Snappy

snappy:revert-14679-550-server-broken-packaging

  1. Git
  2. lp:snappy
  3. revert-14679-550-server-broken-packaging
Last commit made on 2024-10-31
Get this branch:
git clone -b revert-14679-550-server-broken-packaging https://git.launchpad.net/snappy

Branch merges

Branch information

Name:
revert-14679-550-server-broken-packaging
Repository:
lp:snappy

Recent commits

3df26da... by Andrew Phelps <email address hidden>

Revert "tests/main/nvidia-files: set ubuntu-20.04-64/550-server to broken pac…"

This reverts commit e445cd48c5dce295fe3c36a3199657559339a8b2.

e445cd4... by Andrew Phelps <email address hidden>

tests/main/nvidia-files: set ubuntu-20.04-64/550-server to broken packaging in table of expectations (#14679)

6a3d539... by Andrew Phelps <email address hidden>

c/snap-mgmt: unmount components before unmounting snaps (#14664)

* c/snap-mgmt: unmount components before unmounting snaps

* tests: remove unneeded "snap remove" from restore block

* c/snap-mgmt: drop unneeded variable

* packaging, tests: update snapd.postrm scripts to unmount components before snaps

6103ac7... by Alex Murray

.github/workflows/coverity-scan.yaml: add github action for Coverity (#14654)

Since the scan.coverity.com API throttles submissions, run weekly for now.

Signed-off-by: Alex Murray <email address hidden>

cc90a8b... by Maciej Borzecki

data/selinux: remove timedatex (#14670)

0e4e07d... by Andrew Phelps <email address hidden>

c/snap-bootstrap: import users from hybrid system into recovery system (#14521)

* c/snap-bootstrap: import users from hybrid system into recovery system

* tests/nested/manual/muinstaller-real: test imported users from hybrid system

* cmd/snap-bootstrap, tests/nested/manual/muinstaller-real: hack extra-paths into initrd via spread test

* c/snap-bootstrap: make sure to only import system users and groups from base

While the base should only contain system users and groups in practice,
it is best to prevent this explicitly. If that assumption is incorrect,
then blindly importing all users and groups from the base could lead to
UID and GID conflicts.

* c/snap-bootstrap: add internal tests for hybrid user import code

* c/snap-bootstrap: rename copyUbuntuDataAuth to copyCoreUbuntuAuthData

* c/snap-bootstrap: add doc comment for copyHybridUbuntuDataAuth

* c/snap-bootstrap: update doc comments for copyNetworkConfig and copyNetworkConfig

* tests/lib/muinstaller: move comment

* tests/nested/manual/muinstaller-real: clean up indentation

* c/snap-bootstrap: reduce scope of variable and add comment

* c/snap-bootstrap: lift filepath calculations out of loop

* c/snap-bootstrap: add TODO about base being mounted on /sysroot

* c/snap-bootstrap: add some logs when we skip importing users

* c/snap-bootstrap: replace imported shell with /bin/bash

* c/snap-bootstrap: remove duplicate checks to prevent importing system users and groups

* c/snap-bootstrap: simplify filter for system users

* c/snap-bootstrap: add some more doc comments

* c/snap-bootstrap: use more consistent naming

* c/snap-bootstrap: allow importing users that do not have a shell set in passwd (and omit the colon too)

* c/snap-bootstrap: import all users and groups from the base, skip any users from hybrid system that share a uid/gid

* c/snap-bootstrap: only import users that have shells that appear in etc/shells in the hybrid rootfs

* c/snap-bootstrap: do not import users/groups from hybrid system that have conflicting names with users/groups in base system

* c/snap-bootstrap: add a default list of shells to allow if etc/shells is not readable in hybrid rootfs

* c/snap-bootstrap: do not copy .profile when importing users from hybrid systems

* tests/nested/manual/muinstaller-real: fix test on core24

bf33538... by Miguel Pires

many: refactor registry errors and add GetView function (#14645)

* registry: refactor NotFoundError errors and clarify messages

Signed-off-by: Miguel Pires <email address hidden>

* overlord: refactor get view

Adds a GetView function to registrystate so it can be used in several
places. Also removes usages of Set from ctlcmd tests since the next PR
will remove its last usage from api_registry at which point we want to
remove it altogether.

Signed-off-by: Miguel Pires <email address hidden>

---------

Signed-off-by: Miguel Pires <email address hidden>

8c76dde... by Maciej Borzecki

tests/lib/prepare: use correct section for snapd service overrides related to service restarts (#14660)

StartLimitBurst and StartLimitIntervalSec should be placed in the unit section.

Signed-off-by: Maciej Borzecki <email address hidden>

d014695... by Andrew Phelps <email address hidden>

tests: disable some tests that no longer work on core18 (#14662)

Tests snapd-refresh-vs-services-reboots and snapd-refresh-vs-services no
longer work on core18 because the kernel on core18 uses snap-declaration
assertion format 5. These tests use snapd version 2.29.2, which only
supports format 4 of snap-declaration assertions.

bcaa4e6... by Oliver Calder

tests: add apparmor prompting integration tests (#14518)

* tests: add simple apparmor prompting integration tests

Signed-off-by: Oliver Calder <email address hidden>

* tests/lib/tools: correct tests.session exec usage statement

Since the `exec` argument handler includes a `break` statement, all
further arguments are treated as the command to run and potential
arguments to that command. Thus, the `-u`, `-p`, and `--` arguments
cannot occur after `exec`.

This commit changes the usage statement to reflect this, since all
existing tests use `tests.session [-u USER] [-p PID_FILE] exec <CMD>`
rather than `tests.session exec [-u USER] [-p PID_FILE] -- <CMD>`.

Since `--` is unused and cannot work with `exec` given the former's
`break` statement, remove the `--` argument.

Signed-off-by: Oliver Calder <email address hidden>

* tests: fix apparmor prompting integration tests

Signed-off-by: Oliver Calder <email address hidden>

* tests: add shellcheck exceptions for apparmor prompting tests

Signed-off-by: Oliver Calder <email address hidden>

* tests: add download file tests for apparmor prompting

Signed-off-by: Oliver Calder <email address hidden>

* tests: fix apparmor prompting tests script ownership

Signed-off-by: Oliver Calder <email address hidden>

* tests: add apparmor prompting rule timespan tests

Signed-off-by: Oliver Calder <email address hidden>

* tests: fix rule timeout in timespan deny test for apparmor prompting

Signed-off-by: Oliver Calder <email address hidden>

* tests: add apparmor prompting tests for explicit rule conflict

Signed-off-by: Oliver Calder <email address hidden>

* tests: move prompting scripted client invocation to main task and reduce sleeps

Signed-off-by: Oliver Calder <email address hidden>

* tests: add prompting tests for writes actioned by other pid

Signed-off-by: Oliver Calder <email address hidden>

* tests: make prompt actioned by other pid tests not block on dir lock

When creating a new file is blocked on a reply to a request prompt, the
directory in which the file will be created is locked from other writes.
Thus, we can't queue up multiple outstanding writes on files in the same
directory. Instead, we must write files in different directories in
order for this test to succeed.

Signed-off-by: Oliver Calder <email address hidden>

* tests: clarify comments around directory locking in prompting tests

Signed-off-by: Oliver Calder <email address hidden>

* tests: clarify apparmor prompting test comments and add debug rules

Signed-off-by: Oliver Calder <email address hidden>

* tests: add prompting tests for writing/reading existing files

Signed-off-by: Oliver Calder <email address hidden>

* tests: fix prompting tests which queue up creates and reply single

Signed-off-by: Oliver Calder <email address hidden>

* tests: address review comments on prompting integration tests

Signed-off-by: Oliver Calder <email address hidden>

* tests: fix unwanted shell expansion in apparmor prompting tests

Signed-off-by: Oliver Calder <email address hidden>

* tests: improve checks for snapd restart after enabling prompting

Signed-off-by: Oliver Calder <email address hidden>

* tests: prompting integration tests wait for particular client with test dir to terminate

Signed-off-by: Oliver Calder <email address hidden>

* tests: fix apparmor prompting pgrep, pkill, and NOMATCH usage

Signed-off-by: Oliver Calder <email address hidden>

* tests: fix bugs in prompting integration tests found by shellcheck

Signed-off-by: Oliver Calder <email address hidden>

* tests: fix prompting integration tests support check on older systems

Signed-off-by: Oliver Calder <email address hidden>

* tests: increase restart timeout after enabling apparmor prompting

Signed-off-by: Oliver Calder <email address hidden>

* tests: fix snapd restart check to actually re-check pid

Signed-off-by: Oliver Calder <email address hidden>

* tests: move apparmor prompting snap install client to execute with retry

Signed-off-by: Oliver Calder <email address hidden>

* tests: move apparmor prompting client snap install back to prepare

Signed-off-by: Oliver Calder <email address hidden>

* tests: adjust prompting download file tests now that rules may overlap

Now that https://github.com/canonical/snapd/pull/14538 has landed, rules
may overlap as long as their outcomes do not conflict. As such, the
download_file_defaults test case is no longer expected to fail.

Signed-off-by: Oliver Calder <email address hidden>

* tests: fix prompting test case where client expects error

Signed-off-by: Oliver Calder <email address hidden>

---------

Signed-off-by: Oliver Calder <email address hidden>