[04:05] PR snapcraft#4046 opened: tools: move to the starbase tox configuration [04:40] PR snapcraft#4047 opened: ci: update deprecated node12-based actions [04:45] PR snapcraft#4048 opened: ci: remove deleted set-output GH Action command [09:17] PR snapd#12596 closed: i/apparmor,s/apparmor: move snap-confine snippet generation to sandbox [09:17] PR snapd#12597 closed: cmd/libsnap-confine-private: add sc_cleanup_deep_strv [10:53] PR snapd#12608 opened: cmd/snap-confine: read and mount homedirs in snap-confine [11:05] micchickenburger, you should take it to the forum (see channel topic) ... [11:13] PR pc-gadget#83 opened: Re-add an empty bios boot partition to allow updates === tjaalton_ is now known as tjaalton [13:30] PR snapcraft#4047 closed: ci: update deprecated node12-based actions [13:30] PR snapcraft#4048 closed: ci: remove deleted set-output GH Action command [13:30] PR snapcraft#4049 opened: build(deps): bump golang.org/x/text from 0.0.0-20170915032832-14c0d48ead0c to 0.3.8 in /tests/spread/general/hooks/generated-and-project-hooks/src [13:30] PR snapcraft#4050 opened: build(deps): bump golang.org/x/text from 0.0.0-20170915032832-14c0d48ead0c to 0.3.8 in /tests/spread/general/hooks/generated-then-project-hooks/src [13:30] PR snapcraft#4051 opened: build(deps): bump golang.org/x/text from 0.0.0-20170915032832-14c0d48ead0c to 0.3.8 in /tests/spread/general/hooks/generated-hooks/src [14:13] PR pc-gadget#83 closed: Re-add an empty bios boot partition to allow updates [14:14] PR snapd#12609 opened: tests: spread test pre-download and delayed auto-refresh [14:41] o/ . I'm having a problem using skopeo, that I think is related to snap. Errors can be seen https://github.com/project-machine/mos/actions/runs/4304524199/jobs/7505674646 [14:42] the summary: skopeo installed via 'snap --devmode', tries to execute newuidmap and newgidmap which are setuid root. [14:42] and fails with : Error: error running newgidmap: exec: "newgidmap": executable file not found in $PATH: [14:44] you shoudl talk to the publisher ... [14:45] (TBH this looks like a test snap that has never been finished ... last upload in 2019, only available in the edge channel) [14:45] yeah, i saw taht too. [14:46] but is there a general issue with snap calling setuid ? [14:46] i'd look to build one myself, but not if its going to result in the same problem. [14:47] wll, this is usually blockd on upload already ... typically a snap can not ship setuid binaries without having it expicitly granted by the security team [14:47] i assumed it was getting them from the host. [14:47] i'd have to do --classic to get that i guess, right? [14:48] yes, but hat means your packaging gets really hard (you need to make sure everything runs from the snap and the host stuff does not leak into your env in any way, while you actually *have* full access to the host) [14:48] classic is also only granted for a limited set of use-cases ... [14:49] https://forum.snapcraft.io/t/process-for-reviewing-classic-confinement-snaps/1460 [14:51] PR snapcraft#4052 opened: tests: remove unused go dependencies in generated hook spread tests [14:51] ok. well maybe its just not the right path then. it builds to a static executable so interaction with environment is not really a problem. [14:52] ah, yeah ... and cloud management or analysis is usually in the realm of getting classic permissions [14:53] the thing to keep in mind wit classic is ... will my snap run on kali linux, arch, fedora etc etc ... so you can not easily depend on something you do not ship ... [15:00] x [15:40] thank you, ogra [15:46] PR # closed: snapcraft#4026, snapcraft#4049, snapcraft#4050, snapcraft#4051 [18:11] PR snapcraft#4052 closed: tests: remove unused go dependencies in generated hook spread tests [22:16] PR snapcraft#4046 closed: tools: move to the starbase tox configuration