-
Notifications
You must be signed in to change notification settings - Fork 562
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
release: 2.29.1 #4138
release: 2.29.1 #4138
Conversation
The invalid signature meant that the function was silently ignored and did nothing at all. Signed-off-by: Zygmunt Krynicki <me@zygoon.pl>
This patch adds a reflection-based test that checks signature of each specification method to be what we expect. This can catch stray silliness like the recently found ofono bug. Signed-off-by: Zygmunt Krynicki <me@zygoon.pl>
…apcore#3991)" This reverts commit 8b87ee5.
…alidation-2.29 many: make ignore-validation sticky and send the flag with refresh requests (2.29)
devmode and classic snaps are meant to run without confinement, but the udev backend unconditionally udev tags devices resulting in permission denied errors when for devices not in connected interfaces. While classic snaps currently aren't allowed to plugs interfaces, this is expected to change so fix this now too. Reference: https://forum.snapcraft.io/t/device-cgroup-is-applied-to-devmode-snap/2663 While we could simply not generate the files in /etc/udev/rules.d when in devmode or classic, we instead generate those files with commented out the udev rules. This makes the testsuite changes much smaller, but also allows someone working in devmode to see what would be done, and to adjust the file in /etc/udev/rules.d as needed when developing their snap. This adds four spread tests: devmode, classic, jailmode and strict mode. While much of the cgroup handling is done in tests/main/security-device-cgroups, these tests are more about high-level blackbox testing in the manner a developer would experience things.
…via KERNEL The serial-port interface would only udev tag connected plugs for slots with usbVendor and usbProduct but not for slots with just 'name'. Continue to udev tag via vendor and product ids if the slot provides them, otherwise udev tag with SUBSYSTEM=="tty", KERNEL="tty...". Also fix '=' vs '==' in common_test.go
…ERNEL The hidraw interface would only udev tag connected plugs for slots with usbVendor and usbProduct but not for slots with just 'name'. Continue to udev tag via vendor and product ids if the slot provides them, otherwise udev tag with SUBSYSTEM=="tty", KERNEL="tty...".
…ce cgroup uhid isn't represented in sysfs so it cannot be tagged. Add /dev/uhid to the device cgroup if it exists, and let AppArmor handle the mediation.
…e-2.29 interfaces: don't udev tag devmode or classic snaps (2.29)
Revert " wrappers: fail install if exec-line cannot be re-written
The mount rules should refer to directories, not files (the traling slash is relevant). Signed-off-by: Zygmunt Krynicki <me@zygoon.pl>
The jounalctl command in ubuntu 14.04 seems to be unreliable and we don't have the last few log lines of snapd in there. The reason is unknown. By using `snap change --last=install` we get a more reliable way to check if the snapd daemon got restarted.
cmd/snap-update-ns: fix mount rules for font sharing (2.29)
…uhid-2.29 interfaces/uhid: unconditionally add existing uhid device to the device cgroup (2.29)
…nly-name-2.29 interfaces/hidraw: udev tag plugged slots that have just 'path' via KERNEL (2.29)
…with-only-name-2.29 interfaces/serial-port: udev tag plugged slots that have just 'path' via KERNEL (2.29)
interfaces: fix incorrect signature of ofono DBusPermanentSlot (2.29)
Codecov Report
@@ Coverage Diff @@
## master #4138 +/- ##
==========================================
+ Coverage 75.61% 75.62% +<.01%
==========================================
Files 435 435
Lines 37596 37593 -3
==========================================
Hits 28430 28430
+ Misses 7175 7173 -2
+ Partials 1991 1990 -1
Continue to review full report at Codecov.
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
+1
This merges the 2.29.1 changes back into master. In addition to the changelog fixes it contains a subset of the following PRs:
#4129 - the first revert commit
#4136 - the fix for snap-confine.apparmor.in