← Back to team overview

group.of.nepali.translators team mailing list archive

  1. group.of.nepali.translators team
  2. Mailing list archive
  3. Message #07882

[Bug 1597842] Re: Allow access to the currently running kernel sources from /usr/src

  Thread PreviousDate PreviousThread Next 
This bug was fixed in the package snap-confine -
1.0.38-0ubuntu0.16.04.10

---------------
snap-confine (1.0.38-0ubuntu0.16.04.10) xenial; urgency=medium

  * debian/usr.lib.snapd.snap-confine:
    - synchronize apparmor profile with upstream 1.0.40 release.
    (LP: #1597842, LP: #1615113, LP: #1584456)

snap-confine (1.0.38-0ubuntu0.16.04.9) xenial; urgency=medium

  * debian/patches/04_not_die_unknown_locations.patch:
    - move to /var/lib/snapd/void (with mode 0) if the current
      location cannot be preserved (LP: #1612684)

 -- Zygmunt Krynicki <zygmunt.krynicki@xxxxxxxxxxxxx>  Wed, 24 Aug 2016
20:31:12 +0200

** Changed in: snap-confine (Ubuntu Xenial)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1597842

Title:
  Allow access to the currently running kernel sources from /usr/src

Status in Snappy Launcher:
  Fix Released
Status in Snappy:
  Invalid
Status in snap-confine package in Ubuntu:
  Fix Released
Status in snap-confine source package in Xenial:
  Fix Released

Bug description:
  [Impact]

  Snaps (even in running in devmode) cannot access the /usr/src
  directory.

  This bug is fixed by adding /usr/src to a list of directories that are
  bind mounted and thus visible to snaps in their execution environment.

  For more information about the execution environment, please see this
  article http://www.zygoon.pl/2016/08/snap-execution-environment.html

  [Test Case]

  The test case can be found here:

  https://github.com/snapcore/snap-confine/blob/master/spread-
  tests/regression/lp-1597842/task.yaml

  The test case is ran automatically for each pull request and for each final release. It can be reproduced manually by executing the shell commands listed in the prepare/execute/restore phases manually.
  The commands there assume that snapd and snap-confine are installed.
  No other additional setup is necessary.

  [Regression Potential]

   * Regression potential is minimal as the fix simply adds another
  directory to a list of directories that needs to be bind mounted.

  * The fix was tested on Ubuntu via spread and on several other
  distributions successfully.

  [Other Info]

  * This bug is a part of a major SRU that brings snap-confine in Ubuntu
  16.04 in line with the current upstream release 1.0.41.

  * snap-confine is technically an integral part of snapd which has an
  SRU exception and is allowed to introduce new features and take
  advantage of accelerated procedure. For more information see
  https://wiki.ubuntu.com/SnapdUpdates

  == # Pre-SRU bug description follows # ==

  This issue is a fork of https://bugs.launchpad.net/snap-
  confine/+bug/1584394

  The reported there required access to /usr/src having the sources for
  the kernel headers.

  I think this is something that could be handled by a dedicated
  interface or perhaps directly with the new content-sharing interface.
  We would have to be careful on how this works but on classic we could
  expose /usr/src this way.

To manage notifications about this bug go to:
https://bugs.launchpad.net/snap-confine/+bug/1597842/+subscriptions
  Thread PreviousDate PreviousThread Next