cmd/snap-bootstrap/initramfs-mounts: also copy /etc/machine-id for same IP addr
In order to have the same IP address in recover mode as in run mode, we need to
have /etc/machine-id be the same in recover mode and run mode, as
systemd-networkd uses that along with the interface name to generate a stable
DHCP clientid, which is what goes into DHCP lease requests.
packaging/{ubuntu,debian}: add liblzo2-dev as a dependency for building snapd
This is necessary to build squashfuse/snapfuse with lzo compression support,
which is necessary for snaps that now use lzo compression.
Not updating the non-ubuntu and non-debian package dependencies for now, as it's
unclear that using snapd inside non-ubuntu lxd containers is expected to work,
and that's the only known use-case for snapfuse right now.
Also update the lxd-snapfuse spread test to check that we can use lzo compressed
snaps inside an ubuntu lxd container now too.
cmd/snap: allow snap help vs --all to diverge purposefully
* cmd/snap: allow snap help vs --all to diverge purposefully
this allows two things:
* for some commands (and possibly entire categories) to appear only
under `snap help --all`
* to split in precise categories the commands that appear under
"...Other" (now) in `snap help`
it also makes an exception for "snap debug" to appear under --all,
maybe we should not make it hidden anymore as well?
* cmd/snap: improvements/adjustments to snap help vs --all
thanks @stolowski and @degvill
* assign prepare-image to Development and --all only
* assign create-cohort to "...more" and --all only
* Special Purpose category is no more
* debug is not hidden anymore
* try to use "... Other" vs "...more" to distinguish
continuation category vs catch-all category
* different intro "Commonly used..." for snap help vs --all
* clarify Introspection in --all as "... of snapd"
* cmd/snap: oops, fix preexisting extra blank line in snap help --all
4e0c9a0...
by
Graham Morrison <email address hidden>
snap: snap help output refresh
* help: replaced ambiguous Commands with Paths.
* help: moved refresh to Basics.
* help: moved create-cohort to more, put this in alhpha order.
* help: placed commands into alpha order. Created Devices category, and moved related commands.
* help: removed wayward comma.
* help: update after GH feedback.
* help: removed prepare image.
* reinstate preare-image for now to fix tests
switch Devices to just Device and follow the other category pattern
for the short description
snap-confine,interfaces/docker-support: allow /attr/apparmor/exec too
In addition to using /proc/<pid>/attr/apparmor/current for the profile label, we
now should also allow for writing to /proc/<pid>/attr/apparmor/exec too in place
of the existing /proc/<pid>/attr/exec file, as new libapparmor's and kernels
will use this new path.
many/apparmor: adjust rule for reading apparmor profile for new kernel
Newer kernels such as the one in groovy currently will report AppArmor status
through /proc/<pid>/attr/apparmor/current instead of /proc/<pid>/attr/current
because due to some new LSM development, the latter is used by SELinux, so the
former is now used for AppArmor and libapparmor will search on the new path
to find the current profile if the kernel exposes it.
Also adjust snapd's apparmor package to use the new path if it exists.