~ondrak/ondras-snaps/+git/snapd:macOS-image-build

Branch merges

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related charm recipes

e410717... by Ondrej Kubik on 2021-11-30

re-enable image build on macOS

Signed-off-by: Ondrej Kubik <email address hidden>

4d3ea5c... by Paweł Stołowski on 2021-11-30

Merge pull request #10979 from anonymouse64/feature/uc20-multi-volume-gadget-asset-updates-20

osutil/disks/mockdisk.go: add MockDevicePathToDiskMapping

fb502af... by Ian Johnson on 2021-11-30

interfaces/microstack-support: set controlsDeviceCgroup to true (#10975)

* interfaces/microstack-support: set controlsDeviceCgroup to true

This will prevent us from generating any udev rules which in turn should
entirely disable the enforcement of the device cgroup for processes in the
snap.

This is justified by the snap already managing cgroups of its containers and
VM's with the Delegate=true setting in serviceSnippets.

See also LP bug: https://bugs.launchpad.net/snapd/+bug/1892895 which is
partially addressed by this commit, specifically for the microstack snap which
uses the microstack-support interface.

Signed-off-by: Ian Johnson <email address hidden>

* tests: add spread test for microstack cgroup delegation

* tests/main/interfaces-microstack-support: use snap restart

This fixes the test by making it fail on master without the change to use
controlsDeviceCgroup, but passes in the branch enabling that for the interface.

Signed-off-by: Ian Johnson <email address hidden>

* tests: fix microstack-support test for cgroup v2

* i/b/microstack_support: add comment about delegation

* tests/microstack: make the service more verbose

Making the service more verbose might help debugging; these lines will
end up in journald.

* interfaces/udev/spec.go: leave TODO about cgroup interaction w/ Delegate=true

Signed-off-by: Ian Johnson <email address hidden>

Co-authored-by: Alberto Mardegan <email address hidden>

9f924e9... by Lukas Märdian on 2021-11-30

network-setup-control: add netplan generate D-Bus rules (LP: #1926442)

* network-setup-control: whitelist netplan generator

/usr/sbin/netplan is a Python wrapper around the netplan generator. The
generator binary itself is located in /usr/lib/netplan/generate and is
executed as a subprocess by its Python wrapper.

Currently a call to /usr/sbin/netplan generate fails with the following
errors:

[ 529.034756] audit: type=1400 audit(1619611886.273:702): apparmor="DENIED" operation="exec" profile="snap.network-manager.networkmanager" name="/usr/lib/netplan/generate" pid=15227 comm="netplan" requested_mask="x" denied_mask="x" fsuid=0 ouid=0
Apr 28 12:13:55 foobar network-manager.networkmanager[2280]: PermissionError: [Errno 13] Permission denied: '/lib/netplan/generate'

* tests:core: enable 'netplan generate' testing

* network-setup-control: update netplan whitelist

* network-setup-control: Allow only trusted binary to access /run/systemd/system/

* network-setup-control: allow working around the confinement by calling the io.netplan.Netplan.Generate() method

* network-setup-control: remove netplan generator from the whitelist

* tests:core:netplan: skip 'netplan generate' on UC16

* tests:core:netplan: do not test 'generate' against core16 base snap

1030559... by Michael Vogt on 2021-11-30

Merge pull request #11117 from woodrow-shen/add-dev-kmsg-support

interface/builtin/log_observe: allow to access /dev/kmsg

ec2bc08... by Samuele Pedroni on 2021-11-29

.github/workflows/test.yaml: restore failing of spread tests on errors (nested)

Merge pull request #11114 from anonymouse64/bugfix/no-pipefail-strikes-again

We need to use pipefail, otherwise the piping to tee will mean that the exit
code is always 0 and thus never actually fails the GitHub Action even when the
spread tests fail.

60d5c80... by Ian Johnson on 2021-11-29

Merge pull request #11082 from anonymouse64/feature/uc20-multi-volume-gadget-asset-updates-29

gadget: tweaks to DiskStructureDeviceTraits + expand test cases

After working on DOS disks again I realized we left out a couple settings, and
that we don't need to include the ID, since it is a bit ambiguous and difficult to
compare between two hypothetical devices.

Also add a DOS unit test case from a real Raspi.

2a81a8f... by Michael Vogt on 2021-11-29

gadget: tweak comment about PartitionType (thanks to Maciej)

e4099b4... by Michael Vogt on 2021-11-29

Merge pull request #11089 from anonymouse64/feature/nested-uc18-allow-tests-to-use-custom-core18

tests/lib/nested.sh: allow tests to use their own core18 in extra-snaps-path

ba987db... by Michael Vogt on 2021-11-29

Merge pull request #11106 from alexmurray/update-browser-support-for-edge

interfaces/browser-support: Update rules for Edge