Cannot authorise quotactl syscall for Q_GETQUOTA

Bug #1626359 reported by Olivier Paroz on 2016-09-22
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Snappy
Medium
Jamie Strandboge
snapd (Ubuntu)
Medium
Unassigned
Trusty
Medium
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned

Bug Description

While debugging a snap I get this security error

```
= Seccomp =
Time: Sep 22 03:54:47
Log: auid=4294967295 uid=0 gid=0 ses=4294967295 pid=12869 comm="transmission-da" exe="/snap/transmission/x1/bin/transmission-daemon" sig=31 arch=c000003e 179(quotactl) compat=0 ip=0x7fa06ab2d3fa code=0x0
Syscall: quotactl
```

There is no workaround given, so I've added a security override, but it doesn't do anything.

```
  transmission-daemon:
    command: transmission-init start
    stop-command: transmission-init stop
    daemon: forking
    plugs: [network, network-bind, quotactl]

...

plugs:
  quotactl:
    command: binary
    security-override:
      syscalls: [quotactl]
```

There doesn't seem to be a ready-made interface loaded at install time which would include that syscall, so I can't find a solution for that problem.

Olivier Paroz (oparoz) on 2016-09-22
description: updated
Michael Vogt (mvo) on 2016-11-30
Changed in snappy:
status: New → Triaged
importance: Undecided → Medium
Jamie Strandboge (jdstrand) wrote :

Looking at the transmission source, it is using Q_GETQUOTA and Q_XGETQUOTA. As such, we can adjust mount-observe to use quotactl with Q_GET* seccomp argument filtering.

Setting quotas would be a separate, privileged separate interface since that would affect other snaps (since quotactl is user-specific, not snap-specific).

summary: - Cannot authorise quotactl syscall
+ Cannot authorise quotactl syscall for Q_GETQUOTA
Changed in snappy:
assignee: nobody → Jamie Strandboge (jdstrand)
Changed in snappy:
status: Triaged → In Progress
Jamie Strandboge (jdstrand) wrote :

This is now merged and will be fixed in snapd 2.23.

Changed in snappy:
status: In Progress → Fix Committed

Hello Olivier, or anyone else affected,

Accepted snapd into yakkety-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/snapd/2.23+16.10 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

tags: added: verification-needed
Andy Whitcroft (apw) wrote :

Hello Olivier, or anyone else affected,

Accepted snapd into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/snapd/2.23 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Andy Whitcroft (apw) wrote :

Hello Olivier, or anyone else affected,

Accepted snapd into trusty-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/snapd/2.23~14.04 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in snapd (Ubuntu):
status: New → Fix Committed
Changed in snapd (Ubuntu Trusty):
status: New → Fix Committed
Changed in snapd (Ubuntu Xenial):
status: New → Fix Committed
Changed in snapd (Ubuntu Yakkety):
status: New → Fix Committed
Andy Whitcroft (apw) wrote :

Hello Olivier, or anyone else affected,

Accepted snapd into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/snapd/2.23 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Andy Whitcroft (apw) wrote :

Hello Olivier, or anyone else affected,

Accepted snapd into yakkety-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/snapd/2.23+16.10 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Launchpad Janitor (janitor) wrote :
Download full text (10.7 KiB)

This bug was fixed in the package snapd - 2.23+17.04

---------------
snapd (2.23+17.04) zesty; urgency=medium

  * New upstream release, LP: #1665608
    - overlord: phase 2 with 2nd setup-profiles and hook done after
      restart for core installation
    - data: re-add snapd.refresh.{timer,service} with weekly schedule
    - interfaces: allow 'getent' by default with some missing dbs to
      various interfaces
    - overlord/snapstate: drop forced devmode
    - snapstate: disable running the configure hook on classic for the
      core snap
    - ifacestate: re-generate apparmor in InterfaceManager.initialize()
    - daemon: DevModeDistro does not imply snapstate.Flags{DevMode:true}
    - interfaces/bluez,network-manager: implement ConnectedSlot policy
    - cmd: add helpers for mounting / unmounting
    - snapstate: error in LinkSnap() if revision is unset
    - release: add linuxmint 18 to the non-devmode distros
    - cmd: fixes to run correctly on opensuse
    - interfaces: consistently use 'const' instead of 'var' for security
      policy
    - interfaces: miscellaneous policy updates for unity7, udisks2 and
      browser-support
    - interfaces/apparmor: compensate for kernel behavior change
    - many: only tweak core config if hook exists
    - overlord/hookstate: don't report a run hook output error without
      any context
    - cmd/snap-update-ns: move test data and helpers to new module
    - vet: fix vet error on mount test.
    - tests: empty init (systemd) failover test
    - cmd: add .indent.pro file to the tree
    - interfaces: specs for apparmor, seccomp, udev
    - wrappers/services: RemainAfterExit=yes for oneshot daemons w/ stop
      cmds
    - tests: several improvements to the nested suite
    - tests: do not use core for "All snaps up to date" check
    - cmd/snap-update-ns: add function for sorting mount entries
    - httputil: copy some headers over redirects
    - data/selinux: merge SELinux policy module
    - kmod: added Specification for kmod security backend
    - tests: failover test for rc.local crash
    - debian/tests: map snapd deb pockets to core snap channels for
      autopkgtest
    - many: switch channels on refresh if needed
    - interfaces/builtin: add /boot/uboot/config.txt access to core-
      support
    - release: assume higher version of supported distros will still
      work
    - cmd/snap-update-ns: add compare function for mount entries
    - tests: enable docker test
    - tests: bail out if core snap is not installed
    - interfaces: use mount.Entry instead of string snippets.
    - osutil: trivial tweaks to build ID support
    - many: display kernel version in 'snap version'
    - osutil: add package for reading Build-ID
    - snap: error when `snap list foo` is run and no snap is installed
    - cmd/snap-confine: don't crash if nvidia module is loaded but
      drivers are not available
    - tests: update listing test for latest core snap version update
    - overlord/hookstate/ctlcmd: helper function for creating a deep
      copy of interface attributes
    - interfaces: add a linux framebuffer interface
    - cmd/snap, store: change error messages to reflect latest UX d...

Changed in snapd (Ubuntu):
status: Fix Committed → Fix Released
Jamie Strandboge (jdstrand) wrote :

Most of the fix for this landed in 2.23, but the policy changes were reverted until https://github.com/snapcore/snapd/pull/2810 is merged. In other words, this bug is not Fix Committed and there is no need to test that this is fixed.

Changed in snapd (Ubuntu Trusty):
status: Fix Committed → Triaged
Changed in snapd (Ubuntu Xenial):
status: Fix Committed → Triaged
Changed in snapd (Ubuntu Yakkety):
status: Fix Committed → Triaged
Changed in snappy:
status: Fix Committed → In Progress
Changed in snapd (Ubuntu):
status: Fix Released → Triaged
tags: removed: verification-needed
Andy Whitcroft (apw) wrote :

Hello Olivier, or anyone else affected,

Accepted snapd into yakkety-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/snapd/2.23.1+16.10 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in snapd (Ubuntu Yakkety):
status: Triaged → Fix Committed
tags: added: verification-needed
Changed in snapd (Ubuntu Xenial):
status: Triaged → Fix Committed
Andy Whitcroft (apw) wrote :

Hello Olivier, or anyone else affected,

Accepted snapd into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/snapd/2.23.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in snapd (Ubuntu Trusty):
status: Triaged → Fix Committed
Andy Whitcroft (apw) wrote :

Hello Olivier, or anyone else affected,

Accepted snapd into trusty-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/snapd/2.23.1~14.04 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Olivier Paroz (oparoz) wrote :

https://github.com/snapcore/snapd/pull/2810
has been closed.

Can this fix be tested now?

Changed in snapd (Ubuntu):
importance: Undecided → Medium
Changed in snapd (Ubuntu Yakkety):
importance: Undecided → Medium
Changed in snapd (Ubuntu Trusty):
importance: Undecided → Medium
Changed in snapd (Ubuntu Xenial):
importance: Undecided → Medium
Dave Morley (davmor2) wrote :

Tested quickly with 2.22.6 that this didn't work and then retested with 2.23.1 and it did. So marking this verification-done.

Oliver Feel free to confirm once the updated versions hit the archive.

tags: added: verification-done
removed: verification-needed
Launchpad Janitor (janitor) wrote :
Download full text (11.1 KiB)

This bug was fixed in the package snapd - 2.23.1+16.10

---------------
snapd (2.23.1+16.10) yakkety; urgency=medium

  * New upstream release, LP: #1665608
    - packaging, tests: use "systemctl list-unit-files --full"
      everywhere
    - interfaces: fix default content attribute value
    - tests: do not nuke the entire snapd.conf.d dir when changing
      store settings
    - hookstate: run the right "snap" command in the hookmanager
    - snapstate: revert PR#2958, run configure hook again everywhere

snapd (2.23) xenial; urgency=medium

  * New upstream release, LP: #1665608
    - overlord: phase 2 with 2nd setup-profiles and hook done after
      restart for core installation
    - data: re-add snapd.refresh.{timer,service} with weekly schedule
    - interfaces: allow 'getent' by default with some missing dbs to
      various interfaces
    - overlord/snapstate: drop forced devmode
    - snapstate: disable running the configure hook on classic for the
      core snap
    - ifacestate: re-generate apparmor in InterfaceManager.initialize()
    - daemon: DevModeDistro does not imply snapstate.Flags{DevMode:true}
    - interfaces/bluez,network-manager: implement ConnectedSlot policy
    - cmd: add helpers for mounting / unmounting
    - snapstate: error in LinkSnap() if revision is unset
    - release: add linuxmint 18 to the non-devmode distros
    - cmd: fixes to run correctly on opensuse
    - interfaces: consistently use 'const' instead of 'var' for security
      policy
    - interfaces: miscellaneous policy updates for unity7, udisks2 and
      browser-support
    - interfaces/apparmor: compensate for kernel behavior change
    - many: only tweak core config if hook exists
    - overlord/hookstate: don't report a run hook output error without
      any context
    - cmd/snap-update-ns: move test data and helpers to new module
    - vet: fix vet error on mount test.
    - tests: empty init (systemd) failover test
    - cmd: add .indent.pro file to the tree
    - interfaces: specs for apparmor, seccomp, udev
    - wrappers/services: RemainAfterExit=yes for oneshot daemons w/ stop
      cmds
    - tests: several improvements to the nested suite
    - tests: do not use core for "All snaps up to date" check
    - cmd/snap-update-ns: add function for sorting mount entries
    - httputil: copy some headers over redirects
    - data/selinux: merge SELinux policy module
    - kmod: added Specification for kmod security backend
    - tests: failover test for rc.local crash
    - debian/tests: map snapd deb pockets to core snap channels for
      autopkgtest
    - many: switch channels on refresh if needed
    - interfaces/builtin: add /boot/uboot/config.txt access to core-
      support
    - release: assume higher version of supported distros will still
      work
    - cmd/snap-update-ns: add compare function for mount entries
    - tests: enable docker test
    - tests: bail out if core snap is not installed
    - interfaces: use mount.Entry instead of string snippets.
    - osutil: trivial tweaks to build ID support
    - many: display kernel version in 'snap version'
    - osutil: add package for reading Build-ID
    - snap: error when ...

Changed in snapd (Ubuntu Yakkety):
status: Fix Committed → Fix Released

The verification of the Stable Release Update for snapd has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Launchpad Janitor (janitor) wrote :
Download full text (11.1 KiB)

This bug was fixed in the package snapd - 2.23.1

---------------
snapd (2.23.1) xenial; urgency=medium

  * New upstream release, LP: #1665608
    - packaging, tests: use "systemctl list-unit-files --full"
      everywhere
    - interfaces: fix default content attribute value
    - tests: do not nuke the entire snapd.conf.d dir when changing
      store settings
    - hookstate: run the right "snap" command in the hookmanager
    - snapstate: revert PR#2958, run configure hook again everywhere

snapd (2.23) xenial; urgency=medium

  * New upstream release, LP: #1665608
    - overlord: phase 2 with 2nd setup-profiles and hook done after
      restart for core installation
    - data: re-add snapd.refresh.{timer,service} with weekly schedule
    - interfaces: allow 'getent' by default with some missing dbs to
      various interfaces
    - overlord/snapstate: drop forced devmode
    - snapstate: disable running the configure hook on classic for the
      core snap
    - ifacestate: re-generate apparmor in InterfaceManager.initialize()
    - daemon: DevModeDistro does not imply snapstate.Flags{DevMode:true}
    - interfaces/bluez,network-manager: implement ConnectedSlot policy
    - cmd: add helpers for mounting / unmounting
    - snapstate: error in LinkSnap() if revision is unset
    - release: add linuxmint 18 to the non-devmode distros
    - cmd: fixes to run correctly on opensuse
    - interfaces: consistently use 'const' instead of 'var' for security
      policy
    - interfaces: miscellaneous policy updates for unity7, udisks2 and
      browser-support
    - interfaces/apparmor: compensate for kernel behavior change
    - many: only tweak core config if hook exists
    - overlord/hookstate: don't report a run hook output error without
      any context
    - cmd/snap-update-ns: move test data and helpers to new module
    - vet: fix vet error on mount test.
    - tests: empty init (systemd) failover test
    - cmd: add .indent.pro file to the tree
    - interfaces: specs for apparmor, seccomp, udev
    - wrappers/services: RemainAfterExit=yes for oneshot daemons w/ stop
      cmds
    - tests: several improvements to the nested suite
    - tests: do not use core for "All snaps up to date" check
    - cmd/snap-update-ns: add function for sorting mount entries
    - httputil: copy some headers over redirects
    - data/selinux: merge SELinux policy module
    - kmod: added Specification for kmod security backend
    - tests: failover test for rc.local crash
    - debian/tests: map snapd deb pockets to core snap channels for
      autopkgtest
    - many: switch channels on refresh if needed
    - interfaces/builtin: add /boot/uboot/config.txt access to core-
      support
    - release: assume higher version of supported distros will still
      work
    - cmd/snap-update-ns: add compare function for mount entries
    - tests: enable docker test
    - tests: bail out if core snap is not installed
    - interfaces: use mount.Entry instead of string snippets.
    - osutil: trivial tweaks to build ID support
    - many: display kernel version in 'snap version'
    - osutil: add package for reading Build-ID
    - snap: error when `snap list fo...

Changed in snapd (Ubuntu Xenial):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :
Download full text (11.1 KiB)

This bug was fixed in the package snapd - 2.23.1~14.04

---------------
snapd (2.23.1~14.04) trusty; urgency=medium

  * New upstream release, LP: #1665608
    - packaging, tests: use "systemctl list-unit-files --full"
      everywhere
    - interfaces: fix default content attribute value
    - tests: do not nuke the entire snapd.conf.d dir when changing
      store settings
    - hookstate: run the right "snap" command in the hookmanager
    - snapstate: revert PR#2958, run configure hook again everywhere

snapd (2.23~14.04) trusty; urgency=medium

  * New upstream release, LP: #1665608
    - overlord: phase 2 with 2nd setup-profiles and hook done after
      restart for core installation
    - data: re-add snapd.refresh.{timer,service} with weekly schedule
    - interfaces: allow 'getent' by default with some missing dbs to
      various interfaces
    - overlord/snapstate: drop forced devmode
    - snapstate: disable running the configure hook on classic for the
      core snap
    - ifacestate: re-generate apparmor in InterfaceManager.initialize()
    - daemon: DevModeDistro does not imply snapstate.Flags{DevMode:true}
    - interfaces/bluez,network-manager: implement ConnectedSlot policy
    - cmd: add helpers for mounting / unmounting
    - snapstate: error in LinkSnap() if revision is unset
    - release: add linuxmint 18 to the non-devmode distros
    - cmd: fixes to run correctly on opensuse
    - interfaces: consistently use 'const' instead of 'var' for security
      policy
    - interfaces: miscellaneous policy updates for unity7, udisks2 and
      browser-support
    - interfaces/apparmor: compensate for kernel behavior change
    - many: only tweak core config if hook exists
    - overlord/hookstate: don't report a run hook output error without
      any context
    - cmd/snap-update-ns: move test data and helpers to new module
    - vet: fix vet error on mount test.
    - tests: empty init (systemd) failover test
    - cmd: add .indent.pro file to the tree
    - interfaces: specs for apparmor, seccomp, udev
    - wrappers/services: RemainAfterExit=yes for oneshot daemons w/ stop
      cmds
    - tests: several improvements to the nested suite
    - tests: do not use core for "All snaps up to date" check
    - cmd/snap-update-ns: add function for sorting mount entries
    - httputil: copy some headers over redirects
    - data/selinux: merge SELinux policy module
    - kmod: added Specification for kmod security backend
    - tests: failover test for rc.local crash
    - debian/tests: map snapd deb pockets to core snap channels for
      autopkgtest
    - many: switch channels on refresh if needed
    - interfaces/builtin: add /boot/uboot/config.txt access to core-
      support
    - release: assume higher version of supported distros will still
      work
    - cmd/snap-update-ns: add compare function for mount entries
    - tests: enable docker test
    - tests: bail out if core snap is not installed
    - interfaces: use mount.Entry instead of string snippets.
    - osutil: trivial tweaks to build ID support
    - many: display kernel version in 'snap version'
    - osutil: add package for reading Build-ID
    - snap: error ...

Changed in snapd (Ubuntu Trusty):
status: Fix Committed → Fix Released
Jamie Strandboge (jdstrand) wrote :

This bug is getting slurped into changelogs but it is not fixed in master since the fix was reverted due to https://github.com/snapcore/snapd/pull/2810 not being merged yet. Marking all Ubuntu releases as still affected.

Changed in snapd (Ubuntu Trusty):
status: Fix Released → In Progress
Changed in snapd (Ubuntu Xenial):
status: Fix Released → In Progress
Changed in snapd (Ubuntu Yakkety):
status: Fix Released → In Progress
Changed in snapd (Ubuntu Trusty):
status: In Progress → Triaged
Changed in snapd (Ubuntu Xenial):
status: In Progress → Triaged
Changed in snapd (Ubuntu Yakkety):
status: In Progress → Triaged
Launchpad Janitor (janitor) wrote :
Download full text (8.7 KiB)

This bug was fixed in the package snapd - 2.24.1+16.10

---------------
snapd (2.24.1+16.10) yakkety; urgency=medium

  * New upstream release, LP: #1681799:
    - fix autopkgtest failures with stable core snap
    - ensure the snap-confine transitional package cleans up
      the no-longer-used apparmor profile to fix the kernels
      autopkgtest failures

snapd (2.24+16.10) yakkety; urgency=medium

  * New upstream release, LP: #1681799:
    - interfaces/mount: add InfoEntry type
    - many: fix plug auto-connect during core transition
    - interfaces: fold network bind into core support with tests
    - .travis.yml: add option to make raw log less noisy
    - interfaces: adjust shm accesses to use 'm' for updated mmap kernel
      mediation
    - many: rename two core plugs that clash with slot names
    - snap-confine,browser-support: /dev/tty for snap-confine, misc
      browser-support for gnome-shell
    - store: add download test with EOF in the middle
    - tests: adjust to look for network-bind-plug
    - store: make hash error message more accurate
    - overlord/snapstate: simplify AliasesStatus down to just an
      AutoAliasesDisabled bool flag (aliases v2)
    - errtracker: never send errtracker reports when running under
      SNAPPY_TESTING
    - interfaces/repo: validate slot/plug names
    - daemon: Give the snap directories via GET /v2/system-info
    - interfaces/unity7: support unity messaging menu
    - interfaces/mount: add high-level Profile functions
    - git: ignore only the cmd/Makefile{,.in}
    - cmd: explicitly set _GNU_SOURCE and _FILE_OFFSET_BITS for xfs
      support
    - daemon: add desktop file location for app to the API
    - overlord,release: disable classic snap support when not possible
    - overlord: fix TestEnsureLoopPrune not to be so racy
    - many: abstract path to /bin/{true,false}
    - data/systemd: tweak data/systemd/Makefile to be slightly simpler
    - store: handle EOF via url.Error check
    - packaging: use templates for relevant systemd units
    - tests: run gccgo only on ubuntu-16.04-64
    - .travis.yml: remove travis matrix and do a single sequential run
    - overlord/state: make sure that setting to nil a state key is
      equivalent to deleting it
    - tests: fix incorrect shell expression
    - interfaces/mount: add OptsToFlags for converting arguments to
      syscall…
    - interfaces: add a joystick interface
    - tests: enable docker test for more ubuntu-core systems
    - tests: download and install additional dependencies when using
      prepackaged snapd
    - many: add support for partially static builds
    - interfaces: allow slot to introspect dbus-daemon in dbus
      interface, allow /usr/bin/arch by default
    - interfaces/mount: fix golint issues
    - interfaces/mount: add function for saving fstab-like file
    - osutil: introducing GetenvInt64, like GetenvBool but Int64er.
    - interfaces: drop udev tagging from framebuffer interface
    - snapstate: more helpers to work with aliases state (aliases
      v2)
    - interfaces/mount: add function for parsing fstab-like file
    - cmd: disable the re-associate fix as requested by jdstrand
    - overlord...

Read more...

Changed in snapd (Ubuntu Yakkety):
status: Triaged → Fix Released
Launchpad Janitor (janitor) wrote :
Download full text (8.7 KiB)

This bug was fixed in the package snapd - 2.24.1

---------------
snapd (2.24.1) xenial; urgency=medium

  * New upstream release, LP: #1681799:
    - fix autopkgtest failures with stable core snap
    - ensure the snap-confine transitional package cleans up
      the no-longer-used apparmor profile to fix the kernels
      autopkgtest failures

snapd (2.24) xenial; urgency=medium

  * New upstream release, LP: #1681799:
    - interfaces/mount: add InfoEntry type
    - many: fix plug auto-connect during core transition
    - interfaces: fold network bind into core support with tests
    - .travis.yml: add option to make raw log less noisy
    - interfaces: adjust shm accesses to use 'm' for updated mmap kernel
      mediation
    - many: rename two core plugs that clash with slot names
    - snap-confine,browser-support: /dev/tty for snap-confine, misc
      browser-support for gnome-shell
    - store: add download test with EOF in the middle
    - tests: adjust to look for network-bind-plug
    - store: make hash error message more accurate
    - overlord/snapstate: simplify AliasesStatus down to just an
      AutoAliasesDisabled bool flag (aliases v2)
    - errtracker: never send errtracker reports when running under
      SNAPPY_TESTING
    - interfaces/repo: validate slot/plug names
    - daemon: Give the snap directories via GET /v2/system-info
    - interfaces/unity7: support unity messaging menu
    - interfaces/mount: add high-level Profile functions
    - git: ignore only the cmd/Makefile{,.in}
    - cmd: explicitly set _GNU_SOURCE and _FILE_OFFSET_BITS for xfs
      support
    - daemon: add desktop file location for app to the API
    - overlord,release: disable classic snap support when not possible
    - overlord: fix TestEnsureLoopPrune not to be so racy
    - many: abstract path to /bin/{true,false}
    - data/systemd: tweak data/systemd/Makefile to be slightly simpler
    - store: handle EOF via url.Error check
    - packaging: use templates for relevant systemd units
    - tests: run gccgo only on ubuntu-16.04-64
    - .travis.yml: remove travis matrix and do a single sequential run
    - overlord/state: make sure that setting to nil a state key is
      equivalent to deleting it
    - tests: fix incorrect shell expression
    - interfaces/mount: add OptsToFlags for converting arguments to
      syscall…
    - interfaces: add a joystick interface
    - tests: enable docker test for more ubuntu-core systems
    - tests: download and install additional dependencies when using
      prepackaged snapd
    - many: add support for partially static builds
    - interfaces: allow slot to introspect dbus-daemon in dbus
      interface, allow /usr/bin/arch by default
    - interfaces/mount: fix golint issues
    - interfaces/mount: add function for saving fstab-like file
    - osutil: introducing GetenvInt64, like GetenvBool but Int64er.
    - interfaces: drop udev tagging from framebuffer interface
    - snapstate: more helpers to work with aliases state (aliases
      v2)
    - interfaces/mount: add function for parsing fstab-like file
    - cmd: disable the re-associate fix as requested by jdstrand
    - overlord/snapstate: unlock/r...

Read more...

Changed in snapd (Ubuntu Xenial):
status: Triaged → Fix Released
Launchpad Janitor (janitor) wrote :
Download full text (8.7 KiB)

This bug was fixed in the package snapd - 2.24.1~14.04

---------------
snapd (2.24.1~14.04) trusty; urgency=medium

  * New upstream release, LP: #1681799:
    - fix autopkgtest failures with stable core snap
    - ensure the snap-confine transitional package cleans up
      the no-longer-used apparmor profile to fix the kernels
      autopkgtest failures

snapd (2.24~14.04) trusty; urgency=medium

  * New upstream release, LP: #1681799:
    - interfaces/mount: add InfoEntry type
    - many: fix plug auto-connect during core transition
    - interfaces: fold network bind into core support with tests
    - .travis.yml: add option to make raw log less noisy
    - interfaces: adjust shm accesses to use 'm' for updated mmap kernel
      mediation
    - many: rename two core plugs that clash with slot names
    - snap-confine,browser-support: /dev/tty for snap-confine, misc
      browser-support for gnome-shell
    - store: add download test with EOF in the middle
    - tests: adjust to look for network-bind-plug
    - store: make hash error message more accurate
    - overlord/snapstate: simplify AliasesStatus down to just an
      AutoAliasesDisabled bool flag (aliases v2)
    - errtracker: never send errtracker reports when running under
      SNAPPY_TESTING
    - interfaces/repo: validate slot/plug names
    - daemon: Give the snap directories via GET /v2/system-info
    - interfaces/unity7: support unity messaging menu
    - interfaces/mount: add high-level Profile functions
    - git: ignore only the cmd/Makefile{,.in}
    - cmd: explicitly set _GNU_SOURCE and _FILE_OFFSET_BITS for xfs
      support
    - daemon: add desktop file location for app to the API
    - overlord,release: disable classic snap support when not possible
    - overlord: fix TestEnsureLoopPrune not to be so racy
    - many: abstract path to /bin/{true,false}
    - data/systemd: tweak data/systemd/Makefile to be slightly simpler
    - store: handle EOF via url.Error check
    - packaging: use templates for relevant systemd units
    - tests: run gccgo only on ubuntu-16.04-64
    - .travis.yml: remove travis matrix and do a single sequential run
    - overlord/state: make sure that setting to nil a state key is
      equivalent to deleting it
    - tests: fix incorrect shell expression
    - interfaces/mount: add OptsToFlags for converting arguments to
      syscall…
    - interfaces: add a joystick interface
    - tests: enable docker test for more ubuntu-core systems
    - tests: download and install additional dependencies when using
      prepackaged snapd
    - many: add support for partially static builds
    - interfaces: allow slot to introspect dbus-daemon in dbus
      interface, allow /usr/bin/arch by default
    - interfaces/mount: fix golint issues
    - interfaces/mount: add function for saving fstab-like file
    - osutil: introducing GetenvInt64, like GetenvBool but Int64er.
    - interfaces: drop udev tagging from framebuffer interface
    - snapstate: more helpers to work with aliases state (aliases
      v2)
    - interfaces/mount: add function for parsing fstab-like file
    - cmd: disable the re-associate fix as requested by jdstrand
    - overlord/s...

Read more...

Changed in snapd (Ubuntu Trusty):
status: Triaged → Fix Released
Changed in snapd (Ubuntu):
status: Triaged → Fix Released
Changed in snappy:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers