[06:45] morning === mborzeck1 is now known as mborzeck === mborzeck is now known as mborzecki [07:27] mvo: hey [07:27] good morning mborzecki [07:28] mvo: more friction with greengrass: https://forum.snapcraft.io/t/aws-iot-greengrass-1-8-x-doesnt-start-on-ubuntu-core-16/22066 not sure what to make of it yet [07:30] mborzecki: looking, thanks [07:32] mvo: trying to install in in a core18 vm, wierd the denial suggests it's snap-confine, but we obviously allow /sys/fs/cgroup/devices manipulation from s-c [07:34] mborzecki: yeah, that is strange [08:03] morning [08:05] PR snapd#9816 closed: interfaces, wrappers: misc comment fixes, etc [08:06] good morning pstolowski [08:07] pstolowski: hey [08:31] good morning [08:41] good morning zyga [09:26] zyga: remmeber that problem with my display not waking up on 5.10.4? someone bisected and found the patch that broke it: https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/commit/?id=2f168cf391c8f615a95ab7d5264db880b225ab22 [09:26] it's supposedly fixed in 5.10.5 but damn those lts kernels are buggy on release day [09:27] oh well, nice find on the bisect at least [09:28] interesting that those are in the same group though [09:28] drm and watchdog [10:09] mvo: does it make sense? https://github.com/snapcore/snapd/pull/9545#discussion_r553854172 [10:09] PR #9545: devicestate: keep log from install-mode on installed system [10:11] mborzecki: looking [10:11] mborzecki: oh, sweet, I think it totally would [10:11] mvo: zcat, zgrep are in core*, so browsing will be easy too [10:11] mborzecki: \o/ you rock [10:19] wow #8699 is now 1.2k lines [10:19] PR #8699: interfaces/desktop-launch: support confined snaps launching other snaps [10:50] mvo: btw `warning: bogus date in %changelog: Thu Dec 15 2020 Michael Vogt ` [10:50] looks like it was Tue ;) === pedronis_ is now known as pedronis [11:04] funny, we were shipping system-shutdown on fedora for no reason [11:10] mborzecki: uh, sorry for that [12:22] hmm, is there a trick to switch a snap to jailmode without reinstalling it (i'd love to not lose my data) ? switching channels seemingly doesnt have any effect [12:23] (i tried with snap refresh as well as snap switch, going back and forth between beta and edge) [12:29] ogra: don't know the answer, but remember you have snapshots ;) [12:30] ogra: we don't have this, it's something I personally would love to have. probably not a lot of work but ENOTIME :/ [12:31] well, i'll just switch the snap in edge to strict and try it that way ... [12:31] else i'll resort to a snapshot ... thanks pawel ! [12:39] heh .. i love how the download counter of snapd says "ages!" for the ETA time it shows for the first few seconds when it gets 0MB/s [12:40] ogra@ubuntu:~$ snap info kodi-pi-standalone|grep ^installed [12:40] installed: 18.9.0 (1😎 307MB jailmode [12:41] yay, that worked ... (and it still starts and plays the TV program, hooray) [12:44] hmm, no new denials, but mouse input is gone now ... very weird [12:48] ... and indeedd there is no desktop plug on UC20 ... [12:49] * ogra tries adding uhid in the hope it helps [12:51] PR snapd#9817 opened: cmd/snapd-generator: don't create mount overrides for snap-try snaps [13:57] ogra: there's no desktop plug on uc20? [13:59] ijohnson, IIRC not on core [13:59] classic only [14:03] ijohnson, there is the plug ... but nothing behind it (and snapd refuses to connect) [14:03] i'm on UC20 using https://snapcraft.io/kodi-pi-standalone [14:04] ogra, https://github.com/snapcore/snapd/blob/master/interfaces/builtin/desktop.go#L371 [14:04] for the first time in strict mode now that the MMAL patch landed in snapd ... and it all works fine excpet for input devices [14:04] yeah [14:05] but we must have a way to access kbd/mouse without desktop ... just havent found the right interface combo yet [14:06] uhid isnt enough ... [14:06] trying uinput ... if thats not enough i'll try raw-usb too [14:14] heh ... i see ... at last resort i could probably use device-buttons [14:14] argh ! [14:15] Will need manual review... [14:15] The Store automatic review failed. [14:15] ... [14:15] so much about uniput [14:15] * ogra tries raw-usb instead [14:18] grrr ... why do i still have to go to the old dashboard UI to reject releases that failed auto-review [14:18] pstolowski: https://github.com/snapcore/snapd/pull/9792 <-- the PR from cachio, there were some failures in preseeding iirc [14:18] PR #9792: tests: enable ubuntu 21.04 for spread tests [14:18] pstolowski: do we need some adjustments there? [14:21] mborzecki: most likely. Failed to find executable : No such file or directory. no idea what is it about, needs investigation [14:28] yay ... raw-usb helps for the mouse [14:29] ... and for the kbd too 👋/ [14:29] bah ... emoji plugin fail again [14:33] mborzecki, cachio i'll investigate these failures [14:33] pstolowski: thanks! [14:35] uh, https://github.com/github/hub -> "Ubuntu Snap We do not recommend installing the snap anymore." [14:48] hrm ... mouse gone again after reboot [14:56] hmm, so there seems to be some kind of race ... i can get it to recognize the mouse/kbd sometimes, but not all the time [15:07] PR snapd#9818 opened: cmd/libsnap-confine-private: make unit tests execute happily in a container [15:10] pstolowski, , sorry, having connection issues [15:10] which executable is not found? [15:12] PR snapd#9819 opened: snap-confine: make host /etc/ssl available for snaps on classic [15:13] *sniff* ... this is depressing 😞 [15:25] waveform80: re https://bugs.launchpad.net/snap-core18/+bug/1910094 → Can confirm that your patched u-boot-rpi PPA bins resolve the core18 refresh issue on installations that run my pi-gadget based custom gadget. Thank you for the quick investigation! (cc ogra, mvo) [15:25] Bug #1910094: uboot fails to save env after core18 refresh [15:25] yay ! [15:27] pstolowski: added some comments https://github.com/snapcore/snapd/pull/9817#pullrequestreview-564339175 [15:27] PR #9817: cmd/snapd-generator: don't create mount overrides for snap-try snaps [15:29] mvo, https://github.com/snapcore/snapd/pull/9819#pullrequestreview-564346960 [15:29] PR #9819: snap-confine: make host /etc/ssl available for snaps on classic [15:34] pstolowski, https://github.com/snapcore/snapd/pull/9817#pullrequestreview-564352126 [15:34] PR #9817: cmd/snapd-generator: don't create mount overrides for snap-try snaps [15:34] * zyga waves and goes back to yocto [15:34] (yuck-to) [15:36] zyga ty! [15:40] zyga: amazing, i didn't know of that helper, awesome [15:44] pstolowski, there was more but we never goto to it [15:44] *got to it [15:45] endless reviews and design discussions [15:45] but that part landed [16:00] cachio: i'm getting "Cannot allocate google:ubuntu-21.04-64: cannot allocate new Google server google:ubuntu-21.04-64 (jan081556-593916): cannot find ready marker in console output for google:ubuntu-21.04-64" [16:00] cachio: no idea what executable that is, need to debug [16:01] pstolowski, about the image which cannot be allocated I can't do much because is not ours [16:01] pstolowski, I'll try to start it ans see the serial log and send that info to the cloud team [16:02] cachio: but this is from spread -debug google:ubuntu-21.04-64:tests/main/preseed [16:03] pstolowski, cachio: that error message basically says: the boot output is not recognized [16:03] boot it manually and see [16:03] not via spread [16:03] via the gce api [16:04] pstolowski, let me try it [16:20] * zyga EOWs [16:20] enjoy your weekend everyone [16:20] cachio, I'll catch you next week [16:23] zyga, sure, thanks, nice weekend [16:26] pstolowski, https://paste.ubuntu.com/p/Yb4ygdKrVQ/ [16:26] this is what I see in the serial [16:26] something chagne in the image and fails to start [16:27] cachio: i see [16:27] the problem is that is not managed by us [16:28] pstolowski, this is the image affected daily-ubuntu-2104-hirsute-v20210108 [16:29] I am trying with the previous image [16:32] pstolowski, so, if you want to run the test [16:32] you can use -> image: ubuntu-os-cloud-devel/daily-ubuntu-2104-hirsute-v20210107 [16:32] that works well [16:32] the current image is broken [16:33] cachio: ok, thanks [16:48] PR snapcraft#3405 opened: [feature] ROS plugins v2 out of source tree builds [16:58] PR snapcraft#3402 closed: cli: add missing quote key creation hint [16:58] PR snapcraft#3403 closed: storeapi: remove unused MissingSnapdError [17:02] zyga: doh, sc_infofile_get_key doesn't like [...] ini groups [17:02] pstolowski, oh [17:02] pstolowski, bummer, hmm [17:02] I have two proposals [17:02] well, maybe one [17:02] add sc_infofile_get_ini_key [17:02] which finds the [section] first [17:02] and then does the rest [17:02] how does that sound [17:03] I want to stress this over the special-cased logic in one spot [17:03] it should be easy to implement [17:03] just check if [ section starts [17:03] match on the section name or iterate until the next section [17:05] pstolowski, wdyt? [17:05] zyga: yes that sounds like a good idea [17:05] I can help, look at the original for inspiration [17:05] or if tomorrow is raining I can code it with you :) [17:05] * zyga looks at phone [17:06] looks like winter is here :) [17:06] maybe rain won't happen [17:06] anyway, if wether sucks and we're at home [17:08] zyga: thanks for the suggestions; i'll get back to it on monday (don't worry about it and relax over the weekend ;))! [17:08] cheers, let's chat next week then [17:17] o/ [17:23] PR snapcraft#3406 opened: pluginhandler: do not walk symlinks for include filesets [17:26] zyga: thank you so much for your snap-cofnine review! [17:27] mvo, pleasure :) [17:27] mvo, I have some things I may be able to contribute [17:27] mvo, I did some work on using static analysis tools [17:28] mvo, and those would be useful for snap-confine [17:28] zyga: sweet [17:29] mvo, have a look at https://git.ostc-eu.org/ohos/third_party_bounds_checking_function/-/blob/feature/zmk/Makefile#L66 for an example [17:29] this integrates five different tools [17:29] make check or make static-check runs them [17:29] I'll iterate on this some more so that they are properly integrated in zmk but I suspect they may find something in our code already [18:09] zyga: good stuff but too tired to grasp it tonight :) === ijohnson is now known as ijohnson|lunch [19:09] Bug #1910790 opened: `man htop` return nothing for htop installed as snap

[19:12] Bug #1910790 changed: `man htop` return nothing for htop installed as snap

[19:15] Bug #1910790 opened: `man htop` return nothing for htop installed as snap

[19:23] PR snapcraft#3407 opened: WIP: Add new gnome-3-38 extension which uses gnome-3-38-2004 and core20 [20:08] PR snapcraft#3406 closed: pluginhandler: do not walk symlinks for include filesets === ijohnson|lunch is now known as ijohnson [21:52] Bug #1910790 changed: `man htop` return nothing for htop installed as snap

[22:51] sigh ... why dont we have any interface that allows me access to kbd/mouse without requiring me to use x11, wayland or mir ... [22:52] thats really a blocker for my kdi-pi snap [22:52] *kodi [22:52] well the x11 interface is "transitional" in the sense that perhaps we need new interfaces for subsets of access to those things [22:52] seems reasonable to have an interface for just asking kbd/mouse [22:53] ogra: if you know the denials you are hitting, you could open a new forum topic about it and we can discuss the name of a new interface which enables this [22:58] ijohnson, heh, the fun is that i dont get any denials at all ... it just blocks ... kodi notices that and doesnt bother further [22:58] ogra: is that in devmode or strict ? [22:58] strict [22:58] so you probably are hitting the device cgroup [22:59] yeah, something like that ... it doesnt get through to appamor or any other bit that would log anywhere [23:00] i'm currebtly paying with looping back wayland ... but that will require security team approval i guess ... given kodi runs as daemon [23:00] ogra: try doing `sudo echo 'a *:* rwm > /sys/fs/cgroup/devices/snap../devices.allow` [23:00] iirc that will allow all devices in your device cgroup [23:01] then you should at least see apparmor denials === King_InuYasha is now known as Conan_Kudo === Conan_Kudo is now known as King_InuYasha [23:32] hmm, what is really interesting that using a slot of either of the above interfaces is sufficient, i dont actually need a loopback connection to the interface at all [23:32] just a "slot: [ wayland ]" (or mitr or x11) is enough [23:32] *mir [23:43] ijohnson, not printing anything extra ... [23:43] all i get is: [23:43] 2021-01-09 00:39:47.711 T:4064208912 ERROR: open_restricted - failed to open /dev/input/event1 (Operation not permitted) [23:43] in the kodi app log [23:43] but nothing corresponding in dmesg or the journal [23:44] ogra what is `cat /sys/fs/cgroup/devices/snap./devices.list` ? [23:45] ijohnson, https://paste.ubuntu.com/p/VJz3QDpyrv/ [23:48] hmm the command I gave you before didn't work [23:48] ah i bet snap-confine undid the change [23:49] ah, and it would indeed do that if i echoed again and restarted the daemon [23:51] yeah, I need to go get dinner, but I'll share with you on monday a way to make it work [23:52] well, if you feel likel taking a look yourself : [23:52] snapcraft.i👋kodi-pi-standalone/ [23:52] damn [23:52] snapcraft.io /kodi-pi-standalone/ [23:52] the one in edge is the strict one [23:53] needs UC20 [23:53] (on a Pi3 or 4) [23:53] oh, an needs snapd from edge [23:53] *and [23:53] anyway, enjoy your weekend