group.of.nepali.translators team mailing list archive
-
group.of.nepali.translators team
-
Mailing list archive
-
Message #08726
[Bug 1630789] Please test proposed package
Hello Tyler, or anyone else affected,
Accepted snapcraft into xenial-proposed. The package will build now and
be available at
https://launchpad.net/ubuntu/+source/snapcraft/1.0.44-0ubuntu1~16.04 in
a few hours, and then in the -proposed repository.
Please help us by testing this new package. See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to
enable and use -proposed. Your feedback will aid us getting this update
out to other Ubuntu users.
If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, and change the tag
from verification-needed to verification-done. If it does not fix the
bug for you, please add a comment stating that, and change the tag to
verification-failed. In either case, details of your testing will help
us make a better decision.
Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in
advance!
** Changed in: snap-confine (Ubuntu Xenial)
Status: Fix Released => In Progress
** Changed in: snap-confine (Ubuntu Xenial)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1630789
Title:
normal users can't run snaps inside of LXD containers
Status in Snappy Launcher:
Fix Released
Status in Snappy:
In Progress
Status in snap-confine package in Ubuntu:
Fix Released
Status in snapd package in Ubuntu:
Fix Released
Status in snap-confine source package in Xenial:
Fix Committed
Status in snap-confine source package in Yakkety:
Fix Committed
Bug description:
[Impact]
TBD
[Test Case]
Look below for a test case.
[Regression Potential]
TBD
[Other Info]
* snap-confine is technically an integral part of snapd which has an
SRU exception and is allowed to introduce new features and take
advantage of accelerated procedure. For more information see
https://wiki.ubuntu.com/SnapdUpdates
== # Pre-SRU bug description follows # ==
The kernel (4.8.0-19.21), apparmor (2.10.95-4ubuntu5), and lxd
(2.4-0ubuntu1) needed for running snaps inside of LXD containers (bug
#1611078) have all landed in Yakkety. We should be able to install
squashfuse and snapd 2.16+16.10 (from yakkety-proposed) and then run
snaps inside of unprivileged LXD containers.
I have verified that it works well for the root user inside of the
container but there are some issues when a normal user attempts to run
a snap command.
# Create yakkety container named "yakkety"
tyhicks@host:~$ lxc launch ubuntu-daily:devel yakkety
Creating yakkety
Starting yakkety
# Enter the container, enable yakkety-proposed, update, install the dependencies
tyhicks@host:~$ lxc exec yakkety bash
root@yakkety:~# echo "deb http://archive.ubuntu.com/ubuntu/ \
yakkety-proposed restricted main multiverse universe" > \
/etc/apt/sources.list.d/proposed.list
root@yakkety:~# echo -e "Package: *\nPin: release a=yakkety-proposed\n\
Pin-Priority: 400" > /etc/apt/preferences.d/proposed-updates
root@yakkety:~# apt-get update && apt-get dist-upgrade -y
...
root@yakkety:~# apt-get install -y squashfuse snapd/yakkety-proposed
...
# Rebooting the container should not be needed but is done for completeness
root@yakkety:~# reboot
tyhicks@host:~$ lxc exec yakkety bash
# Install the hello-world snap
root@yakkety:~# snap install hello-world
hello-world (stable) 6.3 from 'canonical' installed
# Snap commands work fine as root inside the container but not as a normal user
root@yakkety:~# /snap/bin/hello-world.env
SNAP_USER_COMMON=/root/snap/hello-world/common
...
root@yakkety:~# su - ubuntu -c '/snap/bin/hello-world.env'
internal error, please report: running "hello-world.env" failed: open /snap/hello-world/27/meta/snap.yaml: permission denied
# The normal user can't access /snap/hello-world/27 because of some oddness with the
# dentry
root@yakkety:~# ls -al /snap/hello-world
total 8
drwxr-xr-x 3 root root 4096 Oct 5 21:09 .
drwxr-xr-x 5 root root 4096 Oct 5 21:09 ..
drwxrwxr-x 4 root root 0 Jul 11 21:20 27
lrwxrwxrwx 1 root root 2 Oct 5 21:09 current -> 27
root@yakkety:~# su - ubuntu -c 'ls -al /snap/hello-world'
ls: cannot access '/snap/hello-world/27': Permission denied
total 8
drwxr-xr-x 3 root root 4096 Oct 5 21:09 .
drwxr-xr-x 5 root root 4096 Oct 5 21:09 ..
d????????? ? ? ? ? ? 27
lrwxrwxrwx 1 root root 2 Oct 5 21:09 current -> 27
To manage notifications about this bug go to:
https://bugs.launchpad.net/snap-confine/+bug/1630789/+subscriptions