/srv/irclogs.ubuntu.com/2019/07/08/#snappy.txt

mborzeckimorning05:15
=== morphis6328 is now known as morphis
mborzeckimvo: morning06:58
mvomborzecki: good morning!06:59
mborzeckimvo: some conflicts in https://github.com/snapcore/snapd/pull/707207:00
mvomborzecki: checking07:01
mvomborzecki: aha, I see, will fix07:01
mborzeckimvo: i think you had some pointers to docs about running spread tests with rspi, can you remind me where they were?07:07
zygaGood morning07:07
mborzeckizyga: hey07:07
zygaHey everyone07:07
zygaOn Friday I managed to finish the huge test07:08
zygaI will upstream it today07:08
zygaI will be starting late today though as we are moving once again07:08
zygaSee you in two hours07:08
=== pstolowski|afk is now known as pstolowski
pstolowskimornings07:09
mvomborzecki: sure, tests/external-backend.md07:10
mvozyga: good morning07:10
mvoand good morning pstolowski :)07:10
mborzeckimvo: got it, thanks!07:12
mborzeckipstolowski: hey07:12
mborzeckimvo: hm guess that brings me back to the problem i had earlier, is there a way to create a user without console-conf (no display, and no working serial) or user assertion (cannot sign one for canonical signed model)?07:15
mborzeckimvo: i do use cloud-init for qemu amd64 images, but iirc pstolowski did not manage to get it to work with rspi before07:16
ondrazyga https://github.com/snapcore/snapd/pull/707407:19
ondrazyga first shot, feel free to leave comment if something is missing or something to change07:20
zygaondra: thank you07:33
mvomborzecki: oh, thats a good one, I am not sure what the best option is07:35
mvomborzecki: you could simple add the user by removing the sd card?07:35
mvomborzecki: and adding it "offline" ?07:35
zygamvo, mborzecki: please have a look at https://github.com/snapcore/snapd/pull/7071 -- I will try to upstream all of the test I wrote last week today07:50
zygaondra: you need to change gpio-contorl PR a little to include a change to a spread test08:38
zygahttps://www.irccloud.com/pastebin/wn7CUxZQ/08:38
Chipacazyga: do you know the ouid is in an apparmor denial message?08:39
zygado you mean if I know what ouid is?08:40
Chipacazyga: yes08:40
zygaobject uid08:41
Chipacafsuid i presume is the uid of the filesystem thing08:41
Chipaca    Log: apparmor="DENIED" operation="file_perm" profile="snap.olivia-test.olivia" name="/home/bulld/snap/olivia-test/114/.local/share/org.keshavnrj.ubuntu/Olivia/fifos/1562106609366.fifo" pid=21796 comm="socat" requested_mask="r" denied_mask="r" fsuid=1000 ouid=008:41
Chipacadoes that ^ mean it's trying to access a fifo owned by the user, as root?08:41
zygafsuid is the ID of the user from the point of view of the filesystem AFAIK08:42
zygayeah08:42
zygaI think so08:42
Chipacazyga: tks08:43
zygapstolowski, mborzecki: I need a review for https://github.com/snapcore/snapd/pull/707108:43
zygamore python test code08:43
pstolowski+108:48
zygapstolowski: thank you!08:49
Chipacaomg08:53
Chipacamborzecki: "cannot install lxd snap" … why would they omit the most relevant bit of info from the title?08:54
Chipaca"... on WSL"08:54
zygaChipaca: don't we detect WSL?08:54
zygaChipaca: unless that is on  wsl208:54
Chipacazyga: this guy has patched snapd and is working to get it to work on wsl208:55
mvowe do detect it, maybe somehthing changed there (os wsl2)08:55
zygaChipaca: oh, cool08:55
zygamvo: yeah, wsl2 is quite different08:55
zygamvo: I played with it  last week a little, it's interesting08:55
mvocool08:55
mborzeckiChipaca: yeah, figured as much seeing the guy comment in wsl2 topics08:56
zygamvo: /init is a bind mount from a plan9 fs from windows VM  that is full of microsoft-style windows symbol names08:56
zygamvo: the boot process boots a small container manager on linux, then ubuntu is a container there08:56
zygaanyone https://github.com/snapcore/snapd/pull/7071 (2nd review only, python test code)08:57
zygamborzecki: thank you!09:07
zygamborzecki, pstolowski: small tweak on top of the renumbering patch09:30
zygahttps://github.com/snapcore/snapd/pull/707809:30
mborzeckimvo: opened a RFC with snap-image https://github.com/snapcore/snapd/pull/707909:47
mborzeckimvo: those are cherry-pickings from a work in progress branch, hopefully the spread test works too09:48
pedronismborzecki: we'll need to iterate on the commands and name of that tool, I read the forum topic and I'm not sold on the current ones09:56
mborzeckipedronis: sure, as you probably noticed already i'm terrible at naming things :)09:56
mvozyga: nice!10:03
mvomborzecki: thanks, will have a look (was in a meeting)10:03
zygawow, it is raining10:05
zygathis soil badly needs water10:05
zygaI'm  inclined to take a break and just enjoy the rain for a sec10:05
Eighth_Doctormborzecki: will this help with making fedora snappy core systems? :)10:05
zygaEighth_Doctor: hey :)10:06
mborzeckiEighth_Doctor: well, you don't need ubuntu-image to build an image anymore10:06
zygaEighth_Doctor: what  willhelp?10:06
zygaah,ubuntu-image10:06
Eighth_Doctorwell, I saw `snap image`, and I thought, well maybe that might help10:06
Eighth_Doctorsince the whole thing is kinda undefined at the moment10:06
zygaEighth_Doctor: but fedora  based core  systems are still a bit away for multiple reasons10:07
Eighth_Doctoraww10:07
zygaEighth_Doctor: mborzecki's work is making the image building much more solid and well tested/defined10:08
zygaand something snapd can be a part of for core2010:08
mborzeckizyga: hm that could actually be an interesting experiment just to check how far one could go10:14
zygamborzecki: yeah but ENOTIME10:14
zygamborzecki: but yeah10:14
zygaspeaking of time10:14
zygait's time to look at https://github.com/snapcore/snapd/pull/708010:14
zygaand at  https://github.com/snapcore/snapd/pull/707810:14
zygaafter those two I only have one python change left10:15
zygachanging renaming order10:15
ograChipaca, I fixed the (WSL) topic for you ;)10:16
* zyga wraps up for late breakfast and walk10:36
mborzeckihm no way to tell if spread test exited early/was skipped due to some extra checks :/10:36
zygamborzecki: nope, no SKIP10:36
mborzeckii think we discused that but there was no outcome10:36
mborzeckicannot snap ack test keys on rpi, error: cannot assert: assert failed: cannot find account (testrootorg)10:41
zyganeed to tweak renumbering some more, tmpfs size depends on instance memory and it seems we get one of two sizes10:43
zygaoh well10:43
zygaafter  lunch10:43
mborzeckiaand cannot use a fakestore with external backend :/10:44
zygabbl10:46
popeykyrofa: is nextcloud-client one of yours? It's private. Does it need work, or handing over to someone active?11:06
zygare11:10
zyga- Download snap "go-example-webserver" (25) from channel "stable" (received an unexpected http response code (503) when trying to download https://canonical-lgw01.cdn.snapcraft.io/download-origin/canonical-lgw01/AXQwkeqxpsWVOF2kUsgT6zJKVW8H9NIm_25.snap?token=1562594400_3c2fed171bc8c205f871d84b418ef6de7625d0f8)11:16
zygasome CDN woes11:16
zygamaybe store woes? https://www.irccloud.com/pastebin/qmzSIDds/11:16
zygaI restarted three runs11:18
mvozyga: might be worth checking with the store people11:18
zygaI checked status.snapcraft.io, all green there11:18
zygaif this  happens again I'll ping store11:18
mvocmatsuoka: hey, good news. I managed to boot a luks enabled uc20 now (with your prs). could you please check https://github.com/snapcore/snapd/pull/7077  ? I made some small tweaks11:20
mvocmatsuoka: once that is merged into uc20 the spike-tools from github.com/snapcore/spike-tools should be able to do the full image build, i.e. this should then work end-to-end (when building on bionic)11:21
zygamvo: what do you think we should do with  https://github.com/snapcore/snapd/pull/706211:22
zygamvo: 1) scope it to 16.04 so that it passes, close the PR?11:22
cmatsuokamvo: awesome! I have some clean-ups in my todo list, mostly debug code related to certain actions requiring a small delay -- did you experience any non-deterministic behavior during your tests?11:24
mvozyga: let me look11:26
mvocmatsuoka: I added one more sleep before the filesystem creation11:27
mvocmatsuoka: and some error checking11:27
ograogra@pi4:~$ snap debug confinement11:27
ograstrict11:27
ograogra@pi4:~$ uname -a11:27
ograLinux pi4 5.1.16+ #1 SMP Mon Jul 8 10:31:01 UTC 2019 armv7l armv7l armv7l GNU/Linux11:27
ogra\o/11:27
zygaondra: can we get 5.2?  :D11:28
zygaogra: ^11:28
zygasorry :)11:28
ograhaha ... i know ondra likes to be me :)11:28
zyga5.2 has the new mount APIs11:28
cmatsuokamvo: yeah, I just saw the extra delay -- I'll try arighi's kernel to see if it behaves better regarding potential races11:29
ograzyga, i'll take a look ... thats all very early anway ... we have no u-boot for the pi4 yet ... but i want to get at least a hacked up classic image to work with this kernel and the upstream bootlaoder setup (no initrd)11:29
zygaogra: classic is fine :)11:29
ondrazyga you can just use ondra, ogra has highlight on my nick anyway :P11:30
ograwell, its "hacked classic"11:30
zygahahaha11:30
ogra(i.e. just a debootstrapped rootfs plus kernel and upstream bootloader)11:30
cmatsuokamvo: there was a place where I manually added a bunch of modprobes to make cryptsetup work, now I think I was actually adding minute delays and we may have hit another race there11:32
mvocmatsuoka: I see minute waits when booting11:33
mvocmatsuoka: should I look into initramfs to see these sleeps?11:34
cmatsuokamvo: I'm removing the lines that shouldn't be there and running some tests11:44
cmatsuokaIf these are really required I'll test them again with the new kernel11:44
mvota11:45
zygaChipaca: hey11:58
zygaChipaca: do you need that WSL2 data?11:58
zygaCatalog update is doing verbose http logging (it should not).12:00
zygahmm12:00
zygaI'm not lucky with PRs today12:01
Chipacazyga: I'd like it, but it's not essential, why?12:02
zygaChipaca: I can try to unpack that laptop after lunch and give you the answer12:03
Chipacazyga: no rush12:03
zygaChipaca: alternatively I can easily give you the answer in the evening12:03
zygaChipaca: after we check in12:03
Chipacazyga: basically i want to know if the default WSL2 kernel still has Microsoft in /proc/version12:03
Chipacazyga: the person in the forum is running their own kernel so anything goes in there :-/12:04
zygaaha12:04
zygathere are ways to detect wsl 212:04
zygasimple one: /init is a p9 mount12:04
Chipacabut as this is meant as a "yeah this won't work" aid to users, I'm not worried if they circumvent our checks and then things break12:04
Chipaca"when I try to change channels it doesn't work and my eyes hurt!" "hitting yourself with the remote is a bad way to change channels, don't do that" "i removed my eyes, trying to change channels no longer hurts, but it still doesn't work!"12:06
Chipaca*sigh*12:07
zygahehe12:07
zygain that case12:07
zygaI'm off for lunch12:07
zygaif anyone wants to look: two simple python PRs are pending12:07
pedronisat least 3 of PRs need a review or 2/3 review: 7006, 7020, 706612:22
=== ricab is now known as ricab|lunch
pstolowskilooking at 700612:42
pstolowski*706612:42
pstolowskigrr, 700612:42
ijohnsonmorning folks12:56
pedronisChipaca: 6977 is probably something you should review (it relates to the refactor)12:57
zygaHey ijohnson12:59
ijohnsonhey zyga13:00
zygamvo:I will not be able to make it13:00
zygaMvo sorry, still finishing lunch13:00
cmatsuokauh, it was just me or  something strange just happened in the video call?13:31
jdstrandChipaca: ouid is the 'object id' of the thing being referenced in the permission check. so in that case, the fifo (the object) is owned by root and being accessed by non-root (the fsuid)13:36
jdstrandzyga: hey, why do we have a meeting on pr 7058?13:37
jdstrandmvo: ^ (hi btw)13:37
mvojdstrand: in a meeting right now, I will get back to you in 5min or so13:41
ograouid ? are you sure thats not a french daemon saying yes all the time ?13:42
mvojdstrand: I think the idea about hte meeting was to see what (if anything) would break if we enable apparmor on upstream kernels and also what security features will be missing13:43
mvojdstrand: it will hopefully be a short meeting :)13:46
jdstrandmvo: I thought we had that meeting in Lyon :) we don't really know what will break because we haven't run it in strict mode on those distros13:47
jdstrandwell, we'll see. it might sound like I'm rehashing an old argument, but I promise I won't be. I'll just be honest in the assessment13:47
pedronisjdstrand: we are having a meeting because I was told you were +1 on this change now13:50
pedronisand wanted to understand the new reasoning13:50
jdstrandpedronis: it is because in Lyon, where I said that if we were going to make the change, I wanted to be sure everyone understood the cost (maintenance, regression, reputation). people said they understood the cost and wanted to do it13:51
pedronisjdstrand: I didn't13:51
jdstrandhmm, you were in the room. ok, does sound like a meeting is warranted13:51
pedronisyes, that's why we have one, lots of mixed messages13:52
=== ricab|lunch is now known as ricab
zygajdstrand: yes13:57
* zyga misread the question, reading backlog13:58
zygaok, see you all in a minute13:58
mborzeckipedronis_: updated the big one https://github.com/snapcore/snapd/pull/689014:54
pedronismborzecki: thx, I'll try to go back to those PRs tomorrow14:58
mborzeckipedronis: great, thank you!15:05
ijohnsonpedronis, mvo: the bug about seeding a classic image I talked about is here: https://bugs.launchpad.net/snapd/+bug/183579515:09
jdstrandackk: re those bugs you asked about, they will be fixed in the upcoming 2.40 release15:16
ackkjdstrand, thanks, awesome!15:16
jdstrandackk: and sorry for the delay, I was on holiday15:16
ackkjdstrand, np, I figured :)15:16
mvoI see a lot of red tests, did anyone investigate?15:28
zygarre15:36
ondrazyga I fixed test, still running slow ones, but it's looking way better now15:38
zygathanks!15:38
zyga- Download snap "ubuntu-core" (1797) from channel "stable" (received an unexpected http response code (503) when trying to download https://canonical-lgw01.cdn.snapcraft.io/download-origin/canonical-lgw01/b8X2psL1ryVrPt5WEmpYiqfr5emixTd7_1797.snap?token=1562601600_d9a2f9b4f5f2050b5dfa14ea244831be9b8bfd51)15:50
zyganoise][: ^ https://status.snapcraft.io says it's all good but I've seen a few of those today15:50
zygathis was strictly after 2019-07-08 12:58:5615:51
zyga(not sure which TZ is  that, reported by travis)15:51
diddledansomething appears to have changed, and I can't figure out what - the extra menu items for gnome-twitch aren't visible any more: https://usercontent.irccloud-cdn.com/file/1vAA2qxd/image.png15:53
zygadiddledan: when did it change?15:53
diddledanI can't figure out what I've changed15:53
diddledanno idea15:53
zygaijohnson: do you have time for 5 minute reviews today?15:54
diddledanI've tried rebuilding an ancient copy that I'm ssure was working in the past and it is also showing the empty menu15:54
noise][zyga: thx, we'll take a look15:55
zyganoise][: thank you15:55
ijohnsonzyga: sure I can look at some small stuff in my afternoon15:55
diddledanit's interesting that there's a gap where the items should be, but it's only the size of one extra item when I think there should be more than one item in there15:55
zygaijohnson: two simple PRs (with that label) from me15:55
zygaijohnson: if you can it would help me move forwarrd15:56
ijohnsonzyga: 7080 and 7078?15:57
zygaijohnson: yes15:57
ijohnsoncool I'll take a look in a bit15:57
mvosergiusens: silly question, does snapcraft 2.43 not include the pyc files? is that fixed in later snapcraft version? we got a bugreport in the forum that indicates this is the case(?)15:59
* zyga takes a break until next call16:07
* ijohnson lunches16:09
diddledanI should do that. a few hours late at 17:10.... oops16:10
diddledanwho needs food?!16:10
mvosergiusens: hm, I just tried snapcraft 3.6 and in this snap (https://github.com/phocean/volatility-snap) there is no pyc files, is that expected (cc cjp256)16:12
mvo?16:13
mvo(this is a python2.7 snap fwiw)16:13
cjp256sergiusens is on holiday today, i'll take a look16:14
cjp256in old versions of snapcraft, did it snap up the pyc files?16:15
mvocjp256: no, no pyc files in both new and old16:15
mvocjp256: I can (probably) workaround this by adding "python -m compileall ." during the build, I'm trying this now. but my understand was that snapcraft would do that (or something similar) for me automtically(?)16:16
cjp256ok, i haven't had a reason to look at how the python plugin works yet, but this is as good a reason as any :) i'll get back to you16:17
=== pstolowski is now known as pstolowski|afk
mvocjp256: thanks, no rush, I will add my findings in the forum, its almost EOD here anyway :)16:19
zygatoday is a day lost for travis16:33
cjp256mvo: fwiw, snapcraft itself compiles pyc files in override-prime: https://github.com/snapcore/snapcraft/blob/master/snap/snapcraft.yaml#L10016:39
mvocjp256: interessting, for some reason that seems to have not worked when I build this example snap, maybe I did something wrong16:40
mvocjp256: I can try a fresh build on a different machine tomorrow but for me the pyc files are currently missing16:42
cjp256did you add anything to the snapcraft yaml?16:43
cjp256the compileall?16:43
cjp256i should perhaps clarify: it appears that snapcraft's snapcraft.yaml explicitly does compileall in its override-prime in order to ship pyc files16:44
mvozyga: do you know from the top of your head if/how I can disable seccomp in devmode (i.e. I don't even want complain mode, just nothing if possible)16:45
mvocjp256: I ran the compileall in the prime dir and used that, its a bit of a tangent for my real investigation, I just happend to notice the pyc files are missing16:45
cjp256when using pip, it's directed to --no-compile (https://github.com/snapcore/snapcraft/blob/master/snapcraft/plugins/_python/_pip.py#L352) and appears filtered from snap_fileset  (https://github.com/snapcore/snapcraft/blob/master/snapcraft/plugins/python.py#L440) - but that's just a cursory glance and I haven't traced what's happening in this case yet.16:48
mvocjp256: the snap is using the "python" plugin: https://github.com/phocean/volatility-snap/blob/master/snap/snapcraft.yaml16:51
zygamvo: no, devmode does not disable seccomp16:51
zygamvo: you must use classic for that16:51
mvozyga: yeah, just @complain - I switched to @unrestricted now16:51
mvozyga: for testing16:52
zygayeah that will work16:52
mvozyga: context is the "Concerns about performance" forum post16:52
zygaaha16:53
zygagood thinking16:53
mvozyga: updated the post with some more numbers, need to have dinner now16:55
=== aleksander__ is now known as aleksander
zygamvo: danke17:12
plarsogra: hi, I'm trying to limit ram for some testing on core with rpi using mem= set in the cmdline.txt, but so far it only gets as far as "Starting kernel..." and stops. Is this not possible on pi for some reason you can think of? I've tried 512M and 768M so far18:31
ograhmm, it shouldnt block your boot, are you sure you dont have any syntax errors or some such ?18:33
plarsogra: all I did was add " mem=512M" to cmdline.txt18:34
plarsif I take it out, it boots fine18:34
ograweird ... probably related to the pi bootloader though18:36
ograsince it inits the GPU (and such the videoram) before powering up the arm SoC18:36
ograperhaps try setting gpu_mem=16 (default is 64) in your config.txt18:40
ograthere is also disable_l2cache=1 you could try so the kernel doesnt use L2 from the CPU (but not sure if the kernel can cope without nay L2 at all)18:41
ogras/CPU/GPU/18:41
plarsogra: hmm, not helping so far18:42
plarsogra: ah, ok I may have found a workaround by setting total_mem in config.txt instead of mem= in cmdline.txt18:51
plarsogra: thanks for the ideas!18:52
cmatsuokawhat's the best way to build a kernel snap from kernel debs?19:12
ograplars, awesome ... good to know (i didnt kow about that option)19:28
ogra*know19:28

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!