[Bug 1612120] Re: $SNAP_USER_DATA is no longer created by snap-confine but is not yet created by snapd
** Description changed: + [Impact] + + Snaps cannot access $SNAP_USER_DATA directory because snap-confine des + not create it. + + This bug is fixed by reverting code that was removed from snap-confine + that used to create this directory. This was done because at the time + snapd developers introduced a feature where snapd itself would create + the appropriate directory but this change took longer to enable than + anticipated and in result, for a while, neither program did this. + + Now snap-confine tries to create the directory even if snapd also does + it earlier. This ensures that in the execution environment the snap + application can rely on this directory to be in place. + + For more information about the execution environment, please see this + article http://www.zygoon.pl/2016/08/snap-execution-environment.html + + [Test Case] + + The test case can be found here: + + https://github.com/snapcore/snap-confine/blob/master/spread-tests/user- + data-dir-created/task.yaml + + The test case is ran automatically for each pull request and for each final release. It can be reproduced manually by executing the shell commands listed in the prepare/execute/restore phases manually. + The commands there assume that snapd and snap-confine are installed. + No other additional setup is necessary. + + [Regression Potential] + + * Regression potential is minimal as this code used to exist in snap- + confine before. + + * The fix was tested on Ubuntu via spread and on several other + distributions successfully. + + [Other Info] + + * This bug is a part of a major SRU that brings snap-confine in Ubuntu + 16.04 in line with the current upstream release 1.0.41. + + * This bug was included in an earlier SRU and is now fixed in Ubuntu. I + am updating the template here to ensure that the process is fully + documented from 1.0.38 all the way up to the current upstream release + 1.0.41. + + * snap-confine is technically an integral part of snapd which has an SRU + exception and is allowed to introduce new features and take advantage of + accelerated procedure. For more information see + https://wiki.ubuntu.com/SnapdUpdates + + == # Pre-SRU bug description follows # == + We've noticed that the code that creates the $SNAP_USER_DATA directory has now been removed from snap-confine for the past few releases but the corresponding code in snapd, that depends on snap-exec, is not yet active. This has lead to some snaps that rely on it to have no way to create per-user data directories. TEST CASE: 1. sudo snap install bluez 2. sudo systemctl status snap.bluez.obex 3. verify that it fails to start the service 4. install snapd from xenial-proposed 5. snap remove bluez 6. snap install bluez 7. repeat (2) 8. verify that it works this time ** Description changed: [Impact] - Snaps cannot access $SNAP_USER_DATA directory because snap-confine des + Snaps cannot access $SNAP_USER_DATA directory because snap-confine does not create it. This bug is fixed by reverting code that was removed from snap-confine that used to create this directory. This was done because at the time snapd developers introduced a feature where snapd itself would create the appropriate directory but this change took longer to enable than anticipated and in result, for a while, neither program did this. Now snap-confine tries to create the directory even if snapd also does it earlier. This ensures that in the execution environment the snap application can rely on this directory to be in place. For more information about the execution environment, please see this article http://www.zygoon.pl/2016/08/snap-execution-environment.html [Test Case] The test case can be found here: https://github.com/snapcore/snap-confine/blob/master/spread-tests/user- data-dir-created/task.yaml The test case is ran automatically for each pull request and for each final release. It can be reproduced manually by executing the shell commands listed in the prepare/execute/restore phases manually. The commands there assume that snapd and snap-confine are installed. No other additional setup is necessary. [Regression Potential] - * Regression potential is minimal as this code used to exist in snap- + * Regression potential is minimal as this code used to exist in snap- confine before. * The fix was tested on Ubuntu via spread and on several other distributions successfully. [Other Info] * This bug is a part of a major SRU that brings snap-confine in Ubuntu 16.04 in line with the current upstream release 1.0.41. * This bug was included in an earlier SRU and is now fixed in Ubuntu. I am updating the template here to ensure that the process is fully documented from 1.0.38 all the way up to the current upstream release 1.0.41. * snap-confine is technically an integral part of snapd which has an SRU exception and is allowed to introduce new
[Bug 1612120] Re: $SNAP_USER_DATA is no longer created by snap-confine but is not yet created by snapd
This bug was fixed in the package snap-confine - 1.0.38-0ubuntu0.16.04.8 --- snap-confine (1.0.38-0ubuntu0.16.04.8) xenial; urgency=medium * debian/patches/04_not_die_unknown_locations.patch: - move to /tmp if the current location can not be preserved (LP: #1612684) snap-confine (1.0.38-0ubuntu0.16.04.7) xenial; urgency=medium * fix apparmor rules when a snap is run on new-style encrypted home with sudo (LP: #1612291) snap-confine (1.0.38-0ubuntu0.16.04.6) xenial; urgency=medium * fix apparmor rules when a snap is run on encrypted home with sudo (LP: #1612291) snap-confine (1.0.38-0ubuntu0.16.04.5) xenial; urgency=medium * 03_fix_snap_user_data_regression.patch: - fix regression in autopkgtest with snap-confine when the SNAP_USER_DATA directory is not created for services (LP: #1612120) -- Michael Vogt Fri, 12 Aug 2016 16:45:17 +0200 ** Changed in: snap-confine (Ubuntu Xenial) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1612120 Title: $SNAP_USER_DATA is no longer created by snap-confine but is not yet created by snapd To manage notifications about this bug go to: https://bugs.launchpad.net/snap-confine/+bug/1612120/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1612120] Re: $SNAP_USER_DATA is no longer created by snap-confine but is not yet created by snapd
This is fixed with the 1.0.40 upload to yakkety ** Changed in: snap-confine (Ubuntu) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1612120 Title: $SNAP_USER_DATA is no longer created by snap-confine but is not yet created by snapd To manage notifications about this bug go to: https://bugs.launchpad.net/snap-confine/+bug/1612120/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1612120] Re: $SNAP_USER_DATA is no longer created by snap-confine but is not yet created by snapd
** Changed in: snap-confine Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1612120 Title: $SNAP_USER_DATA is no longer created by snap-confine but is not yet created by snapd To manage notifications about this bug go to: https://bugs.launchpad.net/snap-confine/+bug/1612120/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1612120] Re: $SNAP_USER_DATA is no longer created by snap-confine but is not yet created by snapd
Verified with current snap-confine: fgimenez@innsmouth:~$ apt-cache policy snap-confine snap-confine: Installed: 1.0.38-0ubuntu0.16.04.4 Candidate: 1.0.38-0ubuntu0.16.04.4 Version table: *** 1.0.38-0ubuntu0.16.04.4 500 500 http://es.archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages 100 /var/lib/dpkg/status fgimenez@innsmouth:~$ sudo snap installl bluez [sudo] password for fgimenez: error: Unknown command `installl', did you mean `install'? fgimenez@innsmouth:~$ sudo snap install bluez 1.97 MB / 2.27 MB [==>__] 86.72 % 1.22 MB/s fgimenez@innsmouth:~$ systemctl status snap.bluez.obex.service ● snap.bluez.obex.service - Service for snap application bluez.obex Loaded: loaded (/etc/systemd/system/snap.bluez.obex.service; enabled; vendor preset: enabled) Active: inactive (dead) (Result: exit-code) since lun 2016-08-15 16:10:39 CEST; 35s ago Process: 32582 ExecStart=/usr/bin/ubuntu-core-launcher snap.bluez.obex snap.bluez.obex /snap/bluez/6/command-obex.wrapper (code=exited, status=1/FAILURE) Main PID: 32582 (code=exited, status=1/FAILURE) ago 15 16:10:39 innsmouth systemd[1]: snap.bluez.obex.service: Main process exited, code=exited, status=1/FAILURE ago 15 16:10:39 innsmouth systemd[1]: snap.bluez.obex.service: Unit entered failed state. ago 15 16:10:39 innsmouth systemd[1]: snap.bluez.obex.service: Failed with result 'exit-code'. ago 15 16:10:39 innsmouth systemd[1]: snap.bluez.obex.service: Service hold-off time over, scheduling restart. ago 15 16:10:39 innsmouth systemd[1]: Stopped Service for snap application bluez.obex. ago 15 16:10:39 innsmouth systemd[1]: snap.bluez.obex.service: Start request repeated too quickly. ago 15 16:10:39 innsmouth systemd[1]: Failed to start Service for snap application bluez.obex. fgimenez@innsmouth:~$ sudo snap remove bluez bluez removed fgimenez@innsmouth:~$ apt-cache policy snap-confine snap-confine: Installed: 1.0.38-0ubuntu0.16.04.8 Candidate: 1.0.38-0ubuntu0.16.04.8 Version table: *** 1.0.38-0ubuntu0.16.04.8 500 500 http://archive.ubuntu.com/ubuntu xenial-proposed/main amd64 Packages 100 /var/lib/dpkg/status 1.0.38-0ubuntu0.16.04.4 500 500 http://es.archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages fgimenez@innsmouth:~$ sudo snap install bluez 1.83 MB / 2.27 MB [===>_] 80.53 % 1.12 MB/s bluez (stable) 5.37-1 from 'canonical' installed fgimenez@innsmouth:~$ systemctl status snap.bluez.obex.service ● snap.bluez.obex.service - Service for snap application bluez.obex Loaded: loaded (/etc/systemd/system/snap.bluez.obex.service; enabled; vendor preset: enabled) Active: active (running) since lun 2016-08-15 16:12:36 CEST; 3s ago Main PID: 1180 (obexd) Tasks: 1 Memory: 1.4M CPU: 29ms CGroup: /system.slice/snap.bluez.obex.service └─1180 /snap/bluez/6/usr/lib/bluetooth/obexd ago 15 16:12:36 innsmouth systemd[1]: Started Service for snap application bluez.obex. ago 15 16:12:36 innsmouth obexd[1180]: OBEX daemon 5.37 ** Tags removed: verification-needed ** Tags added: verification-done -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1612120 Title: $SNAP_USER_DATA is no longer created by snap-confine but is not yet created by snapd To manage notifications about this bug go to: https://bugs.launchpad.net/snap-confine/+bug/1612120/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1612120] Re: $SNAP_USER_DATA is no longer created by snap-confine but is not yet created by snapd
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: snap-confine (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1612120 Title: $SNAP_USER_DATA is no longer created by snap-confine but is not yet created by snapd To manage notifications about this bug go to: https://bugs.launchpad.net/snap-confine/+bug/1612120/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1612120] Re: $SNAP_USER_DATA is no longer created by snap-confine but is not yet created by snapd
** Description changed: We've noticed that the code that creates the $SNAP_USER_DATA directory has now been removed from snap-confine for the past few releases but the corresponding code in snapd, that depends on snap-exec, is not yet active. This has lead to some snaps that rely on it to have no way to create per-user data directories. + + TEST CASE: + 1. sudo snap install bluez + 2. sudo systemctl status snap.bluez.obex + 3. verify that it fails to start the service + 4. install snapd from xenial-proposed + 5. snap remove bluez + 6. snap install bluez + 7. repeat (2) + 8. verify that it works this time -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1612120 Title: $SNAP_USER_DATA is no longer created by snap-confine but is not yet created by snapd To manage notifications about this bug go to: https://bugs.launchpad.net/snap-confine/+bug/1612120/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1612120] Re: $SNAP_USER_DATA is no longer created by snap-confine but is not yet created by snapd
** Also affects: snap-confine (Ubuntu) Importance: Undecided Status: New ** Also affects: snap-confine (Ubuntu Xenial) Importance: Undecided Status: New ** Changed in: snap-confine (Ubuntu Xenial) Status: New => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1612120 Title: $SNAP_USER_DATA is no longer created by snap-confine but is not yet created by snapd To manage notifications about this bug go to: https://bugs.launchpad.net/snap-confine/+bug/1612120/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs