Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:ahmedmoselhi2:branches:system:snappy
snapd-git
snapd-git.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File snapd-git.changes of Package snapd-git
------------------------------------------------------------------- Tue Aug 06 08:22:34 UTC 2024 - ahmedmoselhi55@gmail.com - Update to version 2.63~git.fbfd72574d: * i/prompting: implement path pattern precedence (#13868) * i/p/requestprompts,s/a/n/listener: include explicit permissions in replies (#14196) * tests/kernel-modules-components: remove component * tests: fix microk8s-smoke test when the proxy is configured (#14268) * packaging/opensuse: disable DWARF and symbol table * packaging/arch: use snapd.mk * packaging: allow passing additional Go build and ldflags * packaging: fix invocation of the built snap binary * o/s/backend: restore properly when EnsureKernelDriversTree fails * snap: allow kernel-modules components only in kernel snaps (#14291) * snapcraft.yaml: pack snap-bootstrap because of uc20 (#14279) * cmd/snap-confine: improve compatibility with nvidia drivers (#14287) * Revert " nvidia: add support module with known nvidia libraries and globs …" (#14298) * nvidia: add support module with known nvidia libraries and globs (#14293) * o/snapstate: allow killing running snap apps during removal (#14189) * cmd/snap: rename cmd_* files to cmd_debug_* where appropriate * o/state: add notice types for request prompts and request rules (#14269) * i/apparmor: allow reading memory.max by default (#14275) * tests: fix mix-revision-and-channel to use revisions independent of architecture (#14281) * o/h/ctlcmd: support unsetting registry data in snapctl (#14218) * snapdtool, sandbox/apparmor: fix apparmor_parser lookup (#14240) * interfaces/builtin/gpio_control: add support for accessing gpiochip* devices (#14244) * tests: use ubuntu-image snap from beta channel * overlord: use testutil.BackupMany() * testutil: provide a type safe helper for mocking things, extend unit tests * many: fetch and auto-refresh registry assertions (#14158) ------------------------------------------------------------------- Sat Jul 27 22:14:36 UTC 2024 - ahmedmoselhi55@gmail.com - Update to version git.2.64: * tests: fix uc-update-assets-secure nested test in uc24 (#14262) * tests: add more workers to run ubuntu tests in openstack (#14257) * tests: fix download-timeout test (#14255) * o/snapstate: remove components on snap removal (#14235) * tests: use chown USER:GROUP instead of USER.GROUP (#14174) * tests: add testing support for opensuse 15.6 (#14247) * tests: allow download snpad snap from url (#14237) * daemon: replace TODO with TODO:COMPS where relevant * i/builtin: make registry role optional (#14222) * store/store_action_test.go: fix a typo in the name of a test * tests: remove components using snap command * client,cmd: support removing components and snaps with components * release: 2.64 * wrappers: correctly deal with activated services during service restart (#14242) * interfaces: switch steam to unrestricted seccomp profile (#14230) * interfaces,sandbox: transition steam to permissive apparmor profile (#14229) * tests/main/sudo-env: add Arch to distros using secure_path, verify workaround * tests,github,spread: fix debian prepare logic (#14226) * tests: fix preseed tests (#14224) * tests: fix muinstaller-real and recovery-system-offline tests (#14219) * tests: fixes uc24 nested tests - part 3 (#14114) * tests: create empty seed dir for images without seed (#14215) * tests/nested: adapt split-refresh test to UC24 changes (#14205) * cmd/snapd-apparmor: disable on WSL-1 and 2, fix tests (#14191) * tests/lib: do not touch /var/lib/snapd/kernel when restoring state (#14204) * cmd/snap: allow normal snap --version on WSL 2 (#14198) * tests/nested/manual/core20-4k-sector-size: do not assume we have xxd (#14190) * tests: fix errors building ubuntu core (#14187) * sandbox/apparmor: fix file permissions used in tests (#14186) * i/prompting/constraints: map get-attr and set-attr to read and write (#14142) * many: support killing running snap apps (#14160) * cmd/snap: inhibit snap run during snap removal (#14126) * daemon: add terminate flag to snap remove action (#14144) * wrappers: wrappers: cleanup and improve how we start/undo start services (#13958) * many: add support for seeding components from the store (#14181) * o/snapstate: refresh components from the store (#14199) * wrappers: correctly deal with activated services during service restart (#14242) * i/prompting/requestprompts: add package to manage outstanding request prompts (#13981) * interfaces,sandbox: transition steam to permissive apparmor profile (#14229) * interfaces: switch steam to unrestricted seccomp profile (#14230) * asserts: extend validation-set assertions to understand components * o/snapstate: only return snaps that are changing revisions during refresh from snapstate.RefreshCandidates (#14225) * packaging/ubuntu-16.04: do not restart snapd.mounts-pre.target * interfaces: simplify checks for polkit actions (#14206) * tests: fix preseed tests (#14224) * tests,github,spread: fix debian prepare logic (#14226) * tests/main/sudo-env: add Arch to distros using secure_path, verify workaround * Revert "sandbox/apparmor: do not skip ABI 4.0 from host parser (#14167)" (#14223) * Revert "interfaces,sandbox: transition steam to permissive apparmor profile (…" (#14227) * interfaces,sandbox: transition steam to permissive apparmor profile (#14221) ------------------------------------------------------------------- Tue Jul 23 05:38:46 UTC 2024 - ahmedmoselhi55@gmail.com - Update to version 2.63~git.2d9be0ba9d: * tests: new script used to build snapd and run tests from localhost (#14212) * c/snap-confine, i/udev, i/ifacetest: update snap-confine and snap-device-helper to understand component hook security tags (#13775) * tests: fix muinstaller-real and recovery-system-offline tests (#14219) * Revert "interfaces: adjust steam to allow all apparmor permissions (#14216)" (#14220) ------------------------------------------------------------------- Sat Jul 20 10:55:19 UTC 2024 - ahmedmoselhi55@gmail.com - Update to version 2.63~git.395baa8a02: * tests: fixes uc24 nested tests - part 3 (#14114) * sandbox/apparmor: do not skip ABI 4.0 from host parser (#14167) * interfaces: adjust steam to allow all apparmor permissions (#14216) * o/h/ctlcmd: support writing to registry views in snapctl (#14156) * cmd,image: adapt to changes in toolbox API * seed/seedtest: add support to test components * store/tooling: add support for downloading components * store: add method to extract resource from a snap action * store: add method to convert resource type to component type * tests: create empty seed dir for images without seed (#14215) * interfaces/builtin: isolate polkit tests from the host * cmd/snapd-apparmor: disable on WSL-1 and 2, fix tests (#14191) * cmd: show leak details if valgrind is present (#14163) * tests: use snapd-spread prefix for openstack images (#14203) * tests: support running tests in github agents with spread-enabled tag (#14210) * o/snapstate: remove unused test type (#14207) * tests: remove "Uploading TICS logs" step from static check (#14209) * o/snapstate, tests: allow mixing revision and channel on snap install (#14164) * tests/nested: adapt split-refresh test to UC24 changes (#14205) * interfaces/builtin: fix polkit rw/ro check (#14182) * tests/lib: do not touch /var/lib/snapd/kernel when restoring state (#14204) * many: install components from the store via the CLI (#14171) * interfaces: add new u2f token2 security keys (#14185) * cmd/snap: allow normal snap --version on WSL 2 (#14198) * tests/nested/manual/core20-4k-sector-size: do not assume we have xxd (#14190) * sandbox/apparmor: fix file permissions used in tests (#14186) * tests: fix errors building ubuntu core (#14187) * o/snapstate: refactor Update* family of functions to follow same patterns as Install* (#14146) * i/prompting/constraints: map get-attr and set-attr to read and write (#14142) * interfaces/builtin/home: autoconnect home on core desktop (#14106) * many: update apparmor to 4.0.1 (#14150) * cmd/cmd_prepare_image: support for components option * image: support for local components * o/devicestate: adapt to writer changes * seed: add supports for local components * many: update component-related TODOs to use TODO:COMPS * interfaces/serial-port: allow RPMSG dev node (#14169) * o/snapstate: add functions to create tasks to remove components * o/sequence: return ComponentState in ancillary method * snap: add error type used when a component is not installed * daemon: support removing components * cmd: make sure there are no crashes in no api data is returned * i/apparmor: add snippets with priorities (#14061) * interfaces/display-control: allow changing brightness and backlight power for LVDS (#14159) * interfaces/builtin/cpu-control: add c-state switch capability to cpu-control * many: fix iface static attrs not properly updating (#12878) * Squashed 'tests/lib/external/snapd-testing-tools/' changes from 1c8efb77e1..cdf5cfd47b (#14157) * tests: fix apt-hooks in ubuntu oracular (#14155) * tests: remove centos 7 support (#14147) * sandbox/apparmor: aare exclusion rule generation (#13488) * o/h/ctlcmd: support reading registry views in snapctl (#14120) * o/hookstate/ctlcmd: queue service commands if run from default-configure hook (#13960) * cmd/snap: add debug api command * client: expose a helper for executing raw queries to the snapd API * Add Raspberry Pi 5 raw-usb paths (#14151) * fix(custom-device): enable locking in apparmor custom-device for device write * data, packaging: install polkit policy files via data Makefile * tests: properly build snapd snap (#14141) * daemon: fix data race accessing requestedRestart * o/snapstate: account for remodeling when installing prereqs as well as updating them (#14137) * o/snapstate: install components and snaps from file simultaneously (#14095) * tests: fix change_id used for grafana (#14148) * tests: fix fedora-40 issues and remove centos-8 support in tests (#14145) * interfaces: give priority to desktop-launch over desktop-legacy (#13933) * tests/main/fake-netplan-apply: support for Ubuntu 24.10 * interfaces/builtin/lxd-support: allow LXD to manage its own cgroup * i/prompting: render path patterns variants using recursive descent parser (#14059) * tests: fix upgrade-from-release test in ubuntu noble (#14125) * daemon, cmd/snapd: propagate context (#14130) * cmd/libsnap-confine-private: recognize relative /snap symlink * github: ignore snap-confine apparmor profile in woke checks * cmd/snap-confine: fix typo: instances * cmd/snap-confine: use dynamic SNAP_MOUNT_DIR in ns-support * cmd/snap-confine: use dynamic SNAP_MOUNT_DIR in mount-support * cmd/snap-confine: use dynamic SNAP_MOUNT_DIR in sc_invocation * cmd/snap-confine: replace SNAP_MOUNT_DIR with SNAP_MOUNT_DIR_LIST * cmd/snap-confine: probe SNAP_MOUNT_DIR on startup * cmd/libsnap-confine-private: add SNAP_MOUNT_DIR test fixture * cmd/libsnap-confine-private: add sc_set_snap_mount_dir for testing * cmd/snap-confine: do not include test-utils.h from non-test code * cmd: link snap-device-helper tests with snap-dir.c * tests: filter spread logs to be sent to grafana (#14127) * tests:updated the backends list used for openstack (#14131) * o/snapstate: make a managed refresh schedule not require any additional checks (#14107) * tests/main: account for expected failures when running with SNAP_REEXEC=1 * tests/main/command-chain: bump the test base * snapdtool: proceed with trying reexec when SNAP_REEXEC=1 is set on an unsupported distro * i/builtin: add registry interface (#14113) * snapdtool: simplify check * snapdtool: fix unit tests on distros with /usr/libexec * snapdtool: extract a helper for determining process binary and root * snapdtool: tweak name of env variable passed to indicate FIPS bootstrap * snapdtool: add missing copyright information header * cmd/snap-repair: leave TODO about setting up FIPS mode * cmd/snapd: setup FIPS * cmd/snap: setup FIPS * snapdtool: add helpers for setting up FIPS environment * o/snapstate: install components from the store (#14092) * many: modify snap run to understand component hooks (#13976) * tests/main/fake-netplan-apply: update as the test reuses netplan-snap * tests/core/netplan: override ld.so cache to avoid the host's cache files * tests/main/snap-run-inhibition-flow: set Python IO encoding * tests/main/snap-run-inhibition-flow: set Python IO encoding * tests/main/interfaces-snap-refresh-observe: override Python's IO encoding guess * spread: add Ubuntu Pro systems * tests: remove snapd16 test (#14119) * o/hookstate: add comment explaining that we do not support hijacking component hooks * o/hookstate: use different component revision from snap revision in tests * o/hookstate: remove omitempty on struct * o/hookstate: correct doc comments on new methods * o/hookstate: modify HookManager so that it can run component hooks * o/hookstate: add methods to Context for working with component hooks * o/snapstate, o/hookstate: add fields to HookSetup to pass along component info * tests: increase the number of workers we use in openstack * github: create group and home for test-user * i/b/network_manager: allow access to gnutls config for both plug and slot (#14079) * o/configstate/configcore: include newlines in proxy entries added to /etc/environment * spread: bump snapd tag used for reference when generating deltas * tests/component: check message on installation * cmd/snap: show components information for local installs * daemon: set only component information in returned api data * o/snapstate: make sure we do not need a component before removing it * o/snapstate: look at all sequence points to assign a local revision * o/snapstate: and ancillary methods for components * o/snapstate: implement download-component handler (#14070) * asserts: allow $PLUG_PUBLISHER_ID in plug attribute constraints * tests/lib/nested.sh: fix check * tests/nested: adapt muinstaller tests to UC24 changes * registry: validate view names on registry creation (#14096) * tests: run spread tests in fedora-40 (#14099) * tests: set SNAP_MOUNT_DIR in debug section * daemon: fix racy tests caused by copy-pasted variable * snapcraft: leave a TODO about populating manifest content during FIPS build * snapcraft: pull libssl files from core22 fips-updates snap * snapcraft: drop requirefips build tag * overlord,wrappers: s/{Start,Stop,Restart}ServiceFlags/{Start,Stop,Restart}ServicesOptions * tests: add extra storage to arch vms in google cloud * tests: skip removing test-snapd-rsync-core24 during reset * daemon: ensure stability of components list in snap info * tests/main/lxd-mount-units: account for no seeded snaps in 24.10 either * tests/main: use ubuntu-daily for 24.10 in various LXD related tests * snap-{seccomp,confine}: replace global seccomp filter with template * client: define components type * daemon: send components information on GET /v2/snaps * snap,overlord: add functions to find out components fs info * daemon: fix some messages produced on component installation * sandbox/apparmor: refactor parser feature test * cmd/libsnap-confine-private: add snap mount dir detection * tests: install pylint in nightly tiobe tics run * o/snapstate: properly ignore prereqs during remodels * tests/muinstaller{,-core}: use variable for core version * spread.yaml: remove reference to ubuntu-core-launcher * sandbox/apparmor: remove references to ubuntu-core-launcher * interfaces/systemd: replace ancient copy-pasted comment * interfaces/apparmor: replace references to ubuntu-core-launcher * packaging: remove ubuntu-core-launcher * cmd: do not install ubuntu-core-launcher symlink * cmd/snap-confine: remove special behavior when called as u-c-l * snapcraft: add libssl to the snap * github: enable FIPS build * snapcraft: use FIPS toolchain and build tags when building with FIPS enabled * snapcraft: log the location of Go binaries and their version * github: optionally use Go FIPS toolchain during the build * cmd/snap-seccomp: fix default action on deny filter in devmode * interfaces: Fixup raw_usb AppArmor path for the Thinkpad x13s * o/snapstate: refactor Install functions to use a singular implementation that operates on a Target (#13949) * registry: restrict path patterns (#14090) * i/prompting: implement path pattern matching (#13866) * many: rename aspect/bundle to view/registry * tests/smoke/install: allow DEBUG traces in stderr output * tests/main/snap-quota-journal: fix match to include optional decimal part * osutil/fips: helper for testing whether FIPS mode is enabled (#14080) * many: add a *SnapAppSet to ConnectedPlug/Slot types and use it to build label expressions in interfaces (#13773) * tests: fix uc24 nested tests part 2 (#14069) * tests: new spread log utils (#14062) * o/devicestate: create pending users after receiving a serial (#14058) * tests: remove tiobe tics checks for prs (#14081) * o/configstate,o/snapstate: configurable refresh inhibition days number (#13485) * i/b/network_manager: add mptcp paths as available for network-manager to support MPTCP sockets * many: add Provenance field to ComponentInfo (#14067) * o/configstate/configcore: guard against classic systems for kernel commandline params (#14063) * tests/recovery-system-reboot: fix revisions overwritten by bad merge * many: build drivers tree when current mount is not the target mount (#14047) * many: replace interfaces.Repository.AddSnap with AddAppSet (#13772) * many: include prompt prefix in apparmor rules (#13822) * wrappers: only fail when stopping a service if it actually is still running * o/snapstate: speedup auto-refresh variants of split refresh tests * o/snapstate: refactor/optimise dependency setup in split refresh * tests: remove centos-8 support (#14056) * tests: first set of changes to make nested tests run (#13889) * gadget/install: move kernel snap info definition to separate file * packaging/debian-sid: remove secboot related files from boot * packaging/debian-sid: keep gadget/install/kernel.go * spread, github: add Ubuntu 24.10 (#14012) * tests: reduce tests for trusty (#14045) * tests: unification between spread and spread-nested in workflow/test.yaml (#14032) * o/snapstate: fix snap lock leak * wrappers: refactor StopServices to account for sending --disable to the user-session agent * tests: add rpm-build as dependency for opensuse systems * tests: use no-debug-output for spread (#14054) * tests: increase the StartLimitBurst default value to 10 (#14051) * wrappers: proxy missing enable+disabledSvcs to service agent (#13957) * tests: add packaging link for fedora-40 (#14049) * o/snapstate: enable split refresh for auto-refresh (#14039) * interfaces/desktop: allow DBus communication with colord (#13353) * boot: do not import go-efilib on nosecboot (#14036) * tests/main/snapd-snap: stop testing building of snapd snap on 14.04 (#14030) * notify: Dont send refresh complete notification if snap refresh observe is connected (#13936) * api-snaps: add refresh-observe access to /v2/snaps/{name} (#13931) * run-checks: skip high-level tests requirement for interfaces with a standalone test (#14033) * .github/workflows: enable test workflow to retrieve pr labels for any repo (#14048) * tests: revert change to used --comment in adduser (#14038) * tests/nested: use None as single datasource in the tests * o/snapstate: ensure default provider waits for base in split refresh (#13991) * a/snapasserts, o/assertstate: implement validate-component task handler (#13964) * o/ifacestate: properly undo setup-profiles on component installation (#13977) * many: update snap.ReadComponentInfoFromContainer to take in an optional snap.ComponentSideInfo that contains the component revision (#13979) * daemon: make sure to re-pin validation sets that were already pinned when enforcing new validation sets (#13989) * store: interface with the store to request snap resources (#13982) * i/builtin/power-control: add paths for battery charging thresholds to power-control interface (#13722) * o/snapstate: handling of unexpected runtime restart (#14002) * tests: do not use /etc/timezone * sysconfig/cloudinit: check if disabled via kernel cmdline (#14034) * notices: ensure that two notices don't have the same lastDateTime (#13816) * packaging/snapd.mk: generate GNU build ID for Go binaries * boot,bootloader: add support for shim fallback and setting EFI boot variables on install (#13511) * tests: create test user with useradd in uc24 (#14028) * daemon: attach affected-snaps data to tasks (#13953) * cmd/snap: improve error message on running a non-existing snap (#13895) * usersession: Use the app name from .desktop file in notifications (#13678) * snapcraft.yaml: use expected path for snap-confine apparmor profile (#14029) * tests/nested/manual/recovery-system-reboot: use updated core22 base (#14024) * tests: kill pending process on failure (#14026) * snapcraft.yaml: add missing etelpmoc.sh for shell completion * tests: add integration test for cifs /home * tests: deal with pre-release suffix in systemd versions (#14013) ------------------------------------------------------------------- Thu May 30 19:51:14 UTC 2024 - ahmedmoselhi55@gmail.com - Update to version 2.63~git.3c8e7aa6a: * o/snapstate: test for specific errors returned by Install and InstallMany (#14027) * tests: test refresh mixing essential and apps in hybrid systems (#13932) * run-checks: fix condition for running pr title check * tests: simplify the pr-title check * tests/main/apparmor-batch-reload: limit the test to 20.04 and 24.04 * tests/main/apparmor-batch-reload: make the test more robust * tests/main/apparmor-batch-reload: account for -j<n> argument * snapcraft.yaml: call craftctl less often * cmd/Makefile.am: do not install ubuntu-core-launcher in the snap * tests: update check-pr-title script to use it in forked projects (#14020) * many: build drivers tree on install (#13923) * HACKING.md: expect snapcraft 8.x * cmd/configure: add --enable/disable-host-binaries * snapdtool/cmdutil.go: do not override dynamic linker for snapd snap * snapcraft.yaml: build on 22.04 * build-aux/snap/patches: move to build-aux/snap/local/ * systemd: strip pre-release suffixes when comparing versions * HACKING, packaging: update dependencies and information on installing development dependencies (#13968) * tests: run test workflow on security release PRs (#14011) * data/systemd/snapd.service, tests/core/snapd-failover: use RestartMode=direct (#13998) * tests/lib/muinstaller: update snapd dependency * o/snapstate: in hybrid systems re-refresh before reboot if possible (#13955) * tests: implement TODO in main/writable-areas from 2016 * chore: slice loop replace * tests: explicitly remove the mount point * tests: use consistent syntax to call snapctl * tests: use snapctl umount rather than umount * tests: use None data source for cloud-init * packaging: remove stale workaround from snap-seccomp RHEL build * interfaces/network-control: Allow systemd resolved cache flushing via D-Bus * snapdtool: simplify check for reexec being enabled * spread.yaml: remove Fedora 38 (EOL) * tests/lib/muinstaller/main.go: fix compilation * tests: add more storage for sru google instances (#13995) * tests: kill process in interface-process-control as early as possible (#13973) * cmd/snap-failure: do not attempt to revert snapd when reexec isn't supported by the systemd * cmd/snap-failure: mock systemctl at the test suite level * snapdtool: export helper for asserting whether reexec is enabled for a given distro * snapdtools: export a helper for asserting whether reexec is enabled * Merge pull request from GHSA-p9v8-q5m4-pf46 * tests: skip tics tool installation in self-hosted runners (#13993) * tests: moving out google machines from us-east1-b (#13992) * osutil: switch to -u UID:GID for strace-static (#13950) * spread.yaml: revert "spread.yaml: disable centos-9" * cmd/snap: fix port usage after release * packaging: depend on systemd-dev for udev.pc * spread.yaml: disable centos-9 * tests: fix/optimise download timeout spread test * tests: run static analysis for prs in self-hosted runners (#13855) * tests/lib/fakestore/store: do not hardcode port in fakestore unit tests * tests: fix snap run test for debian-sid * check-pr-title.py: allow parenthesis before colon in PR titles * o/ifacestate: mock snapd.apparmor.service check * o/devicestate: fix unit test failure when host snapd isn't running * o/configstate: enable logging for current snapd instance * many: add options to the logger to be able to enable internally debug traces * cmd/snap-seccomp: define GNU_SOURCE for fallocate * many: generate security profiles from component hooks (#13686) * many: add components to interfaces.SnapAppSet (#13837) * packaging: do not require fakeroot on Amazon Linux 2 * spread: enable EPEL on CentOS 9 * packaging/fedora: disable logging of executed commands * packaging: make sure that /var/lib/snapd/environment exists (#13944) * tests: test details part 15 (#13941) * tests: add test details for services-related spread tests, and a few others (#13942) * tests: add details for some snap-confine relate tests (#13934) * tests/main: add missing test details (#13935) * tests: add details for some snap connection command line tests (#13938) * tests: add details for some "snap debug" tests (#13939) * tests: add details for some various tests (#13940) * tests: more details in spread tests - part 14 (#13926) * tests: add details to more spread tests (#13937) * o/snapstate: make apps not wait for reboots in path installs (#13925) * tests: add details for some tests related to services (#13927) * tests: add details to more spread tests * tests: add details in tests for some snap subcommands * tests: add test details (#13930) * i/prompting: add constraints and abstract permissions (#13850) * tests: more details in spread tests - part 13 (#13924) * tests: add tests details part 12 (#13914) * o/snapstate: apps don't wait for reboot on classic w/ kernel (#13852) * packaging: make sure <state>/snapd/enviroment is created * cmd/snap-mgmt: remove /var/lib/snapd/environment/* on purge * tests/core: add test for UC debug options * o/configstate: add ubuntu core debug options * data/systemd: add additional environment file * systemd: and method to set the log level * i/prompting: add package for prompting common types/functions (#13849) * tests/nested/manual/uc20-install-in-initrd: enable for uc20 * tests: add core24 system to uc20-install-in-initrd * tests/core/snap-set-core-config: fix test for UC24 * tests: add details for core tests suite (#13912) * tests: add details to spread test (#13919) * interfaces/builtin, snap: remove sanitized plugs from component hook plugs (#13774) * tests: add details to some tests * tests/main: document more tests, tweak documentation of another (#13916) * tests/main: document snap-run-symlink (#13918) * cmd/snap-confine: remove unused spread tests * tests/completion: document the "three" completion tests * store: fix race condition warning in test * tests: use lxd snap from candidate in spread tests (#13836) * testutil: increase settle timeout when running -race * boot: do not warn about not found assets not in modeenv * tests: improve the debug output for spread tests (#13903) * github: leave TODO about running unit tests of C code on Ubuntu * github: add job which runs unit tests on other distributions * snap/squashfs: determine path of mksquashfs at runtime * snap/squashfs: fix test suite cleanup * packaging/fedora: add squashfs-tools to build requirements * packaging/fedora: unit tests require fakeroot, add it to build requirements * o/ifacestate/udevmonitor: mock udevadm * tests/main: document more tests (#13900) * tests/lib/fakestore/store: use graceful shutdown from net/http.Server (#13898) * overlord: more typos found while browsing through code (#13904) * wrappers: mount /usr/lib/snapd before udevd starts * sysconfig/cloudinint: accept exit status 2 as not an error * features: add checks for prompt support in apparmor parser and kernel * s/apparmor: expose entries in policy/permstable32 as kernel features * tests: document or tweak documentation of interface tests (#13896) * interfaces/apparmor: make the HomeIx unit test more realistic * interfaces/apparmor: log a warning when pattern cannot be expanded * interfaces/apparmor: panic when template snippets cannot be expanded during testing * o/snapstate: fix race in fake store operations * o/snapstate: fix more racy operation in fake backend * wrappers: use Getuid in unit test to match the SetupTest code * o/snapstate: fix race in fake backend operations * tests: document main/try * tests: document main/try-non-fatal * tests: document main/try-snap-goes-away * tests: document main/try-snap-is-optional * tests: document main/try-twice-with-daemon * tests: document main/try-with-hooks * tests: document main/uc20-create-partitions* tests * tests: document main/unhandled-task * tests: rewrite documentation of main/upgrade-from-2.15 * tests: rewrite documentation of main/user-data-handling * tests: document main/validate-container-failures * tests: document main/validate-container-happy * tests: trim trailing space in main/vitality * tests: document main/vitality * tests: document main/whoami * tests: document main/writable-areas * tests: document main/xdg-open * tests: document main/xdg-open-portal * tests: document main/xdg-settings * github: add 'race' unit test variant * run-check: add go test -race support * github: split unit tests variants into a separate job * snap-presed: overwrite snapd current symlink when resetting * snap-preseed: set symlink before calling snapd * tests: add details to a new set of tests - part 9 (#13864) * tests: add details to some of the tests in main suite (part two) (#13885) * tests: include details to a set of tests - part 8 (#13863) * tests: add details to a new set of tests - part 10 (#13865) * usersession/agent: implement support for enable and disable functionality in service code * release: 2.63 * interfaces/udev: generate rules with deprecated command line (#13882) * interfaces/opengl: enable use of nvidia container toolkit CDI config generation (#13847) * tests/regression: skip lp-1848567 if internal parser is used (#13874) * data/selinux: update policy to allow stat of /run/systemd/container (#13872) * cmd/snap-confine: skip device cgroup setup when running inside a container (#13859) * i/apparmor: allow snap-update-ns to traverse to /var/lib/snapd (#13858) * i/apparmor: fix snap-update-ns with ecrypfs home (#13857) * overlord/snapstate: fix calls to compMntDir * overlord/snapstate: fix calls to createTestComponent * o/snapstate,tests: discard previous component on a component refresh (#13842) * i/apparmor: add missing expansion for s-u-n template (#13853) * o/snapstate: use StartBeforeDriversLoad only for systems with modes * build-aux/snap: ship snap-debug-info.sh script * tests/core20-kernel-failover: use kernel from beta channel (#13839) * tests: fix fake-netplan-apply test (#13808) * tests/core20-kernel-failover: increase timeout waiting for try-kernel (#13835) * packaging: add kmod as Depends (#13830) * overlord/snapstate/backend: mock depmod * interfaces/udev: generate rules with deprecated command line (#13882) * interfaces/opengl: enable use of nvidia container toolkit CDI config generation (#13847) * tests: document nested suites (#13879) * tests: document smoke/versioning (#13881) * tests: add ubuntu noble to the google-nested-dev backend * tests: document nightly/sbuild * tests/regression: skip lp-1848567 if internal parser is used (#13874) * tests: add details to regression tests (#13877) * data/selinux: update policy to allow stat of /run/systemd/container (#13872) * many: support user-daemons in QueryDisabledServices * tests: import tests with details from snapd-testing-tools (#13846) * interfaces: fix typo: calculate * o/snapshotstate: fix typo: calculate * o/snapshotstate: fix typo: backend * o/snapshotstate: fix typo: abandoned * o/snapshotstate: fix typo: formatting * tests/regression: fix typo: having * tests: add noble to qemu-nested backend * tests: document upgrade/selinux-relabel * tests: document upgrade/basic * tests: fix typo: downloading * tests: document unit/shell-traps (tweaks) * tests: document unit/go * tests: document unit/c-unit-tests-gcc * tests: document unit/c-unit-tests-clang * tests: document smoke/find-info * tests: document smoke/install * tests: document smoke/remove * tests: document smoke/sandbox * tests/smoke: fix typo: required * tests/smoke: fix typo: secondary * po: document process to generate launchpad translations * cmd/snap-confine: skip device cgroup setup when running inside a container (#13859) * i/apparmor: allow snap-update-ns to traverse to /var/lib/snapd (#13858) * i/apparmor: fix snap-update-ns with ecrypfs home (#13857) * o/snapstate,tests: discard previous component on a component refresh (#13842) * i/apparmor: add missing expansion for s-u-n template (#13853) * o/snapstate: use StartBeforeDriversLoad only for systems with modes * daemon, o/snapstate, snap: add hooks to snap.ComponentInfo (#13771) * s/cgroup, systemd: escape systemd unit names in CreateTransientScopeForTracking (#13763) * build-aux/snap: ship snap-debug-info.sh script * tests: enable nested uc24 (#13820) * desktop/notification/notificationtest: fix data races * o/configstate/configcore: fix data races in unit tests * dbusutil/netplantest: add way to sync, and sync access to exported API objects * tests: Ensure that parseOptionalTime honors nanoseconds (#13819) * seed: stop span before returning job outcome * seccomp-support: check filter length value before reading * tests: update go version used in nightly workflow (#13838) * tests/core20-kernel-failover: use kernel from beta channel (#13839) * tests: fix fake-netplan-apply test (#13808) * tests/core20-kernel-failover: increase timeout waiting for try-kernel (#13835) * tests: add missing dependency to nightly workflow (#13834) * packaging: add kmod as Depends (#13830) * overlord/snapstate/backend: mock depmod * cmd: snap-bootstrap: fix unpreseeded sigle boot install (#13475) * kernel,overlord: fix component unit tests * tests: improve nightly github workflow (#13825) * daemon: fix notices API tests on non Ubuntu (#13823) * o/snapstate: add support for kernel-modules handlers (#13748) * cmd/snap: record snap-run-inhibit notice (#13770) * go.mod: update secboot to handle new sbatlevel (#13807) * tests: run tiobe tics tool in a nightly workflow (#13814) * snap: change where components are mounted * o/snapstate: fix AddComponentForRevision * tests/main/component: check for symlinks for active component * o/snapstate: create/remove symlinks to active component * o/snapstate/backend: add methods to (un)link components * snap,overlord: include revision in mount dir of components * many: add support for user daemons in "snapctl services" (#13806) * interfaces/bultin/kubernetes_support: allow SOCK_SEQPACKET * aspects: limit Set value's nestedness (#13815) * aspects: make unset and set behaviour consistent with options (#13762) * snapdtool: fix unit tests when running on distro using /usr/libexec/snapd (#13818) * tests/lib/prepare.sh: use ukify instead of llvm-objcopy (#13812) * .github/workflows, advisor, packaging: switch to go.etcd.io/bbolt (#13804) * daemon,cmd/snap: support for user services in snap services (#13381) * o/state, o/snapstate: use warnings as fallback for RAA desktop notifications (#13780) * interfaces/builtin/system_observe: allow listing systemd units and their properties (#13766) * data/systemd: allow notifications for all snapd subprocesses (#13797) * snap-seccomp, snap-confine, i/seccomp, tests: rework seccomp denylist (#13443) * aspects: validate map keys in Set value (#13800) * tests: move ubuntu core os.query logic to prepare.sh (#13796) * aspects: aspect-bundle's request fields are optional (#13778) * o/state,daemon: add snap-run-inhibit notice * gadget: cleanup files removed by gadgets * cmd/libsnap-confine-private: account for 'kill' apparmor profile mode * tests/main/high-user-handling: force kill test user's session (#13805) * tests: adding details to tests in core suite - part 1 (#13789) * cmd/snap: use updated "current" revision after snap refresh run inhibition (#13747) * client: add support to send notices (#13791) * tests: first set of test fixes for uc24 (#13739) * tests: add static checks for snapd branches (#13784) * o/snapshotstate/backend: delay finalizer call during StreamTo * desktop/notification/notificationtest: fix deadlock in CloseNotification * cmd/snap-bootstrap/triggerwatch: fix data race in tests (#13794) * tests: teach spread-shellcheck about spread variables * tests: silence shellcheck warning * desktop/portal: fix data race in unit tests * desktop/notification/notificationtest: fix data race * timeutil: fix data race in unit tests * c/snap: change URL "http://localhost:0" in TestWait so that it always fails to create connection * c/snap: do not close test server until test is over * store: conditionally skip download monitoring unit tests * many: generalize wording of NFS workaround (#13758) * interfaces/builtin: allow kwalletd version 6 (#13757) * interfaces/builtin: add missing time64 mqueue syscalls to posix_mq interface (#13767) * osutil: extend nfs-based home to support cifs * boot: prune some bootchains that should not happen (#13750) * many: remove usages of deprecated io/ioutil package (#13768) * cmd/snap-confine, interfaces/udev: device cgroup support for non-strict confinement (#13777) * tests: fix run-spread test to allow running multiple tests on custom variant (#13751) * tests: re-organize the perf test suite (#13672) * o/i/a/common: test that CheckAccess attaches all interface to remoteAddr * tests/lib/reset: try to identify unexpected snap units still present after purge * tests/main/preseed-lxd: restore apparmor profiles on the host * usersession/client: support additional arguments for start/stop/restart operations, * o/state: adjust format of task failed log message * daemon: allow multiple interfaces in `interface{Open,Authenticated}Access` * daemon: make ucrednet support multiple interfaces idempotently * o/servicestate: support for user services (#13380) * snap: format container.go * Revert "i/builtin: allow docker-support to use mqueue (#13738)" (#13765) * cmd/libsnap-confine-private: validate instance name length * cmd/snap-confine: avoid TOCTOU with /var/lib/snapd/hostfs * cmd/libsnap-confine-private: check return values in tests * tests:fix checks done when snapd is install from ppa (#13761) * spread.yaml: add ubuntu-24.04-64 to qemu spread backend (#13756) * i/builtin: allow docker-support to use mqueue (#13738) * tests: update sru validation process (#13755) * cmd: update Go binaries targets * interfaces/desktop: allow DBus access to plasmashell (#13737) * asserts: add support for components in model assertion * asserts: refactor so checkModelSnap fills all ModelSnap fields * many: merge release 2.62 (#13749) * boot: do not sort list of hashes for boot assets * o/snapstate: make sure new local installation get always a new * sandbox/apparmor: detect but ignore apparmor 4 (#13740) * daemon: fix local time comparison in tests * tests: check that each test does fakestore teardown * tests/main/lxd-no-fuse: remove fuse and fuse3 * tests/main/services-user: remove polkit policy file * tests: fix recovery-system-reboot install test that was being interrupted by a system reboot (#13736) * gadget: if storage traits is zero sized file, assume traits do not exist (#13719) * tests: initial changes to run core suite in uc24 (#13712) * tests/main/microk8s-smoke: remove pods, nods and stop all processes * tests/main/cgroup-devices-v2: collect more debug information * tests: use snapcraft and lxd with latest fixes where possible (#13724) * tests: remove packages marked for auto-removal before running any tests * sandbox/apparmor: prefer apprmor 4.0 ABI if available * sandbox/apparmor: use host abi 3.0 if present * tests/core/kernel-base-gadget-single-reboot-failover: teardown fakestore on restore (#13721) * tests/lib/core-config.sh: remove root user data for pc snap in restore_pc_snap (#13714) * spread.yaml: make lxd-state install latest/stable instead of latest/candidate (#13716) * boot/seal_test.go: add cases where * boot: revert bb7d327a36d8fd923126052c32792e1293c1d243 * interfaces/builtin: allow ZFS vols as a block-device (#13067) * tests/main/snapd-snap-transition: increase retries for test robustness * coding policy: cover merge types and preference (#13650) * interfaces/builtin: allow access to /usr/share/javascript/{sphinxdoc,jquery} and /usr/share/sphinx_rtd_theme (#13130) * gadget/install: consider real partition size when creating partitions (#13677) * i/b/microceph-support: add microceph-support interface (#13352) * interfaces/builtin: add TrustKey G310H * many: move ServiceScopeOptions into clientutil and use in both client cases instead of having it duplicated * o/hookstate/ctlcmd: support matching scope options for snapctl * o/devicestate: do not try to unmount early kernel mount if there isn't one (#13709) * interfaces/serial-port: add serial devices (ttyLPX) to allowed list (#13695) * tests: remove static code analysis tool action (#13710) * many: container validation improvements * tests/nested/manual/fde-on-classic: wait for abort * tests/main/interfaces-network-control: fix tests for ARP manipulation * tests/lib/prepare.sh: reflash during shutdown * many: add nfs-mount interface (#12799) * Update u2f_devices.go * client,daemon: expose features supported/enabled in `/v2/system-info` * features: add function to return info about feature flags * tests/main/lxd-mount-units: wait before checking generators (#13697) * tests: update snap-system-env for noble (#13702) * tests/main/interfaces-network-control: re-enable tests depending on arp (#13700) * tests: skip preseed tests in ubuntu noble (#13703) * overlord: create the drivers tree only if the it will be mounted * tests/main/snapd-update-services: adapt to change in snapd behavior * overlord,systemd: do not restart mount units on snapd start * tests: make more robust the nested log checks (#13692) * tests: fix snap-quota-memory in fedora systems (#13698) * release-tools: skip flake8 on 24.04 * asserts: move aspect schema to assertion body (#13666) * client,cmd/snap: introduce --user, --system and --users switches for snap service operations (#13368) * o/snapstate: disable pending refresh notifications when marker interface is detected * tests: test symlink is set when restarting snapd on update * snap-failure: set symlink before calling snapd * many: avoid execution while current symlink is missing * tests/main/abort: remove "current" directory * boot/seal_test.go: test ResealKeyToModeenv against changes of boot chains * boot/seal_test.go: test run mode boot chains * tests: add test to check update of boot chain * bootloader/grub.go: add new boot chain binary paths * bootloader/grub.go: return all possible boot chains * daemon: allow polkit authentication for `/v2/snaps/{snap}/conf` * daemon,data/polkit: add polkit action for managing snap configuration * features: add experimental.apparmor-prompting feature stub * interfaces/builtin/home: add apparmor rule * tests: isolate lp-2044335 regression test kernel packaging * packaging: fix debian builds broken by github.com/snapcore/bolt * tests: update the configuration used to display the static analysis info (#13691) * tests/main/preseed-core20: update the list of files we check for * tests/lib/tools/snaps-state: copy preseed.json when repacking snapd from deb * tests/lib/nested: collect logs and enable snapd debug when building images * data/preseed: add /var/lib/snapd/cgroup to preseed include patterns * interfaces/udev: do not call udev when in preseed mode * tests: add github workflow to run tiobeweb tool (#13687) * steam_support: add comment regarding need for /usr/share driver info * steam_support: combine /snap rules * steam_support: allow reading of hostfs /usr/share/nvidia files * steam_support: allow mounting of snap and hostfs directories * many: add API routes for creating/removing recovery systems (#13651) * tests: exclude regression-lp2044335 from core * tests: add regression test for LP:#2044335 * i/builtin: system-packages-doc bare snap workaround * interfaces/builtin: add interface for remoteproc * tests: use strace-static from candidate channel * strace: Re-format comment regarding strace compatiblity. * strace: break out strace user handling to a helper * tests: enable "snap run --strace" test on UC22 * strace: use --gid/--uid options * overlord,systemd: restart mount units when changed * aspects: support unmatched placeholders w/ unset (#13660) * interfaces/udev, cmd/snap-confine: support for snaps managing own device cgroups (#13642) * interfaces/builtin: add interface for kernel-firmware-control * release: 2.61.3 * packaging: wrap-and-sort -d ubuntu-14.04 * packaging: wrap-and-sort -d ubuntu-16.04 * packaging: wrap-and-sort -d debian-sid * tests: new perf test install-many-snaps (#13478) * tests: support testflinger (#13662) * aspects: support content sub-rules (#13627) * steam_support: generalize pressure-vessel root paths (#13489) * many: add snap-refresh-observe interface * many: remove snap data home directories * go.mod: drop unused gopkg.in/mgo.v2 * tests: add regression test for exploding namespace * cmd/snap-confine: fix exploding homedirs bug * tests/main/security-device-cgroups-required-or-optional: simple spread test * cmd/snap-confine: always set up the device cgroup unless using one of the old bases * o/devicestate: remove unused method * aspects: rename user-defined types to aliases * o/devicestate: add concept of default-recovery-system (#13634) * build-aux: add libzstd to snapd snap for snap pack * o/snapstate: record refresh-inhibit notices when auto-refresh is blocked * o/state,daemon: add refresh-inhibit notice * o/snapstate: fix Stop() call ordering for SnapManager unit tests * c/snap-repair: make snap-repair exit 0 when the store is marked as offline * o/snapstate: record change-update notice on forced refresh * tests: allow running edge/beta validation in google instances (#13639) * interfaces/builtin/network_setup_observe: allow busctl to bind * interfaces/builtin/network_setup_control: allow busctl to bind * interfaces/builtin/libvirt: add read permissions to /var/lib/snapd/ho… (#13645) * github: mention C source code formatting tools we expect * interfaces: make steam-support implicit on core (#13189) * snap: add hooks to snap component types (#13538) * many: add "refresh-inhibited" select query to /v2/snaps * overlord/configstate/configcore: add support rpi config sdtv_mode option * interfaces/backend: update sandbox features to account for cgroup v2 device filtering * o/devicestate: skip optional snaps in model when creating recovery system * many: use interfaces.SnapAppSet in security backends (#13587) * cmd/libsnap-confine-private/infofile: support for comments * github: build indent * cmd: add explicit pointer-align-right for indent * cmd: many: apply C source code formatting * github: verify C source code formatting * o/state: record change-update notices on change status updates * aspects: check path type mismatch on aspect creation (#13635) * o/devicestate: add RemoveRecoverySystem function for removing a recovery system (#13546) * aspects: empty Get request returns entire aspect (#13622) * o/snapstate: simplify updating of refresh-candidates (#13626) * daemon: replace notices "select" param with "users" * i/builtin: use pointer into main array instead to not store copies * i/builtin: do not use pointer to the local for-loop variable, instead use copies * daemon: allow polkit "io.snapcraft.snapd.manage" for /v2/apps endpoint * tests/lib/tools/tests.invariant: ignore session for user ubuntu * o/assertstate: rename variables to be a bit clearer * o/assertstate: use ValidationSetKey to create unique identifiers for validation sets * o/devicestate: consider the current model's validation sets when creating a recovery system * o/assertstate: add function to get enforced validation sets that are associated with a model * interfaces/apparmor/template: add read access to /etc/default/keyboard * overlord: fix race in refresh monitoring tests * interfaces: we actually expect snaps to auto-connect to desktop * many: apply new home directory rules to data copy (#13145) * overlord, o/devicestate: support remodeling on hybrid models (#13464) * kernel,overlord: use function from kernel pkg to get kernel early ------------------------------------------------------------------- Wed Feb 21 16:57:14 UTC 2024 - ahmedmoselhi55@gmail.com - Update to version 2.61.2~git.6a7ecfe59: * aspects: validate summary descriptions (#13609) * o/servicestate: add unmarshal tests for Instruction * daemon,o/servicestate: fix selecting all users for non-root users * daemon,o/servicestate: handle not-set scope and simplify error messages * daemon,o/servicestate: support for scopes and users in API for services * tests/main/interfaces-ros-opt-data: disable on Ubuntu Core * build(deps): bump tj-actions/changed-files in /.github/workflows * o/snapstate: add "refresh-forced" api-data field to auto-refresh changes * o/aspectstate: get local aspect-bundle assertions (#13585) * kernel,overlord: modify EnsureKernelDriversTree so it can handle * overlord: add managers test for auto-refresh with pre-download and app monitoring * overlord: tweak managers tests names * overlord: fix TestUpdateManyStoreUpdateWhileWaitingWithMonitoring to use Settle * overlord: tweak test error message * o/snapstate: use AutoRefresh instead of calling UpdateMany * o/snapstate: tweak naming and logic * o/snapstate: tweak refresh candidates update to expect preserved fields * o/snapstate: merge refresh hints rather than overriding them * o/snapstate: merge refresh candidates when updating refresh hints * o/snapstate: provide a helper for merging refresh candidates * overlord: add refresh with app monitoring test * tests: skip my lang in i18n spread test (#13618) * i/builtin: fix unit tests after change to Specifications * wrappers: fix unreliable tests to not use mocked systemctl command (#13612) * interfaces: new "ros" host file system support (#13281) * interfaces/builtin/gpg_public_keys: add permissions for required lock… (#13540) * packaging/fedora: enable bpf selinux SELinux policy for RHEL9 * many: introduce SnapAppSet for use in security backends (#13574) * o/snapstate: add some docs around link-snap and auto-connect. (#13575) * interfaces/builtin/libvirt: add /run/libvirt/libvirt-sock-ro * Revert "tests: install ubuntu image snap to build uc18 and uc2* (#12891)" * boot: prune some bootchains that should not happen (#13402) * many: add refresh-inhibit-proceed-time field to snaps api * tests: remove ubuntu lunar support (#13593) * i/builtin: add alternative mounts/mountinfo for mount-observe * fix iterfaces-custom-device-app-slot test by installing core snap manually * release: 2.61.2 * o/snapstate/autorefresh: do not expect a valid time string in refresh.hold * aspects: support Set() w/ unmatched placeholders (#13548) * asserts: update username regex allowed by system-user assertion (#13590) * i/b: dont have polkit interface being implicit on core read-only filesystems (#13568) * kernel/fde: simplify invocation of fde-reveal-key * agentnotify: show the snap icon when autorefresh is done (#13486) * interfaces: move lxd-support's use of AppArmor unconfined mode to an interface attribute (#13514) * interface/upower-observe: allow to Refresh statistics for devices * packaging/ubuntu-16.04: install systemd files in correct place on 24.04 * overlord: fix prerequisite base snap silently not being installed due to conflict (#13589) * data,tests: copy kernel drivers tree to the preseed tarball * o/devicestate: remove early kernel mounts after preseeding * systemd: emulate EnsureMountUnitFileWithOptions * overlord: adapt test to new {set,clean}-up kernel tasks * o/snapstate: add handlers to {set,clean}-up kernel snap * o/snapstate/backend: add methods for {set,clean}-up kernel snaps * snap: add kernel-modules component type * github: temporarily disable pull request labeler (#13595) * tests/nested/manual/remodel-offline: fix misspelling * o/devicestate: refactor lookup through SnapSequence to use SnapSequence.LastIndex * tests/nested/manual/remodel-offline: test that offline remodeling will use previously installed revision of snap * o/devicestate: check for previously installed revisions when falling back to installed snaps during offline remodel * o/snapstate/snapstatetest: add PreserveSequence option to InstallSnap * o/snapstate/snapstatetest, overlord, o/devicestate: put options into struct for snapstatetest.InstallSnap * cmd/snap-recovery-chooser: drop confusing comment * cmd/snap-recovery-chooser: support console-conf from a snap * tests/nested/manual/muinstaller-core: do not re-label seed for muinstaller * many: drop fontconfig cache generation * daemon: add "snap-names" data field to single-snap changes * tests/nested/manual/remodel-offline: wait for kernel refresh change * daemon: reword tentative to attempt * daemon: fix typo: tentative * o/snapstate: fix typo: updatable * o/snapstate: fix typo: implementations * o/snapstate: fix typo: unsupported * o/snapstate: fix typo: prerequisites * o/snapstate: fix typo: success * opengl: add /usr/share/nvidia (#12840) * cmd/snapd-generator: create mount points for kernel drivers tree * interfaces/network-control: allow creating /run/resolvconf directory * Add libcudnn.so to list of NVIDIA libraries * tests/main/interfaces-polkit: add details * tests/main/completion: add details * tests/main/interfaces-polkit: disable on amazon-linux-2023 * tests/main/completion: disable on amazon-linux-2023 * tests/lib/pkgdb: require gpg on Amazon Linux 2023 * tests/lib/pkgdb: use dnf on Amazon Linux 2023 * tests/lib/pkgdb: curl is already available on AMZN2, AL2023, and CentOS7 * github: increase verbosity * tests/lib/prepare-restore: drop a workaround which removed xdelta * github: disable deltas for Amazon Linux 2023 target * spread: complain when project got delivered as delta on Amazon Linux 2023 * spread: provide a way to disable repacking the project into a delta * snap: core-version: support generic 'core<version>-<flavor>' base snaps * snap: support preseeding for core desktop * interfaces/builtin: add Kensington VeriMark Guard Fingerprint Key (#13577) * overlord: restore services if the unlink fails (#13582) * data/systemd: make snapd.seed wait for snapd.socket only * update how results are saved * Update backend name * tests: split google backend in 2 zones * o/devicestate: copy seed on finish install API call, for UC (#13296) * github/workflows/cla-check: enable comments by running in the context of the base repository * cmd/snap-device-helper: do not read sysfs directly * aspects: make access pattern/rule usage consistent * aspects: improve validation test coverage * aspects: put access rules under map in assertion * interfaces/apparmor: limit s-u-n /proc/ access to entries owned by current process * interfaces/apparmor: update apparmor template of s-u-n for changes in Go * data/selinux: add missing polkitd permission for snappy_t/snappy_cli_t (#13561) * snapd.apparmor.service: add explicit dependency to snapd.mounts.target * seed: change termilogy for the copy timings for consistency * osutil: move to useradd from adduser (#13236) * Add ProductIDPattern of GoTrust Idem Key with NFC and usb-c * o/servicestate: fix typo: constraints * o/s/backend: fix typo: decision * o/s/backend: fix typo: units * o/snapstate: fix typo: services * o/snapstate: fix typo: namespace * o/snapstate: fix typo: total * o/snapstate: fix typo: command * o/snapstate: fix typo: unsuccesful * o/snapstate: fix typo "flags in state" * o/snapstate: fix typo: content * o/devicestate: fix failing tests brought in by rebase that were missing "test-system" boolean * tests/nested/manual/remodel-validation-sets-invalid: update error string * o/devicestate: correct some error messages * o/devicestate: add doc comment to LocalSnap * o/devicestate: replace delete with remove, and add some clarifying comments * o/devicestate: use "snap id" in error messages, rather than just "id" * o/devicestate: remove outdated comment in CreateRecoverySystemOptions * o/devicestate: consolidate checkForInvalidSnapsInModel and checkModelSnapsCanBePresentInValidationSets * o/devicestate: remove done TODO * o/devicestate: use struct to pair together snap.SideInfo and path to prevent some invalid states * o/devicestate: add guard to check for presence of snap IDs in model and in locally provided snaps * o/devicestate: update comment on getSnapInfoFunc * o/devicestate: correct LocalSnapPaths doc comment * o/devicestate: allow creating a recovery system if snap from model is not in validation sets * o/devicestate: always make sure to test recovery system if change comes from a remodel * o/devicestate: add comment explaining that refresh-control revision constraints are not repected right now during creation of recovery systems * o/devicestate: extract some helpers out of do/undo create recovery systems * o/devicestate: replace backend import with inlined function * o/devicestate: remove unused function * o/devicestate: correct spelling mistake * o/devicestate: add snap to prereq tracker if it does not need to be installed * o/devicestate: correct error messages in CreateRecoverySystem * overlord, o/devicestate: change CreateRecoverySystem so that it uses SelfContainedSetPrereqTracker * o/devicestate: update undo to undo marking a system as seeded and recovery capable * daemon: maintain functionality of original debug route for creating recovery system * o/devicestate: add option to CreateRecoverySystem for marking new system the current system * o/devicestate: add test cases for various recovery system creation scenarios * o/devicestate: add extra params to createLocalSnap * o/devicestate: update CreateRecoverySystem to create recovery systems from validation sets * tests/lib/prepare-restore: remove xdelta on Amazon Linux 2023 * packaging/fedora: sync with Fedora/EPEL and Amazon Linux packaging * tests: use snap get/set CLI in aspects test * steam_support: allow reading of nvidia version and debian_chroot * packaging/opensuse: remove prompting service files * i/dbus,wrappers: re-add prompt services to list so they are deleted * Revert "many: add stub services for prompting" * Revert "data: fix snapd.aa-prompt-ui.service to actually get started (#12693)" * tests: update the remodel-store-viewer.auth info (#13549) * many: allow building without bolt using nobolt tag (#13534) * asserts: define new aspect-bundle assertion (#13545) * c/snap-bootstrap: lift requirement of fde-setup hook for single-boot install (#13525) * o/snapstate: fix assignment through non-pointer method * kernel: and ancillary methods * aspects: check if matched storage paths are incompatible * aspects: support finding schemas at end of path * o/snapstate: fix SkipBinaries unit tests * cmd/{snap,snaplock/runinhibit}: refactor inhibition notification flows * o/snapstate: skip aliases removal during refresh for RAA UX flow * many: skip binaries removal during refresh for RAA UX flow * aspects: adapt NewBundle to work with real assertions (#13539) * i/builtin: support polkitd path on core24 * client, cmd/snap, daemon: api level changes for introducing offline flag to remodel (#13507) * tests: add test about defining a custom-device slot on an app * i/builtin: custom-device connection rule was incorrect, fix it * s/a/n/listener: correct size of Class and Op in msgNotificationFile to match fields in msgNotificationOpKernel * naming: add well-known core24 snap-id * gadget: add unit test for default policy and no previous edition (#13520) * cmd/snap: add CLI support for unsetting aspects * sandbox/cgroup: refactor and cleanup, fix path tracking and watch removal (#13508) * seed: add Copier interface and implement it for seed20 (#13495) * o/devicestate, overlord, daemon: add flag to devicestate.Remodel to force an offline remodel (#13494) * cmd/snap: improve stdout/stderr handling when not processing strace output * cmd/snap: proxy stdout when running app under strace * features: add count checks to ensure features are tested (#13518) * tests: fix snapd-maintenance-msg spread test * features: add experimental feature flag for aspects * many: add CLI support for getting and setting aspects (#13492) * aspects: support alternative types in schemas (#13502) * o/s/policy: allow "core" snap to be removed on classic systems (#13509) * many: assorted typos (#13510) * overlord, o/devicestate: use SelfContainedSetPrereqTracker to track prereqs during remodel (#13430) * tests: new procedure to determine when a nested vm is not booting as expected (#12933) * interfaces/builtin/fwupd.go: allow locking for ipmi device nodes * interfaces/builtin/fwupd.go: tag missing devices * o/snapstate: call Add on prereq tracker in the case that update is only a channel switch (#13505) * wrappers,w/internal: support for querying and restarting user daemons * i/builtin: allow to lock /run/netns with network-control * systemd: add mount unit templates for kernel-modules * o/devicestate: remodel policy/checks changes (#13480) * tests/main/interfaces-process-control: retry check for process being terminated * tests/lib/assertions: re-sign the assertion with new expiry date (#13498) * tests/regression/lp-1910456: reenable the test on Arch * intefaces/apparmor: do not combine unconfined and complain profile flags * snap/pack: fix pack with integrity unit test on openSUSE (#13375) * snap/squashfs: fix minimum snap size on openSUSE (#13376) * overlord/snapshotstate: tweak test checks * packaging: require xdelta on Fedora and EPEL9 * i/builtin: Added RSA DS100 authenticator (#13437) * tests/regression/lp-1910456: temporarily disable the test on Arch * tests/main/postrm-purge: make check units more robust * tests/main/postrm-purge: account for snap services which may have failed (#13487) * features: add new feature (refresh-snap-awareness-ux) * sandbox/cgroup: add tracking helper to confirm transient scopes * tests/main/userns: add a spread test for the userns interface (#12844) * documentation: add a reference to make check target in HACKING.md * c/snap: validate-seed also needs proper plugs/slots sanitizing * interfaces/builtin: fix distro mocking in font dirs mount spec test * snap: fix unit test on Arch * o/snapsate: create some ancillary methods for Sequence * o/snapstate: add method to ComponentSetup to access component name * many: rename NewRevisionSideInfo to NewRevisionSideState * o/snapstate: add component type to sequence points and ComponentSetup * overlord/systemd: remove unused variable from MountUnitOptions * o/devicestate: make error message consistent * o/devicestate: fix panic when requesting a serial when device-service.access=offline * o/state,daemon: add per-user notices (#13434) * aspects: check map key format in parsing and validation * cmd/snaplock/runinhibit: fix nil dereference in WaitWhileInhibited * s/apparmor/notify/listener: fix concurrency test on slow single-core machines * many: move snapstate.Sequence to its own package * aspects: consider access when matching rules (#13447) * asserts: add Model.AllSnaps method (#13456) * many: support sideloading components (#13454) * boot: add UnmarkRecoveryCapableSystem function for undoing creation of a recovery system (#13459) * s/apparmor/notify/listener: do not send auto-denies when listener closed * s/apparmor/notify/listener: stop epoll waiting when error occurs * s/apparmor/notify/listener: properly handle if `Reqs()` never read * s/apparmor/notify{,/listener}: add support for multiple requests at once * sandbox/apparmor/notify/listener: gracefully handle listener terminating * s/apparmor/notify/listener: remove pointer to parent listener from request struct * s/apparmor/notify/listener: allow originally allowed perms even when request denied * s/apparmor/notify/listener: add listener package * tests: update the snap used to install in parallel-installs perf test (#13460) * c/cmd: update comment about plugs/slots sanitizing setup * c/snap: fix prepare-image vs seedwriter wrt plugs/slots sanitization * aspects: set can write to multiple paths (#13446) * interfaces/builtin: add google titan v2 to u2f-devices interface (#13383) * a/snapasserts: add ValidationSets.SnapConstrained method (#13457) * o/snapstate, overlord: add snap.Info to snapstate.Download return values (#13458) * cmd/snapd-apparmor: test incus container detection * cmd/snapd-apparmor: add support for incus (LP: #2042512) * tests: group the systems used in the github workflow (#13392) * gadget/update.go: make sure to update boot before seed * o/snapstate,wrappers: remove ServicesEnableState * cmd/snaplock/runinhibit: address review comments (thanks @pedronis) * cmd/snaplock/runinhibit: refactor WaitWhileInhibited cleanup (thanks @pedronis) * cmd/snaplock/runinhibit: improve WaitWhileInhibited docs * cmd/snaplock/runinhibit: add WaitWhileInhibited helper function * tests: add new ubuntu-core-24-arm-64 system to spread.yaml * Revert "packaging/ubuntu-16.04/control: recommend `fuse3 | fuse`" * o/snapstate: add methods to add/remove components to a snap sequence * o/snapstate: add handlers to link/unlink components * o/snapstate: add helpers to retrieve component information * o/snapstate: fix typo in test method name * o/snapstate: test refresh policies for classic are not run at preseed time * i/b/uio: allow configuring UIO drivers from userspace app/libraries (#13039) * o/snapstate: remove unused snap downloads (#13215) * tests: remove opensuse 15 4 (#13444) * tests: fix snap-run test work on ubuntu 24.04 * aspects: unmatched placeholder returns all values (#13433) * many: add support for AppArmor unconfined profile mode (#13333) * usersession: implement restart controls and status querying for user services * tests: use load generator to generate load in perf tests (#13417) * asserts: validate resource-name in snap-resource-* assertions * asserts: implement snap-resource-pair * tests: extend interfaces-personal-files for missing directory creation (#13404) * many: add mount/unmount/prepare handlers for components (#13423) * tests: add spread tests support for ubuntu-24.04 (#13426) * many: add snap-update-ns support for ensure-dir mounts (#13342) * many: ensure-dir mounts for personal-files missing dirs (#13260) * cmd/libsnap-confine-private: pass env real-home to snap-update-ns (#13244) * tests: add support for fedora 39 and remove support for fedora 37 (#13427) * cmd/snap-update-ns: set sythentic mounts `x-snapd.needed-by` to entry id instead of path (#13393) * tests/nested/manual/uc20-install-in-initrd: remove core-initrd tweaks * interfaces: update desktop interface AppArmor permanent slot rules (#13308) * o/devicestate: make sure we do not remodel to UC16 from UC18+ (#13429) * i/b/fwupd.go: give access to IPMI devices * i/b/fwupd.go: add access sysfs attributes needed by amdgpu * i/b/fwupd.go: Allow write access to COD capsule update directory * tests: add details to spread tests - part 4 (#13425) * tests: add amazon linux 2023 (#13409) * asserts: implement snap-resource-revision * interfaces/qualcomm_ipc_router: mock required features in test * aspects: Get() matches request on prefixes and returns results in a merged namespace (#13378) * boot: fix more slices missing types * .github: update golangci-lint version to v1.55.2 * boot: fix missing type in asset list * many: take into account validation sets during remodel (#13243) * aspects: improve errors caused by unexpected types (#13414) * snap,overlord: backend support to copy and mount components (#13400) * aspects: improve array index handling in validation error * tests: revert the skip for change in nested test core20-to-core22 (#11923) * interfaces: add unit tests for cups-control custom AutoConnect behaviour * tests: add a test for auto-connection behaviour of cups-control * interfaces: make AutoConnect of cups-control dependent on presence of cupsd on host system. * o/snapstate: use ContainerPlaceInfo when removing mount units * o/snapstate: remove unneeded printing traces in tests * snap: create ContainerPlaceInfo interface * NEWS.md: added notices state and api to NEWS.md * daemon: make notices api require authenticated access (for now) * daemon: small refactor of notices api * daemon: make notices API tests less brittle on slow machines * daemon: fix handling of invalid notice types in filter * daemon: remove custom notice type from notices API * daemon: remove `postNotices` from the notices API * daemon: adjusted notices API to be compatible with snapd * strutil: add `MultiCommaSeparatedList` * daemon: add notices API * tests: add new performance and load test suite (#13371) * test/nested/manual: fix some yq expressions (#13407) * aspects: include paths in validation errors (#13360) * many: replace name w/ request and path w/ storage * t/m/snap-quota-memory: improve robustness of test on some distros (#13399) * o/snapstate: make tests work consistently also in containers * many: add components side info to snapstate * tests: add details to spread tests - part-3 (#13395) * overlord/snapstate: support snaps on same lane in refreshedSnaps * o/snapstate: add Download function for downloading a snap, but not installing it (#13311) * tests: explain in CODING.md the spread tests enforced rules (#13396) * o/snapstate, o/devicestate: fix ordering of installation of snaps during remodel (#13358) * tests: fix basic20plus test for uc22 on rpi (#13074) * o/snapstate: only use names passed to refreshCandidates * release: 2.61.1 (#13394) * packaging: update squashfuse to 0.5.0 ------------------------------------------------------------------- Wed Nov 29 07:32:58 UTC 2023 - ahmedmoselhi55@gmail.com - Update to version 2.61.38a74ecb3: * a/snapasserts, o/assertstate: add functions to help during remodel (#13345) * tests: add details to the spread tests - part 2 (#13390) * tests: use KERNEL_CHANNEL/NESTED_KERNEL_CHANNEL instead of edge for pc-kernel (#13391) * packaging: move directory for snapd-generator in debian sid (#13385) * tests: adding new load generator snap (#13382) * tests: fix tests checks and add missing details in spread tests - part 1 (#13384) * tests: avoid removing preinstalled snaps in external devices (#13372) * tests: enforce tests details (#13357) * release-tools: fix handling of NEWS.md items * release-tools: improve changelog help and inform of incorrect deb email (#13369) * tests: fix snap-run test for fedora (#13365) * release-tools: add support for NEWS.md changelog.py (#13202) * interfaces/builtin: modify shutdown interface to allow access to SetRebootParameter method (#12652) * tests: stablish a dependency between test and labeler workflows (#13363) * many: introduce and use snap.SelfContainedSetPrereqTracker (#13340) * client,tests: do not try to change the gid when reading/removing auth.json (#13321) * o/snapstate: wrap refreshCandidates to mitigate store throttling * tests: fix core20-to-core22 test (#13255) * snap: add validation of summary and description for components * snap: export ValidateDescription, so it can by used by naming package * snap: validate component names in snap.yaml * cmd,snap: support packing of snap components * snap: add function to validate components * snap/snaptest: add ancillary function to create component files * snap: add parser for component.yaml * snap/naming: add ComponentRef struct, to identify components * interfaces/media-control: also allow 'k' (lock) * also include opensuse tumbleweed * tests: fix snap-run test on arch-linux * o/devicestate: refactor remodelTasks for readability (#13248) * aspects: support array type in aspect schemas (#13328) * aspects: map types must have constraints * overlord/snapstate: enable single-reboot for gadget * many: save revision when snap is inhibited (#13174) * o/state: implement core support for notices (#13292) * o/snapstate: add explicit snap dependency logic for doUpdates (#13251) * o/snapstate: try to make the check-rerefresh summary cleaner/clearer (#13323) * interfaces/desktop: allow access to Mutter IdleMonitor idle time (#13304) * o/snapstate: check properly conflicts when refreshing snapd * boot: lock the modeenv while reading revisions * gadget: prevent failures when updating kernel/gadget on UC16/18 * tests: fix system-snap-refresh in uc20 (#13324) * many: introduce snapstate.PrereqTracker interface and snap.SimplePrereqTracker (#13320) * wrappers, overlord: update tests based on code review * overlord: update desktop files on SnapManager.Ensure() * wrappers: extend EnsureSnapDesktopFiles to support multiple snaps at once * tests: add spread test for append/remove cmdline from gadget.yaml * gadget: add kernel command-line remove filter to gadget yaml * gadget: add kernel parameters from "append" in gadget yaml * Skip layout-change test in all arm devices * Fix selinux policy for polkit agent * fix snapd-maintenance-msg * aspects: support boolean type in aspect schemas * snapdtool: check for binary existence in InternalToolPath() (#13227) * spread.yaml: change GADGET_CHANNEL to the same default channel as * tests: repack pc-kernel if kernel channel differs from the image one * tests: increase image size for core tests * tests: avoid downloading twice pc-kernel * revert i/b/microceph: allow more access for microceph-support (#13150) (#13322) * tests: clear snap cache before interfaces-content test * seed/seedwriter,image: prereq check strategy change to use snap.ValidateBasesAndProviders (#13318) * wrappers: restructure service code, and split into an internal package (#13280) * interfaces: update polkit-agent interface to handle new location of polkit-agent-helper-1 (#13261) * o/devicestate: consider snapd snap when remodeling * cmd/snap,o/devicestate: consistently stop auto-import of assertions during install modes (install, factory-reset) (#13305) * wrappers: install snapd .desktop files on core (#13078) * aspects: reject null values for all types (#13309) * spread.yaml: set default nested channel to beta * spread.yaml: set default kernel channel to beta * tests: update snapd-testing-tools and fix nested workflow (#13287) * boot: update cmdline variables also when updating gadget * boot: only use variable snapd_full_cmdline_args * aspects: support "number" type in aspect schemas (#13297) * tests/kernel-revert-after-boot: modify installed kernel * tests/connected-after-reboot-revert: modify installed kernel * aspects: map values cannot contain unexpected entries (#13286) * tests/core-dump: check that core dumps can be generated on UC * wrappers: allow PrefersNonDefaultGPU and SingleMainWindow keys in desktop files * t/n/m/uc-update-command-line-secure: make it more stable (#13252) * release: 2.61 (#13299) * boot: unlock snapd state when sealing keys * overlord: make link-snap request a reboot for gadget updates if any update to assets was made * o/snapstate: fix flaky local cleanup test * secboot/luks2: remove unused variable * packaging: fix unneeded errtracker patches (#13288) * i/b/microceph: allow more access for microceph-support (#13150) * interfaces/microstack-support: read access to /proc/task/sched{,stat} * gadget: some simplifications * gadget: remove some test functions now unused * gadget: simplify mocking by letting LaidOutVolumesFromGadget do it * gadget: additional tests for checkGadgetContentImages * gadget/validate: read kernel info only once * gadget/ondisk; add test for OnDiskStructsFromGadget * many: move gadgettest.OnDiskStructsFromGadget to gadget package * gadget: remove unnecesary checks in layoutVolumeStructures * many: fill all layout data from disk data * gadget: do not use laidouts when validating content * gadget,overlord: do not return system volume from LaidOutVolumesFromGadget * bootloader/assets/data/grub-recovery.cfg: set root when chainloading ------------------------------------------------------------------- Wed Nov 29 07:28:47 UTC 2023 - ahmedmoselhi55@gmail.com - Update to version 2.61.a9c308a6c: * release: 2.61 (#13299) * boot: unlock snapd state when sealing keys * overlord: make link-snap request a reboot for gadget updates if any update to assets was made * interfaces/microstack-support: read access to /proc/task/sched{,stat} * i/b/microceph: allow more access for microceph-support (#13150) * packaging: fix unneeded errtracker patches (#13288) * tests/core20-boot-config-update: wait for the reboot always * tests/core20-boot-config-update: wait for the reboot before the watch * aspects: support 'any' type in aspect schemas * fix store-state tool restoring fakestore (#13239) ------------------------------------------------------------------- Sun Nov 12 08:13:08 UTC 2023 - ahmedmoselhi55@gmail.com - Update to version 2.61.a9c308a6c: * release: 2.61 (#13299) * boot: unlock snapd state when sealing keys * overlord: make link-snap request a reboot for gadget updates if any update to assets was made * interfaces/microstack-support: read access to /proc/task/sched{,stat} * i/b/microceph: allow more access for microceph-support (#13150) * packaging: fix unneeded errtracker patches (#13288) * tests/core20-boot-config-update: wait for the reboot always * tests/core20-boot-config-update: wait for the reboot before the watch * aspects: support 'any' type in aspect schemas * fix store-state tool restoring fakestore (#13239) * o/snapstate: remove other unneeded test * o/hookstate: move TODO * o/snapstate: remove test for error reporting * c/snap-repair,o/hookstate,o/snapstate: replace errtracker usage with TODO comments * many: remove usage of the error tracker * o/snapstate: reset request record per test case in TestUpdateManyRevOptsOrder * o/snapstate: fix misalignment in RevisionOptions when requesting refresh candidates * c/snap-repair: make snap-repair respect store.offline configurable * interfaces: review and extend README.md (#13247) * tests: first part of the improvements done for pkg management (#12869) * o/devicestate: use device-service.access to determine if we should fetch a serial or not (#13233) * o/restart,o/devicestate: default to tasks being restart-boundaries if no restart-boundaries have been configured. * tests/nested/manual/snapd-refresh-from-old: also test refresh to current * i/builtin: update gpio apparmor to match pattern that contains multiple subdirectories under /sys/devices/platform * tests/nested/manual: correct some reboot messages after reboot code changes * tests/muinstaller: update go modules so the snap can be built again * tests/muinstaller-real: ask twice for the recovery key * secboot: avoid usage of fifos with cryptsetup * Add libnvidia-gpucomp to the list of NVIDIA driver libraries * tests/nested/manual/uc-update-assets-secure: do not check for shim in boot * Clean now useless ResetEnclosingVolumeInStructs function (#13226) * tests/main: remove unsupported core16 tests * i/builtin: fix u2f tests that was broken by adding new device * interfaces/builtin: added support for Token2 U2F keys (#12984) * many: replace exec.CombinedOutput when output is parsed * osutil: add methods to combine std{out/err} into a single error object * osutil: add RunCmd and RunSplitOutput functions * tests/remodel-uc20-to-uc22: enable encrypted variant * gadget,overlord: do not try to update if no content is defined * gadget/layout.go: fix typo * tests,overlord: review feedback from @pedronis * t/n/m/core20-validation-sets: fix check of validation task, fix configure-default-user * t/n/m/core20-validation-sets: add checks, manually add user * o/devicestate: only add track validation-sets task in run-mode. * o/snapstate: avoid incurring an extra reboot boundary for core snap when not a boot-base * Fix prepare-image-reproducible test (#13249) * tests/nested/manual/install-min-size: make it more stable * o/devicestate: reorder if to be a little simpler * o/devicestate: account for snaps that need to have their channel changed * o/devicestate: fix panic when attempting remodel to model with an snap that has an optional presence * tests: add remodel case where target base is already installed * o/devicestate: pass change ID when checking remodel conflicts * aspects: convert untyped constant before calling Sprintf * interfaces: add a polkit-agent interface (#10598) * interfaces: make network-status implicit on core - it is required for using the network portal * o/snapstate: use store.access to disable auto refresh (#13232) * aspects: support integers in aspect schemas (#13214) * aspects: required keys must have schema entry * locale_control: add locale1 dbus support (#13027) * tests: fix selinux-lxd in centos-7 (#13224) * packaging: fix patch for sid * store, o/storecontext, o/devicestate, o/c/configcore: use store.access to disable access to snap store (#13198) * o/devicestate: refactor remodelEssentialSnapTasks for readability (#13225) * i/policy: fix TestConnection* for qualcomm-ipc-router * interfaces: upower-observe base policy considers whether the slot is implicit * asserts,i/policy: slot-side slot-snap-type connection constraints * gadget,osutil: add support for fat16 partitions (#13123) * snap/squashfs: enforce a minimum snap size to eliminate some kernel log noise (#13191) * osutil/epoll: make `e.Wait{,Timeout}()` return immediately when `e.Close()` is called (#13204) * many: s/ioutil.WriteFile/os.WriteFile (#13217) * many: switch to new restart logic * o/servicestate: remove unused test struct * go: go fix with 1.18 * boot: fix formatting * snapfile: show more context when a snap file header cannot be read * tests: fix snapd-failover test (#13216) * i/b/fwupd.go: allow access to drm devices * overlord/snapstate: simplify install taskset construction * aspects: support user-defined types in schemas (#13195) * usersession/agent: only close session bus if non-nil * boot,o/devicestate: protect with a mutex modifying modeeenv and sealing/releasing (#13185) * daemon: make tests pass with race detector (#13199) * wrappers: support activated services in QueryDisabledServices/ServicesEnableState * wrappers: honor the disable list for activation units * cmd/Makefile.am: add warning to all CFLAGS (#13133) * cmd/snap-device-helper: handle bind and unbind commands * wrappers: use `Ensure` in snap linking operations for snap binaries/icons/desktop files (#13110) * interfaces: remove release.OnClassic check in implicitSystem*Slot() helpers * o/state: add missing initalizers and unit test * Fix docker-smoke test * tests: increase memory limit for snapd during the tests to 200M * release: 2.60.4 (#13200) * snap/naming: add ancillary function to check label names * interfaces/qualcomm-ipc-router: split in slot and plug * i/b/qualcomm_ipc_router.go: switch to plug/slot and add socket permission * gadget: add a way to reset recursive data structure * wrappers: tell user systemd instances to reload after updating snapd's user units * interfaces/desktop: allow snaps to provide a desktop slot, granting access to system fonts and xdg-desktop-portal (#10753) * store: use as much from snap-yaml as possible if available * o/snapstate: pass name instead of SnapSetup in pre-dl funcs * wrappers: enable activated services only if flag is set (#13179) * osutil: unset SHELL variable to handle non-posix login shell in tests (#13187) * aspects: support constraints in string schemas (#13142) * asserts/model: test serial-authority field with wildcard * interfaces/builtin: fix custom-device udev KERNEL values (#13178) * osutil/epoll: clarify helper name * osutil/epoll: make TestEpollWaitEintrHandling -race clean * tests: fix interfaces-fwupd-classic test in arch linux (#13177) * i/builtin/block-devices: loop* is actually included now * seed: preseed timestamp should be after my-signer key registration * apparmor/notify: remove IoctlRequestBuffer.{Bytes,Len}() * Fix how snapd is restored in snapd-homedirs-vendored * Fix test snapd-homedirs-vendored in ubuntu mantic (#13141) * apparmor: simplify IoctlRequestBuffer * tests: support mongodb authentication in the report-mongodb tool (#13176) * desktop: adjust error message and comments based on mvo's review * desktop/desktopentry: have %u and %U expand to regular file paths if possible * desktopentry/desktop: add some tests for macros within quoted string undefined behaviour * desktop/desktopentry: tweak some more expandExec tests * usersession/autostart: add a test for when desktopentry.Read fails * desktop/desktopentry: update comments and tests based on review * desktop/desktopentry: update comment * desktop/desktopentry: add more tests for file URI checks, and special characters within file paths * desktop/desktopentry: add a test for the "is not an absolute URI" case * desktop/desktopentry: add doc comments, and test the unknownGroup parse state * desktop/desktopentry: rename Load to Read * desktop/desktopentry: ignore whitespace surrounding equals sign * desktop/desktopentry: fix expansion of 2+ files/uris, and add more tests * usersession: port privileged_desktop_launcher code over to desktopentry package * usersession: migrate autostart package over to using desktopentry * desktop: add a test for the top level Load function * desktop: add code to expand an exec line from a desktop file * desktop: extract a basic desktop entry parser from desktop-launch and autostart code * snap, snap/pack: add pack validation for default-configure hook (#13097) * tests: fix system-usernames-missing-user multiline MATCH * osutil/kcmdline: provide marshalers for ArgumentPattern (#13144) * o/servicestate,wrappers: disable support for activation mechanisms * boot: MakeRunnableStandaloneSystem doc was missing "not" * refresh and revert core and snapd having shared memory interface connected (#13113) * o/d/remodel.go: release lock when resealing * asserts,seed: preseed authority delegation (#13034) * interface: make theme access functions generic so can be reused for other interfaces * t/n/c/connected-after-reboot-revert: expect one more reboot on UC16 * o/restart: support for restart boundaries * i/b/bool-file: Allow configuring trigger, delay_on and delay_off fields within LED driver * i/b/bool-file: Allow configuring trigger, delay_on and delay_off fields within LED driver * steam_support: allow media, mnt, run/media, opt, and srv (#13053) * t/n/m/fde-on-classic: Do not check for default EFI boot loader (shim) * interfaces/u2f-devices: add Swissbit iShield Key (#13018) * o/snapstate: fix test panic when monitoring isn't cleared * cmd/snap: optional cross-checking with the account-key when signing * asserts,a/signtool: support for cross-checking against constraints when signing * aspects: parse and validate maps and simple strings (#13081) * tests/main/interfaces-mount-control: use auditd to match apparmor errors * snap: fix TestParseQuotas when no snapd.socket is avilable * devicestate: re-init dirs.SetRootDir after mocking ReleaseInfo * install: fix hardcoded /snap to use dirs.SnapMountDir in tests * snapstate: fix hardcoded /snap prefix in tests * cmd/snapd-generator: read mountinfo for pid 1 * cmd/snapd-generator: remove useless install section to snap.mount * gadget: fix TestMatchDisksToGadgetVolumes on systems with /dev/vda2 (#13131) * overlord: allow the firmware-updater snap to install user daemons * cmd/configure.ac: remove defines in test programs that are already defined by prior macros * cmd/configure.ac: use AX_APPEND_COMPILE_FLAGS * cmd/configure.ac: cache result of checking for -Wmissing-field-initializers * cmd/configure.ac: cache result of checking for bpf headers * cmd/snap: more robust restart handling * interfaces: grant access to /usr/local/share/doc (bug 1830628) * release: 2.60.3 (#13124) * i/b/shared-memory: handle "private" plug attribute in shared-memory interface correctly (#13107) * i/apparmor: support for home.d tunables from /etc/ (#13118) * tests: make muinstaller capable of installing Ubuntu Core (#13026) * tests: fix cgroup-tracking-failure test on ubuntu mantic (#13069) * tests/main/uc20-create-partitions: do not check for shim on boot partition * sandbox/apparmor/notify: clarified descriptions of Error fields in messages * sandbox/apparmor/notify: renamed `PromptingSupportAvailable` to `SupportAvailable` * sandbox/apparmor/notify: added tests for `Validate()` and `ResponseForRequest()` * sandbox/apparmor/notify: moved to protocol version 3 * sandbox/apparmor/notify: added `MarshalBinary()` for `MsgNotificationFile` * sandbox/apparmor/notify: adjusted `Ioctl()` return behavior * sandbox/apparmor/notify: added `BytesToIoctlRequestBuffer()` so pre-marshalled buffers can be used in `Ioctl()`. * sandbox/apparmor/notify: fixed comment referring to old name for `APPARMOR_NOTIF_{GET,SET}_Filter` * sandbox/apparmor/notify: adjusted function and comments * sandbox/apparmor/notify: added tests for ioctl buffer handling and logging * sandbox/apparmor/notify: remove unused `MsgNotificationUpdate` type * sandbox/apparmor/notify: verify header while unmarshalling `MsgNotification` * Revert "prompting/apparmor: added `MsgNotificationFilter` prefix to error messages from unmarshalling header" * sandbox/apparmor/notify: fixed ioctl error handling and buffer dump formatting * sandbox/apparmor/notify: renamed `ReceiveApparmorMessage` to `ReadNotifyMessage` * sandbox/apparmor/notify: moved `prompting` package to `notify` * sandbox/apparmor/prompting: modified `PackString()` comment for clarity and kindness * sandbox/apparmor/prompting: increased `frags` size to include unaccounted for modeset bits, and `s/residue/unaccounted` * sandbox/apparmor/prompting: added `IsValid()` checks to show that `String()` works even on invalid modeset masks * sandbox/apparmor/prompting: adjusted endianness comments and internal messages struct names * sandbox/apparmor/prompting: renamed `PromptingAvailable` to `PromptingSupportAvailable` and added comment * sandbox/apparmor/prompting: renamed `apparmor` to `prompting` and improve `NotifyPath` * sandbox/apparmor/prompting: moved `prompting/apparmor` to `sandbox/apparmor/prompting` * prompting/apparmor: added `IoctlRequestBuffer` type for `NotifyIoctl()` * prompting/apparmor: added `ReceiveApparmorMessage()` to abstract using `RequestBuffer()` and `NotifyIoctl()` separately * prompting/apparmor: refactored stringPacker to improve ergonomics * prompting/apparmor: made messages.go endian-aware, for ioctl messages * prompting/apparmor: added `MsgNotificationFilter` prefix to error messages from unmarshalling header * prompting/apparmor: added comment about `NotifyIoctl()` not checking return value from ioctl syscall * prompting/apparmor: renamed custom types to match apparmor names * prompting/apparmor: rename `CERBERUS_DUMP_IOCTL` to `SNAPD_DEBUG_DUMP_IOCTL` * prompting/apparmor: replaced `overwriter` with internal use of `bytes.Buffer` * prompting/apparmor: removed `Offset` field from `overwriter` and adjusted comment * prompting/apparmor: renamed `overwrite` to `overwriter` * prompting/apparmor: added checks for return value of `NotifyIoctl()` * prompting/apparmor: replace `xerrors.Errorf` with `fmt.Errorf` * prompting/apparmor: use `osutil.GetenvBool()` for `CERBERUS_DUMP_IOCTL` * prompting/apparmor: improved `MockSyscall()` signature * prompting/apparmor: made `NotifyPath()` based on `dirs.GlobalRootDir` * prompting/apparmor: added more unit tests for ioctl.go * prompting/apparmor: adjusted ntype `IsValid()` to use switch * prompting/apparmor: replaced `syscall` with `x/sys/unix` * prompting/apparmor: fixed typo * prompting: rename "Reserved" field in MsgNotification to flags to match upstream * prompting/apparmor: added notifier path (from e69c5efe02f605338d2ce90e29d8847f27fc57f5) * epoll,prompting: fix test import from cerberus->snapd * prompting: update go fmt on message.go * Merge pull request #17 from snapcore/tweak/misc * Merge pull request #15 from snapcore/tweak/log-ioctls * Merge pull request #13 from snapcore/feature/file-perm * Fix typo "unterminated" * Make StringUnpacker private * Make StringPacker private * Simplify message marshaling / unmarshaling * Wrap ioctl errors * Add IoctlRequest.String * prompting/apparmor: Initial commit (6c5ecbdf9572fbf86dd51f44e94a40df2df8e42a) without notifier.go * release: 2.60.2 (#13063) * tests: tweak system-usernames to only change snap.yaml when needed * tests: modify system-usernames test to also test _daemon_ * osutil: add support for symlinks to EnsureFileState (#13071) * gadget/install/partition_test: remove unused asOffsetPtr function * tests: fix selinux-clean denials after removing snap (#13100) * gadget: remove testutil import in non-test code * snap: add components field to snap.yaml * many: use laid out types only for writing content (#13019) * o/h/ctlcmd/mount.go: Remove a useless start * daemon: enable --purge on multi-snap remove (#13091) * cmd: detect if -Wno-missing-field-initializers is needed * i/b/desktop: allow access to fcitx portal which is supported by both fcitx/fcitx5 (#12924) * many: add `_daemon_` as valid system username (#13052) * cmd: remove -W{no-,}missing-field-initializers * snap-confine: build with `-Wmissing-field-initializers` * i/b/desktop: allow desktop slots to provide notifications * tests: skip snapd-reexec-prompt on uc16 i386 as well (#13088) * update how snap revert output is validated * This change is not correct * tests/core/system-snap-refresh: fix test after restart logic changes * snapd/gadgets: remove unused isSameRelativeOffset function * release: detect if we're running on core desktop * tests/remodel-offline: change pc gadget revision * gadget: relax gadget update checks * c-vendor: update squashfuse repo if pinned commit is new * interfaces: add Ledger NanoS+ and Stax to u2f devices * store: reword panic message and add test to check httputil client has CheckRedirect defined * store: extract auth header removal into a function and panic if CheckRedirect is nil * store: remove auth headers from being sent in CDN redirects * Fix uc20-create-partitions test on ubuntu mantic (#13068) * asserts: add support for account-key constraints (#12988) * snap, store: filter out invalid snap edited links from store info and persisted state (#12983) * spread: check that --prefer doesn't support multi-snap installs * cmd/snap: prevent passing --prefer in multi-snap installs * docs: tiny edit to prohibit force push * tests/core/remodel-gadget: enable shutdown delay * daemon: move the closing of snapdListener * CODING.md,CONTRIBUTING.md: describe expected format of commit messages * tests: add spread tests for offline remodeling * daemon,overlord: add support for offline remodeling * o/restart: add first part of the new restart logic * steam_support: add unshare CLONE_NEWNS to steam_support interface #13038 * packaging: update squashfuse to 0.2.0 * tests: fix snapd16 test (#13049) * tests/layout-change: do not run for any arm system * snap-confine: tweak naming/comments * osutil,cmd/libsnap: fix parsing super-block options with spaces * osutil: fix parsing super-block options with spaces * tests/main/microk8s-smoke: set no memory limit * tests: fix error in gadget-config-defaults-to-snaps test (#13033) * aspects: optimise aspect tx Get * interfaces/builtin/pulseaudio_test: fix apparmor checking incorrect permissions * daemon: allow nil stored rebootInfo * interfaces/audio: allow to provide pipewire/pulse slots from a containerized pipewire/desktop (#12865) * gadget: remove unused private types after refactor * osutil/kcmdline: simplify names * osutil: extract kcmdline to its own package * osutil/kcmdline.go: add command line to string conversion * osutil/kcmdline.go: create separate pattern type for cmdline * many: implement snap install --prefer (#12993) * arch: fix incorrect architecture name in `arch.Endian()` (#13036) * interfaces/steam-support: allow rw, rbind to /etc/localtime necessary for proton on Core Desktop * agentnotify: Update the text on refresh dialogs * tests/core20-auto-remove-user: do retries for set-ntp * arch: add new `arch.Endian()` helper and use it in seccomp (#13028) * tests: remove kinetic (#13016) * tests: add fedora-38 and remove fedora-36 (#12955) * snap-confine: fix missing \0 after readlink * cmd/snap: hide append-integrity-data * aspects: merge and improve not found errors * tests/core20-early-config: make sure to configure any ethernet * tests/core20-early-config: check that netplan defaults from * tests/netplan-cfg: reenable as the fix has been released * o/configcore: write netplan defaults to 00-snapd-config on seeding * tests/muinstaller: update to fix snap build * tests/muinstaller: adapt to LayoutVolume change * overlord: adapt changes to change of order of calls in Update * gadget: build laid out data after the disk has been matched * gadget,image: add optional param to LayoutVolume* * client: fix specificErr handling in SnapshotExport() (#13001) * interfaces: fix missing error return in kvm * store: remove refresh hold data in store requests for older proxies * o/snapstate: send refresh hold data in store requests * o/snapstate: use refresh hints to continue auto-refresh after monitoring (#12970) * prompting: add epoll package (#12963) * daemon: fix crash when a non-model assertion is sent /v2/model * assertstate: fix nil access in checkConflictsAndPresence * snap: support install/refresh that result in "Wait" changes in the cli better (#12910) * disks: fix copy/paste error in mockdisks.go * docs: Update documentation for snapcraft remote-build to use --build-for instead of deprecated --build-on * snap: fix incorrect undo debug timings * osutil: fix broken {old,new}Dir.Sync() in AtomicRename() * seed: fix ValidateError output * interfaces/network-setup-control: update netplan dbus API * snap/mount: discard namespace and retry if updateSnapNamespace fails (#12541) * fix upgrade-from-release for ubuntu mantic and fix it for lunar * daemon: remove unreachable code * o/snapstate: limit implicit --unaliased flag for parallel installs only * o/snapstate: remove unneeded log message and fix typo in test * o/snapstate: implicitly set --unaliased flag for parallel installs * preseed: remove unneeded error check after sd.EssentialSnaps() * devicestate: fix missing err assignment in cleanupRecoverySystem * systemd: fix incorrect err handling in ensureMountUnitFile() * client: extract realUidGid() helper (thanks to Oliver for the suggestion) * osutil: fix error message when restoring the "reuid" (thanks to Alfonso) * tests: do not run drop-privs on ubuntu-core as there is no go-compiler there * osutil: fix silly mistake from d35eccff * osutil: add more caveats to RunAsUidGid * tests: add test about errors handling in drop-privs * osutil: clarify RunAsUidGid() comment about LockOSThread() * osutil: remove no longer needed sys.UnrecoverableError * osutil: tweak error handling in sys.RunAsUidGid() * sys: add comment about syscall.Setreuid() and RawSyscall * tests: tweak drop-privs/runas-2 test * tests/main/drop-privs: improve uid check * tests/main/drop-privs: correct a wrong comment * osutil,tests: move runas code to own file * osutil/sys: dont forget darwin enums * client,osutil: support for accessing auth.json without root * boot: fix redundant error check in markSuccessful() * boot/cmdline.go: remove ErrNoKernelCommandline * daemon: modify unit tests of TestErrToResponse to test multiple snaps * daemon: fix /v2/snaps "Internal Server Error" error when installing unknown snaps * interfaces: allow suppressing pycache deny rule (#12822) * many: carry bootloader options in rebootinfo * t/regression/mount-order-regression: set no mem limit * t/core/snapd-failover: use SIGKILL instead of SIGSEGV * tests/lib/tools: use correct unit switch * tests: make `strace-static` channel point to beta * gadget: fix TestMountVolumesLazyUnmount after master branch update * snapcraft.yaml: pull in apparmor optimization patches from Alfonso * install: extract unmount helper function * gadget/install/install_test: test if fallback unmount fails and add checks for log messages * gadget/install/install_test: add unit tests for MountVolumes * daemon.go: fix typo * interfaces/opengl: add support for ARM Mali * tests: fix security-seccomp test by skip using the apparmor parser with cache (#12893) * interfaces: update comments about `no-expr-simplify` * o/state: clarify why we are s.reading() * o/state: support for task+change status events * advisor: add a small unittest * interface: partly revert network-control apparmor change (ee7e554) * go.mod: update gopkg.in/yaml.v3 to v3.0.1 to fix CVE-2022-28948 * tests: speed up the prepare phase through a new tool to manage initial snapd env (#12707) * .github: fix exempted bot name * .github: ignore translations committer in CLA check * Skip uc20-create-partitions-encrypt in ubuntu-23.* * snap-bootstrap: print version information at startup * daemon.go: doc cleanup * i/builtin: allow directories in private /dev/shm (#12925) * tests: add check that apparmor.service service works correctly with vendored apparmor * luks2: use cmdErr in osutil.OutputErr() * luks2: fix error reporting when fifoErr is nil * luks2: add test for writeExistingKeyToFifo() failing * luks2: make AddKey() robust against failure on pipe write or cmd * luks2: refactor/simplify cryptsetupCmd(), make AddKey() slightly more complex * luks2: cleanup pendig readers/writer of a fifo too * luks2: add missing unit tests * shutdown: fix reboot and shutdown in core desktop * tests: test factory reset without fde * i/builtin: add read access to /proc/task/schedstat in system-observe (#12927) * tests/muinstaller-real: remove unnecessary comment * tests/lib/muinstaller: update dependencies * release: 2.60.1 (#12950) * many: rename dl opt from IsAutoRefresh to Scheduled * many: rename store opt from IsAutoRefresh to Schedule * o/snapstate: save refresh-candidates on auto-refresh * i/mount: use testutil.DeepUnsortedMatches instead of explicit sorting * i/mount: the new .fstab is kept even if snapd-update-ns fails * interfaces: add some tests for the mount backend ns update case * gadget: check partial schema is ok in updates/remodeling * gadget: remove impossible checks for empty schema * many: move helper gadgettest function to gadget * gadget: check that schema is not set if partial schema is set * tests/muinstaller-real: add partial gadget test * tests/lib: select boot disk for classic images too * tests/muinstaller: fill information in partial gadgets * gadget: consider partial in EnsureVolumeCompatibility * gadget/install: allow gaps in the partitions in the gadget * gadget: consider partial when calculating allowed offsets * gadget,overlord: apply information coming from the installer * client: set enclosing volume when retrieving system details * install: lazy unmount() in writeFilesystemContent() if needed (#12939) * data: include "modprobe.d" and "modules-load.d" in preseeded blob * gadget: fix install test on armhf * sandbox/apparmor: don't let vendored apparmor conflict with system (#12909) * gadget/update: set parts in laid out data from the ones matched * tests: enable opensuse leap 15.5 for spread tests (#12931) * tests: adding spread support for ubuntu mantic (#12929) * o/snapstate: make snapd downgrading an exclusive change * many: move SnapConfineAppArmorDir from dirs to sandbox/apparmor (#12906) * daemon: use transactions in aspect API * aspects: add a Transaction wrapper for aspect databags * many: stop using `-O no-expr-simplify` in apparmor_parser * o/state: fix comment formatting * go.mod: update secboot to latest uc22 branch (#12916) * tests: add support for debian 12 and remove support for debian 10 (#12907) * tests: fix the core20-new-snapd-does-not-break-old-initrd test (#12911) * image: relax version checks for preseeding * Skip store-state test on external backend * overlord: carry the target snap version in SnapSetup.Version * cmd/snap/cmd_aliases: update stale aliases cmd help text * daemon: check mime type for POST /v2/model * client,cmd: support for offline remodeling * tests: increase retry in pre-download test * interfaces: allow loopback as a block-device * o/state: implement support for detecting whether a change is in WaitStatus or can still run (#12724) * tests: update the tests to start using tests.systemd tool instead of systemd.sh (#12704) * interfaces: add pcscd interface (#12847) * tests/lib: removed proposal to drop kernel modules for uc20 * o/state: tweak Task.Status diagram * o/state: document status transitions under Task.Status * interfaces: fix typo in network_manager_observe * tests: install ubuntu image snap to build uc18 and uc2* (#12891) * release: 2.60 (#12894) ------------------------------------------------------------------- Mon Jul 24 06:23:55 UTC 2023 - ahmedmoselhi55@gmail.com - Update to version 2.60.1.6e6d3711a: * release: 2.60.1 (#12950) * tests: install ubuntu image snap to build uc18 and uc2* (#12891) * install: lazy unmount() in writeFilesystemContent() if needed (#12939) * data: include "modprobe.d" and "modules-load.d" in preseeded blob * gadget: fix install test on armhf * interfaces: fix typo in network_manager_observe * sandbox/apparmor: don't let vendored apparmor conflict with system (#12909) * gadget/update: set parts in laid out data from the ones matched * many: move SnapConfineAppArmorDir from dirs to sandbox/apparmor (#12906) * many: stop using `-O no-expr-simplify` in apparmor_parser * go.mod: update secboot to latest uc22 branch (#12916) * release: 2.60 (#12894) ------------------------------------------------------------------- Mon Jul 17 14:14:48 UTC 2023 - ahmedmoselhi55@gmail.com - Update to version 2.60.1.0622b612b: * gadget: fix TestMountVolumesLazyUnmount after master branch update * snapcraft.yaml: pull in apparmor optimization patches from Alfonso * install: extract unmount helper function * gadget/install/install_test: test if fallback unmount fails and add checks for log messages * gadget/install/install_test: add unit tests for MountVolumes * daemon.go: fix typo * interfaces/opengl: add support for ARM Mali * tests: fix security-seccomp test by skip using the apparmor parser with cache (#12893) * interfaces: update comments about `no-expr-simplify` * o/state: clarify why we are s.reading() ------------------------------------------------------------------- Mon Jun 5 16:40:26 UTC 2023 - Maciej Borzecki <maciek.borzecki@gmail.com> - Update to 2.59.5 - Cherry pick a fix for snap-confine apparmor template boo#1211989 ------------------------------------------------------------------- Sun Feb 26 12:01:32 UTC 2023 - Maciej Borzecki <maciek.borzecki@gmail.com> - Update to 2.58.3 ------------------------------------------------------------------- Sat Feb 18 17:36:04 UTC 2023 - Maciej Borzecki <maciek.borzecki@gmail.com> - Update to 2.58.2 ------------------------------------------------------------------- Sun Nov 27 19:42:49 UTC 2022 - Maciej Borzecki <maciek.borzecki@gmail.com> - Update to 2.57.6 ------------------------------------------------------------------- Tue Nov 22 09:04:19 UTC 2022 - Bruno Pitrus <brunopitrus@hotmail.com> - Remove %release from mkversion because it makes the build irreproducible. ------------------------------------------------------------------- Mon Oct 24 17:20:45 UTC 2022 - Maciej Borzecki <maciek.borzecki@gmail.com> - Update to 2.57.5 ------------------------------------------------------------------- Wed Sep 28 11:37:09 UTC 2022 - Alberto Mardegan <info@mardy.it> - Update to 2.57.2 ------------------------------------------------------------------- Tue Aug 23 06:48:45 UTC 2022 - Maciej Borzecki <maciek.borzecki@gmail.com> - Update to 2.57.1 ------------------------------------------------------------------- Mon Jun 20 09:10:26 UTC 2022 - Maciej Borzecki <maciek.borzecki@gmail.com> - Update to 2.56.2 ------------------------------------------------------------------- Mon May 23 07:12:43 UTC 2022 - Maciej Borzecki <maciek.borzecki@gmail.com> - Update to 2.56 ------------------------------------------------------------------- Mon May 16 11:08:46 UTC 2022 - Maciej Borzecki <maciek.borzecki@gmail.com> - Update to 2.55.5 - Cherry pick a fix from https://github.com/snapcore/snapd/pull/11731 ------------------------------------------------------------------- Wed May 4 11:59:16 UTC 2022 - Maciej Borzecki <maciek.borzecki@gmail.com> - Update to 2.55.4 ------------------------------------------------------------------- Mon Apr 11 07:55:27 UTC 2022 - Maciej Borzecki <maciek.borzecki@gmail.com> - Update to 2.55.3 ------------------------------------------------------------------- Tue Mar 22 11:48:23 UTC 2022 - Maciej Borzecki <maciek.borzecki@gmail.com> - Update to 2.55.2 ------------------------------------------------------------------- Fri Mar 4 08:22:33 UTC 2022 - Maciej Borzecki <maciek.borzecki@gmail.com> - Update to 2.54.4 ------------------------------------------------------------------- Thu Feb 17 09:39:43 UTC 2022 - Maciej Borzecki <maciek.borzecki@gmail.com> - Update to 2.54.3 ------------------------------------------------------------------- Wed Jan 12 12:00:43 UTC 2022 - Maciej Borzecki <maciek.borzecki@gmail.com> - Update to 2.54.2 - Cherry pick a fix for https://bugs.launchpad.net/snapd/+bug/1957155 ------------------------------------------------------------------- Sat Dec 25 19:01:45 UTC 2021 - Sarah Kriesch <sarah.kriesch@opensuse.org> - Update to 2.54.1 - Update snapd.spec from upstream - Add BuidRequires: apparmor-parser (required for s390x) - Add datadir for fish ------------------------------------------------------------------- Tue Dec 7 10:12:08 UTC 2021 - Maciej Borzecki <maciek.borzecki@gmail.com> - Update to 2.53.4 - Cherry pick upstream fix for nvidia glvnd compatibility from https://github.com/snapcore/snapd/commit/f4cefc704d6c46f204b0a0651379e0766d478ba5 ------------------------------------------------------------------- Mon Nov 29 12:27:19 UTC 2021 - Maciej Borzecki <maciek.borzecki@gmail.com> - Cherry pick an upstream fix for snap-device-helper on systems with cgroup v2 ------------------------------------------------------------------- Tue Nov 16 10:20:32 UTC 2021 - Maciej Borzecki <maciek.borzecki@gmail.com> - Update to 2.53.2 ------------------------------------------------------------------- Wed Oct 27 13:25:22 UTC 2021 - Maciej Borzecki <maciek.borzecki@gmail.com> - Automatically enable snapd.apparmor.service if it not enabled if snapd or the snapd socket are enabled and the system appears to be using apparmor ------------------------------------------------------------------- Fri Oct 22 08:11:38 UTC 2021 - Maciej Borzecki <maciek.borzecki@gmail.com> - Update to 2.53.1 - Enable AppArmor on 15.3+ ------------------------------------------------------------------- Fri Oct 8 08:28:54 UTC 2021 - Maciej Borzecki <maciek.borzecki@gmail.com> - Cherry pick fixes for building in OBS ------------------------------------------------------------------- Thu Oct 7 14:37:20 UTC 2021 - Maciej Borzecki <maciek.borzecki@gmail.com> - Update to 2.53 - Drop all patches present in the release ------------------------------------------------------------------- Thu Sep 30 10:52:55 UTC 2021 - Maciej Borzecki <maciek.borzecki@gmail.com> - Fix FTBFS with glib 2.70 ------------------------------------------------------------------- Mon Sep 27 10:24:21 UTC 2021 - Maciej Borzecki <maciek.borzecki@gmail.com> - Cherry pick a clone3/seccomp patch from upstream PR snapd#10845 ------------------------------------------------------------------- Mon Sep 6 08:01:44 UTC 2021 - Maciej Borzecki <maciek.borzecki@gmail.com> - Update to 2.52 ------------------------------------------------------------------- Wed Sep 1 09:41:30 UTC 2021 - Maciej Borzecki <maciek.borzecki@gmail.com> - Update to 2.51.7 - Drop workarounds for incorrect AF_UNIX rule downgrade boo#1180766 ------------------------------------------------------------------- Fri May 28 09:24:23 UTC 2021 - Maciej Borzecki <maciek.borzecki@gmail.com> - Update to 2.51 ------------------------------------------------------------------- Tue May 4 12:00:02 UTC 2021 - Maciej Borzecki <maciek.borzecki@gmail.com> - Update to 2.50 ------------------------------------------------------------------- Tue Mar 23 14:09:49 UTC 2021 - Maciej Borzecki <maciek.borzecki@gmail.com> - More workarounds for slow OBS build hosts ------------------------------------------------------------------- Mon Mar 22 10:08:23 UTC 2021 - Maciej Borzecki <maciek.borzecki@gmail.com> - Workarounds for failing OBS builds ------------------------------------------------------------------- Fri Feb 12 12:44:27 UTC 2021 - Maciej Borzecki <maciek.borzecki@gmail.com> - Update to 2.49 - SECURITY UPDATE: An intended access restriction in snapd could be bypassed by container management snaps - CVE-2020-27352 - USN-4728-1 ------------------------------------------------------------------- Fri Jan 8 15:05:55 UTC 2021 - Maciej Borzecki <maciek.borzecki@gmail.com> - Update to 2.48.2 - Workaround bsc#1180766 by disabling the rule. Reading ICEauthority is still blocked by AA. ------------------------------------------------------------------- Wed Oct 21 10:20:52 UTC 2020 - Maciej Borzecki <maciek.borzecki@gmail.com> - Make sure that certain helper binaries (snap-exec, snap-update-ns, snapctl) are built statically, LP: #1900807 ------------------------------------------------------------------- Mon Oct 19 09:45:48 UTC 2020 - Maciej Borzecki <maciek.borzecki@gmail.com> - Fix snap-confine AppArmor profile to allow executing snap-device-helper LP: #1900306 ------------------------------------------------------------------- Sat Oct 17 16:35:46 UTC 2020 - Maciej Borzecki <maciek.borzecki@gmail.com> - Update to upstream release 2.47.1 ------------------------------------------------------------------- Tue Aug 4 17:57:58 UTC 2020 - Zygmunt Krynicki <me@zygoon.pl> - Update to upstream release 2.45.3.1 ------------------------------------------------------------------- Wed Jul 15 10:40:52 UTC 2020 - Zygmunt Krynicki <me@zygoon.pl> - Update to upstream release 2.45.2 * SECURITY UPDATE: sandbox escape vulnerability on snapctl xdg-open implementation - usersession/userd/launcher.go: remove XDG_DATA_DIRS environment variable modification when calling the system xdg-open. Patch thanks to James Henstridge - packaging/ubuntu-16.04/snapd.postinst: ensure "snap userd" is restarted. Patch thanks to Michael Vogt - CVE-2020-11934 - LP: #1880085 * SECURITY UPDATE: arbitrary code execution vulnerability on core devices with access to physical removable media - devicestate: Disable/restrict cloud-init after seeding. - CVE-2020-11933 - LP: #1879530 ------------------------------------------------------------------- Tue May 12 15:17:57 UTC 2020 - mvo@ubuntu.com - Update to upstream release 2.45 ------------------------------------------------------------------- Thu Apr 30 07:09:22 UTC 2020 - mvo@ubuntu.com - Update to upstream release 2.44.5 ------------------------------------------------------------------- Wed Apr 29 06:43:56 UTC 2020 - mvo@ubuntu.com - Update to upstream release 2.44.4 ------------------------------------------------------------------- Thu Apr 10 14:57:25 UTC 2020 - mvo@ubuntu.com - Update to upstream release 2.44.3 ------------------------------------------------------------------- Thu Apr 2 07:51:34 UTC 2020 - mvo@ubuntu.com - Update to upstream release 2.44.2 ------------------------------------------------------------------- Sat Mar 21 17:32:12 UTC 2020 - mvo@ubuntu.com - Update to upstream release 2.44.1 ------------------------------------------------------------------- Tue Mar 17 19:55:47 UTC 2020 - mvo@ubuntu.com - Update to upstream release 2.44 ------------------------------------------------------------------- Wed Feb 12 13:59:15 UTC 2020 - mvo@ubuntu.com - Update to upstream release 2.43.3 ------------------------------------------------------------------- Tue Jan 28 14:50:25 UTC 2020 - mvo@ubuntu.com - Update to upstream release 2.43.2 ------------------------------------------------------------------- Tue Jan 14 19:30:07 UTC 2020 - mvo@ubuntu.com - Update to upstream release 2.43.1 ------------------------------------------------------------------- Thu Jan 09 16:16:56 UTC 2020 - mvo@ubuntu.com - Update to upstream release 2.43 ------------------------------------------------------------------- Fri Dec 06 12:10:56 UTC 2019 - mvo@ubuntu.com - Update to upstream release 2.42.5 ------------------------------------------------------------------- Thu Nov 28 04:48:26 UTC 2019 - mvo@ubuntu.com - Update to upstream release 2.42.4 ------------------------------------------------------------------- Wed Nov 27 10:41:07 UTC 2019 - mvo@ubuntu.com - Update to upstream release 2.42.3 ------------------------------------------------------------------- Wed Nov 20 06:09:15 UTC 2019 - mvo@ubuntu.com - Update to upstream release 2.42.2 ------------------------------------------------------------------- Wed Oct 30 11:17:43 UTC 2019 - mvo@ubuntu.com - Update to upstream release 2.42.1 ------------------------------------------------------------------- Tue Oct 01 09:42:48 UTC 2019 - mvo@ubuntu.com - Update to upstream release 2.42 ------------------------------------------------------------------- Fri Aug 30 06:55:43 UTC 2019 - mvo@ubuntu.com - Update to upstream release 2.41 ------------------------------------------------------------------- Fri Jul 12 08:40:08 UTC 2019 - mvo@ubuntu.com - Update to upstream release 2.40 ------------------------------------------------------------------- Fri Jun 21 07:06:01 UTC 2019 - mvo@ubuntu.com - Update to upstream release 2.39.3 ------------------------------------------------------------------- Wed Jun 05 06:41:21 UTC 2019 - mvo@ubuntu.com - Update to upstream release 2.39.2 ------------------------------------------------------------------- Wed May 29 10:19:43 UTC 2019 - mvo@ubuntu.com - Update to upstream release 2.39.1 ------------------------------------------------------------------- Thu May 03 09:29:50 UTC 2019 - mvo@ubuntu.com - Update to upstream release 2.39 ------------------------------------------------------------------- Thu Mar 21 09:55:27 UTC 2019 - mvo@fastmail.fm - Update to upstream release 2.38 ------------------------------------------------------------------- Wed Feb 27 18:53:36 UTC 2019 - mvo@fastmail.fm - Update to upstream release 2.37.4 ------------------------------------------------------------------- Mon Feb 18 16:17:33 UTC 2019 - mvo@fastmail.fm - Update to upstream release 2.37.3 ------------------------------------------------------------------- Wed Feb 06 09:08:07 UTC 2019 - mvo@fastmail.fm - Update to upstream release 2.37.2 ------------------------------------------------------------------- Tue Jan 29 17:35:36 UTC 2019 - mvo@fastmail.fm - Update to upstream release 2.37.1 ------------------------------------------------------------------- Wed Jan 16 16:16:56 UTC 2019 - mvo@fastmail.fm - Update to upstream release 2.37 ------------------------------------------------------------------- Fri Dec 14 07:30:58 UTC 2018 - mvo@fastmail.fm - Update to upstream release 2.36.3 ------------------------------------------------------------------- Thu Nov 29 10:48:29 UTC 2018 - mvo@fastmail.fm - Update to upstream release 2.36.2 ------------------------------------------------------------------- Fri Nov 09 14:42:28 UTC 2018 - mvo@fastmail.fm - Update to upstream release 2.36.1 ------------------------------------------------------------------- Wed Oct 24 17:30:45 UTC 2018 - mvo@fastmail.fm - Update to upstream release 2.36 ------------------------------------------------------------------- Mon Oct 15 22:23:02 UTC 2018 - mvo@fastmail.fm - Update to upstream release 2.35.5 ------------------------------------------------------------------- Fri Oct 05 14:42:33 UTC 2018 - mvo@fastmail.fm - Update to upstream release 2.35.4 ------------------------------------------------------------------- Fri Oct 05 09:32:00 UTC 2018 - mvo@fastmail.fm - Update to upstream release 2.35.3 ------------------------------------------------------------------- Wed Sep 12 09:32:00 UTC 2018 - mvo@fastmail.fm - Update to upstream release 2.35.2 ------------------------------------------------------------------- Mon Sep 03 14:44:06 UTC 2018 - mvo@fastmail.fm - Update to upstream release 2.35.1 ------------------------------------------------------------------- Mon Aug 20 12:36:33 UTC 2018 - mvo@fastmail.fm - Update to upstream release 2.35 ------------------------------------------------------------------- Fri Jul 27 19:08:44 UTC 2018 - mvo@fastmail.fm - Update to upstream release 2.34.3 ------------------------------------------------------------------- Thu Jul 19 12:05:50 UTC 2018 - mvo@fastmail.fm - Update to upstream release 2.34.2 ------------------------------------------------------------------- Wed Jul 17 19:46:56 UTC 2018 - mvo@fastmail.fm - Update to upstream release 2.34.1 ------------------------------------------------------------------- Fri Jul 06 16:08:17 UTC 2018 - mvo@fastmail.fm - Update to upstream release 2.34 ------------------------------------------------------------------- Fri Jun 22 15:58:54 UTC 2018 - me@zygoon.pl - Fixed changelog chronology ------------------------------------------------------------------- Fri Jun 22 14:25:35 UTC 2018 - me@zygoon.pl - Sync with snapd upstream packaging - Backport support for apparmor on tumbleweed - Install polkit files - Load snap-confine apparmor profile in post, if apparmor is enabled - Adjust badness of polkit-untracked-privlege ------------------------------------------------------------------- Thu Jun 21 17:37:56 UTC 2018 - mvo@fastmail.fm - Update to upstream release 2.33.1 ------------------------------------------------------------------- Fri Jun 08 17:13:47 UTC 2018 - mvo@fastmail.fm - Update to upstream release 2.33 ------------------------------------------------------------------- Mon May 28 08:06:53 UTC 2018 - ngompa13@gmail.com - Refactor to support openSUSE Tumbleweed and Leap 42.3 and 15.0 - Enable AppArmor support for openSUSE Tumbleweed (post Leap 15.0) - Enable support for handling the proprietary nvidia driver - Drop ancient spec stuff that was being ignored by RPM anyway - Drop spurious find command that didn't do anything... ------------------------------------------------------------------- Wed May 16 10:20:08 UTC 2018 - mvo@fastmail.fm - Update to upstream release 2.32.9 ------------------------------------------------------------------- Fri May 11 14:36:16 UTC 2018 - mvo@fastmail.fm - Update to upstream release 2.32.8 ------------------------------------------------------------------- Fri May 11 13:09:32 UTC 2018 - mvo@fastmail.fm - Update to upstream release 2.32.7 ------------------------------------------------------------------- Sun Apr 29 19:21:53 UTC 2018 - mvo@fastmail.fm - Update to upstream release 2.32.6 ------------------------------------------------------------------- Mon Apr 16 16:41:48 UTC 2018 - mvo@fastmail.fm - Update to upstream release 2.32.5 ------------------------------------------------------------------- Wed Apr 11 16:30:45 UTC 2018 - mvo@fastmail.fm - Update to upstream release 2.32.4 ------------------------------------------------------------------- Wed Apr 11 12:40:09 UTC 2018 - mvo@fastmail.fm - Update to upstream release 2.32.3.2 ------------------------------------------------------------------- Wed Apr 11 10:34:00 UTC 2018 - mvo@fastmail.fm - Update to upstream release 2.32.3.1 ------------------------------------------------------------------- Thu Apr 05 22:35:35 UTC 2018 - mvo@fastmail.fm - Update to upstream release 2.32.3 ------------------------------------------------------------------- Sat Mar 31 21:09:29 UTC 2018 - mvo@fastmail.fm - Update to upstream release 2.32.2 ------------------------------------------------------------------- Mon Mar 26 21:03:02 UTC 2018 - mvo@fastmail.fm - Update to upstream release 2.32.1 ------------------------------------------------------------------- Sat Mar 24 08:50:11 UTC 2018 - mvo@fastmail.fm - Update to upstream release 2.32 ------------------------------------------------------------------- Tue Feb 20 17:32:42 UTC 2018 - mvo@fastmail.fm - Update to upstream release 2.31.1 ------------------------------------------------------------------- Tue Feb 06 09:46:22 UTC 2018 - mvo@fastmail.fm - Update to upstream release 2.31 ------------------------------------------------------------------- Sat Nov 18 15:31:24 UTC 2017 - mvo@fastmail.fm - Update to upstream release 2.30 ------------------------------------------------------------------- Fri Nov 17 22:56:09 UTC 2017 - mvo@fastmail.fm - Update to upstream release 2.29.4 ------------------------------------------------------------------- Thu Nov 09 19:16:29 UTC 2017 - mvo@fastmail.fm - Update to upstream release 2.29.3 ------------------------------------------------------------------- Fri Nov 03 17:26:14 UTC 2017 - mvo@fastmail.fm - Update to upstream release 2.29.2 ------------------------------------------------------------------- Fri Nov 03 07:27:08 UTC 2017 - mvo@fastmail.fm - Update to upstream release 2.29.1 ------------------------------------------------------------------- Mon Oct 30 16:24:08 UTC 2017 - mvo@fastmail.fm - Update to upstream release 2.29 ------------------------------------------------------------------- Wed Oct 11 19:46:37 UTC 2017 - mvo@fastmail.fm - Update to upstream release 2.28.4 ------------------------------------------------------------------- Wed Oct 11 08:23:47 UTC 2017 - mvo@fastmail.fm - Update to upstream release 2.28.3 ------------------------------------------------------------------- Tue Oct 10 18:42:45 UTC 2017 - mvo@fastmail.fm - Update to upstream release 2.28.2 ------------------------------------------------------------------- Wed Sep 27 22:04:59 UTC 2017 - mvo@fastmail.fm - Update to upstream release 2.28.1 ------------------------------------------------------------------- Mon Sep 25 16:09:15 UTC 2017 - mvo@fastmail.fm - Update to upstream release 2.28 ------------------------------------------------------------------- Thu Sep 07 10:32:21 UTC 2017 - mvo@fastmail.fm - Update to upstream release 2.27.6 ------------------------------------------------------------------- Wed Aug 30 07:45:01 UTC 2017 - mvo@fastmail.fm - Update to upstream release 2.27.5 ------------------------------------------------------------------- Thu Aug 24 09:08:32 UTC 2017 - mvo@fastmail.fm - Update to upstream release 2.27.4 ------------------------------------------------------------------- Fri Aug 18 15:51:22 UTC 2017 - mvo@fastmail.fm - Update to upstream release 2.27.3 ------------------------------------------------------------------- Wed Aug 16 12:16:01 UTC 2017 - mvo@fastmail.fm - Update to upstream release 2.27.2 ------------------------------------------------------------------- Mon Aug 14 08:07:21 UTC 2017 - mvo@fastmail.fm - Update to upstream release 2.27.1 ------------------------------------------------------------------- Thu Aug 10 11:25:11 UTC 2017 - mvo@fastmail.fm - Update to upstream release 2.27 ------------------------------------------------------------------- Fri May 19 14:35:29 UTC 2017 - morphis@gravedo.de - Add bind() syscall to default seccomp policy to allow execution of snap hooks. - Do not share /etc/ssl with the host but use the one from the core snap. ------------------------------------------------------------------- Wed May 10 12:24:44 UTC 2017 - morphis@gravedo.de - Update to upstream release 2.25 ------------------------------------------------------------------- Thu Apr 13 14:06:13 UTC 2017 - morphis@gravedo.de - Update to upstream release 2.24 ------------------------------------------------------------------- Thu Mar 30 14:14:44 UTC 2017 - morphis@gravedo.de - Update to upstream release 2.23.6 ------------------------------------------------------------------- Thu Mar 23 08:53:37 UTC 2017 - morphis@gravedo.de - Update to upstream release 2.23.5 - Disable seccomp support to work around bugs in snap-confine (see https://bugs.launchpad.net/snappy/+bug/1674193 for details) ------------------------------------------------------------------- Wed Mar 08 16:09:03 UTC 2017 - me@zygoon.pl - Fix log-out prompt to be displayed only when really necessary. - Fix installation of /usr/lib/snapd/info (version information) - Install bash completion for "snap" ------------------------------------------------------------------- Wed Mar 08 15:53:06 UTC 2017 - me@zygoon.pl - New upstream release. More details are available at https://github.com/snapcore/snapd/releases/tag/2.23.1 ------------------------------------------------------------------- Tue Mar 07 23:00:34 UTC 2017 - me@zygoon.pl - Add PATH integration and post-install message asking the user to logout to see PATH changes. ------------------------------------------------------------------- Tue Mar 07 00:45:12 UTC 2017 - me@zygoon.pl - (hacky) Disable shellcheck as it is missing on Leap 42.1 ------------------------------------------------------------------- Tue Mar 07 00:43:58 UTC 2017 - me@zygoon.pl - (hacky) fix the 32bit build ------------------------------------------------------------------- Mon Mar 06 18:08:04 UTC 2017 - me@zygoon.pl - Initial package based on fully vendorized source tarball
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
