mborzecki | morning | 05:40 |
---|---|---|
mup | PR snapd#11590 closed: interfaces: posix-mq: add new interface <⚠ Critical> <Squash-merge> <Needs Samuele review> <Created by IsaacJT> <Merged by mvo5> <https://github.com/snapcore/snapd/pull/11590> | 06:11 |
mup | PR snapd#11762 opened: interfaces: tweak getPath() slightly and add some more tests <Created by mvo5> <https://github.com/snapcore/snapd/pull/11762> | 06:21 |
jamesh | mborzecki: I filed https://github.com/seccomp/libseccomp/issues/383 based on yesterday's investigation. | 06:54 |
mborzecki | jamesh: thank you! | 06:54 |
mup | PR snapd#11763 opened: snapstate: do not auto-migrate to ~/Snap for core22 just yet <Created by mvo5> <https://github.com/snapcore/snapd/pull/11763> | 06:56 |
jamesh | mborzecki: one other thing I noticed while looking into this is that libseccomp's comparison operators are all unsigned, which is potentially an issue for the nice and setpriority rules in the base template | 07:02 |
jamesh | although maybe they are relying on negative values being excluded | 07:02 |
pstolowski | morning | 07:10 |
mardy | hi all! | 07:21 |
eoli3n | hi | 07:56 |
mardy | eoli3n: hi! I just sent another message to the forum, with one more request | 08:02 |
eoli3n | yep, done :) | 08:06 |
mardy | mborzecki: do you know where we are calling apparmor_parser to build a profile for snap-confine from the files we have in dirs.SnapConfineAppArmorDir? | 08:17 |
mborzecki | mardy:let me see, iirc it was the interface backends, but may be wong | 08:18 |
mborzecki | s/wong/wrong/ | 08:18 |
mborzecki | mardy: look at Initialize() | 08:31 |
mborzecki | mardy: yeah, apparmor bits of s-c are set up by the apparmor interface backend | 08:31 |
mardy | mborzecki: ah, silly me, I missed that call to loadProfiles() :-) | 08:37 |
eoli3n | mardy feel free to hl me here when you ask on the forum | 08:59 |
eoli3n | it will notify-send me | 08:59 |
mardy | eoli3n: can you please remove the filter on "#" in your last message? I'm actually mostly interested in #include lines :-) | 09:10 |
mardy | or grep with "# " | 09:13 |
eoli3n | oh sorry, ok | 09:18 |
eoli3n | just did mardy | 09:19 |
mardy | eoli3n: thanks! Last but not least: sudo apparmor_parser -p /etc/apparmor.d/usr.lib.snapd.snap-confine.real (you can write the output on the forum) | 09:43 |
eoli3n | mardy done | 10:07 |
mardy | eoli3n: that's so weird... Can you please show me the output of "ls -l /var/lib/snapd/apparmor/snap-confine" ? I asked in the forum, but you skipped this | 11:13 |
eoli3n | mardy, just added to the previous answer | 11:25 |
eoli3n | that one : https://forum.snapcraft.io/t/cannot-open-path-of-the-current-working-directory-permission-denied-bis/28704/20?u=eoli3n | 11:26 |
mardy | eoli3n: mmm... I'm a bit confused: ls says "total 4", but shows a single file? | 11:40 |
eoli3n | mardy it seems normal : https://x0.at/jLMr.txt | 12:08 |
mardy | eoli3n: but you also ran the command "cat /var/lib/snapd/apparmor/snap-confine/nfs-support" and you showed me its output. So that file does not exist anymore? | 12:53 |
eoli3n | i don't get what you mean ? | 13:02 |
eoli3n | rechecking | 13:03 |
eoli3n | that's right | 13:04 |
eoli3n | the file doesn't seem to be there anymore | 13:04 |
eoli3n | that's a test client, i redeployed it between tests | 13:05 |
eoli3n | maybe i need to trigger a firefox run to regenerate it | 13:05 |
eoli3n | just did, and the file is not generated | 13:06 |
eoli3n | lets try to restart snapd | 13:06 |
eoli3n | ok, the file is there | 13:06 |
eoli3n | i update the forum message | 13:06 |
eoli3n | mardy ^ | 13:06 |
eoli3n | done | 13:07 |
eoli3n | hey ! | 13:07 |
eoli3n | now running firefox give another error message, not the same one | 13:07 |
eoli3n | forget it | 13:09 |
eoli3n | just the same error with another extra one : https://x0.at/0dXh.txt | 13:10 |
mardy | eoli3n: ah, I see, but then I would also need to see the other outputs (in particular, apparmor_parser -p ...) when the nfs-support file is present | 13:28 |
mup | PR snapd#11764 opened: secboot/keymgr: remove recovery key, authorize with existing key <Simple 😃> <factory reset 🔌> <Created by bboozzoo> <https://github.com/snapcore/snapd/pull/11764> | 13:38 |
eoli3n | mardy i updated in the forum | 13:52 |
eoli3n | mardy do you have everything you need ? | 14:03 |
eoli3n | that's the week end for me here | 14:03 |
eoli3n | so if you need anything, feel free to ask on the forum, i will add this at the first hour on monday | 14:03 |
eoli3n | thanks for helping btw | 14:03 |
mardy | eoli3n: ok, I'll write there. Enjoy your week-end! | 14:04 |
eoli3n | thanks, see you | 14:04 |
mup | PR snapd#11737 closed: tests: run failed tests on nested suite <Run nested> <Run failed> <Created by sergiocazzolato> <Merged by sergiocazzolato> <https://github.com/snapcore/snapd/pull/11737> | 17:54 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!