/srv/irclogs.ubuntu.com/2020/10/27/#snappy.txt

mborzecki	morning	07:02
mborzecki	home schooling day 2 :/	07:02
zyga-mbp	good morning	07:32
mvo	good morning zyga-mbp !	07:35
zyga-mbp	hey mvo	07:35
zyga-mbp	hopefully today will be more productive, yesterday I was a bit sleepy after very busy weekend	07:35
zyga-mbp	I'm looking at the GPIO issue reported by cert	07:35
mvo	zyga-mbp: thank you	07:37
zyga-mbp	replied there	07:40
mborzecki	mvo: zyga-mbp: hey	07:42
mvo	hey mborzecki	07:42
zyga-mbp	hey mborzecki	07:42
zyga-mbp	hey pedronis, good morning	07:53
pedronis	hello	07:57
mvo	good morning pedronis :)	07:59
pstolowski	morning	08:02
mvo	good morning pstolowski	08:02
zyga-mbp	good morning pawel	08:04
zyga-mbp	either everything is loading very very slowly or eschooling is saturating my home uplink	08:05
zyga	okay, finally in the office	08:14
zyga	should be more manageable now	08:14
mvo	zyga: a small update in the status of 7700 would be great, it lists next steps and step 2 (desktop notifications) is certainly done now :)	08:17
mvo	zyga: but no rush, just noticed while going over open pts	08:18
mvo	zyga: open prs	08:18
zyga	mvo, yeah that's certainly something to pick up soon	08:21
zyga	I know time is short, I'll try to do a bit more today	08:21
mvo	zyga: tiny comment is fine for now :)	08:21
mvo	zyga: just curious where in the schema we stand	08:21
zyga	mvo, let me look quickly	08:22
mvo	ta!	08:23
mvo	pedronis: if my style comments in 9549 make sense I can push them myself but I think it does not make sense if I touch this before you did a review(?)	08:41
pedronis	mvo: I have the PR checked out, I can apply the changes, I think the new file name is right but indeed it will break old installs	08:45
mvo	pedronis: thanks	08:45
mborzecki	pedronis: mvo: either of you working on tweaks to 9549?	08:52
pedronis	mborzecki: I am	08:52
mborzecki	pedronis: ah, ok	08:53
mup	PR snapd#9551 opened: dirs, boot: add ubuntu-save directories and related locations <Simple 😃> <Skip spread> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/9551>	09:04
mborzecki	pedronis: mvo: ^^ extracted some trivial bits from #9528	09:05
mup	PR #9528: cmd/snap-bootstrap: mount ubuntu-save during boot if present <Run nested> <UC20> <⛔ Blocked> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/9528>	09:05
mvo	mborzecki: in a meeting, will get to it right after that :)	09:33
mvo	mborzecki: and thank you!	09:33
zyga-mbp	we need reviews for https://github.com/snapcore/snapd/pull/9542	09:42
mup	PR #9542: interfaces: deny connected x11 plugs access to ICE <Bug> <Needs security review> <⚠ Critical> <Created by zyga> <https://github.com/snapcore/snapd/pull/9542>	09:42
mup	PR snapd#9552 opened: usersession: fix typo in test name <Simple 😃> <Skip spread> <Created by zyga> <https://github.com/snapcore/snapd/pull/9552>	09:45
zyga-mbp	mvo ^ plz merge typo fix	09:45
mvo	zyga-mbp: sure	09:47
zyga-mbp	thank you	09:47
pstolowski	mhm nested stuff is fun...	09:56
zyga-mbp	pstolowski are you using cachio's new nested tool?	09:57
pstolowski	zyga-mbp: actually not! but this is just syntactic sugar..	09:58
pstolowski	just having an issue i don't understand yet	09:59
zyga-mbp	I see	09:59
pedronis	mvo: mborzecki: I pushed to #9549, it needs 2nd reviews	10:04
mup	PR #9549: many: update to secboot v1 (part 1) <Run nested> <UC20> <Created by cmatsuoka> <https://github.com/snapcore/snapd/pull/9549>	10:04
mborzecki	pedronis: thanks, let me see	10:04
mborzecki	pedronis: #9551 is trivial and needs a pass from you or mvo	10:05
mup	PR #9551: dirs, boot: add ubuntu-save directories and related locations <Simple 😃> <Skip spread> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/9551>	10:05
pedronis	mborzecki: sorry, I had a typo in my new code, repushed	10:06
pedronis	(well in a comment)	10:06
mup	PR snapd#9552 closed: usersession: fix typo in test name <Simple 😃> <Skip spread> <Created by zyga> <Merged by zyga> <https://github.com/snapcore/snapd/pull/9552>	10:10
zyga-mbp	brb	10:18
mup	PR snapd#9551 closed: dirs, boot: add ubuntu-save directories and related locations <Simple 😃> <Skip spread> <Created by bboozzoo> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/9551>	10:25
pedronis	mvo: mborzecki: could either of you look at my own last 3 commits here (they are small tweaks or error formatting changes): https://github.com/snapcore/secboot/pull/12	11:20
mup	PR secboot#12: Make policyPCRData serializable <Created by chrisccoulson> <Closed by chrisccoulson> <https://github.com/snapcore/secboot/pull/12>	11:20
pedronis	oops	11:20
pedronis	mvo: mborzecki: could either of you look at my own last 3 commits here (they are small tweaks or error formatting changes): https://github.com/snapcore/secboot/pull/125	11:20
mup	PR secboot#125: Add ActivateVolumeWithMultipleTPMSealedKeys <Created by chrisccoulson> <https://github.com/snapcore/secboot/pull/125>	11:20
mvo	pedronis: sure, once I'm done with 9418 I can look	11:21
mborzecki	pedronis: sure	11:21
mup	PR snapd#9553 opened: tests: add spread test for refreshing from an old snapd and core18 <Test Robustness> <Created by stolowski> <https://github.com/snapcore/snapd/pull/9553>	11:40
mup	PR snapd#9418 closed: many: implement snap routine console-conf-start for synchronizing auto-refreshes <Needs Samuele review> <UC20> <Created by anonymouse64> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/9418>	12:00
pedronis	mvo: mborzecki: (nested) kernel reseal failed on #9549	12:02
mup	PR #9549: many: update to secboot v1 (part 1) <Run nested> <UC20> <Created by cmatsuoka> <https://github.com/snapcore/snapd/pull/9549>	12:02
mborzecki	pedronis: hm, also have some trouble unsealing data (if logs are to be believed) in recover mode with 9549 merged to my branch, but that may well be my fault	12:03
mborzecki	hm false alarm, worked on the second run, a base update kicked in between	12:13
mborzecki	that kernel-reseal log is a bit hard to follow	12:19
mborzecki	pedronis: hmm `2020-10-27T11:59:39.1587365Z [0;1;39mPlease enter the recovery key for disk /dev/disk/by-partuuid/2709461b-d8cd-2244-85cb-a924abd353a6:`	12:20
zyga	pstolowski, interesting bug in the snapshot code https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1901578	12:39
mup	Bug #1901578: Cannot remove snap package ubuntu 20.10 <package> <snap> <snapd> <snapd:Confirmed> <snapd (Ubuntu):Incomplete> <https://launchpad.net/bugs/1901578>	12:39
zyga	pstolowski, we should probably skip users without a name	12:39
zyga	or warn, but not fail	12:39
pstolowski	zyga: indeed	12:41
pedronis	mborzecki: are we using the wrong initramfs somehow? gadget-reseal worked unless for some reason is not testing what we think it tests	12:41
pstolowski	zyga: i'll assign to myself	12:43
zyga	thanks	12:43
zyga	mborzecki, any advice on type=AVC msg=audit(10/27/20 12:31:35.999:23751) : avc: denied { rmdir } for pid=12800 comm=snap-update-ns name=.X11-unix dev="sda2" ino=17778788 scontext=system_u:system_r:snappy_mount_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=dir permissive=1	13:03
* zyga will be back in a moment, going to fetch tea		13:03
mborzecki	pedronis: trying to make it work locally, so far no luck	13:04
zyga	Error: 2020-10-27 10:04:21 Error executing google:debian-sid-64:tests/main/interfaces-timeserver-control (oct270953-348560) :	13:05
zyga	This system cannot use NTP, test precondition failed	13:05
zyga	cachio, ^ new image? perhaps the test needs to be adjusted	13:05
mborzecki	pedronis: hm i can't reproduce this, i do the same modifications as the test does, resign the kernel.efi and it boots with the new kernel	13:08
zyga	re	13:17
zyga-mbp	brb, main network link at home has failed	13:31
zyga	mborzecki, ping	13:33
zyga	mborzecki, we have fs_manage_tmpfs_dirs(snappy_mount_t)	13:33
zyga	mborzecki, yet we deny rmdir on scontext=system_u:system_r:snappy_mount_t:s0	13:33
zyga	tcontext=system_u:object_r:tmp_t:s0	13:33
zyga	does this make any sense to you?	13:34
mborzecki	zyga: maybe something more is needed for tmp_t	13:34
mborzecki	zyga: try looking for something that allow managing tmp_t	13:36
mborzecki	zyga: why are we even removing this directory?	13:36
mup	PR snapd#9554 opened: tests/nested/core20/gadget,kernel-reseal: add sanity checks to the reseal tests <Run nested> <Simple 😃> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/9554>	13:51
zyga	test	14:01
zyga	ok	14:01
mup	PR snapcraft#3340 opened: include SNAPCRAFT_STAGE in XDG_DATA_DIRS, needed to find Gir files built by other parts <Created by kenvandine> <https://github.com/snapcore/snapcraft/pull/3340>	14:26
mborzecki	cmatsuoka: any ideas what i should look for?	14:37
ijohnson	well that was a first for me	14:38
ijohnson	maybe my headset is dying	14:38
cmatsuoka	mborzecki: hmm, if the problem is not the in the pcr profile I don't know what it could be	14:40
cmatsuoka	mborzecki: and I don't think it's in the pcr profile, but I think we should check the measurements just in case	14:40
cmatsuoka	mborzecki: I'm trying to retrieve the measurement data from the nested image	14:42
mborzecki	cmatsuoka: i got something from the vm i use locally, passed it through this parser: https://github.com/ValdikSS/binary_bios_measurements_parser	14:48
cmatsuoka	mborzecki: that's the one I'm using too, is it booting correctly on that machine after a reseal?	14:49
cmatsuoka	mborzecki: if yes the profiles must be correct	14:49
mborzecki	cmatsuoka: yes	14:50
cmatsuoka	we must get the measurements from the failing system which is the nested vm, perhaps we could try to reproduce the problem on a local nested vm?	14:51
mborzecki	cmatsuoka: go a diff between dumps of state before and after a kernel refresh https://paste.ubuntu.com/p/VjJKcYmrNk/ there are differnces but not quite sure what i should be looking for there	14:52
cmatsuoka	mborzecki: the PR logs show the PCR profile dump before and after the reseal in the gce nested vm, but we need the measurement data on that same machine to be able to compare	14:53
mborzecki	cmatsuoka: the differences show up after the following entry `chainloader (hd0,gpt3)/EFI/ubuntu/try-kernel.efi ...` and then diferent bytes appear, so i guess it's the old and new kernel measureemnt	14:54
cmatsuoka	the profile dump in the logs shows what the system is expecting and the measurements show the actual data	14:55
cmatsuoka	if they match the problem is elsewhere	14:56
mborzecki	cmatsuoka: ok, so the list of final PCRs is the same for both boots here	14:56
cmatsuoka	mborzecki: I have an 1:1 now, quick chat after that?	14:59
mborzecki	sure	15:00
mborzecki	cachio: zyga-mbp: so i have this project: https://github.com/bboozzoo/spread-mini i've pushed a test which clones snapd and then runs govendor sync, and it's not failing 100% of time on our tumbleweed images	15:01
cachio	mborzecki, I tested yesterday and the master fails 8/12 aprox doing govendor sync	15:02
mborzecki	cachio: and then if i keep on cloning and syncing in a loop it works too	15:03
mborzecki	(on a host)	15:03
cachio	you are using gce image right?	15:04
mborzecki	cachio: yes, the one we have	15:04
cachio	yesterday I published a last image with all the latest updated	15:04
cachio	updates	15:04
cachio	perhaps it works a bit better	15:04
* cachio lucnch		15:12
* zyga-mbp lunch soon		15:15
zyga-mbp	not a good weather for walk	15:16
zyga-mbp	jdstrand do you think you could review a +3 security change https://github.com/snapcore/snapd/pull/9542	15:16
mup	PR #9542: interfaces: deny connected x11 plugs access to ICE <Bug> <Needs security review> <⚠ Critical> <Created by zyga> <https://github.com/snapcore/snapd/pull/9542>	15:16
zyga-mbp	er	15:16
zyga-mbp	+9 -0	15:16
zyga-mbp	sorry	15:16
zyga-mbp	technically three denials	15:16
* zyga-mbp goes to plug the laptop		15:17
mborzecki	https://github.com/snapcore/snapd/pull/9554 <-- trivial sanity checks	15:22
mup	PR #9554: tests/nested/core20/gadget,kernel-reseal: add sanity checks to the reseal tests <Run nested> <Simple 😃> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/9554>	15:22
pedronis	mborzecki: I'm looking at the test, afaik it can't pass for simple reasons	15:25
pedronis	mborzecki: it's using the kernel from edge and just tweaking it	15:26
pedronis	is not repacking it with a recent initramfs	15:26
pedronis	unless I'm reading it wrong	15:26
pedronis	cmatsuoka: ^	15:27
mborzecki	pedronis: heh. yes it's not repacking the kernel with new s-b	15:28
* cmatsuoka checks		15:29
pedronis	another reason to add a prompter interface to secboot	15:30
zyga	mborzecki, how did it pass for you earlier?	15:30
pedronis	it would allow us to maybe log things before asking for a recovery key	15:30
pedronis	zyga: it was landed later before the last beta, we haven't really changed relevant bits since	15:31
pedronis	so edge was good until the switch to v1	15:31
pedronis	that the PR does	15:31
mborzecki	zyga: and locally it works because i have a signle repacked kernel tree which i reused	15:31
mup	PR snapd#9554 closed: tests/nested/core20/gadget,kernel-reseal: add sanity checks to the reseal tests <Run nested> <Simple 😃> <Created by bboozzoo> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/9554>	15:31
cmatsuoka	well that explains a lot	15:31
mborzecki	haha	15:31
pedronis	if we could log the issue before getting stuck with the recovery key asking we would have seen an invalid key file error or something like that	15:32
pedronis	anyway	15:33
pedronis	edge has v0-only code, so it can't use v1 keys	15:34
pedronis	mborzecki: cmatsuoka: we need to add some real repacking I suppose	15:35
pedronis	or unpack and repack the installed kernel, not the one from edge	15:36
cmatsuoka	yes, doing it with the installed kernel should be easy	15:38
mborzecki	cmatsuoka: i think it should be around somewhere in /tmp	15:39
cmatsuoka	mborzecki: could you have a look at it? otherwise I'll check after lunch, I need to finish some cooking right now	15:40
mborzecki	cmatsuoka: yes, trying now	15:44
mborzecki	cmatsuoka: hopefull this is the whole diff ps://paste.ubuntu.com/p/SKvdFKKscj/	15:46
mborzecki	cmatsuoka: https://paste.ubuntu.com/p/SKvdFKKscj/	15:46
mup	PR snapd#9550 closed: osutil/disks/mockdisk: panic if same mountpoint shows up again with diff opts <Simple 😃> <Test Robustness> <Created by anonymouse64> <Merged by anonymouse64> <https://github.com/snapcore/snapd/pull/9550>	15:51
ijohnson	zyga: I saw one of the mountns inherit spread tests fail on 18.04 like this:	15:55
ijohnson	-+0:+1 / /sys/fs/cgroup/cpuset rw,nosuid,nodev,noexec,relatime shared:+1 - cgroup cgroup rw,cpuset	15:56
ijohnson	++0:+1 / /sys/fs/cgroup/cpuset rw,nosuid,nodev,noexec,relatime shared:+1 - cgroup cgroup rw,cpuset,clone_children	15:56
ijohnson	and	15:56
ijohnson	-+0:+1 / /sys/fs/cgroup/unified rw,nosuid,nodev,noexec,relatime shared:+1 - cgroup2 cgroup rw,nsdelegate	15:56
ijohnson	++0:+1 / /sys/fs/cgroup/unified rw,nosuid,nodev,noexec,relatime shared:+1 - cgroup2 cgroup rw	15:56
ijohnson	any idea why the cgroup mounts would be different like that?	15:56
zyga	hmm	16:02
zyga	that's lxd for sure	16:02
zyga	perhaps something is not doing lxc cleanup	16:02
zyga	didn't pawel add a lxd test recently?	16:02
mborzecki	eh, damn quoting	16:06
pedronis	zyga: I did a pass on #9546 , special.go defeated me a bit though	16:25
mup	PR #9546: overlord: add inert export manager <Created by zyga> <https://github.com/snapcore/snapd/pull/9546>	16:25
zyga	pedronis, thank you, looking	16:29
zyga	pedronis, was special.go confusing?	16:29
pedronis	maybe it's because it's the end but I find it hard to read	16:31
pedronis	lots of small helpers	16:31
mborzeck1	cmatsuoka: pushed a patch, i think it should work now	16:35
mborzeck1	need to run some errands, i'll check back later	16:35
mup	PR snapd#9555 opened: asserts: implement "storage-safety" in uc20 model assertion <UC20> <Created by mvo5> <https://github.com/snapcore/snapd/pull/9555>	16:37
pedronis	zyga: it was never the intention to decentralize all directory definition, also managers are a prolematic place to define things like that	16:37
mvo	mborzeck1: woah, nice!	16:37
mvo	mborzeck1: you rock	16:37
zyga	pedronis, I see, that's an easy change	16:37
zyga	pedronis, let's sync in the morning about remaining topics	16:38
zyga	pedronis, some are easy	16:38
zyga	pedronis, some I need to understand your point better	16:38
zyga	thank you for going through this, it's the hardest part of this PR	16:38
* zyga manged to tame selinux errors		16:38
zyga	quick recheck on systems other than f32	16:38
zyga	cachio, f33 released today, perhaps we should swap f31 for f33	16:39
pedronis	zyga: I added a couple more questions	16:47
pedronis	zyga: we can chat at 10am tomorrow if that works for you?	16:48
zyga	yeah, that's fine	16:50
zyga	grr, me sees a denial on centos-7 that doesn't show up elsewhere	16:51
cachio	zyga, yes, I'll create the image	16:55
zyga	thanks	16:57
zyga	nothing urgent	16:57
pedronis	pstolowski: I looked again at #9522, we need to chat a bit about it, I'm slightly worried that it improves some things and not others	17:00
mup	PR #9522: o/snapstate: ignore remove errors in clear-snap handler, only log them <⛔ Blocked> <Created by stolowski> <https://github.com/snapcore/snapd/pull/9522>	17:00
pstolowski	pedronis: hmm ok, sure	17:01
pedronis	pstolowski: I explained in the PR	17:01
pedronis	pstolowski: maybe you can also try to add more motivation to the description, it says what it does but not why	17:02
cachio	zyga, f33 has a gcp image now	17:02
cachio	I'll try that one	17:02
zyga	that's nice	17:02
pstolowski	pedronis: sure, will do	17:02
pedronis	thx	17:02
cmatsuoka	mborzeck1: thanks!	17:04
pedronis	pstolowski: I approved #9535, thanks for the last commits there	17:06
mup	PR #9535: o/snapstate: generate snapd snap wrappers again after restart on refresh <Bug> <Needs Samuele review> <Created by stolowski> <https://github.com/snapcore/snapd/pull/9535>	17:06
pstolowski	pedronis: great, thank you	17:07
* zyga stabs his eyes with selinux		17:16
pstolowski	ijohnson: hey, if you could re-review #8395 that would be great (and it's green)	17:16
mup	PR #8395: o/ifacestate: handle interface hooks when preseeding <Preseeding 🍞> <Created by stolowski> <https://github.com/snapcore/snapd/pull/8395>	17:16
ijohnson	pstolowski: yes will add it to my queue, thanks for the reminder	17:17
zyga	I really, really dislike selinux tooling	17:24
zyga	it's both baroque and complex _and_ imprecise	17:24
zyga	applying the policy is more of a whack-a-mole than anything	17:25
zyga	so /tmp and /tmp/X11-unix have different types	17:25
zyga	but only on centos 7 for some reason	17:25
zyga	and I have no idea to connect the dots between the type I see in the FS	17:26
zyga	and the abstraction I'm forced to use to write the policy	17:26
zyga	I really give up on that now	17:26
zyga	I can try tomorrow	17:26
zyga	I've wasted half of my day on this already :/	17:26
zyga	I'll talk to maciek tomorrow	17:28
pstolowski	cachio: i've requested your review on https://github.com/snapcore/snapd/pull/9553	17:49
mup	PR #9553: tests: add spread test for refreshing from an old snapd and core18 <Run nested> <Test Robustness> <Created by stolowski> <https://github.com/snapcore/snapd/pull/9553>	17:49
cachio	pstolowski, sure, I'll take a look today	17:49
pstolowski	cachio: i wasn't sure if it should be migrated to nested tool already	17:49
pstolowski	cachio: i think the tool doesn't have execute command yet?	17:50
cachio	pstolowski, don't use the nested tool	17:53
cachio	I'll migrate that later this week	17:54
pstolowski	cachio: ok, great	17:54
pstolowski	pedronis: added rationale to #9522	18:04
mup	PR #9522: o/snapstate: ignore remove errors in clear-snap handler, only log them <⛔ Blocked> <Created by stolowski> <https://github.com/snapcore/snapd/pull/9522>	18:04
mup	PR snapcraft#3318 closed: plugin handler: set -x for scriptlets <Created by cjp256> <Closed by sergiusens> <https://github.com/snapcore/snapcraft/pull/3318>	18:06
mborzeck1	re	18:16
=== mborzeck1 is now known as mborzecki
mborzecki	cmatsuoka: i see that the nested uc20 tests are green in #9549 yay	18:17
mup	PR #9549: many: update to secboot v1 (part 1) <Run nested> <UC20> <Created by cmatsuoka> <https://github.com/snapcore/snapd/pull/9549>	18:17
cmatsuoka	mborzecki: excellent	18:17
mborzecki	cmatsuoka: 14.04 did not build though, may need looking into	18:17
cmatsuoka	yeah. I'm checking it	18:18
mborzecki	src/github.com/snapcore/snapd/vendor/github.com/snapcore/secboot/keydata.go:43:2: cannot find package "maze.io/x/crypto/afis"	18:18
mborzecki	cmatsuoka: ok, cool, so i'm wrapping it up for today :)	18:18
cmatsuoka	cachio: we have a problem in a 14.04 test apparently caused by libcurl being unable to connect to certain servers, how do you usually fix this kind of problem?	18:52
cmatsuoka	cachio: using curl/libcurl from xenial should be enough to make it work again	18:53
pedronis	cmatsuoka: they are green but also say they took 4s, so something is weird there	18:53
pedronis	the PR has run nested set	18:54
cmatsuoka	pedronis: the low times are probably the result of a test re-run	18:54
cmatsuoka	pedronis: and the trusty test is failing to connect to a certain https server because apparently libcurl is using some older crypto that's no longer supported	18:56
pedronis	that is a bit of a problem though, 14.04 is still required	18:57
cmatsuoka	yes, I don't know if we had this sort of problem before or how cachio usually handles them	18:58
cmatsuoka	using a slightly newer curl/libcurl should solve it but it's not available for trusty	18:58
pedronis	cmatsuoka: that repo is a bit in an usual location	19:02
pedronis	maybe we have to mirror it anyway	19:02
cmatsuoka	yes, maze.io. We could perhaps clone it to github?	19:02
pedronis	that would be fine I suppose	19:03
pedronis	the license is MIT	19:03
cachio	cmatsuoka, hey	19:08
cachio	I'll checkthat	19:08
cmatsuoka	cachio: thanks. I don't know if we ran into this sort of thing before but I thought perhaps you already have a solution	19:08
cachio	cmatsuoka, I think it is the first time with this	19:14
cachio	cmatsuoka, it is happeninnig 100% of the time ?	19:15
cachio	or it is just something that happens sometimes	19:15
cachio	?	19:15
cmatsuoka	cachio: it's deterministic	19:16
cachio	cmatsuoka, on which pr?	19:16
cmatsuoka	cachio: it seems that the version of libcurl used in trusty lacks some new crypto used by maze.io	19:16
cmatsuoka	cachio: it's PR #9549	19:17
mup	PR #9549: many: update to secboot v1 (part 1) <Run nested> <UC20> <Created by cmatsuoka> <https://github.com/snapcore/snapd/pull/9549>	19:17
cachio	cmatsuoka, checking	19:23
pedronis	cmatsuoka: I made a mirror here (at least temporarely)	19:28
pedronis	https://github.com/pedronis/maze.io-x-crypto/tree/master/afis	19:28
cmatsuoka	pedronis: can you also change the secboot vendor.json to use the mirror?	19:29
cmatsuoka	erm	19:29
cmatsuoka	no, not needed, we change ours	19:29
cmatsuoka	ok	19:29
pedronis	excactly	19:29
cmatsuoka	I always tend to think about vendor as a hierarchy but it's flat	19:30
pedronis	cmatsuoka: this seems to work: govendor fetch maze.io/x/crypto/afis::github.com/pedronis/maze.io-x-crypto/afis	19:30
pedronis	to get the right bits into vendor.json	19:30
cmatsuoka	ok, doing that	19:30
cmatsuoka	thanks samuele	19:30
pedronis	cmatsuoka: thank you	19:38
mup	PR snapd#9549 closed: many: update to secboot v1 (part 1) <Run nested> <UC20> <Created by cmatsuoka> <Merged by cmatsuoka> <https://github.com/snapcore/snapd/pull/9549>	20:53
mup	PR snapd#9556 opened: tests: testing new fedora 33 image <Created by sergiocazzolato> <https://github.com/snapcore/snapd/pull/9556>	21:13
mup	PR snapcraft#3341 opened: repo: move apt ppa helpers into apt_ppa module <Created by cjp256> <https://github.com/snapcore/snapcraft/pull/3341>	23:22
mup	PR snapd#9557 opened: tests/snap-advise-command: re-enable test <Simple 😃> <Test Robustness> <Created by anonymouse64> <https://github.com/snapcore/snapd/pull/9557>	23:24

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!