Classic confined snaps don't install

Bug #1690280 reported by Robert Ancell on 2017-05-12
62
This bug affects 8 people
Affects Status Importance Assigned to Milestone
GNOME Software
Expired
Medium
gnome-software (Ubuntu)
High
James Henstridge
Xenial
Critical
James Henstridge
Zesty
High
Robert Ancell
Artful
High
James Henstridge

Bug Description

[Impact]
Apps that use classic confinement show up in search results but don't install.

[Test Case]
1. Open GNOME Software
2. Search for a classic snap, e.g. "atom"
3. Install snap

Expected result:
Either:
a) Snap is installed
b) Snap is not installed and error given
c) Snap is installed but user needs to provide some sort of confirmation since it is not confined.

Observed result:
Snap is not installed, no error given.

[Regression Potential]
Patch changes the code path used to request installation of all snap packages. Ensure that strict confined snaps continue to be installed with correct confinement.

For example, try installing "ohmygiraffe" via gnome-software, then run "snap info ohmygiraffe" from a terminal. The "installed:" line should not include the word "classic".

Changed in gnome-software (Ubuntu):
importance: Undecided → High
Will Cooke (willcooke) wrote :

I think we should, as closely as possible, replicate what the snap cli does. i.e. Prompt the user to say that the Snap uses classic confinement, what that means and get them to click a "I understand" box. I'll review this with Design.

Will Cooke (willcooke) wrote :

Spoke to mpt & Carla.

Please place the information that the snap uses classic confinement in to the details page. It needs to be clear to the user before they install the snap.

"This revision of snap "foo" was published using classic confinement and thus
may perform arbitrary system changes outside of the security sandbox that snaps
are usually confined to, which may put your system at risk."

No requirement for a pop-up confirmation at this time.

Changed in gnome-software (Ubuntu):
assignee: nobody → Robert Ancell (robert-ancell)
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in gnome-software (Ubuntu):
status: New → Confirmed
Robert Ancell (robert-ancell) wrote :

For the record the command line process is:

$ sudo snap install atom
error: This revision of snap "atom" was published using classic confinement and thus may perform
       arbitrary system changes outside of the security sandbox that snaps are usually confined to,
       which may put your system at risk.

       If you understand and want to proceed repeat the command including --classic.
$ sudo snap install --classic atom

Will Cooke (willcooke) wrote :

I have pung the Security team for their input on this topic.

Tyler Hicks (tyhicks) wrote :

The Details section is not visible on my laptop until I scroll down. I'm concerned that a warning message in the Details section will go unnoticed. BTW, that's on 17.04 with gnome-software 3.22.7-0ubuntu3.17.04.2.

I'd like for us to explore if there's a way to get a more visible warning.

Will Cooke (willcooke) wrote :

Robert, when you're ready to start working on this one let me know what the options are and I will speak to the Design team.

Robert Ancell (robert-ancell) wrote :

Asked upstream for comments regarding how to expose through the UI:
https://mail.gnome.org/archives/gnome-software-list/2017-May/msg00012.html

Changed in gnome-software (Ubuntu):
status: Confirmed → In Progress
Robert Ancell (robert-ancell) wrote :

This patch implements the technical details to install a classic snap. Tested with the 'atom' snap. It doesn't display any warnings (yet).

tags: added: patch
James Henstridge (jamesh) wrote :

I've made some simple UI changes in the following branch forked from ubuntu-master, based on Robert's patch:

https://code.launchpad.net/~jamesh/gnome-software/+git/gnome-software/+ref/classic-snap-install

This adds a warning message at the top of the details list when viewing an snap that is not using strict confinement. If we get the text of this right, then this could be enough. Currently it reads:

    This third party package is not sandboxed. It will have access to your documents.

Thinking about it, this warning is equally valid for strictly confined snaps that connect to the home interface. I don't think there is a way to identify such apps based on the metadata returned by "find" API requests though.

Changed in gnome-software (Ubuntu):
assignee: Robert Ancell (robert-ancell) → James Henstridge (jamesh)
Changed in gnome-software:
importance: Unknown → Medium
status: Unknown → Confirmed
Robert Ancell (robert-ancell) wrote :

This is how this patch looks like installing a classically confined snap. Note that the warning is only visible if your screen is tall enough, otherwise you would have to scroll down to see it.

Changed in gnome-software (Ubuntu Artful):
status: In Progress → Fix Released
Changed in gnome-software (Ubuntu Zesty):
importance: Undecided → High
Changed in gnome-software (Ubuntu Xenial):
importance: Undecided → High
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in gnome-software (Ubuntu Xenial):
status: New → Confirmed
Changed in gnome-software (Ubuntu Zesty):
status: New → Confirmed
Changed in gnome-software (Ubuntu Zesty):
status: Confirmed → In Progress
Changed in gnome-software (Ubuntu Xenial):
status: Confirmed → In Progress
assignee: nobody → Robert Ancell (robert-ancell)
Changed in gnome-software (Ubuntu Zesty):
assignee: nobody → Robert Ancell (robert-ancell)
Changed in gnome-software (Ubuntu Zesty):
status: In Progress → Fix Committed
Changed in gnome-software (Ubuntu Xenial):
assignee: Robert Ancell (robert-ancell) → James Henstridge (jamesh)
Ken VanDine (ken-vandine) wrote :

@jamesh: the previous gnome-software SRU has made it's way to xenial-updates. Let's get this into xenial-proposed ASAP.

James Henstridge (jamesh) wrote :

Here's a debdiff for the Xenial package update based on Robert's work. I don't have upload rights to upload it myself.

description: updated

An upload of gnome-software to xenial-proposed has been rejected from the upload queue for the following reason: "The changelog is very confusing, not really fitting the actual changes. The addition of 0018-Backport-GS_APP_KUDO_SANDBOXED.patch is not mentioned anywhere - is it required? It needs to be made clear. Also, a lot of changes have been made to the existing patches and things split out of some of them into a separate patch, but the changelog doesn't indicate the actual real reason for that ('part of xxx moved upstream' gives someone without context no real information). Please adjust the changelog and make sure that all those patch changes are necessary and re-submit.".

Ken VanDine (ken-vandine) wrote :

I've uploaded this with a revised changelog.

Changed in gnome-software (Ubuntu Xenial):
importance: High → Critical

Hello Robert, or anyone else affected,

Accepted gnome-software into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/gnome-software/3.20.5-0ubuntu0.16.04.8 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-xenial to verification-done-xenial. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-xenial. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in gnome-software (Ubuntu Xenial):
status: In Progress → Fix Committed
tags: added: verification-needed verification-needed-xenial
Brian Murray (brian-murray) wrote :

Unsubscribing ubuntu-sponsors since no more sponsorship is required.

SRU verification for Xenial:
I have reproduced the problem with gnome-software 3.20.5-0ubuntu0.16.04.7 in xenial-updates and have verified that the version of gnome-software 3.20.5-0ubuntu0.16.04.8 in -proposed fixes the issue.

Marking as verification-done

tags: added: verification-done verification-done-xenial
removed: verification-needed verification-needed-xenial

I have also tested with 3.20.5-0ubuntu0.16.04.8 on 16.04 and this issue is fixed.

Łukasz Zemczak (sil2100) wrote :

As per request, seeing no reports regarding this -proposed package, I conditionally release this before the aging period. Please note that this is just a one-time exception.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package gnome-software - 3.20.5-0ubuntu0.16.04.8

---------------
gnome-software (3.20.5-0ubuntu0.16.04.8) xenial-proposed; urgency=medium

  [ Robert Ancell ]
  * debian/patches/0018-Add-a-Snap-plugin.patch,
    debian/patches/0018-Backport-GS_APP_KUDO_SANDBOXED.patch,
    debian/patches/0048-Display-a-warning-for-non-sandboxed-snaps.patch:
    - Support installing of classic confined snaps (LP: #1690280)
  * debian/patches/0001-trivial-Fix-CSS-validation-warning.patch:
    - Upstream fix, previously included in 0011-Fix-a-couple-of-CSS-errors
  * debian/patches/0011-Fix-a-couple-of-CSS-errors.patch
    - Refreshed, part of this was merged upstream

 -- Ken VanDine <email address hidden> Fri, 19 Jan 2018 11:01:07 -0500

Changed in gnome-software (Ubuntu Xenial):
status: Fix Committed → Fix Released

The verification of the Stable Release Update for gnome-software has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Changed in gnome-software (Ubuntu Zesty):
status: Fix Committed → Won't Fix
Changed in gnome-software:
status: Confirmed → Expired
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.