[00:17] can someone tell me where I can find the sources for the "pi-kernel" snap? core18 and pi-gadget are on github, but cannot find pi-kernel there [00:22] dariball: I'm not an expert here but https://code.launchpad.net/~canonical-kernel-snaps/+git/kernel-snaps-uc20/+ref/pi seems to be set up to build that snap [00:23] And I guess the "master" branch there is the actual kernel code that gets built; the "pi" branch seems to just be the snapcraft.yaml [00:24] oh, or maybe just some Makefiles ... I'm out of my depth at this point [00:27] I have no idea how releases for the "legacy" branch of snapcraft are managed (appears to be manually backported to xenial and bionic uploads?) but it'd probably be good to get https://github.com/snapcore/snapcraft/pull/3429 into a release soonish ("plugin: python" is unusable on "base: core" without it /o\) [00:27] PR snapcraft#3429: plugins: Pin pip to supported versions [00:29] (I manually applied that patch locally to fix my own dev environment, but I imagine my GitHub Actions are probably gonna fail too) [00:32] cjwatson: mmmh more than I found, but can't really find the kernel sources there, just makefile using apt & snapcraft.yamls ... but at least a point to start, thanks [02:20] cjwatson, dariball: I'm no expert in the kernel snaps, but my understanding is that is repackaging the linux-raspi (https://launchpad.net/ubuntu/+source/linux-raspi2) archive package; the source tree would be https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux-raspi/+git/focal?h=master though it seems master is behind what's in the archive (though the appropriate tag is on master-next) [06:50] morning [07:24] mvo: hey [07:35] good morning mborzecki [07:59] mvo: snapd apaprently ftbfs on rawhide, looking into it [08:00] pstolowski: hey [08:00] morning [08:31] hm so go modules are for real this time when 1.16 gets released [08:32] rawhide already has 1.16beta what broke building snapd [08:43] mborzecki: let's chat in the standup I suppose [08:43] pedronis: for now i'm using GO111MODULE=off which allows the build to complete successfuly, i'm not aware of plans to remove the switch (yet) [08:48] PR snapd#9682 closed: data: fix case when $PATH has spaces in snapd.sh.in [08:50] pedronis: hi, i've rebased #9853 [08:50] PR #9853: api: validate snaps against validation set assert from the store

[08:51] pstolowski: thx, I saw that, I put it in my queue [08:51] ty [08:58] PR snapd#9888 opened: data/env/snapd: use quoting in case PATH contains spaces [09:07] any clue who creates /run/netns? is it lxd? [09:08] PR snapd#9830 closed: Clarify error message <⛔ Blocked> [09:15] heh: [43451.411268] audit: type=1400 audit(1612257161.339:593): apparmor="DENIED" operation="open" profile="/usr/lib/snapd/snap-confine" name="/proc/457397/attr/apparmor/current" pid=457397 comm="snap-confine" requested_mask="r" denied_mask="r" fsuid=0 ouid=0 [09:16] but the profile has: `@{PROC}/[0-9]*/attr/{,apparmor/}current r,` [10:03] PR snapd#9766 closed: interfaces/fwupd: allow any distros to access fw files via fwupd [10:03] pedronis: does revision 0 in asserts have any meaning anywhere? i'm wondering wrt RevisionNotKnown = -1, and if for sequences we should have an equivalent SequenceNotKnown = -1, or simply > 0 and anything <=0 is unset [10:09] pstolowski: revision 0 is a valid revision for assertions, it's the default value [10:10] pstolowski: sequences start at 1 though [10:10] pedronis: i see, great, thanks [10:10] mvo: can you take a look at https://github.com/snapcore/snapd/pull/9878 ? should be quite trivial [10:10] PR #9878: tests/core/uc20-recovery: move recover mode helpers to generic testslib script [10:11] pstolowski: it's a bit confusing because snap revision start at 1 as well, otoh the reason for this default is that some assertions should never get a 2nd revision, so having revision: 1 in them would be a bit misleading [10:12] got it === benfrancis0 is now known as benfrancis [10:36] mvo: I reviewed the dtbs PRs [10:41] pedronis: \o/ [10:42] mborzecki: sure, looking (was in meetings, sorry) [10:45] mvo: also, i think we can land https://github.com/snapcore/snapd/pull/9883 the failures are unrelated [10:45] PR #9883: cmd/snap-preseed: initialize snap.SanitizePlugsSlots for gadget in seeds

[10:45] (needs your superpowers tho) [10:46] mborzecki: failures are unrelated? or shall I check? [10:46] mvo: unrelated, tests/unit/go failed on gpg, snap-mgmt on fedora failed in restore :/ [10:47] same for sid [10:48] PR snapd#9878 closed: tests/core/uc20-recovery: move recover mode helpers to generic testslib script [10:51] mborzecki: thanks, merged and cherry-picked [10:52] and our snap-mgmt --purge is spotty, not sure how to fix that nicely, if user services are running, we'll miss them when cleaning up [10:52] (that's what happened in the failed snap-mgmt spread test) [10:53] hmm, wasnt UC20 supposed to hold back the starting of snaps until console-conf is done ? [10:53] PR snapd#9883 closed: cmd/snap-preseed: initialize snap.SanitizePlugsSlots for gadget in seeds

[10:54] trying to build an RPi kodi appliance image i always end up with the kodi UI without a chance to set up network and user [10:55] (note that kodi runs natively on the GPU, no Mir or anything) [11:44] ogra: we don't have any feature that blocks services based on console-conf. we do have a feature nowadays to have services that arer not started/enabled by snapd by default, in which case you can use a different service and snapctl to control when they start [11:46] pedronis, i just found that my snap can see /var/lib/snapd/hostfs/var/lib/console-conf/complete without creating denials, so i'll simply check if i'm on core and let the service sleep until the file appears from a wrapper [11:47] but i thougth holding back snap startup after console-conf was theer in UC18 ... that's why i was surprised to have it just start [11:48] (though i admittedly only played with Mir in UC1😎 [11:48] tsk [11:48] I'm not aware of such a feature [11:48] *UC18 [11:48] k, then perhaps something was slow back in my testing 🙂 [11:49] (and i was just lucky or so) [11:49] I'm surprised that you don't get a denial for that file though [11:50] if [ -e "/var/lib/snapd/hostfs/var/lib/console-conf/completes" ]; then echo "console-conf done !"; fi [11:50] from within "snap run --shell ..." ... journal stays quiet [11:51] i can *not* ls the dir without denial ... seems only thet specific filenale is allowed [11:51] *that [11:51] *filemane [11:51] *GOD ! [11:52] * ogra stamps foot about his typing [12:05] PR snapcraft#3430 closed: More improvements for using python3.8 from within a snap [12:39] bah .. except that on my appliance image console-confi doesnt create the "complete" file anymore ! [13:06] pstolowski: I did a pass on #9853 [13:06] PR #9853: api: validate snaps against validation set assert from the store

[13:06] pedronis: ty [13:09] PR snapd#9887 closed: seed: add LoadEssentialMeta to seed16 and allow all of its implementations to be called multiple times [13:09] pstolowski: mborzecki: thansk for the reviews [13:09] yw [13:56] mborzecki: that might suggest the profile is using an old cache file or wasn't applied (eg, another one was being used) at the time of access [13:58] jdstrand: hm maybe it's something about cache, the problem went away after i restarted the apparmor.service [13:59] PR snapd#9545 closed: devicestate: keep log from install-mode on installed system [14:00] jdstrand: anyways, i'll try find out under what conditions this happens, also maybe it's something about the setup on my dev box, i haven't seen reports from users with a similar problem [14:52] mborzecki: re users> that's good to hear [14:54] mvo: I landed #9885 but forgot to squash-merge sorry /o\ do you want me to open a backport pr? [14:54] PR #9885: snap/info.go: ignore unknown daemons in SortSnapServices

<⚠ Critical> [14:54] PR snapd#9885 closed: snap/info.go: ignore unknown daemons in SortSnapServices

<⚠ Critical> [14:55] mvo: for what it's worth, I just tested cherry-picking the 3 commits from that pr to release/2.49 and they all cleanly applied there [14:57] ijohnson: no problem [14:57] my first UC20 appliance attempt ... : https://people.canonical.com/~ogra/UC20/pi-mediacenter-appliance/ [14:57] ijohnson: feel free to cherry-pick/push yourself to the branch but I can do it as well [14:58] (still need an interface that allows /dev/input without Mir/X11 so i can switch kodi to strict mode) [14:59] mvo: I don't have permissions to push to the release branches, so maybe you could cherry-pick for me [15:00] ijohnson: sure, will do [15:05] ijohnson: all four commits from https://github.com/snapcore/snapd/pull/9885/commits - right? [15:05] PR #9885: snap/info.go: ignore unknown daemons in SortSnapServices

<⚠ Critical> [15:06] mvo: only 3 of them are necessary, e563dd413875a556a9eff6e0276f6ab57a672c16, 88d1e8aa5a00e7071bfc0449ab40b799c0d07da6 and f41ed8094010e74c691f4368aec7d547d286fbff, but the last one is just a typo fix [15:06] so up to you if you wanna cherry-pick the typo fix on 2.49 [15:06] I'd say yes simply because it reduces likelihood of conflicts [15:06] +2 [15:06] or +4 even ;) [15:06] anyway, done [15:08] mvo did I hear that core 20 is out? [15:08] zyga: I did! [15:09] hey guys, I worked from the kitchen all day, so I was not on IRC [15:09] (worked from windows laptop) [15:09] congratulations! [15:09] is there any publicity going on as well? [15:11] zyga: yes, https://ubuntu.com/blog/ubuntu-core-20-secures-linux-for-iot [15:14] really nice work! [15:18] zyga: thank you! but congrats to you as well, you helped make this happen :) [15:18] I'm sorry I didn't endure to stay till the end [15:19] I'm looking into some zmk patches for bitbake compatibility, too bad Debian freeze is in effect, I cannot even upload things nwo [15:19] *now === seb128_ is now known as seb128 [16:51] actually there were tests for what I mentioned in the SU but the suite was never hooked up :/ [17:18] mvo, is there a bug open about the fact that pi-config options do not seem to work at all anymore in UC20 (pre-seeding disable-overscan sets the config but does not change config.txt) [17:44] ogra: there is a bug, ijohnson has been looking into it [17:45] perfect, then i dont need to file one 😉 [17:50] dariball: [I think you dropped when I wrote this yesterday] I'm no expert in the kernel snaps, but my understanding is that is repackaging the linux-raspi (https://launchpad.net/ubuntu/+source/linux-raspi2) archive package; the source tree would be https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux-raspi/+git/focal?h=master though it seems master is behind what's in the archive (though the appropriate tag is on master-next) [17:50] bah, actually https://launchpad.net/ubuntu/+source/linux-raspi (not raspi2) [18:02] ogra: pedronis the bug is https://bugs.launchpad.net/snapd/+bug/1909353 [18:02] Bug #1909353: pi-config not working in UC 20 [18:02] I was hoping to get a little bit more free time and propose what I think is a more useful fix to get the pi gadget fixed instead of hacking in snapd, but alas I have not gotten my fix to work on 32-bit armhf yet, mainly due to no time to test it out yet === ijohnson is now known as ijohnson|lunch [18:04] thx ! [18:05] * ogra hits "me too" [21:46] PR snapd#9889 opened: cmd/snap-bootstrap/initramfs-mounts: write realistic modeenv for recover+install === ijohnson|lunch is now known as ijohnson [21:46] whoops forget to leave lunch mode :-) [22:36] PR snapd#9890 opened: misc: little tweaks