[01:30] PR snapd#7916 closed: interfaces/browser-support: add more product/vendor paths [04:10] Hi. I may be misunderstanding something. Why can the Firefox snap see contents of file:///home/me/Documents/ ? The :home connection is not connected to a slot. Shouldn’t that stop access? [04:48] Au, auto-connections and stuff. Okay, got it. [05:37] PR snapd#7941 closed: snap-bootstrap: read only stdout when parsing the sfdisk json === Girtablulu_ is now known as Girtablulu [06:39] PR pc-amd64-gadget#32 opened: gadget.yaml: increase default size of ubuntu-data to 3G [06:40] morning [06:45] hey mborzecki [06:46] mvo: hey [06:46] mvo: any PRs you'd like me to look at? [06:49] mborzecki: thank you, all the criticial stuff has landed [06:49] yay :) [06:50] mborzecki: exactly [06:50] mborzecki: and I have a (hacked) spread setup that runs hello world in uc20 [06:52] mvo: oh cool, as in boots into uc20 and runs a test? [06:54] mborzecki: correct [06:54] mborzecki: it's very raw right now (and needs a hacked spread for uefi support with qemu). but it's getting there :) [06:55] mborzecki: I hope to proposed a slightly cleaned up version today [06:56] mvo: wondering whether gcp supports booting with uefi [06:58] mvo: btw. somebody is trying out gadget updates https://forum.snapcraft.io/t/gadget-schema-for-ubuntu-image-parser-might-be-broken/14723 [07:00] mborzecki: yeah, cachio explored this last night [07:00] mborzecki: we have a ubuntu-1804-64-uefi-enabled image for this now [07:00] mborzecki: oh, interessting! [07:01] mborzecki: looks like we really need to take over ubuntu-image ;) [07:01] mborzecki: or rather make it use our gadget parser [07:01] mborzecki: but that's for later [07:01] mvo: yeah, maybe, i can look into adding that to the schema [07:02] mborzecki: if it's not too much distraction that would be nice [07:02] mborzecki: I should be able to look at reviews today again, anything you would like me to prioritize? [07:02] mvo: hopefully sil2100 is still around today ;) [07:02] mvo: this one would unblock rest of snapd on core: https://github.com/snapcore/snapd/pull/7772 [07:03] PR #7772: wrappers: write and undo snapd services on core [07:03] mborzecki: cool, I have a look, this is really exctiin g for me [07:48] quick errand, back in 30 [08:01] mborzecki: (quick follow-up from yday): the beta channel resolved the font issue, but not the tiny mouse cursor. [08:03] ctOS: nice, thanks for the update. I think for the cursor me need someone from the desktop team to help, maybe kenvandine when he is around (in the US timezone so not up yet) [08:05] PR snapd#7943 opened: tests: add core20 tests [08:14] mborzecki: when you are back - where is OFMF.fd on fedora/arch? [08:14] re [08:14] mborzecki: on ubuntu it's /usr/share/OVMF/OVFM_CODE.ms.fd [08:14] mborzecki: but I wonder if I can build something for spread that is portable [08:15] mvo: let me see [08:16] mvo: ovmf /usr/share/ovmf/x64/OVMF_CODE.fd [08:16] ctOS: if it's not too much hassle, can you check that the cursor fix that was linked yday is include in the firefox snap from beta channel? [08:17] mborzecki: ta [08:19] hi, is there any peculiar difference between the environment a snap runs in on ubuntu vs ubuntu core? I have a snap which run sshd and I can ssh in if I install it on my PC. but running it on a rpi with ubuntu core I get disconnected right away (with no error) [08:21] mborzecki: the patch is included in the beta (287). I’ve also double-checked that it is indeed not fixed in this version. [08:23] ctOS: thank you! [08:23] mvo: on fedora i have /usr/share/edk2/ovmf/OVMF_CODE.fd and there's also /usr/share/edk2/ovmf/OVMF_CODE.secboot.fd [08:25] mvo: on arch the package is called 'ovmf', on fedora it's 'edk2-ovmf' [08:28] mborzecki: thanks [08:28] mborzecki: still scratching my head about how to do this in a portable way, maybe an environment is the simplest and just documenting it [08:29] PR snapd#7944 opened: test: extract code that modifies "writable" for test prep [08:29] morning [08:29] pstolowski: hey [08:32] PR snapd#7686 closed: systemd: handle preseed mode [08:39] hey pstolowski [08:39] pstolowski: nice to see this merged! [08:41] yeah! [08:55] PR snapd#7945 opened: tests: unify/rename services-related spread tests to start with services- prefix [08:55] mvo, mborzecki ^ trivial and hopefully uncontroversial [08:55] pstolowski: nice [09:02] pstolowski: +1 [09:02] thx [09:54] PR pc-amd64-gadget#32 closed: gadget.yaml: increase default size of ubuntu-data to 3G [09:59] niemeyer: when you have some spare cycles a review/feedback on https://github.com/snapcore/spread/pull/95 and https://github.com/snapcore/spread/pull/96 would be great. happy to adjust as needed. we need uefi/virtio for spread testing uc20 [09:59] PR spread#95: spread: add support to define a custom bios with the qemu backend [09:59] PR spread#96: spread: add support for system specific "flags" and use in qemu [10:05] travis is super slow.. or is it my PR? [10:05] PR snapd#7944 closed: test: extract code that modifies "writable" for test prep [10:22] mvo: Of course [10:24] mvo: Is that the same thing zyga mentioned last week? I was waiting for the ping on Friday [10:25] niemeyer: it's slightly different [10:25] niemeyer: I think zyga wants to stop using "kvm" to launch qemu because it's ubuntu/debian specific. my bit are new features for the qemu backend, i.e. I need the ability to enable uefi/virtio for uc20 testing [10:26] mvo: Ack [10:27] niemeyer: it's not super critical, I can use my local spread for testing for now but eventually it would be nice to be able to have it as part of the default [10:27] niemeyer: also does not affect GCE testing so no need to do a new release and all that :) [10:27] Cool, thanks [10:28] thank you! [10:44] mvo, mborzecki any particular PRs you would like to land today & want reviewed? [10:45] pstolowski: https://github.com/snapcore/snapd/pull/7772 if you would [10:45] PR #7772: wrappers: write and undo snapd services on core [10:45] sure [11:14] PR snapd#7945 closed: tests: unify/rename services-related spread tests to start with services- prefix [11:36] sil2100: hi, any chance you can take a look at this PR before the break? https://github.com/CanonicalLtd/ubuntu-image/pull/180 [11:36] PR CanonicalLtd/ubuntu-image#180: ubuntu_image: update schema validator to allow gadget update specific keys & little cleanups [11:37] mborzecki: o/ [11:38] sil2100: got one more patch with nicer error messages for all validation, but no clue whether older releases of voluptous raise useful exceptions [11:39] mvo: ^^ [11:42] mborzecki: nice one! [11:45] good morning. hopefully my internet will be fast and stable today [11:46] hi cmatsuoka ! [11:46] because yesterday it was just weird [11:52] a friend of mine is moving to Canada and is selling a NUC, I'm checking if it has TPM [12:58] mborzecki: do you have an LP bug for the PR? Could you fill in a bug for https://github.com/CanonicalLtd/ubuntu-image/pull/180/ and add a changelog entry to it with the bug linked? [12:58] PR CanonicalLtd/ubuntu-image#180: ubuntu_image: update schema validator to allow gadget update specific keys & little cleanups [13:00] sil2100: ha, there's one https://bugs.launchpad.net/ubuntu-image/+bug/1856903 [13:00] Bug #1856903: ubuntu_image/parser.py Gadget YAML Definition needs updating [13:00] mborzecki: hah, excellent [13:01] mborzecki: could you add a changelog entry for the change with the LP: # added? [13:01] mborzecki: or actually, I guess I'll just do that instead, so nevermind o/ [13:02] sil2100: cool, thanks! [13:03] mborzecki: oh, though some code-style stuff needs to be fixed first [13:03] mborzecki: did you run `tox` before submitting the changes? Since the qa test-suite seems to fail due to pep8 errors [13:05] mborzecki: example log: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic-sil2100-ubuntu-image-ci-deps/bionic/amd64/u/ubuntu-image/20191219_124506_43ed7@/log.gz [13:06] sil2100: i run specific tests only, the whole suite never completed on my system [13:16] mborzecki: could you address those pep8 errors and re-push? [13:16] sil2100: sure, will do [13:18] Thanks! === ricab is now known as ricab|lunch [13:29] sil2100: pushed [13:34] mvo: have you seen something like this: https://paste.ubuntu.com/p/YcrWJxsK5d/ [13:35] mvo: that's core18 snapd failover, maybe systemd doesn't like that much when a service changes it's own unit file [13:57] mborzecki: uh, haven't seen this one [13:58] mvo: i can reproduce it locally [13:58] mvo: https://paste.ubuntu.com/p/y2SWwD38rF/ [13:59] mborzecki: uh, so we need a new strategy for this it seems [13:59] mborzecki: that's unfortunate [14:39] mborzecki, ijohnson: hey, note, I'm just passing through in the forum (I'm on holiday). fyi since I responded to a couple of topics you responded to [14:40] jdstrand: thanks! [14:40] jdstrand: fyi, that library has setuid set [14:40] mborzecki: yeah, that sounds a bit scary. wonder if it was copy and waste somewhere... [14:41] mborzecki: it could also be an overly ambitious postinst script. grepping /var/lib/dpkg/info/* for the lib might provide a clue [14:44] jdstrand: no happy postinst script, but found this in lintian/overrides: https://paste.ubuntu.com/p/k5Zprvx92V/ [14:45] jdstrand: and there are hooks that setup LD_PRELOAD in Xsession.d :/ [14:45] mborzecki: that sounds terrible [14:46] mborzecki: what is shipping that? [14:47] jdstrand: https://launchpad.net/ubuntu/+source/gtk3-nocsd [14:47] mborzecki: look at all the lintian overrides. that is a terrible hack === ricab|lunch is now known as ricab [14:48] mborzecki: I would never want arbitrary library for my setuid binaries. ping, snap-confine, nothing [14:50] mborzecki: that has to be against policy. if it isn't, it should be. at best, the packaging should put something in place that allows the user to configure setting the setuid bit, with appropriate warnings [14:51] mborzecki: but not by default [14:51] jdstrand: i can file a bug about it, or would you prefer to do it and include some security perspective? [14:52] mborzecki: perhaps you can file a public security bug that just describes the problem wrt snap-confine, along with the lintian bits. then a member of our team will look at it [14:52] jdstrand: ok [14:53] it's a little more than I want to chase down while on holiday :) either a member of the team will act on it or it will be in my inbox nagging me to do something about it :) [15:06] jdstrand: filed: https://bugs.launchpad.net/ubuntu/+source/gtk3-nocsd/+bug/1857022 [15:06] Bug #1857022: gtk3-nocsd preloads a setuid library [15:08] mborzecki: thanks! [15:08] jdstrand: np [15:26] ctOS: wayland or X? [15:45] mvo, https://paste.ubuntu.com/p/h8t4vMYfWv/ [15:47] mvo, dd: writing '/dev/sda': No space left on device [15:48] this is failing [15:59] mvo, trying with a metter instance now [16:02] PR snapd#7946 opened: tests: fix partition creation test [16:05] cachio: it was not the problem I thought it was, it was something much simpler [16:05] cmatsuoka, yes I saw that [16:05] I gave +1 already [16:05] thanks! [16:22] mvo, well, with more disk I got this error https://paste.ubuntu.com/p/XYxQpCNKK4/ [16:22] mvo, it is needed a change in the spread.yaml [16:22] https://paste.ubuntu.com/p/P6tbMRpxMs/ [16:23] it is needed more storage [16:25] mvo, just changing the storage it seems to work until console conf [16:26] mvo, this is the full log: https://paste.ubuntu.com/p/3bCZx6dDrw/ [16:48] cachio: in a meeting, will get back to you [16:55] cachio: I wasn't completely wrong, after fixing that trivial problem the other one appears, so I'm fixing the other as well [16:55] s/fixing/adding a workaround for/ [17:01] cachio: the full log looks kind of ok, I mean, it looks like it going into run mode eventually, [17:01] cachio: like e.g. [ 32.825784] audit: type=1400 audit(1576772640.792:12): apparmor="STATUS" operation="profile_load" profile="unconfined" name="snap.pc.hook.configure" pid=1585 comm="apparmor_parser" in line 4107 [17:01] cachio: but I guess you don't get a connection to this? [17:03] mvo, hey [17:03] I can access to the console [17:03] mvo, I just triggered a new run [17:06] cachio: ok, if you have access to a debug console (you can e.g. add "systemd.debug-shell=1" in the grub commandline. then it would be nice to see the output of "snap changes" or journalctl -u snapd-seeding or snapd [17:09] mvo, sure [17:22] mvo, is it any way to scape from console-conf? [17:22] escape [17:23] cachio: I think not right now - but you should be able ssh into the instance [17:26] mvo, it does not allow me to ssh [17:27] mvo, which user/pass should I use? [17:27] I tried with root and didn't work [17:30] test user nither [17:30] neither [17:41] cachio: meh, ok [17:41] trying again [17:49] kenvandine: x [18:17] PR snapd#7946 closed: tests: fix partition creation test [18:43] bbin30min === ijohnson is now known as ijohnson|lunch [19:38] * cachio afk [20:43] * cachio afk === heather is now known as hellsworth === ijohnson|lunch is now known as ijohnson [23:12] PR snapd#7947 opened: boot/many: support new UC20 style kernel extraction [23:16] have a nice holiday break everyone! === ijohnson is now known as ijohnson|EOY