[09:36] <zyga> o/
[09:56] <sdhd-sascha> hi
[09:56] <sdhd-sascha> It would be nice, if snapd could overlay mount directories. At least read-only.
[09:57] <zyga> sdhd-sascha: as in overlayfs?
[09:57] <zyga> sdhd-sascha: hey :)
[09:57] <sdhd-sascha> E.g. mount /usr/share/fonts from snap A on snap B
[09:57] <sdhd-sascha> yes
[09:57] <sdhd-sascha> zyga: :)
[09:58] <zyga> sdhd-sascha: unfortunately we cannot use overlayfs because it doesn't support apparmor (or vice versa)
[09:58] <sdhd-sascha> zyga: What does apparmor do or not do?
[10:01] <sdhd-sascha> zyga: can't find any bug-report about overlayfs and apparmor. What's not working?
[10:02] <zyga> There are no LSM hooks in overlayfs that would make it work correctly with apparmor
[10:02] <zyga> I don’t know if there is a bug report about it but this is my understanding after discussing this topic with apparmor kernel developers
[10:03] <zyga> I just realized I am off today as well
[10:03] <zyga> I’ll make coffee and clean the kitchen a little
[10:03] <zyga> This end of year holiday is an excellent way to rest and reset
[10:04] <sdhd-sascha> :)
[10:05] <zyga> Apparmor is almost entirely path based
[10:05] <sdhd-sascha> I patched the last bug in sway-source in my repo. Now Xwayland starts inside strict sway :) The problem was, that sway want access to /dev/shm/wlroots-...
[10:05] <zyga> And overlayfs has some hooks that make it work with inode based LSMs like SELinux
[10:06] <sdhd-sascha> zyga: thank you.
[10:08] <sdhd-sascha> oh, didn't upload the current sway snapcraft.yaml, yet.
[16:36] <mup> Bug #1857358 opened: Not yet operational on Fedora systems <fedora> <Snappy:New> <https://launchpad.net/bugs/1857358>