/srv/irclogs.ubuntu.com/2021/09/27/#snappy.txt

zygagood morning happy Monday for a change :)05:38
zygahey mardy o/05:52
mardyzyga: hi!05:55
mborzeckimorning06:04
mardymborzecki: 'morning! Let me know, when you want to discuss the cgroups issue06:07
mborzeckimardy: sure, let me set something up in the calendar06:08
mborzeckimardy: heh, i'm a muppet, added a meeting but haven't added you to it ;)06:45
zygaheh06:50
zygamborzecki, do you want me to listen?06:50
ograwe seem to have some angry opensuse users on the forum, seems something broke there recently 06:53
zygaogra, hey :)06:54
mborzeckiogra: hey, which topic? can you share a link?06:56
ograone sec06:58
ograhttps://forum.snapcraft.io/t/telegram-desktop-stopped-to-work-in-suse-tumbleweed-glibc-error/2674106:58
ogra(there was at least a second one from another person i can't find now)06:59
mborzeckiok, let me see07:00
ograhttps://forum.snapcraft.io/t/snap-wont-open-installed-apps-after-nvidia-driver-instalation/2676507:00
ograthough the second one might be an nvidia bug07:00
pstolowskimorning07:02
zygapstolowski, hey07:04
zygagood morning mvo 07:12
mvogood mornin gzy07:19
mvogood morning zyga :)07:19
mupPR snapd#10841 closed: interfaces/dsp: add a usb rule to the ambarella flavor <⚠ Critical> <Simple 😃> <cherry-picked> <Created by anonymouse64> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/10841>07:22
mupPR snapd#10842 closed: interfaces/apparmor/template.go: allow inspection of dbus mediation level <Simple 😃> <Created by anonymouse64> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/10842>07:22
mvopstolowski: is 10737 ready? I see two +1 07:25
mupPR snapd#10826 closed: cmd/libsnap-confine-private: workaround BPF memory accounting, update apparmor profile <cgroupv2-impish> <Created by bboozzoo> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/10826>07:27
mupPR snapd#10832 closed: tests: skip system-usernames-microk8s when TRUST_TEST_KEYS is false <Simple 😃> <cherry-picked> <Created by sergiocazzolato> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/10832>07:27
pstolowskimvo: yes it is07:35
pstolowskimvo: failures are unrelated07:37
mvota07:51
mupBug #1945172 opened: Too many previous versions by default <Snappy:New> <https://launchpad.net/bugs/1945172>07:56
mupBug #1945172 changed: Too many previous versions by default <Snappy:New> <https://launchpad.net/bugs/1945172>08:02
mupBug #1945172 opened: Too many previous versions by default <Snappy:New> <https://launchpad.net/bugs/1945172>08:08
mardymvo: hi! Can you please enable CI on https://github.com/snapcore/snapd/pull/10838 ?08:25
mupPR #10838: Component tests <Created by mardy> <https://github.com/snapcore/snapd/pull/10838>08:25
mvomardy: I have no idea why it's not running there tbh08:36
mvomardy: I don't see anything that I can do to enable it from clicking around a bit08:36
=== alan_g_ is now known as alan_g
mupPR snapd#10843 opened: disks: add `Size()` to disks interface <Skip spread> <Created by mvo5> <https://github.com/snapcore/snapd/pull/10843>08:52
mupPR snapd#10843 closed: disks: add `Size()` to disks interface <Skip spread> <Created by mvo5> <Closed by mvo5> <https://github.com/snapcore/snapd/pull/10843>08:57
mborzeckifun, so building static go bianries no longer works with the usual flags with g 1.1709:00
mborzeckior maybe that's glibc09:00
mborzeckiidk09:00
mborzeckiogra: ^^ also why opensuse is broken09:01
ograouch09:01
pstolowskiogra: seems we jumped onto #1945172 at about the same time ;)09:05
mupBug #1945172: Too many previous versions by default <Snappy:Triaged> <https://launchpad.net/bugs/1945172>09:05
ograpstolowski, hah ! at least we didnt contradict each other 😄09:07
pstolowskiogra: yup :)09:08
mardymvo: I think it's because I'm modifying the github actions file09:24
mardymvo: try to see if there's a button below, near the secion when it shows the CI results09:25
mvomardy: I don't see anything there unfortunately09:27
mardymvo: nevermind, I'm not working on them today anyway, I'll have a look maybe tomorrow09:31
mardymight be because of the merge conflicts09:31
mvomardy: yeah, let's chat tomorrow09:31
mardy(I didn't notice them before)09:31
mborzeckinvm, seems like it was built correctly09:31
mardymborzecki: so, I added a panic() in snap-run after the loop that checks for the scope creation, and the panic didn't not happen, yet our process was moved09:36
mardymborzecki: I'll try to play a bit with delegation09:36
mborzeckimardy: the panic would happen if we're not moved, or we were not moved but it didn't happen?09:37
mborzeckihmm there's clone3?09:43
mardymborzecki: it looks like it's looking for the 0-entry in /proc/self/cgroups09:49
mupPR snapd#10844 opened: disks: add `Size(path)` helper <Created by mvo5> <https://github.com/snapcore/snapd/pull/10844>09:52
JonathanEsk-RiddSergio Schvezov: me and ian had a look at kdenlive but couldn't work out why it was using the wrong path for loading libraries (kdenlive itself is fine but supporting binaries like kdenlive_render have the problem) if you have any ideas that could be useful https://forum.snapcraft.io/t/kdenlive-cannot-render-any-projects-stuck-in-waiting/26689/410:04
ograJonathanEsk-Ridd, you mean to ping @sergiusens i guess 🙂10:06
mborzeckimvo: can you take a look at https://github.com/snapcore/snapd/pull/10845 ?10:13
mupPR #10845: interfaces/seccomp: add clone3 to default template <Simple 😃> <Security-High> <Needs security review> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/10845>10:13
mborzeckiapparently something on opensuse is triggering a codepath in go/glibc that calls clone3 which isn't allowed in our default seccomp profile10:14
mupPR snapd#10845 opened: interfaces/seccomp: add clone3 to default template <Simple 😃> <Security-High> <Needs security review> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/10845>10:17
mborzeckizyga-mbp: can you take a look at https://build.opensuse.org/request/show/921730 ?10:38
mborzeckizyga-mbp: heh, this one 🙂 https://build.opensuse.org/request/show/92173110:42
ares1028Hi, I am trying to make a Preconfigured Ubuntu core image without going through the console-conf on the first boot. But when i try to do that it requires a login and a password. Is there a way to provide the snapcraft email id to the Ucore image during image flashing stage so that it can download the keys when it is connected using ethernet?10:43
ograares1028, note i pointed out some solution in #snapcraft already ... 10:46
ogra*solutions10:46
mardymborzecki: I'm now trying with these changes: https://github.com/mardy/snapd/commit/f9a9dcefad311e35288d7243b42368017e72bfa210:50
ares1028These solutions are of snaps that can be added during the model assertion so that it would add a new netplan on the first boot. I dont have a store account now, so I can't use them on the first boot right?10:53
duncan_bayneHi folks - I have a quick question around publishing apps with service dependencies.  Say I have an (open source) app that itself relies on a bunch of other services - Samba, IPFS, etc.  Should I be bundling builds of those services those _into_ my snap (along the lines of https://snapcraft.io/blog/learn-snapcraft-by-example-multi-app-client-server-snap)?  Is there a dependency management mechanism I'm entirely missing?  Or should I10:53
duncan_baynehave some sort of meta-install that installs and configures my app's Snap, plus any others (e.g. the ipfs snap)?10:53
ares1028and I will have to install them later using --dangerous tag10:53
duncan_bayneI have a suspicion there's a FM somewhere that I should go and R :)10:53
ograares1028, well, you can definitely go the cloud-init route with a self-built gadget as long as you do not try to use any defaults: and connect: statements in gadget.yaml10:57
zyga-mbpmborzecki accepted suse PR just now10:57
ograares1028, and the USB key methid also alwayys works 10:57
mborzeckizyga-mbp: thanks!10:57
ogra*method10:58
zyga-mbpwas that the thing breaking opensuse that ogra mentioned?10:58
ares1028ok , and I also have another question. Can I auto connect snap interfaces using hooks. Since I dont want to do it manually every time10:58
ares1028I couldnt find any example regarding this10:59
ograares1028, that requires a signed gagdet ... so only if you have a brand store10:59
ares1028ohhk thanks10:59
mardymborzecki: guess what? with those changes the bug can happen too. Just in that case the PID is moved back to the scope cgroup: https://paste.ubuntu.com/p/548Bwh5TWB/11:00
ogra(or alternatively you can have store declarations defining auto-connections per app snap ... which you can ask for through the store-requests category in the forum)11:00
zyga-mbpmardy did your theory about systemd behavior check out?11:01
ograduncan_bayne, by default snaps have to be self contained ... so normally you'd ship everything your app/service needs to run ... that said, you *can* split it into multiple snaps and make use of content interfaces (so a samba fix would only update the "duncan-samba-server" snap instead of the whole thing)11:01
ogra(the auto-connecting of content interfaces only works if the snaps come from the same publisher or have been approved as a default provider in the stroe)11:03
mardyzyga-mbp: nope, I had a look at the source code, and found no confirmation. systemd seems only to move PIDS when cgroups become empty11:03
zyga-mbphmm11:04
zyga-mbpwhich pids are moved when a cgroup becomes empty?11:04
mardyzyga-mbp: I don't remember, I didn't pay much attention, since it didn't seem to be relevant for our case11:05
zyga-mbpit's just seems weird, cgroup being empty means there are no more processes left11:05
mardyright11:06
ares1028Hi ogra, where shoul dcloud.conf be placed when i am building gadget for Rpi4? can i place it in SNAPCRAFT_PART_INSTALL/boot-assets/  ?. Do i have to enable cloud init in gadget yaml in defaults tab?11:06
mardybut now I also realized that I was looking with the wrong premises; at that time it was not clear to me that we were using a scope already11:07
ograares1028, i think it should go to the toplevel dir of the final gaget ...11:07
mardyso I need to have a second look at the systemd code, because I disregarded all code paths involving scopes11:07
ograares1028, and the existence of the file should be enough11:08
ares1028ok i will give it a try11:08
ograno need to toggle a switch anywhere11:08
ares1028if i have a brand store account, i should be able to do it through system user assertions rigth?11:12
mardymborzecki, zyga-mbp: is it possible to tell spread to run the test on bionic, but with focal's kernel? It would help in ruling out the kernel11:13
zyga-mbpyes, just install the kernel in prepare11:13
mborzeckiwell and reboot11:14
zyga-mbpI've done something similar in cerberus spread tests if you remember11:14
mborzeckiand somehow you need to make sure that you boot the right kernel too11:14
zyga-mbpyes11:14
zyga-mbpthat's tricky11:14
zyga-mbpdefaults will be against you11:14
zyga-mbpbut it's all doable11:14
mardyzyga-mbp: I didn't look at the spread tests :-)11:14
mardyshould I remove all other kernels?11:14
zyga-mbpyou don't have to11:15
mardyactually, maybe it's simpler if I first try a newer systemd11:15
duncan_bayneogra: Thanks - that's where I was headed, but wondered if I was missing something.  11:17
mupPR snapd#10846 opened: desktop: implement gtk notification backend and provide minimal notification api <Created by stolowski> <https://github.com/snapcore/snapd/pull/10846>11:22
ares1028Hi ogra, when i add cloud.conf. Can i not disable console-conf in gadget.yaml?11:24
ares1028You mentioned that i cannot add any defaults in gadget.yaml when i add cloud.conf11:25
ograares1028, you can try ... "system" options might actually work without signing the gadget, not sure11:25
mborzeckimardy: aha, caught it https://paste.ubuntu.com/p/YcT8sngRn3/11:34
mupPR snapd#10820 closed: devicestate: use EncryptionType <Run nested> <Created by mvo5> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/10820>11:38
mardymborzecki: congrats ;-)11:41
mborzeckimardy: hmm for your log, it would be useful to see stderr and SNAPD_DEBUG=1 output from snap11:43
mardymborzecki: what systemd version is debian using?11:43
mardymborzecki: ok11:43
mborzecki24711:43
mborzeckimardy: but i think there' something wrong with the test itself, https://paste.ubuntu.com/p/ZqZbDmrFRz/ we try to create a scope, but cannot as session bus is inaccessible, and proceed11:44
mardymborzecki: oh, that's even newer than focal's11:44
mborzeckimardy: although I don't have a good answer about the right way proceed here11:45
mborzeckiif we continue to run without it, snap device cgroup will not be set up and thus we are missing a piece of the sandbox11:46
mardymborzecki: here's the output: https://paste.ubuntu.com/p/RQrdN8ZZ44/12:17
mborzeckimardy: hmm wondering what happens with the freezer then, we also add the process to a cgroup created by s-c there12:26
mardymborzecki: in my case the freezer cgroup is always /, I guess it depends on the snap?12:28
mardyI mean, on the interfaces used by a snap12:28
mupPR snapd#10847 opened: cmd/snap-confine: attempt to catch snap processes outside of snap specific cgroup <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/10847>12:43
ares0128Hi ogra, i tried adding the cloud.conf in the top layer but nothing happend. I still had to manually add my mail address. I have another question, I want to add files into /etc/modules file during image building for RPi4 gadget, do you knwo how i can do that?12:47
ares0128I even tried usign system-files and giving access to that file to snaps, but it still didnt work12:48
ares0128i editied /etc/hosts the same way but that works12:48
mardymborzecki: I think you are right, about that JobRemoved signal12:56
mardymborzecki: at least I see that if instead of that loop, I do a sleep of 1 second, my test never fails12:56
mardymborzecki: but waiting for the signal would considerably delay our startup...12:57
mupPR snapd#10833 closed: tests: fix error trying to create the extra-snaps dir which already exists <Simple 😃> <Run nested> <Created by sergiocazzolato> <Merged by sergiocazzolato> <https://github.com/snapcore/snapd/pull/10833>13:08
ograares0128, you would need to build your own kernel snap 13:12
ares0128ohh...i have never done that13:14
mardymborzecki: weird... so, I can clearly see (with busctl) that I'm passing the right Delegate params to StartTransientUnit, but then, if I run "systemctl show <snap>.scope", I see that it has "Delegate=no"14:04
miguelpiresmvo: can you merge https://github.com/snapcore/snapd/pull/10812 please?14:07
mupPR #10812: o/ifacestate: don't fail remove if disconnect hook fails <Created by MiguelPires> <https://github.com/snapcore/snapd/pull/10812>14:07
ijohnson[m]hey zyga-mbp would you mind moving our chat about MS_SHARED to Wednesday same time ? some stuff has come up today that is a bit more pressing to deal with14:08
mvomiguelpires: sure14:12
mupPR snapd#10812 closed: o/ifacestate: don't fail remove if disconnect hook fails <Created by MiguelPires> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/10812>14:13
miguelpiresty14:14
mardymborzecki: nevermind, my mistake: I was missing the `--user` option in the `systemctl show` command :-)14:27
pstolowskimvo:  can you merge https://github.com/snapcore/snapd/pull/10737 ?14:36
mupPR #10737: o/snapstate: validation sets enforcing on update <Needs Samuele review> <validation-sets :white_check_mark:> <Created by stolowski> <https://github.com/snapcore/snapd/pull/10737>14:36
mvopstolowski: sure15:58
mupPR snapd#10737 closed: o/snapstate: validation sets enforcing on update <Needs Samuele review> <validation-sets :white_check_mark:> <Created by stolowski> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/10737>15:58
* cachio_ lunch16:01
pstolowskity16:04
mupPR snapd#10848 opened: interfaces/u2f-devices: add GoTrust Idem Key (https://launchpad.net/bugs/1945182) <Created by oSoMoN> <https://github.com/snapcore/snapd/pull/10848>16:39
mupPR snapd#10849 opened: o/snapstate: prevent install hang if prereq install fails <Created by MiguelPires> <https://github.com/snapcore/snapd/pull/10849>17:14
mupPR snapd#10850 opened: o/snapstate: improve install/update tests <Created by MiguelPires> <https://github.com/snapcore/snapd/pull/10850>18:04
mupPR snapd#10851 opened: many: support "device-setup"/"device-unlock" hooks <⛔ Blocked> <Run nested> <Created by mvo5> <https://github.com/snapcore/snapd/pull/10851>18:14
mupPR snapd#10852 opened: osutil/disks: add DiskFromDevicePath, other misc changes <Simple 😃> <UC20> <Created by anonymouse64> <https://github.com/snapcore/snapd/pull/10852>22:35

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!