[02:52] PR snapcraft#2909 closed: elf: search for host libraries within search paths [06:07] morning [06:40] driving kids to school, back in 30 [07:09] re [07:55] pstolowski: hey [07:55] mornings [07:56] PR snapd#8090 closed: randutil,o/snapstate,-mkauthors.sh: follow ups to randutil introduction [08:21] mvo: hey [08:21] hey mborzecki [08:37] Still sick. Lucy has 39C all evening. Today somewhat better but we are all still out :/ [08:37] I filed paperwork for yesterday till tomorrow [08:37] Fingers crossed it passes [08:38] zyga: I got it now too [08:40] our tests seem to ger red easily again [08:40] Specific test or all over? [08:44] hm, I see failures in the se-linux-clean test [08:47] mvo: meh cannot find any Google image matching "ubuntu-2004-64-uefi-enabled" [08:47] mborzecki: booo :( [08:47] mvo: which PR? [08:48] mborzecki: https://travis-ci.org/snapcore/snapd/builds/645891245?utm_source=github_status&utm_medium=notification [08:48] - google:fedora-30-64:tests/main/selinux-clean [08:48] - google:fedora-31-64:tests/main/selinux-clean [08:48] mborzecki: did you the notes by Ian [08:48] he worked on someting based on a snap [08:48] pedronis: i'm looking into it already ;) [08:49] mborzecki: what should we do about #7414 ? [08:49] PR #7414: tests: keep track of installed packages and restore the state after the test [08:50] it seems there are request to merge something with *-tool but the tool it mentions don't even exists in master [08:50] pedronis: needs reviews, there were some comments about a distro-tool from zyga but i'm not sure we want another *-tool for that, and it's more effort to write one [08:51] I have mixed feelings about *-tool because quite a few seem to have just one action, so beind called -tool seems obfuscating a bit [09:09] https://forum.snapcraft.io/t/snap-is-updating-off-schedule/15323/2 is interesting - any idea why it might trigger off time [09:25] we need to investigate, that code is very organic [09:25] zyga: two thins we could do, make the log message about the next refresh time be 'info' rather than 'debug', and actually log why refresh is triggered (i.e. by timer, by user request etc.) [09:26] heh objcopy --update-section corrupts the initrd :/ [09:31] * zyga tries to get some sleep [09:31] Have a good day guys [09:31] pedronis: hi, Ian found a problem with snap disconnect --forget if only a single arg is given; my implementation of resolvedisconnect over conns is not sufficient, the one from repo is smarter. i need to enhance my variant of resolve - unless we want to require both plug & slot to be passed with --forget. wdyt? [09:32] pstolowski: they should behave the same [09:32] but it also sounds that repo code is confusing [09:33] pstolowski: is there something we can improve overall? [09:33] pstolowski: my worry here is to have to write clever/confusing code twice as well [09:34] pstolowski: do you want to chat quickly on this? [09:36] pedronis: yes let's chat [09:37] pedronis: standup ho? [09:37] yes, one sec [10:23] can snapcraft build a snap with base: core20 in multipass? [10:25] mvo: sorry for my comment, I will ignore 8085 until you tell me to look again [10:31] pedronis: my bad, sorry! I pused last night but it was not ready [10:32] pedronis: I should have marked that in the PR [11:24] Bug #1862007 opened: 'aws-iot-greengrass' snap fails to start due to apparmor [11:37] mvo: do you understand this bug: https://bugs.launchpad.net/snapd/+bug/1861901 ? is it a misdetection of the change of base? [11:37] Bug #1861901: Refreshing a snap using core18 to one using core16 confuses the snap apps [11:42] pedronis: yes [11:45] zyga: should I assign it to you, then? [11:45] pedronis: reproduced, there's a mis-detection [11:48] Bug #1862007 changed: 'aws-iot-greengrass' snap fails to start due to apparmor deny on mounting of "/proc/latency_stats". [interface/greengrass-support] [11:50] pedronis: updated the bug [11:51] pedronis: I'll look, it should not be happening [11:51] pedronis: I can look while lucy is sleeping [11:53] thanks pedronis and zyga [11:57] diagnosed, updated the bug as well [12:05] mvo: while the TODO fix is still hard we now have an easy way out [12:06] mvo: I believe this is sufficient to resolve this [12:06] https://www.irccloud.com/pastebin/llLwEMeL/ [12:06] I'll add a spread test first, curious why the existing one doesn't spot this [12:07] PR snapd#8091 opened: Bug #1862007: 'aws-iot-greengrass' snap fails to start due to apparmo… [12:07] perhaps it is a result of our core test setup and repacking [12:25] pedronis, mvo: wrote a regression test, started and going to check on lucy [12:38] pstolowski: reviewed 7705, some final comments, also it conflicts ATM [12:38] pedronis: ah, thanks [12:38] PR snapd#8092 opened: timeutil: add a unit test case for trivial schedule [12:46] cachio: hi [12:46] mborzecki, hi [12:46] cachio: can you create a 20.04 uefi enabled image for use in core-20 tests? right not we're using 18.04 but need to pull in some updated packages [12:47] mborzecki, we already have this ubuntu-2004-64-virt-uefi-enabled [12:47] do you need a pr ? [12:47] or you need it in a pr? [12:47] no that's fine i can set it locally and check whether the code works [12:47] that you are already coding [12:54] cachio: yay, and it works, thanks! [12:55] mborzecki, yaw [13:20] * zyga gets back to bed [13:20] PR snapd#8093 opened: cmd/snap-confine: detect base transitions on core16 [13:20] pedronis, mvo: ^ [13:20] mvo: I marked this as aiming at 2.44 [13:20] mvo: but feel free to retarget [13:57] mborzecki: so are you still going to use the ubuntu-core-initramfs snap I made or is the plan still to use your manual object manipulation unpacking/repacking ? [13:59] zyga: thank you === ricab is now known as ricab|lunch [14:26] https://www.irccloud.com/pastebin/cBgVrHKy/ [14:27] mvo: ^ [14:32] cachio: can you point me to the logs with the link-snap problem? [14:32] https://paste.ubuntu.com/p/TYVdsbbCQm/ [14:32] mborzecki: I merged your PR to ubuntu-core-initramfs-snap and it's been released on edge now [14:33] cachio: #8046 is ready for re-view if you have some time [14:33] PR #8046: many, tests: integrate all preseed bits and add spread tests [14:33] https://paste.ubuntu.com/p/sPZCNnXMcr/ [14:33] mborzecki, I already have a debug session here [14:33] ijohnson: cool, thanks [14:33] mborzecki, if you need any other info just ping me [14:33] pstolowski, nice, I'll take a look [14:34] zyga: importing internal yield an error for me [14:34] mvo: my point was the docstring, not the code, the code is used internally anyway [14:36] zyga: aha, I see [14:38] cachio: can you paste the contents of /var/lib/snapd/sequence/snapd.json? [14:38] ijohnson: trying with `rm -rf firmware/*` xD [14:41] mborzecki: :-) good luck! [14:41] Hi, does anybody has an idea, how to push/delete an git tag on github. With the name of "refs/heads/master" ? [14:42] mborzecki, {"sequence":[{"name":"snapd","snap-id":"PMrrV4ml8uWuEUDBT8dSGnKUYbevVhc4","revision":"6240","channel":"beta"}],"current":"6240"} [14:42] To delete other git tags, on remote git, was no problem... [14:45] Not sure, how i could create a tag with this name ... "refs/heads/master" [14:46] https://github.com/sd-hd/termite-snap/tree/refs/heads/master [14:49] sdhd-sascha: git push --delete refs/tags/refs/heads/master [14:50] jdstrand: yay, tools 20200203-1915UTC are now in production in the store [14:50] remote name might be "origin", dunno, depends how your local tree is set up [14:50] roadmr: thanks! :) [14:51] cjwatson: thank you :-) seems to work [14:51] PR snapd#8094 opened: tests: repack thethe initramfs + kernel snap for UC20 spread tests [14:52] ijohnson: opened to #8094 to see if it makes a difference, something must start t work at some point :) [14:52] PR #8094: tests: repack thethe initramfs + kernel snap for UC20 spread tests [14:52] ijohnson: it'd be better to make 8069 work though [14:53] mborzecki: did that get you a booting image on gce though? [14:53] or is this just to try [14:53] ijohnson: it's still running here [14:53] mborzecki: ah [14:54] it'd be nice to just go with the necessary modules, drop the rest and depmod to make sure what's left is consistent [15:04] oh also mborzecki re: building core20 snaps, snapcraft doesn't support it right now unfortunately [15:04] ijohnson: so the image boots and seeds fine without firmware locally under qemu [15:04] ijohnson: figured, i built eventually in 20.04 vm with --provider=host --destructive-sthsth [15:05] what I do is a bit tricky is `lxc launch ubuntu-daily:20.04 snapcraft-$SNAP_NAME` and then on your host do `snapcraft --use-lxd` and snapcraft will bootstrap the lxc container but still fail somewhere, but then your host tree is mounted inside the container and you can modify stuff on the host and build within the container with just `lxc exec snapcraft-$SNAP_NAME cd project && snapcraft --destructive-mode` [15:06] ijohnson: heh, spread timeout, maybe it's seeding that long after all [15:07] mborzecki: hmm can you try changing the timeout? spread should be able to ssh into it even if seeding fails IIUC [15:07] ijohnson: removing firmware makes the time from `Preparing google:ubuntu-core-20-64` to rebooting go down from 13minutes to just under 7 minutes [15:07] wow nice! [15:10] mborzecki: #7588 is the PR I mentioned that needs a 2nd review [15:10] PR #7588: cmd/snap: add a "snap routine portal-info" command [15:11] pedronis: cool, thanks [15:16] cachio: is there a way to see the console when we reboot on gce via spread ? i.e. see early boot messages and the like before the machine is available via SSH [15:21] ijohnson, yes === ricab|lunch is now known as ricab [15:26] ijohnson: hm got the kernel snap down to 29MB, still booting and seeding [15:27] cachio: about that failure, it looks like this failed while installing snapd for the first time [15:27] cachio: was it past seeding? [15:32] mborzecki, you mean snapd snap could not be installed correctly initially? [15:33] mborzecki, should wait until snapd is fully seeded to run the tests? [15:34] mborzecki: nice, I'm looking at your spread run for that new PR, cachio got me logs, doesn't look like it's tried to reboot yet [15:46] cachio: can you access the console of feb051525-057526 node? [15:47] mborzecki, yes [15:48] mbI am already connected [15:48] mborzecki, I am already connected [15:48] cachio: to the device? [15:48] mborzecki, yes [15:48] I see -> flash-all-snaps [15:49] in the menu [15:49] grub version 2.04 [15:50] cachio: screenshot? [15:51] mborzecki, sent [15:51] check telegram :) [15:53] mborzecki: I noticed this in the console after it tries to reboot: `error: file '/vmlinuz' not found.` [15:54] why would it be trying to boot /vmlinuz ? [15:55] cachio: do you know if gce uefi first boots it's own grub then chainloads to our grub? [15:56] hmmmm unexpected, and flash-all-snaps? [15:56] ijohnson, no idea [15:56] yeah I dunno what this flash-all-snaps is [15:56] is it using the right gadget? [15:56] ahhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhh [15:56] it's mvo's fault :-) [15:57] the reflash magic script has a miny grub.cfg that tries to load /vmlinuz but that's not there now [15:57] see line 793ish of prepare.sh [15:57] :) [15:58] hmm I wonder what the right thing to do now then is [15:58] pffff [15:58] hmmmmm we coudl do soemthing weird [15:59] like pivot to a tmpfs rootfs, wipe and reboot? [15:59] I think all we need to do is probably just to change the linux and initrd parameters for uc20 in that mini grub.cfg [16:02] * cachio lunch [16:03] ijohnson: re test-snapd-ubun [16:03] meh [16:03] ijohnson: re test-snapd-ubuntu-core-initramfs: wouldn't kernel-module-observe be sufficient for reading kernel modules? [16:04] ijohnson: oh, fun! [16:04] ijohnson: nice catch [16:05] jdstrand: well so the snap doesn't actually need to read the system's kernel modules, I think it will most of the time be reading modules that are put somewhere in $HOME, etc. because it's a dev tool used on already assembled kernel snaps, but the denial I was seeing was from using depmod or some other tool which wanted to read some things from the host system [16:06] jdstrand: I did add a layout for one thing that it was trying to read so it read the thing I wanted it to and not the host system's, so perhaps that should be done for the other access as well and then it doesn't need hardware-observe [16:06] PR snapcraft#2875 closed: split debug information [16:06] PR snapcraft#2910 opened: [experimental] debug splitting [16:06] jdstrand: but this is just a test snap to try and unblock uc20 spread testing, but there is a longer term plan on what to do with the ubuntu-core-initramfs snap from xnox and foundations, so perhaps they would be better suited to answer whether kernel-module-observe makes sense for that snap [16:07] mvo: :-) yes it all makes sense now [16:07] ijohnson: what is the denial that you saw that made you want to use hardware-observe? the justification in the forum was "This package requires access to reading kernel modules on the system". That is what kernel-module-observe is for [16:08] ijohnson: I'm prepared to grant the request immediately. I just want to know if there is a bug in the kernel-module-observe interface [16:08] jdstrand: tbh I don't remember, something that was only found in hardware-observe like /etc/modprobe.d maybe ? [16:08] ijohnson: i'm leaving for a meetup, can you push the update to both PRs? [16:08] ijohnson: that is in kernel-module-observe [16:08] mborzecki: yes I'll sort out what to do about that when I figure out the right thing to do [16:09] ijohnson: got some tweaks that drop firmware and modules if you want to try that https://paste.ubuntu.com/p/zmBfpZYWNs/, prepare -> reboot takes 4 minutes now [16:09] ijohnson: I'm willing to fast track this, but it puts me in an awkward position that the justification is for something that is supposed to be handled by another interface [16:10] jdstrand: it's entirely possible that I went searching for an interface that unblocked the snap and just found hardware-observe first and went with that [16:10] jdstrand: if you'd rather I use kernel-module-observe I can do that instead [16:11] ijohnson: please do and I'll grant it. I'll comment in the topic. if you need something more, post in the topic and we can go from there (allowing auto-connect of hardware-observe if needed until the bug is fixed) [16:12] jdstrand: one more wrinkle that perhaps you'd rather deal with now, is that I named the snap test-snapd-ubuntu-core-initramfs because ubuntu-core-initramfs is reserved, and I just wanted to get it working ASAP and so didn't go through the process of requesing that name, would you rather we try to go through that process before granting kernel-module-observe instead? [16:13] ijohnson: I don't have a problem with the name [16:13] jdstrand: ok give me a few minutes to re-build the snap, not sure if upload to the store will get blocked on kernel-module-observe or not [16:13] ijohnson: I'll unblock you. if you end up renaming it for your own reasons, just ping me [16:14] ijohnson: it won't [16:14] (it isn't superprivileged) [16:14] jdstrand: thanks [16:14] ijohnson: but you also now have auto-connect [16:16] jdstrand: alright it's building somewhere up in the clouds now and should be released shortly, I guess the declaration doesn't need a revision uploaded with that plug in order to be granted then? [16:16] ijohnson: nope [16:16] cool [16:18] PR snapd#7490 closed: interfaces/app-launch: support confined snaps launching other snaps [16:19] cachio: what's the status of #7983 [16:19] PR #7983: tests: adding more tests to core20 test suite [16:22] pedronis, needs reviews [16:22] I already answer the questions on that one [16:48] pstolowski: do I need to review #8046 before #7705 or vice versa? [16:48] PR #8046: many, tests: integrate all preseed bits and add spread tests [16:48] PR #7705: o/devicestate: handle preseed in firstboot [16:48] not sure which PR I should start with [16:48] ijohnson: #7705 first [16:48] pstolowski: ack thanks [16:48] thank you! [17:24] mvo: should I re-review 8085, or is not ready yet? skimming it still looks disaligned from udevmonitor [17:27] pedronis: it's still a bit disalinged my feeling is that udevmonitor could be simplified but maybe worth a look, then you can tell me what I missed in 8085 :) [17:28] pedronis: what I mean is that if 8085 looks reaonable I could simplify udevmonitor [17:30] mvo: I made some comments in 8085 [17:30] feel free to counter-comment, though the point on Stop waiting is kind what we always do [17:33] mvo: actually I'm quite confused by the new code === ijohnson is now known as ijohnson|lunch [17:51] mvo: I added a comment that maybe helps, sorry if I was confusing before [18:13] PR snapd#8008 closed: render: add the render package and basic widgets <β›” Blocked> [18:17] mvo: did you see this comment: https://github.com/snapcore/snapd/pull/8085#discussion_r375410680 ? [18:17] PR #8085: [RFC] netutil: add default gateway monitor === ijohnson|lunch is now known as ijohnson [19:02] pedronis: thank you, having a look now [19:02] mvo: I'm trying locally, and what I have in mind doesn't quite work [19:02] pedronis: yeah, this puzzled me [19:03] pedronis: I assumed (naively) that closing the fd would stop the read [19:03] pedronis: but this does not work, hence the comment, but maybe I'm just missing something [19:04] pedronis: fwiw, it seems it's similar in C (https://gist.github.com/mvo5/902a2bedd201cf4670a630b8db4f9171) but again, I'm not at my best today so maybe it's something else. in any case, I suspect that the netlink code we already have has the same issue but we never tested for this [19:04] pedronis: (and sorry that this is a bit of a rathole :( [19:04] mvo: well, man of close kind of says not to do this (close from different thread) [19:05] pedronis: it does but it's also a bit vague. anyway, a net.FileCon solves this nicely but it's not supported for netlink sockets :( [19:06] pedronis: (AIUI net uses epoll internally so they notice the change in the fd) [19:06] pedronis: the alternative would be to use syscall.Select() on the ns.netlinkFd but that quite annoying to do in go it seems [19:06] pedronis: anyway, sorry for my rambling [19:07] mvo: why FileConn doesn't work? [19:07] pedronis: it checks internally for the type of connection, let me try to find you the code [19:07] pedronis: https://golang.org/src/net/file_unix.go?s=1840:1887 (line 42ff) [19:08] pedronis: it checks the peer and the netlink connection is syscall.SockaddrNetlink which is not covered there [19:08] pedronis: it's annoying because my testcode (the mock uses a AF_UNIX) works fine with the FileConn just not the real thing [19:33] PR snapd#8095 opened: snap-bootstrap: add tpm support [19:51] PR snapcraft#2904 closed: meta: move Snap's from_dict() system-username parsing into SystemUser [20:26] PR snapd#8096 opened: tests: skip itnerfaces-udisks on ubuntu-20.04-64 due to timing issue [21:27] PR snapcraft#2880 closed: package management repository configuration [21:30] PR snapcraft#2911 opened: [experimental] package-management repository configuration [21:59] I made a thing to work alongside jamesh's build and publish GitHub Actions: https://github.com/diddlesnaps/snapcraft-review-action