group.of.nepali.translators team mailing list archive

Thread
Date
[Bug 1630789] Please test proposed package

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Andy Whitcroft <apw@xxxxxxxxxxxxx>
Date: Fri, 04 Nov 2016 09:56:36 -0000
Reply-to: Bug 1630789 <1630789@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
Hello Tyler, or anyone else affected,

Accepted snapcraft into xenial-proposed. The package will build now and
be available at
https://launchpad.net/ubuntu/+source/snapcraft/1.0.44-0ubuntu1~16.04 in
a few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to
enable and use -proposed.  Your feedback will aid us getting this update
out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, and change the tag
from verification-needed to verification-done. If it does not fix the
bug for you, please add a comment stating that, and change the tag to
verification-failed.  In either case, details of your testing will help
us make a better decision.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance!

** Changed in: snap-confine (Ubuntu Xenial)
       Status: Fix Released => In Progress

** Changed in: snap-confine (Ubuntu Xenial)
       Status: In Progress => Fix Committed

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1630789

Title:
  normal users can't run snaps inside of LXD containers

Status in Snappy Launcher:
  Fix Released
Status in Snappy:
  In Progress
Status in snap-confine package in Ubuntu:
  Fix Released
Status in snapd package in Ubuntu:
  Fix Released
Status in snap-confine source package in Xenial:
  Fix Committed
Status in snap-confine source package in Yakkety:
  Fix Committed

Bug description:
  [Impact]

  TBD

  [Test Case]

  Look below for a test case.

  [Regression Potential]

  TBD

  [Other Info]

  * snap-confine is technically an integral part of snapd which has an
  SRU exception and is allowed to introduce new features and take
  advantage of accelerated procedure. For more information see
  https://wiki.ubuntu.com/SnapdUpdates

  == # Pre-SRU bug description follows # ==

  The kernel (4.8.0-19.21), apparmor (2.10.95-4ubuntu5), and lxd
  (2.4-0ubuntu1) needed for running snaps inside of LXD containers (bug
  #1611078) have all landed in Yakkety. We should be able to install
  squashfuse and snapd 2.16+16.10 (from yakkety-proposed) and then run
  snaps inside of unprivileged LXD containers.

  I have verified that it works well for the root user inside of the
  container but there are some issues when a normal user attempts to run
  a snap command.

  # Create yakkety container named "yakkety"
  tyhicks@host:~$ lxc launch ubuntu-daily:devel yakkety
  Creating yakkety
  Starting yakkety

  # Enter the container, enable yakkety-proposed, update, install the dependencies
  tyhicks@host:~$ lxc exec yakkety bash
  root@yakkety:~# echo "deb http://archive.ubuntu.com/ubuntu/ \
  yakkety-proposed restricted main multiverse universe" > \
  /etc/apt/sources.list.d/proposed.list
  root@yakkety:~# echo -e "Package: *\nPin: release a=yakkety-proposed\n\
  Pin-Priority: 400" > /etc/apt/preferences.d/proposed-updates
  root@yakkety:~# apt-get update && apt-get dist-upgrade -y
  ...
  root@yakkety:~# apt-get install -y squashfuse snapd/yakkety-proposed
  ...

  # Rebooting the container should not be needed but is done for completeness
  root@yakkety:~# reboot
  tyhicks@host:~$ lxc exec yakkety bash

  # Install the hello-world snap
  root@yakkety:~# snap install hello-world
  hello-world (stable) 6.3 from 'canonical' installed

  # Snap commands work fine as root inside the container but not as a normal user
  root@yakkety:~# /snap/bin/hello-world.env
  SNAP_USER_COMMON=/root/snap/hello-world/common
  ...
  root@yakkety:~# su - ubuntu -c '/snap/bin/hello-world.env'
  internal error, please report: running "hello-world.env" failed: open /snap/hello-world/27/meta/snap.yaml: permission denied

  # The normal user can't access /snap/hello-world/27 because of some oddness with the
  # dentry
  root@yakkety:~# ls -al /snap/hello-world
  total 8
  drwxr-xr-x 3 root root 4096 Oct  5 21:09 .
  drwxr-xr-x 5 root root 4096 Oct  5 21:09 ..
  drwxrwxr-x 4 root root    0 Jul 11 21:20 27
  lrwxrwxrwx 1 root root    2 Oct  5 21:09 current -> 27
  root@yakkety:~# su - ubuntu -c 'ls -al /snap/hello-world'
  ls: cannot access '/snap/hello-world/27': Permission denied
  total 8
  drwxr-xr-x 3 root root 4096 Oct  5 21:09 .
  drwxr-xr-x 5 root root 4096 Oct  5 21:09 ..
  d????????? ? ?    ?       ?            ? 27
  lrwxrwxrwx 1 root root    2 Oct  5 21:09 current -> 27

To manage notifications about this bug go to:
https://bugs.launchpad.net/snap-confine/+bug/1630789/+subscriptions