- snapd (2.54.3-1.1+rpi1) bookworm-staging; urgency=medium
++snapd (2.57.6-1+rpi1) bookworm-staging; urgency=medium
+
+ [changes brought forward from 2.27.2-2+rpi1 by Peter Michael Green <plugwash@raspbian.org> at Thu, 24 Aug 2017 17:53:18 +0000]
+ * Treat unknown derivatives the same as Debian.
+ * Disable testsuite.
+ * Fix clean target.
+
- -- Raspbian forward porter <root@raspbian.org> Fri, 05 Aug 2022 14:27:48 +0000
++ -- Raspbian forward porter <root@raspbian.org> Sun, 04 Dec 2022 12:24:55 +0000
++
+ snapd (2.57.6-1) unstable; urgency=high
+
+ * SECURITY UPDATE: Local privilege escalation
+ - snap-confine: Fix race condition in snap-confine when preparing a
+ private tmp mount namespace for a snap
+ - CVE-2022-3328
+ * sync packaging changes from upstream
+ * d/p/0015-fix-build-5bd97b39a03.patch:
+ - cherry-pick 5bd97b39a03 to build FTBFS
+ * d/p/0016-skip-TestPopulateFromSeedWithConnectHook.patch:
+ - skip TestPopulateFromSeedWithConnectHook as it does not
+ converge
+
+ -- Michael Vogt <mvo@debian.org> Thu, 01 Dec 2022 17:35:36 +0100
+
+ snapd (2.57.5-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1983035
+ - image: clean snapd mount after preseeding
+ - wrappers,snap/quota: clear LogsDirectory= in the service unit
+ for journal namespaces
+ - cmd/snap,daemon: allow zero values from client to daemon for
+ journal rate-limit
+ - interfaces: steam-support allow pivot /run/media and /etc/nvidia
+ mount
+ - o/ifacestate: introduce DebugAutoConnectCheck hook
+ - release, snapd-apparmor, syscheck: distinguish WSL1 and WSL2
+ - autopkgtests: fix running autopkgtest on kinetic
+ - interfaces: add microceph interface
+ - interfaces: steam-support allow additional mounts
+ - many: add stub services
+ - interfaces: add kconfig paths to system-observe
+ - i/b/system_observe: honour root dir when checking for
+ /boot/config-*
+ - interfaces: grant access to speech-dispatcher socket
+ - interfaces: rework logic of unclashMountEntries
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Mon, 17 Oct 2022 18:25:18 +0200
+
+ snapd (2.57.4-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1983035
+ - release, snapd-apparmor: fixed outdated WSL detection
+ - overlord/ifacestate: fix conflict detection of auto-connection
+ - overlord: run install-device hook during factory reset
+ - image/preseed/preseed_linux: add missing new line
+ - boot: add factory-reset cases for boot-flags.
+ - interfaces: added read/write access to /proc/self/coredump_filter
+ for process-control
+ - interfaces: add read access to /proc/cgroups and
+ /proc/sys/vm/swappiness to system-observe
+ - fde: run fde-reveal-key with `DefaultDependencies=no`
+ - snapdenv: added wsl to userAgent
+ - tests: fix restore section for persistent-journal-namespace
+ - i/b/mount-control: add optional `/` to umount rules
+ - cmd/snap-bootstrap: changes to be able to boot classic rootfs
+ - cmd/snap-bootstrap: add CVM mode
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 29 Sep 2022 09:54:21 +0200
+
+ snapd (2.57.3-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1983035
+ - wrappers: journal namespaces did not honor journal.persistent
+ - snap/quota,wrappers: allow using 0 values for the journal rate to
+ override the system default values
+ - multiple: clear up naming convention for cpu-set quota
+ - i/b/mount-control: allow custom filesystem types
+ - i/b/system-observe: allow reading processes security label
+ - sandbox/cgroup: don't check V1 cgroup if V2 is active
+ - asserts,boot,secboot: switch to a secboot version measuring
+ classic
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 15 Sep 2022 12:37:30 +0200
+
+ snapd (2.57.2-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1983035
+ - store/tooling,tests: support UBUNTU_STORE_URL override env var
+ - packaging/*/tests/integrationtests: reload ssh.service, not
+ sshd.service
+ - tests: check snap download with snapcraft v7+ export-login auth
+ data
+ - store/tooling: support using snapcraft v7+ base64-encoded auth
+ data
+ - many: progress bars should use the overridable stdouts
+ - many: refactor store code to be able to use simpler form of auth
+ creds
+ - snap,store: drop support/consideration for anonymous download urls
+ - data: include snapd/mounts in preseeded blob
+ - many: Set SNAPD_APPARMOR_REEXEC=1
+ - overlord: track security profiles for non-active snaps
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Fri, 02 Sep 2022 17:56:46 +0200
+
+ snapd (2.57.1-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1983035
+ - cmd/snap-update-ns: handle mountpoint removal failures with EBUSY
+ - cmd/snap-update-ns: print current mount entries
+ - cmd/snap-update-ns: check the unused mounts with a cleaned path
+ - snap-confine: disable -Werror=array-bounds in __overflow tests to
+ fix build error on Ubuntu 22.10
+ - systemd: add `WantedBy=default.target` to snap mount units
+ (LP: #1983528)
+
+ -- Alberto Mardegan <alberto.mardegan@canonical.com> Wed, 10 Aug 2022 09:30:50 +0300
+
+ snapd (2.57-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1983035
+ - tests: Fix calls to systemctl is-system-running
+ - osutil/disks: handle GPT for 4k disk and too small tables
+ - packaging: import change from the 2.54.3-1.1 upload
+ - many: revert "features: disable refresh-app-awarness by default
+ again"
+ - tests: improve robustness of preparation for regression/lp-1803542
+ - tests: get the ubuntu-image binary built with test keys
+ - tests: remove commented code from lxd test
+ - interfaces/builtin: add more permissions for steam-support
+ - tests: skip interfaces-network-control on i386
+ - tests: tweak the "tests/nested/manual/connections" test
+ - interfaces: posix-mq: allow specifying message queue paths as an
+ array
+ - bootloader/assets: add ttyS0,115200n8 to grub.cfg
+ - i/b/desktop,unity7: remove name= specification on D-Bus signals
+ - tests: ensure that microk8s does not produce DENIED messages
+ - many: support non-default provenance snap-revisions in
+ DeriveSideInfo
+ - tests: fix `core20-new-snapd-does-not-break-old-initrd` test
+ - many: device and provenance revision authority cross checks
+ - tests: fix nested save-data test on 22.04
+ - sandbox/cgroup: ignore container slices when tracking snaps
+ - tests: improve 'ignore-running' spread test
+ - tests: add `debug:` section to `tests/nested/manual/connections`
+ - tests: remove leaking `pc-kernel.snap` in `repack_kernel_snap`
+ - many: preparations for revision authority cross checks including
+ device scope
+ - daemon,overlord/servicestate: followup changes from PR #11960 to
+ snap logs
+ - cmd/snap: fix visual representation of 'AxB%' cpu quota modifier.
+ - many: expose and support provenance from snap.yaml metadata
+ - overlord,snap: add support for per-snap storage on ubuntu-save
+ - nested: fix core-early-config nested test
+ - tests: revert lxd change to support nested lxd launch
+ - tests: add invariant check for leftover cgroup scopes
+ - daemon,systemd: introduce support for namespaces in 'snap logs'
+ - cmd/snap: do not track apps that wish to stay outside of the life-
+ cycle system
+ - asserts: allow classic + snaps models and add distribution to
+ model
+ - cmd/snap: add snap debug connections/connection commands
+ - data: start snapd after time-set.target
+ - tests: remove ubuntu 21.10 from spread tests due to end of life
+ - tests: Update the whitebox word to avoid inclusive naming issues
+ - many: mount gadget in run folder
+ - interfaces/hardware-observe: clean up reading access to sysfs
+ - tests: use overlayfs for interfaces-opengl-nvidia test
+ - tests: update fake-netplan-apply test for 22.04
+ - tests: add executions for ubuntu 22.04
+ - tests: enable centos-9
+ - tests: make more robust the files check in preseed-core20 test
+ - bootloader/assets: add fallback entry to grub.cfg
+ - interfaces/apparmor: add permissions for per-snap directory on
+ ubuntu-save partition
+ - devicestate: add more path to `fixupWritableDefaultDirs()`
+ - boot,secboot: reset DA lockout counter after successful boot
+ - many: Revert "overlord,snap: add support for per-snap storage on
+ ubuntu-save"
+ - overlord,snap: add support for per-snap storage on ubuntu-save
+ - tests: exclude centos-7 from kernel-module-load test
+ - dirs: remove unused SnapAppArmorAdditionalDir
+ - boot,device: extract SealedKey helpers from boot to device
+ - boot,gadget: add new `device.TpmLockoutAuthUnder()` and use it
+ - interfaces/display-control: allow changing brightness value
+ - asserts: add more context to key expiry error
+ - many: introduce IsUndo flag in LinkContext
+ - i/apparmor: allow calling which.debianutils
+ - tests: new profile id for apparmor in test preseed-core20
+ - tests: detect 403 in apt-hooks and skip test in this case
+ - overlord/servicestate: restart the relevant journald service when
+ a journal quota group is modified
+ - client,cmd/snap: add journal quota frontend (5/n)
+ - gadget/device: introduce package which provides helpers for
+ locations of things
+ - features: disable refresh-app-awarness by default again
+ - many: install bash completion files in writable directory
+ - image: fix handling of var/lib/extrausers when preseeding
+ uc20
+ - tests: force version 2.48.3 on xenial ESM
+ - tests: fix snap-network-erros on uc16
+ - cmd/snap-confine: be compatible with a snap rootfs built as a
+ tmpfs
+ - o/snapstate: allow install of unasserted gadget/kernel on
+ dangerous models
+ - interfaces: dynamic loading of kernel modules
+ - many: add optional primary key provenance to snap-revision, allow
+ delegating via snap-declaration revision-authority
+ - tests: fix boringcripto errors in centos7
+ - tests: fix snap-validate-enforce in opensuse-tumbleweed
+ - test: print User-Agent on failed checks
+ - interfaces: add memory stats to system_observe
+ - interfaces/pwm: Remove implicitOnCore/implicitOnClassic
+ - spread: add openSUSE Leap 15.4
+ - tests: disable core20-to-core22 nested test
+ - tests: fix nested/manual/connections test
+ - tests: add spread test for migrate-home command
+ - overlord/servicestate: refresh security profiles when services are
+ affected by quotas
+ - interfaces/apparmor: add missing apparmor rules for journal
+ namespaces
+ - tests: add nested test variant that adds 4k sector size
+ - cmd/snap: fix test failing due to timezone differences
+ - build-aux/snap: build against the snappy-dev/image PPA
+ - daemon: implement api handler for refresh with enforced validation
+ sets
+ - preseed: suggest to install "qemu-user-static"
+ - many: add migrate-home debug command
+ - o/snapstate: support passing validation sets to storehelpers via
+ RevisionOptions
+ - cmd/snapd-apparmor: fix unit tests on distros which do not support
+ reexec
+ - o/devicestate: post factory reset ensure, spread test update
+ - tests/core/basic20: Enable on uc22
+ - packaging/arch: install snapd-apparmor
+ - o/snapstate: support migrating snap home as change
+ - tests: enable snapd.apparmor service in all the opensuse systems
+ - snapd-apparmor: add more integration-ish tests
+ - asserts: store required revisions for missing snaps in
+ CheckInstalledSnaps
+ - overlord/ifacestate: fix path for journal redirect
+ - o/devicestate: factory reset with encryption
+ - cmd/snapd-apparmor: reimplement snapd-apparmor in Go
+ - squashfs: improve error reporting when `unsquashfs` fails
+ - o/assertstate: support multiple extra validation sets in
+ EnforcedValidationSets
+ - tests: enable mount-order-regression test for arm devices
+ - tests: fix interfaces network control
+ - interfaces: update AppArmor template to allow read the memory …
+ - cmd/snap-update-ns: add /run/systemd to unrestricted paths
+ - wrappers: fix LogNamespace being written to the wrong file
+ - boot: release the new PCR handles when sealing for factory reset
+ - tests: add support fof uc22 in test uboot-unpacked-assets
+ - boot: post factory reset cleanup
+ - tests: add support for uc22 in listing test
+ - spread.yaml: add ubuntu-22.04-06 to qemu-nested
+ - gadget: check also mbr type when testing for implicit data
+ partition
+ - interfaces/system-packages-doc: allow read-only access to
+ /usr/share/cups/doc-root/ and /usr/share/gimp/2.0/help/
+ - tests/nested/manual/core20-early-config: revert changes that
+ disable netplan checks
+ - o/ifacestate: warn if the snapd.apparmor service is disabled
+ - tests: add spread execution for fedora 36
+ - overlord/hookstate/ctlcmd: fix timestamp coming out of sync in
+ unit tests
+ - gadget/install: do not assume dm device has same block size as
+ disk
+ - interfaces: update network-control interface with permissions
+ required by resolvectl
+ - secboot: stage and transition encryption keys
+ - secboot, boot: support and use alternative PCR handles during
+ factory reset
+ - overlord/ifacestate: add journal bind-mount snap layout when snap
+ is in a journal quota group (4/n)
+ - secboot/keymgr, cmd/snap-fde-keymgr: two step encryption key
+ change
+ - cmd/snap: cleanup and make the code a bit easier to read/maintain
+ for quota options
+ - overlord/hookstate/ctlcmd: add 'snapctl model' command (3/3)
+ - cmd/snap-repair: fix snap-repair tests silently failing
+ - spread: drop openSUSE Leap 15.2
+ - interfaces/builtin: remove the name=org.freedesktop.DBus
+ restriction in cups-control AppArmor rules
+ - wrappers: write journald config files for quota groups with
+ journal quotas (3/n)
+ - o/assertstate: auto aliases for apps that exist
+ - o/state: use more detailed NoStateError in state
+ - tests/main/interfaces-browser-support: verify jupyter notebooks
+ access
+ - o/snapstate: exclude services from refresh app awareness hard
+ running check
+ - tests/main/nfs-support: be robust against umount failures
+ - tests: update centos images and add new centos 9 image
+ - many: print valid/invalid status on snap validate --monitor
+ - secboot, boot: TPM provisioning mode enum, introduce
+ reprovisioning
+ - tests: allow to re-execute aborted tests
+ - cmd/snapd-apparmor: add explicit WSL detection to
+ is_container_with_internal_policy
+ - tests: avoid launching lxd inside lxd on cloud images
+ - interfaces: extra htop apparmor rules
+ - gadget/install: encrypted system factory reset support
+ - secboot: helpers for dealing with PCR handles and TPM resources
+ - systemd: improve error handling for systemd-sysctl command
+ - boot, secboot: separate the TPM provisioning and key sealing
+ - o/snapstate: fix validation sets restoring and snap revert on
+ failed refresh
+ - interfaces/builtin/system-observe: extend access for htop
+ - cmd/snap: support custom apparmor features dir with snap prepare-
+ image
+ - interfaces/mount-observe: Allow read access to /run/mount/utab
+ - cmd/snap: add help strings for set-quota options
+ - interfaces/builtin: add README file
+ - cmd/snap-confine: mount support cleanups
+ - overlord: execute snapshot cleanup in task
+ - i/b/accounts_service: fix path of introspectable objects
+ - interfaces/opengl: update allowed PCI accesses for RPi
+ - configcore: add core.system.ctrl-alt-del-action config option
+ - many: structured startup timings
+ - spread: switch back to building ubuntu-image from source
+ - many: optional recovery keys
+ - tests/lib/nested: fix unbound variable
+ - run-checks: fail on equality checks w/ ErrNoState
+ - snap-bootstrap: Mount as private
+ - tests: Test for gadget connections
+ - tests: set `br54.dhcp4=false` in the netplan-cfg test
+ - tests: core20 preseed/nested spread test
+ - systemd: remove the systemctl stop timeout handling
+ - interfaces/shared-memory: Update AppArmor permissions for
+ mmap+link
+ - many: replace ErrNoState equality checks w/ errors.Is()
+ - cmd/snap: exit w/ non-zero code on missing snap
+ - systemd: fix snapd systemd-unit stop progress notifications
+ - .github: Trigger daily riscv64 snapd edge builds
+ - interfaces/serial-port: add ttyGS to serial port allow list
+ - interfaces/modem-manager: Don't generate DBus plug policy
+ - tests: add spread test to test upgrade from release snapd to
+ current
+ - wrappers: refactor EnsureSnapServices
+ - testutil: add ErrorIs test checker
+ - tests: import spread shellcheck changes
+ - cmd/snap-fde-keymgr: best effort idempotency of add-recovery-key
+ - interfaces/udev: refactor handling of udevadm triggers for input
+ - secboot: support for changing encryption keys via keymgr
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 28 Jul 2022 16:59:39 +0200
+
+ snapd (2.56.3-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1974147
+ - devicestate: add more path to `fixupWritableDefaultDirs()`
+ - many: introduce IsUndo flag in LinkContext
+ - i/apparmor: allow calling which.debianutils
+ - interfaces: update AppArmor template to allow reading snap's
+ memory statistics
+ - interfaces: add memory stats to system_observe
+ - i/b/{mount,system}-observe: extend access for htop
+ - features: disable refresh-app-awarness by default again
+ - image: fix handling of var/lib/extrausers when preseeding
+ uc20
+ - interfaces/modem-manager: Don't generate DBus policy for plugs
+ - interfaces/modem-manager: Only generate DBus plug policy on
+ Core
+ - interfaces/serial_port_test: fix static-checks errors
+ - interfaces/serial-port: add USB gadget serial devices (ttyGSX) to
+ allowed list
+ - interface/serial_port_test: adjust variable IDs
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Wed, 13 Jul 2022 09:26:57 +0200
+
+ snapd (2.56.2-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1974147
+ - o/snapstate: exclude services from refresh app awareness hard
+ running check
+ - cmd/snap: support custom apparmor features dir with snap
+ prepare-image
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Wed, 15 Jun 2022 14:22:31 +0200
+
+ snapd (2.56.1-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1974147
+ - gadget/install: do not assume dm device has same block size as
+ disk
+ - gadget: check also mbr type when testing for implicit data
+ partition
+ - interfaces: update network-control interface with permissions
+ required by resolvectl
+ - interfaces/builtin: remove the name=org.freedesktop.DBus
+ restriction in cups-control AppArmor rules
+ - many: print valid/invalid status on snap validate --monitor ...
+ - o/snapstate: fix validation sets restoring and snap revert on
+ failed refresh
+ - interfaces/opengl: update allowed PCI accesses for RPi
+ - interfaces/shared-memory: Update AppArmor permissions for
+ mmap+linkpaths
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Wed, 15 Jun 2022 09:57:54 +0200
+
+ snapd (2.56-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1974147
+ - portal-info: Add CommonID Field
+ - asserts/info,mkversion.sh: capture max assertion formats in
+ snapd/info
+ - tests: improve the unit testing workflow to run in parallel
+ - interfaces: allow map and execute permissions for files on
+ removable media
+ - tests: add spread test to verify that connections are preserved if
+ snap refresh fails
+ - tests: Apparmor sandbox profile mocking
+ - cmd/snap-fde-keymgr: support for multiple devices and
+ authorizations for add/remove recovery key
+ - cmd/snap-bootstrap: Listen to keyboard added after start and
+ handle switch root
+ - interfaces,overlord: add support for adding extra mount layouts
+ - cmd/snap: replace existing code for 'snap model' to use shared
+ code in clientutil (2/3)
+ - interfaces: fix opengl interface on RISC-V
+ - interfaces: allow access to the file locking for cryptosetup in
+ the dm-crypt interface
+ - interfaces: network-manager: add AppArmor rule for configuring
+ bridges
+ - i/b/hardware-observe.go: add access to the thermal sysfs
+ - interfaces: opengl: add rules for NXP i.MX GPU drivers
+ - i/b/mount_control: add an optional "/" to the mount target rule
+ - snap/quota: add values for journal quotas (journal quota 2/n)
+ - tests: spread test for uc20 preseeding covering snap prepare-image
+ - o/snapstate: remove deadcode breaking static checks
+ - secboot/keymgr: extend unit tests, add helper for identify keyslot
+ used error
+ - tests: use new snaps.name and snaps.cleanup tools
+ - interfaces: tweak getPath() slightly and add some more tests
+ - tests: update snapd testing tools
+ - client/clientutil: add shared code for printing model assertions
+ as yaml or json (1/3)
+ - debug-tools: list all snaps
+ - cmd/snap: join search terms passed in the command line
+ - osutil/disks: partition UUID lookup
+ - o/snapshotstate: refactor snapshot read/write logic
+ - interfaces: Allow locking in block-devices
+ - daemon: /v2/system-recovery-keys remove API
+ - snapstate: do not auto-migrate to ~/Snap for core22 just yet
+ - tests: run failed tests by default
+ - o/snapshotstate: check installed snaps before running 'save' tasks
+ - secboot/keymgr: remove recovery key, authorize with existing key
+ - deps: bump libseccomp to include build fixes, run unit tests using
+ CC=clang
+ - cmd/snap-seccomp: only compare the bottom 32-bits of the flags arg
+ of copy_file_range
+ - osutil/disks: helper for obtaining the UUID of a partition which
+ is a mount point source
+ - image/preseed: umount the base snap last after writable paths
+ - tests: new set of nested tests for uc22
+ - tests: run failed tests on nested suite
+ - interfaces: posix-mq: add new interface
+ - tests/main/user-session-env: remove openSUSE-specific tweaks
+ - tests: skip external backend in mem-cgroup-disabled test
+ - snap/quota: change the journal quota period to be a time.Duration
+ - interfaces/apparmor: allow executing /usr/bin/numfmt in the base
+ template
+ - tests: add lz4 dependency for jammy to avoid issues repacking
+ kernel
+ - snap-bootstrap, o/devicestate: use seed parallelism
+ - cmd/snap-update-ns: correctly set sticky bit on created
+ directories where applicable
+ - tests: install snapd while restoring in snap-mgmt
+ - .github: skip misspell and ineffassign on go 1.13
+ - many: use UC20+/pre-UC20 in user messages as needed
+ - o/devicestate: use snap handler for copying and checksuming
+ preseeded snaps
+ - image, cmd/snap-preseed: allow passing custom apparmor features
+ path
+ - o/assertstate: fix handling of validation set tracking update in
+ enforcing mode
+ - packaging: restart our units only after the upgrade
+ - interfaces: add a steam-support interface
+ - gadget/install, o/devicestate: do not create recovery and
+ reinstall keys during installation
+ - many: move recovery key responsibility to devicestate/secboot,
+ prepare for a future with just optional recovery key
+ - tests: do not run mem-cgroup-disabled on external backends
+ - snap: implement "star" developers
+ - o/devicestate: fix install tests on systems with
+ /var/lib/snapd/snap
+ - cmd/snap-fde-keymgr, secboot: followup cleanups
+ - seed: let SnapHandler provided a different final path for snaps
+ - o/devicestate: implement maybeApplyPreseededData function to apply
+ preseed artifact
+ - tests/lib/tools: add piboot to boot_path()
+ - interfaces/builtin: shared-memory drop plugs allow-installation:
+ true
+ - tests/main/user-session-env: for for opensuse
+ - cmd/snap-fde-keymgr, secboot: add a tiny FDE key manager
+ - tests: re-execute the failed tests when "Run failed" label is set
+ in the PR
+ - interfaces/builtin/custom-device: fix unit tests on hosts with
+ different libexecdir
+ - sandbox: move profile load/unload to sandbox/apparmor
+ - cmd/snap: handler call verifications for cmd_quota_tests
+ - secboot/keys: introduce a package for secboot key types, use the
+ package throughout the code base
+ - snap/quota: add journal quotas to resources.go
+ - many: let provide a SnapHandler to Seed.Load*Meta*
+ - osutil: allow setting desired mtime on the AtomicFile, preserve
+ mtime on copy
+ - systemd: add systemd.Run() wrapper for systemd-run
+ - tests: test fresh install of core22-based snap (#11696)
+ - tests: initial set of tests to uc22 nested execution
+ - o/snapstate: migration overwrites existing snap dir
+ - tests: fix interfaces-location-control tests leaking provider.py
+ process
+ - tests/nested: fix custom-device test
+ - tests: test migration w/ revert, refresh and XDG dir creation
+ - asserts,store: complete support for optional primary key headers
+ for assertions
+ - seed: support parallelism when loading/verifying snap metadata
+ - image/preseed, cmd/snap-preseed: create and sign preseed assertion
+ - tests: Initial changes to run nested tests on uc22
+ - o/snapstate: fix TestSnapdRefreshTasks test after two r-a-a PRs
+ - interfaces: add ACRN hypervisor support
+ - o/snapstate: exclude TypeSnapd and TypeOS snaps from refresh-app-
+ awareness
+ - features: enable refresh-app-awareness by default
+ - libsnap-confine-private: show proper error when aa_change_onexec()
+ fails
+ - i/apparmor: remove leftover comment
+ - gadget: drop unused code in unit tests
+ - image, store: move ToolingStore to store/tooling package
+ - HACKING: update info for snapcraft remote build
+ - seed: return all essential snaps found if no types are given to
+ LoadEssentialMeta
+ - i/b/custom_device: fix generation of udev rules
+ - tests/nested/manual/core20-early-config: disable netplan checks
+ - bootloader/assets, tests: add factory-reset mode, test non-
+ encrypted factory-reset
+ - interfaces/modem-manager: add support for Cinterion modules
+ - gadget: fully support multi-volume gadget asset updates in
+ Update() on UC20+
+ - i/b/content: use slot.Lookup() as suggested by TODO comment
+ - tests: install linux-tools-gcp on jammy to avoid bpftool
+ dependency error
+ - tests/main: add spread tests for new cpu and thread quotas
+ - snap-debug-info: print validation sets and validation set
+ assertions
+ - many: renaming related to inclusive language part 2
+ - c/snap-seccomp: update syscalls to match libseccomp 2657109
+ - github: cancel workflows when pushing to pull request branches
+ - .github: use reviewdog action from woke tool
+ - interfaces/system-packages-doc: allow read-only access to
+ /usr/share/gtk-doc
+ - interfaces: add max_map_count to system-observe
+ - o/snapstate: print pids of running processes on BusySnapError
+ - .github: run woke tool on PR's
+ - snapshots: follow-up on exclusions PR
+ - cmd/snap: add check switch for snap debug state
+ - tests: do not run mount-order-regression test on i386
+ - interfaces/system-packages-doc: allow read-only access to
+ /usr/share/xubuntu-docs
+ - interfaces/hardware_observe: add read access for various devices
+ - packaging: use latest go to build spread
+ - tests: Enable more tests for UC22
+ - interfaces/builtin/network-control: also allow for mstp and bchat
+ devices too
+ - interfaces/builtin: update apparmor profile to allow creating
+ mimic over /usr/share*
+ - data/selinux: allow snap-update-ns to mount on top of /var/snap
+ inside the mount ns
+ - interfaces/cpu-control: fix apparmor rules of paths with CPU ID
+ - tests: remove the file that configures nm as default
+ - tests: fix the change done for netplan-cfg test
+ - tests: disable netplan-cfg test
+ - cmd/snap-update-ns: apply content mounts before layouts
+ - overlord/state: add a helper to detect cyclic dependencies between
+ tasks in change
+ - packaging/ubuntu-16.04/control: recommend `fuse3 | fuse`
+ - many: change "transactional" flag to a "transaction" option
+ - b/piboot.go: check EEPROM version for RPi4
+ - snap/quota,spread: raise lower memory quota limit to 640kb
+ - boot,bootloader: add missing grub.cfg assets mocks in some tests
+ - many: support --ignore-running with refresh many
+ - tests: skip the test interfaces-many-snap-provided in
+ trusty
+ - o/snapstate: rename XDG dirs during HOME migration
+ - cmd/snap,wrappers: fix wrong implementation of zero count cpu
+ quota
+ - i/b/kernel_module_load: expand $SNAP_COMMON in module options
+ - interfaces/u2f-devices: add Solo V2
+ - overlord: add missing grub.cfg assets mocks in manager_tests.go
+ - asserts: extend optional primary keys support to the in-memory
+ backend
+ - tests: update the lxd-no-fuse test
+ - many: fix failing golangci checks
+ - seed,many: allow to limit LoadMeta to snaps of a precise mode
+ - tests: allow ubuntu-image to be built with a compatible snapd tree
+ - o/snapstate: account for repeat migration in ~/Snap undo
+ - asserts: start supporting optional primary keys in fs backend,
+ assemble and signing
+ - b/a: do not set console in kernel command line for arm64
+ - tests/main/snap-quota-groups: fix spread test
+ - sandbox,quota: ensure cgroup is available when creating mem
+ quotas
+ - tests: add debug output what keeps `/home` busy
+ - sanity: rename "sanity.Check" to "syscheck.CheckSystem"
+ - interfaces: add pkcs11 interface
+ - o/snapstate: undo migration on 'snap revert'
+ - overlord: snapshot exclusions
+ - interfaces: add private /dev/shm support to shared-memory
+ interface
+ - gadget/install: implement factory reset for unencrypted system
+ - packaging: install Go snap from 1.17 channel in the integration
+ tests
+ - snap-exec: fix detection if `cups` interface is connected
+ - tests: extend gadget-config-defaults test with refresh.retain
+ - cmd/snap,strutil: move lineWrap to WordWrapPadded
+ - bootloader/piboot: add support for armhf
+ - snap,wrappers: add `sigint{,-all}` to supported stop-modes
+ - packaging/ubuntu-16.04/control: depend on fuse3 | fuse
+ - interfaces/system-packages-doc: allow read-only access to
+ /usr/share/libreoffice/help
+ - daemon: add a /v2/accessories/changes/{ID} endpoint
+ - interfaces/appstream-metadata: Re-create app-info links to
+ swcatalog
+ - debug-tools: add script to help debugging GCE instances which fail
+ to boot
+ - gadget/install, kernel: more ICE helpers/support
+ - asserts: exclude empty snap id from duplicates lookup with preseed
+ assert
+ - cmd/snap, signtool: move key-manager related helpers to signtool
+ package
+ - tests/main/snap-quota-groups: add 219 as possible exit code
+ - store: set validation-sets on actions when refreshing
+ - github/workflows: update golangci-lint version
+ - run-check: use go install instead of go get
+ - tests: set as manual the interfaces-cups-control test
+ - interfaces/appstream-metadata: Support new swcatalog directory
+ names
+ - image/preseed: migrate tests from cmd/snap-preseed
+ - tests/main/uc20-create-partitions: update the test for new Go
+ versions
+ - strutil: move wrapGeneric function to strutil as WordWrap
+ - many: small inconsequential tweaks
+ - quota: detect/error if cpu-set is used with cgroup v1
+ - tests: moving ubuntu-image to candidate to fix uc16 tests
+ - image: integrate UC20 preseeding with image.Prepare
+ - cmd/snap,client: frontend for cpu/thread quotas
+ - quota: add test for `Resource.clone()`
+ - many: replace use of "sanity" with more inclusive naming (part 2)
+ - tests: switch to "test-snapd-swtpm"
+ - i/b/network-manager: split rule with more than one peers
+ - tests: fix restore of the BUILD_DIR in failover test on uc18
+ - cmd/snap/debug: sort changes by their spawn times
+ - asserts,interfaces/policy: slot-snap-id allow-installation
+ constraints
+ - o/devicestate: factory reset mode, no encryption
+ - debug-tools/snap-debug-info.sh: print message if no gadget snap
+ found
+ - overlord/devicestate: install system cleanups
+ - cmd/snap-bootstrap: support booting into factory-reset mode
+ - o/snapstate, ifacestate: pass preseeding flag to
+ AddSnapdSnapServices
+ - o/devicestate: restore device key and serial when assertion is
+ found
+ - data: add static preseed.json file
+ - sandbox: improve error message from `ProbeCgroupVersion()`
+ - tests: fix the nested remodel tests
+ - quota: add some more unit tests around Resource.Change()
+ - debug-tools/snap-debug-info.sh: add debug script
+ - tests: workaround lxd issue lp:10079 (function not implemented) on
+ prep-snapd-in-lxd
+ - osutil/disks: blockdev need not be available in the PATH
+ - cmd/snap-preseed: address deadcode linter
+ - tests/lib/fakestore/store: return snap base in details
+ - tests/lib/nested.sh: rm core18 snap after download
+ - systemd: do not reload system when enabling/disabling services
+ - i/b/kubernetes_support: add access to Java certificates
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 19 May 2022 09:57:33 +0200
+
+ snapd (2.55.5-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1965808
+ - snapstate: do not auto-migrate to ~/Snap for core22 just yet
+ - cmd/snap-seccomp: add copy_file_range to
+ syscallsWithNegArgsMaskHi32
+ - cmd/snap-update-ns: correctly set sticky bit on created
+ directories where applicable
+ - .github: Skip misspell and ineffassign on go 1.13
+ - tests: add lz4 dependency for jammy to avoid issues repacking
+ kernel
+ - interfaces: posix-mq: add new interface
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Wed, 11 May 2022 06:38:24 +0200
+
+ snapd (2.55.4-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1965808
+ - tests: do not run mount-order-regression test on i386
+ - c/snap-seccomp: update syscalls
+ - o/snapstate: overwrite ~/.snap subdir when migrating
+ - o/assertstate: fix handling of validation set tracking update in
+ enforcing mode
+ - packaging: restart our units only after the upgrade
+ - interfaces: add a steam-support interface
+ - features: enable refresh-app-awareness by default
+ - i/b/custom_device: fix generation of udev rules
+ - interfaces/system-packages-doc: allow read-only access to
+ /usr/share/gtk-doc
+ - interfaces/system-packages-doc: allow read-only access to
+ /usr/share/xubuntu-docs
+ - interfaces/builtin/network-control: also allow for mstp and bchat
+ devices too
+ - interfaces/builtin: update apparmor profile to allow creating
+ mimic over /usr/share
+ - data/selinux: allow snap-update-ns to mount on top of /var/snap
+ inside the mount ns
+ - interfaces/cpu-control: fix apparmor rules of paths with CPU ID
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Sat, 30 Apr 2022 10:04:39 +0200
+
+ snapd (2.55.3-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1965808
+ - cmd/snap-update-ns: apply content mounts before layouts
+ - many: change "transactional" flag to a "transaction" option
+ - b/piboot.go: check EEPROM version for RPi4
+ - snap/quota,spread: raise lower memory quota limit to 640kb
+ - boot,bootloader: add missing grub.cfg assets mocks in some
+ tests
+ - many: support --ignore-running with refresh many
+ - cmd/snap,wrappers: fix wrong implementation of zero count cpu
+ quota
+ - quota: add some more unit tests around Resource.Change()
+ - quota: detect/error if cpu-set is used with cgroup v1
+ - quota: add test for `Resource.clone()
+ - cmd/snap,client: frontend for cpu/thread quotas
+ - tests: update spread test to check right XDG dirs
+ - snap: set XDG env vars to new dirs
+ - o/snapstate: initialize XDG dirs in HOME migration
+ - i/b/kernel_module_load: expand $SNAP_COMMON in module options
+ - overlord: add missing grub.cfg assets mocks in manager_tests.go
+ - o/snapstate: account for repeat migration in ~/Snap undo
+ - b/a: do not set console in kernel command line for arm64
+ - sandbox: improve error message from `ProbeCgroupVersion()`
+ - tests/main/snap-quota-groups: fix spread test
+ - interfaces: add pkcs11 interface
+ - o/snapstate: undo migration on 'snap revert'
+ - overlord: snapshot exclusions
+ - interfaces: add private /dev/shm support to shared-memory
+ interface
+ - packaging: install Go snap from 1.17 channel in the integration
+ tests
+ - snap-exec: fix detection if `cups` interface is connected
+ - bootloader/piboot: add support for armhf
+ - interfaces/system-packages-doc: allow read-only access to
+ /usr/share/libreoffice/help
+ - daemon: add a /v2/accessories/changes/{ID} endpoint
+ - interfaces/appstream-metadata: Re-create app-info links to
+ swcatalog
+ - tests/main/snap-quota-groups: add 219 as possible exit code
+ - store: set validation-sets on actions when refreshing
+ - interfaces/appstream-metadata: Support new swcatalog directory
+ names
+ - asserts,interfaces/policy: slot-snap-id allow-installation
+ constraints
+ - i/b/network-manager: change rule for ResolveAddress to check only
+ label
+ - cmd/snap-bootstrap: support booting into factory-reset mode
+ - systemd: do not reload system when enabling/disabling services
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Fri, 08 Apr 2022 16:48:35 +0200
+
+ snapd (2.55.2-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1965808
+ - cmd/snap-update-ns: actually use entirely non-existent dirs
+
+ -- Ian Johnson <ian.johnson@canonical.com> Mon, 21 Mar 2022 22:16:54 -0500
+
+ snapd (2.55.1-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1965808
+ - cmd/snap-update-ns/change_test.go: use non-exist name foo-runtime
+ instead
+
+ -- Ian Johnson <ian.johnson@canonical.com> Mon, 21 Mar 2022 20:45:56 -0500
+
+ snapd (2.55-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1965808
+ - kernel/fde: add PartitionName to various structs
+ - osutil/disks: calculate the last usable LBA instead of reading it
+ - snap/quota: additional validation in resources.go
+ - o/snapstate: avoid setting up single reboot when update includes
+ base, kernel and gadget
+ - overlord/state: add helper for aborting unready lanes
+ - snap-bootstrap: Partially revert simplifications of mount
+ dependencies
+ - cmd/snap-update-ns/change.go: sort needed, desired and not reused
+ mount entries
+ - cmd/snap-preseed, image: move preseeding code to image/preseed
+ - interfaces/docker-support: make generic rules not conflict with
+ snap-confine
+ - i/b/modem-manager: provide access to ObjectManager
+ - i/b/network_{control,manager}.go: add more access to resolved
+ - overlord/state: drop unused lanes field
+ - cmd/snap: make 1.18 vet happy
+ - o/snapstate: allow installing the snapd-desktop-integration snap
+ even if the user-daemons feature is otherwise disabled
+ - snap/quota: fix bug in quota group tree validation code
+ - o/snapstate: make sure that snapd is a prerequisite for updating
+ base snaps
+ - bootloader: add support for piboot
+ - i/seccomp/template.go: add close_range to the allowed syscalls
+ - snap: add new cpu quotas
+ - boot: support factory-reset when sealing and resealing
+ - tests: fix test to avoid editing the test-snapd-tools snap.yaml
+ file
+ - dirs: remove unused SnapMetaDir variable
+ - overlord: extend single reboot test to include a non-base, non-
+ kernel snap
+ - github: replace "sanity check" with "quick check" in workflow
+ - fde: add new DeviceUnlock() call
+ - many: replace use of "sanity" with more inclusive naming in
+ comments
+ - asserts: minimal changes to disable authority-delegation before
+ full revert
+ - tests: updating the test-snapd-cups-control-consumer snap to
+ core20 based
+ - many: replace use of "sanity" for interface implementation checks
+ - cmd/snap-preseed: support for core20 preseeding
+ - cmd: set core22 migration related env vars and update spread test
+ - interface/opengl: allow read on
+ /proc/sys/dev/i915/perf_stream_paranoid
+ - tests/lib/tools/report-mongodb: fix typo in help text
+ - tests: Include the source github url as part of the mongo db
+ issues
+ - o/devicestate: split mocks to separate calls for creating a model
+ and a gadget
+ - snap: Add missing zlib
+ - cmd/snap: add support for rebooting to factory-reset
+ - interfaces/apparmor: Update base template for systemd-machined
+ - i/a/template.go: add ld path for jammy
+ - o/devicestate, daemon: introduce factory-reset mode, allow
+ switching
+ - o/state: fix undo with independent tasks in same change and lane
+ - tests: validate tests tools just on google and qemu backends
+ - tests/lib/external/snapd-testing-tools: update from upstream
+ - tests: skip interfaces-cups-control from debian-sid
+ - Increase the times in snapd-sigterm for arm devices
+ - interfaces/browser-support: allow RealtimeKit's
+ MakeThreadRealtimeWithPID
+ - cmd: misc analyzer fixes
+ - interfaces/builtin/account-control: allow to execute pam_tally2
+ - tests/main/user-session-env: special case bash profile on
+ Tumbleweed
+ - o/snapstate: implement transactional lanes for prereqs
+ - o/snapstate: add core22 migration logic
+ - tests/main/mount-ns: unmount /run/qemu
+ - release: 2.54.4 changelog to master
+ - gadget: add buildVolumeStructureToLocation,
+ volumeStructureToLocationMap
+ - interfaces/apparmor: add missing unit tests for special devmode
+ rules/behavior
+ - cmd/snap-confine: coverity fixes
+ - interfaces/systemd: use batch systemd operations
+ - tests: small adjustments to fix vuln spread tests
+ - osutil/disks: trigger udev on the partition device node
+ - interfaces/network-control: add D-Bus rules for resolved too
+ - interfaces/cpu-control: add extra idleruntime data/reset files to
+ cpu-control
+ - packaging/ubuntu-16.04/rules: don't run unit tests on riscv64
+ - data/selinux: allow the snap command to run systemctl
+ - boot: mock amd64 arch for mabootable 20 suite
+ - testutil: add Backup helper to save/restore values, usually for
+ mocking
+ - tests/nested/core/core20-reinstall-partitions: update test summary
+ - asserts: return an explicit error when key cannot be found
+ - interfaces: custom-device
+ - Fix snap-run-gdbserver test by retrying the check
+ - overlord, boot: fix unit tests on arches other than amd64
+ - Get lxd snap from candidate channel
+ - bootloader: allow different names for the grub binary in different
+ archs
+ - cmd/snap-mgmt, packaging: trigger daemon reload after purging unit
+ files
+ - tests: add test to ensure consecutive refreshes do garbage
+ collection of old revs
+ - o/snapstate: deal with potentially invalid type of refresh.retain
+ value due to lax validation
+ - seed,image: changes necessary for ubuntu-image to support
+ preseeding extra snaps in classic images
+ - tests: add debugging to snap-confine-tmp-mount
+ - o/snapstate: add ~/Snap init related to backend
+ - data/env: cosmetic tweak for fish
+ - tests: include new testing tools and utils
+ - wrappers: do not reload the deamon or restart snapd services when
+ preseeding on core
+ - Fix smoke/install test for other architectures than pc
+ - tests: skip boot loader check during testing preparation on s390x
+ - t/m/interfaces-network-manager: use different channel depending on
+ system
+ - o/devicestate: pick system from seed systems/ for preseeding (1/N)
+ - asserts: add preseed assertion type
+ - data/env: more workarounds for even older fish shells, provide
+ reasonable defaults
+ - tests/main/snap-run-devmode-classic: reinstall snapcraft to clean
+ up
+ - gadget/update.go: add buildNewVolumeToDeviceMapping for existing
+ devices
+ - tests: allow run spread tests using a private ppaTo validate it
+ - interfaces/{cpu,power}-control: add more accesses for commercial
+ device tuning
+ - gadget: add searchForVolumeWithTraits + tests
+ - gadget/install: measure and save disk volume traits during
+ install.Run()
+ - tests: fix "undo purging" step in snap-run-devmode-classic
+ - many: move call to shutdown to the boot package
+ - spread.yaml: add core22 version of rsync to skip
+ - overlord, o/snapstate: fix mocking on systems without /snap
+ - many: move boot.Device to snap.Device
+ - tests: smoke test support for core22
+ - tests/nested/snapd-removes-vulnerable-snap-confine-revs: use newer
+ snaps
+ - snapstate: make "remove vulnerable version" message more
+ friendly
+ - o/devicestate/firstboot_preseed_test.go: remove deadcode
+ - o/devicestate: preseeding test cleanup
+ - gadget: refactor StructureEncryption to have a concrete type
+ instead of map
+ - tests: add created_at timestamp to mongo issues
+ - tests: fix security-udev-input-subsystem test
+ - o/devicestate/handlers_install.go: use --all to get binary data
+ too for logs
+ - o/snapstate: rename "corecore" -> "core"
+ - o/snapstate: implement transactional flag
+ - tests: skip ~/.snap migration test on openSUSE
+ - asserts,interfaces/policy: move and prepare DeviceScopeConstraint
+ for reuse
+ - asserts: fetching code should fetch authority-delegation
+ assertions with signing keys as needed
+ - tests: prepare and restore nested tests
+ - asserts: first-class support for formatting/encoding signatory-id
+ - asserts: remove unused function, fix for linter
+ - gadget: identify/match encryption parts, include in traits info
+ - asserts,cmd/snap-repair: support delegation when validating
+ signatures
+ - many: fix leftover empty snap dirs
+ - libsnap-confine-private: string functions simplification
+ - tests/nested/manual/core20-cloud-init-maas-signed-seed-data: add
+ gadget variant
+ - interfaces/u2f-devices: add U2F-TOKEN
+ - tests/core/mem-cgroup-disabled: minor fixups
+ - data/env: fix fish env for all versions of fish, unexport local
+ vars, export XDG_DATA_DIRS
+ - tests: reboot test running remodel
+ - Add extra disk space to nested images to "avoid No space left on
+ device" error
+ - tests: add regression tests for disabled memory cgroup operation
+ - many: fix issues flagged by golangci and configure it to fail
+ build
+ - docs: fix incorrect link
+ - cmd/snap: rename the verbose logging flag in snap run
+ - docs: cosmetic cleanups
+ - cmd/snap-confine: build const data structures at compile-
+ time
+ - o/snapstate: reduce maxInhibition for raa by 1s to avoid confusing
+ notification
+ - snap-bootstrap: Cleanup dependencies in systemd mounts
+ - interfaces/seccomp: Add rseq to base seccomp template
+ - cmd/snap-confine: remove mention of "legacy mode" from comment
+ - gadget/gadget_test.go: fix variable type
+ - gadget/gadget.go: add AllDiskVolumeDeviceTraits
+ - spread: non-functional cleanup of go1.6 legacy
+ - cmd/snap-confine: update ambiguous comment
+ - o/snapstate: revert migration on refresh if flag is disabled
+ - packaging/fedora: sync with downstream, packaging improvements
+ - tests: updated the documentation to run spread tests using
+ external backend
+ - osutil/mkfs: Expose more fakeroot flags
+ - interfaces/cups: add cups-socket-directory attr, use to specify
+ mount rules in backend
+ - tests/main/snap-system-key: reset-failed snapd and snapd.socket
+ - gadget/install: add unit tests for install.Run()
+ - tests/nested/manual/remodel-cross-store,remodel-simple: wait for
+ serial
+ - vscode: added integrated support for MS VSCODE
+ - cmd/snap/auto-import: use osutil.LoadMountInfo impl instead
+ - gadget/install: add unit tests for makeFilesystem, allow mocking
+ mkfs.Make()
+ - systemd: batched operations
+ - gadget/install/partition.go: include DiskIndex in synthesized
+ OnDiskStructure
+ - gadget/install: rm unused support for writing non-filesystem
+ structures
+ - cmd/snap: close refresh notifications after trying to run a snap
+ while inhibited
+ - o/servicestate: revert #11003 checking for memory cgroup being
+ disabled
+ - tests/core/failover: verify failover handling with the kernel snap
+ - snap-confine: allow numbers in hook security tag
+ - cmd/snap-confine: mount bpffs under /sys/fs/bpf if needed
+ - spread: switch to CentOS 8 Stream image
+ - overlord/servicestate: disallow mixing snaps and subgroups.
+ - cmd/snap: add --debug to snap run
+ - gadget: mv modelCharateristics to gadgettest.ModelCharacteristics
+ - cmd/snap: remove use of zenity, use notifications for snap run
+ inhibition
+ - o/devicestate: verify that the new model is self contained before
+ remodeling
+ - usersession/userd: query xdg-mime to check for fallback handlers
+ of a given scheme
+ - gadget, gadgettest: reimplement tests to use new gadgettest
+ examples.go file
+ - asserts: start implementing authority-delegationTODO in later PRs:
+ - overlord: skip manager tests on riscv for now
+ - o/servicestate: quota group error should be more explanative when
+ memory cgroup is disabled
+ - i/builtin: allow modem-manager interface to access some files in
+ sysfs
+ - tests: ensure that interface hook works with hotplug plug
+ - tests: fix repair test failure when run in a loop
+ - o/snapstate: re-write state after undo migration
+ - interfaces/opengl: add support for ARM Mali
+ - tests: enable snap-userd-reexec on ubuntu and debian
+ - tests: skip bind mount in snapd-snap test when the core snap in
+ not repacked
+ - many: add transactional flag to snapd API
+ - tests: new Jammy image for testing
+ - asserts: start generalizing attrMatcherGeneralization is along
+ - tests: ensure the ca-certificates package is installed
+ - devicestate: ensure permissions of /var/lib/snapd/void are
+ correct
+ - many: add altlinux support
+ - cmd/snap-update-ns: convert some unexpected decimal file mode
+ constants to octal.
+ - tests: use system ubuntu-21.10-64 in nested tests
+ - tests: skip version check on lp-1871652 for sru validation
+ - snap/quota: add positive tests for the quota.Resources logic
+ - asserts: start splitting out attrMatcher for reuse to
+ constraint.go
+ - systemd: actually test the function passed as a parameter
+ - tests: fix snaps-state test for sru validation
+ - many: add Transactional to snapstate.Flags
+ - gadget: rename DiskVolume...Opts to DiskVolume...Options
+ - tests: Handle PPAs being served from ppa.launchpadcontent.net
+ - tests/main/cgroup-tracking-failure: Make it pass when run alone
+ - tests: skip migration test on centOS
+ - tests: add back systemd-timesyncd to newer debian distros
+ - many: add conversion for interface attribute values
+ - many: unit test fix when SNAPD_DEBUG=1 is set
+ - gadget/install/partition.go: use device rescan trick only when
+ gadget says to
+ - osutil: refactoring the code exporting mocking APIs to other
+ packages
+ - mkversion: check that snapd is a git source tree before guessing
+ the version
+ - overlord: small refactoring of group quota implementation in
+ preparation of multiple quota values
+ - tests: drop 21.04 tests (it's EOL)
+ - osutil/mkfs: Expose option for --lib flag in fakeroot call
+ - cmd/snapd-apparmor: fix bad variable initialization
+ - packaging, systemd: fix socket (re-)start race
+ - tests: fix running tests.invariant on testflinger systems
+ - tests: spread test snap dir migration
+ - interfaces/shared-memory: support single wild-cards in the
+ read/write paths
+ - tests: cross store remodel
+ - packaging,tests: fix running autopkgtest
+ - spread-shellcheck: add a caching layer
+ - tests: add jammy to spread executions
+ - osutils: deal with ENOENT in UserMaybeSudoUser()
+ - packaging/ubuntu-16.04/control: adjust libfuse3 dependency as
+ suggested
+ - gadget/update.go: add DiskTraitsFromDeviceAndValidate
+ - tests/lib/prepare.sh: add debug kernel command line params via
+ gadget on UC20
+ - check-commit-email: do not fail when current dir is not under git
+ - configcore: implement netplan write support via dbus
+ - run-checks, check-commit-email.py: check commit email addresses
+ for validity
+ - tests: setup snapd remodel testing bits
+ - cmd/snap: adjust /cmd to migration changes
+ - systemd: enable batched calls for systemd calls operation on units
+ - o/ifacestate: add convenience Active() method to ConnectionState
+ struct
+ - o/snapstate: migrate to hidden dir on refresh/install
+ - store: fix flaky test
+ - i/builtin/xilinx-dma: add interface for Xilinx DMA driver
+ - go.mod: tidy up
+ - overlord/h/c/umount: remove handling of required parameter
+ - systemd: add NeedDaemonReload to the unit state
+ - mount-control: step 3
+ - tests/nested/manual/minimal-smoke: bump mem to 512 for unencrypted
+ case too
+ - gadget: fix typo with filesystem message
+ - gadget: misc helper fixes for implicit system-data role handling
+ - tests: fix uses of fakestore new-snap-declaration
+ - spread-shellcheck: use safe_load rather than load with a loder
+ - interfaces: allow access to new at-spi socket location in desktop-
+ legacy
+ - cmd/snap: setup tracking cgroup when invoking a service directly
+ as a user
+ - tests/main/snap-info: use yaml.safe_load rather than yaml.load
+ - cmd/snap: rm unnecessary validation
+ - tests: fix `tests/core/create-user` on testflinger pi3
+ - tests: fix parallel-install-basic on external UC16 devices
+ - tests: ubuntu-image 2.0 compatibility fixes
+ - tests/lib/prepare-restore: use go install rather than go get
+ - cmd/snap, daemon: add debug command for getting OnDiskVolume
+ dump
+ - gadget: resolve index ambiguity between OnDiskStructure and
+ LaidOutStructuretype: bare structures).
+ - tests: workaround missing bluez snap
+ - HACKING.md: add dbus-x11 to packages needed to run unit tests
+ - spread.yaml: add debian-{10,11}, drop debian-9
+ - cmd/snap/quota: fix typo in the help message
+ - gadget: allow gadget struct with unspecified filesystem to match
+ part with fs
+ - tests: re-enable kernel-module-load tests on arm
+ - tests/lib/uc20-create-partitions/main.go: setup a logger for
+ messages
+ - cmd: support installing multiple local snaps
+ - usersession: implement method to close notifications via
+ usersession REST API
+ - data/env: treat XDG_DATA_DIRS like PATH for fish
+ - cmd/snap, cmd/snap-confine: extend manpage, update links
+ - tests: fix fwupd interface test in debian sid
+ - tests: do not run k8s smoke test on 32 bit systems
+ - tests: fix testing in trusty qemu
+ - packaging: merge 2.54.2 changelog back to master
+ - overlord: fix issue with concurrent execution of two snapd
+ processes
+ - interfaces: add a polkit interface
+ - gadget/install/partition.go: wait for udev settle when creating
+ partitions too
+ - tests: exclude interfaces-kernel-module load on arm
+ - tests: ensure that test-snapd-kernel-module-load is
+ removed
+ - tests: do not test microk8s-smoke on arm
+ - packaging, bloader, github: restore cleanliness of snapd info
+ file; check in GA workflow
+ - tests/lib/tools/tests.invariant: simplify check
+ - tests/nested/manual/core20-to-core22: wait for device to be
+ initialized before starting a remodel
+ - build-aux/snap/snapcraft.yaml: use build-packages, don't fail
+ dirty builds
+ - tests/lib/tools/tests.invariant: add invariant for detecting
+ broken snaps
+ - tests/core/failover: replace boot-state with snap debug boot-vars
+ - tests: fix remodel-kernel test when running on external devices
+ - data/selinux: allow poking /proc/xen
+ - gadget: do not crash if gadget.yaml has an empty Volumes section
+ - i/b/mount-control: support creating tmpfs mounts
+ - packaging: Update openSUSE spec file with apparmor-parser and
+ datadir for fish
+ - cmd/snap-device-helper: fix variable name typo in the unit tests
+ - tests: fixed an issue with retrieval of the squashfuse repo
+ - release: 2.54.1
+ - tests: tidy up the top-level of ubuntu-seed during tests
+ - build-aux: detect/fix dirty git revisions while snapcraft
+ building
+ - release: 2.54
+
+ -- Ian Johnson <ian.johnson@canonical.com> Mon, 21 Mar 2022 15:55:16 -0500
+
+ snapd (2.54.4-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1955137
+ - t/m/interfaces-network-manager: use different channel depending on
+ system
+ - many: backport attrer interface changes to 2.54
+ - tests: skip version check on lp-1871652 for sru validation
+ - i/builtin: allow modem-manager interface to access some files in
+ sysfs
+ - snapstate: make "remove vulnerable version" message more
+ friendly
+ - tests: fix "undo purging" step in snap-run-devmode-classic
+ - o/snapstate: deal with potentially invalid type of refresh.retain
+ value due to lax validation
+ - interfaces: custom-device
+ - packaging/ubuntu-16.04/control: adjust libfuse3 dependency
+ - data/env: fix fish env for all versions of fish
+ - packaging/ubuntu-16.04/snapd.postinst: start socket and service
+ first
+ - interfaces/u2f-devices: add U2F-TOKEN
+ - interfaces/seccomp: Add rseq to base seccomp template
+ - tests: remove disabled snaps before calling save_snapd_state
+ - overlord: skip manager tests on riscv for now
+ - interfaces/opengl: add support for ARM Mali
+ - devicestate: ensure permissions of /var/lib/snapd/void are
+ correct
+ - cmd/snap-update-ns: convert some unexpected decimal file mode
+ constants to octal.
+ - interfaces/shared-memory: support single wild-cards in the
+ read/write paths
+ - packaging: fix running autopkgtest
+ - i/builtin/xilinx-dma-host: add interface for Xilinx DMA driver
+ - tests: fix `tests/core/create-user` on testflinger pi3
+ - tests: fix parallel-install-basic on external UC16 devices
+ - tests: re-enable kernel-module-load tests on arm
+ - tests: do not run k8s smoke test on 32 bit systems
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 03 Mar 2022 09:44:21 +0100
snapd (2.54.3-1.1) unstable; urgency=medium
projects / snapd.git / commitdiff