[00:30] PR snapd#11812 opened: interfaces/shared-memory: Update AppArmor permissions for mmap+link [06:04] morning [07:04] morning [07:26] PR snapd#11813 opened: overlord/ifacestate: add journal bind-mount snap layout when snap is in a journal quota group (4/n) [07:42] PR snapd#11814 opened: cmd/snap: cleanup and make the code a bit easier to read/maintain for quota options [07:47] PR snapd#11815 opened: client,cmd/snap: add journal quota frontend (5/n) === benfrancis3 is now known as benfrancis [08:34] hi pstolowski, mborzecki [08:35] mborzecki: for the udev issues, I think that for the "unshare" one it's because of the sandboxing: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1971955/comments/30 It may be that it's relevant for the new bug too, since they claim it was working before [08:35] Bug #1971955: systemd-udevd call unshare process when attaching nvme volume

[08:38] mardy: hmm maybe you could try to allow that in the upstream like I did for the bpf, otherwise foundations may need to carry a patch [08:39] mardy: hmm guess the upstream may be so-so happy about the change to add unshare there [08:45] mborzecki: the reason why we are calling unshare, is it because the auto-import command performs some mounts and we don't want them to pollute the system namespace? [08:45] mardy: yes [09:23] mborzecki: OTOH, I see that we have PrivateMounts=yes on the systemd-udevd.service, so maybe we should remove the "unshare" part altogether? [09:25] mardy: yeah, it may be there in newer versions of systemd, you'd need to check versions back to 16.04 [09:30] mborzecki: yep, it's not in bionic [09:31] mardy: can you check with foundations what are their thoughts about allowing unshare there? [09:32] mardy: that seccomp filter is a recent thing too, i doubt that bionic has it [09:32] mborzecki: is it #ubuntu-devel, or some internal channel? [09:33] mardy: maybe mm is quicker [09:33] mardy: and perhaps you should add systemd to that bug too [09:33] this worked before, but stopped with new systemd [09:34] mborzecki: I'll first talk to them, thanks [10:12] PR snapd#11812 closed: interfaces/shared-memory: Update AppArmor permissions for mmap+link === benfrancis6 is now known as benfrancis [10:47] PR snapd#11572 closed: systemd: remove the systemctl stop timeout handling === benfrancis2 is now known as benfrancis [11:06] would udev rules created by snapd be regenerated when snapd gets updated? [12:33] PR snapd#11816 opened: run-checks: fail on equality checks w/ ErrNoState [12:38] PR snapd#8789 closed: interfaces/docker: use implicitOnClassic: true <⛔ Blocked> <:birthday:> [12:38] PR snapd#10029 closed: RFC: introduce alternate snap-confine for classic exec transitions (LP: #1849753) [12:38] PR snapd#11817 opened: many: print valid/invalid status on snap validate --monitor [12:55] PR snapcraft#3752 opened: requirements: update dependencies [13:28] PR snapd#11790 closed: tests: core20 preseed/nested spread test [13:43] PR snapd#11810 closed: tests: set `br54.dhcp4=false` in the netplan-cfg test [14:14] mvo: hi! We have a packaging/ubuntu-16.04/snapd.autoimport.udev which you created back in 2017, and also data/udev/rules.d/66-snapd-autoimport.rules - it seems to me that the former is unused, but can you please confirm? [14:18] mardy: uhh, I don't remember, I will check after my current meeting [14:41] PR snapcraft#3753 opened: parts: expand CRAFT_PROJECT_VERSION and CRAFT_PROJECT_GRADE [14:58] PR snapd#11712 closed: tests: Test for gadget connections [16:44] PR snapd#11468 closed: snap-bootstrap: Mount as private [18:14] PR snapd#11816 closed: run-checks: fail on equality checks w/ ErrNoState [19:41] PR snapcraft#3754 opened: spread: move core22 to stable [20:24] PR snapd#11818 opened: tests: disable centos 7 and start enabling centos 9 === tianon- is now known as tianon [22:51] PR snapcraft#3752 closed: requirements: update dependencies [22:51] PR snapcraft#3754 closed: spread: move core22 to stable