** Also affects: snap-confine (Ubuntu)
Importance: Undecided
Status: New
** Also affects: snap-confine (Ubuntu Xenial)
Importance: Undecided
Status: New
** Changed in: snap-confine (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1613845
Title:
Juju snap can no longer interact with LXD in devmode
Status in Snappy Launcher:
Fix Released
Status in snap-confine package in Ubuntu:
Fix Released
Status in snap-confine source package in Xenial:
New
Bug description:
[Impact]
Snaps running in devmode cannot interact with LXD installed in the
classic distribution. This happens because the chroot in which all
snaps execute there is no /var/lib/lxd directory (it is not a part of
the core snap).
That directory doesn't exist so it cannot be bind-mounted from the
classic distribution. Without access to this directory there's no way
to access the lxd socket located inside.
This bug is fixed by adding a quirk system where snap-confine can
mount tmpfs over /var/lib and populate that tmpfs with a forest of
bind mounts to the contents of /var/lib in the core snap. This leaves
us with a tmpfs, not a read only squashfs so /var/lib/lxd can be now
created and bind mounted on demand.
For more information about the execution environment, please see this
article http://www.zygoon.pl/2016/08/snap-execution-environment.html
[Test Case]
The test case can be found here:
https://github.com/snapcore/snap-confine/blob/master/spread-
tests/regression/lp-1613845/task.yaml
The test case is ran automatically for each pull request and for each final
release. It can be reproduced manually by executing the shell commands listed
in the prepare/execute/restore phases manually.
The commands there assume that snapd and snap-confine are installed.
No other additional setup is necessary.
[Regression Potential]
* Regression potential is small but the code change is more invasive
so careful review and testing is recommended. The way this feature
operates may interact with the namespace sharing feature that is
introduced in 1.0.41.
As a known limitation (namespace sharing is not yet finalised and will
be extended to support live mutation in subsequent releases) if the
/var/lib/lxd directory does *not* exist on the classic distribution
before a snap that wishes to use it is first started it will not be
able to see the directory until the machine is re-started. In
subsequent releases of snap-confine, snapd and snap-confine will
collaborate to modify existing namespaces in reaction to changes in
the mount configuration profile. At that time we can also investigate
if quirks need to be adjusted in response to changes in the system.
* The fix was tested on Ubuntu via spread.
[Other Info]
* This bug is a part of a major SRU that brings snap-confine in Ubuntu
16.04 in line with the current upstream release 1.0.41.
* snap-confine is technically an integral part of snapd which has an
SRU exception and is allowed to introduce new features and take
advantage of accelerated procedure. For more information see
https://wiki.ubuntu.com/SnapdUpdates
== # Pre-SRU bug description follows # ==
The juju snap package can no longer use LXD as a substrate, presumably
because of changes to bind mounts. To replicate, assuming you have LXD
installed and configured:
snap install juju --beta --devmode
/snap/bin/juju bootstrap lxd lxd
This command should complete successfully and did work until recently.
Now, instead you get;
ERROR invalid config: can't connect to the local LXD server: LXD
socket not found; is LXD installed & running?
Please install LXD by running:
$ sudo apt-get install lxd
and then configure it with:
$ newgrp lxd
$ lxd init
To manage notifications about this bug go to:
https://bugs.launchpad.net/snap-confine/+bug/1613845/+subscriptions
_______________________________________________
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help : https://help.launchpad.net/ListHelp
