca: there's golang and gcc08:41
zygaChipaca: there should be git and other things but let me know if you need more08:41
zygaChipaca: you are on bare metal08:41
Chipacazyga: woo, thanks08:42
Chipacambuahaha08:42
zygaenjoy :)08:42
=== chihchun is now known as chihchun_afk
pedronismvo: so rechecking most of the relevant packages have tests with a fakeStore that uses a pokeStateLock helper to check for that,  daemon doesn't do that though because usually it doesn't hold the lock for long and also there's no clear state in many tests, but bit delicate, maybe you want to look there what we can do08:53
mvopedronis: so it sounds like I should add tests in daemon that poleStateLock?08:56
pedronismvo: add pokeStateLock in daemon test fake store bits, yes,   it seems by definition there is always a state if we use those, because we had to use ReplaceStore anyway08:57
mvopedronis: great, I will do that, thank you08:59
* zyga wonders what the error is in https://build.opensuse.org/build/home:zyga:branches:system:snappy/openSUSE_Tumbleweed/i586/snapd/_log09:12
zygalog files from suse are horrible :/09:13
mborzeckihm i guess locking the state for the whole duration of doMountSnap() is a bad idea?09:13
Chipacazyga: can you install squashfs-tools?09:13
zygaChipaca: not sure, let me try09:13
Chipacazyga: (assuming you're using something like brew)09:14
zygano, I try to stay clear of brew09:14
Chipaca(or whatever the package mangler on osx is)09:14
Chipacazyga: I'll run it from git (or try to!)09:15
zygaChipaca: it doesn't build, hold on09:15
zygamksquashfs.c:4404:29: error: use of undeclared identifier 'FNM_EXTMATCH'09:15
zyga                                FNM_PATHNAME|FNM_PERIOD|FNM_EXTMATCH) == 0;09:15
zygaI have a firm deja-vu now09:16
zygaChipaca: if you can find me a copy that builds :)09:16
zygaChipaca: I suspect someone patched the glibc-specific flag09:16
zygaI remember now, I was building this on my MacBook09:17
zyga(remember, the one I had in Netherlands)09:17
zygaand I had to patch some things for it to build09:18
=== chihchun_afk is now known as chihchun
Chipacazyga: looks like there's a nixos patch for darwin09:18
zygaChipaca: do you have a link or a tree ?09:20
zygaideally something we would later on incorporate into our build09:20
Chipacazyga: could you sudo chmod u+s /usr/bin/dtrace09:36
zygadtrace? :)09:37
zygasure, what do you need it for09:37
Chipacazyga: this is the patch: https://github.com/NixOS/nixpkgs/blob/master/pkgs/tools/filesystems/squashfs/darwin.patch09:37
Chipacazyga: 'snap pack' failing with 'exit error 1', wondering what all is failing09:37
Chipacashortest path to answer that is to trace it :-)09:37
Chipacathen i need to improve the error output09:37
Chipacathen, fix it09:37
zygaChipaca: are you set now?09:44
Chipacazyga: it works09:45
zygaok, good luck09:45
zygaI should reboot the ssh host as it runs an older kernel09:45
zygaso let me know when would be a good time for that09:45
zygaCaelum: hey09:47
zygaI pushed https://build.opensuse.org/package/show/home:zyga:branches:system:snappy/snapd09:47
zygacan you please have a look at that09:47
zygaI cannot understand why the i386 build fails09:47
zyga(the error log is just ... not saying anything)09:47
zygain any case, that is the latest and greatest09:47
zygaso any feedback you can get on that is appreciated09:48
zygaCaelum: you need to build the package locally as I didn't publish the build09:49
zygaI'll grab a coffee and be back soon09:49
Caelumzyga: looking now09:51
Caelumzyga: one reason the build can fail I told you about a couple months ago, there is one time-sensitive test running in parallel09:52
Caelumdon't remember which one it was09:55
zygaCaelum: maybe but I'm not convinced09:58
zygathis is failing on i386 consistently09:59
zygawhile not failing on amd6409:59
Caelumoh ok10:02
CaelumI've had a similar thing initially, it would build on i386 but fail on amd6410:02
Caelumbecause it needs 32bit support stuff10:03
zygabut on 32bit system every library is this10:03
zygaI mean, 32bit10:03
Caelumyup10:04
Caelumthere are no logs?10:04
zygasure there are10:05
zygahave a look10:05
zygaI could not find what failed10:05
zygathe go build / check wrappers are extremely verbose10:05
zygait seems a page full of text flies for every single file10:05
Caelumit thinks the tests failed because of bad exit status but there is no error, that would probably mean a segfault10:06
Caelumis it always failing on i386?10:07
Caelumerr i686 I guess10:07
Caelumin the same exact place?10:08
Caelumbuild is randomly freezing on me downloading packages10:09
Caelumweird10:09
zygaCaelum: I don't know, what I managed to get is the log file it references10:10
zygahttps://www.irccloud.com/pastebin/SC8Lnihd/10:10
Caelumzyga: yeah that just runs the tests10:11
Caelumzyga: and then one of them segfaults10:11
zygaaha,10:11
zygaI can run tests with "go test ./..." just fine10:11
Caelumon 32 bit?10:11
zygabut on x86_64 :)10:11
zygaprobably some of the hardening things are breaking10:11
mvopedronis: adding pokestate is a bit of a rathole, a lot of tests do not setup the fake store and just rely on that some other test did that. anyway, working on it. good intuition there10:16
Caelumzyga: if you want to do a test on a 32 bit docker image, there are apparently some tricks involved: https://github.com/moby/moby/issues/61110:22
zygaI'm using a 32bit chroot10:22
Caelumah cool10:23
zygaabuild@tumbleweed:~/go/src/github.com/snapcore/snapd/vendor/github.com/mvo5/libseccomp-golang> go test10:26
zygacan't load package: package github.com/snapcore/snapd/vendor/github.com/mvo5/libseccomp-golang: build constraints exclude all Go files in /home/abuild/go/src/github.com/snapcore/snapd/vendor/github.com/mvo5/libseccomp-golang10:26
zygamvo: ^ that's interesting, I'm trying to understand why this happens10:26
zyganothing immediately obvious would cause this10:26
mvozyga: that it the upstream libseccomp-golang with a mintor tweak10:27
mvozyga: what arch is this?10:27
zygamvo: i586 chroot10:27
mvozyga: maybe its just missing from libseccomp-golang?10:27
zygamvo: the constraints just say +linux10:27
zygaI'm exploring10:28
Caelumzyga: well, for some reason my build kept freezing on downloading packages, so I was not able to test anything, sorry.  Going to be driving for the next 8 hours. If you aren't sure this always happens, you can make a dummy commit to force a rebuild or there is an osc command to force a rebuild too.10:28
popeyWhy does "snap info chromium" say license:   unknown, but https://snapcraft.io/chromium shows lots of licenses?10:28
zygaCaelum: I tried that10:28
Caelumzyga: ah great10:28
zygapopey: because meta/snap.yaml doesn't say license:10:28
popeyah10:29
popeyok, thanks! :D10:29
popeyIt's a bit odd that it behaves differently if installed or not10:30
zygayes10:31
zygabecause once set of meta-data is from the store and the other is from the package10:31
popeyyes, that's bizarro10:31
zyga# runtime/cgo10:33
zygacc1: sorry, unimplemented: 64-bit mode not compiled in10:33
zygamvo: tadam10:33
zygathat's golang 1.10 i38610:33
zygabeing confused about something apparently10:33
zygathis is a i386 chroot10:33
zyga(well i586)10:33
zygathis is after unsetting CGO_ENABLED=010:33
mvozyga: yeah, I was suspecting that it can't identify its architcture10:33
mupPR snapd#5731 opened: daemon: remove TestSnapsInfoUnknownSource <Created by mvo5> <https://github.com/snapcore/snapd/pull/5731>10:34
mvoChipaca: ^-- might be interessting for you, would love your feedback10:34
niemeyercjwatson: ping10:38
Caelumzyga: and there is some kind of problem with 'osc build' that I saw in another one of my projects that I'm getting now: file /usr/lib/rpm/fileattrs/kernel.attr from install of rpm-config-SUSE-0-1.1.noarch conflicts with file from package rpm-4.14.1-3.1.x86_6410:38
Caelumzyga: not related to snapd10:39
zygaI can build / test it in a chroot after setting GOARCH=38610:39
Chipacapopey: license should be per snap revision (and not editable via web), but the store hasn't been able to implement it yet10:39
Caelumzyga: it also runs: file /usr/lib/rpm/fileattrs/kernel.attr from install of rpm-config-SUSE-0-1.1.noarch conflicts with file from package rpm-4.14.1-3.1.x86_6410:40
Caelumerr10:40
Chipacamvo: what does 'go env' print?10:40
Caelum/usr/bin/make -O -j2 -C cmd check10:40
mvoChipaca: you mean zyga right?10:40
Chipacaprobably, yes10:41
zygago env https://www.irccloud.com/pastebin/YsN4UGgW/10:41
zygathough this is tweaked in an interactive shell10:41
zygavanilla build doesn't show me anything useful10:41
Chipacazyga: not sure what you're trying to do, but why are you trying to do it with gccgo?10:41
Caelumzyga: I mean, did you do only "go test" or "make check" too10:42
zygathis is for snap-seccomp10:42
zygalots of red10:43
zygahttps://build.opensuse.org/package/show/home:zyga:branches:system:snappy/snapd10:43
mupPR snapd#5732 opened:  daemon: add pokeTest helper to the daemon tests  <Created by mvo5> <https://github.com/snapcore/snapd/pull/5732>10:43
zygaI'm just going to say this, whoever came up with the wrappers for golang in opensuse needs to do a reality check, it's the least useful wrapper I saw10:43
zygaand this includes the previous ruby wrapper10:43
mvopedronis: I added the tests to a new PR and also updated the 5699 - should I add more before merging 5699?10:43
zygaI'm giving up on this10:44
Caelumzyga: so this happens on all architectures now10:46
cjwatsonniemeyer: hi10:46
Caelumzyga: ok well, I'll take a look over the next few days10:47
zygaok10:47
Caelumzyga: driving home from LA to san francisco now, take care10:51
zygasafe ride home10:51
niemeyercjwatson: Heya10:57
niemeyercjwatson: How do we kick spammers and their comments out of Launchpad?10:57
niemeyercjwatson: https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1575053/comments/10010:57
mupBug #1575053: Please move the "$HOME/snap" directory to a less obtrusive location <julyshakedown> <snapd:Confirmed> <snapd (Ubuntu):Confirmed> <https://launchpad.net/bugs/1575053>10:57
cjwatsonniemeyer: done11:01
cjwatson(https://answers.launchpad.net/launchpad/+addquestion is our preferred way to report spam)11:01
niemeyercjwatson: Thanks!11:03
niemeyercjwatson: Will use that next time11:03
cjwatsonthanks for the report, we obviously try to boot spammers out ASAP to minimise damage11:03
abeatoWimpress, hey, do you know how can make snapcraft generate a manifest?11:05
zygaok11:30
zygasmall progress11:30
zygafinally feels better than packaging11:30
baimafeimahi does anyone know what's the difference in terms of security and user privacy when comparing snaps, flatpaks and appimages?11:42
zygabaimafeima: it's complicated11:42
zygabaimafeima: except maybe appimages that by default have no sandbox at all11:42
baimafeimazyga, mhm so appimages could theoretically gather a lot of data as they are not sandboxed ...11:43
baimafeimaif I were to install a malicious snap or flatpak or appimage, through which could my system most easily be exploited?11:43
zygabaimafeima: as appimage is not sandboxed in any way the answer is obvious11:44
baimafeimazyga, what about snaps vs flatpaks? pros and cons?11:45
zygait's complicated11:45
baimafeimazyga, let's say I have wayland and on the operating system side all the latest versions11:46
zygait's still very complicated11:46
zygait's not something that can be accurately described in a few moments11:46
baimafeimazyga, does having reproducible builds apply to both?11:48
zygano, to neither11:48
baimafeimazyga, I know snaps have a broader use case, IoT and such and distribution is centralized, whereas everyone can host their own flatpaks and it's more desktop-focused...11:50
zygabaimafeima: perhaps it's not common knowledge but both systems cannot care less about how the package is built11:50
zygaso any package can be built in any way really11:50
zygaso some packages can be built with all the hardening and reproducible build tweaks11:51
zygawhile others can just contain a debug build from someone's lap11:51
baimafeimazyga, so you basically suggest a snap is not a snap or a flatpak isn't a flatpak and I would still have to trust the developer on the quality of the packaging? So there are going to be hardened snaps and those that are not?11:52
zygabaimafeima: with both systems you trust on whoever is making the package, yes11:53
baimafeimais the reason to keep the entry barrier into snap or flatpak development low? or is there a way to enforce higher minimum standards below which a snap simply won't run?11:53
zygawhile many packages can be of good quality there is nothing that prevents anyone from making a bad quality package11:53
baimafeimazyga, I see, then I would say a centralized distribution system like with snaps could have an eye on quality control whereas that wouldn't be easily possible with flatpaks?11:54
zygawell11:54
zygawhat's the goal?11:54
zygalinux packaging is hard11:54
zygalinux market share is pretty much close to zero11:55
zygausing the right helpers people will get (over time) better and better builds11:55
zygabut you have to recognise that packaging is very hard as it is already11:55
zygawith each distribution having complex policy11:55
zygaand widely different levels of quality11:55
zygathe point of snaps and flatpak is to make it better for developers and users11:55
zygathat includes making it easier11:56
baimafeimazyga, mhm I see, which distribution do you use to build and develop?11:56
zygawe have plenty of bad outdated, buggy apps already11:56
zygaand the existing policy system does not change that11:56
zygayou can link the buggy and broken and old package with hardening options and use reproducible builds while you are at it11:57
zygabut because it's hard and complex the upstreams cannot care less about that (I'm generalising obviously) and if they ever test something it is whatever they are running (probably not linux because of statistics)11:57
zygaso in the end, we are hoping to make the process less complex so that more people have a better time at making apps11:57
zygaand at using apps11:57
zygabaimafeima: I use multiple operating systems11:58
baimafeimazyga, interesting11:58
baimafeimazyga, I remember (but cannot find the github issue) that there was a discussion regarding on-the-fly updates and whether there is a possibility for end-users to prevent a snap from updating itself and how this can be integrated into software centers with fine-grained control12:00
zygabaimafeima: I wonder if statistically upstream developers still use compiled languages as a majority so reproducible builds and hardening probably apply a level below where people generally tend to code now12:00
zygabaimafeima: there's a thread about that on the snapcraft forum I believe12:02
baimafeimazyga, ah yeah I think it was on the forum, not sure whether it's been resolved by now12:03
zygabaimafeima: it depends by what you mean, there's no universal agreement on what should happen12:03
baimafeimazyga, it's a pity that there's not more commitment to reproducible builds12:03
=== pstolowski is now known as pstolowski|lunch
zygabaimafeima: it's a pity there's no more commitment to {useful APIs,documentation,stability,artwork,localisation,business friendliness}12:04
baimafeimazyga, I think most end-users won't care but some care about the degree of control through the auto-update mechanism12:04
zygathere are many dragons to fight12:04
abeatosergiusens, , hey, do you know how can make snapcraft generate a manifest?12:07
baimafeimazyga, thanks for the infos, I'll slowly read my way into this12:09
zygabaimafeima: if you have specific questions I will be happy to answer them12:11
baimafeimazyga, thanks12:14
zygabrb12:17
zygare12:33
=== pstolowski|lunch is now known as pstolowski
Son_Gokubaimafeima, reproducible builds aren't particularly valuable to most people12:50
Son_Gokuthey've made that choice when they decided in their ecosystems that they attempt fetching from a VCS (nodejs, php, golang, etc.) rather than having releases upload a tarball (python, rust, c/c++, etc.)12:51
jdstrandmborzecki, mvo: /etc/writable/hostname is *not* writable in interfaces/builtin/hostname_control.go13:10
zyga 3085 1000000   20   0   70896  65316  38896 R 100.0  8.1   2:34.73 unattended+13:11
zygathat's weird13:11
zygathat's on a dragon board running core13:11
zygaah, that's inside a container13:12
mupPR snapcraft#2227 closed: lxd: wait for cloud-init <Created by sergiusens> <Merged by sergiusens> <https://github.com/snapcore/snapcraft/pull/2227>13:39
mupPR snapcraft#2228 opened: storeapi: handle releasing to curly braced branch <Created by sergiusens> <https://github.com/snapcore/snapcraft/pull/2228>13:42
ograhmm ... when i "snap stop" a service from a snap and the snap gets refreshed, the service gets automatically started again13:54
ograis that expected (not by me for sure, but is it expected y the implementation ?)13:54
ogra*by the13:55
=== chihchun is now known as chihchun_afk
Chipacaogra: yes14:14
Chipacaogra: or, no14:14
Chipacaogra: … maybe?14:14
Chipacaogra: 'snap stop' does not imply 'snap disable'14:14
Chipacaogra: i mean, snap stop --disable14:14
Chipacawhich is different from snap disable, of course14:14
pedronismvo: btw assertions not only have revisions, but also format (an increasing version of the format), in theory we could also play with that (so far we have incremented it only for snap-declaration)14:22
mvopedronis: oh, interessting idea14:22
pedronismvo: snapd always sends the max-format it supports when asking for assertions14:24
pedronisanyway another thing14:25
* mvo nods14:26
ograChipaca, well, can i disable single services and not the whole snap ? i thought disable completely turns off the whole set14:30
pedronismvo: to be clear it's per assertion type, is not global14:32
Chipacaogra: 'snap disable' is snap-level; 'snap stop --disable' is service-level14:37
mvopedronis: ta14:41
ograChipaca, aaah !! thanks14:43
zygare, hasty day, quick lunch done14:47
sergiusensabeato: hey, sorry, I saw your question pop-up but was super focused on code reviews. So you want SNAPCRAFT_BUILD_INFO (also reminded under recording here https://github.com/snapcore/snapcraft/releases/tag/2.43)15:17
abeatosergiusens, ok, so that is just an env var, right? is it considered experimental still?15:18
sergiusensabeato: no, not experimental, it is being used by USN already15:19
abeatosergiusens, got it, thanks15:19
mupPR snapd#5733 opened: snap/squashfs: improve error message from Build on mksquashfs failure <Created by chipaca> <https://github.com/snapcore/snapd/pull/5733>15:31
mupPR core#94 closed: hooks: improve /etc/alternatives unwinding <Created by mvo5> <Merged by mvo5> <https://github.com/snapcore/core/pull/94>15:36
mvofwiw, I'm looking at the core16 degraded boot failure right now15:36
zygamvo: flashing dragon now15:43
zygamvo: I'm done with meetings today15:43
abeatosergiusens, can you force creation of the manifest in snapcraft.yaml file?15:49
sergiusensabeato: we have no language for that. Maybe create a forum post requesting it.15:54
abeatosergiusens, ok15:55
sergiusensabeato: fwiw, I do agree we need a way to opt-in/opt-out15:55
sergiusensbut it is one of those where agreeing on the syntax for it is the larger discussion:-)15:55
abeatohaha15:55
abeatook15:55
abeatosergiusens, https://forum.snapcraft.io/t/no-way-to-create-manifest-from-snapcraft-yaml/707616:02
cachiozyga, hey16:09
cachiohttps://paste.ubuntu.com/p/y2p6byKthP/16:09
cachioI saw this error16:09
zygaright16:09
zygaI don't know why it happens16:10
zygaI saw the pastebin before16:10
cachiozyga, ok :(16:10
zygathere's clearly a bug but we don't have a firm understanding if this is a bug in systemd or in the kernel16:10
zygaor in some intermediate libraries16:11
cachiozyga, nice, I'll continue researching16:12
zygathere's a thread that has some information about this16:12
zygaif you find out anything please add it there16:13
xnoxmvo, so you went and fixed something for which you already had a universal pam script for without fixing the issue we hit with cloud-sdks shipped as snaps =)16:18
xnoxmvo, can we talk about https://github.com/snapcore/snapd/pull/5226 again? i posted the comment there.16:18
mupPR #5226: data: add systemd user environment generator <Created by mvo5> <Closed by mvo5> <https://github.com/snapcore/snapd/pull/5226>16:18
xnoxmvo, is the test case still not clear which environment is still wrong and still does not contain /snap/bin16:18
zygamvo: booting your image now16:23
zygaI had some SD card woes16:23
zyga(apparently that silly lock switch does something)16:23
zygait errors with: /usr/share/subiquity/console-conf-wrapper: line 13: snap: command not found16:24
zygaI'm in interactive uboot prompt16:24
zygamvo: just let me know what you need when you're back16:24
zygamvo: I applied: env set snappy_cmdline net.ifnames=0 init=/lib/systemd/systemd ro panic=-1 fixrtc systemd.debug-shell=116:25
pstolowskizyga: hey, got a moment for quick HO?16:37
* cachio lunch & doctor16:40
blackboxswnice sergiusens: on cloud-init status --wait. :) per the above lxd: wait branch.16:57
blackboxswglad to see consumers of that blocking wait16:58
mvoxnox: I'm checking your comment and will reply16:59
xnoxmvo, thanks16:59
mvozyga: yeah, that might not be sufficient to get a shell16:59
mvoxnox: aha, so we need a *system* env generator. is there such a thing? pardon my ignorance on this17:01
mvoxnox: anyway, I will investigate17:03
xnoxmvo, well the generator is that.17:04
xnoxmvo, we already had user thing already anyway17:04
=== pstolowski is now known as pstolowski|afk
xnoxmvo, via the legacy script that we did17:04
mvoxnox: ok17:04
mvoxnox: so we ship a systemd system env generator but its not picked up, that is the issue, correct?17:04
xnoxmvo, no you never shipped it17:04
xnoxmvo, you proposed it and then did not merge....17:05
xnoxmvo, and decided that you need environment.d snippet and that's it.... but you didn't need that one at all17:05
xnoxcause you already had the pam.d thing already (the shell script thing)17:05
xnoxmvo, maybe we need a hangout?17:05
sergiusensblackboxsw: heh, I wish I'd known about that sooner, I had implemented my own poller looking at the cloud init status file17:05
xnoxmvo, so the /etc/profile.d/apps-bin-path.sh & /usr/lib/environment.d/990-snapd.conf are redundand.17:06
mvoxnox: oh, now I remember, sorry, it was a while. ok - I think I know what is going on, I missed the difference between the two17:06
mvoxnox: the difference between environment.d and a generator17:06
xnoxmvo, well profile.d is used by pammy / more traditional things; and the latter one is used by recentish systemd things for /logged in users/17:07
blackboxswsergiusens: mea cupla. /me needs to figure out how to better advertise nice CLI features... I dump updates in here https://cloudinit.readthedocs.io/en/latest/topics/capabilities.html#cli-subcommand-details, but I'll make sure to rope someone snappy in on next round of changes that could affect folks.17:07
xnoxmvo,  the /usr/lib/environment.d/ is read by /usr/lib/systemd/user-environment-generators/30-systemd-environment-d-generator for the logged in users.17:07
mvoxnox: thanks, I know now what to do - sorry for this17:08
mvoxnox: I will resurrect the system env generator17:08
xnoxmvo, that's ok. it is confusing, and most things are named identical.17:08
xnoxor very similar17:08
xnoxmvo, dammit can't find the docs now.17:09
sergiusensblackboxsw: no worries, I only found out about that status file by a google/ddg search that led to a bug report from 5 years ago iirc where scott mentioned he'd implement it; look at the code a bit, saw it was there for the series we needed it and just went ahead and did what needed doing17:09
sergiusensdocumentation is hard :-)17:10
mvoxnox: no worries, I will resurrect the PR tomorrow17:10
mvoxnox: thanks for the heads up!17:10
xnoxmvo, cool thanks!17:10
xnoxmvo, it would be nice to have a direction.d thing for system envrionemnt too, but there doesn't appear to be one, hence the need of a executable generator for the system one.17:10
xnox(systemd doesn't pre-ship one, the way it does a user generator)17:11
blackboxswsergiusens: as a heads up, I know snappy also looks at instance-data.json we'll shortly have a 'cloud-init query' subcommand which allows one to query the struct without having to parse the data file directly. Some of those query changes will also surface improved 'region' detection on a couple of clouds. I'll add you as a reviewer when that branch is up, just for a glance to see if it's of interest.17:13
sergiusensblackboxsw: heh, well the person you want to reach out to is mvo; I personally work on only snapcraft these days17:15
blackboxsw+1 thx17:15
sergiusensmy snapd days ended almost 3 years ago :-)17:15
zygapstolowski|afk: now yes18:01
zygamvo: I can tinker perhaps enough to get a Getty18:01
mvozyga: good luck18:09
* zyga just states for the record that we have some idea why the dragon image is not working18:54
mupPR snapd#5734 opened: tests: remove /etc/alternatives from dirs-not-shared-with-host <Created by mvo5> <https://github.com/snapcore/snapd/pull/5734>19:22
* zyga EODs19:56
=== gurmble is now known as grumble
* zyga likes https://commit.style/20:09
mupPR snapcraft#2226 closed: templates: reimplement templates as python classes <Created by kyrofa> <Merged by kyrofa> <https://github.com/snapcore/snapcraft/pull/2226>21:43

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!