El 02/09/16 a las 11:10, Gustavo Niemeyer escribió:
On Fri, Sep 2, 2016 at 10:35 AM, Tony Espy <[email protected] <mailto:[email protected]>> wrote:On 09/01/2016 06:15 PM, Gustavo Niemeyer wrote: Hello all, With assertions finally being put to great use, it's time to kill the term "sideloading". That term does a disservice to our conversations, because it is vague and also limits the thinking around what is possible. I have a question related to "sideloading" a snap. Yesterday while testing a fix for our network-manager snap, I refreshed my rpi2 ( running the 'experimental' image ) which resulted in a new ubuntu-core snap, which I discovered now enforces the assertion that a snap must be signed in order to install, even when side-loaded. I was told on #snappy that I could circumvent this check via the --force-dangerous parameter, which worked for me. I was also told that this parameter may just be shortened to "--dangerous", and that "--devmode" may cause this to automatically set. Indeed, we'll do those changes in the next couple of days. My question is what is the process for getting a snap signed? Is this something that's done automatically when a snap is published to the store?Yes, the goal is for the whole process to be mostly transparent. When you build a snap you'll get an assertion next to it saying that you built it. When you upload it, the assertion is shipped to the server, the snap gets additional server assertions backing that process. No effort on the developer end.The snap I was testing was built by launchpad. Is it possible to sign a snap locally ( ie. like debsign )?Yes, Launchpad is likely using snapcraft already, which means it'll do that by default once updated. We'll need to put a developer key there, though.
So I guess what Tony might get value on knowing is which assertion needs to be available to avoid --devmode/--dangerous.
Sergio and Colin Watson should know more details here.
Maybe subscribe to https://github.com/snapcore/snapcraft/pull/726 and https://bugs.launchpad.net/snapcraft/+bug/1612730
gustavo @ http://niemeyer.net
-- Snapcraft mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/snapcraft
