release: 2.29.1 #4138
Merged
release: 2.29.1 #4138
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The invalid signature meant that the function was silently ignored and did nothing at all. Signed-off-by: Zygmunt Krynicki <me@zygoon.pl>
This patch adds a reflection-based test that checks signature of each specification method to be what we expect. This can catch stray silliness like the recently found ofono bug. Signed-off-by: Zygmunt Krynicki <me@zygoon.pl>
…apcore#3991)" This reverts commit 8b87ee5.
…alidation-2.29 many: make ignore-validation sticky and send the flag with refresh requests (2.29)
devmode and classic snaps are meant to run without confinement, but the udev backend unconditionally udev tags devices resulting in permission denied errors when for devices not in connected interfaces. While classic snaps currently aren't allowed to plugs interfaces, this is expected to change so fix this now too. Reference: https://forum.snapcraft.io/t/device-cgroup-is-applied-to-devmode-snap/2663 While we could simply not generate the files in /etc/udev/rules.d when in devmode or classic, we instead generate those files with commented out the udev rules. This makes the testsuite changes much smaller, but also allows someone working in devmode to see what would be done, and to adjust the file in /etc/udev/rules.d as needed when developing their snap. This adds four spread tests: devmode, classic, jailmode and strict mode. While much of the cgroup handling is done in tests/main/security-device-cgroups, these tests are more about high-level blackbox testing in the manner a developer would experience things.
…via KERNEL The serial-port interface would only udev tag connected plugs for slots with usbVendor and usbProduct but not for slots with just 'name'. Continue to udev tag via vendor and product ids if the slot provides them, otherwise udev tag with SUBSYSTEM=="tty", KERNEL="tty...". Also fix '=' vs '==' in common_test.go
…ERNEL The hidraw interface would only udev tag connected plugs for slots with usbVendor and usbProduct but not for slots with just 'name'. Continue to udev tag via vendor and product ids if the slot provides them, otherwise udev tag with SUBSYSTEM=="tty", KERNEL="tty...".
…ce cgroup uhid isn't represented in sysfs so it cannot be tagged. Add /dev/uhid to the device cgroup if it exists, and let AppArmor handle the mediation.
…e-2.29 interfaces: don't udev tag devmode or classic snaps (2.29)
Revert " wrappers: fail install if exec-line cannot be re-written
The mount rules should refer to directories, not files (the traling slash is relevant). Signed-off-by: Zygmunt Krynicki <me@zygoon.pl>
The jounalctl command in ubuntu 14.04 seems to be unreliable and we don't have the last few log lines of snapd in there. The reason is unknown. By using `snap change --last=install` we get a more reliable way to check if the snapd daemon got restarted.
cmd/snap-update-ns: fix mount rules for font sharing (2.29)
…uhid-2.29 interfaces/uhid: unconditionally add existing uhid device to the device cgroup (2.29)
…nly-name-2.29 interfaces/hidraw: udev tag plugged slots that have just 'path' via KERNEL (2.29)
…with-only-name-2.29 interfaces/serial-port: udev tag plugged slots that have just 'path' via KERNEL (2.29)
interfaces: fix incorrect signature of ofono DBusPermanentSlot (2.29)
Codecov Report
@@ Coverage Diff @@
## master #4138 +/- ##
==========================================
+ Coverage 75.61% 75.62% +<.01%
==========================================
Files 435 435
Lines 37596 37593 -3
==========================================
Hits 28430 28430
+ Misses 7175 7173 -2
+ Partials 1991 1990 -1
Continue to review full report at Codecov.
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This merges the 2.29.1 changes back into master. In addition to the changelog fixes it contains a subset of the following PRs:
#4129 - the first revert commit
#4136 - the fix for snap-confine.apparmor.in