Ubuntu
squashfs-tools package

please add -fstime patch for snap v2 checks in review tools

Bug #1548988 reported by Jamie Strandboge
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
squashfs-tools (Ubuntu)
Fix Released
Undecided
Unassigned
Trusty
Fix Released
Undecided
Unassigned

Bug Description

[Impact]
From xenial:

squashfs-tools (1:4.3-3ubuntu1) xenial; urgency=medium

  * debian/patches/0005-add-fstime.patch: add -fstime to unsquashfs to
    extract the fs superblock information and -fstime to mksquashfs to set
    the fs superblock time on create. This is needed to support Ubuntu
    Store unpack and repack checks for snappy v2 snaps.

This patch needs to be SRU'd to trusty so that Canonical machines for the Ubuntu Store can properly verify snap v2 packages and so that people running trusty can verify snap v2 packages locally.

[Test Case]
Attached is sru-tests.tar.gz that has tests to both show the bug is fixed and some tests for regressions.

$ schroot -c trusty-amd64 -u root
# apt-get install squashfs-tools
# su <your username>
$ tar -zxvf ./sru-tests.tar.gz
$ cd sru-tests
$ ./test-regression.sh
...
All tests pass

$ ./test-fixes-1548988.sh
Could not determine fstime

but with the fix:
$ ./test-fixes-1548988.sh
Parallel unsquashfs: Using 4 processors
...
./snappy-v2_0.1_all.snap: 2704f7c4815713ce75fe6ca83e7782f6e595763f5ec9003dc08a20f358ed90c0c56b571fcd348021ec51386608f2524f82f9d29d073a47b590dacf017bc9da0b
/tmp/tmp.LrTJ7UHXnE/repack.snap: 2704f7c4815713ce75fe6ca83e7782f6e595763f5ec9003dc08a20f358ed90c0c56b571fcd348021ec51386608f2524f82f9d29d073a47b590dacf017bc9da0b

SUCCESS: match

If you also want to see if it works with the review tools, can check out the review tools and then run them on a v2 snap. Eg:

$ schroot -c trusty-amd64 -u root
# apt-get install click-reviewers-tools squashfs-tools bzr python3-yaml python3-lxml
# su <your username>
$ bzr branch lp:click-reviewers-tools
$ cd click-reviewers-tools
$ PYTHONPATH=./ ./bin/click-review /tmp/snappy-v2_0.1_all.snap # from sru-tests

Warnings
--------
 - security-snap-v2:squashfs_supports_fstime
 could not determine fstime of squashfs
/tmp/snappy-v2_0.1_all.snap: FAIL

With updated squashfs-tools:
$ PYTHONPATH=./ ./bin/click-review /tmp/snappy-v2_0.1_all.snap
/tmp/snappy-v2_0.1_all.snap: pass

or:
$ PYTHONPATH=./ ./bin/click-review -v /tmp/snappy-v2_0.1_all.snap
...
 - security-snap-v2:squashfs_repack_checksum
 OK
/tmp/snappy-v2_0.1_all.snap: pass

[Regression Potential]
The chance of regression is very small because the code that is being added is for non-default options and is only run if specifying the new -fstime option to mksquashfs and unsquashfs. Furthermore this patch exists in xenial with no bugs against it since the upload.

[Other Info]
In addition to the above, I compared build logs between unpatched and patched and no new warnings or issues were found.

See original description
Jamie Strandboge (jdstrand)
Changed in squashfs-tools (Ubuntu):
status: New → Fix Released
summary: - please add -fstime patch to trusty
+ please add -fstime patch for snap v2 checks in review tools
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Here is a snap that can be used for testing.

description: updated
Revision history for this message
Jamie Strandboge (jdstrand) wrote :
description: updated
Changed in squashfs-tools (Ubuntu Trusty):
status: New → In Progress
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Uploaded 1:4.2+20130409-2ubuntu0.14.04.1 to trusty-proposed.

Revision history for this message
Brian Murray (brian-murray) wrote : Please test proposed package

Hello Jamie, or anyone else affected,

Accepted squashfs-tools into trusty-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/squashfs-tools/1:4.2+20130409-2ubuntu0.14.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in squashfs-tools (Ubuntu Trusty):
status: In Progress → Fix Committed
tags: added: verification-needed
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

From an schroot:

$ apt-cache policy squashfs-tools
squashfs-tools:
  Installed: 1:4.2+20130409-2ubuntu0.14.04.1
  Candidate: 1:4.2+20130409-2ubuntu0.14.04.1
  Version table:
 *** 1:4.2+20130409-2ubuntu0.14.04.1 0
        500 http://archive.ubuntu.com/ubuntu/ trusty-proposed/main amd64 Packages
        100 /var/lib/dpkg/status
     1:4.2+20130409-2 0
        500 http://us.archive.ubuntu.com/ubuntu/ trusty/main amd64 Packages

$ ./test-fixes-1548988.sh
...
./snappy-v2_0.1_all.snap: 2704f7c4815713ce75fe6ca83e7782f6e595763f5ec9003dc08a20f358ed90c0c56b571fcd348021ec51386608f2524f82f9d29d073a47b590dacf017bc9da0b
/tmp/tmp.1gQH2axfrb/repack.snap: 2704f7c4815713ce75fe6ca83e7782f6e595763f5ec9003dc08a20f358ed90c0c56b571fcd348021ec51386608f2524f82f9d29d073a47b590dacf017bc9da0b

SUCCESS: match

$ ./test-regression.sh
...
All tests pass

$ PYTHONPATH=./ ./bin/click-review ../snappy-v2_0.1_all.snap
../snappy-v2_0.1_all.snap: pass

$ PYTHONPATH=./ ./bin/click-review -v ../snappy-v2_0.1_all.snap
...
 - security-snap-v2:squashfs_repack_checksum
 OK

tags: added: verification-done
removed: verification-needed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package squashfs-tools - 1:4.2+20130409-2ubuntu0.14.04.1

---------------
squashfs-tools (1:4.2+20130409-2ubuntu0.14.04.1) trusty-proposed; urgency=medium

  * debian/patches/0002-add-fstime.patch: add -fstime to unsquashfs to extract
    the fs superblock information and -fstime to mksquashfs to set the fs
    superblock time on create. This is needed to support unpack and repack
    checks by the review tools for snappy. (LP: #1548988)

 -- Jamie Strandboge <email address hidden> Tue, 23 Feb 2016 14:21:55 -0600

Changed in squashfs-tools (Ubuntu Trusty):
status: Fix Committed → Fix Released
Revision history for this message
Brian Murray (brian-murray) wrote : Update Released

The verification of the Stable Release Update for squashfs-tools has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.