From a536ed9dfb205b8a535503876253d1be2f5c651b Mon Sep 17 00:00:00 2001 From: alfonsosanchezbeato Date: Tue, 20 Aug 2024 14:30:19 -0400 Subject: [PATCH 01/12] many: add coredump options (#14379) * dirs: add function to return path to systemd config folder under etc * o/configstate: add support for coredump options * o/configstate: improve mocking for proxy test Due to the way settings work, there is now an /etc/ folder created by the coredump options when it used not to be the case, so better mocking is needed to he TestConfigureProxyUnhappy to produce the older result. * tests/core: add test for coredump options This will need to be improved once systemd-coredump from the base lands. * o/configstate: do not create systemd-coredump config for UC16/18 --- dirs/dirs.go | 10 +- overlord/configstate/configcore/coredump.go | 126 +++++++++++++++++ .../configstate/configcore/coredump_test.go | 131 ++++++++++++++++++ .../configstate/configcore/export_test.go | 6 + overlord/configstate/configcore/handlers.go | 3 + overlord/configstate/configcore/proxy.go | 3 +- overlord/configstate/configcore/proxy_test.go | 2 + tests/core/coredump-options/task.yaml | 37 +++++ 8 files changed, 315 insertions(+), 3 deletions(-) create mode 100644 overlord/configstate/configcore/coredump.go create mode 100644 overlord/configstate/configcore/coredump_test.go create mode 100644 tests/core/coredump-options/task.yaml diff --git a/dirs/dirs.go b/dirs/dirs.go index 94cfc9c52d5..28b97854a98 100644 --- a/dirs/dirs.go +++ b/dirs/dirs.go @@ -375,12 +375,18 @@ func SnapSystemdConfDirUnder(rootdir string) string { return filepath.Join(rootdir, "/etc/systemd/system.conf.d") } -// SnapSystemdConfDirUnder returns the path to the systemd conf dir under -// rootdir. +// SnapServicesDirUnder returns the path to the systemd services +// conf dir under rootdir. func SnapServicesDirUnder(rootdir string) string { return filepath.Join(rootdir, "/etc/systemd/system") } +// SnapSystemdDirUnder returns the path to the systemd conf dir under +// rootdir. +func SnapSystemdDirUnder(rootdir string) string { + return filepath.Join(rootdir, "/etc/systemd") +} + // SnapBootAssetsDirUnder returns the path to boot assets directory under a // rootdir. func SnapBootAssetsDirUnder(rootdir string) string { diff --git a/overlord/configstate/configcore/coredump.go b/overlord/configstate/configcore/coredump.go new file mode 100644 index 00000000000..7e08236c272 --- /dev/null +++ b/overlord/configstate/configcore/coredump.go @@ -0,0 +1,126 @@ +// -*- Mode: Go; indent-tabs-mode: t -*- + +/* + * Copyright (C) 2024 Canonical Ltd + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3 as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + * + */ + +package configcore + +import ( + "fmt" + "os" + "path/filepath" + + "github.com/snapcore/snapd/dirs" + "github.com/snapcore/snapd/gadget/quantity" + "github.com/snapcore/snapd/osutil" + "github.com/snapcore/snapd/sysconfig" +) + +const ( + optionCoredumpEnable = "system.coredump.enable" + optionCoredumpMaxuse = "system.coredump.maxuse" + coreOptionCoredumpEnable = "core." + optionCoredumpEnable + coreOptionCoredumpMaxuse = "core." + optionCoredumpMaxuse + + coredumpCfgSubdir = "coredump.conf.d" + coredumpCfgFile = "ubuntu-core.conf" +) + +func init() { + // add supported configuration of this module + supportedConfigurations[coreOptionCoredumpEnable] = true + supportedConfigurations[coreOptionCoredumpMaxuse] = true +} + +func validMaxUseSize(sizeStr string) error { + if sizeStr == "" { + return nil + } + + _, err := quantity.ParseSize(sizeStr) + if err != nil { + return err + } + + return nil +} + +func validateCoredumpSettings(tr ConfGetter) error { + if err := validateBoolFlag(tr, optionCoredumpEnable); err != nil { + return err + } + + maxUse, err := coreCfg(tr, optionCoredumpMaxuse) + if err != nil { + return err + } + + return validMaxUseSize(maxUse) +} + +func handleCoredumpConfiguration(dev sysconfig.Device, tr ConfGetter, opts *fsOnlyContext) error { + // Rule out UC16/18 as we will not backport systemd-coredump there + if !dev.HasModeenv() { + return nil + } + + coreEnabled, err := coreCfg(tr, optionCoredumpEnable) + if err != nil { + return err + } + + cfgContent := "[Coredump]\n" + switch coreEnabled { + case "", "false": + cfgContent += "Storage=none\nProcessSizeMax=0\n" + case "true": + maxUse, err := coreCfg(tr, optionCoredumpMaxuse) + if err != nil { + return err + } + cfgContent += "Storage=external\n" + if maxUse != "" { + cfgContent += fmt.Sprintf("MaxUse=%s\n", maxUse) + } + } + + var coredumpCfgDir string + if opts == nil { + // runtime system + coredumpCfgDir = dirs.SnapSystemdDir + } else { + coredumpCfgDir = dirs.SnapSystemdDirUnder(opts.RootDir) + } + coredumpCfgDir = filepath.Join(coredumpCfgDir, coredumpCfgSubdir) + if err := os.MkdirAll(coredumpCfgDir, 0755); err != nil { + return err + } + + // Ensure content of configuration file (path is + // /etc/systemd/coredump.conf.d/ubuntu-core.conf) + dirContent := map[string]osutil.FileState{ + coredumpCfgFile: &osutil.MemoryFileState{ + Content: []byte(cfgContent), + Mode: 0644, + }, + } + if _, _, err = osutil.EnsureDirState(coredumpCfgDir, coredumpCfgFile, dirContent); err != nil { + return err + } + + return nil +} diff --git a/overlord/configstate/configcore/coredump_test.go b/overlord/configstate/configcore/coredump_test.go new file mode 100644 index 00000000000..0d4e8b44280 --- /dev/null +++ b/overlord/configstate/configcore/coredump_test.go @@ -0,0 +1,131 @@ +// -*- Mode: Go; indent-tabs-mode: t -*- + +/* + * Copyright (C) 2024 Canonical Ltd + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3 as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + * + */ + +package configcore_test + +import ( + "fmt" + "path/filepath" + + "github.com/snapcore/snapd/dirs" + "github.com/snapcore/snapd/overlord/configstate/configcore" + "github.com/snapcore/snapd/testutil" + . "gopkg.in/check.v1" +) + +type coredumpSuite struct { + configcoreSuite + + coredumpCfgDir string + coredumpCfgPath string +} + +var _ = Suite(&coredumpSuite{}) + +func (s *coredumpSuite) SetUpTest(c *C) { + s.configcoreSuite.SetUpTest(c) + + s.coredumpCfgDir = filepath.Join(dirs.SnapSystemdDir, "coredump.conf.d") + s.coredumpCfgPath = filepath.Join(s.coredumpCfgDir, "ubuntu-core.conf") +} + +func (s *coredumpSuite) TestConfigureCoredumpDefault(c *C) { + err := configcore.FilesystemOnlyRun(core20Dev, &mockConf{ + state: s.state, + conf: map[string]interface{}{}, + }) + c.Assert(err, IsNil) + + c.Check(s.coredumpCfgPath, testutil.FileEquals, + fmt.Sprintf("[Coredump]\nStorage=none\nProcessSizeMax=0\n")) +} + +func (s *coredumpSuite) TestConfigureCoredumpDisable(c *C) { + err := configcore.FilesystemOnlyRun(core20Dev, &mockConf{ + state: s.state, + conf: map[string]interface{}{ + "system.coredump.enable": false, + "system.coredump.maxuse": "100M", + }, + }) + c.Assert(err, IsNil) + + c.Check(s.coredumpCfgPath, testutil.FileEquals, + fmt.Sprintf("[Coredump]\nStorage=none\nProcessSizeMax=0\n")) +} + +func (s *coredumpSuite) TestConfigureCoredumpDefaultMaxUse(c *C) { + err := configcore.FilesystemOnlyRun(core20Dev, &mockConf{ + state: s.state, + conf: map[string]interface{}{ + "system.coredump.enable": true, + }, + }) + c.Assert(err, IsNil) + + c.Check(s.coredumpCfgPath, testutil.FileEquals, + fmt.Sprintf("[Coredump]\nStorage=external\n")) +} + +func (s *coredumpSuite) TestConfigureCoredumpWithMaxUse(c *C) { + // Configure with different MaxUse valid values + for _, size := range []string{"104857600", "16M", "2G", "0"} { + err := configcore.FilesystemOnlyRun(core20Dev, &mockConf{ + state: s.state, + conf: map[string]interface{}{ + "system.coredump.enable": true, + "system.coredump.maxuse": size, + }, + }) + c.Assert(err, IsNil) + + c.Check(s.coredumpCfgPath, testutil.FileEquals, + fmt.Sprintf("[Coredump]\nStorage=external\nMaxUse=%s\n", size)) + } +} + +func (s *coredumpSuite) TestConfigureCoredumpInvalidMaxUse(c *C) { + // Configure with different MaxUse invalid values + for _, size := range []string{"100p", "0x123", "10485f7600", "20%%", + "20%", "100m", "10k", "10K", "10g"} { + + err := configcore.FilesystemOnlyRun(core20Dev, &mockConf{ + state: s.state, + conf: map[string]interface{}{ + "system.coredump.enable": true, + "system.coredump.maxuse": size, + }, + }) + c.Assert(err, ErrorMatches, `invalid suffix .*`) + + c.Assert(s.coredumpCfgPath, testutil.FileAbsent) + } +} + +func (s *coredumpSuite) TestConfigureCoredumpNoModeEnv(c *C) { + err := configcore.FilesystemOnlyRun(coreDev, &mockConf{ + state: s.state, + conf: map[string]interface{}{ + "system.coredump.enable": true, + }, + }) + c.Assert(err, IsNil) + // No file is created for uc16/18 + c.Check(s.coredumpCfgPath, testutil.FileAbsent) +} diff --git a/overlord/configstate/configcore/export_test.go b/overlord/configstate/configcore/export_test.go index a7a3b96a34c..d9a1fe800d3 100644 --- a/overlord/configstate/configcore/export_test.go +++ b/overlord/configstate/configcore/export_test.go @@ -101,3 +101,9 @@ func MockServicestateControl(f func(st *state.State, appInfos []*snap.AppInfo, i func MockServicestateChangeTimeout(v time.Duration) func() { return testutil.Mock(&serviceStartChangeTimeout, v) } + +func MockEnvPath(newEnvPath string) func() { + oldEnvPath := envFilePath + envFilePath = newEnvPath + return func() { envFilePath = oldEnvPath } +} diff --git a/overlord/configstate/configcore/handlers.go b/overlord/configstate/configcore/handlers.go index ae6fec3bce6..14cc429e914 100644 --- a/overlord/configstate/configcore/handlers.go +++ b/overlord/configstate/configcore/handlers.go @@ -118,6 +118,9 @@ func init() { // store.access addFSOnlyHandler(validateStoreAccess, handleStoreAccess, coreOnly) + // system.coredump + addFSOnlyHandler(validateCoredumpSettings, handleCoredumpConfiguration, coreOnly) + sysconfig.ApplyFilesystemOnlyDefaultsImpl = filesystemOnlyApply } diff --git a/overlord/configstate/configcore/proxy.go b/overlord/configstate/configcore/proxy.go index e84ec6c1d59..280215835e1 100644 --- a/overlord/configstate/configcore/proxy.go +++ b/overlord/configstate/configcore/proxy.go @@ -36,6 +36,7 @@ import ( var ( devicestateResetSession = devicestate.ResetSession + envFilePath = "/etc/environment" ) var proxyConfigKeys = map[string]bool{ @@ -55,7 +56,7 @@ func init() { } func etcEnvironment() string { - return filepath.Join(dirs.GlobalRootDir, "/etc/environment") + return filepath.Join(dirs.GlobalRootDir, envFilePath) } func updateEtcEnvironmentConfig(path string, config map[string]string) error { diff --git a/overlord/configstate/configcore/proxy_test.go b/overlord/configstate/configcore/proxy_test.go index 3ce8c8aaf33..ee822f363bb 100644 --- a/overlord/configstate/configcore/proxy_test.go +++ b/overlord/configstate/configcore/proxy_test.go @@ -81,6 +81,8 @@ PATH="/usr/bin" func (s *proxySuite) TestConfigureProxyUnhappy(c *C) { dirs.SetRootDir(c.MkDir()) + r := configcore.MockEnvPath("/otherrootfs/etc/environment") + defer r() err := configcore.Run(coreDev, &mockConf{ state: s.state, conf: map[string]interface{}{ diff --git a/tests/core/coredump-options/task.yaml b/tests/core/coredump-options/task.yaml new file mode 100644 index 00000000000..9116f1d01a3 --- /dev/null +++ b/tests/core/coredump-options/task.yaml @@ -0,0 +1,37 @@ +summary: Enable and use coredump options on UC + +details: | + Use coredump options and ensure that systemd-coredump can generate + core files when configured to do so. + +systems: [-ubuntu-core-1*, -ubuntu-core-20*, -ubuntu-core-22*] + +execute: | + cfg_path=/etc/systemd/coredump.conf.d/ubuntu-core.conf + + # coredumps should be initially disabled + expect=$(printf "[Coredump]\nStorage=none\nProcessSizeMax=0\n") + test "$expect" = "$(cat $cfg_path)" + + # TODO no coredumps are dropped, but we get a journal entry. Depends + # on https://github.com/snapcore/core-base/pull/227 being in the + # installed core24 channel already. + + # enable coredump with a max use size + max_use=10M + snap set system system.coredump.enable=true + snap set system system.coredump.maxuse="$max_use" + + expect=$(printf "[Coredump]\nStorage=external\nMaxUse=%s\n" "$max_use") + test "$expect" = "$(cat $cfg_path)" + + # TODO Generate a core dump. Depends on + # https://github.com/snapcore/core-base/pull/227 too. + + # Finally, disable again + snap set system system.coredump.enable=false + expect=$(printf "[Coredump]\nStorage=none\nProcessSizeMax=0\n") + test "$expect" = "$(cat $cfg_path)" + + # TODO no coredumps are dropped, but we get a journal entry + # Depends on https://github.com/snapcore/core-base/pull/227 too. From c26be6745a2c2cbb11afdea5e98e55163a844f86 Mon Sep 17 00:00:00 2001 From: Maciej Borzecki Date: Mon, 29 Jul 2024 18:22:20 +0200 Subject: [PATCH 02/12] cmd/snap-failure: use distro release info to choose fallback target When there is just one revision of snapd installed in the system, snap-failure would always fall back to run snapd from core during recovery process if the core snap is installed. However, on Ubuntu Core systems where the snapd snap is present by default, such as UC18+, the fallback mechanism should only consider calling binaries from the snapd snap. On classic, we still allow falling back to the core snap binaries. Signed-off-by: Maciej Borzecki --- cmd/snap-failure/cmd_snapd.go | 34 +++++++-- cmd/snap-failure/cmd_snapd_test.go | 113 +++++++++++++++++++++++++++++ cmd/snap-failure/export_test.go | 4 +- cmd/snap-failure/main_test.go | 5 +- 4 files changed, 146 insertions(+), 10 deletions(-) diff --git a/cmd/snap-failure/cmd_snapd.go b/cmd/snap-failure/cmd_snapd.go index 2062b426eae..0cdb5923ce5 100644 --- a/cmd/snap-failure/cmd_snapd.go +++ b/cmd/snap-failure/cmd_snapd.go @@ -129,20 +129,38 @@ func (c *cmdSnapd) Execute(args []string) error { prevRev, err := prevRevision("snapd") switch err { case errNoSnapd: + logger.Noticef("no snapd snap in the system") // the snapd snap is not installed return nil case errNoPrevious: - // this is the first revision of snapd to be installed on the - // system, either a remodel or a plain snapd installation, call - // the snapd from the core snap - snapdPath = filepath.Join(dirs.SnapMountDir, "core", "current", "/usr/lib/snapd/snapd") - if !osutil.FileExists(snapdPath) { - // it is possible that the core snap is not installed at - // all, in which case we should try the snapd snap - snapdPath = filepath.Join(dirs.SnapMountDir, "snapd", "current", "/usr/lib/snapd/snapd") + logger.Noticef("no previous revision of snapd installed in the system") + // snapd is being installed for the first time, or there is simply a single + // revision of snapd in the system + snapdFromCurrentCorePath := filepath.Join(dirs.SnapMountDir, "core", "current", "/usr/lib/snapd/snapd") + snapdFromCurrentSnapdPath := filepath.Join(dirs.SnapMountDir, "snapd", "current", "/usr/lib/snapd/snapd") + + if !release.OnClassic { + // on a Core system check whether it's a UC16 where we + // can fall back to snapd from the core snap, or a newer + // release where we should only consider the snapd snap + if release.ReleaseInfo.VersionID == "16" { + logger.Noticef("on Ubuntu Core system with the core snap") + snapdPath = snapdFromCurrentCorePath + } else { + logger.Noticef("on Ubuntu Core system with the snapd snap") + snapdPath = snapdFromCurrentSnapdPath + } + } else { + // on a classic system allow falling back to snapd from + // core if it is present + snapdPath = snapdFromCurrentCorePath + if !osutil.FileExists(snapdPath) { + snapdPath = snapdFromCurrentSnapdPath + } } prevRev = "0" case nil: + logger.Noticef("found previous revision of snapd snap: %v", prevRev) // the snapd snap was installed before, use the previous revision snapdPath = filepath.Join(dirs.SnapMountDir, "snapd", prevRev, "/usr/lib/snapd/snapd") default: diff --git a/cmd/snap-failure/cmd_snapd_test.go b/cmd/snap-failure/cmd_snapd_test.go index 3143b1187ee..1592af7a1a9 100644 --- a/cmd/snap-failure/cmd_snapd_test.go +++ b/cmd/snap-failure/cmd_snapd_test.go @@ -299,6 +299,119 @@ func (r *failureSuite) TestCallPrevSnapdFromSnapdWhenNoCore(c *C) { }) } +type distroVersionDrivenTestCase struct { + releaseInfo *release.OS + classic bool + callsFromSnapd bool + hasCore bool +} + +func (r *failureSuite) testCallPrevSnapdWhenDistroInfoDriven(c *C, tc distroVersionDrivenTestCase) { + origArgs := os.Args + defer func() { os.Args = origArgs }() + + defer release.MockReleaseInfo(tc.releaseInfo)() + // TODO release should update that internally when mocking release info + defer release.MockOnClassic(tc.classic)() + + // only one entry in sequence + writeSeqFile(c, "snapd", snap.R(123), []*snap.SideInfo{ + {Revision: snap.R(123)}, + }) + + var snippetSnapdSnapd, snippetCoreSnapd string + if tc.callsFromSnapd { + snippetSnapdSnapd, snippetCoreSnapd = `test "$SNAPD_REVERT_TO_REV" = "0"`, `exit 1` + } else { + snippetSnapdSnapd, snippetCoreSnapd = `exit 1`, `test "$SNAPD_REVERT_TO_REV" = "0"` + } + + var snapdInCore, snapdInSnapd *testutil.MockCmd + // mock snapd in the core snap + if tc.hasCore { + snapdInCore = testutil.MockCommand(c, filepath.Join(dirs.SnapMountDir, "core", "current", "/usr/lib/snapd/snapd"), + snippetCoreSnapd) + defer snapdInCore.Restore() + } + + snapdInSnapd = testutil.MockCommand(c, filepath.Join(dirs.SnapMountDir, "snapd", "current", "/usr/lib/snapd/snapd"), + snippetSnapdSnapd) + defer snapdInSnapd.Restore() + + os.Args = []string{"snap-failure", "snapd"} + err := failure.Run() + c.Check(err, IsNil) + c.Check(r.Stderr(), HasLen, 0) + + if tc.callsFromSnapd { + c.Check(snapdInSnapd.Calls(), DeepEquals, [][]string{ + {"snapd"}, + }) + if tc.hasCore { + c.Check(snapdInCore.Calls(), HasLen, 0) + } + } else { + c.Check(snapdInSnapd.Calls(), HasLen, 0) + if tc.hasCore { + c.Check(snapdInCore.Calls(), DeepEquals, [][]string{ + {"snapd"}, + }) + } + } + + c.Check(r.systemctlCmd.Calls(), DeepEquals, [][]string{ + {"systemctl", "stop", "snapd.socket"}, + {"systemctl", "is-failed", "snapd.socket", "snapd.service"}, + {"systemctl", "reset-failed", "snapd.socket", "snapd.service"}, + {"systemctl", "restart", "snapd.socket"}, + }) +} + +func (r *failureSuite) TestCallPrevSnapdWithSnapdUC20(c *C) { + r.testCallPrevSnapdWhenDistroInfoDriven(c, distroVersionDrivenTestCase{ + releaseInfo: &release.OS{ID: "ubuntu-core", VersionID: "20"}, + classic: false, + callsFromSnapd: true, + hasCore: true, + }) +} + +func (r *failureSuite) TestCallPrevSnapdWithSnapdUC18(c *C) { + r.testCallPrevSnapdWhenDistroInfoDriven(c, distroVersionDrivenTestCase{ + releaseInfo: &release.OS{ID: "ubuntu-core", VersionID: "18"}, + classic: false, + callsFromSnapd: true, + hasCore: true, + }) +} + +func (r *failureSuite) TestCallPrevSnapdWithCoreUC16(c *C) { + r.testCallPrevSnapdWhenDistroInfoDriven(c, distroVersionDrivenTestCase{ + releaseInfo: &release.OS{ID: "ubuntu-core", VersionID: "16"}, + classic: false, + callsFromSnapd: false, // calls snapd from core as it's a UC16 system + hasCore: true, + }) +} + +func (r *failureSuite) TestCallPrevSnapdWithCoreClassic(c *C) { + r.testCallPrevSnapdWhenDistroInfoDriven(c, distroVersionDrivenTestCase{ + releaseInfo: &release.OS{ID: "ubuntu", VersionID: "24.04"}, + classic: true, + hasCore: true, + callsFromSnapd: false, // classic is allowed to fall back to core + }) +} + +func (r *failureSuite) TestCallPrevSnapdWithSnapdClassic(c *C) { + r.testCallPrevSnapdWhenDistroInfoDriven(c, distroVersionDrivenTestCase{ + releaseInfo: &release.OS{ID: "ubuntu", VersionID: "24.04"}, + classic: true, + hasCore: false, + callsFromSnapd: true, // no core, so classic stays with the snapd snap + }) +} + func (r *failureSuite) TestCallPrevSnapdFail(c *C) { origArgs := os.Args defer func() { os.Args = origArgs }() diff --git a/cmd/snap-failure/export_test.go b/cmd/snap-failure/export_test.go index bfa2352cf12..93746541377 100644 --- a/cmd/snap-failure/export_test.go +++ b/cmd/snap-failure/export_test.go @@ -19,7 +19,9 @@ package main -import "time" +import ( + "time" +) var ( Run = run diff --git a/cmd/snap-failure/main_test.go b/cmd/snap-failure/main_test.go index a5e3411abc8..a9eecc0893d 100644 --- a/cmd/snap-failure/main_test.go +++ b/cmd/snap-failure/main_test.go @@ -68,7 +68,10 @@ func (r *failureSuite) SetUpTest(c *C) { log, restore := logger.MockLogger() r.log = log - r.AddCleanup(restore) + r.AddCleanup(func() { + c.Logf("logs:\n%s", log.String()) + restore() + }) r.systemctlCmd = testutil.MockCommand(c, "systemctl", "") r.AddCleanup(r.systemctlCmd.Restore) From 9e5749f2c656203cd488485cd843cb3c86a455ff Mon Sep 17 00:00:00 2001 From: Maciej Borzecki Date: Wed, 21 Aug 2024 18:08:37 +0200 Subject: [PATCH 03/12] cmd/snap-failure: restart snapd.service after recovery (#14394) * cmd/snap-failure: restart snapd.service after recovery Attempt to restart the snapd service once recovery is complete. This ensures that we restore to the same state which was present before the failure. Related: SNAPDENG-26661 Signed-off-by: Maciej Borzecki * tests/core/snapd-failover: update to match snap-failure Signed-off-by: Maciej Borzecki --------- Signed-off-by: Maciej Borzecki --- cmd/snap-failure/cmd_snapd.go | 13 +++++++++---- cmd/snap-failure/cmd_snapd_test.go | 24 ++++++++++++++---------- tests/core/snapd-failover/task.yaml | 20 ++++++++++++++------ 3 files changed, 37 insertions(+), 20 deletions(-) diff --git a/cmd/snap-failure/cmd_snapd.go b/cmd/snap-failure/cmd_snapd.go index 0cdb5923ce5..6a40e62a17c 100644 --- a/cmd/snap-failure/cmd_snapd.go +++ b/cmd/snap-failure/cmd_snapd.go @@ -232,9 +232,14 @@ func (c *cmdSnapd) Execute(args []string) error { } } - restartCmd := runCmd("systemctl", []string{"restart", "snapd.socket"}, nil) + // snap-failure is invoked after the snapd.service fails, which means + // that the service was active in the first place and we should try to + // restore the same state, i.e. have the service running, note that due + // to systemd dependencies, the socket should be restarted as well, but + // this isn't true for all systemd versions + restartCmd := runCmd("systemctl", []string{"restart", "snapd.socket", "snapd.service"}, nil) if err := restartCmd.Run(); err != nil { - logger.Noticef("failed to restart snapd.socket: %v", err) + logger.Noticef("failed to restart snapd.service: %v", err) // fallback to try snapd itself // wait more than DefaultStartLimitIntervalSec // @@ -243,8 +248,8 @@ func (c *cmdSnapd) Execute(args []string) error { // might need system-analyze timespan which is relatively new // for the general case time.Sleep(restartSnapdCoolOffWait) - logger.Noticef("fallback, restarting snapd itself") - restartCmd := runCmd("systemctl", []string{"restart", "snapd.service"}, nil) + logger.Noticef("restarting snapd again") + restartCmd := runCmd("systemctl", []string{"restart", "snapd.socket", "snapd.service"}, nil) if err := restartCmd.Run(); err != nil { logger.Noticef("failed to restart snapd: %v", err) } diff --git a/cmd/snap-failure/cmd_snapd_test.go b/cmd/snap-failure/cmd_snapd_test.go index 1592af7a1a9..b023de5649c 100644 --- a/cmd/snap-failure/cmd_snapd_test.go +++ b/cmd/snap-failure/cmd_snapd_test.go @@ -98,7 +98,7 @@ set -eu {"systemctl", "stop", "snapd.socket"}, {"systemctl", "is-failed", "snapd.socket", "snapd.service"}, {"systemctl", "reset-failed", "snapd.socket", "snapd.service"}, - {"systemctl", "restart", "snapd.socket"}, + {"systemctl", "restart", "snapd.socket", "snapd.service"}, }) } @@ -119,11 +119,15 @@ func (r *failureSuite) TestCallPrevSnapdFromSnapRestartSnapdFallback(c *C) { `test "$SNAPD_REVERT_TO_REV" = "100"`) defer snapdCmd.Restore() - systemctlCmd := testutil.MockCommand(c, "systemctl", ` -if [ "$1" = restart ] && [ "$2" == snapd.socket ] ; then + mockCmdStateDir := c.MkDir() + + systemctlCmd := testutil.MockCommand(c, "systemctl", fmt.Sprintf(` +statedir="%s" +if [ "$1 $2 $3" = "restart snapd.socket snapd.service" ] && [ ! -f "$statedir/stamp" ]; then + touch "$statedir/stamp" exit 1 fi -`) +`, mockCmdStateDir)) defer systemctlCmd.Restore() os.Args = []string{"snap-failure", "snapd"} @@ -138,8 +142,8 @@ fi {"systemctl", "stop", "snapd.socket"}, {"systemctl", "is-failed", "snapd.socket", "snapd.service"}, {"systemctl", "reset-failed", "snapd.socket", "snapd.service"}, - {"systemctl", "restart", "snapd.socket"}, - {"systemctl", "restart", "snapd.service"}, + {"systemctl", "restart", "snapd.socket", "snapd.service"}, + {"systemctl", "restart", "snapd.socket", "snapd.service"}, }) } @@ -233,7 +237,7 @@ fi {"systemctl", "is-active", "snapd.socket", "snapd.service"}, {"systemctl", "is-active", "snapd.socket", "snapd.service"}, {"systemctl", "reset-failed", "snapd.socket", "snapd.service"}, - {"systemctl", "restart", "snapd.socket"}, + {"systemctl", "restart", "snapd.socket", "snapd.service"}, }) } @@ -263,7 +267,7 @@ func (r *failureSuite) TestCallPrevSnapdFromCore(c *C) { {"systemctl", "stop", "snapd.socket"}, {"systemctl", "is-failed", "snapd.socket", "snapd.service"}, {"systemctl", "reset-failed", "snapd.socket", "snapd.service"}, - {"systemctl", "restart", "snapd.socket"}, + {"systemctl", "restart", "snapd.socket", "snapd.service"}, }) } @@ -295,7 +299,7 @@ func (r *failureSuite) TestCallPrevSnapdFromSnapdWhenNoCore(c *C) { {"systemctl", "stop", "snapd.socket"}, {"systemctl", "is-failed", "snapd.socket", "snapd.service"}, {"systemctl", "reset-failed", "snapd.socket", "snapd.service"}, - {"systemctl", "restart", "snapd.socket"}, + {"systemctl", "restart", "snapd.socket", "snapd.service"}, }) } @@ -546,7 +550,7 @@ func (r *failureSuite) TestStickySnapdSocket(c *C) { {"systemctl", "stop", "snapd.socket"}, {"systemctl", "is-failed", "snapd.socket", "snapd.service"}, {"systemctl", "reset-failed", "snapd.socket", "snapd.service"}, - {"systemctl", "restart", "snapd.socket"}, + {"systemctl", "restart", "snapd.socket", "snapd.service"}, }) // make sure the socket file was deleted diff --git a/tests/core/snapd-failover/task.yaml b/tests/core/snapd-failover/task.yaml index db58bc5443e..053f2f3bb81 100644 --- a/tests/core/snapd-failover/task.yaml +++ b/tests/core/snapd-failover/task.yaml @@ -96,10 +96,11 @@ execute: | # make sure that snapd is being executed within the cgroup assigned to snapd.service echo "Verify behavior on UC16, where snapd process eventually becomes" - # snap-failure only starts the socket unit, but we want to verify - # that the snapd runs + # snap-failure restarts the snapd service # shellcheck disable=SC2046,SC2002,SC2016 - retry -n 60 --wait 1 sh -e -c 'snap list ; cat /proc/$(pidof snapd)/cgroup | MATCH /snapd.service' + retry -n 60 --wait 1 sh -e -c 'cat /proc/$(pidof snapd)/cgroup | MATCH /snapd.service' + # the socket access is still functional + snap list else # TODO this check is incorrect and is essentially racing with systemd # which could try to active the failure service, as we're essentially @@ -150,6 +151,16 @@ execute: | sleep 1 done + # snapd.failure restarts the snapd service + echo "Await snapd service to become active" + retry --maxmins 5.5 systemctl is-active snapd.service + + echo "Double check the status of snapd.socket" + systemctl is-active snapd.socket + echo ".. and both sockets exist" + test -S /run/snapd.socket + test -S /run/snapd-snap.socket + # just because snapd.failure.service is active doesn't mean that we are # fully ready; we should wait until the snap command shows up again echo "And verify that snap commands still work and snapd is reverted" @@ -158,9 +169,6 @@ execute: | echo "Verify we got the expected error message" snap change --last=install|MATCH "there was a snapd rollback across the restart" - echo "Double check the status of snapd.socket" - systemctl is-active snapd.socket - echo "Ensure snapd is running as part of the snapd.service unit" # shellcheck disable=SC2046,SC2002 cat /proc/$(pidof snapd)/cgroup | MATCH /snapd.service From a6c1377b71a3c0bea1354837c715043d5f35c968 Mon Sep 17 00:00:00 2001 From: Oliver Calder Date: Wed, 21 Aug 2024 22:08:05 -0500 Subject: [PATCH 04/12] o/i/apparmorprompting: record notices in goroutines (#14405) * o/i/apparmorprompting: record notices in goroutines During snapd startup, the state lock is held while the prompting-related backends are created. However, the backends may try to record notices if, e.g., some rules on disk have expired before they are read by load. Similarly, during snapd shutdown, the state lock may be held while the interfaces requests manager is being stopped. If recording a notice happens synchronously during such situations, it results in a deadlock on the state lock. Thus, the notices must be recorded asynchronously. Note: this means that the order of notices is no longer guaranteed in the prompt and rule backends, but this is okay, since clients should always be prepared to consult the actual prompting endpoints as a single source of truth, and notice data is just a convenient shortcut if it is known that a prompt or rule has already been removed. Signed-off-by: Oliver Calder * o/i/apparmorprompting: increase wait notices timeout in tests Signed-off-by: Oliver Calder * o/i/apparmorprompting: do not manually set notice timestamp There is a fix in state/notices.go to ensure that no two notices can have the same timestamp by increasing the timestamp of any duplicates by 1ns, but that only applies to notices with an unset Time in the AddNoticeOptions. Thus, with manually set times, we can get identical timestamps. For now, stop manually setting timestamps. Signed-off-by: Oliver Calder * o/i/apparmorprompting: fix bug in tests while waiting for no notices Signed-off-by: Oliver Calder * tests: add test of snapd startup with apparmor prompting enabled Signed-off-by: Oliver Calder --------- Signed-off-by: Oliver Calder --- .../ifacestate/apparmorprompting/prompting.go | 32 +++-- .../apparmorprompting/prompting_test.go | 130 ++++++++++++++---- .../task.yaml | 69 ++++++++++ 3 files changed, 195 insertions(+), 36 deletions(-) create mode 100644 tests/main/apparmor-prompting-snapd-startup/task.yaml diff --git a/overlord/ifacestate/apparmorprompting/prompting.go b/overlord/ifacestate/apparmorprompting/prompting.go index e5754374885..541bdd42016 100644 --- a/overlord/ifacestate/apparmorprompting/prompting.go +++ b/overlord/ifacestate/apparmorprompting/prompting.go @@ -79,26 +79,34 @@ type InterfacesRequestsManager struct { func New(s *state.State) (m *InterfacesRequestsManager, retErr error) { notifyPrompt := func(userID uint32, promptID prompting.IDType, data map[string]string) error { - // TODO: add some sort of queue so that notifyPrompt calls can return - // quickly without waiting for state lock and AddNotice() to return. - s.Lock() - defer s.Unlock() options := state.AddNoticeOptions{ Data: data, + // TODO: guarantee order by passing in the current time and ensuring + // that the notices backend keeps notice data from the AddNotice + // call with the most recent Time field. + // Time: time.Now(), } - _, err := s.AddNotice(&userID, state.InterfacesRequestsPromptNotice, promptID.String(), &options) - return err + go func() { + s.Lock() + defer s.Unlock() + s.AddNotice(&userID, state.InterfacesRequestsPromptNotice, promptID.String(), &options) + }() + return nil } notifyRule := func(userID uint32, ruleID prompting.IDType, data map[string]string) error { - // TODO: add some sort of queue so that notifyRule calls can return - // quickly without waiting for state lock and AddNotice() to return. - s.Lock() - defer s.Unlock() options := state.AddNoticeOptions{ Data: data, + // TODO: guarantee order by passing in the current time and ensuring + // that the notices backend keeps notice data from the AddNotice + // call with the most recent Time field. + // Time: time.Now(), } - _, err := s.AddNotice(&userID, state.InterfacesRequestsRuleUpdateNotice, ruleID.String(), &options) - return err + go func() { + s.Lock() + defer s.Unlock() + s.AddNotice(&userID, state.InterfacesRequestsRuleUpdateNotice, ruleID.String(), &options) + }() + return nil } listenerBackend, err := listenerRegister() diff --git a/overlord/ifacestate/apparmorprompting/prompting_test.go b/overlord/ifacestate/apparmorprompting/prompting_test.go index 74ac14256f7..3b28117607e 100644 --- a/overlord/ifacestate/apparmorprompting/prompting_test.go +++ b/overlord/ifacestate/apparmorprompting/prompting_test.go @@ -71,6 +71,8 @@ func (s *apparmorpromptingSuite) TestNew(c *C) { _, _, restore := apparmorprompting.MockListener() defer restore() + s.st.Lock() + defer s.st.Unlock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, IsNil) @@ -85,6 +87,8 @@ func (s *apparmorpromptingSuite) TestNewErrorListener(c *C) { }) defer restore() + s.st.Lock() + defer s.st.Unlock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, ErrorMatches, fmt.Sprintf("cannot register prompting listener: %v", registerFailure)) c.Assert(mgr, IsNil) @@ -102,6 +106,8 @@ func (s *apparmorpromptingSuite) TestNewErrorPromptDB(c *C) { c.Assert(f.Chmod(0o400), IsNil) defer f.Chmod(0o600) + s.st.Lock() + defer s.st.Unlock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, ErrorMatches, "cannot open request prompts backend:.*") c.Assert(mgr, IsNil) @@ -131,6 +137,8 @@ func (s *apparmorpromptingSuite) TestNewErrorRuleDB(c *C) { c.Assert(f.Chmod(0o400), IsNil) defer f.Chmod(0o600) + s.st.Lock() + defer s.st.Unlock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, ErrorMatches, "cannot open request rules backend:.*") c.Assert(mgr, IsNil) @@ -147,6 +155,8 @@ func (s *apparmorpromptingSuite) TestStop(c *C) { reqChan, _, restore := apparmorprompting.MockListener() defer restore() + s.st.Lock() + defer s.st.Unlock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, IsNil) @@ -172,8 +182,10 @@ func (s *apparmorpromptingSuite) TestHandleListenerRequestDenyRoot(c *C) { reqChan, replyChan, restore := apparmorprompting.MockListener() defer restore() + s.st.Lock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, IsNil) + s.st.Unlock() // Send request for root req := &listener.Request{ @@ -187,6 +199,8 @@ func (s *apparmorpromptingSuite) TestHandleListenerRequestDenyRoot(c *C) { c.Check(resp.Request, Equals, req) c.Check(resp.AllowedPermission, Equals, nil) + s.st.Lock() + defer s.st.Unlock() c.Assert(mgr.Stop(), IsNil) } @@ -197,8 +211,10 @@ func (s *apparmorpromptingSuite) TestHandleListenerRequestErrors(c *C) { logbuf, restore := logger.MockLogger() defer restore() + s.st.Lock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, IsNil) + s.st.Unlock() prompts, err := mgr.Prompts(s.defaultUser) c.Check(err, IsNil) @@ -256,6 +272,8 @@ func (s *apparmorpromptingSuite) TestHandleListenerRequestErrors(c *C) { " WARNING: too many outstanding prompts for user 1000; auto-denying new one\n") }) + s.st.Lock() + defer s.st.Unlock() c.Assert(mgr.Stop(), IsNil) } @@ -263,8 +281,10 @@ func (s *apparmorpromptingSuite) TestHandleReplySimple(c *C) { reqChan, replyChan, restore := apparmorprompting.MockListener() defer restore() + s.st.Lock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, IsNil) + s.st.Unlock() req, prompt := s.simulateRequest(c, reqChan, mgr, &listener.Request{}, false) @@ -286,6 +306,8 @@ func (s *apparmorpromptingSuite) TestHandleReplySimple(c *C) { c.Check(err, IsNil) c.Check(resp.AllowedPermission, Equals, aaPerms) + s.st.Lock() + defer s.st.Unlock() c.Assert(mgr.Stop(), IsNil) } @@ -311,16 +333,7 @@ func (s *apparmorpromptingSuite) simulateRequest(c *C, reqChan chan *listener.Re logger.WithLoggerLock(func() { c.Assert(logbuf.String(), Equals, "") }) // which should generate a notice - s.st.Lock() - ctx, cancel := context.WithTimeout(context.Background(), time.Second) - defer cancel() - n, err := s.st.WaitNotices(ctx, &state.NoticeFilter{ - Types: []state.NoticeType{state.InterfacesRequestsPromptNotice}, - After: whenSent, - }) - s.st.Unlock() - c.Check(err, IsNil) - c.Check(n, HasLen, 1) + s.checkRecordedPromptNotices(c, whenSent, 1) // Check prompts now prompts, err = mgr.Prompts(s.defaultUser) @@ -401,8 +414,10 @@ func (s *apparmorpromptingSuite) TestHandleReplyErrors(c *C) { reqChan, replyChan, restore := apparmorprompting.MockListener() defer restore() + s.st.Lock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, IsNil) + s.st.Unlock() _, prompt := s.simulateRequest(c, reqChan, mgr, &listener.Request{}, false) @@ -461,6 +476,8 @@ func (s *apparmorpromptingSuite) TestHandleReplyErrors(c *C) { _, err = waitForReply(replyChan) c.Assert(err, NotNil) + s.st.Lock() + defer s.st.Unlock() c.Assert(mgr.Stop(), IsNil) } @@ -468,8 +485,10 @@ func (s *apparmorpromptingSuite) TestExistingRuleAllowsNewPrompt(c *C) { reqChan, replyChan, restore := apparmorprompting.MockListener() defer restore() + s.st.Lock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, IsNil) + s.st.Unlock() // Add allow rule to match read permission constraints := &prompting.Constraints{ @@ -512,35 +531,54 @@ func (s *apparmorpromptingSuite) TestExistingRuleAllowsNewPrompt(c *C) { c.Assert(err, IsNil) c.Check(resp.AllowedPermission, DeepEquals, expectedPermissions) + s.st.Lock() + defer s.st.Unlock() c.Assert(mgr.Stop(), IsNil) } func (s *apparmorpromptingSuite) checkRecordedPromptNotices(c *C, since time.Time, count int) { - s.st.Lock() - n := s.st.Notices(&state.NoticeFilter{ - Types: []state.NoticeType{state.InterfacesRequestsPromptNotice}, - After: since, - }) - s.st.Unlock() - c.Check(n, HasLen, count) + s.checkRecordedNotices(c, state.InterfacesRequestsPromptNotice, since, count) } func (s *apparmorpromptingSuite) checkRecordedRuleUpdateNotices(c *C, since time.Time, count int) { - s.st.Lock() - n := s.st.Notices(&state.NoticeFilter{ - Types: []state.NoticeType{state.InterfacesRequestsRuleUpdateNotice}, - After: since, - }) - s.st.Unlock() - c.Check(n, HasLen, count) + s.checkRecordedNotices(c, state.InterfacesRequestsRuleUpdateNotice, since, count) +} + +func (s *apparmorpromptingSuite) checkRecordedNotices(c *C, noticeType state.NoticeType, since time.Time, count int) { + timeout := time.Second + if count == 0 { + // Don't wait so long if we don't expect any notices + timeout = 100 * time.Millisecond + } + receivedCount := 0 + for count == 0 || receivedCount < count { + s.st.Lock() + ctx, cancel := context.WithTimeout(context.Background(), timeout) + defer cancel() + n, err := s.st.WaitNotices(ctx, &state.NoticeFilter{ + Types: []state.NoticeType{noticeType}, + After: since, + }) + s.st.Unlock() + if count == 0 { + c.Assert(err, NotNil) + c.Assert(n, HasLen, 0) + return + } + c.Assert(err, IsNil) + c.Assert(n, Not(HasLen), 0) + receivedCount += len(n) + } } func (s *apparmorpromptingSuite) TestExistingRulePartiallyAllowsNewPrompt(c *C) { reqChan, _, restore := apparmorprompting.MockListener() defer restore() + s.st.Lock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, IsNil) + s.st.Unlock() // Add rule to match read permission constraints := &prompting.Constraints{ @@ -561,6 +599,8 @@ func (s *apparmorpromptingSuite) TestExistingRulePartiallyAllowsNewPrompt(c *C) // Check that prompt was created for remaining "write" permission c.Check(prompt.Constraints.RemainingPermissions(), DeepEquals, []string{"write"}) + s.st.Lock() + defer s.st.Unlock() c.Assert(mgr.Stop(), IsNil) } @@ -568,8 +608,10 @@ func (s *apparmorpromptingSuite) TestExistingRulePartiallyDeniesNewPrompt(c *C) reqChan, replyChan, restore := apparmorprompting.MockListener() defer restore() + s.st.Lock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, IsNil) + s.st.Unlock() // Add deny rule to match read permission constraints := &prompting.Constraints{ @@ -604,6 +646,8 @@ func (s *apparmorpromptingSuite) TestExistingRulePartiallyDeniesNewPrompt(c *C) c.Check(resp.Request, Equals, req) c.Check(resp.AllowedPermission, DeepEquals, notify.FilePermission(0)) + s.st.Lock() + defer s.st.Unlock() c.Assert(mgr.Stop(), IsNil) } @@ -611,8 +655,10 @@ func (s *apparmorpromptingSuite) TestExistingRulesMixedMatchNewPromptDenies(c *C reqChan, replyChan, restore := apparmorprompting.MockListener() defer restore() + s.st.Lock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, IsNil) + s.st.Unlock() // Add deny rule to match read permission constraints := &prompting.Constraints{ @@ -660,6 +706,8 @@ func (s *apparmorpromptingSuite) TestExistingRulesMixedMatchNewPromptDenies(c *C c.Assert(err, IsNil) c.Check(resp.AllowedPermission, DeepEquals, expectedPermissions) + s.st.Lock() + defer s.st.Unlock() c.Assert(mgr.Stop(), IsNil) } @@ -667,8 +715,10 @@ func (s *apparmorpromptingSuite) TestNewRuleAllowExistingPrompt(c *C) { reqChan, replyChan, restore := apparmorprompting.MockListener() defer restore() + s.st.Lock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, IsNil) + s.st.Unlock() // Add read request readReq := &listener.Request{ @@ -733,6 +783,8 @@ func (s *apparmorpromptingSuite) TestNewRuleAllowExistingPrompt(c *C) { s.checkRecordedPromptNotices(c, whenSent, 2) s.checkRecordedRuleUpdateNotices(c, whenSent, 1) + s.st.Lock() + defer s.st.Unlock() c.Assert(mgr.Stop(), IsNil) } @@ -740,8 +792,10 @@ func (s *apparmorpromptingSuite) TestNewRuleDenyExistingPrompt(c *C) { reqChan, replyChan, restore := apparmorprompting.MockListener() defer restore() + s.st.Lock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, IsNil) + s.st.Unlock() // Add read request readReq := &listener.Request{ @@ -798,6 +852,8 @@ func (s *apparmorpromptingSuite) TestNewRuleDenyExistingPrompt(c *C) { s.checkRecordedPromptNotices(c, whenSent, 2) s.checkRecordedRuleUpdateNotices(c, whenSent, 1) + s.st.Lock() + defer s.st.Unlock() c.Assert(mgr.Stop(), IsNil) } @@ -805,8 +861,10 @@ func (s *apparmorpromptingSuite) TestReplyNewRuleHandlesExistingPrompt(c *C) { reqChan, replyChan, restore := apparmorprompting.MockListener() defer restore() + s.st.Lock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, IsNil) + s.st.Unlock() // Already tested HandleReply errors, and that applyRuleToOutstandingPrompts // works correctly, so now just need to test that if reply creates a rule, @@ -870,6 +928,8 @@ func (s *apparmorpromptingSuite) TestReplyNewRuleHandlesExistingPrompt(c *C) { s.checkRecordedPromptNotices(c, whenSent, 2) s.checkRecordedRuleUpdateNotices(c, whenSent, 1) + s.st.Lock() + defer s.st.Unlock() c.Assert(mgr.Stop(), IsNil) } @@ -898,8 +958,10 @@ func (s *apparmorpromptingSuite) testReplyRuleHandlesFuturePrompts(c *C, outcome reqChan, replyChan, restore := apparmorprompting.MockListener() defer restore() + s.st.Lock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, IsNil) + s.st.Unlock() // Already tested HandleReply errors, and that applyRuleToOutstandingPrompts // works correctly, so now just need to test that if reply creates a rule, @@ -987,6 +1049,8 @@ func (s *apparmorpromptingSuite) testReplyRuleHandlesFuturePrompts(c *C, outcome // Check that no notices were recorded s.checkRecordedPromptNotices(c, whenSent, 0) + s.st.Lock() + defer s.st.Unlock() c.Assert(mgr.Stop(), IsNil) } @@ -994,8 +1058,10 @@ func (s *apparmorpromptingSuite) TestRequestMerged(c *C) { reqChan, _, restore := apparmorprompting.MockListener() defer restore() + s.st.Lock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, IsNil) + s.st.Unlock() // Requests with identical *original* abstract permissions are merged into // the existing prompt @@ -1034,6 +1100,8 @@ func (s *apparmorpromptingSuite) TestRequestMerged(c *C) { } s.simulateRequest(c, reqChan, mgr, readReq, false) + s.st.Lock() + defer s.st.Unlock() c.Assert(mgr.Stop(), IsNil) } @@ -1062,13 +1130,17 @@ func (s *apparmorpromptingSuite) TestRules(c *C) { c.Check(err, IsNil) c.Check(snapIfaceRules, DeepEquals, []*requestrules.Rule{rules[0]}) + s.st.Lock() + defer s.st.Unlock() c.Assert(mgr.Stop(), IsNil) } func (s *apparmorpromptingSuite) prepManagerWithRules(c *C) (mgr *apparmorprompting.InterfacesRequestsManager, rules []*requestrules.Rule) { var err error + s.st.Lock() mgr, err = apparmorprompting.New(s.st) c.Assert(err, IsNil) + s.st.Unlock() whenAdded := time.Now() @@ -1138,6 +1210,8 @@ func (s *apparmorpromptingSuite) TestRemoveRulesInterface(c *C) { c.Check(userRules, DeepEquals, rules[2:3]) s.checkRecordedRuleUpdateNotices(c, whenRemoved, 2) + s.st.Lock() + defer s.st.Unlock() c.Assert(mgr.Stop(), IsNil) } @@ -1161,6 +1235,8 @@ func (s *apparmorpromptingSuite) TestRemoveRulesSnap(c *C) { c.Check(userRules, DeepEquals, rules[1:2]) s.checkRecordedRuleUpdateNotices(c, whenRemoved, 2) + s.st.Lock() + defer s.st.Unlock() c.Assert(mgr.Stop(), IsNil) } @@ -1184,6 +1260,8 @@ func (s *apparmorpromptingSuite) TestRemoveRulesSnapInterface(c *C) { c.Check(userRules, DeepEquals, rules[1:3]) s.checkRecordedRuleUpdateNotices(c, whenRemoved, 1) + s.st.Lock() + defer s.st.Unlock() c.Assert(mgr.Stop(), IsNil) } @@ -1191,8 +1269,10 @@ func (s *apparmorpromptingSuite) TestAddRuleWithIDPatchRemove(c *C) { reqChan, replyChan, restore := apparmorprompting.MockListener() defer restore() + s.st.Lock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, IsNil) + s.st.Unlock() // Add read request req := &listener.Request{ @@ -1261,5 +1341,7 @@ func (s *apparmorpromptingSuite) TestAddRuleWithIDPatchRemove(c *C) { c.Assert(err, IsNil) c.Assert(rules, HasLen, 0) + s.st.Lock() + defer s.st.Unlock() c.Assert(mgr.Stop(), IsNil) } diff --git a/tests/main/apparmor-prompting-snapd-startup/task.yaml b/tests/main/apparmor-prompting-snapd-startup/task.yaml new file mode 100644 index 00000000000..9bdadce6dbe --- /dev/null +++ b/tests/main/apparmor-prompting-snapd-startup/task.yaml @@ -0,0 +1,69 @@ +summary: Check that snapd successfully starts with AppArmor prompting enabled + +details: | + When snapd starts up with the AppArmor prompting flag enabled, it attempts + to load any existing rules from disk and records notices for them, expiring + any rules which have expiration timestamps in the past. This test checks + that snapd can successfully start with prompting enabled, and that it can + load and expire rules and record notices appropriately. + +systems: + - ubuntu-2* + +prepare: | + # prerequisite for having a prompt handler service + snap set system experimental.user-daemons=true + "$TESTSTOOLS"/snaps-state install-local test-snapd-prompt-handler + snap connect test-snapd-prompt-handler:snap-interfaces-requests-control + +execute: | + RULES_PATH="/var/lib/snapd/interfaces-requests/request-rules.json" + + echo "Write two rules to disk, one of which is expired" + mkdir -p "$(dirname $RULES_PATH)" + echo '{"rules":[{"id":"0000000000000002","timestamp":"2004-10-20T14:05:08.901174186-05:00","user":1000,"snap":"shellcheck","interface":"home","constraints":{"path-pattern":"/home/test/Projects/**","permissions":["read"]},"outcome":"allow","lifespan":"forever","expiration":"0001-01-01T00:00:00Z"},{"id":"0000000000000003","timestamp":"2004-10-20T16:47:32.138415627-05:00","user":1000,"snap":"firefox","interface":"home","constraints":{"path-pattern":"/home/test/Downloads/**","permissions":["read","write"]},"outcome":"allow","lifespan":"timespan","expiration":"2005-04-08T00:00:00Z"}]}' | tee "$RULES_PATH" + + # Prompting is disabled everywhere but the Ubuntu systems + # TODO: on Ubuntu releases < 24.04 we need the snapd snap for testing + if ! os.query is-ubuntu || os.query is-ubuntu-lt 24.04 || os.query is-core ; then + not snap set system experimental.apparmor-prompting=true >& err.out + if os.query is-core; then + # there is a more specific error on Ubuntu Core + MATCH "cannot enable prompting feature as it is not supported on Ubuntu Core systems" < err.out + else + MATCH "cannot enable prompting feature as it is not supported by the system" < err.out + fi + # even if unsupported setting it to false should succeed + snap set system experimental.apparmor-prompting=false + exit 0 + fi + + CURRTIME="$(date --rcf3339=ns | tr -s ' ' 'T')" + + # Wait a second to make sure any notices are recorded after CURRTIME + sleep 1 + + echo "Enable AppArmor prompting experimental feature" + snap set system experimental.apparmor-prompting=true + + # Wait for snapd to begin restart + sleep 5 + + echo "Check that snapd is able to start up" + retry --wait 1 -n 60 systemctl is-active snapd + + # Write expected rules after the expired rule has been removed + echo '{"rules":[{"id":"0000000000000002","timestamp":"2004-10-20T14:05:08.901174186-05:00","user":1000,"snap":"shellcheck","interface":"home","constraints":{"path-pattern":"/home/test/Projects/**","permissions":["read"]},"outcome":"allow","lifespan":"forever","expiration":"0001-01-01T00:00:00Z"}]}' | jq | tee expected.json + # Parse existing rules through jq so they can be compared + jq < "$RULES_PATH" > current.json + + echo "Check that rules on disk match what is expected" + diff expected.json current.json + + echo "Check that we received two notices" + snap debug api "/v2/notices?after=$CURRTIME&types=interfaces-requests-rule-update&user-id=1000" | jq '.result | length' | MATCH 2 + snap debug api "/v2/notices?after=$CURRTIME&types=interfaces-requests-rule-update&user-id=1000" | jq '.result' | grep -c '"removed": "expired"' | MATCH 1 + + echo "Check that only the former rule is still valid (must be done with UID 1000)" + sudo -iu '#1000' snap debug api /v2/interfaces/requests/rules | jq '.result | length' | MATCH 1 + sudo -iu '#1000' snap debug api /v2/interfaces/requests/rules | jq '.result.[0].id' | MATCH "0000000000000002" From de3d1eb4a9abd0366ac15418bfd20ebbd6f2973a Mon Sep 17 00:00:00 2001 From: Maciej Borzecki Date: Wed, 21 Aug 2024 17:50:18 +0200 Subject: [PATCH 05/12] tests: fix mocking of /sys/module and recreate /sys/module/apparmor in nvidia files tests (#14398) New libapparmor which is part of the vendored AppArmor stack probes files under /sys/module/apparmor. Once we move to testing with snapd snap, this hierarchy needs to be preserved when mocking the contents of /sys/module/. Signed-off-by: Maciej Borzecki --- tests/main/interfaces-opengl-nvidia/task.yaml | 25 +++++++++++-------- tests/main/nvidia-files/task.yaml | 24 +++++++++--------- 2 files changed, 26 insertions(+), 23 deletions(-) diff --git a/tests/main/interfaces-opengl-nvidia/task.yaml b/tests/main/interfaces-opengl-nvidia/task.yaml index f9bd7126d2c..5ba08c6964d 100644 --- a/tests/main/interfaces-opengl-nvidia/task.yaml +++ b/tests/main/interfaces-opengl-nvidia/task.yaml @@ -16,17 +16,19 @@ prepare: | # mock nvidia driver, we need to user overlayfs because on 22.04+ # /sys/module/apparmor is used by apparmor to communicate mkdir -p /tmp/sys-module/nvidia + tests.cleanup defer rm -rf /tmp/sys-module echo "$NV_VERSION" > /tmp/sys-module/nvidia/version - if os.query is-xenial || os.query is-bionic; then - mount -o bind /tmp/sys-module/ /sys/module - else - mkdir -p /tmp/sys-module-work - LO="/sys/module/" - UP="/tmp/sys-module" - WORK="/tmp/sys-module-work" - mount -t overlay overlay \ - -olowerdir="$LO",upperdir="$UP",workdir="$WORK" /sys/module - fi + # mock /sys/module we need to recreate /sys/module/apparmor + mkdir -p /tmp/sys-module-apparmor + tests.cleanup defer rmdir /tmp/sys-module-apparmor + mount -o bind /sys/module/apparmor /tmp/sys-module-apparmor + tests.cleanup defer umount /tmp/sys-module-apparmor + mkdir -p /tmp/sys-module/apparmor + + mount -o bind /tmp/sys-module/ /sys/module + # and recreate apparmor directory + mount -o bind /tmp/sys-module-apparmor /sys/module/apparmor + tests.cleanup defer umount -R /sys/module # mock nvidia icd file test ! -d /usr/share/vulkan @@ -87,7 +89,8 @@ prepare: | echo "documentation" > /usr/share/nvidia/nvidia-application-profiles-535.54.03-key-documentation restore: | - umount /sys/module + tests.cleanup restore + rm -rf /usr/share/vulkan if ! os.query is-xenial; then diff --git a/tests/main/nvidia-files/task.yaml b/tests/main/nvidia-files/task.yaml index 932d1f804f7..56846de0819 100644 --- a/tests/main/nvidia-files/task.yaml +++ b/tests/main/nvidia-files/task.yaml @@ -160,19 +160,19 @@ prepare: | # must match installed libraries so that the right canary file is detected by # snap-confine. mkdir -p /tmp/sys-module/nvidia - echo "$DRIVER_VERSION" >/tmp/sys-module/nvidia/version - if os.query is-xenial || os.query is-bionic; then - mount -o bind /tmp/sys-module/ /sys/module - else - mkdir -p /tmp/sys-module-work - LO="/sys/module/" - UP="/tmp/sys-module" - WORK="/tmp/sys-module-work" - mount -t overlay overlay \ - -olowerdir="$LO",upperdir="$UP",workdir="$WORK" /sys/module - fi tests.cleanup defer rm -rf /tmp/sys-module - tests.cleanup defer umount /sys/module + echo "$DRIVER_VERSION" >/tmp/sys-module/nvidia/version + # mock /sys/module we need to recreate /sys/module/apparmor + mkdir -p /tmp/sys-module-apparmor + tests.cleanup defer rmdir /tmp/sys-module-apparmor + mount -o bind /sys/module/apparmor /tmp/sys-module-apparmor + tests.cleanup defer umount /tmp/sys-module-apparmor + mkdir -p /tmp/sys-module/apparmor + + mount -o bind /tmp/sys-module/ /sys/module + # and recreate apparmor directory + mount -o bind /tmp/sys-module-apparmor /sys/module/apparmor + tests.cleanup defer umount -R /sys/module snap install test-snapd-nvidia From 002f2ae952129b3ff7d7170a5c489d868f1ece75 Mon Sep 17 00:00:00 2001 From: Andrew Phelps <136256549+andrewphelpsj@users.noreply.github.com> Date: Wed, 21 Aug 2024 14:53:44 -0400 Subject: [PATCH 06/12] c/snap-failure: fix failing unit test that was missed in 0e31a38700714839f5997721016305623c97aef1 (#14403) --- cmd/snap-failure/cmd_snapd_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/snap-failure/cmd_snapd_test.go b/cmd/snap-failure/cmd_snapd_test.go index b023de5649c..93884ddc22f 100644 --- a/cmd/snap-failure/cmd_snapd_test.go +++ b/cmd/snap-failure/cmd_snapd_test.go @@ -367,7 +367,7 @@ func (r *failureSuite) testCallPrevSnapdWhenDistroInfoDriven(c *C, tc distroVers {"systemctl", "stop", "snapd.socket"}, {"systemctl", "is-failed", "snapd.socket", "snapd.service"}, {"systemctl", "reset-failed", "snapd.socket", "snapd.service"}, - {"systemctl", "restart", "snapd.socket"}, + {"systemctl", "restart", "snapd.socket", "snapd.service"}, }) } From 23b094707c2f5f76e70b52d91986dd21de7f641e Mon Sep 17 00:00:00 2001 From: ernestl Date: Wed, 21 Aug 2024 18:27:57 +0200 Subject: [PATCH 07/12] release: 2.65 --- NEWS.md | 89 +++++++++++++++++++ packaging/arch/PKGBUILD | 2 +- packaging/debian-sid/changelog | 143 +++++++++++++++++++++++++++++++ packaging/fedora/snapd.spec | 142 +++++++++++++++++++++++++++++- packaging/opensuse/snapd.changes | 5 ++ packaging/opensuse/snapd.spec | 2 +- packaging/ubuntu-14.04/changelog | 143 +++++++++++++++++++++++++++++++ packaging/ubuntu-16.04/changelog | 143 +++++++++++++++++++++++++++++++ 8 files changed, 666 insertions(+), 3 deletions(-) diff --git a/NEWS.md b/NEWS.md index ec689a5cc8a..46253abf487 100644 --- a/NEWS.md +++ b/NEWS.md @@ -1,3 +1,92 @@ +# New in snapd 2.65: +* Support building snapd using base Core22 (Snapcraft 8.x) +* FIPS: support building FIPS complaint snapd variant that switches to FIPS mode when the system boots with FIPS enabled +* AppArmor: update to latest 4.0.2 release +* AppArmor: enable using ABI 4.0 from host parser +* AppArmor: fix parser lookup +* AppArmor: support AppArmor snippet priorities +* AppArmor: allow reading cgroup memory.max file +* AppArmor: allow using snap-exec coming from the snapd snap when starting a confined process with jailmode +* AppArmor prompting (experimental): add checks for prompting support, include prompting status in system key, and restart snapd if prompting flag changes +* AppArmor prompting (experimental): include prompt prefix in AppArmor rules if prompting is supported and enabled +* AppArmor prompting (experimental): add common types, constraints, and mappings from AppArmor permissions to abstract permissions +* AppArmor prompting (experimental): add path pattern parsing and matching +* AppArmor prompting (experimental): add path pattern precedence based on specificity +* AppArmor prompting (experimental): add packages to manage outstanding request prompts and rules +* AppArmor prompting (experimental): add prompting API and notice types, which require snap-interfaces-requests-control interface +* AppArmor prompting (experimental): feature flag can only be enabled if prompting is supported, handler service connected, and the service can be started +* Registry views (experimental): rename from aspects to registries +* Registry views (experimental): support reading registry views and setting/unsetting registry data using snapctl +* Registry views (experimental): fetch and refresh registry assertions as needed +* Registry views (experimental): restrict view paths from using a number as first character and view names to storage path style patterns +* Snap components: support installing snaps and components from files at the same time (no REST API/CLI) +* Snap components: support downloading components related assertions from the store +* Snap components: support installing components from the store +* Snap components: support removing components individually and during snap removal +* Snap components: support kernel modules as components +* Snap components: support for component install, pre-refresh and post-refresh hooks +* Snap components: initial support for building systems that contain components +* Refresh app awareness (experimental): add data field for /v2/changes REST API to allow associating each task with affected snaps +* Refresh app awareness (experimental): use the app name from .desktop file in notifications +* Refresh app awareness (experimental): give snap-refresh-observe interface access to /v2/snaps/{name} endpoint +* Improve snap-confine compatibility with nvidia drivers +* Allow re-exec when SNAP_REEXEC is set for unlisted distros to simplify testing +* Allow mixing revision and channel on snap install +* Generate GNU build ID for Go binaries +* Add missing etelpmoc.sh for shell completion +* Do not attempt to run snapd on classic when re-exec is disabled +* Packaging/build maintenance for Debian sid, Fedora, Arch, openSuse +* Add snap debug API command to enable running raw queries +* Enable snap-confine snap mount directory detection +* Replace global seccomp filter with deny rules in standard seccomp template +* Remove support for Ubuntu Core Launcher (superseded by snap-confine) +* Support creating pending serial bound users after serial assertion becomes available +* Support disabling cloud-init using kernel command-line +* In hybrid systems, apps can refresh without waiting for restarts required by essential snaps +* Ship snap-debug-info.sh script used for system diagnostics +* Improve error messages when attempting to run non-existent snap +* Switch to -u UID:GID for strace-static +* Support enabling snapd logging with snap set system debug.snapd.{log,log-level} +* Add options system.coredump.enable and system.coredump.maxuse to support using systemd-coredump on Ubuntu Core +* Provide documentation URL for 'snap interface ' +* Fix restarting activated services instead of their activator units (i.e. sockets, timers) +* Fix potential unexpected auto-refresh of snap on managed schedule +* Fix potential segfault by guarding against kernel command-line changes on classic system +* Fix proxy entries in /etc/environment with missing newline that caused later manual entries to not be usable +* Fix offline remodelling by ignoring prerequisites that will otherwise be downloaded from store +* Fix devmode seccomp deny regression that caused spamming the log instead of actual denies +* Fix snap lock leak during refresh +* Fix not re-pinning validation sets that were already pinned when enforcing new validation sets +* Fix handling of unexpected snapd runtime failure +* Fix /v2/notices REST API skipping notices with duplicate timestamps +* Fix comparing systemd versions that may contain pre-release suffixes +* Fix udev potentially starting before snap-device-helper is made available +* Fix race in snap seed metadata loading +* Fix treating cloud-init exit status 2 as error +* Fix to prevent sending refresh complete notification if snap snap-refresh-observe interface is connected +* Fix to queue snapctl service commands if run from the default-configure hook to ensure they get up-to-date config values +* Fix stop service failure when the service is not actually running anymore +* Fix parsing /proc/PID/mounts with spaces +* Add registry interface that provides snaps access to a particular registry view +* Add snap-interfaces-requests-control interface to enable prompting client snaps +* steam-support interface: remove all AppArmor and seccomp restrictions to improve user experience +* opengl interface: improve compatibility with nvidia drivers +* home interface: autoconnect home on Ubuntu Core Desktop +* serial-port interface: support RPMsg tty +* display-control interface: allow changing LVDS backlight power and brightness +* power-control interface: support for battery charging thesholds, type/status and AC type/status +* cpu-control interface: allow CPU C-state control +* raw-usb interface: support RPi5 and Thinkpad x13s +* custom-device interface: allow device file locking +* lxd-support interface: allow LXD to self-manage its own cgroup +* network-manager interface: support MPTCP sockets +* network-control interface: allow plug/slot access to gnutls config and systemd resolved cache flushing via D-Bus +* network-control interface: allow wpa_supplicant dbus api +* gpio-control interface: support gpiochip* devices +* polkit interface: fix "rw" mount option check +* u2f-devices interface: enable additional security keys +* desktop interface: enable kde theming support + # New in snapd 2.64: * Support building snapd using base Core22 (Snapcraft 8.x) * FIPS: support building FIPS complaint snapd variant that switches to FIPS mode when the system boots with FIPS enabled diff --git a/packaging/arch/PKGBUILD b/packaging/arch/PKGBUILD index 0113f36c992..7e9defe6084 100644 --- a/packaging/arch/PKGBUILD +++ b/packaging/arch/PKGBUILD @@ -11,7 +11,7 @@ pkgdesc="Service and tools for management of snap packages." depends=('squashfs-tools' 'libseccomp' 'libsystemd' 'apparmor') optdepends=('bash-completion: bash completion support' 'xdg-desktop-portal: desktop integration') -pkgver=2.64 +pkgver=2.65 pkgrel=1 arch=('x86_64' 'i686' 'armv7h' 'aarch64') url="https://github.com/snapcore/snapd" diff --git a/packaging/debian-sid/changelog b/packaging/debian-sid/changelog index 700ef77918f..e12a0db6d09 100644 --- a/packaging/debian-sid/changelog +++ b/packaging/debian-sid/changelog @@ -1,3 +1,146 @@ +snapd (2.65-1) unstable; urgency=medium + + * New upstream release, LP: #2077473 + - Support building snapd using base Core22 (Snapcraft 8.x) + - FIPS: support building FIPS complaint snapd variant that switches + to FIPS mode when the system boots with FIPS enabled + - AppArmor: update to latest 4.0.2 release + - AppArmor: enable using ABI 4.0 from host parser + - AppArmor: fix parser lookup + - AppArmor: support AppArmor snippet priorities + - AppArmor: allow reading cgroup memory.max file + - AppArmor: allow using snap-exec coming from the snapd snap when + starting a confined process with jailmode + - AppArmor prompting (experimental): add checks for prompting + support, include prompting status in system key, and restart snapd + if prompting flag changes + - AppArmor prompting (experimental): include prompt prefix in + AppArmor rules if prompting is supported and enabled + - AppArmor prompting (experimental): add common types, constraints, + and mappings from AppArmor permissions to abstract permissions + - AppArmor prompting (experimental): add path pattern parsing and + matching + - AppArmor prompting (experimental): add path pattern precedence + based on specificity + - AppArmor prompting (experimental): add packages to manage + outstanding request prompts and rules + - AppArmor prompting (experimental): add prompting API and notice + types, which require snap-interfaces-requests-control interface + - AppArmor prompting (experimental): feature flag can only be + enabled if prompting is supported, handler service connected, and + the service can be started + - Registry views (experimental): rename from aspects to registries + - Registry views (experimental): support reading registry views and + setting/unsetting registry data using snapctl + - Registry views (experimental): fetch and refresh registry + assertions as needed + - Registry views (experimental): restrict view paths from using a + number as first character and view names to storage path style + patterns + - Snap components: support installing snaps and components from + files at the same time (no REST API/CLI) + - Snap components: support downloading components related assertions + from the store + - Snap components: support installing components from the store + - Snap components: support removing components individually and + during snap removal + - Snap components: support kernel modules as components + - Snap components: support for component install, pre-refresh and + post-refresh hooks + - Snap components: initial support for building systems that contain + components + - Refresh app awareness (experimental): add data field for + /v2/changes REST API to allow associating each task with affected + snaps + - Refresh app awareness (experimental): use the app name from + .desktop file in notifications + - Refresh app awareness (experimental): give snap-refresh-observe + interface access to /v2/snaps/{name} endpoint + - Improve snap-confine compatibility with nvidia drivers + - Allow re-exec when SNAP_REEXEC is set for unlisted distros to + simplify testing + - Allow mixing revision and channel on snap install + - Generate GNU build ID for Go binaries + - Add missing etelpmoc.sh for shell completion + - Do not attempt to run snapd on classic when re-exec is disabled + - Packaging/build maintenance for Debian sid, Fedora, Arch, openSuse + - Add snap debug API command to enable running raw queries + - Enable snap-confine snap mount directory detection + - Replace global seccomp filter with deny rules in standard seccomp + template + - Remove support for Ubuntu Core Launcher (superseded by snap- + confine) + - Support creating pending serial bound users after serial assertion + becomes available + - Support disabling cloud-init using kernel command-line + - In hybrid systems, apps can refresh without waiting for restarts + required by essential snaps + - Ship snap-debug-info.sh script used for system diagnostics + - Improve error messages when attempting to run non-existent snap + - Switch to -u UID:GID for strace-static + - Support enabling snapd logging with snap set system + debug.snapd.{log,log-level} + - Add options system.coredump.enable and system.coredump.maxuse to + support using systemd-coredump on Ubuntu Core + - Provide documentation URL for 'snap interface ' + - Fix restarting activated services instead of their activator units + (i.e. sockets, timers) + - Fix potential unexpected auto-refresh of snap on managed schedule + - Fix potential segfault by guarding against kernel command-line + changes on classic system + - Fix proxy entries in /etc/environment with missing newline that + caused later manual entries to not be usable + - Fix offline remodelling by ignoring prerequisites that will + otherwise be downloaded from store + - Fix devmode seccomp deny regression that caused spamming the log + instead of actual denies + - Fix snap lock leak during refresh + - Fix not re-pinning validation sets that were already pinned when + enforcing new validation sets + - Fix handling of unexpected snapd runtime failure + - Fix /v2/notices REST API skipping notices with duplicate + timestamps + - Fix comparing systemd versions that may contain pre-release + suffixes + - Fix udev potentially starting before snap-device-helper is made + available + - Fix race in snap seed metadata loading + - Fix treating cloud-init exit status 2 as error + - Fix to prevent sending refresh complete notification if snap snap- + refresh-observe interface is connected + - Fix to queue snapctl service commands if run from the default- + configure hook to ensure they get up-to-date config values + - Fix stop service failure when the service is not actually running + anymore + - Fix parsing /proc/PID/mounts with spaces + - Add registry interface that provides snaps access to a particular + registry view + - Add snap-interfaces-requests-control interface to enable prompting + client snaps + - steam-support interface: remove all AppArmor and seccomp + restrictions to improve user experience + - opengl interface: improve compatibility with nvidia drivers + - home interface: autoconnect home on Ubuntu Core Desktop + - serial-port interface: support RPMsg tty + - display-control interface: allow changing LVDS backlight power and + brightness + - power-control interface: support for battery charging thesholds, + type/status and AC type/status + - cpu-control interface: allow CPU C-state control + - raw-usb interface: support RPi5 and Thinkpad x13s + - custom-device interface: allow device file locking + - lxd-support interface: allow LXD to self-manage its own cgroup + - network-manager interface: support MPTCP sockets + - network-control interface: allow plug/slot access to gnutls config + and systemd resolved cache flushing via D-Bus + - network-control interface: allow wpa_supplicant dbus api + - gpio-control interface: support gpiochip* devices + - polkit interface: fix "rw" mount option check + - u2f-devices interface: enable additional security keys + - desktop interface: enable kde theming support + + -- Ernest Lotter Wed, 21 Aug 2024 18:25:53 +0200 + snapd (2.64-1) unstable; urgency=medium * New upstream release, LP: #2072986 diff --git a/packaging/fedora/snapd.spec b/packaging/fedora/snapd.spec index 55b8daefeae..4098f702de9 100644 --- a/packaging/fedora/snapd.spec +++ b/packaging/fedora/snapd.spec @@ -104,7 +104,7 @@ %endif Name: snapd -Version: 2.64 +Version: 2.65 Release: 0%{?dist} Summary: A transactional software package manager License: GPLv3 @@ -1003,6 +1003,146 @@ fi %changelog +* Wed Aug 21 2024 Ernest Lotter +- New upstream release 2.65 + - Support building snapd using base Core22 (Snapcraft 8.x) + - FIPS: support building FIPS complaint snapd variant that switches + to FIPS mode when the system boots with FIPS enabled + - AppArmor: update to latest 4.0.2 release + - AppArmor: enable using ABI 4.0 from host parser + - AppArmor: fix parser lookup + - AppArmor: support AppArmor snippet priorities + - AppArmor: allow reading cgroup memory.max file + - AppArmor: allow using snap-exec coming from the snapd snap when + starting a confined process with jailmode + - AppArmor prompting (experimental): add checks for prompting + support, include prompting status in system key, and restart snapd + if prompting flag changes + - AppArmor prompting (experimental): include prompt prefix in + AppArmor rules if prompting is supported and enabled + - AppArmor prompting (experimental): add common types, constraints, + and mappings from AppArmor permissions to abstract permissions + - AppArmor prompting (experimental): add path pattern parsing and + matching + - AppArmor prompting (experimental): add path pattern precedence + based on specificity + - AppArmor prompting (experimental): add packages to manage + outstanding request prompts and rules + - AppArmor prompting (experimental): add prompting API and notice + types, which require snap-interfaces-requests-control interface + - AppArmor prompting (experimental): feature flag can only be + enabled if prompting is supported, handler service connected, and + the service can be started + - Registry views (experimental): rename from aspects to registries + - Registry views (experimental): support reading registry views and + setting/unsetting registry data using snapctl + - Registry views (experimental): fetch and refresh registry + assertions as needed + - Registry views (experimental): restrict view paths from using a + number as first character and view names to storage path style + patterns + - Snap components: support installing snaps and components from + files at the same time (no REST API/CLI) + - Snap components: support downloading components related assertions + from the store + - Snap components: support installing components from the store + - Snap components: support removing components individually and + during snap removal + - Snap components: support kernel modules as components + - Snap components: support for component install, pre-refresh and + post-refresh hooks + - Snap components: initial support for building systems that contain + components + - Refresh app awareness (experimental): add data field for + /v2/changes REST API to allow associating each task with affected + snaps + - Refresh app awareness (experimental): use the app name from + .desktop file in notifications + - Refresh app awareness (experimental): give snap-refresh-observe + interface access to /v2/snaps/{name} endpoint + - Improve snap-confine compatibility with nvidia drivers + - Allow re-exec when SNAP_REEXEC is set for unlisted distros to + simplify testing + - Allow mixing revision and channel on snap install + - Generate GNU build ID for Go binaries + - Add missing etelpmoc.sh for shell completion + - Do not attempt to run snapd on classic when re-exec is disabled + - Packaging/build maintenance for Debian sid, Fedora, Arch, openSuse + - Add snap debug API command to enable running raw queries + - Enable snap-confine snap mount directory detection + - Replace global seccomp filter with deny rules in standard seccomp + template + - Remove support for Ubuntu Core Launcher (superseded by snap- + confine) + - Support creating pending serial bound users after serial assertion + becomes available + - Support disabling cloud-init using kernel command-line + - In hybrid systems, apps can refresh without waiting for restarts + required by essential snaps + - Ship snap-debug-info.sh script used for system diagnostics + - Improve error messages when attempting to run non-existent snap + - Switch to -u UID:GID for strace-static + - Support enabling snapd logging with snap set system + debug.snapd.{log,log-level} + - Add options system.coredump.enable and system.coredump.maxuse to + support using systemd-coredump on Ubuntu Core + - Provide documentation URL for 'snap interface ' + - Fix restarting activated services instead of their activator units + (i.e. sockets, timers) + - Fix potential unexpected auto-refresh of snap on managed schedule + - Fix potential segfault by guarding against kernel command-line + changes on classic system + - Fix proxy entries in /etc/environment with missing newline that + caused later manual entries to not be usable + - Fix offline remodelling by ignoring prerequisites that will + otherwise be downloaded from store + - Fix devmode seccomp deny regression that caused spamming the log + instead of actual denies + - Fix snap lock leak during refresh + - Fix not re-pinning validation sets that were already pinned when + enforcing new validation sets + - Fix handling of unexpected snapd runtime failure + - Fix /v2/notices REST API skipping notices with duplicate + timestamps + - Fix comparing systemd versions that may contain pre-release + suffixes + - Fix udev potentially starting before snap-device-helper is made + available + - Fix race in snap seed metadata loading + - Fix treating cloud-init exit status 2 as error + - Fix to prevent sending refresh complete notification if snap snap- + refresh-observe interface is connected + - Fix to queue snapctl service commands if run from the default- + configure hook to ensure they get up-to-date config values + - Fix stop service failure when the service is not actually running + anymore + - Fix parsing /proc/PID/mounts with spaces + - Add registry interface that provides snaps access to a particular + registry view + - Add snap-interfaces-requests-control interface to enable prompting + client snaps + - steam-support interface: remove all AppArmor and seccomp + restrictions to improve user experience + - opengl interface: improve compatibility with nvidia drivers + - home interface: autoconnect home on Ubuntu Core Desktop + - serial-port interface: support RPMsg tty + - display-control interface: allow changing LVDS backlight power and + brightness + - power-control interface: support for battery charging thesholds, + type/status and AC type/status + - cpu-control interface: allow CPU C-state control + - raw-usb interface: support RPi5 and Thinkpad x13s + - custom-device interface: allow device file locking + - lxd-support interface: allow LXD to self-manage its own cgroup + - network-manager interface: support MPTCP sockets + - network-control interface: allow plug/slot access to gnutls config + and systemd resolved cache flushing via D-Bus + - network-control interface: allow wpa_supplicant dbus api + - gpio-control interface: support gpiochip* devices + - polkit interface: fix "rw" mount option check + - u2f-devices interface: enable additional security keys + - desktop interface: enable kde theming support + * Wed Jul 24 2024 Ernest Lotter - New upstream release 2.64 - Support building snapd using base Core22 (Snapcraft 8.x) diff --git a/packaging/opensuse/snapd.changes b/packaging/opensuse/snapd.changes index dc771f55f4a..c3906fd2933 100644 --- a/packaging/opensuse/snapd.changes +++ b/packaging/opensuse/snapd.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Wed Aug 21 16:25:53 UTC 2024 - ernest.lotter@canonical.com + +- Update to upstream release 2.65 + ------------------------------------------------------------------- Wed Jul 24 19:11:59 UTC 2024 - ernest.lotter@canonical.com diff --git a/packaging/opensuse/snapd.spec b/packaging/opensuse/snapd.spec index 0afa3dc2ffa..f3e2d9c6cdc 100644 --- a/packaging/opensuse/snapd.spec +++ b/packaging/opensuse/snapd.spec @@ -82,7 +82,7 @@ Name: snapd -Version: 2.64 +Version: 2.65 Release: 0 Summary: Tools enabling systems to work with .snap files License: GPL-3.0 diff --git a/packaging/ubuntu-14.04/changelog b/packaging/ubuntu-14.04/changelog index e62ea6e5f28..2328f1fc55f 100644 --- a/packaging/ubuntu-14.04/changelog +++ b/packaging/ubuntu-14.04/changelog @@ -1,3 +1,146 @@ +snapd (2.65~14.04) trusty; urgency=medium + + * New upstream release, LP: #2077473 + - Support building snapd using base Core22 (Snapcraft 8.x) + - FIPS: support building FIPS complaint snapd variant that switches + to FIPS mode when the system boots with FIPS enabled + - AppArmor: update to latest 4.0.2 release + - AppArmor: enable using ABI 4.0 from host parser + - AppArmor: fix parser lookup + - AppArmor: support AppArmor snippet priorities + - AppArmor: allow reading cgroup memory.max file + - AppArmor: allow using snap-exec coming from the snapd snap when + starting a confined process with jailmode + - AppArmor prompting (experimental): add checks for prompting + support, include prompting status in system key, and restart snapd + if prompting flag changes + - AppArmor prompting (experimental): include prompt prefix in + AppArmor rules if prompting is supported and enabled + - AppArmor prompting (experimental): add common types, constraints, + and mappings from AppArmor permissions to abstract permissions + - AppArmor prompting (experimental): add path pattern parsing and + matching + - AppArmor prompting (experimental): add path pattern precedence + based on specificity + - AppArmor prompting (experimental): add packages to manage + outstanding request prompts and rules + - AppArmor prompting (experimental): add prompting API and notice + types, which require snap-interfaces-requests-control interface + - AppArmor prompting (experimental): feature flag can only be + enabled if prompting is supported, handler service connected, and + the service can be started + - Registry views (experimental): rename from aspects to registries + - Registry views (experimental): support reading registry views and + setting/unsetting registry data using snapctl + - Registry views (experimental): fetch and refresh registry + assertions as needed + - Registry views (experimental): restrict view paths from using a + number as first character and view names to storage path style + patterns + - Snap components: support installing snaps and components from + files at the same time (no REST API/CLI) + - Snap components: support downloading components related assertions + from the store + - Snap components: support installing components from the store + - Snap components: support removing components individually and + during snap removal + - Snap components: support kernel modules as components + - Snap components: support for component install, pre-refresh and + post-refresh hooks + - Snap components: initial support for building systems that contain + components + - Refresh app awareness (experimental): add data field for + /v2/changes REST API to allow associating each task with affected + snaps + - Refresh app awareness (experimental): use the app name from + .desktop file in notifications + - Refresh app awareness (experimental): give snap-refresh-observe + interface access to /v2/snaps/{name} endpoint + - Improve snap-confine compatibility with nvidia drivers + - Allow re-exec when SNAP_REEXEC is set for unlisted distros to + simplify testing + - Allow mixing revision and channel on snap install + - Generate GNU build ID for Go binaries + - Add missing etelpmoc.sh for shell completion + - Do not attempt to run snapd on classic when re-exec is disabled + - Packaging/build maintenance for Debian sid, Fedora, Arch, openSuse + - Add snap debug API command to enable running raw queries + - Enable snap-confine snap mount directory detection + - Replace global seccomp filter with deny rules in standard seccomp + template + - Remove support for Ubuntu Core Launcher (superseded by snap- + confine) + - Support creating pending serial bound users after serial assertion + becomes available + - Support disabling cloud-init using kernel command-line + - In hybrid systems, apps can refresh without waiting for restarts + required by essential snaps + - Ship snap-debug-info.sh script used for system diagnostics + - Improve error messages when attempting to run non-existent snap + - Switch to -u UID:GID for strace-static + - Support enabling snapd logging with snap set system + debug.snapd.{log,log-level} + - Add options system.coredump.enable and system.coredump.maxuse to + support using systemd-coredump on Ubuntu Core + - Provide documentation URL for 'snap interface ' + - Fix restarting activated services instead of their activator units + (i.e. sockets, timers) + - Fix potential unexpected auto-refresh of snap on managed schedule + - Fix potential segfault by guarding against kernel command-line + changes on classic system + - Fix proxy entries in /etc/environment with missing newline that + caused later manual entries to not be usable + - Fix offline remodelling by ignoring prerequisites that will + otherwise be downloaded from store + - Fix devmode seccomp deny regression that caused spamming the log + instead of actual denies + - Fix snap lock leak during refresh + - Fix not re-pinning validation sets that were already pinned when + enforcing new validation sets + - Fix handling of unexpected snapd runtime failure + - Fix /v2/notices REST API skipping notices with duplicate + timestamps + - Fix comparing systemd versions that may contain pre-release + suffixes + - Fix udev potentially starting before snap-device-helper is made + available + - Fix race in snap seed metadata loading + - Fix treating cloud-init exit status 2 as error + - Fix to prevent sending refresh complete notification if snap snap- + refresh-observe interface is connected + - Fix to queue snapctl service commands if run from the default- + configure hook to ensure they get up-to-date config values + - Fix stop service failure when the service is not actually running + anymore + - Fix parsing /proc/PID/mounts with spaces + - Add registry interface that provides snaps access to a particular + registry view + - Add snap-interfaces-requests-control interface to enable prompting + client snaps + - steam-support interface: remove all AppArmor and seccomp + restrictions to improve user experience + - opengl interface: improve compatibility with nvidia drivers + - home interface: autoconnect home on Ubuntu Core Desktop + - serial-port interface: support RPMsg tty + - display-control interface: allow changing LVDS backlight power and + brightness + - power-control interface: support for battery charging thesholds, + type/status and AC type/status + - cpu-control interface: allow CPU C-state control + - raw-usb interface: support RPi5 and Thinkpad x13s + - custom-device interface: allow device file locking + - lxd-support interface: allow LXD to self-manage its own cgroup + - network-manager interface: support MPTCP sockets + - network-control interface: allow plug/slot access to gnutls config + and systemd resolved cache flushing via D-Bus + - network-control interface: allow wpa_supplicant dbus api + - gpio-control interface: support gpiochip* devices + - polkit interface: fix "rw" mount option check + - u2f-devices interface: enable additional security keys + - desktop interface: enable kde theming support + + -- Ernest Lotter Wed, 21 Aug 2024 18:25:53 +0200 + snapd (2.64~14.04) trusty; urgency=medium * New upstream release, LP: #2072986 diff --git a/packaging/ubuntu-16.04/changelog b/packaging/ubuntu-16.04/changelog index 417795d47c9..8f2b03df693 100644 --- a/packaging/ubuntu-16.04/changelog +++ b/packaging/ubuntu-16.04/changelog @@ -1,3 +1,146 @@ +snapd (2.65) xenial; urgency=medium + + * New upstream release, LP: #2077473 + - Support building snapd using base Core22 (Snapcraft 8.x) + - FIPS: support building FIPS complaint snapd variant that switches + to FIPS mode when the system boots with FIPS enabled + - AppArmor: update to latest 4.0.2 release + - AppArmor: enable using ABI 4.0 from host parser + - AppArmor: fix parser lookup + - AppArmor: support AppArmor snippet priorities + - AppArmor: allow reading cgroup memory.max file + - AppArmor: allow using snap-exec coming from the snapd snap when + starting a confined process with jailmode + - AppArmor prompting (experimental): add checks for prompting + support, include prompting status in system key, and restart snapd + if prompting flag changes + - AppArmor prompting (experimental): include prompt prefix in + AppArmor rules if prompting is supported and enabled + - AppArmor prompting (experimental): add common types, constraints, + and mappings from AppArmor permissions to abstract permissions + - AppArmor prompting (experimental): add path pattern parsing and + matching + - AppArmor prompting (experimental): add path pattern precedence + based on specificity + - AppArmor prompting (experimental): add packages to manage + outstanding request prompts and rules + - AppArmor prompting (experimental): add prompting API and notice + types, which require snap-interfaces-requests-control interface + - AppArmor prompting (experimental): feature flag can only be + enabled if prompting is supported, handler service connected, and + the service can be started + - Registry views (experimental): rename from aspects to registries + - Registry views (experimental): support reading registry views and + setting/unsetting registry data using snapctl + - Registry views (experimental): fetch and refresh registry + assertions as needed + - Registry views (experimental): restrict view paths from using a + number as first character and view names to storage path style + patterns + - Snap components: support installing snaps and components from + files at the same time (no REST API/CLI) + - Snap components: support downloading components related assertions + from the store + - Snap components: support installing components from the store + - Snap components: support removing components individually and + during snap removal + - Snap components: support kernel modules as components + - Snap components: support for component install, pre-refresh and + post-refresh hooks + - Snap components: initial support for building systems that contain + components + - Refresh app awareness (experimental): add data field for + /v2/changes REST API to allow associating each task with affected + snaps + - Refresh app awareness (experimental): use the app name from + .desktop file in notifications + - Refresh app awareness (experimental): give snap-refresh-observe + interface access to /v2/snaps/{name} endpoint + - Improve snap-confine compatibility with nvidia drivers + - Allow re-exec when SNAP_REEXEC is set for unlisted distros to + simplify testing + - Allow mixing revision and channel on snap install + - Generate GNU build ID for Go binaries + - Add missing etelpmoc.sh for shell completion + - Do not attempt to run snapd on classic when re-exec is disabled + - Packaging/build maintenance for Debian sid, Fedora, Arch, openSuse + - Add snap debug API command to enable running raw queries + - Enable snap-confine snap mount directory detection + - Replace global seccomp filter with deny rules in standard seccomp + template + - Remove support for Ubuntu Core Launcher (superseded by snap- + confine) + - Support creating pending serial bound users after serial assertion + becomes available + - Support disabling cloud-init using kernel command-line + - In hybrid systems, apps can refresh without waiting for restarts + required by essential snaps + - Ship snap-debug-info.sh script used for system diagnostics + - Improve error messages when attempting to run non-existent snap + - Switch to -u UID:GID for strace-static + - Support enabling snapd logging with snap set system + debug.snapd.{log,log-level} + - Add options system.coredump.enable and system.coredump.maxuse to + support using systemd-coredump on Ubuntu Core + - Provide documentation URL for 'snap interface ' + - Fix restarting activated services instead of their activator units + (i.e. sockets, timers) + - Fix potential unexpected auto-refresh of snap on managed schedule + - Fix potential segfault by guarding against kernel command-line + changes on classic system + - Fix proxy entries in /etc/environment with missing newline that + caused later manual entries to not be usable + - Fix offline remodelling by ignoring prerequisites that will + otherwise be downloaded from store + - Fix devmode seccomp deny regression that caused spamming the log + instead of actual denies + - Fix snap lock leak during refresh + - Fix not re-pinning validation sets that were already pinned when + enforcing new validation sets + - Fix handling of unexpected snapd runtime failure + - Fix /v2/notices REST API skipping notices with duplicate + timestamps + - Fix comparing systemd versions that may contain pre-release + suffixes + - Fix udev potentially starting before snap-device-helper is made + available + - Fix race in snap seed metadata loading + - Fix treating cloud-init exit status 2 as error + - Fix to prevent sending refresh complete notification if snap snap- + refresh-observe interface is connected + - Fix to queue snapctl service commands if run from the default- + configure hook to ensure they get up-to-date config values + - Fix stop service failure when the service is not actually running + anymore + - Fix parsing /proc/PID/mounts with spaces + - Add registry interface that provides snaps access to a particular + registry view + - Add snap-interfaces-requests-control interface to enable prompting + client snaps + - steam-support interface: remove all AppArmor and seccomp + restrictions to improve user experience + - opengl interface: improve compatibility with nvidia drivers + - home interface: autoconnect home on Ubuntu Core Desktop + - serial-port interface: support RPMsg tty + - display-control interface: allow changing LVDS backlight power and + brightness + - power-control interface: support for battery charging thesholds, + type/status and AC type/status + - cpu-control interface: allow CPU C-state control + - raw-usb interface: support RPi5 and Thinkpad x13s + - custom-device interface: allow device file locking + - lxd-support interface: allow LXD to self-manage its own cgroup + - network-manager interface: support MPTCP sockets + - network-control interface: allow plug/slot access to gnutls config + and systemd resolved cache flushing via D-Bus + - network-control interface: allow wpa_supplicant dbus api + - gpio-control interface: support gpiochip* devices + - polkit interface: fix "rw" mount option check + - u2f-devices interface: enable additional security keys + - desktop interface: enable kde theming support + + -- Ernest Lotter Wed, 21 Aug 2024 18:25:53 +0200 + snapd (2.64) xenial; urgency=medium * New upstream release, LP: #2072986 From f8fb716f9945f307d2e1e9c719ccbb145a64b39e Mon Sep 17 00:00:00 2001 From: Oliver Calder Date: Thu, 22 Aug 2024 11:35:44 -0500 Subject: [PATCH 08/12] Revert "o/i/apparmorprompting: record notices in goroutines (#14405)" This reverts commit 2c10f5c0491aa3825d6ff6cc08f02f60106726e2. Signed-off-by: Oliver Calder --- .../ifacestate/apparmorprompting/prompting.go | 32 ++--- .../apparmorprompting/prompting_test.go | 130 ++++-------------- .../task.yaml | 69 ---------- 3 files changed, 36 insertions(+), 195 deletions(-) delete mode 100644 tests/main/apparmor-prompting-snapd-startup/task.yaml diff --git a/overlord/ifacestate/apparmorprompting/prompting.go b/overlord/ifacestate/apparmorprompting/prompting.go index 541bdd42016..e5754374885 100644 --- a/overlord/ifacestate/apparmorprompting/prompting.go +++ b/overlord/ifacestate/apparmorprompting/prompting.go @@ -79,34 +79,26 @@ type InterfacesRequestsManager struct { func New(s *state.State) (m *InterfacesRequestsManager, retErr error) { notifyPrompt := func(userID uint32, promptID prompting.IDType, data map[string]string) error { + // TODO: add some sort of queue so that notifyPrompt calls can return + // quickly without waiting for state lock and AddNotice() to return. + s.Lock() + defer s.Unlock() options := state.AddNoticeOptions{ Data: data, - // TODO: guarantee order by passing in the current time and ensuring - // that the notices backend keeps notice data from the AddNotice - // call with the most recent Time field. - // Time: time.Now(), } - go func() { - s.Lock() - defer s.Unlock() - s.AddNotice(&userID, state.InterfacesRequestsPromptNotice, promptID.String(), &options) - }() - return nil + _, err := s.AddNotice(&userID, state.InterfacesRequestsPromptNotice, promptID.String(), &options) + return err } notifyRule := func(userID uint32, ruleID prompting.IDType, data map[string]string) error { + // TODO: add some sort of queue so that notifyRule calls can return + // quickly without waiting for state lock and AddNotice() to return. + s.Lock() + defer s.Unlock() options := state.AddNoticeOptions{ Data: data, - // TODO: guarantee order by passing in the current time and ensuring - // that the notices backend keeps notice data from the AddNotice - // call with the most recent Time field. - // Time: time.Now(), } - go func() { - s.Lock() - defer s.Unlock() - s.AddNotice(&userID, state.InterfacesRequestsRuleUpdateNotice, ruleID.String(), &options) - }() - return nil + _, err := s.AddNotice(&userID, state.InterfacesRequestsRuleUpdateNotice, ruleID.String(), &options) + return err } listenerBackend, err := listenerRegister() diff --git a/overlord/ifacestate/apparmorprompting/prompting_test.go b/overlord/ifacestate/apparmorprompting/prompting_test.go index 3b28117607e..74ac14256f7 100644 --- a/overlord/ifacestate/apparmorprompting/prompting_test.go +++ b/overlord/ifacestate/apparmorprompting/prompting_test.go @@ -71,8 +71,6 @@ func (s *apparmorpromptingSuite) TestNew(c *C) { _, _, restore := apparmorprompting.MockListener() defer restore() - s.st.Lock() - defer s.st.Unlock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, IsNil) @@ -87,8 +85,6 @@ func (s *apparmorpromptingSuite) TestNewErrorListener(c *C) { }) defer restore() - s.st.Lock() - defer s.st.Unlock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, ErrorMatches, fmt.Sprintf("cannot register prompting listener: %v", registerFailure)) c.Assert(mgr, IsNil) @@ -106,8 +102,6 @@ func (s *apparmorpromptingSuite) TestNewErrorPromptDB(c *C) { c.Assert(f.Chmod(0o400), IsNil) defer f.Chmod(0o600) - s.st.Lock() - defer s.st.Unlock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, ErrorMatches, "cannot open request prompts backend:.*") c.Assert(mgr, IsNil) @@ -137,8 +131,6 @@ func (s *apparmorpromptingSuite) TestNewErrorRuleDB(c *C) { c.Assert(f.Chmod(0o400), IsNil) defer f.Chmod(0o600) - s.st.Lock() - defer s.st.Unlock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, ErrorMatches, "cannot open request rules backend:.*") c.Assert(mgr, IsNil) @@ -155,8 +147,6 @@ func (s *apparmorpromptingSuite) TestStop(c *C) { reqChan, _, restore := apparmorprompting.MockListener() defer restore() - s.st.Lock() - defer s.st.Unlock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, IsNil) @@ -182,10 +172,8 @@ func (s *apparmorpromptingSuite) TestHandleListenerRequestDenyRoot(c *C) { reqChan, replyChan, restore := apparmorprompting.MockListener() defer restore() - s.st.Lock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, IsNil) - s.st.Unlock() // Send request for root req := &listener.Request{ @@ -199,8 +187,6 @@ func (s *apparmorpromptingSuite) TestHandleListenerRequestDenyRoot(c *C) { c.Check(resp.Request, Equals, req) c.Check(resp.AllowedPermission, Equals, nil) - s.st.Lock() - defer s.st.Unlock() c.Assert(mgr.Stop(), IsNil) } @@ -211,10 +197,8 @@ func (s *apparmorpromptingSuite) TestHandleListenerRequestErrors(c *C) { logbuf, restore := logger.MockLogger() defer restore() - s.st.Lock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, IsNil) - s.st.Unlock() prompts, err := mgr.Prompts(s.defaultUser) c.Check(err, IsNil) @@ -272,8 +256,6 @@ func (s *apparmorpromptingSuite) TestHandleListenerRequestErrors(c *C) { " WARNING: too many outstanding prompts for user 1000; auto-denying new one\n") }) - s.st.Lock() - defer s.st.Unlock() c.Assert(mgr.Stop(), IsNil) } @@ -281,10 +263,8 @@ func (s *apparmorpromptingSuite) TestHandleReplySimple(c *C) { reqChan, replyChan, restore := apparmorprompting.MockListener() defer restore() - s.st.Lock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, IsNil) - s.st.Unlock() req, prompt := s.simulateRequest(c, reqChan, mgr, &listener.Request{}, false) @@ -306,8 +286,6 @@ func (s *apparmorpromptingSuite) TestHandleReplySimple(c *C) { c.Check(err, IsNil) c.Check(resp.AllowedPermission, Equals, aaPerms) - s.st.Lock() - defer s.st.Unlock() c.Assert(mgr.Stop(), IsNil) } @@ -333,7 +311,16 @@ func (s *apparmorpromptingSuite) simulateRequest(c *C, reqChan chan *listener.Re logger.WithLoggerLock(func() { c.Assert(logbuf.String(), Equals, "") }) // which should generate a notice - s.checkRecordedPromptNotices(c, whenSent, 1) + s.st.Lock() + ctx, cancel := context.WithTimeout(context.Background(), time.Second) + defer cancel() + n, err := s.st.WaitNotices(ctx, &state.NoticeFilter{ + Types: []state.NoticeType{state.InterfacesRequestsPromptNotice}, + After: whenSent, + }) + s.st.Unlock() + c.Check(err, IsNil) + c.Check(n, HasLen, 1) // Check prompts now prompts, err = mgr.Prompts(s.defaultUser) @@ -414,10 +401,8 @@ func (s *apparmorpromptingSuite) TestHandleReplyErrors(c *C) { reqChan, replyChan, restore := apparmorprompting.MockListener() defer restore() - s.st.Lock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, IsNil) - s.st.Unlock() _, prompt := s.simulateRequest(c, reqChan, mgr, &listener.Request{}, false) @@ -476,8 +461,6 @@ func (s *apparmorpromptingSuite) TestHandleReplyErrors(c *C) { _, err = waitForReply(replyChan) c.Assert(err, NotNil) - s.st.Lock() - defer s.st.Unlock() c.Assert(mgr.Stop(), IsNil) } @@ -485,10 +468,8 @@ func (s *apparmorpromptingSuite) TestExistingRuleAllowsNewPrompt(c *C) { reqChan, replyChan, restore := apparmorprompting.MockListener() defer restore() - s.st.Lock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, IsNil) - s.st.Unlock() // Add allow rule to match read permission constraints := &prompting.Constraints{ @@ -531,54 +512,35 @@ func (s *apparmorpromptingSuite) TestExistingRuleAllowsNewPrompt(c *C) { c.Assert(err, IsNil) c.Check(resp.AllowedPermission, DeepEquals, expectedPermissions) - s.st.Lock() - defer s.st.Unlock() c.Assert(mgr.Stop(), IsNil) } func (s *apparmorpromptingSuite) checkRecordedPromptNotices(c *C, since time.Time, count int) { - s.checkRecordedNotices(c, state.InterfacesRequestsPromptNotice, since, count) + s.st.Lock() + n := s.st.Notices(&state.NoticeFilter{ + Types: []state.NoticeType{state.InterfacesRequestsPromptNotice}, + After: since, + }) + s.st.Unlock() + c.Check(n, HasLen, count) } func (s *apparmorpromptingSuite) checkRecordedRuleUpdateNotices(c *C, since time.Time, count int) { - s.checkRecordedNotices(c, state.InterfacesRequestsRuleUpdateNotice, since, count) -} - -func (s *apparmorpromptingSuite) checkRecordedNotices(c *C, noticeType state.NoticeType, since time.Time, count int) { - timeout := time.Second - if count == 0 { - // Don't wait so long if we don't expect any notices - timeout = 100 * time.Millisecond - } - receivedCount := 0 - for count == 0 || receivedCount < count { - s.st.Lock() - ctx, cancel := context.WithTimeout(context.Background(), timeout) - defer cancel() - n, err := s.st.WaitNotices(ctx, &state.NoticeFilter{ - Types: []state.NoticeType{noticeType}, - After: since, - }) - s.st.Unlock() - if count == 0 { - c.Assert(err, NotNil) - c.Assert(n, HasLen, 0) - return - } - c.Assert(err, IsNil) - c.Assert(n, Not(HasLen), 0) - receivedCount += len(n) - } + s.st.Lock() + n := s.st.Notices(&state.NoticeFilter{ + Types: []state.NoticeType{state.InterfacesRequestsRuleUpdateNotice}, + After: since, + }) + s.st.Unlock() + c.Check(n, HasLen, count) } func (s *apparmorpromptingSuite) TestExistingRulePartiallyAllowsNewPrompt(c *C) { reqChan, _, restore := apparmorprompting.MockListener() defer restore() - s.st.Lock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, IsNil) - s.st.Unlock() // Add rule to match read permission constraints := &prompting.Constraints{ @@ -599,8 +561,6 @@ func (s *apparmorpromptingSuite) TestExistingRulePartiallyAllowsNewPrompt(c *C) // Check that prompt was created for remaining "write" permission c.Check(prompt.Constraints.RemainingPermissions(), DeepEquals, []string{"write"}) - s.st.Lock() - defer s.st.Unlock() c.Assert(mgr.Stop(), IsNil) } @@ -608,10 +568,8 @@ func (s *apparmorpromptingSuite) TestExistingRulePartiallyDeniesNewPrompt(c *C) reqChan, replyChan, restore := apparmorprompting.MockListener() defer restore() - s.st.Lock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, IsNil) - s.st.Unlock() // Add deny rule to match read permission constraints := &prompting.Constraints{ @@ -646,8 +604,6 @@ func (s *apparmorpromptingSuite) TestExistingRulePartiallyDeniesNewPrompt(c *C) c.Check(resp.Request, Equals, req) c.Check(resp.AllowedPermission, DeepEquals, notify.FilePermission(0)) - s.st.Lock() - defer s.st.Unlock() c.Assert(mgr.Stop(), IsNil) } @@ -655,10 +611,8 @@ func (s *apparmorpromptingSuite) TestExistingRulesMixedMatchNewPromptDenies(c *C reqChan, replyChan, restore := apparmorprompting.MockListener() defer restore() - s.st.Lock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, IsNil) - s.st.Unlock() // Add deny rule to match read permission constraints := &prompting.Constraints{ @@ -706,8 +660,6 @@ func (s *apparmorpromptingSuite) TestExistingRulesMixedMatchNewPromptDenies(c *C c.Assert(err, IsNil) c.Check(resp.AllowedPermission, DeepEquals, expectedPermissions) - s.st.Lock() - defer s.st.Unlock() c.Assert(mgr.Stop(), IsNil) } @@ -715,10 +667,8 @@ func (s *apparmorpromptingSuite) TestNewRuleAllowExistingPrompt(c *C) { reqChan, replyChan, restore := apparmorprompting.MockListener() defer restore() - s.st.Lock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, IsNil) - s.st.Unlock() // Add read request readReq := &listener.Request{ @@ -783,8 +733,6 @@ func (s *apparmorpromptingSuite) TestNewRuleAllowExistingPrompt(c *C) { s.checkRecordedPromptNotices(c, whenSent, 2) s.checkRecordedRuleUpdateNotices(c, whenSent, 1) - s.st.Lock() - defer s.st.Unlock() c.Assert(mgr.Stop(), IsNil) } @@ -792,10 +740,8 @@ func (s *apparmorpromptingSuite) TestNewRuleDenyExistingPrompt(c *C) { reqChan, replyChan, restore := apparmorprompting.MockListener() defer restore() - s.st.Lock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, IsNil) - s.st.Unlock() // Add read request readReq := &listener.Request{ @@ -852,8 +798,6 @@ func (s *apparmorpromptingSuite) TestNewRuleDenyExistingPrompt(c *C) { s.checkRecordedPromptNotices(c, whenSent, 2) s.checkRecordedRuleUpdateNotices(c, whenSent, 1) - s.st.Lock() - defer s.st.Unlock() c.Assert(mgr.Stop(), IsNil) } @@ -861,10 +805,8 @@ func (s *apparmorpromptingSuite) TestReplyNewRuleHandlesExistingPrompt(c *C) { reqChan, replyChan, restore := apparmorprompting.MockListener() defer restore() - s.st.Lock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, IsNil) - s.st.Unlock() // Already tested HandleReply errors, and that applyRuleToOutstandingPrompts // works correctly, so now just need to test that if reply creates a rule, @@ -928,8 +870,6 @@ func (s *apparmorpromptingSuite) TestReplyNewRuleHandlesExistingPrompt(c *C) { s.checkRecordedPromptNotices(c, whenSent, 2) s.checkRecordedRuleUpdateNotices(c, whenSent, 1) - s.st.Lock() - defer s.st.Unlock() c.Assert(mgr.Stop(), IsNil) } @@ -958,10 +898,8 @@ func (s *apparmorpromptingSuite) testReplyRuleHandlesFuturePrompts(c *C, outcome reqChan, replyChan, restore := apparmorprompting.MockListener() defer restore() - s.st.Lock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, IsNil) - s.st.Unlock() // Already tested HandleReply errors, and that applyRuleToOutstandingPrompts // works correctly, so now just need to test that if reply creates a rule, @@ -1049,8 +987,6 @@ func (s *apparmorpromptingSuite) testReplyRuleHandlesFuturePrompts(c *C, outcome // Check that no notices were recorded s.checkRecordedPromptNotices(c, whenSent, 0) - s.st.Lock() - defer s.st.Unlock() c.Assert(mgr.Stop(), IsNil) } @@ -1058,10 +994,8 @@ func (s *apparmorpromptingSuite) TestRequestMerged(c *C) { reqChan, _, restore := apparmorprompting.MockListener() defer restore() - s.st.Lock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, IsNil) - s.st.Unlock() // Requests with identical *original* abstract permissions are merged into // the existing prompt @@ -1100,8 +1034,6 @@ func (s *apparmorpromptingSuite) TestRequestMerged(c *C) { } s.simulateRequest(c, reqChan, mgr, readReq, false) - s.st.Lock() - defer s.st.Unlock() c.Assert(mgr.Stop(), IsNil) } @@ -1130,17 +1062,13 @@ func (s *apparmorpromptingSuite) TestRules(c *C) { c.Check(err, IsNil) c.Check(snapIfaceRules, DeepEquals, []*requestrules.Rule{rules[0]}) - s.st.Lock() - defer s.st.Unlock() c.Assert(mgr.Stop(), IsNil) } func (s *apparmorpromptingSuite) prepManagerWithRules(c *C) (mgr *apparmorprompting.InterfacesRequestsManager, rules []*requestrules.Rule) { var err error - s.st.Lock() mgr, err = apparmorprompting.New(s.st) c.Assert(err, IsNil) - s.st.Unlock() whenAdded := time.Now() @@ -1210,8 +1138,6 @@ func (s *apparmorpromptingSuite) TestRemoveRulesInterface(c *C) { c.Check(userRules, DeepEquals, rules[2:3]) s.checkRecordedRuleUpdateNotices(c, whenRemoved, 2) - s.st.Lock() - defer s.st.Unlock() c.Assert(mgr.Stop(), IsNil) } @@ -1235,8 +1161,6 @@ func (s *apparmorpromptingSuite) TestRemoveRulesSnap(c *C) { c.Check(userRules, DeepEquals, rules[1:2]) s.checkRecordedRuleUpdateNotices(c, whenRemoved, 2) - s.st.Lock() - defer s.st.Unlock() c.Assert(mgr.Stop(), IsNil) } @@ -1260,8 +1184,6 @@ func (s *apparmorpromptingSuite) TestRemoveRulesSnapInterface(c *C) { c.Check(userRules, DeepEquals, rules[1:3]) s.checkRecordedRuleUpdateNotices(c, whenRemoved, 1) - s.st.Lock() - defer s.st.Unlock() c.Assert(mgr.Stop(), IsNil) } @@ -1269,10 +1191,8 @@ func (s *apparmorpromptingSuite) TestAddRuleWithIDPatchRemove(c *C) { reqChan, replyChan, restore := apparmorprompting.MockListener() defer restore() - s.st.Lock() mgr, err := apparmorprompting.New(s.st) c.Assert(err, IsNil) - s.st.Unlock() // Add read request req := &listener.Request{ @@ -1341,7 +1261,5 @@ func (s *apparmorpromptingSuite) TestAddRuleWithIDPatchRemove(c *C) { c.Assert(err, IsNil) c.Assert(rules, HasLen, 0) - s.st.Lock() - defer s.st.Unlock() c.Assert(mgr.Stop(), IsNil) } diff --git a/tests/main/apparmor-prompting-snapd-startup/task.yaml b/tests/main/apparmor-prompting-snapd-startup/task.yaml deleted file mode 100644 index 9bdadce6dbe..00000000000 --- a/tests/main/apparmor-prompting-snapd-startup/task.yaml +++ /dev/null @@ -1,69 +0,0 @@ -summary: Check that snapd successfully starts with AppArmor prompting enabled - -details: | - When snapd starts up with the AppArmor prompting flag enabled, it attempts - to load any existing rules from disk and records notices for them, expiring - any rules which have expiration timestamps in the past. This test checks - that snapd can successfully start with prompting enabled, and that it can - load and expire rules and record notices appropriately. - -systems: - - ubuntu-2* - -prepare: | - # prerequisite for having a prompt handler service - snap set system experimental.user-daemons=true - "$TESTSTOOLS"/snaps-state install-local test-snapd-prompt-handler - snap connect test-snapd-prompt-handler:snap-interfaces-requests-control - -execute: | - RULES_PATH="/var/lib/snapd/interfaces-requests/request-rules.json" - - echo "Write two rules to disk, one of which is expired" - mkdir -p "$(dirname $RULES_PATH)" - echo '{"rules":[{"id":"0000000000000002","timestamp":"2004-10-20T14:05:08.901174186-05:00","user":1000,"snap":"shellcheck","interface":"home","constraints":{"path-pattern":"/home/test/Projects/**","permissions":["read"]},"outcome":"allow","lifespan":"forever","expiration":"0001-01-01T00:00:00Z"},{"id":"0000000000000003","timestamp":"2004-10-20T16:47:32.138415627-05:00","user":1000,"snap":"firefox","interface":"home","constraints":{"path-pattern":"/home/test/Downloads/**","permissions":["read","write"]},"outcome":"allow","lifespan":"timespan","expiration":"2005-04-08T00:00:00Z"}]}' | tee "$RULES_PATH" - - # Prompting is disabled everywhere but the Ubuntu systems - # TODO: on Ubuntu releases < 24.04 we need the snapd snap for testing - if ! os.query is-ubuntu || os.query is-ubuntu-lt 24.04 || os.query is-core ; then - not snap set system experimental.apparmor-prompting=true >& err.out - if os.query is-core; then - # there is a more specific error on Ubuntu Core - MATCH "cannot enable prompting feature as it is not supported on Ubuntu Core systems" < err.out - else - MATCH "cannot enable prompting feature as it is not supported by the system" < err.out - fi - # even if unsupported setting it to false should succeed - snap set system experimental.apparmor-prompting=false - exit 0 - fi - - CURRTIME="$(date --rcf3339=ns | tr -s ' ' 'T')" - - # Wait a second to make sure any notices are recorded after CURRTIME - sleep 1 - - echo "Enable AppArmor prompting experimental feature" - snap set system experimental.apparmor-prompting=true - - # Wait for snapd to begin restart - sleep 5 - - echo "Check that snapd is able to start up" - retry --wait 1 -n 60 systemctl is-active snapd - - # Write expected rules after the expired rule has been removed - echo '{"rules":[{"id":"0000000000000002","timestamp":"2004-10-20T14:05:08.901174186-05:00","user":1000,"snap":"shellcheck","interface":"home","constraints":{"path-pattern":"/home/test/Projects/**","permissions":["read"]},"outcome":"allow","lifespan":"forever","expiration":"0001-01-01T00:00:00Z"}]}' | jq | tee expected.json - # Parse existing rules through jq so they can be compared - jq < "$RULES_PATH" > current.json - - echo "Check that rules on disk match what is expected" - diff expected.json current.json - - echo "Check that we received two notices" - snap debug api "/v2/notices?after=$CURRTIME&types=interfaces-requests-rule-update&user-id=1000" | jq '.result | length' | MATCH 2 - snap debug api "/v2/notices?after=$CURRTIME&types=interfaces-requests-rule-update&user-id=1000" | jq '.result' | grep -c '"removed": "expired"' | MATCH 1 - - echo "Check that only the former rule is still valid (must be done with UID 1000)" - sudo -iu '#1000' snap debug api /v2/interfaces/requests/rules | jq '.result | length' | MATCH 1 - sudo -iu '#1000' snap debug api /v2/interfaces/requests/rules | jq '.result.[0].id' | MATCH "0000000000000002" From cc4c223092e424ce268c494f9a26d5343b3437c9 Mon Sep 17 00:00:00 2001 From: Oliver Calder Date: Thu, 22 Aug 2024 11:57:47 -0500 Subject: [PATCH 09/12] o/ifacestate: do not hold state lock while starting interfaces requests manager Signed-off-by: Oliver Calder o/ifacestate: test state lock during interfaces requests manager startup Signed-off-by: Oliver Calder tests: add test of snapd startup with apparmor prompting enabled Signed-off-by: Oliver Calder tests: check that snapd successfully shuts down and restarts with prompting enabled Signed-off-by: Oliver Calder tests: fix formatting of after arg in prompting notices query Signed-off-by: Oliver Calder --- overlord/ifacestate/ifacemgr.go | 28 +++-- overlord/ifacestate/ifacestate_test.go | 8 ++ .../task.yaml | 102 ++++++++++++++++++ 3 files changed, 130 insertions(+), 8 deletions(-) create mode 100644 tests/main/apparmor-prompting-snapd-startup/task.yaml diff --git a/overlord/ifacestate/ifacemgr.go b/overlord/ifacestate/ifacemgr.go index 5dc8c7d746b..b8c549d40da 100644 --- a/overlord/ifacestate/ifacemgr.go +++ b/overlord/ifacestate/ifacemgr.go @@ -205,14 +205,20 @@ func (m *InterfaceManager) StartUp() error { } if m.useAppArmorPrompting { - if err := m.initInterfacesRequestsManager(); err != nil { - // TODO: if this fails, set useAppArmorPromptingValue to false ? - // If this is done before profilesNeedRegeneration, then profiles will only - // be regenerated if prompting is newly supported and the backends were - // successfully created. - // TODO: also set "apparmor-prompting" flag to false? - logger.Noticef("failed to start interfaces requests manager: %v", err) - } + func() { + // Must not hold state lock while starting interfaces requests + // manager, so that notices can be recorded if needed. + m.state.Unlock() + defer m.state.Lock() + if err := m.initInterfacesRequestsManager(); err != nil { + // TODO: if this fails, set useAppArmorPromptingValue to false ? + // If this is done before profilesNeedRegeneration, then profiles will only + // be regenerated if prompting is newly supported and the backends were + // successfully created. + // TODO: also set "apparmor-prompting" flag to false? + logger.Noticef("failed to start interfaces requests manager: %v", err) + } + }() } if m.profilesNeedRegeneration() { if err := m.regenerateAllSecurityProfiles(perfTimings); err != nil { @@ -273,6 +279,9 @@ func (m *InterfaceManager) Ensure() error { // if running. func (m *InterfaceManager) Stop() { m.stopUDevMon() + // The state lock is not held when calling any of the manager methods + // driven by StateEngine. Thus, it is okay for stopInterfacesRequestsManager + // to acquire the state lock in order to record notices, if needed. m.stopInterfacesRequestsManager() } @@ -291,6 +300,9 @@ func (m *InterfaceManager) stopUDevMon() { m.udevMon = nil } +// interfacesRequestsManagerStop calls stop on the given manager. The state lock +// must not be held while this function is called, as the manager may need to +// record notices while it is stopping. var interfacesRequestsManagerStop = func(interfacesRequestsManager *apparmorprompting.InterfacesRequestsManager) error { return interfacesRequestsManager.Stop() } diff --git a/overlord/ifacestate/ifacestate_test.go b/overlord/ifacestate/ifacestate_test.go index 6836cec88e8..c432a088463 100644 --- a/overlord/ifacestate/ifacestate_test.go +++ b/overlord/ifacestate/ifacestate_test.go @@ -378,12 +378,20 @@ func (s *interfaceManagerSuite) TestSmokeAppArmorPromptingEnabled(c *C) { fakeManager := &apparmorprompting.InterfacesRequestsManager{} restore = ifacestate.MockCreateInterfacesRequestsManager(func(s *state.State) (*apparmorprompting.InterfacesRequestsManager, error) { createCount++ + // InterfacesRequestsManager may record notices during creation, so + // simulate it acquiring the state lock to do so. + s.Lock() + defer s.Unlock() return fakeManager, nil }) defer restore() stopCount := 0 restore = ifacestate.MockInterfacesRequestsManagerStop(func(m *apparmorprompting.InterfacesRequestsManager) error { stopCount++ + // InterfacesRequestsManager may record notices while stopping, so + // simulate it acquiring the state lock to do so. + s.state.Lock() + defer s.state.Unlock() return nil }) defer restore() diff --git a/tests/main/apparmor-prompting-snapd-startup/task.yaml b/tests/main/apparmor-prompting-snapd-startup/task.yaml new file mode 100644 index 00000000000..be8afb78c59 --- /dev/null +++ b/tests/main/apparmor-prompting-snapd-startup/task.yaml @@ -0,0 +1,102 @@ +summary: Check that snapd successfully starts with AppArmor prompting enabled + +details: | + When snapd starts up with the AppArmor prompting flag enabled, it attempts + to load any existing rules from disk and records notices for them, expiring + any rules which have expiration timestamps in the past. This test checks + that snapd can successfully start with prompting enabled, and that it can + load and expire rules and record notices appropriately. + +systems: + - ubuntu-2* + +prepare: | + # prerequisite for having a prompt handler service + snap set system experimental.user-daemons=true + "$TESTSTOOLS"/snaps-state install-local test-snapd-prompt-handler + snap connect test-snapd-prompt-handler:snap-interfaces-requests-control + +execute: | + RULES_PATH="/var/lib/snapd/interfaces-requests/request-rules.json" + + echo "Write two rules to disk, one of which is expired" + mkdir -p "$(dirname $RULES_PATH)" + echo '{"rules":[{"id":"0000000000000002","timestamp":"2004-10-20T14:05:08.901174186-05:00","user":1000,"snap":"shellcheck","interface":"home","constraints":{"path-pattern":"/home/test/Projects/**","permissions":["read"]},"outcome":"allow","lifespan":"forever","expiration":"0001-01-01T00:00:00Z"},{"id":"0000000000000003","timestamp":"2004-10-20T16:47:32.138415627-05:00","user":1000,"snap":"firefox","interface":"home","constraints":{"path-pattern":"/home/test/Downloads/**","permissions":["read","write"]},"outcome":"allow","lifespan":"timespan","expiration":"2005-04-08T00:00:00Z"}]}' | tee "$RULES_PATH" + + # Prompting is disabled everywhere but the Ubuntu systems + # TODO: on Ubuntu releases < 24.04 we need the snapd snap for testing + if ! os.query is-ubuntu || os.query is-ubuntu-lt 24.04 || os.query is-core ; then + not snap set system experimental.apparmor-prompting=true >& err.out + if os.query is-core; then + # there is a more specific error on Ubuntu Core + MATCH "cannot enable prompting feature as it is not supported on Ubuntu Core systems" < err.out + else + MATCH "cannot enable prompting feature as it is not supported by the system" < err.out + fi + # even if unsupported setting it to false should succeed + snap set system experimental.apparmor-prompting=false + exit 0 + fi + + CURRTIME="$(date --rfc-3339=ns --utc | tr ' ' 'T' | sed 's/\+00:00/Z/')" + + # Wait a second to make sure any notices are recorded after CURRTIME + sleep 1 + + echo "Enable AppArmor prompting experimental feature" + snap set system experimental.apparmor-prompting=true + + # Wait for snapd to begin restart + sleep 5 + + echo "Check that snapd is able to start up" + retry --wait 1 -n 60 systemctl is-active snapd + + echo "Check that apparmor prompting is supported and enabled" + snap debug api "/v2/system-info" | jq '.result.features."apparmor-prompting".supported' | MATCH true + snap debug api "/v2/system-info" | jq '.result.features."apparmor-prompting".enabled' | MATCH true + + # Write expected rules after the expired rule has been removed + echo '{"rules":[{"id":"0000000000000002","timestamp":"2004-10-20T14:05:08.901174186-05:00","user":1000,"snap":"shellcheck","interface":"home","constraints":{"path-pattern":"/home/test/Projects/**","permissions":["read"]},"outcome":"allow","lifespan":"forever","expiration":"0001-01-01T00:00:00Z"}]}' | jq | tee expected.json + # Parse existing rules through jq so they can be compared + jq < "$RULES_PATH" > current.json + + echo "Check that rules on disk match what is expected" + diff expected.json current.json + + echo "Check that we received two notices" + snap debug api --fail "/v2/notices?after=$CURRTIME&types=interfaces-requests-rule-update&user-id=1000" | jq + snap debug api "/v2/notices?after=$CURRTIME&types=interfaces-requests-rule-update&user-id=1000" | jq '.result | length' | MATCH 2 + snap debug api "/v2/notices?after=$CURRTIME&types=interfaces-requests-rule-update&user-id=1000" | jq '.result' | grep -c '"removed": "expired"' | MATCH 1 + + echo "Check that only the former rule is still valid (must be done with UID 1000)" + sudo -iu '#1000' snap debug api /v2/interfaces/requests/rules | jq '.result | length' | MATCH 1 + sudo -iu '#1000' snap debug api /v2/interfaces/requests/rules | jq '.result.[0].id' | MATCH "0000000000000002" + + echo "Stop snapd and ensure it is not in failure mode" + systemctl stop snapd.service snapd.socket + # Try for a while to make sure it's not in failure mode + echo "Check that systemctl is-failed is never true after a while" + retry --wait 1 -n 30 systemctl is-failed snapd.service snapd.socket && exit 1 + + CURRTIME="$(date --rfc-3339=ns --utc | tr ' ' 'T' | sed 's/\+00:00/Z/')" + + echo "Restart snapd and ensure it starts properly" + systemctl start snapd.service snapd.socket + retry --wait 1 -n 60 systemctl is-active snapd.service snapd.socket + + echo "Check that apparmor prompting is supported and enabled" + snap debug api "/v2/system-info" | jq '.result.features."apparmor-prompting".supported' | MATCH true + snap debug api "/v2/system-info" | jq '.result.features."apparmor-prompting".enabled' | MATCH true + + echo "Check that rules on disk still match what is expected" + diff expected.json current.json + + echo "Check that we received one notices for the non-expired rule" + snap debug api --fail "/v2/notices?after=$CURRTIME&types=interfaces-requests-rule-update&user-id=1000" | jq + snap debug api "/v2/notices?after=$CURRTIME&types=interfaces-requests-rule-update&user-id=1000" | jq '.result | length' | MATCH 1 + snap debug api "/v2/notices?after=$CURRTIME&types=interfaces-requests-rule-update&user-id=1000" | jq '.result.[0].key' | MATCH "0000000000000002" + + echo "Check that only the non-expired rule is still valid (must be done with UID 1000)" + sudo -iu '#1000' snap debug api /v2/interfaces/requests/rules | jq '.result | length' | MATCH 1 + sudo -iu '#1000' snap debug api /v2/interfaces/requests/rules | jq '.result.[0].id' | MATCH "0000000000000002" From dc75b874eb02ebd3feb510086ef587656af0b8a3 Mon Sep 17 00:00:00 2001 From: Oliver Calder Date: Fri, 23 Aug 2024 01:24:04 -0500 Subject: [PATCH 10/12] tests: update noble upgrade-from-release for 2.63.1 (#14416) Signed-off-by: Oliver Calder --- tests/main/upgrade-from-release/task.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/main/upgrade-from-release/task.yaml b/tests/main/upgrade-from-release/task.yaml index b617c059d1d..54013a2e24a 100644 --- a/tests/main/upgrade-from-release/task.yaml +++ b/tests/main/upgrade-from-release/task.yaml @@ -48,7 +48,7 @@ execute: | fi declare -A EXPECTED_SNAPD_VERSIONS=( - ["24.04"]='2.63\+24.04' + ["24.04"]='2.63.1\+24.04' ["22.04"]='2.55.3\+22.04' ["20.04"]='2.44.3\+20.04' ["18.04"]='2.32.5\+18.04' From 8d806db710506161a80b3d129be8bf63a6bcfdb2 Mon Sep 17 00:00:00 2001 From: ernestl Date: Fri, 23 Aug 2024 08:46:54 +0200 Subject: [PATCH 11/12] Revert "release: 2.65" This reverts commit 23b094707c2f5f76e70b52d91986dd21de7f641e. --- NEWS.md | 89 ------------------- packaging/arch/PKGBUILD | 2 +- packaging/debian-sid/changelog | 143 ------------------------------- packaging/fedora/snapd.spec | 142 +----------------------------- packaging/opensuse/snapd.changes | 5 -- packaging/opensuse/snapd.spec | 2 +- packaging/ubuntu-14.04/changelog | 143 ------------------------------- packaging/ubuntu-16.04/changelog | 143 ------------------------------- 8 files changed, 3 insertions(+), 666 deletions(-) diff --git a/NEWS.md b/NEWS.md index 46253abf487..ec689a5cc8a 100644 --- a/NEWS.md +++ b/NEWS.md @@ -1,92 +1,3 @@ -# New in snapd 2.65: -* Support building snapd using base Core22 (Snapcraft 8.x) -* FIPS: support building FIPS complaint snapd variant that switches to FIPS mode when the system boots with FIPS enabled -* AppArmor: update to latest 4.0.2 release -* AppArmor: enable using ABI 4.0 from host parser -* AppArmor: fix parser lookup -* AppArmor: support AppArmor snippet priorities -* AppArmor: allow reading cgroup memory.max file -* AppArmor: allow using snap-exec coming from the snapd snap when starting a confined process with jailmode -* AppArmor prompting (experimental): add checks for prompting support, include prompting status in system key, and restart snapd if prompting flag changes -* AppArmor prompting (experimental): include prompt prefix in AppArmor rules if prompting is supported and enabled -* AppArmor prompting (experimental): add common types, constraints, and mappings from AppArmor permissions to abstract permissions -* AppArmor prompting (experimental): add path pattern parsing and matching -* AppArmor prompting (experimental): add path pattern precedence based on specificity -* AppArmor prompting (experimental): add packages to manage outstanding request prompts and rules -* AppArmor prompting (experimental): add prompting API and notice types, which require snap-interfaces-requests-control interface -* AppArmor prompting (experimental): feature flag can only be enabled if prompting is supported, handler service connected, and the service can be started -* Registry views (experimental): rename from aspects to registries -* Registry views (experimental): support reading registry views and setting/unsetting registry data using snapctl -* Registry views (experimental): fetch and refresh registry assertions as needed -* Registry views (experimental): restrict view paths from using a number as first character and view names to storage path style patterns -* Snap components: support installing snaps and components from files at the same time (no REST API/CLI) -* Snap components: support downloading components related assertions from the store -* Snap components: support installing components from the store -* Snap components: support removing components individually and during snap removal -* Snap components: support kernel modules as components -* Snap components: support for component install, pre-refresh and post-refresh hooks -* Snap components: initial support for building systems that contain components -* Refresh app awareness (experimental): add data field for /v2/changes REST API to allow associating each task with affected snaps -* Refresh app awareness (experimental): use the app name from .desktop file in notifications -* Refresh app awareness (experimental): give snap-refresh-observe interface access to /v2/snaps/{name} endpoint -* Improve snap-confine compatibility with nvidia drivers -* Allow re-exec when SNAP_REEXEC is set for unlisted distros to simplify testing -* Allow mixing revision and channel on snap install -* Generate GNU build ID for Go binaries -* Add missing etelpmoc.sh for shell completion -* Do not attempt to run snapd on classic when re-exec is disabled -* Packaging/build maintenance for Debian sid, Fedora, Arch, openSuse -* Add snap debug API command to enable running raw queries -* Enable snap-confine snap mount directory detection -* Replace global seccomp filter with deny rules in standard seccomp template -* Remove support for Ubuntu Core Launcher (superseded by snap-confine) -* Support creating pending serial bound users after serial assertion becomes available -* Support disabling cloud-init using kernel command-line -* In hybrid systems, apps can refresh without waiting for restarts required by essential snaps -* Ship snap-debug-info.sh script used for system diagnostics -* Improve error messages when attempting to run non-existent snap -* Switch to -u UID:GID for strace-static -* Support enabling snapd logging with snap set system debug.snapd.{log,log-level} -* Add options system.coredump.enable and system.coredump.maxuse to support using systemd-coredump on Ubuntu Core -* Provide documentation URL for 'snap interface ' -* Fix restarting activated services instead of their activator units (i.e. sockets, timers) -* Fix potential unexpected auto-refresh of snap on managed schedule -* Fix potential segfault by guarding against kernel command-line changes on classic system -* Fix proxy entries in /etc/environment with missing newline that caused later manual entries to not be usable -* Fix offline remodelling by ignoring prerequisites that will otherwise be downloaded from store -* Fix devmode seccomp deny regression that caused spamming the log instead of actual denies -* Fix snap lock leak during refresh -* Fix not re-pinning validation sets that were already pinned when enforcing new validation sets -* Fix handling of unexpected snapd runtime failure -* Fix /v2/notices REST API skipping notices with duplicate timestamps -* Fix comparing systemd versions that may contain pre-release suffixes -* Fix udev potentially starting before snap-device-helper is made available -* Fix race in snap seed metadata loading -* Fix treating cloud-init exit status 2 as error -* Fix to prevent sending refresh complete notification if snap snap-refresh-observe interface is connected -* Fix to queue snapctl service commands if run from the default-configure hook to ensure they get up-to-date config values -* Fix stop service failure when the service is not actually running anymore -* Fix parsing /proc/PID/mounts with spaces -* Add registry interface that provides snaps access to a particular registry view -* Add snap-interfaces-requests-control interface to enable prompting client snaps -* steam-support interface: remove all AppArmor and seccomp restrictions to improve user experience -* opengl interface: improve compatibility with nvidia drivers -* home interface: autoconnect home on Ubuntu Core Desktop -* serial-port interface: support RPMsg tty -* display-control interface: allow changing LVDS backlight power and brightness -* power-control interface: support for battery charging thesholds, type/status and AC type/status -* cpu-control interface: allow CPU C-state control -* raw-usb interface: support RPi5 and Thinkpad x13s -* custom-device interface: allow device file locking -* lxd-support interface: allow LXD to self-manage its own cgroup -* network-manager interface: support MPTCP sockets -* network-control interface: allow plug/slot access to gnutls config and systemd resolved cache flushing via D-Bus -* network-control interface: allow wpa_supplicant dbus api -* gpio-control interface: support gpiochip* devices -* polkit interface: fix "rw" mount option check -* u2f-devices interface: enable additional security keys -* desktop interface: enable kde theming support - # New in snapd 2.64: * Support building snapd using base Core22 (Snapcraft 8.x) * FIPS: support building FIPS complaint snapd variant that switches to FIPS mode when the system boots with FIPS enabled diff --git a/packaging/arch/PKGBUILD b/packaging/arch/PKGBUILD index 7e9defe6084..0113f36c992 100644 --- a/packaging/arch/PKGBUILD +++ b/packaging/arch/PKGBUILD @@ -11,7 +11,7 @@ pkgdesc="Service and tools for management of snap packages." depends=('squashfs-tools' 'libseccomp' 'libsystemd' 'apparmor') optdepends=('bash-completion: bash completion support' 'xdg-desktop-portal: desktop integration') -pkgver=2.65 +pkgver=2.64 pkgrel=1 arch=('x86_64' 'i686' 'armv7h' 'aarch64') url="https://github.com/snapcore/snapd" diff --git a/packaging/debian-sid/changelog b/packaging/debian-sid/changelog index e12a0db6d09..700ef77918f 100644 --- a/packaging/debian-sid/changelog +++ b/packaging/debian-sid/changelog @@ -1,146 +1,3 @@ -snapd (2.65-1) unstable; urgency=medium - - * New upstream release, LP: #2077473 - - Support building snapd using base Core22 (Snapcraft 8.x) - - FIPS: support building FIPS complaint snapd variant that switches - to FIPS mode when the system boots with FIPS enabled - - AppArmor: update to latest 4.0.2 release - - AppArmor: enable using ABI 4.0 from host parser - - AppArmor: fix parser lookup - - AppArmor: support AppArmor snippet priorities - - AppArmor: allow reading cgroup memory.max file - - AppArmor: allow using snap-exec coming from the snapd snap when - starting a confined process with jailmode - - AppArmor prompting (experimental): add checks for prompting - support, include prompting status in system key, and restart snapd - if prompting flag changes - - AppArmor prompting (experimental): include prompt prefix in - AppArmor rules if prompting is supported and enabled - - AppArmor prompting (experimental): add common types, constraints, - and mappings from AppArmor permissions to abstract permissions - - AppArmor prompting (experimental): add path pattern parsing and - matching - - AppArmor prompting (experimental): add path pattern precedence - based on specificity - - AppArmor prompting (experimental): add packages to manage - outstanding request prompts and rules - - AppArmor prompting (experimental): add prompting API and notice - types, which require snap-interfaces-requests-control interface - - AppArmor prompting (experimental): feature flag can only be - enabled if prompting is supported, handler service connected, and - the service can be started - - Registry views (experimental): rename from aspects to registries - - Registry views (experimental): support reading registry views and - setting/unsetting registry data using snapctl - - Registry views (experimental): fetch and refresh registry - assertions as needed - - Registry views (experimental): restrict view paths from using a - number as first character and view names to storage path style - patterns - - Snap components: support installing snaps and components from - files at the same time (no REST API/CLI) - - Snap components: support downloading components related assertions - from the store - - Snap components: support installing components from the store - - Snap components: support removing components individually and - during snap removal - - Snap components: support kernel modules as components - - Snap components: support for component install, pre-refresh and - post-refresh hooks - - Snap components: initial support for building systems that contain - components - - Refresh app awareness (experimental): add data field for - /v2/changes REST API to allow associating each task with affected - snaps - - Refresh app awareness (experimental): use the app name from - .desktop file in notifications - - Refresh app awareness (experimental): give snap-refresh-observe - interface access to /v2/snaps/{name} endpoint - - Improve snap-confine compatibility with nvidia drivers - - Allow re-exec when SNAP_REEXEC is set for unlisted distros to - simplify testing - - Allow mixing revision and channel on snap install - - Generate GNU build ID for Go binaries - - Add missing etelpmoc.sh for shell completion - - Do not attempt to run snapd on classic when re-exec is disabled - - Packaging/build maintenance for Debian sid, Fedora, Arch, openSuse - - Add snap debug API command to enable running raw queries - - Enable snap-confine snap mount directory detection - - Replace global seccomp filter with deny rules in standard seccomp - template - - Remove support for Ubuntu Core Launcher (superseded by snap- - confine) - - Support creating pending serial bound users after serial assertion - becomes available - - Support disabling cloud-init using kernel command-line - - In hybrid systems, apps can refresh without waiting for restarts - required by essential snaps - - Ship snap-debug-info.sh script used for system diagnostics - - Improve error messages when attempting to run non-existent snap - - Switch to -u UID:GID for strace-static - - Support enabling snapd logging with snap set system - debug.snapd.{log,log-level} - - Add options system.coredump.enable and system.coredump.maxuse to - support using systemd-coredump on Ubuntu Core - - Provide documentation URL for 'snap interface ' - - Fix restarting activated services instead of their activator units - (i.e. sockets, timers) - - Fix potential unexpected auto-refresh of snap on managed schedule - - Fix potential segfault by guarding against kernel command-line - changes on classic system - - Fix proxy entries in /etc/environment with missing newline that - caused later manual entries to not be usable - - Fix offline remodelling by ignoring prerequisites that will - otherwise be downloaded from store - - Fix devmode seccomp deny regression that caused spamming the log - instead of actual denies - - Fix snap lock leak during refresh - - Fix not re-pinning validation sets that were already pinned when - enforcing new validation sets - - Fix handling of unexpected snapd runtime failure - - Fix /v2/notices REST API skipping notices with duplicate - timestamps - - Fix comparing systemd versions that may contain pre-release - suffixes - - Fix udev potentially starting before snap-device-helper is made - available - - Fix race in snap seed metadata loading - - Fix treating cloud-init exit status 2 as error - - Fix to prevent sending refresh complete notification if snap snap- - refresh-observe interface is connected - - Fix to queue snapctl service commands if run from the default- - configure hook to ensure they get up-to-date config values - - Fix stop service failure when the service is not actually running - anymore - - Fix parsing /proc/PID/mounts with spaces - - Add registry interface that provides snaps access to a particular - registry view - - Add snap-interfaces-requests-control interface to enable prompting - client snaps - - steam-support interface: remove all AppArmor and seccomp - restrictions to improve user experience - - opengl interface: improve compatibility with nvidia drivers - - home interface: autoconnect home on Ubuntu Core Desktop - - serial-port interface: support RPMsg tty - - display-control interface: allow changing LVDS backlight power and - brightness - - power-control interface: support for battery charging thesholds, - type/status and AC type/status - - cpu-control interface: allow CPU C-state control - - raw-usb interface: support RPi5 and Thinkpad x13s - - custom-device interface: allow device file locking - - lxd-support interface: allow LXD to self-manage its own cgroup - - network-manager interface: support MPTCP sockets - - network-control interface: allow plug/slot access to gnutls config - and systemd resolved cache flushing via D-Bus - - network-control interface: allow wpa_supplicant dbus api - - gpio-control interface: support gpiochip* devices - - polkit interface: fix "rw" mount option check - - u2f-devices interface: enable additional security keys - - desktop interface: enable kde theming support - - -- Ernest Lotter Wed, 21 Aug 2024 18:25:53 +0200 - snapd (2.64-1) unstable; urgency=medium * New upstream release, LP: #2072986 diff --git a/packaging/fedora/snapd.spec b/packaging/fedora/snapd.spec index 4098f702de9..55b8daefeae 100644 --- a/packaging/fedora/snapd.spec +++ b/packaging/fedora/snapd.spec @@ -104,7 +104,7 @@ %endif Name: snapd -Version: 2.65 +Version: 2.64 Release: 0%{?dist} Summary: A transactional software package manager License: GPLv3 @@ -1003,146 +1003,6 @@ fi %changelog -* Wed Aug 21 2024 Ernest Lotter -- New upstream release 2.65 - - Support building snapd using base Core22 (Snapcraft 8.x) - - FIPS: support building FIPS complaint snapd variant that switches - to FIPS mode when the system boots with FIPS enabled - - AppArmor: update to latest 4.0.2 release - - AppArmor: enable using ABI 4.0 from host parser - - AppArmor: fix parser lookup - - AppArmor: support AppArmor snippet priorities - - AppArmor: allow reading cgroup memory.max file - - AppArmor: allow using snap-exec coming from the snapd snap when - starting a confined process with jailmode - - AppArmor prompting (experimental): add checks for prompting - support, include prompting status in system key, and restart snapd - if prompting flag changes - - AppArmor prompting (experimental): include prompt prefix in - AppArmor rules if prompting is supported and enabled - - AppArmor prompting (experimental): add common types, constraints, - and mappings from AppArmor permissions to abstract permissions - - AppArmor prompting (experimental): add path pattern parsing and - matching - - AppArmor prompting (experimental): add path pattern precedence - based on specificity - - AppArmor prompting (experimental): add packages to manage - outstanding request prompts and rules - - AppArmor prompting (experimental): add prompting API and notice - types, which require snap-interfaces-requests-control interface - - AppArmor prompting (experimental): feature flag can only be - enabled if prompting is supported, handler service connected, and - the service can be started - - Registry views (experimental): rename from aspects to registries - - Registry views (experimental): support reading registry views and - setting/unsetting registry data using snapctl - - Registry views (experimental): fetch and refresh registry - assertions as needed - - Registry views (experimental): restrict view paths from using a - number as first character and view names to storage path style - patterns - - Snap components: support installing snaps and components from - files at the same time (no REST API/CLI) - - Snap components: support downloading components related assertions - from the store - - Snap components: support installing components from the store - - Snap components: support removing components individually and - during snap removal - - Snap components: support kernel modules as components - - Snap components: support for component install, pre-refresh and - post-refresh hooks - - Snap components: initial support for building systems that contain - components - - Refresh app awareness (experimental): add data field for - /v2/changes REST API to allow associating each task with affected - snaps - - Refresh app awareness (experimental): use the app name from - .desktop file in notifications - - Refresh app awareness (experimental): give snap-refresh-observe - interface access to /v2/snaps/{name} endpoint - - Improve snap-confine compatibility with nvidia drivers - - Allow re-exec when SNAP_REEXEC is set for unlisted distros to - simplify testing - - Allow mixing revision and channel on snap install - - Generate GNU build ID for Go binaries - - Add missing etelpmoc.sh for shell completion - - Do not attempt to run snapd on classic when re-exec is disabled - - Packaging/build maintenance for Debian sid, Fedora, Arch, openSuse - - Add snap debug API command to enable running raw queries - - Enable snap-confine snap mount directory detection - - Replace global seccomp filter with deny rules in standard seccomp - template - - Remove support for Ubuntu Core Launcher (superseded by snap- - confine) - - Support creating pending serial bound users after serial assertion - becomes available - - Support disabling cloud-init using kernel command-line - - In hybrid systems, apps can refresh without waiting for restarts - required by essential snaps - - Ship snap-debug-info.sh script used for system diagnostics - - Improve error messages when attempting to run non-existent snap - - Switch to -u UID:GID for strace-static - - Support enabling snapd logging with snap set system - debug.snapd.{log,log-level} - - Add options system.coredump.enable and system.coredump.maxuse to - support using systemd-coredump on Ubuntu Core - - Provide documentation URL for 'snap interface ' - - Fix restarting activated services instead of their activator units - (i.e. sockets, timers) - - Fix potential unexpected auto-refresh of snap on managed schedule - - Fix potential segfault by guarding against kernel command-line - changes on classic system - - Fix proxy entries in /etc/environment with missing newline that - caused later manual entries to not be usable - - Fix offline remodelling by ignoring prerequisites that will - otherwise be downloaded from store - - Fix devmode seccomp deny regression that caused spamming the log - instead of actual denies - - Fix snap lock leak during refresh - - Fix not re-pinning validation sets that were already pinned when - enforcing new validation sets - - Fix handling of unexpected snapd runtime failure - - Fix /v2/notices REST API skipping notices with duplicate - timestamps - - Fix comparing systemd versions that may contain pre-release - suffixes - - Fix udev potentially starting before snap-device-helper is made - available - - Fix race in snap seed metadata loading - - Fix treating cloud-init exit status 2 as error - - Fix to prevent sending refresh complete notification if snap snap- - refresh-observe interface is connected - - Fix to queue snapctl service commands if run from the default- - configure hook to ensure they get up-to-date config values - - Fix stop service failure when the service is not actually running - anymore - - Fix parsing /proc/PID/mounts with spaces - - Add registry interface that provides snaps access to a particular - registry view - - Add snap-interfaces-requests-control interface to enable prompting - client snaps - - steam-support interface: remove all AppArmor and seccomp - restrictions to improve user experience - - opengl interface: improve compatibility with nvidia drivers - - home interface: autoconnect home on Ubuntu Core Desktop - - serial-port interface: support RPMsg tty - - display-control interface: allow changing LVDS backlight power and - brightness - - power-control interface: support for battery charging thesholds, - type/status and AC type/status - - cpu-control interface: allow CPU C-state control - - raw-usb interface: support RPi5 and Thinkpad x13s - - custom-device interface: allow device file locking - - lxd-support interface: allow LXD to self-manage its own cgroup - - network-manager interface: support MPTCP sockets - - network-control interface: allow plug/slot access to gnutls config - and systemd resolved cache flushing via D-Bus - - network-control interface: allow wpa_supplicant dbus api - - gpio-control interface: support gpiochip* devices - - polkit interface: fix "rw" mount option check - - u2f-devices interface: enable additional security keys - - desktop interface: enable kde theming support - * Wed Jul 24 2024 Ernest Lotter - New upstream release 2.64 - Support building snapd using base Core22 (Snapcraft 8.x) diff --git a/packaging/opensuse/snapd.changes b/packaging/opensuse/snapd.changes index c3906fd2933..dc771f55f4a 100644 --- a/packaging/opensuse/snapd.changes +++ b/packaging/opensuse/snapd.changes @@ -1,8 +1,3 @@ -------------------------------------------------------------------- -Wed Aug 21 16:25:53 UTC 2024 - ernest.lotter@canonical.com - -- Update to upstream release 2.65 - ------------------------------------------------------------------- Wed Jul 24 19:11:59 UTC 2024 - ernest.lotter@canonical.com diff --git a/packaging/opensuse/snapd.spec b/packaging/opensuse/snapd.spec index f3e2d9c6cdc..0afa3dc2ffa 100644 --- a/packaging/opensuse/snapd.spec +++ b/packaging/opensuse/snapd.spec @@ -82,7 +82,7 @@ Name: snapd -Version: 2.65 +Version: 2.64 Release: 0 Summary: Tools enabling systems to work with .snap files License: GPL-3.0 diff --git a/packaging/ubuntu-14.04/changelog b/packaging/ubuntu-14.04/changelog index 2328f1fc55f..e62ea6e5f28 100644 --- a/packaging/ubuntu-14.04/changelog +++ b/packaging/ubuntu-14.04/changelog @@ -1,146 +1,3 @@ -snapd (2.65~14.04) trusty; urgency=medium - - * New upstream release, LP: #2077473 - - Support building snapd using base Core22 (Snapcraft 8.x) - - FIPS: support building FIPS complaint snapd variant that switches - to FIPS mode when the system boots with FIPS enabled - - AppArmor: update to latest 4.0.2 release - - AppArmor: enable using ABI 4.0 from host parser - - AppArmor: fix parser lookup - - AppArmor: support AppArmor snippet priorities - - AppArmor: allow reading cgroup memory.max file - - AppArmor: allow using snap-exec coming from the snapd snap when - starting a confined process with jailmode - - AppArmor prompting (experimental): add checks for prompting - support, include prompting status in system key, and restart snapd - if prompting flag changes - - AppArmor prompting (experimental): include prompt prefix in - AppArmor rules if prompting is supported and enabled - - AppArmor prompting (experimental): add common types, constraints, - and mappings from AppArmor permissions to abstract permissions - - AppArmor prompting (experimental): add path pattern parsing and - matching - - AppArmor prompting (experimental): add path pattern precedence - based on specificity - - AppArmor prompting (experimental): add packages to manage - outstanding request prompts and rules - - AppArmor prompting (experimental): add prompting API and notice - types, which require snap-interfaces-requests-control interface - - AppArmor prompting (experimental): feature flag can only be - enabled if prompting is supported, handler service connected, and - the service can be started - - Registry views (experimental): rename from aspects to registries - - Registry views (experimental): support reading registry views and - setting/unsetting registry data using snapctl - - Registry views (experimental): fetch and refresh registry - assertions as needed - - Registry views (experimental): restrict view paths from using a - number as first character and view names to storage path style - patterns - - Snap components: support installing snaps and components from - files at the same time (no REST API/CLI) - - Snap components: support downloading components related assertions - from the store - - Snap components: support installing components from the store - - Snap components: support removing components individually and - during snap removal - - Snap components: support kernel modules as components - - Snap components: support for component install, pre-refresh and - post-refresh hooks - - Snap components: initial support for building systems that contain - components - - Refresh app awareness (experimental): add data field for - /v2/changes REST API to allow associating each task with affected - snaps - - Refresh app awareness (experimental): use the app name from - .desktop file in notifications - - Refresh app awareness (experimental): give snap-refresh-observe - interface access to /v2/snaps/{name} endpoint - - Improve snap-confine compatibility with nvidia drivers - - Allow re-exec when SNAP_REEXEC is set for unlisted distros to - simplify testing - - Allow mixing revision and channel on snap install - - Generate GNU build ID for Go binaries - - Add missing etelpmoc.sh for shell completion - - Do not attempt to run snapd on classic when re-exec is disabled - - Packaging/build maintenance for Debian sid, Fedora, Arch, openSuse - - Add snap debug API command to enable running raw queries - - Enable snap-confine snap mount directory detection - - Replace global seccomp filter with deny rules in standard seccomp - template - - Remove support for Ubuntu Core Launcher (superseded by snap- - confine) - - Support creating pending serial bound users after serial assertion - becomes available - - Support disabling cloud-init using kernel command-line - - In hybrid systems, apps can refresh without waiting for restarts - required by essential snaps - - Ship snap-debug-info.sh script used for system diagnostics - - Improve error messages when attempting to run non-existent snap - - Switch to -u UID:GID for strace-static - - Support enabling snapd logging with snap set system - debug.snapd.{log,log-level} - - Add options system.coredump.enable and system.coredump.maxuse to - support using systemd-coredump on Ubuntu Core - - Provide documentation URL for 'snap interface ' - - Fix restarting activated services instead of their activator units - (i.e. sockets, timers) - - Fix potential unexpected auto-refresh of snap on managed schedule - - Fix potential segfault by guarding against kernel command-line - changes on classic system - - Fix proxy entries in /etc/environment with missing newline that - caused later manual entries to not be usable - - Fix offline remodelling by ignoring prerequisites that will - otherwise be downloaded from store - - Fix devmode seccomp deny regression that caused spamming the log - instead of actual denies - - Fix snap lock leak during refresh - - Fix not re-pinning validation sets that were already pinned when - enforcing new validation sets - - Fix handling of unexpected snapd runtime failure - - Fix /v2/notices REST API skipping notices with duplicate - timestamps - - Fix comparing systemd versions that may contain pre-release - suffixes - - Fix udev potentially starting before snap-device-helper is made - available - - Fix race in snap seed metadata loading - - Fix treating cloud-init exit status 2 as error - - Fix to prevent sending refresh complete notification if snap snap- - refresh-observe interface is connected - - Fix to queue snapctl service commands if run from the default- - configure hook to ensure they get up-to-date config values - - Fix stop service failure when the service is not actually running - anymore - - Fix parsing /proc/PID/mounts with spaces - - Add registry interface that provides snaps access to a particular - registry view - - Add snap-interfaces-requests-control interface to enable prompting - client snaps - - steam-support interface: remove all AppArmor and seccomp - restrictions to improve user experience - - opengl interface: improve compatibility with nvidia drivers - - home interface: autoconnect home on Ubuntu Core Desktop - - serial-port interface: support RPMsg tty - - display-control interface: allow changing LVDS backlight power and - brightness - - power-control interface: support for battery charging thesholds, - type/status and AC type/status - - cpu-control interface: allow CPU C-state control - - raw-usb interface: support RPi5 and Thinkpad x13s - - custom-device interface: allow device file locking - - lxd-support interface: allow LXD to self-manage its own cgroup - - network-manager interface: support MPTCP sockets - - network-control interface: allow plug/slot access to gnutls config - and systemd resolved cache flushing via D-Bus - - network-control interface: allow wpa_supplicant dbus api - - gpio-control interface: support gpiochip* devices - - polkit interface: fix "rw" mount option check - - u2f-devices interface: enable additional security keys - - desktop interface: enable kde theming support - - -- Ernest Lotter Wed, 21 Aug 2024 18:25:53 +0200 - snapd (2.64~14.04) trusty; urgency=medium * New upstream release, LP: #2072986 diff --git a/packaging/ubuntu-16.04/changelog b/packaging/ubuntu-16.04/changelog index 8f2b03df693..417795d47c9 100644 --- a/packaging/ubuntu-16.04/changelog +++ b/packaging/ubuntu-16.04/changelog @@ -1,146 +1,3 @@ -snapd (2.65) xenial; urgency=medium - - * New upstream release, LP: #2077473 - - Support building snapd using base Core22 (Snapcraft 8.x) - - FIPS: support building FIPS complaint snapd variant that switches - to FIPS mode when the system boots with FIPS enabled - - AppArmor: update to latest 4.0.2 release - - AppArmor: enable using ABI 4.0 from host parser - - AppArmor: fix parser lookup - - AppArmor: support AppArmor snippet priorities - - AppArmor: allow reading cgroup memory.max file - - AppArmor: allow using snap-exec coming from the snapd snap when - starting a confined process with jailmode - - AppArmor prompting (experimental): add checks for prompting - support, include prompting status in system key, and restart snapd - if prompting flag changes - - AppArmor prompting (experimental): include prompt prefix in - AppArmor rules if prompting is supported and enabled - - AppArmor prompting (experimental): add common types, constraints, - and mappings from AppArmor permissions to abstract permissions - - AppArmor prompting (experimental): add path pattern parsing and - matching - - AppArmor prompting (experimental): add path pattern precedence - based on specificity - - AppArmor prompting (experimental): add packages to manage - outstanding request prompts and rules - - AppArmor prompting (experimental): add prompting API and notice - types, which require snap-interfaces-requests-control interface - - AppArmor prompting (experimental): feature flag can only be - enabled if prompting is supported, handler service connected, and - the service can be started - - Registry views (experimental): rename from aspects to registries - - Registry views (experimental): support reading registry views and - setting/unsetting registry data using snapctl - - Registry views (experimental): fetch and refresh registry - assertions as needed - - Registry views (experimental): restrict view paths from using a - number as first character and view names to storage path style - patterns - - Snap components: support installing snaps and components from - files at the same time (no REST API/CLI) - - Snap components: support downloading components related assertions - from the store - - Snap components: support installing components from the store - - Snap components: support removing components individually and - during snap removal - - Snap components: support kernel modules as components - - Snap components: support for component install, pre-refresh and - post-refresh hooks - - Snap components: initial support for building systems that contain - components - - Refresh app awareness (experimental): add data field for - /v2/changes REST API to allow associating each task with affected - snaps - - Refresh app awareness (experimental): use the app name from - .desktop file in notifications - - Refresh app awareness (experimental): give snap-refresh-observe - interface access to /v2/snaps/{name} endpoint - - Improve snap-confine compatibility with nvidia drivers - - Allow re-exec when SNAP_REEXEC is set for unlisted distros to - simplify testing - - Allow mixing revision and channel on snap install - - Generate GNU build ID for Go binaries - - Add missing etelpmoc.sh for shell completion - - Do not attempt to run snapd on classic when re-exec is disabled - - Packaging/build maintenance for Debian sid, Fedora, Arch, openSuse - - Add snap debug API command to enable running raw queries - - Enable snap-confine snap mount directory detection - - Replace global seccomp filter with deny rules in standard seccomp - template - - Remove support for Ubuntu Core Launcher (superseded by snap- - confine) - - Support creating pending serial bound users after serial assertion - becomes available - - Support disabling cloud-init using kernel command-line - - In hybrid systems, apps can refresh without waiting for restarts - required by essential snaps - - Ship snap-debug-info.sh script used for system diagnostics - - Improve error messages when attempting to run non-existent snap - - Switch to -u UID:GID for strace-static - - Support enabling snapd logging with snap set system - debug.snapd.{log,log-level} - - Add options system.coredump.enable and system.coredump.maxuse to - support using systemd-coredump on Ubuntu Core - - Provide documentation URL for 'snap interface ' - - Fix restarting activated services instead of their activator units - (i.e. sockets, timers) - - Fix potential unexpected auto-refresh of snap on managed schedule - - Fix potential segfault by guarding against kernel command-line - changes on classic system - - Fix proxy entries in /etc/environment with missing newline that - caused later manual entries to not be usable - - Fix offline remodelling by ignoring prerequisites that will - otherwise be downloaded from store - - Fix devmode seccomp deny regression that caused spamming the log - instead of actual denies - - Fix snap lock leak during refresh - - Fix not re-pinning validation sets that were already pinned when - enforcing new validation sets - - Fix handling of unexpected snapd runtime failure - - Fix /v2/notices REST API skipping notices with duplicate - timestamps - - Fix comparing systemd versions that may contain pre-release - suffixes - - Fix udev potentially starting before snap-device-helper is made - available - - Fix race in snap seed metadata loading - - Fix treating cloud-init exit status 2 as error - - Fix to prevent sending refresh complete notification if snap snap- - refresh-observe interface is connected - - Fix to queue snapctl service commands if run from the default- - configure hook to ensure they get up-to-date config values - - Fix stop service failure when the service is not actually running - anymore - - Fix parsing /proc/PID/mounts with spaces - - Add registry interface that provides snaps access to a particular - registry view - - Add snap-interfaces-requests-control interface to enable prompting - client snaps - - steam-support interface: remove all AppArmor and seccomp - restrictions to improve user experience - - opengl interface: improve compatibility with nvidia drivers - - home interface: autoconnect home on Ubuntu Core Desktop - - serial-port interface: support RPMsg tty - - display-control interface: allow changing LVDS backlight power and - brightness - - power-control interface: support for battery charging thesholds, - type/status and AC type/status - - cpu-control interface: allow CPU C-state control - - raw-usb interface: support RPi5 and Thinkpad x13s - - custom-device interface: allow device file locking - - lxd-support interface: allow LXD to self-manage its own cgroup - - network-manager interface: support MPTCP sockets - - network-control interface: allow plug/slot access to gnutls config - and systemd resolved cache flushing via D-Bus - - network-control interface: allow wpa_supplicant dbus api - - gpio-control interface: support gpiochip* devices - - polkit interface: fix "rw" mount option check - - u2f-devices interface: enable additional security keys - - desktop interface: enable kde theming support - - -- Ernest Lotter Wed, 21 Aug 2024 18:25:53 +0200 - snapd (2.64) xenial; urgency=medium * New upstream release, LP: #2072986 From 006495b25523ff9ba6766f403df4ea1ac1f7382e Mon Sep 17 00:00:00 2001 From: ernestl Date: Fri, 23 Aug 2024 08:49:57 +0200 Subject: [PATCH 12/12] release: 2.65 --- NEWS.md | 89 +++++++++++++++++++ packaging/arch/PKGBUILD | 2 +- packaging/debian-sid/changelog | 143 +++++++++++++++++++++++++++++++ packaging/fedora/snapd.spec | 142 +++++++++++++++++++++++++++++- packaging/opensuse/snapd.changes | 5 ++ packaging/opensuse/snapd.spec | 2 +- packaging/ubuntu-14.04/changelog | 143 +++++++++++++++++++++++++++++++ packaging/ubuntu-16.04/changelog | 143 +++++++++++++++++++++++++++++++ 8 files changed, 666 insertions(+), 3 deletions(-) diff --git a/NEWS.md b/NEWS.md index ec689a5cc8a..46253abf487 100644 --- a/NEWS.md +++ b/NEWS.md @@ -1,3 +1,92 @@ +# New in snapd 2.65: +* Support building snapd using base Core22 (Snapcraft 8.x) +* FIPS: support building FIPS complaint snapd variant that switches to FIPS mode when the system boots with FIPS enabled +* AppArmor: update to latest 4.0.2 release +* AppArmor: enable using ABI 4.0 from host parser +* AppArmor: fix parser lookup +* AppArmor: support AppArmor snippet priorities +* AppArmor: allow reading cgroup memory.max file +* AppArmor: allow using snap-exec coming from the snapd snap when starting a confined process with jailmode +* AppArmor prompting (experimental): add checks for prompting support, include prompting status in system key, and restart snapd if prompting flag changes +* AppArmor prompting (experimental): include prompt prefix in AppArmor rules if prompting is supported and enabled +* AppArmor prompting (experimental): add common types, constraints, and mappings from AppArmor permissions to abstract permissions +* AppArmor prompting (experimental): add path pattern parsing and matching +* AppArmor prompting (experimental): add path pattern precedence based on specificity +* AppArmor prompting (experimental): add packages to manage outstanding request prompts and rules +* AppArmor prompting (experimental): add prompting API and notice types, which require snap-interfaces-requests-control interface +* AppArmor prompting (experimental): feature flag can only be enabled if prompting is supported, handler service connected, and the service can be started +* Registry views (experimental): rename from aspects to registries +* Registry views (experimental): support reading registry views and setting/unsetting registry data using snapctl +* Registry views (experimental): fetch and refresh registry assertions as needed +* Registry views (experimental): restrict view paths from using a number as first character and view names to storage path style patterns +* Snap components: support installing snaps and components from files at the same time (no REST API/CLI) +* Snap components: support downloading components related assertions from the store +* Snap components: support installing components from the store +* Snap components: support removing components individually and during snap removal +* Snap components: support kernel modules as components +* Snap components: support for component install, pre-refresh and post-refresh hooks +* Snap components: initial support for building systems that contain components +* Refresh app awareness (experimental): add data field for /v2/changes REST API to allow associating each task with affected snaps +* Refresh app awareness (experimental): use the app name from .desktop file in notifications +* Refresh app awareness (experimental): give snap-refresh-observe interface access to /v2/snaps/{name} endpoint +* Improve snap-confine compatibility with nvidia drivers +* Allow re-exec when SNAP_REEXEC is set for unlisted distros to simplify testing +* Allow mixing revision and channel on snap install +* Generate GNU build ID for Go binaries +* Add missing etelpmoc.sh for shell completion +* Do not attempt to run snapd on classic when re-exec is disabled +* Packaging/build maintenance for Debian sid, Fedora, Arch, openSuse +* Add snap debug API command to enable running raw queries +* Enable snap-confine snap mount directory detection +* Replace global seccomp filter with deny rules in standard seccomp template +* Remove support for Ubuntu Core Launcher (superseded by snap-confine) +* Support creating pending serial bound users after serial assertion becomes available +* Support disabling cloud-init using kernel command-line +* In hybrid systems, apps can refresh without waiting for restarts required by essential snaps +* Ship snap-debug-info.sh script used for system diagnostics +* Improve error messages when attempting to run non-existent snap +* Switch to -u UID:GID for strace-static +* Support enabling snapd logging with snap set system debug.snapd.{log,log-level} +* Add options system.coredump.enable and system.coredump.maxuse to support using systemd-coredump on Ubuntu Core +* Provide documentation URL for 'snap interface ' +* Fix restarting activated services instead of their activator units (i.e. sockets, timers) +* Fix potential unexpected auto-refresh of snap on managed schedule +* Fix potential segfault by guarding against kernel command-line changes on classic system +* Fix proxy entries in /etc/environment with missing newline that caused later manual entries to not be usable +* Fix offline remodelling by ignoring prerequisites that will otherwise be downloaded from store +* Fix devmode seccomp deny regression that caused spamming the log instead of actual denies +* Fix snap lock leak during refresh +* Fix not re-pinning validation sets that were already pinned when enforcing new validation sets +* Fix handling of unexpected snapd runtime failure +* Fix /v2/notices REST API skipping notices with duplicate timestamps +* Fix comparing systemd versions that may contain pre-release suffixes +* Fix udev potentially starting before snap-device-helper is made available +* Fix race in snap seed metadata loading +* Fix treating cloud-init exit status 2 as error +* Fix to prevent sending refresh complete notification if snap snap-refresh-observe interface is connected +* Fix to queue snapctl service commands if run from the default-configure hook to ensure they get up-to-date config values +* Fix stop service failure when the service is not actually running anymore +* Fix parsing /proc/PID/mounts with spaces +* Add registry interface that provides snaps access to a particular registry view +* Add snap-interfaces-requests-control interface to enable prompting client snaps +* steam-support interface: remove all AppArmor and seccomp restrictions to improve user experience +* opengl interface: improve compatibility with nvidia drivers +* home interface: autoconnect home on Ubuntu Core Desktop +* serial-port interface: support RPMsg tty +* display-control interface: allow changing LVDS backlight power and brightness +* power-control interface: support for battery charging thesholds, type/status and AC type/status +* cpu-control interface: allow CPU C-state control +* raw-usb interface: support RPi5 and Thinkpad x13s +* custom-device interface: allow device file locking +* lxd-support interface: allow LXD to self-manage its own cgroup +* network-manager interface: support MPTCP sockets +* network-control interface: allow plug/slot access to gnutls config and systemd resolved cache flushing via D-Bus +* network-control interface: allow wpa_supplicant dbus api +* gpio-control interface: support gpiochip* devices +* polkit interface: fix "rw" mount option check +* u2f-devices interface: enable additional security keys +* desktop interface: enable kde theming support + # New in snapd 2.64: * Support building snapd using base Core22 (Snapcraft 8.x) * FIPS: support building FIPS complaint snapd variant that switches to FIPS mode when the system boots with FIPS enabled diff --git a/packaging/arch/PKGBUILD b/packaging/arch/PKGBUILD index 0113f36c992..7e9defe6084 100644 --- a/packaging/arch/PKGBUILD +++ b/packaging/arch/PKGBUILD @@ -11,7 +11,7 @@ pkgdesc="Service and tools for management of snap packages." depends=('squashfs-tools' 'libseccomp' 'libsystemd' 'apparmor') optdepends=('bash-completion: bash completion support' 'xdg-desktop-portal: desktop integration') -pkgver=2.64 +pkgver=2.65 pkgrel=1 arch=('x86_64' 'i686' 'armv7h' 'aarch64') url="https://github.com/snapcore/snapd" diff --git a/packaging/debian-sid/changelog b/packaging/debian-sid/changelog index 700ef77918f..44be9ac00f7 100644 --- a/packaging/debian-sid/changelog +++ b/packaging/debian-sid/changelog @@ -1,3 +1,146 @@ +snapd (2.65-1) unstable; urgency=medium + + * New upstream release, LP: #2077473 + - Support building snapd using base Core22 (Snapcraft 8.x) + - FIPS: support building FIPS complaint snapd variant that switches + to FIPS mode when the system boots with FIPS enabled + - AppArmor: update to latest 4.0.2 release + - AppArmor: enable using ABI 4.0 from host parser + - AppArmor: fix parser lookup + - AppArmor: support AppArmor snippet priorities + - AppArmor: allow reading cgroup memory.max file + - AppArmor: allow using snap-exec coming from the snapd snap when + starting a confined process with jailmode + - AppArmor prompting (experimental): add checks for prompting + support, include prompting status in system key, and restart snapd + if prompting flag changes + - AppArmor prompting (experimental): include prompt prefix in + AppArmor rules if prompting is supported and enabled + - AppArmor prompting (experimental): add common types, constraints, + and mappings from AppArmor permissions to abstract permissions + - AppArmor prompting (experimental): add path pattern parsing and + matching + - AppArmor prompting (experimental): add path pattern precedence + based on specificity + - AppArmor prompting (experimental): add packages to manage + outstanding request prompts and rules + - AppArmor prompting (experimental): add prompting API and notice + types, which require snap-interfaces-requests-control interface + - AppArmor prompting (experimental): feature flag can only be + enabled if prompting is supported, handler service connected, and + the service can be started + - Registry views (experimental): rename from aspects to registries + - Registry views (experimental): support reading registry views and + setting/unsetting registry data using snapctl + - Registry views (experimental): fetch and refresh registry + assertions as needed + - Registry views (experimental): restrict view paths from using a + number as first character and view names to storage path style + patterns + - Snap components: support installing snaps and components from + files at the same time (no REST API/CLI) + - Snap components: support downloading components related assertions + from the store + - Snap components: support installing components from the store + - Snap components: support removing components individually and + during snap removal + - Snap components: support kernel modules as components + - Snap components: support for component install, pre-refresh and + post-refresh hooks + - Snap components: initial support for building systems that contain + components + - Refresh app awareness (experimental): add data field for + /v2/changes REST API to allow associating each task with affected + snaps + - Refresh app awareness (experimental): use the app name from + .desktop file in notifications + - Refresh app awareness (experimental): give snap-refresh-observe + interface access to /v2/snaps/{name} endpoint + - Improve snap-confine compatibility with nvidia drivers + - Allow re-exec when SNAP_REEXEC is set for unlisted distros to + simplify testing + - Allow mixing revision and channel on snap install + - Generate GNU build ID for Go binaries + - Add missing etelpmoc.sh for shell completion + - Do not attempt to run snapd on classic when re-exec is disabled + - Packaging/build maintenance for Debian sid, Fedora, Arch, openSuse + - Add snap debug API command to enable running raw queries + - Enable snap-confine snap mount directory detection + - Replace global seccomp filter with deny rules in standard seccomp + template + - Remove support for Ubuntu Core Launcher (superseded by snap- + confine) + - Support creating pending serial bound users after serial assertion + becomes available + - Support disabling cloud-init using kernel command-line + - In hybrid systems, apps can refresh without waiting for restarts + required by essential snaps + - Ship snap-debug-info.sh script used for system diagnostics + - Improve error messages when attempting to run non-existent snap + - Switch to -u UID:GID for strace-static + - Support enabling snapd logging with snap set system + debug.snapd.{log,log-level} + - Add options system.coredump.enable and system.coredump.maxuse to + support using systemd-coredump on Ubuntu Core + - Provide documentation URL for 'snap interface ' + - Fix restarting activated services instead of their activator units + (i.e. sockets, timers) + - Fix potential unexpected auto-refresh of snap on managed schedule + - Fix potential segfault by guarding against kernel command-line + changes on classic system + - Fix proxy entries in /etc/environment with missing newline that + caused later manual entries to not be usable + - Fix offline remodelling by ignoring prerequisites that will + otherwise be downloaded from store + - Fix devmode seccomp deny regression that caused spamming the log + instead of actual denies + - Fix snap lock leak during refresh + - Fix not re-pinning validation sets that were already pinned when + enforcing new validation sets + - Fix handling of unexpected snapd runtime failure + - Fix /v2/notices REST API skipping notices with duplicate + timestamps + - Fix comparing systemd versions that may contain pre-release + suffixes + - Fix udev potentially starting before snap-device-helper is made + available + - Fix race in snap seed metadata loading + - Fix treating cloud-init exit status 2 as error + - Fix to prevent sending refresh complete notification if snap snap- + refresh-observe interface is connected + - Fix to queue snapctl service commands if run from the default- + configure hook to ensure they get up-to-date config values + - Fix stop service failure when the service is not actually running + anymore + - Fix parsing /proc/PID/mounts with spaces + - Add registry interface that provides snaps access to a particular + registry view + - Add snap-interfaces-requests-control interface to enable prompting + client snaps + - steam-support interface: remove all AppArmor and seccomp + restrictions to improve user experience + - opengl interface: improve compatibility with nvidia drivers + - home interface: autoconnect home on Ubuntu Core Desktop + - serial-port interface: support RPMsg tty + - display-control interface: allow changing LVDS backlight power and + brightness + - power-control interface: support for battery charging thesholds, + type/status and AC type/status + - cpu-control interface: allow CPU C-state control + - raw-usb interface: support RPi5 and Thinkpad x13s + - custom-device interface: allow device file locking + - lxd-support interface: allow LXD to self-manage its own cgroup + - network-manager interface: support MPTCP sockets + - network-control interface: allow plug/slot access to gnutls config + and systemd resolved cache flushing via D-Bus + - network-control interface: allow wpa_supplicant dbus api + - gpio-control interface: support gpiochip* devices + - polkit interface: fix "rw" mount option check + - u2f-devices interface: enable additional security keys + - desktop interface: enable kde theming support + + -- Ernest Lotter Fri, 23 Aug 2024 08:49:28 +0200 + snapd (2.64-1) unstable; urgency=medium * New upstream release, LP: #2072986 diff --git a/packaging/fedora/snapd.spec b/packaging/fedora/snapd.spec index 55b8daefeae..43bc1777dc0 100644 --- a/packaging/fedora/snapd.spec +++ b/packaging/fedora/snapd.spec @@ -104,7 +104,7 @@ %endif Name: snapd -Version: 2.64 +Version: 2.65 Release: 0%{?dist} Summary: A transactional software package manager License: GPLv3 @@ -1003,6 +1003,146 @@ fi %changelog +* Fri Aug 23 2024 Ernest Lotter +- New upstream release 2.65 + - Support building snapd using base Core22 (Snapcraft 8.x) + - FIPS: support building FIPS complaint snapd variant that switches + to FIPS mode when the system boots with FIPS enabled + - AppArmor: update to latest 4.0.2 release + - AppArmor: enable using ABI 4.0 from host parser + - AppArmor: fix parser lookup + - AppArmor: support AppArmor snippet priorities + - AppArmor: allow reading cgroup memory.max file + - AppArmor: allow using snap-exec coming from the snapd snap when + starting a confined process with jailmode + - AppArmor prompting (experimental): add checks for prompting + support, include prompting status in system key, and restart snapd + if prompting flag changes + - AppArmor prompting (experimental): include prompt prefix in + AppArmor rules if prompting is supported and enabled + - AppArmor prompting (experimental): add common types, constraints, + and mappings from AppArmor permissions to abstract permissions + - AppArmor prompting (experimental): add path pattern parsing and + matching + - AppArmor prompting (experimental): add path pattern precedence + based on specificity + - AppArmor prompting (experimental): add packages to manage + outstanding request prompts and rules + - AppArmor prompting (experimental): add prompting API and notice + types, which require snap-interfaces-requests-control interface + - AppArmor prompting (experimental): feature flag can only be + enabled if prompting is supported, handler service connected, and + the service can be started + - Registry views (experimental): rename from aspects to registries + - Registry views (experimental): support reading registry views and + setting/unsetting registry data using snapctl + - Registry views (experimental): fetch and refresh registry + assertions as needed + - Registry views (experimental): restrict view paths from using a + number as first character and view names to storage path style + patterns + - Snap components: support installing snaps and components from + files at the same time (no REST API/CLI) + - Snap components: support downloading components related assertions + from the store + - Snap components: support installing components from the store + - Snap components: support removing components individually and + during snap removal + - Snap components: support kernel modules as components + - Snap components: support for component install, pre-refresh and + post-refresh hooks + - Snap components: initial support for building systems that contain + components + - Refresh app awareness (experimental): add data field for + /v2/changes REST API to allow associating each task with affected + snaps + - Refresh app awareness (experimental): use the app name from + .desktop file in notifications + - Refresh app awareness (experimental): give snap-refresh-observe + interface access to /v2/snaps/{name} endpoint + - Improve snap-confine compatibility with nvidia drivers + - Allow re-exec when SNAP_REEXEC is set for unlisted distros to + simplify testing + - Allow mixing revision and channel on snap install + - Generate GNU build ID for Go binaries + - Add missing etelpmoc.sh for shell completion + - Do not attempt to run snapd on classic when re-exec is disabled + - Packaging/build maintenance for Debian sid, Fedora, Arch, openSuse + - Add snap debug API command to enable running raw queries + - Enable snap-confine snap mount directory detection + - Replace global seccomp filter with deny rules in standard seccomp + template + - Remove support for Ubuntu Core Launcher (superseded by snap- + confine) + - Support creating pending serial bound users after serial assertion + becomes available + - Support disabling cloud-init using kernel command-line + - In hybrid systems, apps can refresh without waiting for restarts + required by essential snaps + - Ship snap-debug-info.sh script used for system diagnostics + - Improve error messages when attempting to run non-existent snap + - Switch to -u UID:GID for strace-static + - Support enabling snapd logging with snap set system + debug.snapd.{log,log-level} + - Add options system.coredump.enable and system.coredump.maxuse to + support using systemd-coredump on Ubuntu Core + - Provide documentation URL for 'snap interface ' + - Fix restarting activated services instead of their activator units + (i.e. sockets, timers) + - Fix potential unexpected auto-refresh of snap on managed schedule + - Fix potential segfault by guarding against kernel command-line + changes on classic system + - Fix proxy entries in /etc/environment with missing newline that + caused later manual entries to not be usable + - Fix offline remodelling by ignoring prerequisites that will + otherwise be downloaded from store + - Fix devmode seccomp deny regression that caused spamming the log + instead of actual denies + - Fix snap lock leak during refresh + - Fix not re-pinning validation sets that were already pinned when + enforcing new validation sets + - Fix handling of unexpected snapd runtime failure + - Fix /v2/notices REST API skipping notices with duplicate + timestamps + - Fix comparing systemd versions that may contain pre-release + suffixes + - Fix udev potentially starting before snap-device-helper is made + available + - Fix race in snap seed metadata loading + - Fix treating cloud-init exit status 2 as error + - Fix to prevent sending refresh complete notification if snap snap- + refresh-observe interface is connected + - Fix to queue snapctl service commands if run from the default- + configure hook to ensure they get up-to-date config values + - Fix stop service failure when the service is not actually running + anymore + - Fix parsing /proc/PID/mounts with spaces + - Add registry interface that provides snaps access to a particular + registry view + - Add snap-interfaces-requests-control interface to enable prompting + client snaps + - steam-support interface: remove all AppArmor and seccomp + restrictions to improve user experience + - opengl interface: improve compatibility with nvidia drivers + - home interface: autoconnect home on Ubuntu Core Desktop + - serial-port interface: support RPMsg tty + - display-control interface: allow changing LVDS backlight power and + brightness + - power-control interface: support for battery charging thesholds, + type/status and AC type/status + - cpu-control interface: allow CPU C-state control + - raw-usb interface: support RPi5 and Thinkpad x13s + - custom-device interface: allow device file locking + - lxd-support interface: allow LXD to self-manage its own cgroup + - network-manager interface: support MPTCP sockets + - network-control interface: allow plug/slot access to gnutls config + and systemd resolved cache flushing via D-Bus + - network-control interface: allow wpa_supplicant dbus api + - gpio-control interface: support gpiochip* devices + - polkit interface: fix "rw" mount option check + - u2f-devices interface: enable additional security keys + - desktop interface: enable kde theming support + * Wed Jul 24 2024 Ernest Lotter - New upstream release 2.64 - Support building snapd using base Core22 (Snapcraft 8.x) diff --git a/packaging/opensuse/snapd.changes b/packaging/opensuse/snapd.changes index dc771f55f4a..f272dbc48f2 100644 --- a/packaging/opensuse/snapd.changes +++ b/packaging/opensuse/snapd.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Fri Aug 23 06:49:28 UTC 2024 - ernest.lotter@canonical.com + +- Update to upstream release 2.65 + ------------------------------------------------------------------- Wed Jul 24 19:11:59 UTC 2024 - ernest.lotter@canonical.com diff --git a/packaging/opensuse/snapd.spec b/packaging/opensuse/snapd.spec index 0afa3dc2ffa..f3e2d9c6cdc 100644 --- a/packaging/opensuse/snapd.spec +++ b/packaging/opensuse/snapd.spec @@ -82,7 +82,7 @@ Name: snapd -Version: 2.64 +Version: 2.65 Release: 0 Summary: Tools enabling systems to work with .snap files License: GPL-3.0 diff --git a/packaging/ubuntu-14.04/changelog b/packaging/ubuntu-14.04/changelog index e62ea6e5f28..8195a1995ac 100644 --- a/packaging/ubuntu-14.04/changelog +++ b/packaging/ubuntu-14.04/changelog @@ -1,3 +1,146 @@ +snapd (2.65~14.04) trusty; urgency=medium + + * New upstream release, LP: #2077473 + - Support building snapd using base Core22 (Snapcraft 8.x) + - FIPS: support building FIPS complaint snapd variant that switches + to FIPS mode when the system boots with FIPS enabled + - AppArmor: update to latest 4.0.2 release + - AppArmor: enable using ABI 4.0 from host parser + - AppArmor: fix parser lookup + - AppArmor: support AppArmor snippet priorities + - AppArmor: allow reading cgroup memory.max file + - AppArmor: allow using snap-exec coming from the snapd snap when + starting a confined process with jailmode + - AppArmor prompting (experimental): add checks for prompting + support, include prompting status in system key, and restart snapd + if prompting flag changes + - AppArmor prompting (experimental): include prompt prefix in + AppArmor rules if prompting is supported and enabled + - AppArmor prompting (experimental): add common types, constraints, + and mappings from AppArmor permissions to abstract permissions + - AppArmor prompting (experimental): add path pattern parsing and + matching + - AppArmor prompting (experimental): add path pattern precedence + based on specificity + - AppArmor prompting (experimental): add packages to manage + outstanding request prompts and rules + - AppArmor prompting (experimental): add prompting API and notice + types, which require snap-interfaces-requests-control interface + - AppArmor prompting (experimental): feature flag can only be + enabled if prompting is supported, handler service connected, and + the service can be started + - Registry views (experimental): rename from aspects to registries + - Registry views (experimental): support reading registry views and + setting/unsetting registry data using snapctl + - Registry views (experimental): fetch and refresh registry + assertions as needed + - Registry views (experimental): restrict view paths from using a + number as first character and view names to storage path style + patterns + - Snap components: support installing snaps and components from + files at the same time (no REST API/CLI) + - Snap components: support downloading components related assertions + from the store + - Snap components: support installing components from the store + - Snap components: support removing components individually and + during snap removal + - Snap components: support kernel modules as components + - Snap components: support for component install, pre-refresh and + post-refresh hooks + - Snap components: initial support for building systems that contain + components + - Refresh app awareness (experimental): add data field for + /v2/changes REST API to allow associating each task with affected + snaps + - Refresh app awareness (experimental): use the app name from + .desktop file in notifications + - Refresh app awareness (experimental): give snap-refresh-observe + interface access to /v2/snaps/{name} endpoint + - Improve snap-confine compatibility with nvidia drivers + - Allow re-exec when SNAP_REEXEC is set for unlisted distros to + simplify testing + - Allow mixing revision and channel on snap install + - Generate GNU build ID for Go binaries + - Add missing etelpmoc.sh for shell completion + - Do not attempt to run snapd on classic when re-exec is disabled + - Packaging/build maintenance for Debian sid, Fedora, Arch, openSuse + - Add snap debug API command to enable running raw queries + - Enable snap-confine snap mount directory detection + - Replace global seccomp filter with deny rules in standard seccomp + template + - Remove support for Ubuntu Core Launcher (superseded by snap- + confine) + - Support creating pending serial bound users after serial assertion + becomes available + - Support disabling cloud-init using kernel command-line + - In hybrid systems, apps can refresh without waiting for restarts + required by essential snaps + - Ship snap-debug-info.sh script used for system diagnostics + - Improve error messages when attempting to run non-existent snap + - Switch to -u UID:GID for strace-static + - Support enabling snapd logging with snap set system + debug.snapd.{log,log-level} + - Add options system.coredump.enable and system.coredump.maxuse to + support using systemd-coredump on Ubuntu Core + - Provide documentation URL for 'snap interface ' + - Fix restarting activated services instead of their activator units + (i.e. sockets, timers) + - Fix potential unexpected auto-refresh of snap on managed schedule + - Fix potential segfault by guarding against kernel command-line + changes on classic system + - Fix proxy entries in /etc/environment with missing newline that + caused later manual entries to not be usable + - Fix offline remodelling by ignoring prerequisites that will + otherwise be downloaded from store + - Fix devmode seccomp deny regression that caused spamming the log + instead of actual denies + - Fix snap lock leak during refresh + - Fix not re-pinning validation sets that were already pinned when + enforcing new validation sets + - Fix handling of unexpected snapd runtime failure + - Fix /v2/notices REST API skipping notices with duplicate + timestamps + - Fix comparing systemd versions that may contain pre-release + suffixes + - Fix udev potentially starting before snap-device-helper is made + available + - Fix race in snap seed metadata loading + - Fix treating cloud-init exit status 2 as error + - Fix to prevent sending refresh complete notification if snap snap- + refresh-observe interface is connected + - Fix to queue snapctl service commands if run from the default- + configure hook to ensure they get up-to-date config values + - Fix stop service failure when the service is not actually running + anymore + - Fix parsing /proc/PID/mounts with spaces + - Add registry interface that provides snaps access to a particular + registry view + - Add snap-interfaces-requests-control interface to enable prompting + client snaps + - steam-support interface: remove all AppArmor and seccomp + restrictions to improve user experience + - opengl interface: improve compatibility with nvidia drivers + - home interface: autoconnect home on Ubuntu Core Desktop + - serial-port interface: support RPMsg tty + - display-control interface: allow changing LVDS backlight power and + brightness + - power-control interface: support for battery charging thesholds, + type/status and AC type/status + - cpu-control interface: allow CPU C-state control + - raw-usb interface: support RPi5 and Thinkpad x13s + - custom-device interface: allow device file locking + - lxd-support interface: allow LXD to self-manage its own cgroup + - network-manager interface: support MPTCP sockets + - network-control interface: allow plug/slot access to gnutls config + and systemd resolved cache flushing via D-Bus + - network-control interface: allow wpa_supplicant dbus api + - gpio-control interface: support gpiochip* devices + - polkit interface: fix "rw" mount option check + - u2f-devices interface: enable additional security keys + - desktop interface: enable kde theming support + + -- Ernest Lotter Fri, 23 Aug 2024 08:49:28 +0200 + snapd (2.64~14.04) trusty; urgency=medium * New upstream release, LP: #2072986 diff --git a/packaging/ubuntu-16.04/changelog b/packaging/ubuntu-16.04/changelog index 417795d47c9..16470f85efa 100644 --- a/packaging/ubuntu-16.04/changelog +++ b/packaging/ubuntu-16.04/changelog @@ -1,3 +1,146 @@ +snapd (2.65) xenial; urgency=medium + + * New upstream release, LP: #2077473 + - Support building snapd using base Core22 (Snapcraft 8.x) + - FIPS: support building FIPS complaint snapd variant that switches + to FIPS mode when the system boots with FIPS enabled + - AppArmor: update to latest 4.0.2 release + - AppArmor: enable using ABI 4.0 from host parser + - AppArmor: fix parser lookup + - AppArmor: support AppArmor snippet priorities + - AppArmor: allow reading cgroup memory.max file + - AppArmor: allow using snap-exec coming from the snapd snap when + starting a confined process with jailmode + - AppArmor prompting (experimental): add checks for prompting + support, include prompting status in system key, and restart snapd + if prompting flag changes + - AppArmor prompting (experimental): include prompt prefix in + AppArmor rules if prompting is supported and enabled + - AppArmor prompting (experimental): add common types, constraints, + and mappings from AppArmor permissions to abstract permissions + - AppArmor prompting (experimental): add path pattern parsing and + matching + - AppArmor prompting (experimental): add path pattern precedence + based on specificity + - AppArmor prompting (experimental): add packages to manage + outstanding request prompts and rules + - AppArmor prompting (experimental): add prompting API and notice + types, which require snap-interfaces-requests-control interface + - AppArmor prompting (experimental): feature flag can only be + enabled if prompting is supported, handler service connected, and + the service can be started + - Registry views (experimental): rename from aspects to registries + - Registry views (experimental): support reading registry views and + setting/unsetting registry data using snapctl + - Registry views (experimental): fetch and refresh registry + assertions as needed + - Registry views (experimental): restrict view paths from using a + number as first character and view names to storage path style + patterns + - Snap components: support installing snaps and components from + files at the same time (no REST API/CLI) + - Snap components: support downloading components related assertions + from the store + - Snap components: support installing components from the store + - Snap components: support removing components individually and + during snap removal + - Snap components: support kernel modules as components + - Snap components: support for component install, pre-refresh and + post-refresh hooks + - Snap components: initial support for building systems that contain + components + - Refresh app awareness (experimental): add data field for + /v2/changes REST API to allow associating each task with affected + snaps + - Refresh app awareness (experimental): use the app name from + .desktop file in notifications + - Refresh app awareness (experimental): give snap-refresh-observe + interface access to /v2/snaps/{name} endpoint + - Improve snap-confine compatibility with nvidia drivers + - Allow re-exec when SNAP_REEXEC is set for unlisted distros to + simplify testing + - Allow mixing revision and channel on snap install + - Generate GNU build ID for Go binaries + - Add missing etelpmoc.sh for shell completion + - Do not attempt to run snapd on classic when re-exec is disabled + - Packaging/build maintenance for Debian sid, Fedora, Arch, openSuse + - Add snap debug API command to enable running raw queries + - Enable snap-confine snap mount directory detection + - Replace global seccomp filter with deny rules in standard seccomp + template + - Remove support for Ubuntu Core Launcher (superseded by snap- + confine) + - Support creating pending serial bound users after serial assertion + becomes available + - Support disabling cloud-init using kernel command-line + - In hybrid systems, apps can refresh without waiting for restarts + required by essential snaps + - Ship snap-debug-info.sh script used for system diagnostics + - Improve error messages when attempting to run non-existent snap + - Switch to -u UID:GID for strace-static + - Support enabling snapd logging with snap set system + debug.snapd.{log,log-level} + - Add options system.coredump.enable and system.coredump.maxuse to + support using systemd-coredump on Ubuntu Core + - Provide documentation URL for 'snap interface ' + - Fix restarting activated services instead of their activator units + (i.e. sockets, timers) + - Fix potential unexpected auto-refresh of snap on managed schedule + - Fix potential segfault by guarding against kernel command-line + changes on classic system + - Fix proxy entries in /etc/environment with missing newline that + caused later manual entries to not be usable + - Fix offline remodelling by ignoring prerequisites that will + otherwise be downloaded from store + - Fix devmode seccomp deny regression that caused spamming the log + instead of actual denies + - Fix snap lock leak during refresh + - Fix not re-pinning validation sets that were already pinned when + enforcing new validation sets + - Fix handling of unexpected snapd runtime failure + - Fix /v2/notices REST API skipping notices with duplicate + timestamps + - Fix comparing systemd versions that may contain pre-release + suffixes + - Fix udev potentially starting before snap-device-helper is made + available + - Fix race in snap seed metadata loading + - Fix treating cloud-init exit status 2 as error + - Fix to prevent sending refresh complete notification if snap snap- + refresh-observe interface is connected + - Fix to queue snapctl service commands if run from the default- + configure hook to ensure they get up-to-date config values + - Fix stop service failure when the service is not actually running + anymore + - Fix parsing /proc/PID/mounts with spaces + - Add registry interface that provides snaps access to a particular + registry view + - Add snap-interfaces-requests-control interface to enable prompting + client snaps + - steam-support interface: remove all AppArmor and seccomp + restrictions to improve user experience + - opengl interface: improve compatibility with nvidia drivers + - home interface: autoconnect home on Ubuntu Core Desktop + - serial-port interface: support RPMsg tty + - display-control interface: allow changing LVDS backlight power and + brightness + - power-control interface: support for battery charging thesholds, + type/status and AC type/status + - cpu-control interface: allow CPU C-state control + - raw-usb interface: support RPi5 and Thinkpad x13s + - custom-device interface: allow device file locking + - lxd-support interface: allow LXD to self-manage its own cgroup + - network-manager interface: support MPTCP sockets + - network-control interface: allow plug/slot access to gnutls config + and systemd resolved cache flushing via D-Bus + - network-control interface: allow wpa_supplicant dbus api + - gpio-control interface: support gpiochip* devices + - polkit interface: fix "rw" mount option check + - u2f-devices interface: enable additional security keys + - desktop interface: enable kde theming support + + -- Ernest Lotter Fri, 23 Aug 2024 08:49:28 +0200 + snapd (2.64) xenial; urgency=medium * New upstream release, LP: #2072986