snapd:release/2.57

Branch merges

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related charm recipes

2b1c574... by Michael Vogt on 2022-11-15

releasing package snapd version 2.57.6

1816f8d... by Alex Murray on 2022-09-26

overlord/snapmgr: Bump vulnerable snap version check

This should ensure that any older versions of snapd that are vulnerable to this
new CVE-2022-3328 are uninstalled on upgrade to the fixed version.

Signed-off-by: Alex Murray <email address hidden>

d9d8c2f... by Alex Murray on 2022-10-20

tests/main/snap-confine-drops-sys-admin: use stat to check owner/perms

The output format of ls could vary depending on the local systems locale etc whereas
the output of stat is fixed so use this instead to check file owner /
permissions.

Signed-off-by: Alex Murray <email address hidden>

21ebc51... by Alex Murray on 2022-09-19

many: Use /tmp/snap-private-tmp for per-snap private tmps

To avoid unprivileged users being able to interfere with the creation of the
private snap mount namespace, instead of creating this as /tmp/snap.$SNAP_NAME/
we can now use the systemd-tmpfiles configuration to do this for us
at boot with a known fixed name (/tmp/snap-private-tmp/) and then use that as
the base dir for creating per-snap private tmp mount
namespaces (eg. /tmp/snap-private-tmp/snap.$SNAP_INSTANCE/tmp) etc.

Signed-off-by: Alex Murray <email address hidden>

6226cdc... by Alex Murray on 2022-10-19

data: Add systemd-tmpfiles configuration to create private tmp dir

Use systemd-tmpfiles to create the private tmp mount namespace root
dir (/tmp/snap-private-tmp) on boot as owned by root with restrictive
permissions. We can use this as a known location to then create per-snap
private tmp mount namespace dirs (/tmp/snap-private-tmp/snap.$SNAP_INSTANCE)
etc.

Signed-off-by: Alex Murray <email address hidden>

84b525e... by Michael Vogt on 2022-10-17

release: 2.57.5

e5ad7c9... by Ondrej Kubik on 2022-07-06

image: clean snapd mount after preseeding

Clean left behind tmp dir for snapd mount

Signed-off-by: Ondrej Kubik <email address hidden>

b3625c0... by Michael Vogt on 2022-10-17

Merge pull request #12266 from Meulengracht/release/2.57

release: port PR 12199 and 12241

c2a6891... by ashuntu on 2022-10-12

Add /run/media and /etc/nvidia

8591522... by Samuele Pedroni on 2022-10-12

o/ifacestate: pass a pointer to the whole ConnectCandidate for convenience

thanks @mardy