=== benfrancis5 is now known as benfrancis
mupPR snapd#8874 opened: spread: use find rather than recursive ls, skip mounted snaps <Simple πŸ˜ƒ> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/8874>05:34
mupPR snapd#8875 opened: tests/main/sudo-env: check snap path under sudo <Simple πŸ˜ƒ> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/8875>05:39
mborzeckiheh, debian sets secure_path too06:37
mborzeckiwierd things happening in google:centos-8-64:tests/main/selinux-clean06:58
zygaGood morning06:59
zygaHey Maciek06:59
mupPR snapd#8859 closed: tests: enable snap-auto-mount test on core20 <Simple πŸ˜ƒ> <Created by mvo5> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/8859>06:59
zygaHa, is the spread test immediately useful?06:59
zygaI just took meds, should be able to work in 30 minutes07:00
mborzeckizyga: there's some denials coming from systemd-logind trying to read 'linger' file (whcih we created?)07:02
mborzeckitrying to make sure it's not us doing something wrong07:02
zygaLinger is tests.session07:06
zygaIt is a systemd feature07:07
zygaBut probably underused and missing in selinux profiles07:07
mborzeckipstolowski: hello sir07:08
zygaHey PaweΕ‚ :-)07:08
mborzeckizyga: hm i'm seeing this:07:21
mborzeckitype=SYSCALL msg=audit(1592291609.858:541): arch=c000003e syscall=257 success=yes exit=3 a0=ffffff9c a1=55ce2c1a6420 a2=f0000 a3=0 items=0 ppid=1 pid=39430 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="(d-logind)" exe="/usr/lib/systemd/systemd" subj=system_u:system_r:init_t:s0 key=(null)07:21
mborzeckitype=AVC msg=audit(1592291609.858:541): avc:  denied  { read } for  pid=39430 comm="(d-logind)" name="linger" dev="sda2" ino=17559683 scontext=system_u:system_r:init_t:s0 tcontext=unconfined_u:object_r:systemd_logind_var_lib_t:s0 tclass=dir permissive=107:21
zygawhich os is this?07:22
mborzeckiwhich seems fine, because /var/lib/systemd/linger is labeled as systemd_logind_var_lib_t (correct & confimed with semanage fcontext), the pid is systemd-logind, which has systemd_logind_t and policy allows modifing that location07:23
mborzeckizyga: centos-807:23
mborzeckizyga: so for some short while, init_t (systemd itself?) tries to read the linger directory07:23
mborzeckiafair yesterday centos 8.2 was released, and looking at dnf log, the test pulled in a bunch of upgrades07:24
mborzecki     9 | -y --refresh install /us | 2020-06-16 07:03 | I, U           |   35 EE07:24
mborzecki     8 | -y --refresh install --s | 2020-06-16 07:01 | I, U           |  278 EE07:24
mborzeckiperhaps the policy changed, and we just need to update the image07:24
zygagrep for linger in systemd shows only logind and related things07:25
mborzeckiand the selinux-policy package got updated too07:25
zygalogin also uses it07:26
mborzeckihm i'll try adding daemon-reexec in test prepare07:26
zyganot surem, maybe it just is used in init itself too07:26
mborzeckizyga: btw. debian uses sudo secure_path07:28
zygamborzecki: commented on https://github.com/snapcore/snapd/pull/8875/files07:28
mupPR #8875: tests/main/sudo-env: check snap path under sudo <Simple πŸ˜ƒ> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/8875>07:28
zygasu -l is nearly always dangerous07:29
mborzeckizyga: ha, ok will fix that07:29
mupPR snapd#8872 closed: tests/lib/prepare-restore.sh: if we failed to purge snapd deb, ls /var/lib/snapd <Simple πŸ˜ƒ> <Test Robustness> <Created by anonymouse64> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/8872>07:34
mupPR snapd#8873 closed: interfaces: misc small interface updates <Created by jdstrand> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/8873>07:34
mupPR snapd#8874 closed: spread: use find rather than recursive ls, skip mounted snaps <Simple πŸ˜ƒ> <Created by bboozzoo> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/8874>07:34
pedronismborzecki: should we close or try to land #7414 ? it seems ok to me, one question is whether should we purge packages or just remove them?07:34
mupPR #7414: tests: keep track of installed packages and restore the state after the test <Test Robustness> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/7414>07:34
pedronismborzecki: I commented in it directly07:37
mborzeckipedronis: thanks, will chekc in a minute07:37
mupPR snapd#8871 closed: tests/prepare-restore.sh: reset-failed systemd-journald before restarting <Simple πŸ˜ƒ> <Test Robustness> <Created by anonymouse64> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/8871>07:39
zygamvo is on a merging spree :)07:40
mvozyga: I was shocked to see 80(!) open PRs when I woke up07:43
mvozyga: and figured I need to do something :)07:43
mupPR snapd#7417 closed: interfaces/wayland: on classic systems only consider the OS slot for auto-connect <Needs Samuele review> <β›” Blocked> <Created by AlanGriffiths> <Closed by pedronis> <https://github.com/snapcore/snapd/pull/7417>07:44
mupPR snapd#8789 closed: interfaces/docker: use implicitOnClassic: true <Needs Samuele review> <β›” Blocked> <Created by jdstrand> <Closed by pedronis> <https://github.com/snapcore/snapd/pull/8789>07:44
mborzeckizyga: hm this looks like a bug in the policy or our setup, what happens is that we set StateDirectory=systemd/linger, then systemd tries to set up (create?) that directory for systemd-logind, but gets blocked by the policy07:56
mvopedronis: in 8870 the interface name "gconf" is uncontroversial I assume? or is that something you want to review ?07:56
zygamborzecki: up-to-date systemd has StateDirecty=systemd/linger07:56
zygamaybe centos-8 is just too old07:57
zygait works fine on fedora07:57
mvopedronis: other than the name 8870 is ready to get merged07:57
zygaI mean, the policy is probably too old07:57
pedronismvo: I probably need to double check it07:57
mvopedronis: sure thing, added the label07:58
mvozyga: I updated 8865, it's a bit annoying that we can't use a pre-canned action but it should be simple enough, hopefully the comment explains enough08:01
zygathanks, I'll check it in a moment08:01
zygadigging into some kernel bit for uinput08:01
mvopedronis: I assume you also want to double check 8867 (uinput) ? if so I will add the label08:01
mvozyga: oh, nice08:01
pedronismvo: yes08:02
mvoa second review for 8857 would be great, should be quick and an easy win08:08
zygamvo: added some comments there08:21
* zyga small break08:21
mborzeckiheh, so one of the tests moves xdg-open aside08:26
mborzeckizyga: and for now i have no clear solution for that selinux problem, feels like a policy bug, maybe if i can procure the ame state on rhel8 i could file a bug08:27
mvozyga: nice, thanks!08:28
mupPR snapd#8855 closed: cmd,many: move Version and bits related to snapd tools to snapdtool, merge cmdutil <Cleanup :broom:> <Created by pedronis> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/8855>08:30
mborzeckizyga: do i need tests.session {prepare,restore} if i don't need anything or can i just tests.session exec in the test?08:36
zygaI would do it just in case08:37
zygayou probably just want restore08:37
zygaas using test.session without prepare still gives you a session08:37
zygajust makes it die briefly08:37
zygaI found it more reliably with prepare restore08:37
zygaas otherwise stuff starts and stops and may overrun08:37
zygaGah thinkpad died again08:41
mborzeckii think i see the problem with xdg-open disappearing08:41
zygaI will use this as an excuse to eat breakfast08:41
mborzeckizyga: xdg-open-compat overwrites /usr/bin/xdg-open, and then removes it08:43
zygaNice catch!08:49
mborzeckii know we're not supposed to open new PRs but this one is super simple and fixes the problem ijohnson found https://github.com/snapcore/snapd/pull/887608:54
mupPR #8876: tests/main/xdg-open-compat: backup and restore original xdg-open <Simple πŸ˜ƒ> <Test Robustness> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/8876>08:54
mborzeckizyga: mvo: ^^08:55
mupPR snapd#8876 opened: tests/main/xdg-open-compat: backup and restore original xdg-open <Simple πŸ˜ƒ> <Test Robustness> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/8876>08:55
mvomborzecki: thanks08:56
mupPR snapd#8846 closed: tests: move update-related tests to snapstate_update_test.go <Test Robustness> <Created by stolowski> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/8846>09:00
pstolowskimvo: thank you! πŸ™09:00
mvopstolowski: thank you!09:01
pedronispstolowski: I'm looking at it to, it needs a follow up09:02
pstolowskipedronis: thank you. it's quite possible i overlooked something, or some tests can be re-ordered09:05
pedronispstolowski: https://github.com/snapcore/snapd/pull/8846#issuecomment-64463719909:06
mupPR #8846: tests: move update-related tests to snapstate_update_test.go <Test Robustness> <Created by stolowski> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/8846>09:06
pedronispstolowski: yes, the order is a bit weird of some tests, but not sure is the main worry at this point09:07
pstolowskipedronis: right, i was pondering about sequence tests in the PR description09:07
pstolowskipedronis: will prep a followup09:07
pedronisthank you09:08
pedronispstolowski: once we have split more we can consider if reordering is worth it, I agree is a bit strange that for example TestInstallTasks or TestUpdateTasks are not among the first tests one encouters in those files, same more the main run through ones09:10
pedronismore of an issue for people reading these for the first tiem09:11
pstolowskisounds good09:13
zygaI will work on existing PRs and reviews today09:16
zygaNeed to relocate to another room though09:16
=== ricab__ is now known as ricab
mborzeckizyga:  i've updated https://github.com/snapcore/snapd/pull/887509:33
mupPR #8875: tests/main/sudo-env: check snap path under sudo <Simple πŸ˜ƒ> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/8875>09:33
mupPR snapd#8814 closed: sanity: check for unsynchronized real time clock <β›” Blocked> <Created by zyga> <Closed by mvo5> <https://github.com/snapcore/snapd/pull/8814>09:35
zygamborzecki: commented09:38
zygaI missed that you are running sudo to become root, not the test user09:38
zygalets merge it09:38
zygaand if it shows up in any scans we can react09:38
zygawe MIGHT enable disable linger for root09:39
zygabut tests.session -u root restore does not do the same as it does for test user09:39
zygaso the protection is weaker09:39
mborzeckizyga: mhm, fwiw it needs to be run via sudo, otherwise that part of the test does not make sense09:39
zygayeah, I understand09:40
mvozyga: sorry for being pushy but a quick look at 8865 would be appreciated09:52
zygaI think this is fine for now, we can look for how to support this better but it is not high priority09:53
mvozyga: \o/09:54
mupPR snapd#8865 closed: workflow: test PR title as part of the static checks again <Skip spread> <Created by mvo5> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/8865>09:55
mupPR snapd#8876 closed: tests/main/xdg-open-compat: backup and restore original xdg-open <Simple πŸ˜ƒ> <Test Robustness> <Created by bboozzoo> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/8876>09:55
zygadegville: hi10:14
zygadegville: I wasn't sure how to covey this otherwise10:17
mborzeckizyga: unexpected failure in the PR with sudo env: https://paste.ubuntu.com/p/85m38SNbGm/ idk if it's related though10:17
zygathere are three new pull requests that add interfaces10:17
zygaI "assigned" them to you to make sure you are at least aware10:17
zygamborzecki: looking10:17
zygamborzecki: interesting, let me try10:19
degvillezyga: yes, I saw - and did a little +1 on your comments to let you know. I think it's a great idea and I'll make sure they're documented when they land.10:20
zygamborzecki: checking some more10:29
mborzeckizyga: hm?10:42
zygawifi range10:45
zygaI don't know what's in the walls here10:45
zygabut feels like tinfoiil10:45
mborzeckizyga: lots of reinforced concrete maybe?10:51
zygaI think so10:51
zygaI managed to get a debug shell10:51
zygaI started simple10:51
zygatests.session -u prepare10:51
zygathen tests.session -u test exec id10:52
zygatests.session -u test exec sudo id10:52
zygaso that all worked10:52
zygaI wonder if the OS matters, I picked xenial10:52
zygaI also tried sudo env10:52
zygawhat was broken was sudo -l, right?10:52
zygaand that gave odd output10:53
zygait just printed /usr/bin/id (I ran sudo -l id)10:53
mborzeckizyga: no it failed in a different test10:53
mborzeckizyga: but that sudo-env PR nonetheless10:53
zygacan you remind me please10:54
zygamborzecki: but sudo --login works10:54
zygasudo -l doesn't10:54
mborzeckizyga: thoght you're looking into https://paste.ubuntu.com/p/85m38SNbGm/ in the context of that sudo-env pr10:54
mborzeckizyga: sudo --login != sudo -d10:55
mborzeckipff -l10:55
mborzeckisudo --login == sudo -i :)10:55
zygastupid font10:55
zygaI didn't notice10:56
zygamborzecki: sorry, I was confused, i see what you mean now10:57
mborzeckiwe should land https://github.com/snapcore/snapd/pull/8761 once it's green11:11
mupPR #8761: add msteams url support <Needs security review> <Created by call-a3> <https://github.com/snapcore/snapd/pull/8761>11:11
mupPR snapd#8877 opened: tests: move a few more tests to snapstate_update_test.go <Test Robustness> <Created by stolowski> <https://github.com/snapcore/snapd/pull/8877>11:25
pstolowskipedronis: ^ i'll handle sequence tests separately11:26
pedronispstolowski: yes, should probably wait until we have closed more PRs11:27
zygaHeh, debugged my x240 shutdown problem11:35
zygaThere is a β€œemergency reset hole” on the bottom11:35
zygaWhich instantly powers of the unit11:36
zygaWith a physical button11:36
zygaThose tiny clicker type11:36
zygaSqueezing the unit close to the right hinge just puts enough pressure to press it11:36
zygaLet me see about that11:37
zygaAnd I didn’t invent the name https://support.lenovo.com/us/en/solutions/pd02956911:37
zygai will be around shortly, my wife is removing that button11:41
zygano more emergency reset hole11:51
zygano more annoying shutdowns11:51
zygajust popped that button off the motherboard11:51
zygasorry, mborzecki back to your review11:51
mvosecond review for 8857 would be nice, should be an easy win, thanks to mborzecki  for the tweaks11:53
zygamvo: in a moment11:54
zygamvo: added a comment11:56
zygabut LGTm11:56
zygaback to https://github.com/snapcore/snapd/pull/741411:57
mupPR #7414: tests: keep track of installed packages and restore the state after the test <Test Robustness> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/7414>11:57
ijohnsonmorning folks12:09
ijohnsonin the interest of merging small PR's, could I get a review on https://github.com/snapcore/snapd/pull/8519 ?12:09
mupPR #8519: tests/special-home-can-run-classic-snaps: re-enable <Test Robustness> <⚠ Critical> <Created by anonymouse64> <https://github.com/snapcore/snapd/pull/8519>12:09
ijohnsonthe only test failure there is the current ongoing one about not being able to prepare uc20 systems due to failure to cleanup after snapd12:10
zygamborzecki: added comments to 7414 that I think should be changed, I'll review the rest so please hold on :)12:11
* zyga needs painkillers, brb12:14
ijohnsonmvo: 8519 is ready for a sudo git merge and will take us back to the 60's (in terms of open PR's, time travel side effects are unknown)12:16
pstolowskihi ijohnson !12:25
ijohnsono/ pstolowski12:26
ijohnsonI updated the install hook spread test PR btw12:26
ijohnsonplease have a look when you have a chance12:26
mupPR snapd#7982 closed: o/snapstate, wrappers: enable services on start <Complex> <β›” Blocked> <Created by stolowski> <Closed by stolowski> <https://github.com/snapcore/snapd/pull/7982>12:41
pedronispstolowski: I looked again at #8812, and I have a few more questions there12:50
mupPR #8812: o/snapstate: service-control task handler (4/N) <Needs Samuele review> <Services βš™οΈ> <Created by stolowski> <https://github.com/snapcore/snapd/pull/8812>12:50
pstolowskipedronis: ty12:54
mupPR snapd#8519 closed: tests/special-home-can-run-classic-snaps: re-enable <Test Robustness> <⚠ Critical> <Created by anonymouse64> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/8519>12:56
mupPR snapcraft#3169 closed: package-repositories: allow empty component list <bug> <Created by cjp256> <Merged by sergiusens> <https://github.com/snapcore/snapcraft/pull/3169>13:02
mupPR snapd#8878 opened: tests: fix how gadget pc is detected when the snap does not exist and ls fails <Created by sergiocazzolato> <https://github.com/snapcore/snapd/pull/8878>13:06
mborzeckizyga: looks like deskto portal activation is failing quite consistently now in 18.04 https://github.com/snapcore/snapd/pull/8875/checks?check_run_id=77617378213:11
mupPR #8875: tests/main/sudo-env: check snap path under sudo <Simple πŸ˜ƒ> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/8875>13:11
zygamborzecki: looking13:11
zygamborzecki: I think we should silence that line, it's just a fact that we kill dbus-monitor from awk when we see the stuff we care about13:13
zygamborzecki: wonder how it didn't show up before13:13
* zyga lunch 13:18
mupPR snapd#7414 closed: tests: keep track of installed packages and restore the state after the test <Test Robustness> <Created by bboozzoo> <Closed by bboozzoo> <https://github.com/snapcore/snapd/pull/7414>13:41
mupPR snapd#8857 closed: tests/lib/prepare: increase the size of the uc16/uc18 partitions <Test Robustness> <Created by anonymouse64> <Merged by bboozzoo> <https://github.com/snapcore/snapd/pull/8857>13:41
mupPR snapd#8366 closed: cmd/snap-bootstrap/initramfs-mounts: verify the seed snap matches bootloader env <Needs Samuele review> <UC20> <β›” Blocked> <Created by anonymouse64> <Closed by anonymouse64> <https://github.com/snapcore/snapd/pull/8366>13:46
mborzeckimvo: shall we land https://github.com/snapcore/snapd/pull/8761 or do we need more input from jdstrand?13:57
mupPR #8761: usersession/userd: add msteams url support <Needs security review> <Created by call-a3> <https://github.com/snapcore/snapd/pull/8761>13:57
mupPR snapd#8856 closed: [RFC] tests/main/install-fontconfig-cache-gen: for bionic, focal use broken font <Precious Logs> <Test Robustness> <Created by anonymouse64> <Closed by anonymouse64> <https://github.com/snapcore/snapd/pull/8856>14:01
jdstrandmborzecki: fyi, I'd like jamesh to comment on https://github.com/snapcore/snapd/pull/8761#issuecomment-639674545 for the xdg-desktop-portal code since he was involved in PR 8269's review14:06
mupPR #8761: usersession/userd: add msteams url support <Needs security review> <Created by call-a3> <https://github.com/snapcore/snapd/pull/8761>14:06
mupPR #8269: apparmor: use rw for uuidd request to default and remove from elsewhere <Created by jdstrand> <Merged by bboozzoo> <https://github.com/snapcore/snapd/pull/8269>14:06
jdstrandmborzecki: but aside from that PR 8761 has a LGTM for allowedURLSchemes so it doesn't need to wait on me14:06
mborzeckijdstrand: got it14:07
jdstrandalso, do we expect centos-8-64 to pass atm?14:07
jdstrandI keep mashing retry but that one doesn't seem to pass14:08
ijohnsonjdstrand: I think centos 8 has some selinux problems right now14:08
jdstrandok, I'll stop mashing retry then :)14:08
=== pedronis_ is now known as pedronis
mborzeckijdstrand: there's some pending updates on centos, and the recent batch of package updates they pushed broke systemd/systemd-logind/selinux-policy14:11
jdstrandmborzecki: yikes14:12
mborzeckijdstrand: i hope that when cachio updates the image this may go away, but from what i could tell going through selinux policy and systemd it's bug14:12
cachiomborzecki,  when I update the image the test still fails14:13
cachiomborzecki, this is the error I see https://paste.ubuntu.com/p/Z9KRsbh7vG/14:13
mborzeckicachio: ok, let's push the image image then, and i'll try to make the test smarter14:14
cachiomborzecki, sure, thanks14:14
mborzeckicachio: thank you!14:14
=== dennwc_ is now known as dennwc
=== niemeyer_ is now known as niemeyer
=== nniehoff_ is now known as nniehoff
=== cjp256_ is now known as cjp256
=== joedborg_ is now known as joedborg
=== zyga_ is now known as zyga
mborzeckitime to run some errands14:16
=== genii_ is now known as genii
cachiomborzecki, image updated14:36
ograzyga, hmm, cn layouts live in /run ?14:36
ograFile: /run/utmp (read)14:36
ogra* adjust program to use $SNAP_DATA14:36
ogra* adjust program to use /run/shm/snap.$SNAP_NAME.*14:36
ogra* adjust program to use /run/snap.$SNAP_NAME.*14:36
ogra* adjust snap to use snap layouts (https://forum.snapcraft.io/t/snap-layouts/7207)14:36
ogra(i thought they could not)14:37
ograthen snappy-debug should perhaps not suggest it πŸ™‚14:37
pstolowskipedronis: it seems you were somehow involved already in https://bugs.launchpad.net/snapd/+bug/1882665 ; do you know if the length restriction for snap name is ok on our side and will be fixed in the store?14:46
mupBug #1882665: single-letter snaps are available in the store, but not installable <snapd:Triaged> <Snap Store:Confirmed> <https://launchpad.net/bugs/1882665>14:46
pedronispstolowski: there's a conversation going on with the store about that14:47
ijohnsonmvo: https://github.com/snapcore/snapd/pull/8866 is ready to be merged, but note that it failed on other tests in interesting ways so I have saved the logs in a pastebin14:49
mupPR #8866: tests/main: add spread test for running svc from install hook <Services βš™οΈ> <Test Robustness> <Created by anonymouse64> <https://github.com/snapcore/snapd/pull/8866>14:49
ijohnsonmvo: specifically we got a little bit of info on what is left behind preparing uc20 sometimes insofar as there is still stuff in the /var/lib/snapd dir when purging the snapd deb14:50
ijohnsonmvo: and your google:ubuntu-core-20-64:tests/core/snap-auto-mount changes seem to not have worked14:51
ijohnsonmvo: it seems that the imported assertion was not trusted or was wrong? I'm not sure, the test failure output is quite unclear14:51
ijohnsonmvo: the full log is in https://pastebin.ubuntu.com/p/NbKty2yd3k/14:51
mvoijohnson: thank you, I have a look in a wee bit, in a meeting right now14:53
ijohnsonok, no rush14:53
mvoijohnson: looking at the log now, strange that snap-auto-mount does not work - oh well15:01
mupPR snapd#8866 closed: tests/main: add spread test for running svc from install hook <Services βš™οΈ> <Test Robustness> <Created by anonymouse64> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/8866>15:01
mvoijohnson: woah, this is very confusing, the /var/lib/snapd is stull of stuff15:01
ijohnsonmvo: yes I'm not sure how it's leftover tbh15:02
mvoijohnson: yeah, that looks more like it was not run at all or something15:02
ijohnsonunless somehow because the google-cloud-sdk snap is classic it breaks things ?15:02
ijohnsonor possibly the lxd snap too because the lxd snap is effectively classic as well15:03
mvoijohnson: yeah, I'm poking at it now15:06
mvoijohnson: same failure in 8877 it seems, fun15:09
ijohnsonmmm at least we can see some stuff now15:09
mvoijohnson: yeah but we run the apt-get remove -y --purge snapd with quiet so we loose some information :(15:11
ijohnsonoh yeah maybe we shouldn't do that ...15:11
mupPR snapd#8877 closed: tests: move a few more tests to snapstate_update_test.go <Test Robustness> <Created by stolowski> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/8877>15:11
mvoijohnson: yeah, it looks like this is the next step15:12
mupPR snapd#8879 opened: tests: simplify the tpm test by removing the test-snapd-mokutil snap <Simple πŸ˜ƒ> <Created by sergiocazzolato> <https://github.com/snapcore/snapd/pull/8879>15:31
mupPR snapd#8608 closed: configcore: issue a warning on core16 when journal.persistent option is set <Squash-merge> <β›” Blocked> <Created by stolowski> <Closed by mvo5> <https://github.com/snapcore/snapd/pull/8608>15:47
mupPR snapd#8609 closed:  Adds missing paths to desktop, solves lp:1876804 <β›” Blocked> <Created by sklei4> <Closed by mvo5> <https://github.com/snapcore/snapd/pull/8609>15:47
=== facundo__ is now known as facubatista
* cachio lunch15:48
mupPR snapcraft#3171 opened: snap: debug enabled by default <do-not-merge> <Created by sergiusens> <https://github.com/snapcore/snapcraft/pull/3171>15:53
=== facundo__ is now known as facubatista
pstolowskicachio: #8558 has a conflict15:58
mupPR #8558: tests: make the nested library usable independently of spread <Created by sergiocazzolato> <https://github.com/snapcore/snapd/pull/8558>15:58
mupPR snapd#8880 opened: tests/lib/prepare.sh: adjust comment about sgdisk <Simple πŸ˜ƒ> <Skip spread> <Test Robustness> <Created by anonymouse64> <https://github.com/snapcore/snapd/pull/8880>16:07
mupPR snapd#8878 closed: tests: fix how gadget pc is detected when the snap does not exist and ls fails <Created by sergiocazzolato> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/8878>16:27
mupPR core18#155 opened: hooks: fix broken symlink /etc/sysctl.conf.d/99-sysctl.conf <Created by mvo5> <https://github.com/snapcore/core18/pull/155>16:48
mupPR core20#73 opened: hooks: fix broken symlink /etc/sysctl.conf.d/99-sysctl.conf <Created by mvo5> <https://github.com/snapcore/core20/pull/73>16:51
mupPR snapcraft#3172 opened: cli: restore --target-arch with warning for LXD and Multipass <Created by cjp256> <https://github.com/snapcore/snapcraft/pull/3172>16:53
ijohnsonpedronis: #8794 is ready for re-review (I added the requested unit tests)16:54
mupPR #8794: boot/bootstate16.go: clean snap_try_* vars when not in Trying status too <Test Robustness> <UC20> <Created by anonymouse64> <https://github.com/snapcore/snapd/pull/8794>16:54
mupPR snapd#8761 closed: usersession/userd: add msteams url support <Needs security review> <Created by call-a3> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/8761>16:57
mupPR snapd#8880 closed: tests/lib/prepare.sh: adjust comment about sgdisk <Simple πŸ˜ƒ> <Skip spread> <Test Robustness> <Created by anonymouse64> <Merged by anonymouse64> <https://github.com/snapcore/snapd/pull/8880>16:57
mupPR core20#74 opened: .travis.yml: use snapcraft w/ lxd to build the snap <Created by anonymouse64> <https://github.com/snapcore/core20/pull/74>17:06
=== ijohnson is now known as ijohnson|lunch
=== ijohnson|lunch is now known as ijohnson
mupPR snapd#8869 closed: asserts/internal: expand errors about invalid serialized grouping labels <Bulk assert refresh :scroll::scroll::scroll:> <Skip spread> <Created by pedronis> <Merged by pedronis> <https://github.com/snapcore/snapd/pull/8869>17:47
mupPR snapd#8881 opened: interfaces: simplify rules of multiple connected iio plugs <Bug> <Created by zyga> <https://github.com/snapcore/snapd/pull/8881>18:02
InteloI connected to vnc, all fine, firefox from console opens. I installed chromium-browser but when run, it says 'Client is not authorized to connect to server. Unable to open x display18:32
mupPR snapd#8576 closed: tests/main/lxd: add test for snaps inside nested lxd containers not working <Test Robustness> <Created by anonymouse64> <Merged by anonymouse64> <https://github.com/snapcore/snapd/pull/8576>18:42
roadmrhi jdstrand  :) we got a write request for system-files, for /run/lock. Is this covered by another interface maybe?19:05
jdstrandroadmr: no, but that is a directory. you wouldn't want to grant it for /run/lock, but rather for /run/lock/something /run/lock/somethingelse19:07
jdstrandroadmr: but really their snap should be updated to use SNAP_COMMON/lock or similar19:07
mupPR snapd#8875 closed: tests/main/sudo-env: check snap path under sudo <Simple πŸ˜ƒ> <Created by bboozzoo> <Merged by bboozzoo> <https://github.com/snapcore/snapd/pull/8875>19:07
roadmrjdstrand: right, I think the advice they themselves posted pointed in that direction19:08
jdstrandroadmr: of even better: /{dev,run}/shm/snap.@{SNAP_INSTANCE_NAME}.something19:08
roadmrjdstrand: ok, I'll try to nudge them in that direction (it also suggested using layouts) and leave system-files as a last resort if they can point me to the specific files they need19:09
jdstrandroadmr: a layout won't work for /run19:12
roadmrok, noted :( bummer heh19:12
cachiocmatsuoka, ijohnson thanks for the review on #8879, I already update the test19:13
mupPR #8879: tests: simplify the tpm test by removing the test-snapd-mokutil snap <Simple πŸ˜ƒ> <Skip spread> <Created by sergiocazzolato> <https://github.com/snapcore/snapd/pull/8879>19:13
jdstrandroadmr: but they can use /run/snap.<snapname>.something all day every day :)19:13
ijohnsoncachio: thanks I'll look again19:13
cmatsuokacachio: thanks, checking again19:16
cachioijohnson, just matching 0600 0000 0119:16
ijohnsoncachio: why can't you match the whole pattern ?19:16
cachioijohnson, I did it just to avoid to check too much19:17
ijohnsonif there was garbage data for example xxd could output something like `0600 0000 0000 0600 0000 01` and the test would be wrong19:17
cachionot sure if the format could change19:17
ijohnsoncachio: the correct format should not change it's in the UEFI spec IIRC19:17
cachioMATCH "00000000: 0600 0000 01\s+....."19:17
cachioijohnson, that should be the correct one?19:17
cachiothe match19:17
ijohnsoncachio: yes that should be correct19:18
cachioijohnson, updated19:19
ijohnsonthanks let me look again19:19
cachioijohnson, thanks for checking19:20
ijohnsoncachio: can you also specify the full SecureBoot variable name ?19:20
cachioijohnson, is it fixed?19:21
ijohnsoncachio: because there could be devices with random uefi firmware implementations that also define some kind of SecureBoot variable, but those will never be the same as SecureBoot-8be4df61-93ca-11d2-aa0d-00e098032b8c19:21
ijohnsoncachio: I really would like to see us be as specific as possible here19:21
ijohnsoncachio: so instead of doing `SecureBoot-*` I think we should do `SecureBoot-8be4df61-93ca-11d2-aa0d-00e098032b8c`19:22
cachioijohnson, sure19:22
ijohnsonthank you19:22
cachioijohnson, so the filename SecureBoot-8be4df61-93ca-11d2-aa0d-00e098032b8c is not gonna change right?19:23
ijohnsoncachio: yes that name is part of the spec19:23
cachioijohnson, ah, ok19:23
cachioin that case makes sense19:23
cachiothanks for the explanation19:23
cmatsuokathe uuid is the vendor uuid and in this case it's the EFI consortium or something like that19:24
cmatsuokacachio: I think there's an extra space in the middle of the file name now19:31
cmatsuokaSecureBoot-8be4df61-93ca-11d2 <space> -aa0d-00e098032b8c19:31
cmatsuokacachio: please ignore the comment about the shell expansion19:36
cachiocmatsuoka, nice19:39
cachioI am wating for test results for the latest change yet19:39
cmatsuokamy mistake there, I tested the regexp using plain grep but then I noticed that MATCH uses grep -E19:40
cmatsuokaso the match didn't work in my first test19:40
cmatsuokabut with grep -E it's fine19:41
pedronisijohnson: sorry about https://github.com/snapcore/snapd/pull/8340#discussion_r434490285 but basically my original comment/proposal wasn't possible, I probably misread some bit of the code and then the change applied was something else20:10
mupPR #8340: boot, snap-bootstrap: move initramfs-mounts logic to boot pkg <UC20> <Created by anonymouse64> <https://github.com/snapcore/snapd/pull/8340>20:11
ijohnsonpedronis: no worries20:11
ijohnsonI mean with large PR's that are open for months there's bound to be back and forth20:11
ijohnsonI'm almost done addressing feedback for that PR and will push up the changes in a little bit20:11
ijohnsonpedronis: PR is updated if you're still around and want to look at it20:30
* ijohnson small break20:30
mupPR snapd#8794 closed: boot/bootstate16.go: clean snap_try_* vars when not in Trying status too <Test Robustness> <UC20> <Created by anonymouse64> <Merged by anonymouse64> <https://github.com/snapcore/snapd/pull/8794>20:33
mupPR snapd#8879 closed: tests: simplify the tpm test by removing the test-snapd-mokutil snap <Simple πŸ˜ƒ> <Skip spread> <Created by sergiocazzolato> <Merged by anonymouse64> <https://github.com/snapcore/snapd/pull/8879>20:33
cmatsuokaijohnson: when a new kernel snap is installed on arm, where do we trigger kernel extraction?21:26
cmatsuokaijohnson: never mind, I just found it :)21:28
mupPR snapcraft#3173 opened: cli: use snap pack instead of mksquashfs <maintenance> <Created by sergiusens> <https://github.com/snapcore/snapcraft/pull/3173>21:28
ijohnsoncmatsuoka: you found the ExtractKernelAssets functions?22:24
cmatsuokaijohnson: yes, I followed it to backend/setup22:27
cmatsuokaijohnson: now I'm thinking how to get model information from there22:27
cmatsuokabut I'll continue tomorrow22:28
* cmatsuoka EODs22:28

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!