timeutil: fix tests to run in non-UTC timezones (#12859)
* timeutil: fix tests to run in non-UTC timezones
TestParseSchedule() has always failed for me - unless I set TZ=UTC before running go test, since one of the tested time intervals encompasses a daylight savings time transition here in my local timezone and so the result is different in this case. Consequently, since this test always fails, building the snapd deb or snap also fails for me locally. Fix this by forcing golang to use the UTC timezone when running these tests, regardless of how they were invoked.
Signed-off-by: Alex Murray <email address hidden> Co-authored-by: Miguel Pires <email address hidden>
interfaces/audio: remove write permissions in pulse folder (#12864)
Currently, any application that connects to the audio-playback or the pulseaudio insterfaces, have write permissions to the pulse/ folder. This means that a snapped malicious application would be able to delete the socket and put its own, being able to read the audio of any other snapped application.
This patch removes those permissions.
* Remove unneeded rules
The "owner /run/pulse/native/ rwk" rule is already managed by a similar previous one. Also, there is no need to allow to link the pulse folder.
Tested both in Firefox and Telegram, and everything still works fine.
interface: allow /sys/devices/platform based gpio paths (#12816)
We have a bugreport where even with an active gpio-control interface the gpio devices cannot be accessed. The path in question is: ``` /sys/devices/platform/INT33FC:02/gpio/gpio346/direction ```
Hower we only allow: ``` /sys/class/gpio/gpio[0-9]*/{active_low,direction,value,edge} rw, ``` in our gpio-control policy.
To fix that issue this commit allows gpio prefixes that start with /sys/devices/platform instead.
* interfaces: add comment about /sys/devices/platform/*/gpio/gpio[0-9]*/ in gpio-control
