/srv/irclogs.ubuntu.com/2018/12/03/#snappy.txt

mborzeckimorning06:16
zygagood morning08:02
zygamborzecki: a lower priority thing I sent last week: https://github.com/snapcore/snapd/pull/6251 - the refactoring you asked for08:02
mupPR #6251: cmd/snap-confine: refactor calling snapd tools into helper module <Created by zyga> <https://github.com/snapcore/snapd/pull/6251>08:02
zygamborzecki: I'd like to mainly land the 2.36 branches: https://github.com/snapcore/snapd/pull/6245 and https://github.com/snapcore/snapd/pull/623508:03
mupPR #6245: interfaces/backends: detect too old apparmor_parser (2.36) <Created by zyga> <https://github.com/snapcore/snapd/pull/6245>08:03
mupPR #6235: overlord,apparmor: new syskey behaviour + non-ignored snap-confine profile errors (2.36) <Created by zyga> <https://github.com/snapcore/snapd/pull/6235>08:03
zygaI will focus on https://github.com/snapcore/snapd/pull/6190, sorting out my travel08:03
mupPR #6190: overlord/configstate,features: expose features to snapd tools <⛔ Blocked> <Created by zyga> <https://github.com/snapcore/snapd/pull/6190>08:03
zygaI can assist in any reviews08:03
=== pstolowski|afk is now known as pstolowski
pstolowskimornings08:05
zygahey pawel08:07
zygaI guess this morning is just us three, no?08:07
pstolowskii think so, yes08:15
mborzeckizyga: pstolowski: morning guys08:18
zyga:-)08:18
mborzeckithe week of short standups08:18
pstolowskihey mborzecki08:19
mborzeckizyga: https://github.com/systemd/systemd/issues/10872#issuecomment-443504757 i'm building it right now08:19
zygalooking :)08:19
pstolowskiyeah, i'll likely skip today's, my daughter has a dentist apointment at 15:2008:19
zygahmmm08:20
zygapstolowski: ok08:20
zygapstolowski: I'll bug you for some reviews08:20
zygasince it's just the three of us08:20
pstolowskisure08:21
dot-tobiasgood morning everyone08:40
zygahey dot-tobias08:46
pstolowskizyga: thanks for the review of #6180 ; i'm not sure what to do about public SnapGlobal/Explicit tbh09:05
mupPR #6180: snap/info: bind global plugs/slots to implicit hooks <Created by stolowski> <https://github.com/snapcore/snapd/pull/6180>09:05
zygapstolowski: I tried myself09:06
zygaand I found two ways out09:06
zygamaybe three if we rewrite tests :)09:06
zyganumber one is to write a new DeepEquals that ignores private fields09:06
zygaI think it is interesting in principle09:06
zygathe second idea is to keep this as is09:06
zygaI think that's what we should do09:06
zygaI would change the name of the variables a little, I wasn't sure what to call them09:07
zygaideas welcome09:07
pstolowskizyga: i don't think DeepEquals should ever ignore private feels, it feels like it's no longer deep equals ;)09:08
pstolowski*private fields09:08
zygait would be some new comparator, sure09:08
zygabut it would help in cases like that09:09
zygaPublicEquals09:09
zygaor something ish09:09
zygadegville: another thing I found valuable today https://www.youtube.com/watch?v=vtIzMaLkCaM :-)09:11
pstolowskizyga: i'd keep it as is and continue in a followup09:11
zyga^ recommend watching that09:11
zygapstolowski: yes but please before landing, let's rename the new variables09:11
zygathey don't feel good (sorry for being vague)09:11
pstolowskizyga: i mean yes, sure, changing names is fine09:12
zygamaybe a 3 minute brainstorm with mborzecki could help09:12
mborzeckihm?09:12
zygamborzecki: we need two variable names09:12
zygamborzecki: one will tell you that a hook was explicitly defined in yaml, rather than being found in a specific directory on disk09:12
zygamborzecki: another will tell you that a specific plug or slot affects all apps and hooks in a snap, rather than being associated with just a subset of them09:13
zygamborzecki: how would you name those two?09:13
dot-tobiasIs it possible to detect within my snap if a required interface is already connected? A service in my snap errors out right after the snap is installed, because I have to manually connect the interface.09:13
mborzeckizyga: is that in 6180?09:14
pstolowskimborzecki: yes09:15
zygaaha09:15
zygadot-tobias: I beileve so09:17
zygadot-tobias: but only in a hook09:17
zygadot-tobias: I don't believe this is possible from a snap in general, that is, go and ask if something is connected yet09:17
dot-tobiaszyga: Ok, I'll test the hook route. Thought about parsing snapctl interfaces -i <required-interface> my-snap-name from inside the service, but that seemed overkill.09:21
zygadot-tobias: please ask pstolowski as well09:21
zygaI think this is useful to have09:21
mborzeckipstolowski: what exactly SnapGlobal means there?09:22
pstolowskimborzecki: it means that given plug/slot is defined at the top-level in the snap yaml09:24
pstolowskihmm perhaps TopLevel would be a better name?09:26
zygaI was thinking about scope but that doesn't work as well, I like TopLevel09:26
mborzeckiTopLevel sounds ok, but I'm looking at the original code and it looks a bit confusing09:32
mborzeckipstolowski: do i read it right, if you have top level slots in the snap, and say have, one of the slots listed under an app too, then it's no longer automatically bound to all other apps/hooks?09:33
zygamborzecki: yes, that's the semantics09:34
zygamborzecki: plugs and slots are defined implictly by mentioning them in the abbreviated format09:34
pstolowskiyep09:34
zygamborzecki: such plugs and slots are bound to the apps and hooks that mention them09:34
zygamborzecki: interfaces may be also defined or expanded in the top level09:34
zygaunless they are associated with a specific app or plug they become global/toplevel and apply to everything09:35
zygamaybe we should call it what it is09:35
zygaprivilege spearation09:35
zygaprivilege separation: true, applies to subset09:35
zygano, applies to all executable code09:35
pstolowskizyga: what do you think about TopLevel name?09:52
zygayeah, let's go with top level for now09:53
zygaIdeally we'd find a name that makes it useful and not just an implementation detail09:53
zygabut let's not make perfect the enemy of the good09:53
mborzeckienough to move forward09:53
zygahttps://github.com/snapcore/snapd/pull/6253 needs a 2nd review10:03
mupPR #6253: Members of canonical LP group should pass CLA check <Created by kenvandine> <https://github.com/snapcore/snapd/pull/6253>10:03
pstolowskizyga: thanks10:23
zyga guys, quick question10:31
zygaI'm working on https://github.com/snapcore/snapd/pull/6190/files10:32
mupPR #6190: overlord/configstate,features: expose features to snapd tools <⛔ Blocked> <Created by zyga> <https://github.com/snapcore/snapd/pull/6190>10:32
zygathere are some low hanging fruit inside10:32
zygafor instance stuff like https://github.com/snapcore/snapd/pull/6190/commits/f8f2f3b389b920f299f8994a7e4fb96a02c14a1910:32
zygashall I pop that out to a new branch?10:32
mborzeckizyga: yeah, looks useful10:40
zygamborzecki: in that case -> https://github.com/snapcore/snapd/pull/625510:57
mupPR #6255: testutil: add File{Present,Absent} checkers <Simple 😃> <Created by zyga> <https://github.com/snapcore/snapd/pull/6255>10:57
mupPR snapd#6255 opened: testutil: add File{Present,Absent} checkers <Simple 😃> <Created by zyga> <https://github.com/snapcore/snapd/pull/6255>10:58
mborzeckizyga: i think the fontconfig fix is insufficient for fedora11:02
zygaoh?11:02
zygatell more please11:02
zygait made positive effect on all suse versions I tried11:02
mborzeckizyga: they use --with-cache-dir=/usr/lib/fontconfig/cache11:02
zyga(42.3, 15 and tw)11:02
zygaheh11:02
zygais that when we tell mvo on monday ;)11:03
zygawhy /usr/lib?!?11:03
mborzeckizyga: beats me11:03
zygafile a bug please11:03
zyganot on fedora11:03
zygaon snapd for now11:03
mborzeckii was chasing down that denial, and couldn't trigger it on f29 cloud image, so went on digging and found this :/  arch uses /var/cache/fontconfig fwik11:04
zygabrb, let me make coffee11:04
zygamborzecki: desktop is such a fractured thing11:04
zygaso wait11:04
zygaon fedora /usr/lib/fonconfig/cache11:04
zygaare files there written at runtime11:04
zygaor shipped via packages?11:04
zygabrb11:04
mborzeckiwritten when fc-cache is invoked11:05
mborzeckialso, fc-cache appears to be tricky for i686 and x86_64, on fedora fc-cache is a script that calls fc-cache-32 and fc-cache-6411:06
mborzeckii recall someone mentioning that the cache files are actually a memory dump of a struct or somesuch11:06
mborzeckiyeah, fontconfig.i686 ships fc-cache-3211:09
mborzeckimaybe we need a helper to run these tools after all11:10
zygayes, they are11:10
zygaI think11:10
zygainstead of shipping our own builds of fc-cache11:10
zygawe should instead run the cache from the distro11:10
zygaand only do this for classic confined snap11:10
zygafor strictly confined snaps we should do what we did now11:10
zygathat is, provide our own cache11:10
zygabut the approach for strict and classic must differ11:10
mborzeckizyga: i think the trouble is that the distro may not ship fc-cache for particular fontconfig version in the core snap11:18
zygamborzecki: but that version is rarely used in practice11:18
zygaotherwise you would see an improvement11:19
zygaright?11:19
zygayou are really seeing a snap using your fontconfig11:19
zygastraight from the distro11:19
=== geodb27_ is now known as geodb27
mborzeckizyga: my cache, but not my lib version (unless someone tweaked how the snap is built)11:29
zygaso wait11:29
zygahow can both be true11:29
zygaif a program uses fontconfig11:29
zygait is either from core11:29
zygafrom the snap itself (equivalent)11:29
zygaor from the native host libs11:30
mborzeckizyga: yeah, so unless tweaked, the snap ends up with whatever libfontconfig was in 16.04, right? that's for both confined and classic11:31
zygaof 18.0411:31
zygayeah11:31
zygabut classic snaps can be hand made11:31
zygacan have any layout inside11:31
mborzeckiyes, that's what i mean by tweaking the build11:31
zygaincluding vanilla linker11:31
zygaso11:32
zygamy point is that there's either libs from the host used11:32
zygawhich imply *cache* from the host11:32
zygaor libs from the snap/core11:32
zygawhich imply cache compatible with that11:32
zygathere's no third cache11:32
mborzeckiaah, i see what you mean, the core lib was rebuilt with cache in /var/cache/fontconfig11:32
zygamborzecki, pstolowski: could you please review https://github.com/snapcore/snapd/pull/625511:51
mupPR #6255: testutil: add File{Present,Absent} checkers <Simple 😃> <Created by zyga> <https://github.com/snapcore/snapd/pull/6255>11:51
pstolowskizyga: nice! that will be pretty useful, looking11:51
zygapstolowski: and if you can, I need 2nd review on https://github.com/snapcore/snapd/pull/624411:52
mupPR #6244: release: detect too old apparmor_parser <Created by zyga> <https://github.com/snapcore/snapd/pull/6244>11:52
dot-tobiaspstolowski: Is it possible to detect within my snap's application code if a required interface is already connected? snapctl only supports config and service related commands12:05
pstolowskidot-tobias: hmm, not really, you could store this fact somewhere in interface hooks as connections happen (but then you also need to do the opposite on disconnect)12:09
pstolowskidegville: can you remind me where was the doc for interface hooks?12:11
degvillepstolowski: https://forum.snapcraft.io/t/interface-hooks/821412:12
pstolowskidot-tobias: ^12:12
dot-tobiaspstolowski: Thanks! Sounds like a good solution for now. I just want to prevent log bloat since my snap's services try to run various interface-dependent commands on app start, but adding exception handling just for this one moment where the snap's plugs are not yet connected is a bit much.12:13
pstolowskidegville: thanks! is this going to be merged with the main docs?12:13
pstolowskidot-tobias: obviously, if you could simply probe and it's cheap, than it's an option too12:13
degvillepstolowski: it's currently linked to from the general hooks page (https://docs.snapcraft.io/supported-snap-hooks/3795)12:14
pstolowskiack, thanks12:17
zygare12:35
zygaback to coding12:35
mborzeckipstolowski: can you take a look at https://github.com/snapcore/snapd/pull/6246 ?12:58
mupPR #6246: spread: show AVC audits when debugging, start auditd on Fedora <Simple 😃> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/6246>12:58
mborzeckioff to pick up the kids13:10
zygamborzecki, pstolowski: can you please review the 2.36 PRs https://github.com/snapcore/snapd/milestone/2113:15
mupPR snapd#6253 closed: Members of canonical LP group should pass CLA check <Created by kenvandine> <Merged by zyga> <https://github.com/snapcore/snapd/pull/6253>13:16
zygabrb13:43
pstolowskizyga, mborzecki i'm gonna miss the standup13:55
mborzeckiack13:56
mborzeckizyga: about cgroups v1 https://github.com/systemd/systemd/issues/10969#issuecomment-442357207 ;)14:18
zygasee ;-)14:23
mborzeckizyga: https://github.com/snapcore/snapd/pull/6185 has 2 +1s, i'm thinking squash merge?14:23
mupPR #6185: snap: add new `snap run --trace-exec` call <Performance 🚀> <Created by mvo5> <https://github.com/snapcore/snapd/pull/6185>14:23
zygalooking now14:23
zygayes14:24
zyga+ on squashing it14:24
mupPR snapd#6185 closed: snap: add new `snap run --trace-exec` call <Performance 🚀> <Created by mvo5> <Merged by bboozzoo> <https://github.com/snapcore/snapd/pull/6185>14:27
mborzeckizyga: i'll open a 2.36 PR14:28
zygawait14:29
zygaplease merge my two PRs14:29
zygaotherwise 2.36 is red14:29
mupPR snapd#6256 opened: snap: add new `snap run --trace-exec` call (2.36) <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/6256>14:30
mborzeckiaah ok, looking14:30
mborzeckizyga: #6235 has conflicts now14:32
mupPR #6235: overlord,apparmor: new syskey behaviour + non-ignored snap-confine profile errors (2.36) <Created by zyga> <https://github.com/snapcore/snapd/pull/6235>14:32
mupPR snapd#6245 closed: interfaces/backends: detect too old apparmor_parser (2.36) <Created by zyga> <Merged by bboozzoo> <https://github.com/snapcore/snapd/pull/6245>14:33
zygagrumpy about random failures14:45
zygahttps://github.com/snapcore/snapd/pull/6255 red for 3rd time in a row14:46
mupPR #6255: testutil: add File{Present,Absent} checkers <Simple 😃> <Created by zyga> <https://github.com/snapcore/snapd/pull/6255>14:46
mborzeckiok, left a note under https://github.com/systemd/systemd/issues/1087214:51
zygammm14:52
zygahmm14:52
zygaso does it work?14:52
zygamborzecki: btw, I need to show you that part in libmount where I think the bug is as well, there's a lock missing14:52
zygamaybe we are seeing a pair of bugs14:52
zygamborzecki: will you be around today or are you wrapping up now?14:53
mborzeckizyga: you think bugs are like sith?14:53
zygamborzecki: like binary star systems ;)14:53
zygathey always come in piarr14:53
zyga*pairs14:53
zygamborzecki: I need to break for lunch now14:53
zygamborzecki: will you be here in an hour/14:53
mborzeckii'll probably be around later too, need to take kids to the scouts ~5pm14:54
zygaok, ttyl14:55
kenvandinezyga: now that my cla check PR was merged the other PR failed cla-check with a KeyError14:59
kenvandinebut the cla_check PR passed CI... is the LP API just flaky?14:59
zygakenvandine: dunno15:14
zygakenvandine: can you run the check locally?15:14
zygaor handle the api key15:14
zygaer15:14
zygaor handle the key error15:14
zygaor maybe there's a cache a15:14
kenvandinezyga: it works locally :/15:29
* cachio lunch15:33
zygahmm15:33
zygaeh15:56
zygamore failures15:56
zyganeed coffee16:03
zygagoing to make coffee :)16:09
Son_Gokumborzecki: https://twitter.com/Arrfab/status/106962380552035532916:20
cachiomborzecki, zyga should I create a new gce image for centos?16:24
cachioor we are ok16:24
mborzeckiSon_Goku: yay!16:26
mborzeckicachio: yes, please16:26
cachiomborzecki, ok16:28
mborzeckicachio: i think it's best if you create a new image under a separate name and only switch if the whole suite passes16:28
mborzeckicachio: if there are issues with the spread run, i can take a look tomorrow and fix stuff :)16:29
zygare16:46
zygasorry, had to do homework with kids16:46
zygaback now16:46
zygacachio: I think a new image will save us time on upgrades so yeah16:46
zygaI agrew with what mborzecki said :)16:46
zygaFUUUK16:47
zygawhy does 6255 fail all the time16:47
cachiozyga, mborzecki ok, I'll create the new image and make some runs to validate it16:49
zygathanks16:49
roadmrzyga: because... if you decompose the 2 as 1 + 1, and do 6(5+1)(5+1) you get 666!!!!!!! evil!16:49
roadmrthat made no sense at all, sorry16:49
zygaroadmr: ha, I wound not be suprirsed by now :)16:50
zygaI hate that our test suite has some flaky components16:50
zygaand as we add tests and distributions to run against16:50
zygathe chance of landing a trivial branch is very low16:50
zygaand any attempt takes an hour16:50
zygacannot have velocity with roadblocks like that :/16:50
zygahttps://people.neilon.software/ :D16:54
roadmrzyga: can you find yourself there? I did find myself :/16:56
zygaI'd be the extreme underestimator16:56
roadmrhehe :) the icons are fantastic btw16:57
sergiusenszyga: you should have written better tests! :-P17:01
zygasergiusens: our tests are notoriously flaky :/17:02
zygamany are racy17:02
zygasome leak stuff but we have no way to tell yet17:02
zygabut at this scale17:02
zygait's not even that17:02
sergiusenswe bit the bullet and stopped development for a while to get all that sorted17:02
zygasimple things like archive issues17:02
sergiusensyes, leaking and test cross contamination is hard17:02
zygasergiusens: we wanted to do that for a few months but it is unreasonable to do17:03
sergiusensat least, if you want speed17:03
zygasergiusens: I want speed, I get asked to focus on a feature I need to do17:03
zygaso I do what I'm told17:03
zygaand restart those nasty tests17:03
zygasergiusens: I don't disagree17:03
zygaI just don't get that choice17:03
sergiusenswe added it as a roadmap item, "migrate to spread", so it was accounted for, we still have a list of things that did not make it, but we are in a better place now17:04
zygasergiusens: I hope next cycle we can do that17:05
zygaspread doesn't work if it must be 100% green across ~5K tests that can almsot each fail on network17:05
zygawe either need a smarter UI / runner that can retrigger a single test17:05
zygaor change how we land things17:05
sergiusenszyga: you should do it during the year crossing cycle, it is shorter and it is nicer to to these sort of things as the end of year holidays come closer17:05
zygalast two weeks was "red in 2.36" mode17:06
zygawhere nothing in a release branch could land17:06
zygasergiusens: this cycle is packed17:06
zygawon't queeze more17:06
zygawe can do some perf work on snapd though17:06
zygathat's valuable17:06
zygabut equally frustrating to land :)17:06
sergiusenszyga: next year...17:06
zygaunless I hack on spread and snapd during weekends and holidays17:06
zyganext year, yeah17:06
zygaI mean, we always fix the test suite17:07
zygabut it's not really done with the effort required17:07
zygamainly about making the failure causes fixed17:07
zyga(leaking tests)17:07
zygaand racy tests17:07
zygawe have so many racy tests that it's not fun17:07
zygathis with the requirement to get two reviews means that stuff lingers17:08
zygafirst until green17:08
zygathen on iteration17:08
zygathen on making that green17:08
zygathen on more reviews17:08
jdstrandroadmr: hi! when convenient, can you pull in r1165? (not urgent)17:15
zygamborzecki: if still around, could you review https://github.com/snapcore/snapd/pull/625117:16
mupPR #6251: cmd/snap-confine: refactor calling snapd tools into helper module <Created by zyga> <https://github.com/snapcore/snapd/pull/6251>17:16
roadmrjdstrand: sure thing! because $REASONS we're on a merging moratorium until tomorrow but I'll merge that tomorrow17:16
jdstrandroadmr: np, thanks again17:16
roadmrhappy to help :)17:16
zygapstolowski: if still around, can you please review https://github.com/snapcore/snapd/pull/623517:18
mupPR #6235: overlord,apparmor: new syskey behaviour + non-ignored snap-confine profile errors (2.36) <Created by zyga> <https://github.com/snapcore/snapd/pull/6235>17:18
pstolowskizyga: looking17:18
zygathank you!17:18
zygapstolowski: FYI: the master version in https://github.com/snapcore/snapd/pull/6233 has more tests17:19
mupPR #6233: overlord: don't write system key if security setup fails <Created by zyga> <Merged by zyga> <https://github.com/snapcore/snapd/pull/6233>17:20
zygajdstrand: hey, do you have time to review https://github.com/snapcore/snapd/pull/624417:24
mupPR #6244: release: detect too old apparmor_parser <Created by zyga> <https://github.com/snapcore/snapd/pull/6244>17:24
zygawe're very short on reviewers this week17:24
jdstrandseb128: fyi, I think you might find this helpful: https://forum.snapcraft.io/t/notifications-for-out-of-date-stage-packages/5161/717:35
pstolowskizyga: i'm slightly confused by the delta between #6233 and #6235 - e.g. writeSystemKey vs shouldWriteSystemKey, an extensive comment missing in 6235>17:35
mupPR #6233: overlord: don't write system key if security setup fails <Created by zyga> <Merged by zyga> <https://github.com/snapcore/snapd/pull/6233>17:35
mupPR #6235: overlord,apparmor: new syskey behaviour + non-ignored snap-confine profile errors (2.36) <Created by zyga> <https://github.com/snapcore/snapd/pull/6235>17:35
mupPR snapd#6255 closed: testutil: add File{Present,Absent} checkers <Simple 😃> <Created by zyga> <Merged by zyga> <https://github.com/snapcore/snapd/pull/6255>17:35
zygapstolowski: yeah, some things changed as I enabled testing17:36
zygaI can backport the whole lot, just the 2.36 branch is the raw essence of the thing17:36
zygaand the master branch has more stuff to run unit and spread tests17:36
pstolowskizyga: i see, ok17:37
pstolowskii thought you forgot to cherry pick something17:37
zygasince it is just tests I could cherry pick more17:37
zygabut I didn't get reviews :)17:38
zygapstolowski: not sure if you want to but https://github.com/snapcore/snapd/pull/6257 is technically simple17:49
mupPR #6257: testutils: split checkers, tweak tests <Created by zyga> <https://github.com/snapcore/snapd/pull/6257>17:49
zygabut I didn't mark it as such snice it's a +1332,-994 change17:49
mupPR snapd#6257 opened: testutils: split checkers, tweak tests <Created by zyga> <https://github.com/snapcore/snapd/pull/6257>17:49
pstolowskizyga: will check it tomorrow; 1 question to the earlier PR17:50
zygalooking17:50
zygathanks, replied17:51
zygapstolowski: running interfaces-many test on my laptop makes me want to optimize security setup17:53
zygaall that fan noise :)17:53
=== pstolowski is now known as pstolowski|afk
* cachio afk18:47
mupPR snapcraft#2397 closed: cmake plugin: use native primitives <Created by sergiusens> <Merged by sergiusens> <https://github.com/snapcore/snapcraft/pull/2397>18:56
seb128jdstrand, thx19:12
kyrofapopey, jdstrand: can someone remind me why we require desktop files if using the x11 interface?20:11
kyrofaNone of the ROS GUI tools have desktop files, or even icons of which I'm aware, and essentially never make sense to run standalone20:12
kyrofaThey're typically brought up from the CLI20:13
kyrofaI'm getting emails from people saying "Dude, I don't even know what a desktop file is, how am I supposed to include one?"20:16
jdstrandkyrofa: there is a mechanism to whitelist that, but the reason why we don't by default is because with (at least) unity7, not shipping a desktop file means the user looks in the dash for the application, then launches it from the dash. now it is in the launcher and the application pins to the launcher and unity7 rewrites the desktop file without running through snap run, therefore unconfined20:16
jdstrands/and the application/and the user/20:16
jdstrandkyrofa: https://bugs.launchpad.net/snappy/+bug/164391020:20
mupBug #1643910: BAMF_DESKTOP_FILE_HINT not set in correct place for unity7 <Snappy:Triaged> <bamf (Ubuntu):Triaged by 3v1n0> <https://launchpad.net/bugs/1643910>20:20
kyrofajdstrand, wait... if one doesn't ship a desktop file, it _doesn't_ show up in the dash, right?20:21
jdstrandkyrofa: actually, I think I referred to the wrong issue as to why we do it (though I'm glad I remembered that one so I could ping in the bug)20:23
jdstrandgimme a sec20:23
kyrofaAlright20:28
jdstrandkyrofa: ok, right, this *is* the bug, but there are two issues in that bug but I only remembered the one, which wasn't the one for the having the check20:34
jdstrandkyrofa: so, forget the dash, cause, yes, you need a desktop file for that20:34
jdstrandkyrofa: *but* if you launch a program that uses X that doesn't ship a desktop file, BMAF (BAMF Application Matching Framework) tries to be smart and find the application that is running20:35
jdstrandkyrofa: that allows it to have something in the launcher, which can then be pinned20:36
jdstrandkyrofa: which then ends up with the wrong entry20:36
kyrofajdstrand, that seems like it warrants a warning, not an error, no?20:36
jdstrandkyrofa: eg, xmessage does not have a desktop file. if you launch it under unity7, it shows up in the launcher. if you pin that, the desktop file gets written out to .local/...20:37
kyrofaI doubt just pinning what I assume is a direct path to the binary is going to work given the required environment20:37
jdstrandkyrofa: if this thing is a snap, it gets writeen out to .local/... with the wrong Exec= line that makes it run unconfined20:37
jdstrandkyrofa: it is a warning20:37
kyrofajdstrand, it isn't an error popping it into manual review?20:38
jdstrandkyrofa: but in practice, in makes no difference because warnings block manual reviews20:38
kyrofaAh20:38
jdstranderr20:38
jdstrandcause manual review20:38
kyrofaIs that intended?20:38
jdstrandthe warning bit? well, yes, it is intended but it is long known things could be better. the problem is, if it doesn't block at all, no one will see it20:39
jdstrandthere is a mechanism to whitelist things20:39
kyrofajdstrand, well, the way it is today I have someone who has given up on snaps because it was too hard to even get something into the store20:39
kyrofaThere must be some middle ground20:39
jdstrandthey stopped using snaps because of *this* issue?20:40
jdstrandthere is an easy workaround. provide a desktop file. there is an easy way to get whitelisted-- respond via the store emails or bring it up in the forum20:40
kyrofaThis one and a similar issue with using usb-raw making it impossible to get to stable20:41
jdstrandkyrofa: alternatively, unity7 could be fixed, then the check can go away20:41
jdstrandkyrofa: no one communicated to me that someone was flailing due to this issue. I guess I can update the review text to mention bringing it up in the forum20:42
jdstrandkyrofa: as for usb-raw, well, that is a hotplug question and done on a case by case basis, but pstolowski|afk is actively working on that20:43
jdstrandkyrofa: I suggest commenting in https://bugs.launchpad.net/snappy/+bug/1643910 that this needs to be fixed and escalating through the desktop team20:43
mupBug #1643910: BAMF_DESKTOP_FILE_HINT not set in correct place for unity7 <Snappy:Triaged> <bamf (Ubuntu):Triaged by 3v1n0> <https://launchpad.net/bugs/1643910>20:43
kyrofaCan you explain why usb-raw isn't just not autoconnected?20:44
jdstrandkyrofa: because it gives access to all usb devices on the system. that is rarely what an application requires20:44
kyrofaWell, sure, but that seems like a reason just to deny autoconnection, no?20:44
jdstrandit need a ttyUSB, or a mouse, or something. not everything20:44
jdstrandkyrofa: ok, we are talking about different things20:45
jdstrandkyrofa: $ snap debug get-base-declaration very clearly shows it is only denying auto-connection20:46
jdstrand  raw-usb:20:46
jdstrand    allow-installation:20:46
jdstrand      slot-snap-type:20:46
jdstrand        - core20:46
jdstrand    deny-auto-connection: true20:46
jdstrandkyrofa: ie, that ^ does what you are asking and has been that way for since forever20:46
kyrofajdstrand, interesting, my apologies, indeed, that does indeed do what I'm asking. This email says he couldn't move it to a stable channel, which I just tested is not the case. Sounds like a grade issue instead20:49
jdstrandkyrofa: I'll adjust the message for the desktop file, but if this is a stumbling block or you feel it should be escalated, please comment in the bug20:51
jdstrandI'd loave to see this fixed in bamf20:51
kyrofajdstrand, that would be great, thanks. Any idea if we have docs for how to properly write/integrate a desktop file that we could also link to? People who hit this may have no idea what a desktop file is, how to write one, or how to get it properly in a snap20:52
jdstrandkyrofa: it is in the description that is part of the review message: If using snapcraft, please see https://docs.snapcraft.io/snapcraft-app-and-service-metadata/8335#fixed-assets. Otherwise, please provide a desktop file in meta/gui/*.desktop (it should reference one of the 'apps' from your snapcraft/snap.yaml).20:55
kyrofaAh, okay21:02
kyrofajdstrand, speaking of links, there was something else I wanted to talk to you about21:02
kyrofajdstrand, have you ever used shellcheck before?21:02
jdstrandkyrofa: yes21:03
kyrofajdstrand, you know how it provides an error code for every issue which has a wiki entry associated with it?21:04
kyrofajdstrand, think it would be useful for snappy-debug to do something similar?21:04
jdstrandyeah. snappy-debug needs a lot of resources put on it21:05
kyrofaOh don't get me wrong, it's super useful21:06
jdstrandas it stands, it has had no formal design or resources put on it21:06
kyrofaYeah fair enough21:06
jdstrandI have cards and work items for it, but it is all way down the list after approved stuff and things for the snapd, et all21:06
jdstrandal*21:06
kyrofaMakes sense21:06
jdstrandkyrofa: no, I know what you mean. it's handy. I just want you to know that I know it needs love :)21:07
jdstrandI try to make sure it continues to be handy21:07
kyrofaThat's appreciated. Do the review tools have design docs and time assigned to them?21:08
jdstrandhopefully I can get more time to look at it. patches welcome if you or anyone else wants to work on it (though, you can see how many resources are put on it-- it was pretty hastily thrown together)21:08
kyrofaYeah my next suggestion was going to be: do they have their own issue trackers? We all benefit from these tools, I see no reason we shouldn't all be contributing to them21:09
jdstrandkyrofa: the review-tools do not have design docs. there is understood maintenance time on them21:10
jdstrandkyrofa: they have the ability to trump other work though since the world can burn if they don't get updated :)21:11
kyrofaHa! Yes indeed21:11
jdstrandkyrofa: they are both proper rojects in LP21:12
jdstrandprojects even21:12
jdstrandhttps://launchpad.net/review-tools21:12
jdstrandhttps://launchpad.net/~snappy-dev/snappy-hub/snappy-debug21:13
jdstrandI guess snappy-debug doesn't have a bug tracker (I thought the parent project did)21:14
kyrofajdstrand, yeah I was just about to ask about that. What is snappy-hub? Historical?21:14
jdstrandif I can ever get time to update it, I would do a rewrite21:14
jdstrandkyrofa: it comes from the 15.04 days21:14
diddledanwho do I have to kick to get /dev/shm to be allowed as a layouts target (I want to mount my own tmpfs because the strict naming requirements are impossible to work around for some things)21:26
jdstranddiddledan: zyga, but note that it would be /dev/shm or /run/shm depending on the system21:28
zygahmm21:28
jdstranddiddledan: I also have a todo to look at LD_PRELOAD for that21:28
zygalayouts cannot work with /dev21:28
zygalayouts create a read-only snapshot21:28
zygawell21:28
zygaI should check some things21:28
zygabut unless we mount /dev ourselves (I don't think we do)21:29
zygaand we actually share /dev/ from host21:29
jdstrandzyga: recall /dev/shm is a directory (just for your investigation)21:29
zygathis will not be easy (or doable using layoutts)21:29
zygaaha21:29
zygasorry, that's important (it's late)21:29
zygait does simplifiy things significantly21:29
* jdstrand nods21:29
zygabut does making /dev/shm private via layouts break IPC with host services?21:29
zygain any case21:29
zygadiddledan: let's find a bug about this21:30
kyrofaDepends on how the IPC is implemented, but that would be the snap's fault anyway, no?21:30
zygaand ping me with a number21:30
zygakyrofa: ish, it depends if we can practically do it or not21:30
jdstrandI think for some things it would work and others not21:31
zygaindeed21:31
zygabut that is something that requires investigation21:31
zygasince it's past 10PM I will ack the issue, happily work on it but defer till morning :)21:31
diddledan:-)21:32
diddledanI'll see if I can find a bug21:32
diddledanit's a known issue affecting python-multiprocessing for what it's worth21:33
diddledanspecifically the python multiprocessing module hasn't been tamed as yet by the snapcraft-preload so anything that needs the module can't run as a snap21:34
diddledanas a strictly confined snap*21:34
jdstranddiddledan: that was what I was going to look at21:36
jdstrandit's python2 only, iirc (ie, there is some way to make python3 work)21:37
diddledanoh? if there's a way to get python3 working that might unblock mycroft21:37
jdstrandthere's the forum topic. let me find it21:38
jdstrandthis is the topic: https://forum.snapcraft.io/t/python-multiprocessing-sem-open-blocked-in-strict-mode/96221:39
diddledanyeah, there's a reply that says the workaround didn't work21:39
* jdstrand notes this is an issue with other app stores21:39
jdstrandhttps://bugs.python.org/issue1947821:39
jdstranddiddledan: see that ^21:40
* diddledan clicky21:40
jdstrand"Although it is undocumented, in python 3.4 you can control the prefix used by doing21:40
jdstrand    multiprocessing.current_process()._config['semprefix'] = 'myprefix'"21:40
jdstrandI'll take a note to add that to snappy-debug21:40
diddledanok, I've set a mycroft build going to see if that can fix me up21:54
jdstrandkyrofa: actually, I looked into this and bamf received an update via a different bug22:06
jdstrandkyrofa: I can now make the test an info22:06
jdstrandroadmr: hey, can you make that r1167 instead?22:45
roadmrjdstrand: sure thing!22:45
jdstrandthanks :)22:45

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!