mupPR snapd#8809 opened: tests: fix and trim debug section in xdg-open-portal <Simple πŸ˜ƒ> <Test Robustness> <Created by zyga> <https://github.com/snapcore/snapd/pull/8809>06:11
zygasome weird failures related to snap-mgmt script06:18
zygachasing one now06:18
mupPR snapd#8799 closed: interfaces/system-packages-doc: fix typo in variable names <Simple πŸ˜ƒ> <Created by jdstrand> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/8799>06:21
mupPR snapd#8805 closed: tests: port interfaces-calendar-service to tests.session <Test Robustness> <Created by zyga> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/8805>06:21
mupPR snapd#8806 closed: tests: install/run the lzo test snap too <Simple πŸ˜ƒ> <Created by mvo5> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/8806>06:21
zygahey mvo06:22
zygamvo: note: please don't merge the retry PR as it needs updates now06:22
mborzeckizyga: mvo: hey06:24
mvozyga: hey06:25
mvozyga: can you mark it blocked please?06:26
mvomborzecki: good morning06:26
mupPR snapd#8792 closed: interfaces: miscellanious policy updates xlv <Created by jdstrand> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/8792>06:26
mupPR snapd#8793 closed: interfaces: miscellanious policy updates xlv - 2.45 <Created by jdstrand> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/8793>06:26
mborzeckiwow, 74 PRs, it was lower 60s yesterday06:26
mupPR snapd#8788 closed: cmd/snap-confine: add support for libc6-lse <Bug> <Needs security review> <Squash-merge> <Created by zyga> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/8788>06:31
mupPR snapd#8801 closed: vendor: update to latest github.com/snapcore/bolt for riscv64 <Created by mvo5> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/8801>06:31
zyga+ snap install --channel=edge core2006:33
zygaerror: too early for operation, device not yet seeded or device model not acknowledged06:33
zygathis is from https://github.com/snapcore/snapd/pull/8798/checks?check_run_id=73468115206:33
mupPR #8798: data/selinux: allow checking /var/cache/app-info <Simple πŸ˜ƒ> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/8798>06:33
zygamissing wait in our code somewhere?06:33
mvomborzecki: 8798 has some failures in centos, looks like related to the diff?06:33
mborzeckizyga: yes, apaprently the centos 7 policy is quite old06:33
mborzeckiwell entirely unexpected, but it's missing the interface, hope it has the right types at least06:34
mupPR snapd#8778 closed: tests: modernize and use snapd.tool <Created by zyga> <Merged by zyga> <https://github.com/snapcore/snapd/pull/8778>07:12
mborzeckizyga: heh, so there's something about optional_policy() i don't understand, maybe #fedora-selinux folks can help07:19
pedroniszyga: hi, you could also add a retry-tool symlink to 8796 with no spread and land it, and do another one to fix the other tests and remove the symlink later07:20
zygapedronis: good idea, I'll do that07:20
ograhmm, it is really hard to get the available disk space from a snap on core ... seems /writable is nowhere to be seen from inside the snap07:24
ograand the size of /var/lib/snapd/hostfs is the size of / ... which is the core snap07:25
zygaogra: I replied to something similar from a customer before, one simple way is to check the size of $SNAP_DATA and $SNAP_USER_DATA07:25
zygaas in statfs07:25
ograoh, i actually remember that discussion, hah07:25
ograthanks !!07:25
ograroot@pi4πŸ˜•home/ogra# df -h $SNAP_DATA07:26
ograFilesystem      Size  Used Avail Use% Mounted on07:26
ogra/dev/sda1       458G   68G  367G  16% /var/snap07:26
ograyeah, that works fine07:26
ogra(looks like hexchats emoji pligun needs fixing too ...)07:28
zygacurious failures07:35
zygaI've seen this many times today07:37
zygamust be something recently introduced07:37
zygahmm hmm h07:38
pedroniswould be good to know what is in there that makes it non-empty07:43
pedronisit would give us a clue07:43
pedroniswhat system is that on?07:44
mborzeckididn't we have a find/ls -l /var/lib/snapd/ in the spread.yaml level debug section?07:51
pedronisnot atm afaict07:53
zygapedronis: it seems it was one of the first things this test did07:57
zygait was still preparing the suite07:57
zygaI'll add a debug section to this07:57
zygaback from random power failure on x240 :(07:57
zygaI tried reproducing it with seed but failed twice07:58
zygaso it may not be test related but another kind of race that is just inside the system07:58
zyga.... and I know that holding my x240 close to the right side of the hinge shuts it down instantly08:00
zygasome cable is getting pinched?08:01
zyganot the best moment for this08:01
mupPR snapd#8809 closed: tests: fix and trim debug section in xdg-open-portal <Simple πŸ˜ƒ> <Test Robustness> <Created by zyga> <Merged by zyga> <https://github.com/snapcore/snapd/pull/8809>08:12
mupPR snapd#8810 opened: spread.yaml: show /var/lib/snapd in debug <Test Robustness> <Created by zyga> <https://github.com/snapcore/snapd/pull/8810>08:37
zygano luck reproducing locally, I opened a PR to see if that has more luck08:38
zygawe're not lucky today08:46
zygacheck out this *unit test* failure08:46
zygaFAIL: cmd_export_key_test.go:60: SnapKeysSuite.TestExportKeyAccount08:46
zyga    c.Assert(err, IsNil)08:46
zyga... value *errors.errorString = &errors.errorString{s:"/usr/bin/gpg2 --batch --list-secret-keys --fingerprint --with-colons --fixed-list-mode failed: exit status 2 (\"gpg: starting migration from earlier GnuPG versions\\ngpg: can't connect to the agent: IPC connect call failed\\ngpg: error: GnuPG agent unusable. Please check that a GnuPG agent can be started.\\ngpg: migration aborted\\n\")"} ("/usr/bin/gpg2 --batch08:46
zyga--list-secret-keys --fingerprint --with-colons --fixed-list-mode failed: exit status 2 (\"gpg: starting migration from earlier GnuPG versions\\ngpg: can't connect to the agent: IPC connect call failed\\ngpg: error: GnuPG agent unusable. Please check that a GnuPG agent can be started.\\ngpg: migration aborted\\n\")")08:46
zygaperhaps we should do something about ~/.gnupg in github actions startup08:47
zygaor perhaps we should mock gpg entirely and only test it in spread tests08:48
zygamvo, pedronis: ^ any preference?08:48
mvozyga: in a meeting08:50
mupPR snapd#8796 closed: tests: modernize retry tool <Created by zyga> <Merged by zyga> <https://github.com/snapcore/snapd/pull/8796>08:57
zyga"too early for operation" *after* waiting for seeding https://www.irccloud.com/pastebin/faUH8YSh/08:59
pedroniszyga: don't we have code to make sure we shutdown the agent?09:01
zygapedronis: this is during the go test ./... phase in github action itself, not in spread09:02
zygapedronis: it seems the image we are running on top of, needs to perform the migration09:02
zyga(2nd topic: this failure occurred in prepare.sh:66409:03
zygawhich is weird, because there's clearly a "snap wait system seed.loaded" above09:03
pedroniszyga: I see, sounds like we need to wait for something gpg related then in the action. I think we have code in the spread stuff related to that09:07
zygapedronis: I'll look around09:07
zygapedronis: the wait thing is more mysterious, it suggests there's a bug in snapd09:07
pedronispstolowski: seems there's a real unit test error on 14.04 in core 20 defaults PR09:28
pstolowskipedronis: looking09:29
pstolowskihmm interesting09:31
pstolowskiwill investigate in a sec09:31
mupPR snapd#8795 closed: cmd/snap-bootstrap/initramfs-mounts: also copy systemd clock + netplan files <UC20> <Created by anonymouse64> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/8795>09:32
mupPR snapd#8797 closed: snap/naming: add helpers to parse app and hook security tags <Created by zyga> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/8797>09:32
mupPR snapd#8807 closed: Revert "Enable riscv64 builds in the edge PPA without PIE" <Created by xnox> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/8807>09:32
zygathanks mvo!09:32
zygaI will have more cgroup patches shortly09:34
=== joc_ is now known as joc
zygapstolowski: the preseed-lxd test has a small bug, I'll send a patch shortly10:12
mborzeckiehh, selinux is so arcane10:13
pstolowskizyga: thanks10:13
mborzecki2h+ of fighting with selinux policy, optional_policy(), ifndef(), m4 and make10:13
mborzecki#8798 is a trivial fix but making it work on all distros we built it on, with the limitations of how kernel policy files are compiles is a pita10:15
mupPR #8798: data/selinux: allow checking /var/cache/app-info <Simple πŸ˜ƒ> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/8798>10:15
zygapstolowski: https://github.com/snapcore/snapd/pull/881110:18
mupPR #8811: tests: autoremove after removing lxd in preseed-lxd test <Test Robustness> <Created by zyga> <https://github.com/snapcore/snapd/pull/8811>10:18
* zyga break, need to try to move a little 10:18
pstolowskizyga: thank you! i think i saw this once when working on this test and running entire testsuite, then it couldn't reproduce10:20
mupPR snapd#8811 opened: tests: autoremove after removing lxd in preseed-lxd test <Test Robustness> <Created by zyga> <https://github.com/snapcore/snapd/pull/8811>10:22
pstolowskipedronis: pushed a fix to #8567, it was missing mocking for systemctl10:26
mupPR #8567: o/devicestate: core20 early config from gadget defaults <UC20> <Created by stolowski> <https://github.com/snapcore/snapd/pull/8567>10:26
mborzeckiso what's the policy of adding snaps under tests/lib/snaps vs under the test directory?10:30
mborzeckithere's test-snapd-sh in tests/lib/snaps and another one under tests/main/interfaces-appstream-metadata10:30
mborzeckioh and there's one in the store too10:32
zygamborzecki: IIRC the current preference is to not share snaps if they are really specific to a test10:33
zygayou can create a shared snap if you think it makes sense to do so10:33
zygasharing snaps is problematic because we had a pattern of sharing and then changing the snap10:33
zygathat had unexpected consequences10:33
zygaI have a feeling we could unshare an number of snaps10:34
zygaand then be left with a small pool of really shared snaps10:34
zygathat have well defined semantics10:34
pedronislikely yes, but probably not a good time for that change, we don't have even a good story how we mantain those snaps10:37
zygainteresting, there's also a subset that is in the store10:40
zygathat are there for assertions10:40
zygayeah, it's a bit messy, my recommendation is not to make it worse :)10:40
zygamvo: question on https://github.com/snapcore/snapd/pull/8804#discussion_r43515515910:42
mupPR #8804: tests: port xdg-settings test to tests.session <Test Robustness> <Created by zyga> <https://github.com/snapcore/snapd/pull/8804>10:42
mvozyga: replied10:45
mupPR snapd#8785 closed: sandbox/cgroup: move FreezerCgroupDir from dirs.go <Created by zyga> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/8785>10:53
mupPR snapd#8790 closed: tests: update the file used to detect the boot path on uc20 <Created by sergiocazzolato> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/8790>10:53
mupPR snapd#8810 closed: spread.yaml: show /var/lib/snapd in debug <Test Robustness> <Created by zyga> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/8810>10:53
zygaplease alert me if tests fail on dpkg10:53
zygawe might find out what was there now10:53
mborzeckiheh, shellcheck complains about tests/main/lxd https://paste.ubuntu.com/p/6pzGfwKC2n/11:01
mborzeckimvo: zyga: i've updated https://github.com/snapcore/snapd/pull/8798 since you reviewed it before, please take another look11:08
mupPR #8798: data/selinux: allow checking /var/cache/app-info <Simple πŸ˜ƒ> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/8798>11:08
mborzeckiit'd still be nice to get it into 2.45.111:09
mborzeckiok, back to review11:10
zygamborzecki: do you need the optional_policy now that you have the ifdef?11:10
mborzeckizyga: in theory it's nth11:10
mborzeckinice to have, i should probably take a look at other interface uses and wrap them as well11:11
zygamborzecki: what is the rename? github truncates things11:12
zygaah, I see it in a tooltip11:12
mborzeckitest-snapd-sh -> test-snapd-appstream-metadata11:13
zygaCould you update the snap to have less apps and the "sh" app actually holds the interface you want11:14
zygaotherwise it's a bit weird11:14
zygaor is it the only app there?11:14
zygait's kind of verbose for no good reason saying the same thing twice11:14
mborzeckilike test-snapd-apptream-metadata.sh?11:15
zygapersonal preference, if you like it11:15
zygaok, I need to take a break11:17
zygatry to move around a little11:17
mborzeckiEighth_Doctor: about the label https://paste.ubuntu.com/p/ZyzpPrZDHx/ unless it's owned by multiple packages, but not sure to make rpm query to show that11:17
zyganext up more cgroup branches11:17
zygaplease remember to merge master and report test failures11:17
Eighth_Doctormborzecki: rpm -qf /var/cache/app-info11:17
zygaif claudio asks: I did *not* deploy spread upgrade yet, because we had a backlog of tests to run through and I wanted to avoid interruptions, since everything is back to normal now I will do it tonight11:18
Eighth_Doctoroffhand, appstream and PackageKit own that too11:18
mborzeckiEighth_Doctor: it shown only packagekit,11:18
Eighth_Doctorand actually... fwupd does not own that directory11:18
Eighth_DoctorI love SELinux, but god damn it11:18
zygasome humor in grim days11:19
* zyga afk11:19
mborzeckiEighth_Doctor: feels like there should be a separate label, appstream_cache_t or somesuch11:20
mborzeckiEighth_Doctor: also, the file contexts are defined in fwupd policy module :P11:20
Eighth_Doctorthat's definitely a bug11:21
Eighth_Doctorthe label is wrong, and the ownership is broken11:21
mborzeckiEighth_Doctor: filed https://bugzilla.redhat.com/show_bug.cgi?id=184388111:29
mborzeckiEighth_Doctor: notice how /var/cache/fwupd inherits var_t :P11:30
mupPR snapd#8591 closed: secboot,cmd/snap-bootstrap: add tpm sealing support to secboot <Needs Samuele review> <UC20> <Created by cmatsuoka> <Merged by cmatsuoka> <https://github.com/snapcore/snapd/pull/8591>11:33
mupPR snapd#8812 opened: o/snapstate: service-control task handler (4/N) <Needs Samuele review> <Services βš™οΈ> <Created by stolowski> <https://github.com/snapcore/snapd/pull/8812>11:33
mborzeckiyay sealing landed11:33
mborzeckiwonder it'd be possible to chop #8340 into smaller bits11:34
mupPR #8340: boot, snap-bootstrap: move initramfs-mounts logic to boot pkg <UC20> <Created by anonymouse64> <https://github.com/snapcore/snapd/pull/8340>11:34
mupPR snapd#8813 opened: gadget,cmd/snap-bootstrap: move partitioning to gadget <UC20> <Created by cmatsuoka> <https://github.com/snapcore/snapd/pull/8813>11:48
mupPR snapd#8811 closed: tests: autoremove after removing lxd in preseed-lxd test <Test Robustness> <Created by zyga> <Merged by zyga> <https://github.com/snapcore/snapd/pull/8811>12:23
=== Ps1-Jack is now known as Psi-Jack
zygaI'm seeing some network woes in gce12:50
zygaboth on snap install/download and apt install12:50
zyga- Download snap "test-snapd-dbus-provider" (6) from channel "beta" (Get https://canonical-bos01.cdn.snapcraft.io/download-origin/canonical-lgw01/vnDT8UYR44P8qyBwRSiXHHCoaoq9pz9z_6.snap?token=1591286400_c8896515d76222f533efc97384292fa6e4826cc6: dial tcp connect: connection timed out)12:53
zygareported internally12:55
zygainteractively I cannot install any snap from the store, from GCE12:55
zygahttps://github.com/snapcore/snapd/pull/7825/files is now at sub 2K additions,13:12
mupPR #7825: many: use transient scope for tracking apps and hooks <Needs security review> <Security-High> <Created by zyga> <https://github.com/snapcore/snapd/pull/7825>13:12
zygaI will trim it some more soon13:12
clmsyhi everyone13:21
clmsyi just build the core16 image use to flash some devices for test purposes13:21
clmsybut something is wrong13:21
clmsysnap list returns an empty list13:21
clmsyunder /var/lib/snapd/seed/snaps/  all snaps are here but they are not installed13:22
clmsysnap warnings say that seeding failed with assertion is signed with expired public key13:22
clmsyit says go here check it out https://forum.snapcraft.io/t/incorrect-seed-yaml-for-some-system/1634113:22
clmsythe mv command tells me to move the whole folder that includes snaps as well13:23
clmsythis does not make that much sense to me13:23
clmsydoes the topic owner meant move the seed.yaml file or something13:23
zygaclmsy: that topic was about a bug in some seeds that were produced in development releases13:25
zygahow are you building your uc16 image?13:25
zygathe instructions there are correct13:25
zygaI think we need to understand what is wrong in your case13:25
clmsyi have a kernel snap and a gadget snap based on core16 and i bundle them together with ubuntu-image tool13:27
clmsyi can confirm this has worked multiple times before13:27
clmsybut today i get this message:13:28
clmsy"no matching public key "BWDE***********redacted" for signature by "canonical"13:28
zygais the key in the image?13:28
zyganot sure, maybe some new bug13:28
clmsyif i try to do snap install something it says  "too early for operation, device not yet seeded or device model not acknowledged"13:28
ograclock off ?13:29
ogra(does the device have an RTC ? does that have the correct time )13:29
clmsymaybe its time related let me double check that13:30
ograexpired key is pretty typical if your clock is completely off13:30
zygait's ironic that the message says13:31
zyga"too early for operation"13:31
* zyga small break13:33
ograhmpf ... that store outage isnt nice ... (my PRs fail with download errors in travis)13:35
* ogra considers a break too13:35
clmsyanyway yes you are correct13:39
clmsyit was clock related issue13:39
clmsywas a very new device i did not expect the date to be in 201613:39
ograheh, no problem πŸ™‚13:40
ogra(i have run into that 1000s of times already ... though usually only on RTC-less devices)13:41
clmsysame to be honest, sometimes we forget the "time" :)13:47
cachiomvo_, hey, in 2.45.1 is included the support for core.experimental.user-daemons right?13:48
cachiobecause it is affecting the tests for uc2013:48
zygaogra, clmsy: https://github.com/snapcore/snapd/pull/881414:01
mupPR #8814: sanity: check for unsynchronized real time clock <Created by zyga> <https://github.com/snapcore/snapd/pull/8814>14:01
ijohnsonhey zyga and mborzecki do you have any suggestions on how to get the machine arch on non-debian machines i.e. fedora/arch and map those to our snap arch values ?14:03
ijohnsonI was using dpkg --print-architecture, but obvs that won't work on non-debian distros14:03
mupPR snapd#8814 opened: sanity: check for unsynchronized real time clock <β›” Blocked> <Created by zyga> <https://github.com/snapcore/snapd/pull/8814>14:03
zygaijohnson: fedora uses kernel names IIRC14:05
zygaijohnson: uname -m14:05
ijohnsonzyga: you mean just `uname -m` ?14:05
zygaijohnson: would use that14:05
zygayou can map from that to debian arch names relatively easily14:05
zygaat least, it's a bound problem14:05
ijohnsonzyga: ok that's what I was thinking of doing14:06
ijohnsonzyga: do you have or know where I could find such a mapping?14:06
zygaI *think* we have a few implementations of that in the gree14:06
zygayes :)14:06
zygaone sec14:06
ijohnsonthank you14:06
zygait's a cool find from last few weeks14:06
zygait's right on your system in...14:06
zygatwo files: /usr/share/perl5/Dpkg/Arch.pm and /usr/share/dpkg/cputable14:08
zygathe former has some more logic14:08
zygathe latter is a map that will have most instant answers14:08
zygagood luck :)14:08
=== facundo__ is now known as facubatista
mborzeckihm aren't we mapping that already somewhere?14:12
zygapedronis: I think it would help if a blocked label had an accompanying comment14:12
mborzeckiijohnson: some comments in https://github.com/snapcore/snapd/pull/8340 i think we need a diagram or something to capture the whole of bootloader/initramfs/userspace snapd interaction14:16
mupPR #8340: boot, snap-bootstrap: move initramfs-mounts logic to boot pkg <UC20> <Created by anonymouse64> <https://github.com/snapcore/snapd/pull/8340>14:16
ijohnsonmborzecki: sure I can try to break it up and clarify the interaction between the interactions14:16
pedroniszyga: my hunch is that is not great idea as is, but I don't have time to think it through or formulate it right now, I don't want it to land it why I'm not paying attention14:16
mborzeckiijohnson: i mean not for this PR, but in general, maybe when we're done with the refactor14:17
zygapedronis: sure, that's fine, making such comment on the page can help when others come and look14:17
mupPR snapd#8567 closed: o/devicestate: core20 early config from gadget defaults <UC20> <Created by stolowski> <Merged by stolowski> <https://github.com/snapcore/snapd/pull/8567>14:18
pedronispstolowski: ^ great!14:21
pstolowskiijohnson: hey, do you have a moment for another look at #8780?14:22
mupPR #8780: tests: core20 early defaults spread test <Created by stolowski> <https://github.com/snapcore/snapd/pull/8780>14:22
ijohnsonpstolowski: I will try to look at it in my PM today14:22
zygamvo_: bump about https://github.com/snapcore/snapd/pull/8352 -- should I close it or do you see it as something useful and worth rebasing?15:09
mupPR #8352: wrappers: generate service files with EnsureDirState [WIP] <Created by zyga> <https://github.com/snapcore/snapd/pull/8352>15:09
* zyga EODs and goes to the doctor 15:15
mupPR snapd#8352 closed: wrappers: generate service files with EnsureDirState [WIP] <Created by zyga> <Closed by pedronis> <https://github.com/snapcore/snapd/pull/8352>15:24
=== ErichEickmeyer is now known as Eickmeyer
* cachio lunch15:52
=== verterok` is now known as verterok
=== AdmWiggin is now known as tianon
zygaback from doc16:45
zygabut afk due to pain16:45
ograun 04 17:00:34 pi4 kernel: audit: type=1400 audit(1591290034.897:477😞 apparmor="DENIED" operation="capable" profile="/snap/snapd/7779/usr/lib/snapd/snap-confine" pid=4626 comm="snap-confine" capability=4  capname="fsetid"17:02
ograthats new on my pi4 ... (freshly booted)17:02
jdstrandogra: it isn't a new thing. it was reintroduced with snap-confine refactor17:23
jdstrandogra: it is harmless but on my list to investigate17:23
ograok, i just had never noticed it ... and it shows up along with only two (expected) app denials ... that got my attention17:24
jdstrandwell, it might be new in 2.45, but I've been seeing it for a while (we used to have it and I fixed it, but then some snap-confine changes (ie, the removal of setgid stuff) added it back17:24
jdstrandogra: yes, thanks for bringing it up :)17:24
ograthe magic word was "harmless" πŸ˜‰17:24
ograi'll appily ignore it17:25
diddledan"mostly harmless"17:30
mupPR snapd#8815 opened: tests: port snap-handle-link test to tests.session <Test Robustness> <Created by zyga> <https://github.com/snapcore/snapd/pull/8815>18:49
=== Ringtailed-Fox is now known as RingtailedFox
mupPR snapd#8816 opened: tests: port 2 uc20 part1 <Created by sergiocazzolato> <https://github.com/snapcore/snapd/pull/8816>20:35
=== KindTwo is now known as KindOne

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!