/snap-confine

Prefer the "core" snap is one is available. #161

Merged
merged 4 commits into from Sep 30, 2016
+70 −6

Conversation

Reviewers

@chipaca chipaca

@jdstrand jdstrand

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
3 participants
@zyga @chipaca @jdstrand
@zyga
Collaborator

zyga commented Sep 29, 2016

This patch allows the core snap to be named just "core" (instead of
ubuntu-core). The apparmor profile is updated to allow both directories
to be used.

Fixes: https://bugs.launchpad.net/snap-confine/+bug/1628612
Signed-off-by: Zygmunt Krynicki zygmunt.krynicki@canonical.com
@zyga
Prefer the "core" snap is one is available. 
This patch allows the core snap to be named just "core" (instead of
ubuntu-core). The apparmor profile is updated to allow both directories
to be used.

Fixes: https://bugs.launchpad.net/snap-confine/+bug/1628612
Signed-off-by: Zygmunt Krynicki <zygmunt.krynicki@canonical.com>
72f8ca2
src/mount-support.c
+ * (legacy). The mount point dependes on build-time configuration and may
+ * differ from distribution to distribution.
+ **/
+static const char *sc_get_outer_core_mount_point()
@chipaca

chipaca Sep 29, 2016

Member

lurvely

@jdstrand

jdstrand reviewed Sep 29, 2016
View changes

The access() checks add a TOCTOU but this is not a security concern because the code calling sc_get_inner_core_mount_point and sc_get_outer_core_mount_point fails closed if the mount point is removed after the existence check but before the mount and mimic.

+1 on code and policy (though please address minor nitpick).

Please add tests before committing.

src/snap-confine.apparmor.in
@@ -107,7 +107,7 @@
# mount calls to setup the pivot_root based chroot with the core snap as
# the root filesystem.
- mount options=(rw bind) @SNAP_MOUNT_DIR@/ubuntu-core/*/ -> /tmp/snap.rootfs_*/,
+ mount options=(rw bind) @SNAP_MOUNT_DIR@/{ubuntu-,}core/*/ -> /tmp/snap.rootfs_*/,
@jdstrand

jdstrand Sep 29, 2016

Contributor

For consistency with other rules with alternation, can we use the equivalent {,ubuntu-} here and elsewhere instead?

@zyga

zyga Sep 29, 2016

Collaborator

Sure!

zyga added some commits Sep 30, 2016

@zyga
Use {,foo-}bar rather than {foo-,}bar 
Signed-off-by: Zygmunt Krynicki <zygmunt.krynicki@canonical.com>
423fa4b
@zyga
Add spread test cheking that core snap is preferred 
Signed-off-by: Zygmunt Krynicki <zygmunt.krynicki@canonical.com>
3e4d839
@zyga
Install the core snap in the task that tests it 
Signed-off-by: Zygmunt Krynicki <zygmunt.krynicki@canonical.com>
487b5a4

@zyga zyga merged commit 82da3ac into master Sep 30, 2016
1 check passed

1 check passed

continuous-integration/travis-ci/pr The Travis CI build passed
Details
spread-tests/main/core-is-preferred/task.yaml
+summary: The snap named 'core' is preferred to the snap 'ubuntu-core'
+prepare: |
+ snap install --devmode snapd-hacker-toolbelt
+ snap install core
@jdstrand

jdstrand Sep 30, 2016

Contributor

Wouldn't snap install ubuntu-core ; snap install core ; snap install --devmode snapd-hacker-toolbelt be better? At some point, snap install --devmode snapd-hacker-toolbelt will pull 'core' instead of 'ubuntu-core' and then this test wouldn't be testing anything any more.

@zyga

zyga Sep 30, 2016

Collaborator

The "ubuntu-core" snap is installed early in spread-prepare.sh. Even if installing snapd-hacker-toolbelt would pull in core we still install it separately. I think this is correct.

@zyga zyga deleted the core-or-ubuntu-core branch Oct 4, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment