Ubuntu
snapd package

ubuntu-core image missing awk

Bug #1580018 reported by Michael Nelson on 2016-05-10

This bug affects 3 people

Affects		Status	Importance	Assigned to	Milestone
	snap-confine	Fix Released	Medium	Zygmunt Krynicki	snap-confine 1.0.34
	snapd (Ubuntu)	Fix Released	Medium	Unassigned

Bug Description

I'm trying to snap a tool which uses awk. Now I can try including awk in my snap directly, but I checked the default apparmor profile for any snap, and it seems to indicate that awk is installed and enabled by the profile, but when checking (via a test snap), /usr/bin/awk symlinks to /etc/alternatives/awk symlinks to /usr/bin/gawk which doesn't exist (in ubuntu-core 16.04.0-24):

michael@dev-xenial2:~/dev/todo.txt⟫ cat /snap/todo/100001/testawk.sh
#! /bin/bash

ls -l /usr/bin/{,g,m}awk
ls -l /etc/alternatives/awk
/usr/bin/awk -h
/etc/alternatives/awk -h

michael@dev-xenial2:~/dev/todo.txt⟫ todo.testawk
ls: cannot access '/usr/bin/gawk': No such file or directory
lrwxrwxrwx 1 root root 21 Mar 8 11:29 /usr/bin/awk -> /etc/alternatives/awk
-rwxr-xr-x 1 root root 117768 Mar 24 2014 /usr/bin/mawk
lrwxrwxrwx 1 root root 13 Apr 12 14:18 /etc/alternatives/awk -> /usr/bin/gawk
/snap/todo/100001/testawk.sh: line 5: /usr/bin/awk: No such file or directory
/snap/todo/100001/testawk.sh: line 6: /etc/alternatives/awk: No such file or directory

See original description

Michael Nelson (michael.nelson) on 2016-05-10

description:

updated

Revision history for this message

Jamie Strandboge (jdstrand) wrote on 2016-05-10:

In 16.04+20160420.05-01:
$ ls -l /usr/bin/awk
lrwxrwxrwx 1 root root 21 Apr 20 04:58 /usr/bin/awk -> /etc/alternatives/awk

$ ls -l /etc/alternatives/awk
lrwxrwxrwx 1 root root 13 Apr 20 04:58 /etc/alternatives/awk -> /usr/bin/mawk

After running 'snap refresh ubuntu-core' and getting 16.04+20160419.20-55:
$ ls -l /usr/bin/awk
lrwxrwxrwx 1 root root 21 Apr 19 20:52 /usr/bin/awk -> /etc/alternatives/awk
$ ls -l /etc/alternatives/awk
lrwxrwxrwx 1 root root 13 Apr 19 20:52 /etc/alternatives/awk -> /usr/bin/mawk

It seems your image is out of date. What is the output of 'snap list'? What architecture/device is this for?

Changed in snapd (Ubuntu):
status:	New → Incomplete

Revision history for this message

Michael Nelson (michael.nelson) wrote on 2016-05-11:

Thanks Jamie. My ubuntu-core was out of date, but updating doesn't change the symlinks which my snap'd app sees:

michael@dev-xenial2:~/dev/todo.txt⟫ snap list
Name Version Developer
hello-world 6.0 canonical
todo 2.1
ubuntu-core 16.04.0-24 canonical

michael@dev-xenial2:~/dev/todo.txt⟫ sudo snap refresh ubuntu-core
64.64 MB / 64.64 MB [============================================================================================] 100.00 % 26.19 MB/s

michael@dev-xenial2:~/dev/todo.txt⟫ snap list
Name Version Developer
hello-world 6.0 canonical
todo 2.1
ubuntu-core 16.04+20160419.20-55 canonical

michael@dev-xenial2:~/dev/todo.txt⟫ rm -rf parts/testawk && sudo snap remove todo && snapcraft && sudo snap install todo_2.1_amd64.
snap
[-] Remove snap "todo" from the system
...
Snapped todo_2.1_amd64.snap
[/] Setup snap "todo" security profiles

michael@dev-xenial2:~/dev/todo.txt⟫ todo.testawk
ls: cannot access '/usr/bin/gawk': No such file or directory
lrwxrwxrwx 1 root root 21 Apr 19 20:52 /usr/bin/awk -> /etc/alternatives/awk
-rwxr-xr-x 1 root root 117768 Mar 24 2014 /usr/bin/mawk
lrwxrwxrwx 1 root root 13 Apr 12 14:18 /etc/alternatives/awk -> /usr/bin/gawk
/snap/todo/100001/testawk.sh: line 5: /usr/bin/awk: No such file or directory
/snap/todo/100001/testawk.sh: line 6: /etc/alternatives/awk: No such file or directory

michael@dev-xenial2:~/dev/todo.txt⟫ cat /snap/todo/100001/testawk.sh
#! /bin/bash

ls -l /usr/bin/{,g,m}awk
ls -l /etc/alternatives/awk
/usr/bin/awk -h
/etc/alternatives/awk -h

michael@dev-xenial2:~/dev/todo.txt⟫ uname -a
Linux dev-xenial2 4.4.0-18-generic #34-Ubuntu SMP Wed Apr 6 14:01:02 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux

This is running on a (canonistack) xenial instance .

Revision history for this message

Jamie Strandboge (jdstrand) wrote on 2016-05-11:

This is odd-- the os snap I use specifies mawk as the alternative, but yours has gawk.

$ snap list
Name Version Developer
...
ubuntu-core 16.04+20160419.20-55 canonical

$ ls -l /etc/alternatives/awk
lrwxrwxrwx 1 root root 13 Apr 20 04:58 /etc/alternatives/awk -> /usr/bin/mawk

I can easily see that things work with the hello-world snap:

$ sudo snap install hello-world
...

$ hello-world.sh # run a confined shell

bash-4.3$ gawk -W version # try gawk
bash: gawk: command not found # expected, gawk is not on the system

bash-4.3$ mawk -W version # try mawk
mawk 1.3.3 Nov 1996, Copyright (C) Michael D. Brennan
...
bash-4.3$ awk -W version # try awk
mawk 1.3.3 Nov 1996, Copyright (C) Michael D. Brennan

How did you generate the image?

Revision history for this message

John Lenton (chipaca) wrote on 2016-05-11:

It's because /etc isn't hidden; the snap sees the host's /etc.

Revision history for this message

Zygmunt Krynicki (zyga) wrote on 2016-05-11:

I'm discussing the changes to ubuntu-core-launcher that would hide /etc/alternatives from the classic system when snaps are running.

John Lenton (chipaca) on 2016-05-11

Changed in snapd (Ubuntu):
status:	Incomplete → Confirmed
importance:	Undecided → Medium

Revision history for this message

Kyle Fazzari (kyrofa) wrote on 2016-06-22:

This just bit the nextcloud snap as well.

Revision history for this message

Zygmunt Krynicki (zyga) wrote on 2016-06-22:

Hmm, so shall we bind-mount the core-snap /etc/alternatives over the already bind-mounted /etc from classic?

Zygmunt Krynicki (zyga) on 2016-06-22

Changed in snap-confine:
status:	New → In Progress
assignee:	nobody → Zygmunt Krynicki (zyga)

Revision history for this message

Oliver Grawert (ogra) wrote on 2016-06-22:

well, only the individual ones i guess, if you mount the whole dir over the host one you might hide bits you dont want to hide ...

Revision history for this message

John Lenton (chipaca) wrote on 2016-06-22:

Can't we nuke alternatives in core? In what situation is it useful to still have that in the core image?

Revision history for this message

John Lenton (chipaca) wrote on 2016-06-22:

#10

By "nuke the alternatives" I mean, as part of the image build process, iterate over the alternatives and just point the symlink to the alternative, instead of to /etc/alternatives/whatever.

Revision history for this message

Oliver Grawert (ogra) wrote on 2016-06-22:

#11

sure, but thats an extra hack we need to maintain and it might not work with all packages (there are some that change the binary name via the alternative or point to some non-bin path for an executable, not to forget that many packages also use it for config files in random places).

so this requires some extra code (perhaps only remove the ones with a proper executable path etc) and probably a black or whitelist ... pretty much like you would have it at runtime with the bind mounts ...

Zygmunt Krynicki (zyga) on 2016-06-28

Changed in snap-confine:
milestone:	none → 1.0.34
status:	In Progress → Fix Committed

Zygmunt Krynicki (zyga) on 2016-06-30

Changed in snap-confine:
importance:	Undecided → Medium

Zygmunt Krynicki (zyga) on 2016-07-01

Changed in snap-confine:
status:	Fix Committed → Fix Released

Revision history for this message

Michael Vogt (mvo) wrote on 2017-01-26:

#12

Fixed with zyga updated snap-confine.

Changed in snapd (Ubuntu):
status:	Confirmed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntusnapd package

ubuntu-core image missing awk

Bug Description

Other bug subscribers

Remote bug watches

Ubuntu
snapd package