** Description changed: + [Impact] + + Snaps (even in running in devmode) cannot access the /usr/src directory. + + This bug is fixed by adding /usr/src to a list of directories that are + bind mounted and thus visible to snaps in their execution environment. + + For more information about the execution environment, please see this + article http://www.zygoon.pl/2016/08/snap-execution-environment.html + + [Test Case] + + The test case can be found here: + + https://github.com/snapcore/snap-confine/blob/master/spread- + tests/regression/lp-1597842/task.yaml + + The test case is ran automatically for each pull request and for each final release. It can be reproduced manually by executing the shell commands listed in the prepare/execute/restore phases manually. + The commands there assume that snapd and snap-confine are installed. + No other additional setup is necessary. + + [Regression Potential] + + * Regression potential is minimal as the fix simply adds another + directory to a list of directories that needs to be bind mounted. + + * The fix was tested on Ubuntu via spread and on several other + distributions successfully. + + [Other Info] + + * This bug is a part of a major SRU that brings snap-confine in Ubuntu + 16.04 in line with the current upstream release 1.0.41. + + * This bug was included in an earlier SRU and is now fixed in Ubuntu. I + am updating the template here to ensure that the process is fully + documented from 1.0.38 all the way up to the current upstream release + 1.0.41. + + * snap-confine is technically an integral part of snapd which has an SRU + exception and is allowed to introduce new features and take advantage of + accelerated procedure. For more information see + https://wiki.ubuntu.com/SnapdUpdates + + == # Pre-SRU bug description follows # == + This issue is a fork of https://bugs.launchpad.net/snap- confine/+bug/1584394 The reported there required access to /usr/src having the sources for the kernel headers. I think this is something that could be handled by a dedicated interface or perhaps directly with the new content-sharing interface. We would have to be careful on how this works but on classic we could expose /usr/src this way.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1597842 Title: Allow access to the currently running kernel sources from /usr/src To manage notifications about this bug go to: https://bugs.launchpad.net/snap-confine/+bug/1597842/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
