[01:33] <mup> PR snapcraft#3713 opened: requirements: unpin pyyaml and update dependencies <Created by cmatsuoka> <https://github.com/snapcore/snapcraft/pull/3713>
[01:38] <mup> PR snapcraft#3710 closed: tests: use craft-cli lib fixtures <Created by facundobatista> <Merged by sergiusens> <https://github.com/snapcore/snapcraft/pull/3710>
[02:54] <mup> PR snapd#11729 opened: cmd/snap-update-ns: correctly set sticky bit on created directories where applicable <Needs security review> <Created by jhenstridge> <https://github.com/snapcore/snapd/pull/11729>
[03:08] <jamesh> amurray: if you have a chance, could you have a look at https://github.com/snapcore/snapd/pull/11729? This is to fix the permission problems with the private shared-memory feature.
[03:08] <mup> PR #11729: cmd/snap-update-ns: correctly set sticky bit on created directories where applicable <Needs security review> <Created by jhenstridge> <https://github.com/snapcore/snapd/pull/11729>
[05:58] <mborzecki> morning
[07:26] <mardy> hi mborzecki 
[07:27] <pstolowski> morning
[07:30] <mup> PR snapd#11730 opened: tests/lib/tools: add piboot to boot_path() <Simple 😃> <Bug> <Created by Meulengracht> <https://github.com/snapcore/snapd/pull/11730>
[07:32] <mardy> hi pstolowski 
[08:45] <mup> PR snapd#11721 closed: cmd/snap: handler call verifications for cmd_quota_tests <Simple 😃> <Created by Meulengracht> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/11721>
[08:49] <jamesh> mvo: hi. For https://github.com/snapcore/snapd/pull/11708, I need a newer libseccomp than snapd is built with. What's the process for getting it updated?
[08:49] <mup> PR #11708: interfaces: add a steam-support interface <Created by jhenstridge> <https://github.com/snapcore/snapd/pull/11708>
[08:51] <mvo> jamesh: ideally we would SRU it into the distro pfsmorigo was working on this last time. we can put it into the image-ppa but we really want a SRU in parallel so that we are in sync with the distro and avoid that the distro gets e.g. a security update and we miss it because our PPA has a newer version
[08:52] <mardy> aaand, it's snowing :-)
[08:55] <jamesh> mvo: I thought that might be the case. Annoyingly, jammy has 2.5.3 when the syscall I want to allow was added in 2.5.4
[09:02] <jamesh> mvo: I also created https://github.com/snapcore/snapd/pull/11729 to address the directory permission bugs related to private shared-memory.
[09:02] <mup> PR #11729: cmd/snap-update-ns: correctly set sticky bit on created directories where applicable <Needs security review> <Created by jhenstridge> <https://github.com/snapcore/snapd/pull/11729>
[09:03] <jamesh> I think those problems would likely have affected the x11 interface too in the past, but likely only on some Ubuntu Core systems
[09:31] <mup> PR snapd#11731 opened: interfaces/builtin/custom-device: fix unit tests on hosts with different libexecdir <Simple 😃> <Skip spread> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/11731>
[10:16] <mup> PR snapd#11700 closed: sandbox: move profile load/unload to sandbox/apparmor <Simple 😃> <Created by mardy> <Merged by mardy> <https://github.com/snapcore/snapd/pull/11700>
[10:51] <mup> PR snapd#11732 opened: image, cmd/snap-preseed: allow passing custom apparmor features path <Preseeding 🍞> <Created by stolowski> <https://github.com/snapcore/snapd/pull/11732>
[11:04] <mup> PR snapcraft#3713 closed: requirements: unpin pyyaml and update dependencies <Created by cmatsuoka> <Merged by sergiusens> <https://github.com/snapcore/snapcraft/pull/3713>
[11:16] <mup> PR snapd#11733 opened: snap/quota: add values for journal quotas (journal quota 2/n) <Created by Meulengracht> <https://github.com/snapcore/snapd/pull/11733>
[11:16] <mup> PR snapd#11734 opened: interfaces: network-manager: add AppArmor rule for configuring bridges <Created by IsaacJT> <https://github.com/snapcore/snapd/pull/11734>
[11:26] <jamesh> mborzecki: thanks for your review on my PR. Do you have any thoughts about https://github.com/snapcore/snapd/pull/11729#discussion_r859652193 ?
[11:26] <mup> PR #11729: cmd/snap-update-ns: correctly set sticky bit on created directories where applicable <Needs security review> <Created by jhenstridge> <https://github.com/snapcore/snapd/pull/11729>
[11:26] <mup> PR snapd#11731 closed: interfaces/builtin/custom-device: fix unit tests on hosts with different libexecdir <Simple 😃> <Skip spread> <Created by bboozzoo> <Merged by bboozzoo> <https://github.com/snapcore/snapd/pull/11731>
[11:31] <mborzecki> jamesh: hey, let me reply on github
[11:32] <jamesh> mborzecki: thanks. This turned out to be even messier than I thought.
[11:34] <mborzecki> jamesh: yeah, the downsides of doing syscalls ourselves
[11:35] <mborzecki> jamesh: it'd be interesting to see if S_ISVTX is indeed a different bit on other systems, as i suspect that's the primary motivation for use of the helper on go side
[11:36] <jamesh> mborzecki: it's definitely different to the FileMode constants. 0o777 | fs.ModeSticky == 0o4000777
[11:36] <jamesh> rather than 0o1777
[11:41] <jamesh> mborzecki: the Go FileMode seems to be a union of the file modes of supported platforms (posix, plan9, windows)
[11:41] <jamesh> not sure why they decided to keep posix compat for the lower 9 bits but nothing else
[11:41] <mborzecki> heh fun
[11:42] <mborzecki> i also found a different value for wasm https://github.com/golang/go/blob/19309779ac5e2f5a2fd3cbb34421dafb2855ac21/src/syscall/syscall_js.go#L183
[11:43] <jamesh> That looks like the normal posix bit?
[11:44] <jamesh> 0o1000 == 0x200
[11:50] <mborzecki> ah you're right
[11:56] <jamesh> just imagine: if unix had one extra permission on top of read, write, and execute, we'd probably never want to use octal constants.
[11:59] <mup> PR snapcraft#3714 opened: spread: enable core22 <Created by sergiusens> <https://github.com/snapcore/snapcraft/pull/3714>
[14:41] <mvo> jamesh: \o/ for 11729
[14:57] <mup> PR snapd#11735 opened: tests/main/user-session-env: for for opensuse <Created by mardy> <https://github.com/snapcore/snapd/pull/11735>
[16:39] <mup> PR snapcraft#3715 opened: plugs: install snaps from content plugs <Created by mr-cal> <https://github.com/snapcore/snapcraft/pull/3715>
[18:09] <mup> PR snapcraft#3716 opened: meta: dump unicode yaml data <Created by cmatsuoka> <https://github.com/snapcore/snapcraft/pull/3716>
[18:28] <mup> PR snapd#11736 opened: interfaces/builtin: shared-memory drop plugs allow-installation: true <Created by pedronis> <https://github.com/snapcore/snapd/pull/11736>
[20:30] <mup> PR snapcraft#3717 opened: commands: release and close <Created by sergiusens> <https://github.com/snapcore/snapcraft/pull/3717>
[20:35] <mup> PR snapcraft#3716 closed: meta: dump unicode yaml data <Created by cmatsuoka> <Merged by sergiusens> <https://github.com/snapcore/snapcraft/pull/3716>
[22:10] <mup> PR snapcraft#3717 closed: commands: release and close <Created by sergiusens> <Merged by sergiusens> <https://github.com/snapcore/snapcraft/pull/3717>
[22:59] <mup> PR snapcraft#3715 closed: plugs: install snaps from content plugs <Created by mr-cal> <Merged by sergiusens> <https://github.com/snapcore/snapcraft/pull/3715>