/srv/irclogs.ubuntu.com/2021/02/16/#snappy.txt

mborzeckimorning07:09
zygagood morning08:02
mborzeckimvo: zyga: hey08:06
zyga:-)08:06
mborzeckizyga: is https://github.com/snapcore/snapd/pull/9936 related to the debian bug?08:06
mupPR #9936: interfaces: remove apparmor downgrade feature <Needs security review> <Created by zyga> <https://github.com/snapcore/snapd/pull/9936>08:06
zygayes08:06
mborzeckizyga: this one right? https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=92350008:06
zygayes08:07
mborzeckii've left a note in the PR, tbh maybe we should start off by displaying a warning that confinement is partial/incomplete due to build config/runtime support08:08
pstolowskimorning08:10
mborzeckipstolowski: hey08:10
zygamborzecki I don't think that will help TBH08:11
zygait will break tests on random output08:11
mborzeckitests can be fixed (we did that already once for cgroup v2, although i expect there would be more this time)08:12
zygayeah but what's the value?08:12
zygado you want to let eveyone know confinement is partial?08:12
zygawhat is the next step?08:12
zygaconfinement was _gone_ before and we said nothing08:13
zygaconfinement is really partial with that patch, and now we want to say "actually, you may want to be careful"08:13
mborzeckipstolowski: can you take a look https://github.com/snapcore/snapd/pull/9933 ?08:15
mupPR #9933: packaging/opensuse: sync with openSUSE packaging <Simple 😃> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/9933>08:16
mborzeckizyga: it's still going to be partial with the full template, rules like unix(..) and dbus will not be enforced afaict, or if those are made `deny unix ..` they could be enforced in an incompatible way08:18
zygayes, I'm fully aware of that08:19
zygaI think it's not my decision08:19
zygaI could only make the patch08:19
mborzeckizyga: sure, thanks for making the effort and opening a PR :)08:20
zygatumbleweed dies on govendor sync?08:20
mborzeckizyga: haha, yes still, i should file this bug report for the kernel08:22
mborzecki(eventually)08:22
mborzeckizyga: works on my laptop though ;)08:23
=== ogra_ is now known as Guest26551
pedronispstolowski: I did a first pass over pool.go in #9930, some bits seems to be missing though, so I didn't go deep on some pieces08:53
mupPR #9930: asserts: pool changes and RefreshValidationSetAssertions method for validation-sets <Needs Samuele review> <validation-sets :white_check_mark:> <Created by stolowski> <https://github.com/snapcore/snapd/pull/9930>08:53
pedronispstolowski: bunch of questions there08:53
pstolowskipedronis: ok, thanks08:54
zygagood morning pedronis09:03
jameshcjwatson: fyi, I followed up on that bug report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923500#2209:28
mupPR #22: add travis status to README.md <Created by mvo5> <Merged by niemeyer> <https://github.com/snapcore/snapd/pull/22>09:28
cjwatsonThanks!09:28
mupPR snapd#9933 closed: packaging/opensuse: sync with openSUSE packaging <Simple 😃> <Created by bboozzoo> <Merged by bboozzoo> <https://github.com/snapcore/snapd/pull/9933>09:56
mupPR snapd#9937 closed: tests/lib/prepare.sh: split reflash.sh into two parts <Simple 😃> <Test Robustness> <Created by anonymouse64> <Merged by bboozzoo> <https://github.com/snapcore/snapd/pull/9937>10:06
mupBug #1915807 opened: No splash screen in uc 20 for RPI <Snappy:New> <https://launchpad.net/bugs/1915807>10:58
ograogra@ubuntu:~$ snap install unifi --edge12:04
ograerror: cannot perform the following tasks:12:04
ogra- Start snap "unifi" (7) services ([start snap.unifi.unifi.service] failed with exit status 1: Job for snap.unifi.unifi.service failed because the control process exited with error code.12:04
ograSee "systemctl status snap.unifi.unifi.service" and "journalctl -xe" for details.12:04
ogra)12:04
ogra... not helpful ...12:04
zygaogra is that the controller?12:04
ogra(the hook failed, so it didnt install at all ... pointing me to systemctl status will only return "not found" )12:05
ograzyga, well, yeah, someones first attempt at least 😉 and arm64 only12:05
ograhttps://github.com/hairychris/unifi-snap12:05
ograi'm more wondering about the error message ...12:06
mborzeckimvo: can you cherry pick https://github.com/snapcore/snapd/pull/9935 ?12:37
mupPR #9935: data/selinux: allow system dbus to watch /var/lib/snapd/dbus-1 <Simple 😃> <Created by bboozzoo> <Merged by bboozzoo> <https://github.com/snapcore/snapd/pull/9935>12:37
mvomborzecki: sure, in a meeting12:38
mupPR snapd#9935 closed: data/selinux: allow system dbus to watch /var/lib/snapd/dbus-1 <Simple 😃> <Created by bboozzoo> <Merged by bboozzoo> <https://github.com/snapcore/snapd/pull/9935>12:42
pedronispstolowski: I tried to answer your wondering about account-keys in tests, but maybe I *am* missing something12:54
pstolowskipedronis: thanks. do you mean we always try to udpdate account & account-key by design?13:01
pedronispstolowski: yes, we always ask the store if there are new revisions of any of the prereqs13:01
pedronispstolowski: that's logic in pool13:01
pstolowskipedronis: ah, ok that explains it then13:01
pstolowskii thought some of them never change13:02
pedronispstolowski: no, there are scenarios for all of them to possibly change, rare but possible13:09
pstolowskipedronis: ack, thanks, that solves my confusion13:10
gbissonHi, any why I get "Failed to load plugin: properties failed to load for kernel: Additional properties are not allowed ('kernel-initrd-core-base' was unexpected)" when using a similar snapcraft.yaml as rockpi?13:43
gbissonUnder the same circumstances too (using lxc as ogra suggests in his README) https://github.com/ogra1/rockpi-n10-kernel13:44
gbissonHere is my snapcraft.yaml: https://github.com/boundarydevices/ubuntu-core/blob/20-armhf/kernel/snapcraft.yaml13:44
ogragbisson, note the plugin subdir in that tree13:44
ograi'm using ondra's UC20 kernel plugin in that tree13:45
gbissonogra: oh I see13:45
gbissonogra: should I just copy that plugin folder then13:45
ograwhich has some UC20 specific adjustments13:45
ograyeah13:45
ograor use a git submodule13:45
gbissonogra: it's still unclear to me how to get the uc20-ready initrd properly generated13:46
ograhttps://github.com/kubiko/snapcraft-kernel-plugin13:47
gbissonogra: thanks!13:47
ograyou dont generate it ... it comes from some pre-built thing that xnox generates regulary ... the kernel plugin *can* re-pack that to add extra firmware or modules though13:47
ograthat then based on the initrd-firmware and nitrd-modules options in snapcraft.yaml (not sure about the correct names of these options from the top of my head)13:48
ogras/based/bases/13:51
gbissonok, can you also explain the --destructive-mode, I couldn't find what this means13:54
gbissonnvm found it, just not in the snapcraft --help13:55
ograit means it will destructively change the host setup if needed13:55
ograwhcih is why you should use it only in a clean lxd container13:56
ogranever on the host itself ...13:56
gbissonbut is it really necessary?13:56
gbissonI mean, when it's not there it seems to kick multipass which creates the VM for you no?13:57
ograyes, else snapcraft will forcefulyl try to buiuld in a multipass VM13:57
ogra(it will surely work, but it is painful to use VMs during development)13:58
ogra--destructive-mode means you can immediately build in your tree and see results without spinning up VMs13:58
gbissonok, fair enough, hopefully that was my last missing piece to release a uc20 for all our platforms13:59
gbisson(after the 20 track is created)13:59
gbissonlast thing, can you confirm you only override the toolchain because the rockpi kernel is obsolete (and most likely don't build with gcc9 or 10)14:00
ograyes14:00
ograyou should be able to simply use the cross gcc for newer kernels and non hacked up BSPs 🙂14:01
ogranote you rae rather on your own with the gadget for now, that rockpi N10 thing is a spare time project and my spare time is rare til end of the month14:01
gbissonperfect, that's what I do, just wanted to make sure there wasn't another reason ;)14:02
ogranope thats the only reason ... and it is an awful hack  too ... 🙂14:02
gbissonoh i know, I've been on my own on that core20 upgrade, and I have to say it has been much more painful than core16 & core18 ever were14:02
ograyes, everything changed14:03
gbissonbut thanks for all your answers, you definitely helped a lot14:03
ogra(trying to find my way around as well atm)14:03
gbissonsorry I keep on asking questions: has anyone ever got Mir working on any i.MX platform? (Vivante GPU)14:05
ogragbisson, try #mir-server for that14:31
gbissonogra: yes but I don't know where to feed the Vivante libraries, because it won't work without them14:43
ograthe guys in #mir-server should know 😉14:43
gbissonoh you meant the irc channel ha! I thought you meant the mir-server snap ;-)14:45
ogra🙂14:45
ograi would expect it to ship the evnativ driver by default though14:46
ogra(and to kind of work with that)14:47
gbissonyeah unfortunately that won't be the case, etnaviv mesa libraries only work on etnaviv driver, since NXP kernel uses vivante driver instead...14:59
ograright, then you will likely need yur own fork of mir-kiosk ... and add it to your brand store14:59
ogra(or convince the mir team to ship vivante but i'm not sure they will be willing to do that)15:00
gbissonyes I don't expect vivante to be part of the generic package, but a mir-viv-kiosk would be nice15:01
gbissonI now get this when booting up: "assertion is signed with expired public key "blah""15:15
gbissonhow come my key expired? Seems to be properly there in 'snap keys', plus I can upload to the store ok which I believe checks the key15:16
ograreplace your RTC battery 😛15:17
ogra(which i'm indeed sure you have plenty on your boards 😛 )15:18
gbissonurgh15:18
gbissonreally?15:18
gbissoncan't it get the time from the network?15:18
ograthere is some code in systemd-timesyncd that is supposed to set the clock to a more proper date ba default, but there ere issues ... i think xnox was working on a fix15:19
ogra*by default15:19
gbissonok thanks, let me try that15:19
ograyou get the time from the network once the entwork is up15:19
ograbut the key check happens earlier in the boot IIRC15:20
ograthat said, try with wired network, perhaps your chances are better there15:20
ogra(we ship a default dhcp setup for eth0 that should come up earlier than wlan, with luck thats enough)15:21
gbissonogra: thanks I confirm it works!15:23
ogragreat15:23
gbissononce I get the 20 track for gadget/kernel I can release an image15:23
ogranot sure what the bug number was, but i knwo there is a bug open for the systemd fix15:23
ogra(and i guess xnox isnt watching the channel here to give it to you from the top of his head )15:24
gbissonthat's ok, I want to use stable channel anyway for the issue, it will be part of the known issues that should disappear later15:25
ograyeah, thats the spirit with UC20 🙂15:25
mupPR snapd#9912 closed: snap: provide a useful error message if gdbserver is not installed <Skip spread> <Created by mvo5> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/9912>15:32
gbissonogra: finally I got my platform fully booted up and installed properly, thanks again for the help!15:38
ogracongrats !15:41
zyga_do you guys remember the name of that thing that lets you deploy openstack or k8s quickly16:19
zyga_it had a catchy name16:19
zyga_but it flew out of my head16:19
cjwatsonconjure-up I think?16:20
ijohnsonjuju?16:20
zyga_conjure up!16:21
zyga_thank you cjwatson :)16:21
=== ijohnson is now known as ijohnson|lunch
mupPR snapcraft#3437 opened: extensions: check that the platform snap is connected in desktop extensions and bail out if not (LP: #1915712) <Created by oSoMoN> <https://github.com/snapcore/snapcraft/pull/3437>22:23

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!