| zyga | o/ | 09:36 |
|---|---|---|
| sdhd-sascha | hi | 09:56 |
| sdhd-sascha | It would be nice, if snapd could overlay mount directories. At least read-only. | 09:56 |
| zyga | sdhd-sascha: as in overlayfs? | 09:57 |
| zyga | sdhd-sascha: hey :) | 09:57 |
| sdhd-sascha | E.g. mount /usr/share/fonts from snap A on snap B | 09:57 |
| sdhd-sascha | yes | 09:57 |
| sdhd-sascha | zyga: :) | 09:57 |
| zyga | sdhd-sascha: unfortunately we cannot use overlayfs because it doesn't support apparmor (or vice versa) | 09:58 |
| sdhd-sascha | zyga: What does apparmor do or not do? | 09:58 |
| sdhd-sascha | zyga: can't find any bug-report about overlayfs and apparmor. What's not working? | 10:01 |
| zyga | There are no LSM hooks in overlayfs that would make it work correctly with apparmor | 10:02 |
| zyga | I don’t know if there is a bug report about it but this is my understanding after discussing this topic with apparmor kernel developers | 10:02 |
| zyga | I just realized I am off today as well | 10:03 |
| zyga | I’ll make coffee and clean the kitchen a little | 10:03 |
| zyga | This end of year holiday is an excellent way to rest and reset | 10:03 |
| sdhd-sascha | :) | 10:04 |
| zyga | Apparmor is almost entirely path based | 10:05 |
| sdhd-sascha | I patched the last bug in sway-source in my repo. Now Xwayland starts inside strict sway :) The problem was, that sway want access to /dev/shm/wlroots-... | 10:05 |
| zyga | And overlayfs has some hooks that make it work with inode based LSMs like SELinux | 10:05 |
| sdhd-sascha | zyga: thank you. | 10:06 |
| sdhd-sascha | oh, didn't upload the current sway snapcraft.yaml, yet. | 10:08 |
| mup | Bug #1857358 opened: Not yet operational on Fedora systems <fedora> <Snappy:New> <https://launchpad.net/bugs/1857358> | 16:36 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!