=== popey7 is now known as popey
[02:38] <transhumanist> hi how do I start a snap from a terminal if I have multiple isolations of the same snap?  https://snapcraft.io/docs/parallel-installs  ?
[02:39] <transhumanist> or create shortcuts to them on the desktop for that matter?
[05:51] <mborzecki> morning
[06:45] <mup> PR snapd#11695 closed: libsnap-confine-private: show proper error when aa_change_onexec() fails <Simple 😃> <Created by mardy> <Merged by bboozzoo> <https://github.com/snapcore/snapd/pull/11695>
[06:51] <mardy> hi all
[07:00] <pstolowski> morning
[07:00] <mup> PR snapd#11566 closed: features: enable refresh-app-awareness by default <Squash-merge> <Run nested> <cherry-picked> <refresh app awareness> <Created by stolowski> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/11566>
[07:05] <mup> PR snapd#11690 closed: o/snapstate: exclude TypeSnapd and TypeOS snaps from refresh-app-awareness <Needs Samuele review> <cherry-picked> <refresh app awareness> <Created by stolowski> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/11690>
[07:15] <mup> PR snapd#11097 closed: interfaces: add ACRN hypervisor support <Squash-merge> <Needs Samuele review> <Created by igorljubuncic> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/11097>
[07:20] <zyga[m]> good morning
[09:02] <mardy> hi all
[09:12] <pstolowski> hey mardy 
[09:16] <mup> PR snapd#11698 opened: o/snapstate: fix TestSnapdRefreshTasks test after two r-a-a PRs <⚠ Critical> <Simple 😃> <Skip spread> <Created by stolowski> <https://github.com/snapcore/snapd/pull/11698>
[09:31] <mup> PR snapd#11699 opened: interfaces/builtin/system-packages: use a broad AppArmor snippet for mounting /usr/share/*-docs <Simple 😃> <Needs security review> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/11699>
[09:46] <mup> PR snapd#11698 closed: o/snapstate: fix TestSnapdRefreshTasks test after two r-a-a PRs <⚠ Critical> <Simple 😃> <Skip spread> <Created by stolowski> <Merged by stolowski> <https://github.com/snapcore/snapd/pull/11698>
[09:58] <bdmurray> mardy: I added you to the group of people who can see crash reports in the Error Tracker
[10:17] <mardy> bdmurray: saw it, thanks!
[10:31] <mup> PR snapd#11700 opened: sandbox: move profile load/unload to sandbox/apparmor <Simple 😃> <Created by mardy> <https://github.com/snapcore/snapd/pull/11700>
[12:02] <mup> PR snapd#11701 opened: tests/nested: fix custom-device test <Simple 😃> <Run nested> <Created by mardy> <https://github.com/snapcore/snapd/pull/11701>
[12:37] <mup> PR snapd#11456 closed: tests: Initial changes to run nested tests on uc22 <Run nested> <Created by sergiocazzolato> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/11456>
[12:37] <mup> PR snapd#11622 closed: image/preseed, cmd/snap-preseed: create and sign preseed assertion <Preseeding 🍞> <Run nested> <Created by stolowski> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/11622>
[12:46] <jdstrand> ogra: hey, fyi, zoom-client 5.10.3.2778 fails to launch for me, no sandbox denials. I had to snap revert. unfortunately I don't have time now to debug but did strace and found: write(2, "[0421/074431.324810:FATAL:platform_shared_memory_region_posix.cc(255)] This is frequently caused by incorrect permissions on /dev/shm.  Try 'sudo chmod 1777 /dev/shm' to fix.\n", 175 <unfinished ...>
[12:47] <ogra> jdstrand, reboot ... 
[12:47] <jdstrand> ogra: I thought I read something about new snapd /dev/shm handling. I have snap 2.55.3
[12:47] <ogra> that seems to be a snapd issue that solves itself after rebooting
[12:47] <ogra> i have seen it on one out of five machines yesterday
[12:48] <jdstrand> oh, that is super weird. I hope they're looking at that...
[12:48]  * jdstrand wonders if snap-discard-ns is enough
[12:48]  * jdstrand tries
[12:48] <jdstrand> (I have a lot of session state atm)
[12:49] <ogra> i havent filed it et 
[12:49] <ogra> *Yet
[12:51] <jdstrand> ok, if I 'sudo /snap/snapd/current/usr/lib/snapd/snap-discard-ns zoom-client' then do 'sudo rmdir /dev/shm/snap.zoom-client/' then I don't have to reboot. I can say that the snap-discard-ns by itself is not enough to fix it. I don't know if the rmdir alone would fix it
[12:51] <jdstrand> ogra: thanks for the pointer! :)
[12:52] <ogra> thanks for te test !
[12:52] <ogra> the rmdir alone didnt help for me 
[12:52] <ogra> i tried that
[12:53] <jdstrand> boy, this bug makes me feel all those browser apps might be affected since I know they use /dev/shm
[12:58] <ogra> well, i think it is unusual that apps and snapd switch at the same time to it ... but yeah, if you hit that corner case ...
[12:59] <jdstrand> maybe, but if people refresh, say, only on the weekends, etc...
[13:00] <ogra> well, i mean devs ... i dont think any of our browsers use the shared-memory interface yet 
[13:00] <jdstrand> oh I see
[13:01] <ogra> i was ahead with zoom since it actually completely switched its backend and hard-required a private /dev/shm
[13:04] <jdstrand> this makes things a little clearer on why things might fail if you go from no shared-memory to using shared-memory
[13:04] <ogra> right and both snaps upgraded at the same time 
[13:04] <ogra> i think there is some hidden race somewhere
[13:05] <jdstrand> mardy: fyi ^. also, a snap using shared-memory (eg, the new zoom-client revision), the /dev/shm dir has world-write permissions: drwxrwxrwx 2 root root 40 Apr 21 07:53 /dev/shm/snap.zoom-client
[13:05] <mup> PR #21: Drop the NotFoundHandler check that relied on undefined behaviour <Created by chipaca> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/21>
[13:15] <jdstrand> mardy, ogra (cc amurray and mvo): here is the security bug https://bugs.launchpad.net/snapd/+bug/1969777
[13:15] <mup> Bug #1969777: new shared-memory interface causes /dev/shm/<snap> dir to have world-write permissions <snapd:New> <https://launchpad.net/bugs/1969777>
[13:16] <jdstrand> ogra: I referenced the problem we discussed in it
[13:18] <ogra> jdstrand, well, the point is there was no "before" zoom has not used /dev/shm in former versions IIRC
[13:36] <jdstrand> ogra: I can rephrase. that directory was present with 170 though
[13:36] <ogra> hmm
[13:37] <jdstrand> that's just part of the launcher sequence
[13:37] <jdstrand> iirc
[13:38] <jdstrand> well, now I don't remember how that all works otoh, *but* that directory was present, was 0755 and I had to rmdir it
[15:37] <pikapika> Does snap follow apt's orders regarding when to update, apt freeezes etc or does it have its own mind?
[15:40] <Wimpy> pikapika: snap doesn't interpret apt directives. It is a completely different system.
[15:40] <pikapika> Wimpy, how do we control a given snap
[15:40] <pikapika> ie can we tell it to only upgrade manually
[15:40] <Wimpy> What do you mean by control?
[15:40] <pikapika> and where is it's configuration stored
[15:40] <Wimpy> No, snaps always auto update.
[15:41] <pikapika> How can that be disabled?
[15:41] <Wimpy> You can defer updates for a while, but after 30 days they will update.
[15:41] <pikapika> I see
[15:41] <Wimpy> It can not be completely disabled.
[15:42] <ogra> you can delay updates by 30 days as Wimpy said ... but the new desktoip will have additional integration 
[15:43] <pikapika> ogra, where is a snaps .config folder
[15:43] <ogra> you get a notification about upgrades ... and eventually you will also be able to manage them
[15:43] <ogra> pikapika, ~/snap/<snapname>/current/
[15:45] <ogra> pikapika, or if you mean system wide you use "snap set system ..." https://snapcraft.io/docs/system-options
[15:46] <pikapika> ogra, is snap set system analogous to etc/ ?
[15:47] <ogra> it is for global snap serttings
[15:47] <pikapika> well
[15:48] <pikapika> it doesn't seem to be app specific
[15:48] <pikapika> so its not analogous
[15:48] <ogra> no, thats up to the app packagers 
[16:00] <mardy> jdstrand: thanks, indeed that's not right
[16:01] <jdstrand> ogra: fyi, the 'Launch meeting' functionality from the browser doesn't work right in zoom-client (separate from the other issue). (This is where you have a zoom url in say your google calendar, click it, takes you to a page that has a button to click that opens zoom)
[16:01] <jdstrand> ogra: you may need browser-support looking at the denials
[16:01] <jdstrand> (if you don't already)
[16:02] <jdstrand> I reverted again
[16:02] <ogra> i dont 
[16:02] <ogra> will add ... 
[16:02] <ogra> thanks for the report !
[16:02] <jdstrand> (in a meeting; a zoom meeting ;) )
[16:02] <jdstrand> thanks!
[16:03] <jdstrand> ogra: ping me and I can test the new version
[16:03] <ogra> will do 
[17:58] <mup> PR snapd#11702 opened: tests: add spread test to test upgrade from release snapd to current <Created by mvo5> <https://github.com/snapcore/snapd/pull/11702>
[21:29] <mup> PR snapd#11703 opened: tests: initial set of tests to uc22 nested execution <Run nested> <Created by sergiocazzolato> <https://github.com/snapcore/snapd/pull/11703>