/srv/irclogs.ubuntu.com/2021/07/06/#snappy.txt

mborzeckimorning05:20
pstolowskimorning06:02
mborzeckipstolowski: hey06:06
mardy'morning06:12
mborzeckimardy: hey06:31
mborzeckiehh loosk like we can't really land anything now06:31
mborzeckihttps://status.snapcraft.io/ does not list any problems related to deltas?06:38
mborzeckinvm i see the messages on MM, maybe it's fixed now, let's see if the tests in https://github.com/snapcore/snapd/pull/10483 are happy06:43
mvofingers crossed06:50
mborzeckimvo: morning, and yeah06:54
mborzeckimvo: can you land https://github.com/snapcore/snapd/pull/10481 ?06:54
mborzeckimvo: also, do you think we need to involve security team in https://github.com/snapcore/snapd/pull/10483 ?06:55
mvomborzecki: sure07:08
mvomborzecki: and good morning!07:09
mborzeckimvo: while at it: https://github.com/snapcore/snapd/pull/10494 this one can be merged too as it fixes failures in nested tests07:12
mvomborzecki: I really don't think we need security for 10483 - otoh it should be pretty trivial, so maybe alex can have a quick look just at this specific diff?07:13
mvomborzecki: landed07:15
mborzeckimvo: ok, let me ping him07:15
mborzeckimvo: and thank you07:15
mvomborzecki: thank *you* :)07:15
pstolowskihey mvo 07:16
mborzeckimeh, deltas are still unhappy07:18
mborzeckii wonder if some need to be regenerated or something07:18
mvohey pstolowski 07:24
mvomborzecki: that is a bit disappointing07:24
mvomborzecki: what is the latest run that failed? we might want to poke the store again07:25
mborzeckimvo: pinged you in store's mm channel07:25
mborzeckimvo: this is the latest run that failed: https://github.com/snapcore/snapd/pull/10483/checks?check_run_id=299582293907:26
mvomborzecki: ta07:28
mvomborzecki: I wonder if we should disable the test to unblock, it's very tedious to review the failure logs07:28
* pstolowski physio07:46
mvomborzecki: I pushed a PR to disable the delta tests for now07:54
pedronismborzecki: hi, https://github.com/snapcore/snapd/pull/10469 needs a master merge now?07:56
mborzeckimvo: thanks08:00
mborzeckipedronis: yes08:00
mardyshould an ordinarey user be able to write into $SNAP_DATA? The folder is owned by root08:30
mardyah, that's for system data08:31
zygagood morning08:33
* zyga starts late after late evening work08:33
mardymmm... this is "funny": the mount operation succeeds, yet the mountpoint appears to be empty and /proc/mounts does not list it. I suspect it's a namespacing issue...08:39
ogra`mardy, as i asked on mattermost already, are you sure you want to actually do that, given the content of $SNAP_DATA gets forward copied during snap updates you'd have to deal with skipping the mounted bits, moving the mountpoint back and forth with snap revert/refresh etc etc 08:50
pstolowskire08:51
ogra`mardy, $SNAP_COMMON does not get copied or moved ... i'd restrict the mounting to this dir only08:51
mardyogra`: I'm just writing a test. We are developing a mount-control interface, and I have a simple snap to test it: https://github.com/snapcore/snapd/pull/10473/files08:54
mardyso, after installing the snap and connecting the plug, I run: "sudo test-snapd-mount-control.mntctl -o bind,ro /usr/share/fonts /var/snap/test-snapd-mount-control/current/fonts"08:56
mardythe mount apparently succeeds, but /var/snap/test-snapd-mount-control/current/fonts stays empty08:56
mardyI've now verified that the /var/snap/test-snapd-mount-control/current/fonts is empty even for the process running in the snap itself, so it would seem it's not even a namespacing issue08:57
ogra`mardy, yeah, i know about the interface (i drive the customer that asked for it), i'm just thinking the restricting your whereRegexp() to /media and $SNAP_COMMON makes handling updates eaiser since a snap refresh will copy the content of the mountpoint to the dir that becomes the new current/ symlink after refresh09:02
ogra`unless you add any code to special case mounted stuff in $SNAP_DATA09:03
ogra`and additionally the mount needs to move along with the symlink going forward/backward on snap revert and refresh09:04
mvocan someone review #10495 please? this should unblock the tests until the store is fixed10:13
pstolowski+110:22
mvota10:22
mborzeckipedronis: i've updated https://github.com/snapcore/snapd/pull/10493 too now10:25
pstolowskipedronis: re #7700 and the comment about waiting for runinhibit in snapRunHook, I think we shouldn't do this for any hooks?10:48
pedronispstolowski: yea, think so10:49
pedronismborzecki: thx10:49
pstolowskipedronis: btw do you have a moment before standup to chat about --proceed outside of hook?10:51
pedronispstolowski: yes, please schedule something10:52
pstolowskipedronis: done10:54
=== alan_g_ is now known as alan_g
mborzeckipedronis: fun: https://github.com/snapcore/snapd/pull/10493#issuecomment-874689293 afaict our grub-recovery.cfg doesn't like 1234-2 labels11:44
pedronismborzecki: well, as we know it's not clear we fully like our grub-recovery.cfg11:44
pedronismborzecki: we discussed whether there are things we should change/improve with it11:44
mborzeckipedronis: yeah, i can look into updating that to be more relaxed, there's a still a question of rolling out an update if we do it11:46
pedronisyea11:46
mborzeckipedronis: i guess for now i can leave the boot config edition unchanged like we did for the run one11:48
pedronismborzecki: yes11:48
pedronismborzecki: fwiw we do a regexp in seed/internal about what are valid labels11:48
pedronis*do have11:48
mborzeckioh right, i can start with that11:49
pstolowskipedronis: i don't think https://github.com/snapcore/snapd/pull/10476 needs your review, does it? i would like to land it soon once green11:58
pedronispstolowski: not particurly, no, unless you think it does, but sounds not11:59
pstolowskipedronis: ok, thanks12:03
pedronismborzecki: I re-reviewed https://github.com/snapcore/snapd/pull/1046912:17
mborzeckipedronis: thanks12:18
mborzeckipedronis: i think i got grub under control now, still waiting for spread test to finish, but it seems to work in a vm12:18
pedronisgood12:19
mardycan anyone think of some reason why mount(2) would succeed (returns 0, and no apparmor denials are seen) yet nothing really happens (the mount point stays empty)?12:30
mardymvo: so, the branch is https://github.com/snapcore/snapd/pull/1047314:01
mardyI just build it, run the snapd from my branch, call "snap pack" on the test directory, then install the snap with --dangerous, connect its plug, and then run "sudo test-snapd-mount-control.mntctl -o bind /usr/share/fonts /var/snap/test-snapd-mount-control/common/fonts"14:02
mborzeckipedronis: i've pushed an update to https://github.com/snapcore/snapd/pull/10469 i think i understood what you wanted to be changed in the tests, but let's see14:22
mborzeckifwiw, with changed recovery grub config the remodel spread test is passing again14:23
pedronismborzecki: thx14:25
pedronismborzecki: re-reviewed14:34
pedronismborzecki: thx14:36
pedronisijohnson[m]: I tried to answer the question in https://github.com/snapcore/snapd/pull/10437 , sorry I should have been explicit in my previous comment14:36
ijohnson[m]pedronis: thanks for that14:36
pedronismvo: https://github.com/snapcore/snapd/pull/10437 needs your re-review14:37
mvopedronis: sure, looking14:41
mardymvo: nevermind my mount issue: if the mount point is under /media/**, it works. For some reason using $SNAP_COMMON doesn't, but I'll investigate14:43
mardymmm... when accessing /var from inside a snap, is that the same /var as the system's one, or does it get somehow remapped?14:44
ijohnson[m]mardy: ah are you entering into the mount namespace of the snap to check that the mount exists ?14:45
ijohnson[m]mardy: snap mount namespaces are setup such that mounts made inside them do not propagate back to the host's mount namespace, with the exception of /media/ I think14:45
ijohnson[m]mardy: have you been introduced to the `/run/snapd/ns` directory at all?14:46
mardymvo: nah, actually /media/** does not work either, I made a mistake before :-(14:47
mardyijohnson[m]: no, but if I list the files from the same process that does the mount(), I guess I should be already inside the correct namespace?14:48
ijohnson[m]mardy: hmm you mean like /proc/<pid>/mountinfo ? yeah that should show the mounts from that namespace14:50
mardyijohnson[m]: no, I'm not opening mountinfo, I'm just calling (in python) os.listfiles() on the mount point, and it's empty14:53
mardybut that's from the same process who called mount(), so it should see the files...14:53
ijohnson[m]mardy: I assume both those mount process and the python program are running inside the snap confinement ?14:54
mardyijohnson[m]: yes, it's the same process: I'm not invoking the mount(8) binary, but directly doing mount(2) from python: https://github.com/mardy/snapd/blob/mount-control/tests/lib/snaps/test-snapd-mount-control/bin/mntctl#L115-L12414:55
mardy(using ctypes)14:55
mardyif I call the python script directly, without passing via snapd, it works14:56
ijohnson[m]mardy: silly question but did you try adding a sleep after performing the mount() ?14:56
mardyijohnson[m]: nope, let me try...14:56
mardynope, doesn't help (3 seconds)14:57
ijohnson[m]😕 14:57
ijohnson[m]mardy: how can I reproduce this? just build that branch of snapd `mount-control` and then install the `test-snapd-mount-control` snap ?14:58
mardyijohnson[m]: and connect the plug14:58
mardyijohnson[m]: then run sudo test-snapd-mount-control.mntctl -o bind /usr/share/fonts /var/snap/test-snapd-mount-control/common/fonts14:59
mardyijohnson[m]: you can also add "-c 'ls -l /var/snap/test-snapd-mount-control/common/fonts'" to have it run an "ls" command15:00
ijohnson[m]mardy: ack thanks, I'm trying to wrap some other things up this morning but I will take a look in my PM15:00
mardyijohnson[m]: much appreciated, thanks!15:00
ijohnson[m]np15:01
ijohnson[m]pedronis: mvo I think I figured out why my fix for #10165 didn't work, I only did the fix for one of the two tests, so now I pushed up that same fix for the second test, do you think the PR needs to be re-reviewed all over again at this point?15:44
ijohnson[m]I'm inclined to say that yes, any previous +1's should be re-done15:44
mvoijohnson[m]: one re-review is probably enough15:46
ijohnson[m]ok15:46
pedronismvo: I did a pass https://github.com/snapcore/snapd/pull/10264, some comments there, let me know if I'm confused15:47
mvopedronis: looking, but it's probably me being confused15:50
pstolowskicachio: maybe you could take a look at https://github.com/snapcore/snapd/pull/10479 ? it's a followup to the spread test you reviewed yesterday15:59
cachiopstolowski, sure16:02
pstolowskity16:05
mvopedronis: thanks so much for the review, excellent points. I addressed everyting except for the optimization to only call the virtual configs when there is an overlap, need to have dinner first so either later tonight or tomorrow but I pushed the rest16:28
mvopedronis: could even be a followup (maybe?)16:28
mvo10496 needs a review, looks like deltas are happy again17:48
ijohnson[m]cachio: can you take another look at https://github.com/snapcore/snapd/pull/10165 today? thank you17:48
cachioijohnson[m], sure17:49
ijohnson[m]mvo: sure I will take a look at that one when I'm back from lunch17:49
ijohnson[m]thanks cachio 17:49
mvoijohnson[m]: no rush, it's pretty trivial17:50
mvoit looks like my virtual config stuff is finally making some good progress *fingers-crossed*17:51
=== not_phunyguy is now known as phunyguy
cachioijohnson[m], +1, left few comments inline18:50
ijohnson[m]Thanks cachio19:16
cachioyaw19:16
=== mwhudson_ is now known as mwhudson
* cachio afk20:46

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!