Re: SNAP_USER_COMMON
02.08.2016 09:00, Didier Roche пишет: Le 02/08/2016 à 07:45, Vasilisc a écrit : test snap raise error - echo "Writing to $SNAP_USER_COMMON" mkdir -p $SNAP_USER_COMMON/platform echo "hello common" > $SNAP_USER_COMMON/common.txt -- grep -F audit syslog Aug 2 08:34:16 vb kernel: [ 2622.276193] audit: type=1400 audit(1470116056.762:34): apparmor="ALLOWED" operation="mkdir" profile="snap.test2.test2" name="/home/vasilisc/snap/test2/common/" pid=4971 comm="mkdir" requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000 Hey Vasilisc, where do you see an error in the above trace? Apparmor says "ALLOWED", so the mkdir call wasn't blocked and work as expected, or did you notice not having this directory and file created after those calls? Didier LOL command "snap run test2" output execv failed: no such file or directory BUT create empty folders ~/snap/common/ ~/snap/x1/ work solution "snap run test2; test2" =) * Isn't SNAP_USER_COMMON dir being created automatically by snapd? The launcher script in /snap/bin/ doesn't create it, and creating it manually inside the snap fails (permission denied). Running snap run app creates that folder, though (but the command fails with execv failed: No such file or directory... I have no idea how to use that command). – Bruno Nova Jul 11 at 20:14 * Yes, it should be, but it's not (a bug that's fixed in the upcoming release where snap run is used). – Kyle Jul 11 at 21:05 * Great, thank you! – Bruno Nova Jul 11 at 23:29 https://askubuntu.com/questions/762354/where-can-ubuntu-snaps-write-data -- Best regards, vasilisc -- Snapcraft mailing list Snapcraft@lists.snapcraft.io Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/snapcraft
Re: SNAP_USER_COMMON
02.08.2016 09:00, Didier Roche пишет: Le 02/08/2016 à 07:45, Vasilisc a écrit : test snap raise error - echo "Writing to $SNAP_USER_COMMON" mkdir -p $SNAP_USER_COMMON/platform echo "hello common" > $SNAP_USER_COMMON/common.txt -- grep -F audit syslog Aug 2 08:34:16 vb kernel: [ 2622.276193] audit: type=1400 audit(1470116056.762:34): apparmor="ALLOWED" operation="mkdir" profile="snap.test2.test2" name="/home/vasilisc/snap/test2/common/" pid=4971 comm="mkdir" requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000 Hey Vasilisc, where do you see an error in the above trace? Apparmor says "ALLOWED", so the mkdir call wasn't blocked and work as expected, or did you notice not having this directory and file created after those calls? Didier Code echo "Writing to $SNAP_USER_COMMON" mkdir -p $SNAP_USER_COMMON Aug 2 09:08:42 vb kernel: [ 4688.252234] audit: type=1400 audit(1470118122.727:44): apparmor="DENIED" operation="mkdir" profile="snap.test2.test2" name="/home/vasilisc/snap/test2/common/" pid=5802 comm="mkdir" requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000 -- Best regards, vasilisc -- Snapcraft mailing list Snapcraft@lists.snapcraft.io Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/snapcraft
Re: SNAP_USER_COMMON
02.08.2016 09:00, Didier Roche пишет: Le 02/08/2016 à 07:45, Vasilisc a écrit : test snap raise error - echo "Writing to $SNAP_USER_COMMON" mkdir -p $SNAP_USER_COMMON/platform echo "hello common" > $SNAP_USER_COMMON/common.txt -- grep -F audit syslog Aug 2 08:34:16 vb kernel: [ 2622.276193] audit: type=1400 audit(1470116056.762:34): apparmor="ALLOWED" operation="mkdir" profile="snap.test2.test2" name="/home/vasilisc/snap/test2/common/" pid=4971 comm="mkdir" requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000 Hey Vasilisc, where do you see an error in the above trace? Apparmor says "ALLOWED", so the mkdir call wasn't blocked and work as expected, or did you notice not having this directory and file created after those calls? Didier ALLOWED because snap package installed --devmode without --devmode Aug 2 08:57:36 vb kernel: [ 4022.034692] audit: type=1400 audit(1470117456.515:40): apparmor="DENIED" operation="mkdir" profile="snap.test2.test2" name="/home/vasilisc/snap/test2/common/" pid=5539 comm="mkdir" requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000 -- Best regards, vasilisc -- Snapcraft mailing list Snapcraft@lists.snapcraft.io Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/snapcraft
Re: SNAP_USER_COMMON
Le 02/08/2016 à 07:45, Vasilisc a écrit : > > test snap raise error > - > echo "Writing to $SNAP_USER_COMMON" > mkdir -p $SNAP_USER_COMMON/platform > echo "hello common" > $SNAP_USER_COMMON/common.txt > -- > grep -F audit syslog > > Aug 2 08:34:16 vb kernel: [ 2622.276193] audit: type=1400 > audit(1470116056.762:34): apparmor="ALLOWED" operation="mkdir" > profile="snap.test2.test2" name="/home/vasilisc/snap/test2/common/" > pid=4971 comm="mkdir" requested_mask="c" denied_mask="c" fsuid=1000 > ouid=1000 Hey Vasilisc, where do you see an error in the above trace? Apparmor says "ALLOWED", so the mkdir call wasn't blocked and work as expected, or did you notice not having this directory and file created after those calls? Didier -- Snapcraft mailing list Snapcraft@lists.snapcraft.io Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/snapcraft
SNAP_USER_COMMON
test snap raise error - echo "Writing to $SNAP_USER_COMMON" mkdir -p $SNAP_USER_COMMON/platform echo "hello common" > $SNAP_USER_COMMON/common.txt -- grep -F audit syslog Aug 2 08:34:16 vb kernel: [ 2622.276193] audit: type=1400 audit(1470116056.762:34): apparmor="ALLOWED" operation="mkdir" profile="snap.test2.test2" name="/home/vasilisc/snap/test2/common/" pid=4971 comm="mkdir" requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000 --- I readed https://askubuntu.com/questions/762354/where-can-ubuntu-snaps-write-data https://github.com/snapcore/snapd/pull/1396 How it is correct to use a variable SNAP_USER_COMMON from snap package? -- Best regards, vasilisc -- Snapcraft mailing list Snapcraft@lists.snapcraft.io Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/snapcraft
Re: Pithos snap
Will do. Thanks for the update! On Aug 1, 2016 12:54 PM, "Jamie Strandboge" wrote: > On Mon, 2016-08-01 at 12:47 -0400, Aaron Honeycutt wrote: > > So I just want on an update from snapd? And then use that in my yaml? > > > > Yes, but I think some things are going to change in the PR so I advise not > changing yet or keeping an eye on the PR. > > > On Aug 1, 2016 12:43 PM, "Jamie Strandboge" wrote: > > > > > > > > On Mon, 2016-08-01 at 10:45 -0400, Aaron Honeycutt wrote: > > > > > > > > Heyo all! > > > > > > > Hi! > > > > > > > > > > > [3] https://bugs.launchpad.net/snappy/+bug/1590679 > > > > > > > > I've gotten around 1 and 2 thanks to the cool folks in #snappy on IRC > > > > freenode but 3 is still holding me and I'm sure other folks back. > > > Today, you can install with --devmode and publish to the store in > > > non-stable > > > channels with 'confinement: devmode' in your yaml and be unblocked. > > > > > > There is an exploratory PR for this bug: > > > https://github.com/snapcore/snapd/pull/1446/files > > > > > > This bug and PR came up last week which rekindled discussions that > allows > > > me to > > > get this PR moving again. Stay tuned-- this bug should be fixed in a > new > > > snapd > > > release soon (2.12 or later). > > > > > > -- > > > Jamie Strandboge | http://www.canonical.com > > > > > > > -- > Jamie Strandboge | http://www.canonical.com > > -- Snapcraft mailing list Snapcraft@lists.snapcraft.io Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/snapcraft
Re: Pithos snap
On Mon, 2016-08-01 at 12:47 -0400, Aaron Honeycutt wrote: > So I just want on an update from snapd? And then use that in my yaml? > Yes, but I think some things are going to change in the PR so I advise not changing yet or keeping an eye on the PR. > On Aug 1, 2016 12:43 PM, "Jamie Strandboge" wrote: > > > > > On Mon, 2016-08-01 at 10:45 -0400, Aaron Honeycutt wrote: > > > > > > Heyo all! > > > > > Hi! > > > > > > > > [3] https://bugs.launchpad.net/snappy/+bug/1590679 > > > > > > I've gotten around 1 and 2 thanks to the cool folks in #snappy on IRC > > > freenode but 3 is still holding me and I'm sure other folks back. > > Today, you can install with --devmode and publish to the store in > > non-stable > > channels with 'confinement: devmode' in your yaml and be unblocked. > > > > There is an exploratory PR for this bug: > > https://github.com/snapcore/snapd/pull/1446/files > > > > This bug and PR came up last week which rekindled discussions that allows > > me to > > get this PR moving again. Stay tuned-- this bug should be fixed in a new > > snapd > > release soon (2.12 or later). > > > > -- > > Jamie Strandboge | http://www.canonical.com > > > > -- Jamie Strandboge | http://www.canonical.com signature.asc Description: This is a digitally signed message part -- Snapcraft mailing list Snapcraft@lists.snapcraft.io Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/snapcraft
Re: Pithos snap
So I just want on an update from snapd? And then use that in my yaml? On Aug 1, 2016 12:43 PM, "Jamie Strandboge" wrote: > On Mon, 2016-08-01 at 10:45 -0400, Aaron Honeycutt wrote: > > Heyo all! > > > Hi! > > > [3] https://bugs.launchpad.net/snappy/+bug/1590679 > > > > I've gotten around 1 and 2 thanks to the cool folks in #snappy on IRC > > freenode but 3 is still holding me and I'm sure other folks back. > > Today, you can install with --devmode and publish to the store in > non-stable > channels with 'confinement: devmode' in your yaml and be unblocked. > > There is an exploratory PR for this bug: > https://github.com/snapcore/snapd/pull/1446/files > > This bug and PR came up last week which rekindled discussions that allows > me to > get this PR moving again. Stay tuned-- this bug should be fixed in a new > snapd > release soon (2.12 or later). > > -- > Jamie Strandboge | http://www.canonical.com > > -- Snapcraft mailing list Snapcraft@lists.snapcraft.io Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/snapcraft
Re: Pithos snap
On Mon, 2016-08-01 at 10:45 -0400, Aaron Honeycutt wrote: > Heyo all! > Hi! > [3] https://bugs.launchpad.net/snappy/+bug/1590679 > > I've gotten around 1 and 2 thanks to the cool folks in #snappy on IRC > freenode but 3 is still holding me and I'm sure other folks back. Today, you can install with --devmode and publish to the store in non-stable channels with 'confinement: devmode' in your yaml and be unblocked. There is an exploratory PR for this bug: https://github.com/snapcore/snapd/pull/1446/files This bug and PR came up last week which rekindled discussions that allows me to get this PR moving again. Stay tuned-- this bug should be fixed in a new snapd release soon (2.12 or later). -- Jamie Strandboge | http://www.canonical.com signature.asc Description: This is a digitally signed message part -- Snapcraft mailing list Snapcraft@lists.snapcraft.io Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/snapcraft
Re: Overriding seccomp policy: shm_open
On Mon, 2016-08-01 at 07:27 +0200, Simon Fels wrote:
> On 01.08.2016 06:55, Jacob Zimmermann wrote:
> >
> > Hi
> >
> > I'm trying to get my hands on snapcraft by building a snap of "Hatari"
> > (Atari ST emulator). I got it working nicely in devmode but it won't run
> > under strict confinement, specifically it gets killed when attempting to
> > execute shm_open().
> >
> > Based on whatever little information I could gather I tried to override
> > the default policy like so:
> >
> > apps:
> > hatari:
> > command: hatari
> > plugs: [home, unity7, hatari-permissions]
> >
> > ...
> >
> > plugs:
> > hatari-permissions:
> > type: old-security
> > security-override:
> > syscalls: [shm_open]
> The old-security interface is not available any more. To be able to
> further comment on the problem you hit here it will be good to know for
> what the Hatari emulator wants to use the shm_open syscall.
>
> >
> > But no avail, it just won't let it use this syscall. I couldn't find
> > anything in the docs about how is it supposed to be done.
> To allow your snap to use the syscall shm_open it needs to use an
> interface which allows this. Its very likely that in this case there is
> no appropriate interface yet. As stated above we need to first find out
> what the emulator tries to do with shm_open here before we can judge
> further what kind of interface it would need.
>
shm_open() is allowed in the default policy for seccomp and if the path conforms
to this from the default policy for apparmor, then there should be no issues:
# App-specific access to files and directories in /dev/shm. We allow file
# access in /dev/shm for shm_open() and files in subdirectories for open()
/{dev,run}/shm/snap.@{SNAP_NAME}.** mrwlkix,
I suspect you need to adjust hatari to use (perhaps conditionally if SNAP env
var is set, up to you) shm_open("snap.hatari.XX", ...) or similar.
--
Jamie Strandboge | http://www.canonical.com
signature.asc
Description: This is a digitally signed message part
--
Snapcraft mailing list
Snapcraft@lists.snapcraft.io
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/snapcraft
Re: Can not launch atom-cwayne.atom
Hi, You'll need to install with --devmode, and it should work. I need to upload a new version to make that clearer. Thanks Chris On Mon, Aug 1, 2016 at 5:22 AM, Howy Wang wrote: > Hi All, > > I just installed the snap, atom-cwayne.atom of snappy-playpen, but it > can't be used after installation. My snapcraft verson is 2.13.1, and snapd > version is 2.0.10 on Ubuntu 16.04 -64 bits. May I know which problems on > my environment? > > The following information is for your reference. > howy@howy-Vostro-14-5480:~$ atom-cwayne.atom > howy@howy-Vostro-14-5480:~*$ /snap/atom-cwayne/1/bin/atom: line 108: > /usr/bin/nohup: Permission denied* > howy@howy-Vostro-14-5480:~$ sudo snap refresh atom-cwayne > error: cannot perform the following tasks: > - Download snap "atom-cwayne" from channel "stable" (revision 1 of snap > "atom-cwayne" already installed) > howy@howy-Vostro-14-5480:~$ sudo atom-cwayne.atom > sudo: atom-cwayne.atom: command not found > howy@howy-Vostro-14-5480:~$ snapcraft --version > 2.13.1 > > Thank you. > > -- > Snapcraft mailing list > Snapcraft@lists.snapcraft.io > Modify settings or unsubscribe at: > https://lists.ubuntu.com/mailman/listinfo/snapcraft > > -- Snapcraft mailing list Snapcraft@lists.snapcraft.io Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/snapcraft
Pithos snap
Heyo all! I've hit the following bugs trying to make a snap of the new 1.2.0 release of Pith - a pandora GNOME desktop player. [1] https://bugs.launchpad.net/ubuntu/+source/snapcraft/+bug/1590831 [2] https://bugs.launchpad.net/snappy/+bug/1583250 [3] https://bugs.launchpad.net/snappy/+bug/1590679 I've gotten around 1 and 2 thanks to the cool folks in #snappy on IRC freenode but 3 is still holding me and I'm sure other folks back. -- Snapcraft mailing list Snapcraft@lists.snapcraft.io Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/snapcraft
Re: GeoClue
On 08/01/2016 02:02 AM, David Chen wrote: > > Btw, I learned there is a snapcraft pull option "--enable-geoip", does > it have anything to do with this topic? > No, this relates to the package repository URLs used by snapcraft. Without this option enabled snapcraft will use the repositories configured on your system. With it enabled it will use the repositories closest to you as determined by your IP address. signature.asc Description: OpenPGP digital signature -- Snapcraft mailing list Snapcraft@lists.snapcraft.io Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/snapcraft
Snaps on Yocto/OpenEmbedded
Hey everyone, after an idea during the sprint in Heidelberg I've quickly created a meta-snappy layer for Yocto/OpenEmbedded which now brings snaps to any Yocto/OpenEmbedded based operating system (assuming it runs systemd). The relevant git repository and instructions how to get started are available at https://github.com/morphis/meta-snappy If you find any problems I am happy to review and accept pull-requests! Happy hacking! regards, Simon -- Snapcraft mailing list Snapcraft@lists.snapcraft.io Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/snapcraft
Re: GeoClue
On Mon, Aug 1, 2016 at 11:02 AM, David Chen wrote:
> Hi,
>
> I am trying to make a snap for a weatherinfo example which I got from Qt
> creator. The problem I am having is, it seems to require "geoclue-master"
> and "ubuntu-geoip-provider" both running in order to get the location info.
The weatherinfo example uses QtPositioning/Location internally. Both
fall back to a default
backend, which is probably selected as Ubuntu's Geoip provider by default.
For testing purposes, and if you are willing to alter some source code:
you could switch to the simulator backend that comes as part of the Qt
positioning source. In "void AppModel::networkSessionOpened()",
change:
d->src = QGeoPositionInfoSource::createDefaultSource(this);
to
d->src = QGeoPositionInfoSource::createSource("simulator", this);
> Since GeoClue is D-Bus related, I am wondering if there is a recommended way
> to make it work under snappy, or if there is any suggestion for this type of
> location service related apps?
>
We have two interfaces "location-control" and "location-observe" in
place. Both talk to the location-service as available on Ubuntu phones
today.
We are working on uploading a snap of the location-service with a
pre-configured dummy setup that allows for rapid testing of
location-based snaps.
Upload should happen really soon.
Hope that helps,
Thomas
> Btw, I learned there is a snapcraft pull option "--enable-geoip", does it
> have anything to do with this topic?
>
> Thanks and Regards,
>
> --
>
> DAVID CHEN
>
>
> --
> Snapcraft mailing list
> Snapcraft@lists.snapcraft.io
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/snapcraft
>
--
Snapcraft mailing list
Snapcraft@lists.snapcraft.io
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/snapcraft
Can not launch atom-cwayne.atom
Hi All, I just installed the snap, atom-cwayne.atom of snappy-playpen, but it can't be used after installation. My snapcraft verson is 2.13.1, and snapd version is 2.0.10 on Ubuntu 16.04 -64 bits. May I know which problems on my environment? The following information is for your reference. howy@howy-Vostro-14-5480:~$ atom-cwayne.atom howy@howy-Vostro-14-5480:~*$ /snap/atom-cwayne/1/bin/atom: line 108: /usr/bin/nohup: Permission denied* howy@howy-Vostro-14-5480:~$ sudo snap refresh atom-cwayne error: cannot perform the following tasks: - Download snap "atom-cwayne" from channel "stable" (revision 1 of snap "atom-cwayne" already installed) howy@howy-Vostro-14-5480:~$ sudo atom-cwayne.atom sudo: atom-cwayne.atom: command not found howy@howy-Vostro-14-5480:~$ snapcraft --version 2.13.1 Thank you. -- Snapcraft mailing list Snapcraft@lists.snapcraft.io Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/snapcraft
GeoClue
Hi, I am trying to make a snap for a weatherinfo example which I got from Qt creator. The problem I am having is, it seems to require "geoclue-master" and "ubuntu-geoip-provider" both running in order to get the location info. Since GeoClue is D-Bus related, I am wondering if there is a recommended way to make it work under snappy, or if there is any suggestion for this type of location service related apps? Btw, I learned there is a snapcraft pull option "--enable-geoip", does it have anything to do with this topic? Thanks and Regards, -- * DAVID CHEN** * -- Snapcraft mailing list Snapcraft@lists.snapcraft.io Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/snapcraft
