[07:29] <mborzecki> morning
[08:51] <mardy> mborzecki: hi!
[08:52] <mborzecki> mardy: hey
[10:09] <mup> PR snapd#11444 opened: cmd: misc analyzer fixes <Simple 😃> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/11444>
[10:09] <mborzecki> mardy: something simple ^^
[10:24] <mup> PR snapd#11445 opened: asserts: start supporting optional primary keys in fs backend, assemble and signing <authority-delegation> <Created by pedronis> <https://github.com/snapcore/snapd/pull/11445>
[10:24] <mup> PR snapd#11446 opened: asserts: extend optional primary keys support to the in-memory backend <authority-delegation> <Created by pedronis> <https://github.com/snapcore/snapd/pull/11446>
[10:24] <zyga[m]> bboozzoo: approved
[10:24] <mborzecki> thx
[10:34] <mup> PR snapd#11430 closed: cmd/snap-mgmt, packaging: trigger daemon reload after purging unit files <Simple 😃> <Created by bboozzoo> <Merged by pedronis> <https://github.com/snapcore/snapd/pull/11430>
[10:34] <mup> PR snapd#11438 closed: tests: add test to ensure consecutive refreshes do garbage colleciton of old revs <Simple 😃> <Test Robustness> <Skip spread> <Created by stolowski> <Merged by bboozzoo> <https://github.com/snapcore/snapd/pull/11438>
[10:34] <mup> PR snapd#11442 closed: o/snapstate: deal with potentially invalid type of refresh.retain value due to lax validation <Squash-merge> <Bug> <Created by stolowski> <Merged by pedronis> <https://github.com/snapcore/snapd/pull/11442>
[11:09] <mup> PR snapd#11447 opened: tests: get lxd snap from candidate channel <Simple 😃> <Created by sergiocazzolato> <https://github.com/snapcore/snapd/pull/11447>
[12:17] <diddledani> amurray: this broke my container image (diddledan/snapcraft) c6011693a816f7f8a5b0c7858ddce91c6ef1a352
[12:17] <diddledani> https://github.com/snapcore/snapd/commit/c6011693a816f7f8a5b0c7858ddce91c6ef1a352
[12:18] <diddledani> fails with: `aa_is_enabled() failed unexpectedly (No such file or directory): No such file or directory`
[12:19] <diddledani> this is my snapcraft container image https://github.com/diddlesnaps/snapcraft-container
[12:37] <ijohnson[m]> diddledani: what is aa_is_enabled returning in your container? 
[12:38] <diddledani> do you mean the C function or the executable `aa-enabled`? for the latter it shows `Maybe - policy interface not available.`
[12:39] <diddledani> for the C function, presumably it's returning ENOENT considering the error message from snap-confine
[12:40] <diddledani> ENOENT used to be explicitly handled, now it's a fallthrough to DIEDIEDIE https://github.com/snapcore/snapd/commit/c6011693a816f7f8a5b0c7858ddce91c6ef1a352#diff-850ad7658ba4087a28a764d6a46b74640a2fd43be09f246dabea20dd0f2a16daL56-L59
[12:44] <ijohnson[m]> hmm that commit was needed to resolve a CVE so we can't just revert that commit 
[12:54] <amurray> diddledani: is securityfs mounted inside the container? 
[12:54] <diddledani> I don't believe it is.. it's not in /proc/mounts
[12:55] <amurray> argh, sorry I gotta run - will check scrollback in the morning - otherwise perhaps we can just add back the ENOENT bit... I recall I thought I had a good reason for making that DIEDIEDIE but I can't recall why off the top of my head...
[12:55] <diddledani> is there a systemd unit that I need to enable to handle that?
[12:56] <diddledani> yeah, if there's a CVE then obviously I don't want you to potentially reintroduce it
[12:56] <diddledani> s/it/a vuln/
[12:56] <ijohnson[m]> diddledani is apparmor enabled in the kernel? 
[12:56] <diddledani> yes, this is on an Ubuntu Host so apparmor is working on the host os
[12:57] <ijohnson[m]> Hmm 
[12:57] <ijohnson[m]> Is this in a docker container 
[12:57] <diddledani> yup
[12:57] <ijohnson[m]> Is it a privileged docker container 
[12:58] <diddledani> this is how I've launched it and how I recommend others launch it:
[12:58] <diddledani> https://www.irccloud.com/pastebin/5zbD4Yjz/
[13:19] <mup> PR snapd#11448 opened: Pr11282+fallback <Created by xnox> <https://github.com/snapcore/snapd/pull/11448>
[13:34] <mup> PR snapcraft#3655 closed: meta: support application fields (CRAFT-814) <Created by mr-cal> <Merged by sergiusens> <https://github.com/snapcore/snapcraft/pull/3655>
[14:00] <mup> PR snapd#11449 opened: cmd: set core22 migration related env vars and update spread test <Created by MiguelPires> <https://github.com/snapcore/snapd/pull/11449>
[15:29] <mup> PR snapcraft#3654 closed: projects: add grammar validation <Created by cmatsuoka> <Merged by sergiusens> <https://github.com/snapcore/snapcraft/pull/3654>