=== WhatsGoingOn is now known as iMadper
zygamborzecki: voting is over05:47
mborzeckizyga: yeah, it is05:48
zygaCould be better, could be worse05:48
mborzeckizyga: though, we have domestic round in october right? :)05:48
zygaToo bad 70% of young people did not vote05:48
mborzeckizyga: tbh, wasn't much to choose from05:49
zygaYes, that will be critical05:49
mborzeckizyga: same faces each time05:49
zygaYes, that is true05:49
zygaOne more kid to send to school, ttyl05:50
mborzeckizyga: at least konfederacja is outside, don't think they need more lunatics in brussels05:52
zygaIā€™m happy to see wiosna, it means we are not all crazy yet06:13
zygaback in the office now06:26
zygaok, time to set everything else aside06:26
zygaand look at initramfs06:26
zygamborzecki: ping me for reviews06:26
zygamborzecki: if you ever want a puzzle to solve https://github.com/snapcore/snapd/pull/6891 is critical for .106:26
mupPR #6891: many: make per-snap mount namespace MS_SHARED <Created by zyga> <https://github.com/snapcore/snapd/pull/6891>06:26
zygaand has exactly one apparmor denial in one test on one system!!!06:26
zygaand I'm out of ideas why06:26
mborzeckizyga: on 14.04?06:36
zygaon 14.04 only06:40
zyga4.4 kernel06:40
mvohey mborzecki and zyga - good morning!06:40
zygaand, to my looks, the denial is bogus because we have that rule06:40
zygamvo: good morning!06:40
zygamborzecki: I didn't look, at the time, about environmental differences, like /tmp tmpfs vs ext406:40
zygamborzecki: I know that a bare "mount," rule fixes it06:40
zygaand the denial was on flags06:40
zygaperhaps there's a bug on 14.04 parser06:40
zygathe bad thing is that apparmor blob format is opaque, I wrote some tools to disassemble it a while ago but I didn't manage to crack the essential part06:41
mborzeckimvo: hey06:41
zygathe encoding of the state engine transition tables06:41
zygathose are highly compressed and optimized06:41
zygaand I just didn't understand the kernel code that walks over them06:41
zygathere's no documentation that helps that I could find06:41
zygamvo: hey06:41
zygamvo: some bad news06:41
zygamvo: the fix for the bug is blocked06:42
zygaI'm happy to HO to discuss this quickly06:42
mborzeckizyga: have you reached out to jdstrand_ or jjohansen maybe?06:42
zygamborzecki: jj no, jdstrand yes06:42
mborzeckimaybe it's like a known issue or sth :)06:42
zygawe talked about this on friday, no effect06:42
mvozyga: hm, ok - is there a tl;dr summary?06:42
zygamvo: a single test fails, only on 14.04, it makes no sense: https://github.com/snapcore/snapd/pull/6891#issuecomment-49564376806:44
mupPR #6891: many: make per-snap mount namespace MS_SHARED <Created by zyga> <https://github.com/snapcore/snapd/pull/6891>06:44
zygamvo: we get a single apparmor denial for a rule we definitely hold06:44
zygamvo: requires jumps to kernel to debug06:44
mvozyga: given that 14.04 is EOL I'm not sure we should block things. how bad is the denial?06:46
zygamvo: snap-confine doesn't work06:46
zygaall snaps fail06:46
zygait's not great06:46
mvozyga: :(06:46
mvozyga: it does not work *at all* ?06:46
zygayes, it stops early on a mount permission and dies06:46
zygamvo: I added "mount," rule and that fixes it06:47
mupPR snapd#6915 opened: spread: enable Fedora 30 (2.39) <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/6915>06:47
zygabut as soon as I try to express the arguments used by the call it is failing again06:47
zygamvo: perhaps I missed something, it was late on friday06:48
zygamvo: fresh pair of eyes (or even one) appreciated06:48
mvozyga: what PR is it?06:48
zygathe one linked above, 689106:48
zygamvo: AFAIR we fail on line https://github.com/snapcore/snapd/pull/6891/files#diff-af477950316a096b57d91c74478bc4d2R252 which is handled by this rule https://github.com/snapcore/snapd/pull/6891/files#diff-798ce6f0668878eda67847b4ab492745R15006:49
mupPR #6891: many: make per-snap mount namespace MS_SHARED <Created by zyga> <https://github.com/snapcore/snapd/pull/6891>06:49
zygabut again, perhaps I missed something06:49
zygabut suspicious that it is only 14.0406:50
zygaother systems pass this test06:50
mvozyga: looking06:50
zygathank you!06:50
zygamvo: note: failed flags match error says that apparmor found the rule for the mount path, but not for the flags06:51
mupPR snapd#6914 closed: tests: change strace parameters on snap-run test to avoid the test gets stuck <Created by sergiocazzolato> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/6914>06:51
zygathat's very suspect IMO06:51
zygaflags are "rw, rshared" in the denial06:51
zygaanyway, back to initramfs06:52
zygaplease ping me if you find anything06:52
zygawe should also look at "settle is not converging" bug06:56
zygait is 100% reproducible in packaging builds06:56
mupPR snapd#6916 opened: cmd/snap-confine, tests: tweak comments, reenable symlink check in RHBZ 1584461 regression <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/6916>06:56
zygasomething fishy06:56
mupPR snapd#6895 closed: cmd/snap-confine, data/selinux: cherry pick Fedora 30 fixes to 2.39 <Created by bboozzoo> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/6895>06:57
mvomborzecki: do you have the comments in 6874 on your radar? the post-merge ones from jamie?06:57
mborzeckimvo: yup, opened #691606:59
mupPR #6916: cmd/snap-confine, tests: tweak comments, reenable symlink check in RHBZ 1584461 regression <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/6916>06:59
mvomborzecki: \o/ thank you06:59
zygait's even reviewed already :')06:59
zygagnome shell bug where background doesn't render drives me crazy07:00
zygaquality of the linux desktop has never been thix mised07:00
* mvo hugs zyga for already reviewing it07:00
zygaon one hand side it's really the golden age where hardware works great and there's lots of polish07:00
zygaon the other hand we're building a desktop shell in javascript and running it ends with stream of crap javascript errors07:01
zygaand this is cross dirstro: suse, ubuntu - all broken07:01
=== pstolowski|Afk is now known as pstolowski
zygaI'm afraid to update fedora (07:01
zygahey pawel, good morning, welcome to our new right-wing world07:01
zygahuh, suse update resulted in EFI mok enroll?07:03
zyga(with an opensuse key)07:03
mborzeckipstolowski: hey07:03
mborzeckizyga: background doesn't render?07:03
mborzeckizyga: how so?07:04
zygalike this07:04
zygaif you google for the "tweener" and some other messages it's a pretty widespread problem07:04
zygadoesn't *for whatever reason* happen on wayland07:05
zygahappens 100% on X11 on all my up-to-date distros07:05
zygamust be the new shell07:05
zyga18.04 is ok07:05
zygathe key is May 27 09:04:22 fyke gnome-shell[3767]: Object Meta.Background (0x5584c4024190), has been already deallocated ā€” impossible to access it. This might be caused by the object having been destroyed from C code using something such as destroy(), dispose(), or remove() vfuncs.07:05
zyganothing like working on bright white background in the morning07:05
zygaoh, suse update just fixed it07:06
mborzeckizyga: hm, that's been fixed afaik07:07
mborzeckizyga: i think you also need to have some specific extensions to trigger that07:08
zyga100% vanilla07:08
zygabut anyway, even if that is true07:08
zygado you recall something this silly in any old desktops?07:08
zygaI mean, ever?07:08
mborzeckihmmm, let me think, gnome panel going crazy was rather common07:09
mborzeckikde crashed a lot too07:09
zygaso now we traded crashes to javascript errors on mouse motion07:09
mupPR snapd#6835 closed: snapstate: allow removal of non-model kernels <Remodel :train:> <Created by mvo5> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/6835>07:09
zygaguess that's just inevitabale ;)07:09
mborzeckizyga: it's called progress :P07:09
mborzeckizyga: at least it's not an electron app07:09
mborzeckiDownload snap "snapd-hacker-toolbelt" (26) from channel "stable" (received an unexpected http response code (408) when trying to download https://api.snapcraft.io/api/v1/snaps/download/FMONi3pH7TfSv15FusziadAGCjQ6t4EG_26.snap)07:10
mvohm, do we retry on 408? it seems we should07:11
pedronismvo: hi, I made a comment after it was merged on #683507:25
mupPR #6835: snapstate: allow removal of non-model kernels <Remodel :train:> <Created by mvo5> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/6835>07:25
mvopedronis: thank you! I will do a followup with your comments and refactor this code a bit07:26
mvozyga: there is some funny stuff happening in the VM with the fix for 6891 - the test failed on 14.04, I ran it manually and it failed. I ran it again and now its not failing anymore07:30
mvozyga: yeah, quite puzzling07:30
zygacan you discard and re-run07:30
zygadoes it fail?07:30
mvozyga: I'm looking at the profiles not etc07:30
zygaI mean, it seems to fail on just construction07:30
mvozyga: sure, one sec07:30
zygaso discarding and running that hello command should be enough07:30
mborzeckigot to go to school to pick up my son, he's not feeling too well, back in a bit07:30
mvozyga: just looking at the timestamp of the apparmor profile to double check nothing has changed07:31
zygamvo: remember about reexec, are you editing the right profile?07:31
zygamborzecki: o/07:31
mvozyga: I did not edit anything so far and tried "SNAP_REXEC=0|1" without any difference this is why I'm puzzled :)07:32
mvozyga: aha, now its consistently failing again, but I need to set "SNAP_REEXEC=1 ..."07:33
zygaindeed, that's a good find though07:33
zygawe repackage, right?07:33
zygaso reexec vs not should not matter07:34
mvozyga: let me compare the profiles07:34
mvozyga: hm, so /var/lib/snapd/apparmor/snap-confine.snapd.x1 seems to miss bits, i.e. the rshared bits that got added07:36
mvozyga: it looks like the profile is outdated07:37
zygathat's weird07:37
zygarepackaging is broken?07:37
mvozyga: which of course raises the question - why on 14.04 only?07:37
mvozyga: oh, maybe because we have some strange if 14.04 in the prepare code :(07:38
mvozyga: let me look07:38
zygasome tabs-vs-spaces in prepare-restore.sh07:38
zygamvo: I don't see any smoking guns, looking at delta in packaging/07:40
mvozyga: let me poke at this, I have an idea07:41
zygamvo: there's a difference wrt .real vs non profile07:41
zygamaybe what we are hitting is a bug in snapd + packaging07:41
zyga14.04 doesn't have the .real suffix07:42
zygamvo: we should drop the .real suffix in 19.1007:42
zygamvo: I'll keep you to it, thank you for looking and for the insight07:42
zygaI'll resume initramfs poking07:43
mvozyga: thank you!07:43
* zyga hugs mvo! :)07:43
mvozyga: yeah, let me poke for 5min and hopefully I get an idea07:43
mvozyga: no sense in duplicating the effort07:43
mupPR pc-amd64-gadget#10 closed: Add mmx64.efi (MokManager) to support mokutil <Created by tsunghanliu> <https://github.com/snapcore/pc-amd64-gadget/pull/10>08:00
mupPR pc-amd64-gadget#11 closed: Add mmx64.efi (MokManager) to support mokutil <Created by tsunghanliu> <https://github.com/snapcore/pc-amd64-gadget/pull/11>08:00
mupPR pc-amd64-gadget#14 closed: gadget.yaml: add system-recovery partition <Created by mvo5> <https://github.com/snapcore/pc-amd64-gadget/pull/14>08:00
mupPR pc-amd64-gadget#10 opened: Add mmx64.efi (MokManager) to support mokutil <Created by tsunghanliu> <https://github.com/snapcore/pc-amd64-gadget/pull/10>08:01
mupPR pc-amd64-gadget#11 opened: Add mmx64.efi (MokManager) to support mokutil <Created by tsunghanliu> <https://github.com/snapcore/pc-amd64-gadget/pull/11>08:01
mupPR pc-amd64-gadget#14 opened: gadget.yaml: add system-recovery partition <Created by mvo5> <https://github.com/snapcore/pc-amd64-gadget/pull/14>08:01
mupPR snapd#6917 opened: Add endpoint for snap download in the daemon <Created by glower> <https://github.com/snapcore/snapd/pull/6917>08:27
mborzeckizyga: i think i can split #689008:30
mupPR #6890: gadget: mounted filesystem writer & updater <Gadget update> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/6890>08:30
zygamborzecki: in a call08:49
zygamborzecki: that's neat, thank you, I will be looking at gadget reviews all week; please let me know which one to start with08:58
zyga* as long as it's not the 2K one08:59
mborzeckizyga: haha :)08:59
mvozyga: I am running a final test now on 6891 now, if its green I push a 2 line fix in the test setup to it (if you don't mind)09:01
zygamvo: how could I mind :D09:01
zygamvo: thank you so much09:01
mvozyga: worked locally, pushed now09:14
zygathank you!09:15
zygabrb, need to run an errand at school, 30min09:18
* pstolowski needs to run an errand, bb in ~1h09:23
zygaback now09:45
mupPR snapd#6918 opened: snaptest: add helper for mocking snap with contents <Simple šŸ˜ƒ> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/6918>09:49
mborzeckia really simple one ^^09:49
zygamborzecki: don't we have something like that already?10:08
zygamborzecki: +1 on the patch but perhaps look at the tree, I'm pretty sure we have ad-hoc implementations10:08
zygathat could be reduced10:08
mborzeckizyga: afaik no, we have something that packs a *.snap, but that's not what i'm looking for10:08
zygaI mean there are bits that drop files on disk, along with a meta/snap.yaml10:09
zygathen parse the yaml and return that10:09
zygawe have way too many helpers like that10:09
zygait'd be great if all such helpers *had to* use snaptest10:09
pedroniswe did a pass of reducing that afaik, that's were the helper are coming in the first place, might still be some10:11
mborzeckizyga: to be precise, i don't see anything similar in snaptest, there's bits in random tests that do ioutil.WriteFile10:11
zygathat's what I mean10:11
mborzeckizyga: tbh, this is pulled from #6750 which.. introduces such helper locally :)10:12
mupPR #6750: overlord/devicestate: update-gadget task handler with stubbed gadget callbacks <Gadget update> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/6750>10:12
pedroniszyga: mborzecki: I don't think it should be a blocker either way, the test grew organically, also if all it's inolved is a couple WriteFile, it's unclear if the helper are a big win or not10:14
zygamvo: https://github.com/snapcore/snapd/pull/6891 is green!10:24
mupPR #6891: many: make per-snap mount namespace MS_SHARED <Created by zyga> <https://github.com/snapcore/snapd/pull/6891>10:24
mvozyga: yay! once its in we need to make sure we have a 2.39 PR too10:26
mvozyga: but we can discuss in the standup10:26
mvozyga: maybe we add this in .40 only10:26
zygamvo: yeah, let's review it first!10:27
mborzeckipedronis: about https://github.com/snapcore/snapd/pull/6750/files/34e6a2ba202c127efa934e72d2cd6f57d429a8d1#r281945201 you're thinking some operation log for later auditing?10:27
mupPR #6750: overlord/devicestate: update-gadget task handler with stubbed gadget callbacks <Gadget update> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/6750>10:27
zygabrb :)10:52
mborzeckipstolowski: can you take a look at https://github.com/snapcore/snapd/pull/6918/11:09
mupPR #6918: snaptest: add helper for mocking snap with contents <Simple šŸ˜ƒ> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/6918>11:09
mborzeckipstolowski: thanks!11:09
pedronismborzecki: yes, and also to help debugging11:20
mupPR snapd#6918 closed: snaptest: add helper for mocking snap with contents <Simple šŸ˜ƒ> <Created by bboozzoo> <Merged by bboozzoo> <https://github.com/snapcore/snapd/pull/6918>11:28
=== ricab is now known as ricab|lunch
mborzeckino space left on device keeps breaking the builds from time to time: https://paste.ubuntu.com/p/TjtdxMmKzB/11:50
pstolowskimvo: https://github.com/snapcore/snapd/pull/6899 needs de-conflicting12:10
mupPR #6899: image: make prepare-image recovery-system aware <Created by mvo5> <https://github.com/snapcore/snapd/pull/6899>12:10
pstolowskipedronis: also, remodelling PRs have conflicts12:12
pstolowskizyga: hey, what's the status of https://github.com/snapcore/snapd/pull/6347 ?12:13
mupPR #6347: many: allow snap-update-ns to write user mount profile <Per-user mount ns  šŸŽ> <Created by zyga> <https://github.com/snapcore/snapd/pull/6347>12:13
pedronismvo: pstolowski: I applied some of the feedback to #683812:15
mupPR #6838: overlord/devicestate: introduce remodel kinds and contexts <Remodel :train:> <Created by pedronis> <https://github.com/snapcore/snapd/pull/6838>12:15
pstolowskithanks, i'll finish this review12:18
zygapstolowski: hey, a little bit on hold this week, I mergef fmaster into them on Friday but I need a moment to iterate towards something reviewable12:19
pstolowskizyga: k12:21
pstolowskipedronis: 2 small questions to the PR12:46
mupPR snapd#6916 closed: cmd/snap-confine, tests: tweak comments, reenable symlink check in RHBZ 1584461 regression <Created by bboozzoo> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/6916>12:50
=== ricab|lunch is now known as ricab
pstolowskimvo: what was the 19.10 low-hanging fruit you mentioned in the standup?13:35
roadmršŸŽ  šŸŒ  šŸ‡13:37
pedronispstolowski: --explain but it needs some design, so I don't think it's that low hanging13:41
* zyga goes for lunch13:42
pstolowskipedronis: i see13:47
pedronispstolowski: what is the status of the slot-snap-type changes? and of fixing the content bug in a more general way?13:52
pstolowskipedronis: still needs work, i need to return to that branch. as mentioned before some i found a few interfaces problematic14:04
pedronispstolowski: I probably need to understand the problem to help14:04
pstolowskipedronis: i'll check that branch and summarize then issue(s), then get back to you14:06
* zyga finished lunch, thinking about either taking a short break and walk or getting coffeee14:19
zygaafter that, grub.cfg hacking :)14:19
zygaand some more fun in initramfs14:19
* cachio afk14:25
pedronispstolowski: thx14:32
mvosil2100: do you think you can look at https://github.com/snapcore/pc-amd64-gadget/pull/14 ? note that it will only be in the new "20" branch (which is only used for experimental UC20 images) so very low risk15:02
mupPR pc-amd64-gadget#14: gadget.yaml: add system-recovery partition <Created by mvo5> <https://github.com/snapcore/pc-amd64-gadget/pull/14>15:02
sil2100mvo: hey! Sure thing - I'll have a quick fix for core18 PR'ed soon, can I poke you for a review of that one in return? ;)15:07
mvosil2100: sure15:08
mupPR core18#130 opened: gpg (dirmngr actually) panics when there's no random/urandom <Created by sil2100> <https://github.com/snapcore/core18/pull/130>15:14
sil2100mvo: ^ that's the PR I was talking about, just pushed the latest version. Let me look at your PR now o/15:17
sil2100(I'll have to look why it suddenly stopped working though, out of curiosity)15:17
mvosil2100: yeah, I would love to figure out why it stops working, maybe a snapcraft change?15:20
mvosil2100: so you have a link to the failure without the pr 130?15:25
mupPR #130: Basic kernel/os handling <Created by mvo5> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/130>15:25
sil2100mvo: you can reproduce it locally even, so I just checked and the reason is that now in our ubuntu-base tarballs our /dev directory is empty15:26
sil2100mvo: previously we had all the /dev/random and /dev/urandom shipped in the tarball15:26
sil2100Need to check if that's intentional that they're gone15:26
sil2100mvo: (as for failures, you can see them on LP as well: https://launchpad.net/~ubuntu-core-service/+snap/core18)15:27
sil2100But as said, it's just that the base tarball stopped shipping those - investigating why now15:27
mvosil2100: aha, nice. thanks for digging into the root cause15:33
sil2100mvo: ok, I guess this is due to livecd-rootfs 2.525.23 ;/ Apparently this change was made for docker, will have to ask mwhudson a bit about this one then15:39
sil2100"Backport two minimizations for the docker images: remove apt lists that are removed downstream anyway, and remove device nodes from the image. (LP: #1828118)"15:39
mupBug #1828118: docker tarballs contain /dev/null <verification-done> <verification-done-bionic> <verification-done-cosmic> <verification-done-disco> <livecd-rootfs (Ubuntu):Fix Released> <livecd-rootfs (Ubuntu Bionic):Fix Released> <livecd-rootfs (Ubuntu Cosmic):Fix Released> <livecd-rootfs (Ubuntu15:39
mupDisco):Fix Released> <https://launchpad.net/bugs/1828118>15:39
sil2100mvo: I guess this might be an architectual question what we should actually expect having in the ubuntu-base tarball15:41
sil2100Maybe I should add some conditionals checking for the existance of these files and only then create/delete them15:42
sil2100Actually, wonder what happening in the end snap15:42
* cachio lunch15:56
sil2100Ok, images with the snap work - but still, let me bring that up with Steve16:02
mvosil2100: ta16:06
mvosil2100: yeah, the change itself looks fine but I'm a bit worried it might have unintended side-effects16:07
=== pstolowski is now known as pstolowski|afk
mupPR core18#130 closed: gpg (dirmngr actually) panics when there's no random/urandom <Created by sil2100> <Merged by sil2100> <https://github.com/snapcore/core18/pull/130>16:37
* zyga was going through some core20 ideas during the walk17:08
zyganow shower and more work :)17:08
* cachio afk19:31
mupPR snapd#6915 closed: spread: enable Fedora 30 (2.39) <Created by bboozzoo> <Merged by bboozzoo> <https://github.com/snapcore/snapd/pull/6915>19:44
mupPR snapd#6838 closed: overlord/devicestate: introduce remodel kinds and contexts <Remodel :train:> <Created by pedronis> <Merged by pedronis> <https://github.com/snapcore/snapd/pull/6838>20:00
mupPR snapd#6919 opened: cmd/okay: Remove err message when warning file not exist <Created by ardaguclu> <https://github.com/snapcore/snapd/pull/6919>21:07
mwhudsonwait, ubuntu-base:minimized builds are used for core18??21:10

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!