Ubuntu
snapd package

[SRU] Dependency on snap-confine too weak

Bug #1634236 reported by Michael Vogt
16
This bug affects 2 people
Affects Status Importance Assigned to Milestone
snapd (Ubuntu)
Fix Released
Undecided
Unassigned
Xenial
Fix Released
Undecided
Unassigned
Yakkety
Fix Released
Undecided
Unassigned

Bug Description

Trivial SRU of snapd that adds a missing versioned dependency for snap-confine to snapd.

It turns out there is a regression because of this if:
- you use an armhf architecture
- snapd 2.16
- snap-confine < 1.0.43

The reason is that with snapd 2.16 we use the "snap run" to start applications. This is a command written in go. On armhf the auxv vector content is critical for successfully running go commands.
But apparmor cleans that by default because it might be dangerous.
On snap-confine 1.0.43 we added an apparmor rule to relax this.

TEST CASE:
- install snapd 2.16 on an armhf/classic system (e.g. pi2)
- make sure you have snap-confine from xenial (not from xenial-updates): 1.0.38
- snap install hello
- run "hello" and verify it does not run
- install snap-confine from xenial-updates (1.0.43)
- verify that "hello" does run now

See original description
Michael Vogt (mvo)
summary: - [SRU] 2.16.1
+ [SRU] Dependency on snap-confine too weak
Michael Vogt (mvo)
description: updated
description: updated
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in snapd (Ubuntu Xenial):
status: New → Confirmed
Changed in snapd (Ubuntu):
status: New → Confirmed
Revision history for this message
John Agosta (jagosta) wrote :

can you provide an ETA for when this will be pushed as a proposed SRU?

Revision history for this message
Andy Whitcroft (apw) wrote : Please test proposed package

Hello Michael, or anyone else affected,

Accepted snapd into yakkety-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/snapd/2.16+16.10ubuntu1.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in snapd (Ubuntu Yakkety):
status: Confirmed → Fix Committed
tags: added: verification-needed
Revision history for this message
Andy Whitcroft (apw) wrote :

Hello Michael, or anyone else affected,

Accepted snapd into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/snapd/2.16ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in snapd (Ubuntu Xenial):
status: Confirmed → Fix Committed
Revision history for this message
gerald.yang (gerald-yang-tw) wrote :

Hello Michael,

The new snapd in proposed updates the dependency of ubuntu-core-launcher, but not snap-confine,
I just upgraded snapd, but the snap-confine is still the old version (1.0.38-0ubuntu0.16.04.4),
only ubuntu-core-launcher is upgraded to the latest one (1.0.43-0ubuntu1~16.04.1),
could you please help to check the dependency? thanks.

Revision history for this message
Andy Whitcroft (apw) wrote :

Hello Michael, or anyone else affected,

Accepted snapd into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/snapd/2.16ubuntu2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Revision history for this message
Andy Whitcroft (apw) wrote :

Hello Michael, or anyone else affected,

Accepted snapd into yakkety-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/snapd/2.16+16.10ubuntu1.2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Revision history for this message
Andy Whitcroft (apw) wrote :

Hello Michael, or anyone else affected,

Accepted snapd into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/snapd/2.16ubuntu3 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Revision history for this message
gerald.yang (gerald-yang-tw) wrote :

Verified pass, the new snapd (2.16ubuntu3) depends on the right version of snap-confine (>= 1.0.43).
Thanks

tags: added: verification-done
removed: verification-needed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package snapd - 2.16ubuntu3

---------------
snapd (2.16ubuntu3) xenial; urgency=medium

  * debian/control:
    - also add a dependency to "snap-confine" to unbreak armhf
      (LP: #1634236)

snapd (2.16ubuntu2) xenial; urgency=medium

  * fix FTBFS on powerpc by ensuring that share/ is available
    in the source tree

snapd (2.16ubuntu1) xenial; urgency=medium

  * debian/control:
    - fix version dependency of ubuntu-core-launcher to unbreak armhf
      (LP: #1634236)

 -- Michael Vogt <email address hidden> Tue, 18 Oct 2016 20:27:50 +0200

Changed in snapd (Ubuntu Xenial):
status: Fix Committed → Fix Released
Revision history for this message
Steve Langasek (vorlon) wrote : Update Released

The verification of the Stable Release Update for snapd has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package snapd - 2.16+16.10ubuntu1.2

---------------
snapd (2.16+16.10ubuntu1.2) yakkety; urgency=medium

  * debian/control:
     - also add a dependency to "snap-confine" to unbreak armhf
       (LP: #1634236)

 -- Michael Vogt <email address hidden> Tue, 18 Oct 2016 20:29:56 +0200

Changed in snapd (Ubuntu Yakkety):
status: Fix Committed → Fix Released
Michael Vogt (mvo)
Changed in snapd (Ubuntu):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.