[00:13] <mup> PR snapcraft#2753 closed: cli: use click utilities for registering on push <Created by sergiusens> <Merged by sergiusens> <https://github.com/snapcore/snapcraft/pull/2753>
[05:38] <mborzecki> morning
[05:58] <zyga> Hey
[05:58] <zyga> Taking Bit for a walk
[05:58] <mborzecki> zyga: hey
[06:33] <zyga> back in the office
[06:33] <zyga> man it's so wet today
[06:33] <zyga> it's not so cold but there's so much humidity everything is sticky wet
[06:34] <zyga> mborzecki: I'll work on the fix for apparmor now but later on I'd like to push some code through your review eyes ;)
[06:34] <mborzecki> hahah
[06:34] <mborzecki> zyga: i'm on a bug triage duty today, but want to finish some gadget stuff first
[06:37] <zyga> mborzecki: cool, enjoy it :)
[06:38] <zyga> mborzecki: perhaps you could triage fedora/rhel bugs
[06:38] <mborzecki> zyga: hm let me check whether i have the right permissions, last time i tried i couldn't switch them to resolved and assign to myself
[06:39] <mborzecki> zyga: should probably nag you and Eighth_Doctor to maybe add me to the snapd package
[06:39] <zyga> you have the required accounts and there's probably lots of stuff that is fixed
[06:39] <zyga> yeah, that's a good idea
[06:39] <zyga> add me as well if that's not already the case please
[07:01] <mup> PR snapd#7612 closed: gadget: add a public helper for parsing gadget metadata <Remodel :train:> <Simple 😃> <Created by bboozzoo> <Merged by bboozzoo> <https://github.com/snapcore/snapd/pull/7612>
[07:09] <pstolowski> morning
[07:10] <mborzecki> pstolowski: hey
[07:10] <mvo> hey pstolowski and mborzecki
[07:10] <mborzecki> mvo: hey
[07:16] <mvo> looks like we have lots of red, has anyone looked?
[07:17] <mvo> and happy release day
[07:34] <mborzecki> mvo: release day meaning we're going to see PRs failing on the store api? :)
[07:34] <mvo> mborzecki: most likely :/
[07:35] <mborzecki> mvo:  only 2 of recent PRs were red, pushed a little spelling fix to one with apparmor and pivot_root, the k8s one failed on store api returning 403
[07:36] <mup> PR snapd#7599 closed: gadget: refactor ensureVolumeConsistency <Created by mvo5> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/7599>
[07:56] <mup> PR snapd#7618 opened: snap-install: add ext4,vfat creation support <Simple 😃> <Created by mvo5> <https://github.com/snapcore/snapd/pull/7618>
[07:58] <mup> PR snapd#7618 closed: snap-install: add ext4,vfat creation support <Simple 😃> <Created by mvo5> <Closed by mvo5> <https://github.com/snapcore/snapd/pull/7618>
[07:58] <mup> PR snapd#7619 opened: image,seed: hide Seed16/Snap16, use seed.Open in image_test.go <Created by pedronis> <https://github.com/snapcore/snapd/pull/7619>
[07:58] <mborzecki> mvo: 7618 was quick, should i review it still?
[07:58] <mvo> mborzecki: no
[07:59] <mvo> mborzecki: I just noticed it duplicates code from the gadget
[07:59] <mvo> mborzecki: better code
[07:59] <mvo> mborzecki: so I will update and repush, sorry, I'm extracting mergable bits from the draft PR of claudio and didn't notice the duplication
[08:07]  * zyga has some back pain today
[08:07] <zyga> I'll focus on reviews
[08:13] <pedronis> pushed some seed/image cleanups,  so now #7619 should be reviewed before #7595
[08:13] <mup> PR #7619: image,seed: hide Seed16/Snap16, use seed.Open in image_test.go <Created by pedronis> <https://github.com/snapcore/snapd/pull/7619>
[08:13] <mup> PR #7595: seed/seedwriter: support writing Core 20 seeds (aka recovery systems) <Created by pedronis> <https://github.com/snapcore/snapd/pull/7595>
[08:18] <mvo> mborzecki: and its back again, had to tweak it a little to support contentless mkfs from gadget but still very easy I hope
[08:18] <mup> PR snapd#7620 opened: snap-install: add ext4,vfat creation support <Created by mvo5> <https://github.com/snapcore/snapd/pull/7620>
[08:19] <mvo> mborzecki: layering of the mocking is a bit debatable, happy to fix it
[08:19] <Chipaca> mborzecki: #1840751 is fix-released, if you have the bandwidth
[08:19] <mup> Bug #1840751: Please include store-url when it exists <Snap Store:Fix Released> <https://launchpad.net/bugs/1840751>
[08:19] <Chipaca> otherwise I'll leave it in my to-do
[08:21] <pedronis> Chipaca: hi, could you quickly backfill your standup notes for yesterday (maybe mvo should tell this, but I fear it might go all a bit downhill if we starts having gaps that are not because of time off)
[08:22] <Chipaca> drat, i forgot, yes
[08:22] <Chipaca> pedronis: thankyou for reminding me
[08:22] <pedronis> np
[08:23] <mborzecki> Chipaca: added a note in the topic and tagged it as upcoming for both of us :P
[08:24] <Chipaca> mborzecki: all I heard was "it's a race"
[08:25] <mborzecki> degville: i've gone through instructions in https://forum.snapcraft.io/t/building-a-snap-rpm-for-red-hat-enterprise-linux-rhel-8/13728 and updated them a bit, can you take a look whether i haven't butchered the language in the process?
[08:26] <degville> mborzecki: yes of course, thanks so much for looking through them and updating them!
[08:28] <degville> mborzecki: looks good - it's great to have the definitive article :) Thanks!
[08:30] <mborzecki> degville: it's using the release packages from github, at the cost of uglier download url :/ but i figured this would be better if the spec in master gains support for some new bianries that aren't in the latest release
[08:57] <Chipaca> mborzecki: degville: shouldn't the link point to the same place the example downloads?
[08:57] <Chipaca> or is it a different file
[08:58] <mborzecki> Chipaca: which example downloads?
[08:58] <mborzecki> the relase tarbal?
[09:01] <Chipaca> mborzecki: the spec file, but now i don't know what puts it there
[09:01] <Chipaca> so i'm confused and probably wrong
[09:02] <Chipaca> mborzecki: wha creates ~/rpmbuild/SOURCES/snapd.spec ?
[09:02] <Chipaca> in those instructions i mean
[09:02] <mborzecki> Chipaca: the tar incantation
[09:02] <mborzecki> Chipaca: tar -xvJ -C ~/rpmbuild/SPECS --strip-components=3 -f snapd_2.42.no-vendor.tar.xz snapd-2.42/packaging/fedora/
[09:03] <Chipaca> ahhh
[09:03] <Chipaca> mborzecki: i might have missed the strip-components option there :)
[09:04] <Chipaca> mborzecki: ok, so, question stands! shouldn't the link in "contains the recipe" point to the release recipe, not master?
[09:04] <mborzecki> ah right
[09:04] <degville> Chipaca / mborzecki: right, that's my fault. I put that original link in, you're right Chipaca.
[09:05] <Chipaca> https://github.com/snapcore/snapd/blob/release/2.42/packaging/fedora/snapd.spec is the 2.42 release blob
[09:05] <Chipaca> fwiw
[09:06] <mborzecki> Chipaca: degville: updated
[09:06] <degville> mborzecki: thank you!
[09:06] <Chipaca> mborzecki: is /blob/2.42/ the same as /blob/release/2.42?
[09:07] <Chipaca> anyway, i'll stop pestering now
[09:22] <zyga> pedronis: is this syntax new in go? https://github.com/snapcore/snapd/pull/7619/files#diff-4a51d32715a8521893a1f9ecf9236fb9R26
[09:22] <mup> PR #7619: image,seed: hide Seed16/Snap16, use seed.Open in image_test.go <Created by pedronis> <https://github.com/snapcore/snapd/pull/7619>
[09:22] <zyga> looks like type aliases
[09:22] <zyga> are those supported across all our go versions now?
[09:27]  * zyga afk for a second
[09:27] <zyga> need to find some painkillers for the back
[09:27] <zyga> gosh, I love autumn and all the windy weather it brings
[09:31] <pedronis> zyga: yes, they are type aliases, we have already some (for tests) in the code base
[09:31] <pedronis> zyga: they were added in 1.9
[09:31] <pedronis> I think
[09:36] <Chipaca> yep, 1.9
[09:36] <mup> PR snapd#7573 closed: [RFC] client: add support for the new "/v2/assertions/%s?remote=true" <Created by mvo5> <Closed by mvo5> <https://github.com/snapcore/snapd/pull/7573>
[09:50] <mborzecki> ijohnson: silly me, pushed a fix for https://github.com/snapcore/snapd/pull/7443/files#r335908588 should have simplified this earlier since i was using the funky mon1-mon schedule in testing while working on the code, that's how the other part of the || came to be
[09:50] <mup> PR #7443: timeutil: fix schedules with ambiguous nth weekday spans <Bug> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/7443>
[09:51] <ijohnson> mborzecki: great, I'll take a look in a bit thanks for explaining that
[09:52] <mborzecki> ok, onto the bug triage
[10:02] <mup> PR snapd#7621 opened: Add EPL-2.0 to licenses <Created by ralight> <https://github.com/snapcore/snapd/pull/7621>
[10:02] <mvo> mborzecki, zyga can someone on a fedora system check if "golang.org/x/xerrors" is available as a package?
[10:02] <zyga> mvo: hold on
[10:03] <zyga> mvo: a quick google ftp://rpmfind.net/linux/RPM/fedora/devel/rawhide/x86_64/g/golang-x-xerrors-devel-0-0.1.20190916gita985d34.fc32.noarch.html
[10:03] <zyga> mvo: so I suspect so
[10:03] <mborzecki> mvo:  i see it was released to 31 only
[10:04] <mvo> mborzecki: is it possible/easy to also releae for f30?
[10:04] <zyga> mvo: if needed it can be brouht to older releases
[10:04] <mborzecki> mvo: could probably ask the guy who maintains it to push a build for 30, although it's unsing a new packaging, so will require some tweaks
[10:04] <zyga> mvo: especially new devel packaes
[10:04] <mvo> will centos be a problem?
[10:04] <mborzecki> mvo: centos uses vendored pacakges
[10:04] <mvo> cool
[10:05] <mvo> well, it would make the PR I have here a lot nicer so would be nice to have it
[10:05] <mvo> and debian-sid has the package so its really just fedora
[10:05] <mborzecki> mvo: ah, it's the 1.13 error handling for older go releases
[10:05] <mvo> mborzecki: yeah
[10:05] <pstolowski> hmmmmm is there anything special about mount unit for core? on my WIP pre-baked image the unit is there in the fs (along one other snap), yet on boot it's not mounted and there is no trace of it in journal (the mount unit of other snap does appear there and gets mounted)
[10:05] <mvo> mborzecki: I think we will benefit in other areas too
[10:05] <zyga> pstolowski: which mount unit?
[10:06] <mvo> pstolowski: maybe not enabled in /{etc,lib}/systemd/system/mount.wants or something?
[10:06] <pstolowski> zyga: mount unit for core snap
[10:06] <mborzecki> btw. do you have an ubuntu system with nvidia?
[10:06] <zyga> mborzecki: me?
[10:07] <mborzecki> zyga: yes :P
[10:07] <zyga> mborzecki: not with ubuntu, last time I tried it wasn't working with this GPU
[10:07] <zyga> mborzecki: I think 19.10 will now work
[10:07] <zyga> mborzecki: but I don't have one installed
[10:07] <pstolowski> mvo: hmm interesting, will check, although mount unit is fine for lxd snap
[10:09] <mborzecki> zyga: ok, https://bugs.launchpad.net/snapd/+bug/1824168 needs checking on nvidia, perhaps they updated the snap since that time
[10:09] <mup> Bug #1824168: classic opengl application on 19.04 fail to find gl drivers <amd64> <apport-bug> <disco> <snapd:New> <snapd (Ubuntu):New> <https://launchpad.net/bugs/1824168>
[10:10] <zyga> Ok
[10:12] <mup> PR snapd#7622 opened: snap: make `snap known --remote` use snapd if available <Created by mvo5> <https://github.com/snapcore/snapd/pull/7622>
[10:13] <ogra> ogra@pocketbeagle:~$ grep BUG /etc/os-release
[10:13] <ogra> BUG_REPORT_URL="http://bugs.launchpad.net/snappy/"
[10:13] <ogra> given you guys did so much bug cleanup the last days ...
[10:14] <ogra> is that url in UbuntuCore still accurate ?
[10:14] <ogra> (thats core18)
[10:14] <pstolowski> mvo: aha! that is the case, thank you
[10:16] <Saviq> zyga: hey, is there somewhere we could read about / provide feedback on the hardware-support snaps (GL)?
[10:16] <ogra> there used to be a forum thread about this ...
[10:17] <zyga> Saviq: they are not on the roadmap anymore. What is present is on the forum
[10:17] <zyga> You can respond to existing topics there
[10:17] <zyga> I made one for OpenGL and one for CUDA
[10:18] <ogra> well, the Mir team made one for opengl too ... before yours i think
[10:19] <ogra> https://forum.snapcraft.io/t/libgl-and-snaps/6270
[10:20] <Saviq> and I suppose what you mean is https://forum.snapcraft.io/t/gpu-support-proposal/11247 and https://forum.snapcraft.io/t/hello-world-cuda-analysis/11250
[10:21] <ijohnson> mborzecki: I checked with my nvidia gpu + 19.04 and I can reproduce
[10:21] <mborzecki> hm someone reported a but about snapd 2.34.2ubuntu0.1 to 2.37.4ubuntu0.1 upgrade, but there's no 2.34 in the archive :?
[10:21] <mborzecki> ijohnson: thanks!
[10:24] <zyga> Saviq: yes
[10:24] <Chipaca> mborzecki: https://launchpad.net/ubuntu/+source/snapd/2.34.2ubuntu0.1
[10:24] <Chipaca> mborzecki: perhaps look in security you did not
[10:24]  * Chipaca yodas
[10:25] <mborzecki> Chipaca: heh, thanks!
[10:25] <Chipaca> mborzecki: fwiw i got there via googling 'snapd <version>'
[10:25] <mborzecki> Chipaca: hmmm, still no deb there either, thought the old versions are just kept behind
[10:26] <mborzecki> unless, it was pulled maybe?
[10:26] <ogra> or the user has -proposed permanently enabled
[10:26] <Chipaca> mborzecki: ? the link is right there
[10:26] <Chipaca> mborzecki: on the right, "builds"
[10:26] <Chipaca> mborzecki: amd64
[10:26] <Chipaca> mborzecki: https://launchpad.net/~ubuntu-security/+archive/ubuntu/ppa/+build/16332834/+files/snapd_2.34.2ubuntu0.1_amd64.deb
[10:27] <Chipaca> (and all the other debs we build)
[10:27] <mborzecki> Chipaca: right, there's where i downlaoded it from, but i'm not sure why it's not in archive.u.c or security.u.c pacakge pools
[10:28] <Chipaca> ahhh
[10:28] <Chipaca> mborzecki: because it got superseded, i assume
[10:28] <Chipaca> archive doesn't keep all old versions
[10:46] <Chipaca> huh, we don't restart snapd on removing the snapd snap
[10:49] <ogra> well, if you remove the snapd snap as a general user, you probably expect the deb to be gone too ?
[10:50] <Chipaca> well you'd be expecting wrong, then
[10:53] <mborzecki> Chipaca: --purge?
[10:54] <Chipaca> mborzecki: ?
[10:54] <mborzecki> Chipaca: duh, misread, it's the snapd snap
[10:54] <sergiusens> how do I deal with "error: cannot install snap file: snap "snapcraft" assumes unsupported features: snapd2.39 (try to update snapd and refresh the core snap)" but installing the snapd snap instead? I get "error: cannot install "snapd": cannot install snapd snap on a model without a base snap yet"
[10:55] <sergiusens> this is 16.04
[10:55] <sergiusens> and hello everyone
[10:55] <ogra> create a gadget for your install :P
[10:56] <ogra> (one thats base: core18 ... )
[10:56] <sergiusens> for my lxd container running a classic system?
[10:56] <ogra> (i wasnt serious)
[10:57] <zyga> sergiusens: install core
[10:57] <Chipaca> sergiusens: 1 sec
[10:57] <ogra> note that our classic installs all default us use core, not core18
[10:57] <sergiusens> good, I want to avoid installing core, snapcraft is on core18 and doesn't want to be installed
[10:57] <ogra> s/us/to/
[10:57] <sergiusens> zyga: so to install snapcraft I need to install core and core18?
[10:57]  * ogra glares at his fingers
[10:57] <zyga> Yes
[10:57] <sergiusens> I went down this path as I was told the snapd snap fixed that
[10:57] <zyga> Until we ship snapd snap ootb
[10:57] <Chipaca> hold on
[10:58] <Chipaca> 1 sec
[10:58] <zyga> AFAIK it is not ready
[10:58] <Chipaca> sergiusens: can't you update your snapd package?
[10:58] <ogra> wouldnt that be snapd and core16 then, not core ?
[10:58] <Chipaca> sergiusens: otherwise, try this
[10:58] <sergiusens> Chipaca: I could add it to the work flow
[10:58] <Chipaca> sergiusens:  snap set system experimental.snapd-snap=true
[10:58] <zyga> ogra: it is not ready yet
[10:59] <Chipaca> sergiusens: then snap install snapd
[10:59] <ogra> zyga, yes, i got that ... but you'd not be using core in that scenario, right =
[10:59] <ogra> ?
[10:59] <Chipaca> zyga: snapd + core18 on classic works fine
[10:59] <sergiusens> Chipaca: ok, useful for play, but not to get out of this pickle :-)
[10:59] <Chipaca> sergiusens: what is your pickle?
[11:01] <Chipaca> sergiusens: as an aside: why are you running things on a 16.04 that is not up to date? :)
[11:01] <sergiusens> Chipaca: I build snapcraft with assumes command-chain, and 16.04 holding an older snapd
[11:01] <sergiusens> Chipaca: it is the latest minimal image
[11:01] <ogra> how could it "hold an older snapd" ? it re-execs into core
[11:02] <Chipaca> sergiusens: snapd 2.40 is in xenial-updates for quite a while now, but ok
[11:02] <ogra> (which should be auto-installed with your first snap)
[11:02] <sergiusens> Chipaca: yeah, the apt update proved that
[11:02] <Chipaca> sergiusens: and why does the 'snap set system' call not get you out of there?
[11:02] <sergiusens> Chipaca: oh, I read "experimental" and sort of hid from it
[11:03] <Chipaca> well, it's no longer experimental in a new enough snapd :)
[11:03] <zyga> Chipaca: there are still some issues in that setup
[11:03] <sergiusens> great then
[11:04] <Chipaca> zyga: what issues?
[11:08] <zyga> Chipaca: snapd tools directory injection into snap mount namespaces leads to stale tools over time
[11:08] <zyga> There is a topic forum describing this
[11:08] <zyga> Along with three proposals for solving it
[11:12] <zyga> Chipaca: I can find the link if you want to know more
[11:45] <Chipaca> zyga: you're mentioned in this thread, but dunno if you were aware (nor if you know what they're talking about): do you know what a 'readonly snapshot' means in this context? https://discourse.ubuntu.com/t/intent-to-provide-chromium-as-a-snap-only/5987/2?u=chipaca
[11:45] <Chipaca> and more importantly why would it trip up snapd
[11:51] <Chipaca> zyga: ah, link to the forum, d'oh
[11:58]  * pstolowski lunch
[12:07] <ondra> sergiusens ping
[12:11] <ondra> sergiusens you might have regression in snapcraft which is in beta
[12:11] <ondra> sergiusens run snapcraft init and then add in snapcraft.yaml plug definition from here https://forum.snapcraft.io/t/the-content-interface/1074
[12:14] <diddledan> ondra: I suspect you'll need to state which of those plug definitions you're using - there's several on that page
[12:14] <ogra> details ...
[12:14] <mup> PR snapd#7617 closed: snap-confine.apparmor.in: harden pivot_root until we have full mediation <Created by jdstrand> <Merged by jdstrand> <https://github.com/snapcore/snapd/pull/7617>
[12:14] <diddledan> ogra: details are the bane of our existence. down with details!
[12:15] <ondra> diddledan the very basic one https://paste.ubuntu.com/p/PpBrFGnMcf/
[12:15] <ondra> diddledan I get "Sorry, an error occurred in Snapcraft: argument of type 'NoneType' is not iterable"
[12:15] <diddledan> ooh, interesting
[12:15] <ondra> diddledan seems like missing tests
[12:16] <ondra> diddledan this should be caught during testing
[12:16] <diddledan> yes, it should :-)
[12:16] <ondra> diddledan essentially it breaks now every snap using content interface plug
[12:16] <ondra> diddledan true I'm on beta :)
[12:19] <zyga> mborzecki: small test https://github.com/snapcore/snapd/pull/7623
[12:19] <zyga> jdstrand: ^
[12:19] <mup> PR #7623: tests: check world-writable and test-owned files <Created by zyga> <https://github.com/snapcore/snapd/pull/7623>
[12:19] <mup> PR snapd#7623 opened: tests: check world-writable and test-owned files <Created by zyga> <https://github.com/snapcore/snapd/pull/7623>
[12:19] <zyga> AFAIK we discussed this a while ago
[12:20] <jdstrand> I'll take a look
[12:22] <zyga> thank you
[12:27] <sergiusens> ondra: thanks, we will look into it, adding the Sharing a C-level library ? I guess we are naively expecting a default to be defined.
[12:28] <ondra> sergiusens I used that example straight from our docs
[12:28] <ondra> sergiusens in snap it broke I was just sharing socket
[12:28] <ogra> because our docs are always correct indeed :)
[12:29] <ondra> sergiusens but I wanted to demonstrate it on official example
[12:29] <ondra> ogra :P
[12:29] <sergiusens> Chipaca: I know why there are no updates, policy today is that build images are based on -release with no -updates
[12:30] <sergiusens> ondra: that's fine, no worries, we made changes there so there most likley is a regression
[12:30] <sergiusens> Chipaca: so is the outcome to use the snapd snap or just install core?
[12:39] <ondra> sergiusens cool, thanks
[12:51] <jdstrand> zyga: ok, fixed your hook comment (good catch!). See https://github.com/snapcore/snapd/pull/7616#pullrequestreview-303088818 for discussion
[12:51] <mup> PR #7616: interfaces/many: allow k8s/systemd-run to mount volume subPaths plus cleanups <Created by jdstrand> <https://github.com/snapcore/snapd/pull/7616>
[12:57] <zyga> jdstrand: thank you, I'll look soon
[12:58] <jdstrand> zyga: thanks, not urgent (just needs to be in 2.43 :)
[13:00] <jdstrand> huh
[13:00] <jdstrand> so, yesterday I dropped pulseaudio from chocolate-doom-jdstrand and used audio-playback instead (fine)
[13:01] <jdstrand> I pushed that to git, which built the snap, which pushed it to edge which updated on my laptop
[13:01] <jdstrand> $ snap connections chocolate-doom-jdstrand|grep pulseaudio
[13:01] <jdstrand> pulseaudio              chocolate-doom-jdstrand:pulseaudio              :pulseaudio              -
[13:01] <jdstrand> $ grep pulseaudio /snap/chocolate-doom-jdstrand/current/meta/snap.yaml
[13:01] <jdstrand> [1]
[13:02] <sergiusens> ondra: https://github.com/snapcore/snapcraft/pull/2754
[13:02] <jdstrand> so... pulseaudio is connected after the refresh even though the current revision does not plugs it
[13:02] <mup> PR snapcraft#2754: meta: support the case of a plug without a default provider <Created by sergiusens> <https://github.com/snapcore/snapcraft/pull/2754>
[13:02] <jdstrand> zyga: this seems like a bug ^
[13:03] <mup> PR snapcraft#2754 opened: meta: support the case of a plug without a default provider <Created by sergiusens> <https://github.com/snapcore/snapcraft/pull/2754>
[13:03] <zyga> jdstrand: aha
[13:03] <zyga> in standup now
[13:04] <zyga> jdstrand: can you clarify, even though the revision does not plug it?
[13:07] <zyga> jdstrand: are you referring to "snap connections" claiming there is a connection even though a plug or slot has been removed?
[13:07] <jdstrand> zyga: the 'current' revision (ie, 81) does not 'plugs: pulseaudio'. the previous revision did. when snapd refreshed the snap from the previous to the current, pulseaudio remains connected
[13:07] <zyga> I see
[13:07] <jdstrand> zyga: unsurprisingly, that is also true of 'snap interfaces'
[13:10] <jdstrand> zyga: the profile on disk correctly only has audio-playback in the snippets
[13:11] <jdstrand> zyga: I'm going to file a bug. someone can mark it Invalid if it is operating as designed
[13:12] <kjackal_v2> jdstrand: any hints on this:
[13:12] <kjackal_v2> apparmor="DENIED" operation="open" profile="snap.microk8s.daemon-cluster-agent" name="/proc/18749/mounts" pid=18749 comm="python3" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[13:12] <kjackal_v2> it comes from a command executing a python script
[13:12] <kjackal_v2> am I missing an interface?
[13:13] <jdstrand> or maybe not... what's going on LP?
[13:13] <zyga> jdstrand: thank you for the bug
[13:13] <zyga> jdstrand: lp is a bit wonky recently
[13:13] <ogra> release day ...
[13:13] <zyga> jdstrand: are you seeing timeout errors?
[13:13] <ogra> it is busy at some release party i guess
[13:14] <ogra> (getting drunk and such)
[13:14] <zyga> kjackal_v2: you can use mount-observe to avoid it
[13:14] <kjackal_v2> cool, trying that now, thanks zyga
[13:15] <jdstrand> kjackal_v2: plugs mount-observe
[13:15] <jdstrand> zyga: I see nothing. all white
[13:15] <zyga> jdstrand: oh that's even more buggy :)
[13:15] <jdstrand> there we go
[13:16] <kjackal_v2> there must be a tool suggesting the interfaces based on denials. thank you
[13:16]  * jdstrand writes his bug report in an editor to then paste in
[13:16] <jdstrand> kjackal_v2: snappy-debug
[13:16] <zyga> kjackal_v2: there's snappy-debug
[13:16] <ogra> kjackal_v2, it is called snappy-debug
[13:16] <ogra> bah, snap
[13:16] <zyga> but I think we could instead have a tree-like output of files and patterns and associated interfaces that grant access
[13:16] <kjackal_v2> woohoo, thank you
[13:16] <jdstrand> kjackal_v2: I don't know if you saw, but it is called snappy-debug ;)
[13:17] <kjackal_v2> snappy-what ???
[13:17] <jdstrand> :)
[13:18] <zyga> jdstrand: I think snapd could even make that output
[13:18] <zyga> jdstrand: even based on dynamically created interfaces
[13:18] <zyga> jdstrand: that would be pretty neat actualy
[13:18] <zyga> *actually
[13:20] <jdstrand> zyga: the problem is globs and weird things like dbus rules and things with peers, etc
[13:21] <jdstrand> zyga: for best results (that snappy-debug is not currently doing) we need to use logprof to aid in suggestions
[13:21] <zyga> Yeah but those are all doable
[13:21] <jdstrand> and logprof is py3
[13:22] <jdstrand> snappy-debug receives nearly no love and I would still consider it poc code
[13:22] <jdstrand> I mean, it works, but isn't perfect
[13:27] <zyga> brb
[13:34] <mup> PR snapd#7518 closed: cmd/snap: sort tasks in snap debug timings output <Created by stolowski> <Merged by stolowski> <https://github.com/snapcore/snapd/pull/7518>
[13:36] <jdstrand> zyga: what would be quite cool is for snappy-debug to be able to query snapd on the fly (perhaps using your output) to obtain the policy to base suggestions on
[13:37] <jdstrand> right now I have to dump the policy snippets to disk in a rather convoluted manner and ship those snippets in snappy-debug
[13:38] <jdstrand> which, again, 'works', but it gets out of date and there are some problems wrt implicitCore and implicitClassic
[13:38] <jdstrand> anyway, we could discuss this over lunch sometime. it isn't like any of this is resourced :)
[13:40] <roadmr> jdstrand: hey there - hope it's not too short-notice, I scheduled the kickoff for the review-tools stateful thing in 50 min
[13:42] <jdstrand> roadmr: that's fine. do note that I'm booked til the roadmaap sprint and won't personally be able to do much wrt this until likely after. possibly just before
[13:42] <pedronis> pstolowski: which should probably discuss this issue with enable because I still think there is either a small bug in snapd or in some snaps, probably next week at this point though
[13:42] <jdstrand> possibly...
[13:43] <jdstrand> roadmr: my understanding was this was a 'next cycle' thing (in fact, the base snap stuff I've communicated in the forum as early next cycle)
[13:43] <pedronis> pstolowski: I made a note
[13:43] <jdstrand> roadmr: that doesn't mean I can't attend the meeting, just trying to set expectations
[13:44] <roadmr> jdstrand: right, we can clarify that in a bit. Our plan is to feature-flag this so it's ready to go once the tools support it, so there's no pressure on you ideally
[13:45] <jdstrand> roadmr: ack
[13:48] <pstolowski> pedronis: ok
[13:52] <jdstrand> pstolowski: fyi, in 2.42 snap install is fast since we only do the apparmor_parser at the end, but snap remove runs the parser on each disconnect
[13:52] <jdstrand> pstolowski: I don't recall if that was intentional (ie, it is still a known todo)
[13:53] <jdstrand> pstolowski: but if it was unknown, now it is known
[13:53] <jdstrand> :)
[13:53] <jdstrand> pstolowski: hey btw :)
[13:56] <pstolowski> jdstrand: hi! yes and no, we know we have a few variants of ops that need their own treatment... btw i've next PR up - https://github.com/snapcore/snapd/pull/7601 ; but yes i haven't considered remove yet
[13:56] <mup> PR #7601: overlord/ifacestate: use SetupMany in setupSecurityByBackend <Created by stolowski> <https://github.com/snapcore/snapd/pull/7601>
[13:56] <pstolowski> jdstrand: so, thanks for pointing out
[13:58] <jdstrand> ack on that PR (had it in my todo)
[14:06] <jdstrand> zyga: https://bugs.launchpad.net/snapd/+bug/1848516
[14:06] <mup> Bug #1848516: snap connections/interfaces shows dropped interfaces as connected after refresh <snapd:New> <https://launchpad.net/bugs/1848516>
[14:07] <jdstrand> zyga: the end of that report is bizarre
[14:20] <Chipaca> found the issue with brave
[14:20] <Chipaca> https://forum.snapcraft.io/t/small-problem-with-brave-browser/13743/6?u=chipaca
[14:20] <Chipaca> anybody know the brave devs? popey?
[14:20] <ogra> they used to be active on the forum when packaging it first
[14:21] <ogra> @posix4e on the forum it seems
[14:22] <Chipaca> ogra: thanks
[14:22] <ogra> :)
[14:23] <Chipaca> hm, last seen jan 27
[14:23] <Chipaca> hmm
[14:24] <ogra> yeah ... at least this year though :)
[14:24] <zyga> jdstrand: returning from lunch and looking
[14:29] <Saviq> Can't find this documented anywhere, does the store expire old revisions of software? What are the rules for that?
[14:30] <ogra> afaik the store never deletes anything ... and revisions are only wiped when new stuff comes in
[14:30] <ogra> (unless you manually unrelease/close channels etc)
[14:31] <Chipaca> Saviq: if you're the publisher you can still install the old revisions
[14:31] <Chipaca> e.g. i can snap install --revision=1 http
[14:31] <ogra> show off ...
[14:32] <Chipaca> wait, i lied, i can onlu install 14 and on
[14:32] <Chipaca> huh
[14:33] <Chipaca> Saviq: so maybe there's more to it than that and we should ask the store :-D
[14:35] <ogra> probably only revisions that have been published once ?
[14:37] <Saviq> well, multipass's revisions start with no. 700+ (at least as far as `snapcraft revisions` is concerned)
[14:37] <Saviq> why I'm asking is I'm considering edge/pr-123 branches for pull requests, but would not like those to live ad infinitum
[14:38] <Saviq> so if there are *some* rules for expiration, I'd be much happier :)
[15:23]  * cachio lunch
[15:29] <popey> Chipaca: they haven't been active for ages
[15:29] <popey> We may have to re-home it
[16:08] <zyga> jdstrand: question about https://github.com/snapcore/snapd/pull/7623 -- it shows we actually do use wrong permissions
[16:08] <mup> PR #7623: tests: check world-writable and test-owned files <Created by zyga> <https://github.com/snapcore/snapd/pull/7623>
[16:09] <zyga> jdstrand: I made some changes to snap-confine where this test passes, do you think I should open that as a PR?
[16:09] <jdstrand> zyga: I have to step away but will circle back
[16:09] <zyga> ok
[16:09] <zyga> I'll commit and push it and give you a link
[16:10] <mup> PR snapd#7624 opened: snap: make `snap download` download via snapd if availalbe <Created by mvo5> <https://github.com/snapcore/snapd/pull/7624>
[16:12] <mup> PR snapd#7619 closed: image,seed: hide Seed16/Snap16, use seed.Open in image_test.go <Created by pedronis> <Merged by pedronis> <https://github.com/snapcore/snapd/pull/7619>
[16:17] <mvo> pedronis: yay
[16:17] <mvo> pedronis: ping me once this is merged into your other PR
[16:17] <pedronis> mvo: it is now
[16:18] <pedronis> #7595 is ready for review
[16:18] <mup> PR #7595: seed/seedwriter: support writing Core 20 seeds (aka recovery systems) <Created by pedronis> <https://github.com/snapcore/snapd/pull/7595>
[16:18] <mup> PR snapd#7625 opened: cmd/snap-confine: stop being setgid root <Created by zyga> <https://github.com/snapcore/snapd/pull/7625>
[16:22] <mup> PR snapd#7233 closed: interfaces/firewall-control: add nf_nat_* to kmod plug <Created by alfonsosanchezbeato> <Closed by zyga> <https://github.com/snapcore/snapd/pull/7233>
[18:22] <mup> PR snapd#7626 opened: [RFC] managers: add remodel undo test for new required snaps case <Created by mvo5> <https://github.com/snapcore/snapd/pull/7626>
[18:33] <joedborg> hey ijohnson, do you happen to have the snapcraft.yaml for the docker snap you wrote?
[18:33] <ijohnson> joedborg: it's being maintained by tianon now on LP
[18:34] <joedborg> ijohnson: thanks!
[18:34] <ijohnson> joedborg: but anyways it's here : https://git.launchpad.net/~docker/+git/snap/tree/
[18:40] <joedborg> ijohnson: ah, nice, thanks.  just needed to "borrow" some bits :)
[18:40] <ijohnson> +1
[18:42] <mup> PR snapcraft#2741 closed: extensions: support using gjs from gnome runtime <Created by galgalesh> <Merged by sergiusens> <https://github.com/snapcore/snapcraft/pull/2741>
[19:11] <jdstrand> zyga: can you take a look at this and bring it up in your standup: https://bugs.launchpad.net/snapd/+bug/1848567
[19:11] <mup> Bug #1848567: autogenerated per-snap snap-update-ns apparmor profile may contain many duplicate rules causing excessive parser memory usage <aa-parser> <AppArmor:New> <snapd:New> <https://launchpad.net/bugs/1848567>
[19:13] <jdstrand> cc pedronis ^
[19:13] <jdstrand> zyga (cc pedronis): that could be an easy performance win
[19:14] <jdstrand> I say 'easy' because it is no risk for production, but I realize there could be a lot of testsuite changes
[19:35] <mup> PR snapd#7627 opened: overlord: add checks for bootvars in TestRemodelSwitchToDifferentKernel <Simple 😃> <Created by mvo5> <https://github.com/snapcore/snapd/pull/7627>
[19:51] <ijohnson> jdstrand: I'll make sure it's discussed, that's could be a huge performance win it seems
[19:56] <jdstrand> ijohnson: yes, huge! and not just UC. eg, Ubuntu with preinstalled snaps on first boot could swap (or even OOM) due to this
[19:56] <ijohnson> yeah totally
[19:57] <jdstrand> ijohnson: the biggest number of dupes seems to be mostly around the content interface
[19:58] <jdstrand> layouts aren't too bad
[19:58] <jdstrand> at least anecdotally
[19:59] <ijohnson> yes it's quite odd because I have 3 graphical snaps on my system and they all have 17k line long snap-update-ns profiles and all the rest of my profiles are only about 100-200 lines
[19:59] <jdstrand> ijohnson: jjohansen mentioned to me that the issue is because mount rules don't have a quick and dirt second pass to pull out dupes
[19:59] <jdstrand> dirty*
[19:59] <ijohnson> but also all the graphical snaps use the content interface too
[19:59] <jdstrand> ijohnson: yes, exactly
[20:01] <jdstrand> ijohnson: I see that chromium ,discord, gedit, gimp, gnome-calculator, gnome-characters, gnome-logs, gnome-system-monitor, indicator-sensors, libreoffice, remmina, ...
[20:01] <jdstrand> ijohnson: you know, all the stuff no one uses :P
[20:01] <ijohnson> haha yeah :-O
[20:17] <oSoMoN> jdstrand, hey, until the voting period is over for https://forum.snapcraft.io/t/auto-connecting-the-personal-files-interface-for-the-chromium-snap-part-ii/13705, the chromium snap in the candidate channel is not installable. If I wanted to publish unrelated bug fixes in the chromium snap, should I simply revert the change to the personal-files plug temporarily, then add it back when auto-connection is granted?
[20:18] <jdstrand> oSoMoN: yes, that would be the best course. let me look at that request real quick
[20:19] <jdstrand> oSoMoN: let me look at the snapcraft.yaml. recall there is a review-tools change that is also needed
[20:20] <jdstrand> oSoMoN: I'd like to proactively add that ahead of the voting period expiration
[20:20] <oSoMoN> cool
[20:22] <jdstrand> oSoMoN: so your plan is to update the existing 'chromium-config' plug?
[20:22] <oSoMoN> jdstrand, yes, unless you advise otherwise
[20:22] <oSoMoN> the change is here: https://git.launchpad.net/~chromium-team/chromium-browser/+git/snap-from-source/commit/?id=ffd7ad54bca62c325f906014cd3b96bd2bcd2ee7
[20:22] <jdstrand> oSoMoN: in this case, I think that is fine. it also means I don't need to add anything to the review-tools
[20:23] <oSoMoN> even better
[22:16] <mup> PR snapcraft#2755 opened: extensions: kde-neon: add icon and sound themes <Created by galgalesh> <https://github.com/snapcore/snapcraft/pull/2755>