On Mon, Apr 06, 2020 at 06:04:27PM -0000, Steve Langasek wrote: > On Mon, Apr 06, 2020 at 04:11:03PM -0000, Olivier Tilloy wrote: > > > Why is the chromium snap using per-version state directories? I think > > > fixing that would be much more important in terms of usability. > > > That's because the file format for the profile directory can change with > > new versions, and is not guaranteed to be backward-compatible. Reverting > > to an old revision shouldn't leave users with an unusable profile > > directory. > > As a user, that is far less important to me than the fact that *every single > time* there is a snap refresh, Google Meet stops working, I have to restart > Chromium, it reports that Chromium did not shut down cleanly, and part of my > session state has been lost with no chance to preserve it. > > I think the state should all be moved to the common dir until you have a way > to handle the rollback case without making the *upgrade* case terrible.
+1 to having the state moved into a common directory. Does the file format for the profile directory change between minor releases? Even if so, it isn't any different to users using the .deb and reverting or downgrading. Google Chrome users download in either .deb or .rpm. Thinking more about it, experimental.refresh-app-awareness, if configurable, will likely just force users to disable automatatic refreshes completely. Which means no updates for other snaps installed. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to chromium-browser in Ubuntu. https://bugs.launchpad.net/bugs/1616650 Title: snap refresh while command is running may cause issues Status in snapd: In Progress Status in chromium-browser package in Ubuntu: Confirmed Bug description: In testing a desktop snap that saves state in $HOME on close, I noticed that if I snap refresh the snap while the command is running that it will try to save its state to the previous snap version's data directory. For the snap I was testing (a browser), this resulted in a very poor user experience (the browser on restart complained about an improper shutdown). What is happening is that: 1. on launch the snap's HOME is set to SNAP_USER_DATA, which is something like /home/user/snap/foo/x1. The security policy correctly allows writes to SNAP_USER_DATA 2. on snap refresh to 'x2', the security policy for the snap is updated for the running process such that /home/user/snap/foo/x1 is readonly and /home/user/snap/foo/x2 is read/write 3. the command in '1's environment is not changed and HOME (as well as SNAP_USER_DATA and SNAP_DATA) are all still using 'x1' in the path 4. the command tries to shutdown gracefully and save state to the 'x1' HOME and security policy blocks it Snappy's design for rollbacks relies on the previous SNAP_DATA and SNAP_USER_DATA directories not being writable and IMHO we should not change the policy to make other snap version's data dirs writable. The design of the snappy state engine ensures (among other things) that there is only ever one security policy in place for the snap. In snappy 15.04 this problem was (intentionally) avoided because we used snap security policy that was versioned such that the new policy would not apply until the next app invocation. Gustavo and Zygmunt, you both advocated strongly for only one version of the policy on disk and loaded in the kernel and I recall bringing up this type of bug as a counter-argument, and if IIRC for daemons we said that snapd could simply restart them (makes perfect sense). Have you thought of the mechanism for restarting non-daemons? To manage notifications about this bug go to: https://bugs.launchpad.net/snapd/+bug/1616650/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp