c84a4ae...
by
Michael Vogt
on 2019-07-02
packaging: release 2.40~pre1
62bd1cd...
by
Michael Vogt
on 2019-07-02
Merge pull request #7049 from zyga/tweak/ udev-before- pivot
cmd/snap-confine: handle device cgroup before pivot
7c40873...
by
Michael Vogt
on 2019-07-02
Merge pull request #7051 from zyga/fix/ snapd-apparmor- service- no-profiles
cmd/snap- apparmor- service: quit if there are no profiles
5c70dd4...
by
"John R. Lenton" <email address hidden>
on 2019-07-01
Merge pull request #7025 from chipaca/ download- basename
cmd/snap, image: add --target-directory and --basename to 'snap download'
c9cb9e3...
by
John Lenton
on 2019-07-01
cmd/snap, tests/main/ snap-download: --target-directory in full
Also some doc tweaks. Thanks to @pedronis for the suggestions.
1d30f04...
by
"John R. Lenton" <email address hidden>
on 2019-07-01
Merge pull request #6695 from ymauray/ jack_interface
interfaces: add jack1 implicit classic interface
0ff4175...
by
John Lenton
on 2019-07-01
tests/main/ snap-download: cover the new features in spread also
b473e5c...
by
Zygmunt Krynicki
on 2019-07-01
cmd/snap-confine: allow opening libtinfo.so
When snap-confine runs snap-device-helper it now does so in the initial
host mount namespace. On openSUSE the shell is linked with libtinfo and
we get a denial, like this:
type=AVC msg=audit( 1561974565. 075:360) : apparmor="DENIED"
operation= "open" profile= "/usr/lib/ snapd/snap- confine"
name= "/lib64/ libtinfo. so.6.1" pid=7732 comm="snap- device- hel"
requested_ mask="r" denied_mask="r" fsuid=0 ouid=0
This patch fixes that by allowing this library to be loaded. As an
alternative that was considered but discarded, udev could run before
apparmor is loaded. I think we will re-visit this once cgroup v2 work
forces changes to snap-device-helper and associated code.
Signed-off-by: Zygmunt Krynicki <email address hidden>
a18187e...
by
Michael Vogt
on 2019-07-01
Merge pull request #7047 from jdstrand/ remove- unused- getresuid
cmd/snap-confine: remove newly unneeded getresuid() local assignments
1832205...
by
Michael Vogt
on 2019-07-01
Merge pull request #7019 from jdstrand/ policy- updates- xli
interfaces: miscellaneous policy updates