- snapd (2.45.2-1+rpi1) bullseye-staging; urgency=medium
++snapd (2.48.2-3+rpi1) bullseye-staging; urgency=medium
+
+ [changes brought forward from 2.27.2-2+rpi1 by Peter Michael Green <plugwash@raspbian.org> at Thu, 24 Aug 2017 17:53:18 +0000]
+ * Treat unknown derivatives the same as Debian.
+ * Disable testsuite.
+ * Fix clean target.
+
- -- Raspbian forward porter <root@raspbian.org> Sun, 26 Jul 2020 03:50:20 +0000
++ -- Raspbian forward porter <root@raspbian.org> Fri, 05 Feb 2021 06:57:12 +0000
++
+ snapd (2.48.2-3) unstable; urgency=medium
+
+ * debian/patches/0012-cherry-pick-pr9844:
+ - cherry pick PR#9844 to avoid leaking of errno in snap-confine
+ tests that caused i386 to FTBFS
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Fri, 22 Jan 2021 10:13:11 +0100
+
+ snapd (2.48.2-2) unstable; urgency=medium
+
+ * debian/rules:
+ - ignore usr/bin/genasse during arch-indep build too
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Fri, 15 Jan 2021 18:32:45 +0100
+
+ snapd (2.48.2-1) unstable; urgency=medium
+
+ * debian/patch/0011-cherry-pick-pr9809
+ - Cherry-pick https://github.com/snapcore/snapd/pull/9809.
+ This skips the --help output unit tests for older go-flags
+ versions.
+ * New upstream release, LP: #1906690
+ - tests: sign new nested-18|20* models to allow for generic serials
+ - secboot: add extra paranoia when waiting for that fde-reveal-key
+ - tests: backport netplan workarounds from #9785
+ - secboot: add workaround for snapcore/core-initrd issue #13
+ - devicestate: log checkEncryption errors via logger.Noticef
+ - tests: add nested spread end-to-end test for fde-hooks
+ - devicestate: implement checkFDEFeatures()
+ - boot: tweak resealing with fde-setup hooks
+ - sysconfig/cloudinit.go: add "manual_cache_clean: true" to cloud-
+ init restrict file
+ - secboot: add new LockSealedKeys() that uses either TPM or
+ fde-reveal-key
+ - gadget: use "sealed-keys" to determine what method to use for
+ reseal
+ - boot: add sealKeyToModeenvUsingFdeSetupHook()
+ - secboot: use `fde-reveal-key` if available to unseal key
+ - cmd/snap-update-ns: fix sorting of overname mount entries wrt
+ other entries
+ - o/devicestate: save model with serial in the device save db
+ - devicestate: add runFDESetupHook() helper
+ - secboot,devicestate: add scaffoling for "fde-reveal-key" support
+ - hookstate: add new HookManager.EphemeralRunHook()
+ - update-pot: fix typo in plural keyword spec
+ - store,cmd/snap-repair: increase initial expontential time
+ intervals
+ - o/devicestate,daemon: fix reboot system action to not require a
+ system label
+ - github: run nested suite when commit is pushed to release branch
+ - tests: reset fakestore unit status
+ - tests: fix uc20-create-parition-* tests for updated gadget
+ - hookstate: implement snapctl fde-setup-{request,result}
+ - devicestate: make checkEncryption fde-setup hook aware
+ - client,snapctl: add naive support for "stdin"
+ - devicestate: support "storage-safety" defaults during install
+ - snap: use the boot-base for kernel hooks
+ - vendor: update secboot repo to avoid including secboot.test binary
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Fri, 15 Jan 2021 09:11:00 +0100
+
+ snapd (2.48.1-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1906690
+ - gadget: disable ubuntu-boot role validation check
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 03 Dec 2020 17:43:30 +0100
+
+ snapd (2.48-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1904098
+ - osutil: add KernelCommandLineKeyValue
+ - devicestate: implement boot.HasFDESetupHook
+ - boot/makebootable.go: set snapd_recovery_mode=install at image-
+ build time
+ - bootloader: use ForGadget when installing boot config
+ - interfaces/raw_usb: allow read access to /proc/tty/drivers
+ - boot: add scaffolding for "fde-setup" hook support for sealing
+ - tests: fix basic20 test on arm devices
+ - seed: make a shared seed system label validation helper
+ - snap: add new "fde-setup" hooktype
+ - cmd/snap-bootstrap, secboot, tests: misc cleanups, add spread test
+ - secboot,cmd/snap-bootstrap: fix degraded mode cases with better
+ device handling
+ - boot,dirs,c/snap-bootstrap: avoid InstallHost* at the cost of some
+ messiness
+ - tests/nested/manual/refresh-revert-fundamentals: temporarily
+ disable secure boot
+ - snap-bootstrap,secboot: call BlockPCRProtectionPolicies in all
+ boot modes
+ - many: address degraded recover mode feedback, cleanups
+ - tests: Use systemd-run on tests part2
+ - tests: set the opensuse tumbleweed system as manual in spread.yaml
+ - secboot: call BlockPCRProtectionPolicies even if the TPM is
+ disabled
+ - vendor: update to current secboot
+ - cmd/snap-bootstrap,o/devicestate: use a secret to pair data and
+ save
+ - spread.yaml: increase number of workers on 20.10
+ - snap: add new `snap recovery --show-keys` option
+ - tests: minor test tweaks suggested in the review of 9607
+ - snapd-generator: set standard snapfuse options when generating
+ units for containers
+ - tests: enable lxd test on ubuntu-core-20 and 16.04-32
+ - interfaces: share /tmp/.X11-unix/ from host or provider
+ - tests: enable main lxd test on 20.10
+ - cmd/s-b/initramfs-mounts: refactor recover mode to implement
+ degraded mode
+ - gadget/install: add progress logging
+ - packaging: keep secboot/encrypt_dummy.go in debian
+ - interfaces/udev: use distro specific path to snap-device-helper
+ - o/devistate: fix chaining of tasks related to regular snaps when
+ preseeding
+ - gadget, overlord/devicestate: validate that system supports
+ encrypted data before install
+ - interfaces/fwupd: enforce the confined fwupd to align Ubuntu Core
+ ESP layout
+ - many: add /v2/system-recovery-keys API and client
+ - secboot, many: return UnlockMethod from Unlock* methods for future
+ usage
+ - many: mv keys to ubuntu-boot, move model file, rename keyring
+ prefix for secboot
+ - tests: using systemd-run instead of manually create a systemd unit
+ - part 1
+ - secboot, cmd/snap-bootstrap: enable or disable activation with
+ recovery key
+ - secboot: refactor Unlock...IfEncrypted to take keyfile + check
+ disks first
+ - secboot: add LockTPMSealedKeys() to lock access to keys
+ independently
+ - gadget: correct sfdisk arguments
+ - bootloader/assets/grub: adjust fwsetup menuentry label
+ - tests: new boot state tool
+ - spread: use the official image for Ubuntu 20.10, no longer an
+ unstable system
+ - tests/lib/nested: enable snapd logging to console for core18
+ - osutil/disks: re-implement partition searching for disk w/ non-
+ adjacent parts
+ - tests: using the nested-state tool in nested tests
+ - many: seal a fallback object to the recovery boot chain
+ - gadget, gadget/install: move helpers to install package, refactor
+ unit tests
+ - dirs: add "gentoo" to altDirDistros
+ - update-pot: include file locations in translation template, and
+ extract strings from desktop files
+ - gadget/many: drop usage of gpt attr 59 for indicating creation of
+ partitions
+ - gadget/quantity: tweak test name
+ - snap: fix failing unittest for quantity.FormatDuration()
+ - gadget/quantity: introduce a new package that captures quantities
+ - o/devicestate,a/sysdb: make a backup of the device serial to save
+ - tests: fix rare interaction of tests.session and specific tests
+ - features: enable classic-preserves-xdg-runtime-dir
+ - tests/nested/core20/save: check the bind mount and size bump
+ - o/devicetate,dirs: keep device keys in ubuntu-save/save for UC20
+ - tests: rename hasHooks to hasInterfaceHooks in the ifacestate
+ tests
+ - o/devicestate: unit test tweaks
+ - boot: store the TPM{PolicyAuthKey,LockoutAuth}File in ubuntu-save
+ - testutil, cmd/snap/version: fix misc little errors
+ - overlord/devicestate: bind mount ubuntu-save under
+ /var/lib/snapd/save on startup
+ - gadget/internal: tune ext4 setting for smaller filesystems
+ - tests/nested/core20/save: a test that verifies ubuntu-save is
+ present and set up
+ - tests: update google sru backend to support groovy
+ - o/ifacestate: handle interface hooks when preseeding
+ - tests: re-enable the apt hooks test
+ - interfaces,snap: use correct type: {os,snapd} for test data
+ - secboot: set metadata and keyslots sizes when formatting LUKS2
+ volumes
+ - tests: improve uc20-create-partitions-reinstall test
+ - client, daemon, cmd/snap: cleanups from #9489 + more unit tests
+ - cmd/snap-bootstrap: mount ubuntu-save during boot if present
+ - secboot: fix doc comment on helper for unlocking volume with key
+ - tests: add spread test for refreshing from an old snapd and core18
+ - o/snapstate: generate snapd snap wrappers again after restart on
+ refresh
+ - secboot: version bump, unlock volume with key
+ - tests/snap-advise-command: re-enable test
+ - cmd/snap, snapmgr, tests: cleanups after #9418
+ - interfaces: deny connected x11 plugs access to ICE
+ - daemon,client: write and read a maintenance.json file for when
+ snapd is shut down
+ - many: update to secboot v1 (part 1)
+ - osutil/disks/mockdisk: panic if same mountpoint shows up again
+ with diff opts
+ - tests/nested/core20/gadget,kernel-reseal: add sanity checks to the
+ reseal tests
+ - many: implement snap routine console-conf-start for synchronizing
+ auto-refreshes
+ - dirs, boot: add ubuntu-save directories and related locations
+ - usersession: fix typo in test name
+ - overlord/snapstate: refactor ihibitRefresh
+ - overlord/snapstate: stop warning about inhibited refreshes
+ - cmd/snap: do not hardcode snapshot age value
+ - overlord,usersession: initial notifications of pending refreshes
+ - tests: add a unit test for UpdateMany where a single snap fails
+ - o/snapstate/catalogrefresh.go: don't refresh catalog in install
+ mode uc20
+ - tests: also check snapst.Current in undo-unlink tests
+ - tests: new nested tool
+ - o/snapstate: implement undo handler for unlink-snap
+ - tests: clean systems.sh helper and migrate last set of tests
+ - tests: moving the lib section from systems.sh helper to os.query
+ tool
+ - tests/uc20-create-partitions: don't check for grub.cfg
+ - packaging: make sure that static binaries are indeed static, fix
+ openSUSE
+ - many: have install return encryption keys for data and save,
+ improve tests
+ - overlord: add link participant for linkage transitions
+ - tests: lxd smoke test
+ - tests: add tests for fsck; cmd/s-b/initramfs-mounts: fsck ubuntu-
+ seed too
+ - tests: moving main suite from systems.sh to os.query tool
+ - tests: moving the core test suite from systems.sh to os.query tool
+ - cmd/snap-confine: mask host's apparmor config
+ - o/snapstate: move setting updated SnapState after error paths
+ - tests: add value to INSTANCE_KEY/regular
+ - spread, tests: tweaks for openSUSE
+ - cmd/snap-confine: update path to snap-device-helper in AppArmor
+ profile
+ - tests: new os.query tool
+ - overlord/snapshotstate/backend: specify tar format for snapshots
+ - tests/nested/manual/minimal-smoke: use 384MB of RAM for nested
+ UC20
+ - client,daemon,snap: auto-import does not error on managed devices
+ - interfaces: PTP hardware clock interface
+ - tests: use tests.backup tool
+ - many: verify that unit tests work with nosecboot tag and without
+ secboot package
+ - wrappers: do not error out on read-only /etc/dbus-1/session.d
+ filesystem on core18
+ - snapshots: import of a snapshot set
+ - tests: more output for sbuild test
+ - o/snapstate: re-order remove tasks for individual snap revisions
+ to remove current last
+ - boot: skip some unit tests when running as root
+ - o/assertstate: introduce
+ ValidationTrackingKey/ValidationSetTracking and basic methods
+ - many: allow ignoring running apps for specific request
+ - tests: allow the searching test to fail under load
+ - overlord/snapstate: inhibit startup while unlinked
+ - seed/seedwriter/writer.go: check DevModeConfinement for dangerous
+ features
+ - tests/main/sudo-env: snap bin is available on Fedora
+ - boot, overlord/devicestate: list trusted and managed assets
+ upfront
+ - gadget, gadget/install: support for ubuntu-save, create one during
+ install if needed
+ - spread-shellcheck: temporary workaround for deadlock, drop
+ unnecessary test
+ - snap: support different exit-code in the snap command
+ - logger: use strutil.KernelCommandLineSplit in
+ debugEnabledOnKernelCmdline
+ - logger: fix snapd.debug=1 parsing
+ - overlord: increase refresh postpone limit to 14 days
+ - spread-shellcheck: use single thread pool executor
+ - gadget/install,secboot: add debug messages
+ - spread-shellcheck: speed up spread-shellcheck even more
+ - spread-shellcheck: process paths from arguments in parallel
+ - tests: tweak error from tests.cleanup
+ - spread: remove workaround for openSUSE go issue
+ - o/configstate: create /etc/sysctl.d when applying early config
+ defaults
+ - tests: new tests.backup tool
+ - tests: add tests.cleanup pop sub-command
+ - tests: migration of the main suite to snaps-state tool part 6
+ - tests: fix journal-state test
+ - cmd/snap-bootstrap/initramfs-mounts: split off new helper for misc
+ recover files
+ - cmd/snap-bootstrap/initramfs-mounts: also copy /etc/machine-id for
+ same IP addr
+ - packaging/{ubuntu,debian}: add liblzo2-dev as a dependency for
+ building snapd
+ - boot, gadget, bootloader: observer preserves managed bootloader
+ configs
+ - tests/nested/manual: add uc20 grade signed cloud-init test
+ - o/snapstate/autorefresh.go: eliminate race when launching
+ autorefresh
+ - daemon,snapshotstate: do not return "size" from Import()
+ - daemon: limit reading from snapshot import to Content-Length
+ - many: set/expect Content-Length header when importing snapshots
+ - github: switch from ::set-env command to environment file
+ - tests: migration of the main suite to snaps-state tool part 5
+ - client: cleanup the Client.raw* and Client.do* method families
+ - tests: moving main suite to snaps-state tool part 4
+ - client,daemon,snap: use constant for snapshot content-type
+ - many: fix typos and repeated "the"
+ - secboot: fix tpm connection leak when it's not enabled
+ - many: scaffolding for snapshots import API
+ - run-checks: run spread-shellcheck too
+ - interfaces: update network-manager interface to allow
+ ObjectManager access from unconfined clients
+ - tests: move core and regression suites to snaps-state tool
+ - tests: moving interfaces tests to snaps-state tool
+ - gadget: preserve files when indicated by content change observer
+ - tests: moving smoke test suite and some tests from main suite to
+ snaps-state tool
+ - o/snapshotstate: pass set id to backend.Open, update tests
+ - asserts/snapasserts: introduce ValidationSets
+ - o/snapshotstate: improve allocation of new set IDs
+ - boot: look at the gadget for run mode bootloader when making the
+ system bootable
+ - cmd/snap: allow snap help vs --all to diverge purposefully
+ - usersession/userd: separate bus name ownership from defining
+ interfaces
+ - o/snapshotstate: set snapshot set id from its filename
+ - o/snapstate: move remove-related tests to snapstate_remove_test.go
+ - desktop/notification: switch ExpireTimeout to time.Duration
+ - desktop/notification: add unit tests
+ - snap: snap help output refresh
+ - tests/nested/manual/preseed: include a system-usernames snap when
+ preseeding
+ - tests: fix sudo-env test
+ - tests: fix nested core20 shellcheck bug
+ - tests/lib: move to new directory when restoring PWD, cleanup
+ unpacked unpacked snap directories
+ - desktop/notification: add bindings for FDO notifications
+ - dbustest: fix stale comment references
+ - many: move ManagedAssetsBootloader into TrustedAssetsBootloader,
+ drop former
+ - snap-repair: add uc20 support
+ - tests: print all the serial logs for the nested test
+ - o/snapstate/check_snap_test.go: mock osutil.Find{U,G}id to avoid
+ bug in test
+ - cmd/snap/auto-import: stop importing system user assertions from
+ initramfs mnts
+ - osutil/group.go: treat all non-nil errs from user.Lookup{Group,}
+ as Unknown*
+ - asserts: deserialize grouping only once in Pool.AddBatch if needed
+ - gadget: allow content observer to have opinions about a change
+ - tests: new snaps-state command - part1
+ - o/assertstate: support refreshing any number of snap-declarations
+ - boot: use test helpers
+ - tests/core/snap-debug-bootvars: also check snap_mode
+ - many/apparmor: adjust rules for reading profile/ execing new
+ profiles for new kernel
+ - tests/core/snap-debug-bootvars: spread test for snap debug boot-
+ vars
+ - tests/lib/nested.sh: more little tweaks
+ - tests/nested/manual/grade-signed-above-testkeys-boot: enable kvm
+ - cmd/s-b/initramfs-mounts: use ConfigureTargetSystem for install,
+ recover modes
+ - overlord: explicitly set refresh-app-awareness in tests
+ - kernel: remove "edition" from kernel.yaml and add "update"
+ - spread: drop vendor from the packed project archive
+ - boot: fix debug bootloader variables dump on UC20 systems
+ - wrappers, systemd: allow empty root dir and conditionally do not
+ pass --root to systemctl
+ - tests/nested/manual: add test for grades above signed booting with
+ testkeys
+ - tests/nested: misc robustness fixes
+ - o/assertstate,asserts: use bulk refresh to refresh snap-
+ declarations
+ - tests/lib/prepare.sh: stop patching the uc20 initrd since it has
+ been updated now
+ - tests/nested/manual/refresh-revert-fundamentals: re-enable test
+ - update-pot: ignore .go files inside .git when running xgettext-go
+ - tests: disable part of the lxd test completely on 16.04.
+ - o/snapshotstate: tweak comment regarding snapshot filename
+ - o/snapstate: improve snapshot iteration
+ - bootloader: lk cleanups
+ - tests: update to support nested kvm without reboots on UC20
+ - tests/nested/manual/preseed: disable system-key check for 20.04
+ image
+ - spread.yaml: add ubuntu-20.10-64 to qemu
+ - store: handle v2 error when fetching assertions
+ - gadget: resolve device mapper devices for fallback device lookup
+ - tests/nested/cloud-init-many: simplify tests and unify
+ helpers/seed inputs
+ - tests: copy /usr/lib/snapd/info to correct directory
+ - check-pr-title.py * : allow "*" in the first part of the title
+ - many: typos and small test tweak
+ - tests/main/lxd: disable cgroup combination for 16.04 that is
+ failing a lot
+ - tests: make nested signing helpers less confusing
+ - tests: misc nested changes
+ - tests/nested/manual/refresh-revert-fundamentals: disable
+ temporarily
+ - tests/lib/cla_check: default to Python 3, tweaks, formatting
+ - tests/lib/cl_check.py: use python3 compatible code
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 19 Nov 2020 17:51:02 +0100
+
+ snapd (2.47.1-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1895929
+ - o/configstate: create /etc/sysctl.d when applying early config
+ defaults
+ - cmd/snap-bootstrap/initramfs-mounts: also copy /etc/machine-id for
+ same IP addr
+ - packaging/{ubuntu,debian}: add liblzo2-dev as a dependency for
+ building snapd
+ - cmd/snap: allow snap help vs --all to diverge purposefully
+ - snap: snap help output refresh
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 08 Oct 2020 09:30:44 +0200
+
+ snapd (2.47-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1895929
+ - tests: fix nested core20 shellcheck bug
+ - many/apparmor: adjust rule for reading apparmor profile for new
+ kernel
+ - snap-repair: add uc20 support
+ - cmd/snap/auto-import: stop importing system user assertions from
+ initramfs mnts
+ - cmd/s-b/initramfs-mounts: use ConfigureTargetSystem for install,
+ recover modes
+ - gadget: resolve device mapper devices for fallback device lookup
+ - secboot: add boot manager profile to pcr protection profile
+ - sysconfig,o/devicestate: mv DisableNoCloud to
+ DisableAfterLocalDatasourcesRun
+ - tests: make gadget-reseal more robust
+ - tests: skip nested images pre-configuration by default
+ - tests: fix for basic20 test running on external backend and rpi
+ - tests: improve kernel reseal test
+ - boot: adjust comments, naming, log success around reseal
+ - tests/nested, fakestore: changes necessary to run nested uc20
+ signed/secured tests
+ - tests: add nested core20 gadget reseal test
+ - boot/modeenv: track unknown keys in Read and put back into modeenv
+ during Write
+ - interfaces/process-control: add sched_setattr to seccomp
+ - boot: with unasserted kernels reseal if there's a hint modeenv
+ changed
+ - client: bump the default request timeout to 120s
+ - configcore: do not error in console-conf.disable for install mode
+ - boot: streamline bootstate20.go reseal and tests changes
+ - boot: reseal when changing kernel
+ - cmd/snap/model: specify grade in the model command output
+ - tests: simplify
+ repack_snapd_snap_with_deb_content_and_run_mode_first_boot_tweaks
+ - test: improve logging in nested tests
+ - nested: add support to telnet to serial port in nested VM
+ - secboot: use the snapcore/secboot native recovery key type
+ - tests/lib/nested.sh: use more focused cloud-init config for uc20
+ - tests/lib/nested.sh: wait for the tpm socket to exist
+ - spread.yaml, tests/nested: misc changes
+ - tests: add more checks to disk space awareness spread test
+ - tests: disk space awareness spread test
+ - boot: make MockUC20Device use a model and MockDevice more
+ realistic
+ - boot,many: reseal only when meaningful and necessary
+ - tests/nested/core20/kernel-failover: add test for failed refresh
+ of uc20 kernel
+ - tests: fix nested to work with qemu and kvm
+ - boot: reseal when updating boot assets
+ - tests: fix snap-routime-portal-info test
+ - boot: verify boot chain file in seal and reseal tests
+ - tests: use full path to test-snapd-refresh.version binary
+ - boot: store boot chains during install, helper for checking
+ whether reseal is needed
+ - boot: add call to reseal an existing key
+ - boot: consider boot chains with unrevisioned kernels incomparable
+ - overlord: assorted typos and miscellaneous changes
+ - boot: group SealKeyModelParams by model, improve testing
+ - secboot: adjust parameters to buildPCRProtectionProfile
+ - strutil: add SortedListsUniqueMergefrom the doc comment:
+ - snap/naming: upgrade TODO to TODO:UC20
+ - secboot: add call to reseal an existing key
+ - boot: in seal.go adjust error message and function names
+ - o/snapstate: check available disk space in RemoveMany
+ - boot: build bootchains data for sealing
+ - tests: remove "set -e" from function only shell libs
+ - o/snapstate: disk space check on UpdateMany
+ - o/snapstate: disk space check with snap update
+ - snap: implement new `snap reboot` command
+ - boot: do not reorder boot assets when generating predictable boot
+ chains and other small tweaks
+ - tests: some fixes and improvements for nested execution
+ - tests/core/uc20-recovery: fix check for at least specific calls to
+ mock-shutdown
+ - boot: be consistent using bootloader.Role* consts instead of
+ strings
+ - boot: helper for generating secboot load chains from a given boot
+ asset sequence
+ - boot: tweak boot chains to support a list of kernel command lines,
+ keep track of model and kernel boot file
+ - boot,secboot: switch to expose and use snapcore/secboot load event
+ trees
+ - tests: use `nested_exec` in core{20,}-early-config test
+ - devicestate: enable cloud-init on uc20 for grade signed and
+ secured
+ - boot: add "rootdir" to baseBootenvSuite and use in tests
+ - tests/lib/cla_check.py: don't allow users.noreply.github.com
+ commits to pass CLA
+ - boot: represent boot chains, helpers for marshalling and
+ equivalence checks
+ - boot: mark successful with boot assets
+ - client, api: handle insufficient space error
+ - o/snapstate: disk space check with single snap install
+ - configcore: "service.console-conf.disable" is gadget defaults only
+ - packaging/opensuse: fix for /usr/libexec on TW, do not hardcode
+ AppArmor profile path
+ - tests: skip udp protocol in nfs-support test on ubuntu-20.10
+ - packaging/debian-sid: tweak code preparing _build tree
+ - many: move seal code from gadget/install to boot
+ - tests: remove workaround for cups on ubuntu-20.10
+ - client: implement RebootToSystem
+ - many: seed.Model panics now if called before LoadAssertions
+ - daemon: add /v2/systems "reboot" action API
+ - github: run tests also on push to release branches
+ - interfaces/bluez: let slot access audio streams
+ - seed,c/snap-bootstrap: simplify snap-bootstrap seed reading with
+ new seed.ReadSystemEssential
+ - interfaces: allow snap-update-ns to read /proc/cmdline
+ - tests: new organization for nested tests
+ - o/snapstate, features: add feature flags for disk space awareness
+ - tests: workaround for cups issue on 20.10 where default printer is
+ not configured.
+ - interfaces: update cups-control and add cups for providing snaps
+ - boot: keep track of the original asset when observing updates
+ - tests: simplify and fix tests for disk space checks on snap remove
+ - sysconfig/cloudinit.go: add AllowCloudInit and use GadgetDir for
+ cloud.conf
+ - tests/main: mv core specific tests to core suite
+ - tests/lib/nested.sh: reset the TPM when we create the uc20 vm
+ - devicestate: rename "mockLogger" to "logbuf"
+ - many: introduce ContentChange for tracking gadget content in
+ observers
+ - many: fix partion vs partition typo
+ - bootloader: retrieve boot chains from bootloader
+ - devicestate: add tests around logging in RequestSystemAction
+ - boot: handle canceled update
+ - bootloader: tweak doc comments (thanks Samuele)
+ - seed/seedwriter: test local asserted snaps with UC20 grade signed
+ - sysconfig/cloudinit.go: add DisableNoCloud to
+ CloudInitRestrictOptions
+ - many: use BootFile type in load sequences
+ - boot,bootloader: clarifications after the changes to introduce
+ bootloader.Options.Role
+ - boot,bootloader,gadget: apply new bootloader.Options.Role
+ - o/snapstate, features: add feature flag for disk space check on
+ remove
+ - testutil: add checkers for symbolic link target
+ - many: refactor tpm seal parameter setting
+ - boot/bootstate20: reboot to rollback to previous kernel
+ - boot: add unit test helpers
+ - boot: observe update & rollback of trusted assets
+ - interfaces/utf: Add MIRKey to u2f devices
+ - o/devicestate/devicestate_cloudinit_test.go: test cleanup for uc20
+ cloud-init tests
+ - many: check that users of BaseTest don't forget to consume
+ cleanups
+ - tests/nested/core20/tpm: verify trusted boot assets tracking
+ - github: run macOS job with Go 1.14
+ - many: misc doc-comment changes and typo fixes
+ - o/snapstate: disk space check with InstallMany
+ - many: cloud-init cleanups from previous PR's
+ - tests: running tests on opensuse leap 15.2
+ - run-checks: check for dirty build tree too
+ - vendor: run ./get-deps.sh to update the secboot hash
+ - tests: update listing test for "-dirty" versions
+ - overlord/devicestate: do not release the state lock when updating
+ gadget assets
+ - secboot: read kernel efi image from snap file
+ - snap: add size to the random access file return interface
+ - daemon: correctly parse Content-Type HTTP header.
+ - tests: account for apt-get on core18
+ - cmd/snap-bootstrap/initramfs-mounts: compute string outside of
+ loop
+ - mkversion.sh: simple hack to include dirty in version if the tree
+ is dirty
+ - cgroup,snap: track hooks on system bus only
+ - interfaces/systemd: compare dereferenced Service
+ - run-checks: only check files in git for misspelling
+ - osutil: add a package doc comment (via doc.go)
+ - boot: complain about reused asset name during initial install
+ - snapstate: installSize helper that calculates total size of snaps
+ and their prerequisites
+ - snapshots: export of snapshots
+ - boot/initramfs_test.go: reset boot vars on the bootloader for each
+ iteration
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Tue, 29 Sep 2020 17:19:13 +0200
+
+ snapd (2.46.1-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1891134
+ - interfaces: allow snap-update-ns to read
+ /proc/cmdline
+ - github: run macOS job with Go 1.14
+ - o/snapstate, features: add feature flag for disk space check on
+ remove
+ - tests: account for apt-get on core18
+ - mkversion.sh: include dirty in version if the tree
+ is dirty
+ - interfaces/systemd: compare dereferenced Service
+ - vendor.json: update mysterious secboot SHA again
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Fri, 04 Sep 2020 17:42:54 +0200
+
+ snapd (2.46-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1891134
+ - logger: add support for setting snapd.debug=1 on kernel cmdline
+ - o/snapstate: check disk space before creating automatic snapshot
+ on remove
+ - boot, o/devicestate: observe existing recovery bootloader trusted
+ boot assets
+ - many: use transient scope for tracking apps and hooks
+ - features: add HiddenSnapFolder feature flag
+ - tests/lib/nested.sh: fix partition typo, unmount the image on uc20
+ too
+ - runinhibit: open the lock file in read-only mode in IsLocked
+ - cmd/s-b/initramfs-mounts: make recover -> run mode transition
+ automatic
+ - tests: update spread test for unknown plug/slot with snapctl is-
+ connected
+ - osutil: add OpenExistingLockForReading
+ - kernel: add kernel.Validate()
+ - interfaces: add vcio interface
+ - interfaces/{docker,kubernetes}-support: load overlay and support
+ systemd cgroup driver
+ - tests/lib/nested.sh: use more robust code for finding what loop
+ dev we mounted
+ - cmd/snap-update-ns: detach all bind-mounted file
+ - snap/snapenv: set SNAP_REAL_HOME
+ - packaging: umount /snap on purge in containers
+ - interfaces: misc policy updates xlvi
+ - secboot,cmd/snap-bootstrap: cross-check partitions before
+ unlocking, mounting
+ - boot: copy boot assets cache to new root
+ - gadget,kernel: add new kernel.{Info,Asset} struct and helpers
+ - o/hookstate/ctlcmd: make is-connected check whether the plug or
+ slot exists
+ - tests: find -ignore_readdir_race when scanning cgroups
+ - interfaces/many: deny arbitrary desktop files and misc from
+ /usr/share
+ - tests: use "set -ex" in prep-snapd-in-lxd.sh
+ - tests: re-enable udisks test on debian-sid
+ - cmd/snapd-generator: use PATH fallback if PATH is not set
+ - tests: disable udisks2 test on arch linux
+ - github: use latest/stable go, not latest/edge
+ - tests: remove support for ubuntu 19.10 from spread tests
+ - tests: fix lxd test wrongly tracking 'latest'
+ - secboot: document exported functions
+ - cmd: compile snap gdbserver shim correctly
+ - many: correctly calculate the desktop file prefix everywhere
+ - interfaces: add kernel-crypto-api interface
+ - corecfg: add "system.timezone" setting to the system settings
+ - cmd/snapd-generator: generate drop-in to use fuse in container
+ - cmd/snap-bootstrap/initramfs-mounts: tweak names, add comments
+ from previous PR
+ - interfaces/many: miscellaneous updates for strict microk8s
+ - secboot,cmd/snap-bootstrap: don't import boot package from secboot
+ - cmd/snap-bootstrap/initramfs-mounts: call systemd-mount instead of
+ the-tool
+ - tests: work around broken update of systemd-networkd
+ - tests/main/install-fontconfig-cache-gen: enhance test by
+ verifying, add fonts to test
+ - o/devicestate: wrap asset update observer error
+ - boot: refactor such that bootStateUpdate20 mainly carries Modeenv
+ - mkversion.sh: disallow changelog versions that have git in it, if
+ we also have git version
+ - interfaces/many: miscellaneous updates for strict microk8s
+ - snap: fix repeated "cannot list recovery system" and add test
+ - boot: track trusted assets during initial install, assets cache
+ - vendor: update secboot to fix key data validation
+ - tests: unmount FUSE file-systems from XDG runtime dir
+ - overlord/devicestate: workaround non-nil interface with nil struct
+ - sandbox/cgroup: remove temporary workaround for multiple cgroup
+ writers
+ - sandbox/cgroup: detect dangling v2 cgroup
+ - bootloader: add helper for creating a bootloader based on gadget
+ - tests: support different images on nested execution
+ - many: reorg cmd/snapinfo.go into snap and new client/clientutil
+ - packaging/arch: use external linker when building statically
+ - tests: cope with ghost cgroupv2
+ - tests: fix issues related to restarting systemd-logind.service
+ - boot, o/devicestate: TrustedAssetUpdateObserver stubs, hook up to
+ gadget updates
+ - vendor: update github.com/kr/pretty to fix diffs of values with
+ pointer cycles
+ - boot: move bootloaderKernelState20 impls to separate file
+ - .github/workflows: move snap building to test.yaml as separate
+ cached job
+ - tests/nested/manual/minimal-smoke: run core smoke tests in a VM
+ meeting minimal requirements
+ - osutil: add CommitAs to atomic file
+ - gadget: introduce content update observer
+ - bootloader: introduce TrustedAssetsBootloader, implement for grub
+ - o/snapshotstate: helpers for calculating disk space needed for an
+ automatic snapshot
+ - gadget/install: retrieve command lines from bootloader
+ - boot/bootstate20: unify commit method impls, rm
+ bootState20MarkSuccessful
+ - tests: add system information and image information when debug
+ info is displayed
+ - tests/main/cgroup-tracking: try to collect some information about
+ cgroups
+ - boot: introduce current_boot_assets and
+ current_recovery_boot_assets to modeenv
+ - tests: fix for timing issues on journal-state test
+ - many: remove usage and creation of hijacked pid cgroup
+ - tests: port regression-home-snap-root-owned to tests.session
+ - tests: run as hightest via tests.session
+ - github: run CLA checks on self-hosted workers
+ - github: remove Ubuntu 19.10 from actions workflow
+ - tests: remove End-Of-Life opensuse/fedora releases
+ - tests: remove End-Of-Life releases from spread.yaml
+ - tests: fix debug section of appstream-id test
+ - interfaces: check !b.preseed earlier
+ - tests: work around bug in systemd/debian
+ - boot: add deepEqual, Copy helpers for Modeenv to simplify
+ bootstate20 refactor
+ - cmd: add new "snap recovery" command
+ - interfaces/systemd: use emulation mode when preseeding
+ - interfaces/kmod: don't load kernel modules in kmod backend when
+ preseeding
+ - interfaces/udev: do not reload udevadm rules when preseeding
+ - cmd/snap-preseed: use snapd from the deb if newer than from seeds
+ - boot: fancy marshaller for modeenv values
+ - gadget, osutil: use atomic file copy, adjust tests
+ - overlord: use new tracking cgroup for refresh app awareness
+ - github: do not skip gofmt with Go 1.9/1.10
+ - many: introduce content write observer, install mode glue, initial
+ seal stubs
+ - daemon,many: switch to use client.ErrorKind and drop the local
+ errorKind...
+ - tests: new parameters for nested execution
+ - client: move all error kinds into errors.go and add doc strings
+ - cmd/snap: display the error in snap debug seeding if seeding is in
+ error
+ - cmd/snap/debug/seeding: use unicode for proper yaml
+ - tests/cmd/snap-bootstrap/initramfs-mounts: add test case for empty
+ recovery_mode
+ - osutil/disks: add mock disk and tests for happy path of mock disks
+ - tests: refresh/revert snapd in uc20
+ - osutil/disks: use a dedicated error to indicate a fs label wasn't
+ found
+ - interfaces/system-key: in WriteSystemKey during tests, don't call
+ ParserFeatures
+ - boot: add current recovery systems to modeenv
+ - bootloader: extend managed assets bootloader interface to compose
+ a candidate command line
+ - interfaces: make the unmarshal test match more the comment
+ - daemon/api: use pointers to time.Time for debug seeding aspect
+ - o/ifacestate: update security profiles in connect undo handler
+ - interfaces: add uinput interface
+ - cmd/snap-bootstrap/initramfs-mounts: add doSystemdMount + unit
+ tests
+ - o/devicestate: save seeding/preseeding times for use with debug
+ seeding api
+ - cmd/snap/debug: add "snap debug seeding" command for preseeding
+ debugging
+ - tests/main/selinux-clean: workaround SELinux denials triggered by
+ linger setup on Centos8
+ - bootloader: compose command line with mode and extra arguments
+ - cmd/snap, daemon: detect and bail purge on multi-snap
+ - o/ifacestate: fix bug in snapsWithSecurityProfiles
+ - interfaces/builtin/multipass: replace U+00A0 no-break space with
+ simple space
+ - bootloader/assets: generate bootloader assets from files
+ - many/tests/preseed: reset the preseeded images before preseeding
+ them
+ - tests: drop accidental accents from e
+ - secboot: improve key sealing tests
+ - tests: replace _wait_for_file_change with retry
+ - tests: new fs-state which replaces the files.sh helper
+ - sysconfig/cloudinit_test.go: add test for initramfs case, rm "/"
+ from path
+ - cmd/snap: track started apps and hooks
+ - tests/main/interfaces-pulseaudio: disable start limit checking for
+ pulseaudio service
+ - api: seeding debug api
+ - .github/workflows/snap-build.yaml: build the snapd snap via GH
+ Actions too
+ - tests: moving journalctl.sh to a new journal-state tool
+ - tests/nested/manual: add spread tests for cloud-init vuln
+ - bootloader/assets: helpers for registering per-edition snippets,
+ register snippets for grub
+ - data,packaging,wrappers: extend D-Bus service activation search
+ path
+ - spread: add opensuse 15.2 and tumbleweed for qemu
+ - overlord,o/devicestate: restrict cloud-init on Ubuntu Core
+ - sysconfig/cloudinit: add RestrictCloudInit
+ - cmd/snap-preseed: check that target path exists and is a directory
+ on --reset
+ - tests: check for pids correctly
+ - gadget,gadget/install: refactor partition table update
+ - sysconfig/cloudinit: add CloudInitStatus func + CloudInitState
+ type
+ - interface/fwupd: add more policies for making fwupd upstream
+ strict
+ - tests: new to-one-line tool which replaces the strings.sh helper
+ - interfaces: new helpers to get and compare system key, for use
+ with seeding debug api
+ - osutil, many: add helper for checking whether the process is a go
+ test binary
+ - cmd/snap-seccomp/syscalls: add faccessat2
+ - tests: adjust xdg-open after launcher changes
+ - tests: new core config helper
+ - usersession/userd: do not modify XDG_DATA_DIRS when calling xdg-
+ open
+ - cmd/snap-preseed: handle relative chroot path
+ - snapshotstate: move sizer to osutil.Sizer()
+ - tests/cmd/snap-bootstrap/initramfs-mounts: rm duplicated env ref
+ kernel tests
+ - gadget/install,secboot: use snapcore/secboot luks2 api
+ - boot/initramfs_test.go: add Commentf to more Assert()'s
+ - tests/lib: account for changes in arch package file name extension
+ - bootloader/bootloadertest: fix comment typo
+ - bootloader: add helper for getting recovery system environment
+ variables
+ - tests: preinstall shellcheck and run tests on focal
+ - strutil: add a helper for parsing kernel command line
+ - osutil: add CheckFreeSpace helper
+ - secboot: update tpm connection error handling
+ - packaging, cmd/snap-mgmt, tests: remove modules files on purge
+ - tests: add tests.cleanup helper
+ - packaging: add "ca-certificates" to build-depends
+ - tests: more checks in core20 early config spread test
+ - tests: fix some snapstate tests to use pointers for
+ snapmgrTestSuite
+ - boot: better naming of helpers for obtaining kernel command line
+ - many: use more specific check for unit test mocking
+ - systemd/escape: fix issues with "" and "\t" handling
+ - asserts: small improvements and corrections for sequence-forming
+ assertions' support
+ - boot, bootloader: query kernel command line of run mod and
+ recovery mode systems
+ - snap/validate.go: disallow snap layouts with new top-level
+ directories
+ - tests: allow to add a new label to run nested tests as part of PR
+ validation
+ - tests/core/gadget-update-pc: port to UC20
+ - tests: improve nested tests flexibility
+ - asserts: integer headers: disallow prefix zeros and make parsing
+ more uniform
+ - asserts: implement Database.FindSequence
+ - asserts: introduce SequenceMemberAfter in the asserts backstores
+ - spread.yaml: remove tests/lib/tools from PATH
+ - overlord: refuse to install snaps whose activatable D-Bus services
+ conflict with installed snaps
+ - tests: shorten lxd-state undo-mount-changes
+ - snap-confine: don't die if a device from sysfs path cannot be
+ found by udev
+ - tests: fix argument handling of apt-state
+ - tests: rename lxd-tool to lxd-state
+ - tests: rename user-tool to user-state, fix --help
+ - interfaces: add gconf interface
+ - sandbox/cgroup: avoid parsing security tags twice
+ - tests: rename version-tool to version-compare
+ - cmd/snap-update-ns: handle anomalies better
+ - tests: fix call to apt.Package.mark_install(auto_inst=True)
+ - tests: rename mountinfo-tool to mountinfo.query
+ - tests: rename memory-tool to memory-observe-do
+ - tests: rename invariant-tool to tests.invariant
+ - tests: rename apt-tool to apt-state
+ - many: managed boot config during run mode setup
+ - asserts: introduce the concept of sequence-forming assertion types
+ - tests: tweak comments/output in uc20-recovery test
+ - tests/lib/pkgdb: do not use quiet when purging debs
+ - interfaces/apparmor: allow snap-specific /run/lock
+ - interfaces: add system-source-code for access to /usr/src
+ - sandbox/cgroup: extend SnapNameFromPid with tracking cgroup data
+ - gadget/install: move udev trigger to gadget/install
+ - many: make nested spread tests more reliable
+ - tests/core/uc20-recovery: apply hack to get gopath in recover mode
+ w/ external backend
+ - tests: enable tests on uc20 which now work with the real model
+ assertion
+ - tests: enable system-snap-refresh test on uc20
+ - gadget, bootloader: preserve managed boot assets during gadget
+ updates
+ - tests: fix leaked dbus-daemon in selinux-clean
+ - tests: add servicestate.Control tests
+ - tests: fix "restart.service"
+ - wrappers: helper for enabling services - extract and move enabling
+ of services into a helper
+ - tests: new test to validate refresh and revert of kernel and
+ gadget on uc20
+ - tests/lib/prepare-restore: collect debug info when prepare purge
+ fails
+ - bootloader: allow managed bootloader to update its boot config
+ - tests: Remove unity test from nightly test suite
+ - o/devicestate: set mark-seeded to done in the task itself
+ - tests: add spread test for disconnect undo caused by failing
+ disconnect hook
+ - sandbox/cgroup: allow discovering PIDs of given snap
+ - osutil/disks: support IsDecryptedDevice for mountpoints which are
+ dm devices
+ - osutil: detect autofs mounted in /home
+ - spread.yaml: allow amazon-linux-2-64 qemu with
+ ec2-user/ec2-user
+ - usersession: support additional zoom URL schemes
+ - overlord: mock timings.DurationThreshold in TestNewWithGoodState
+ - sandbox/cgroup: add tracking helpers
+ - tests: detect stray dbus-daemon
+ - overlord: refuse to install snaps providing user daemons on Ubuntu
+ 14.04
+ - many: move encryption and installer from snap-boostrap to gadget
+ - o/ifacestate: fix connect undo handler
+ - interfaces: optimize rules of multiple connected iio/i2c/spi plugs
+ - bootloader: introduce managed bootloader, implement for grub
+ - tests: fix incorrect check in smoke/remove test
+ - asserts,seed: split handling of essential/not essential model
+ snaps
+ - gadget: fix typo in mounted filesystem updater
+ - gadget: do only one mount point lookup in mounted fs updater
+ - tests/core/snap-auto-mount: try to make the test more robust
+ - tests: adding ubuntu-20.04 to google-sru backend
+ - o/servicestate: add updateSnapstateServices helper
+ - bootloader: pull recovery grub config from internal assets
+ - tests/lib/tools: apply linger workaround when needed
+ - overlord/snapstate: graceful handling of denied "managed" refresh
+ schedule
+ - snapstate: fix autorefresh from classic->strict
+ - overlord/configstate: add system.kernel.printk.console-loglevel
+ option
+ - tests: fix assertion disk handling for nested UC systems
+ - snapstate: use testutil.HostScaledTimeout() in snapstate tests
+ - tests: extra worker for google-nested backend to avoid timeout
+ error on uc20
+ - snapdtool: helper to check whether the current binary is reexeced
+ from a snap
+ - tests: mock servicestate in api tests to avoid systemctl checks
+ - many: rename back snap.Info.GetType to Type
+ - tests/lib/cla_check: expect explicit commit range
+ - osutil/disks: refactor diskFromMountPointImpl a bit
+ - o/snapstate: service-control task handler
+ - osutil: add disks pkg for associating mountpoints with
+ disks/partitions
+ - gadget,cmd/snap-bootstrap: move partitioning to gadget
+ - seed: fix LoadEssentialMeta when gadget is not loaded
+ - cmd/snap: Debian does not allow $SNAP_MOUNT_DIR/bin in sudo
+ secure_path
+ - asserts: introduce new assertion validation-set
+ - asserts,daemon: add support for "serials" field in system-user
+ assertion
+ - data/sudo: drop a failed sudo secure_path workaround
+ - gadget: mv encodeLabel to osutil/disks.EncodeHexBlkIDFormat
+ - boot, snap-bootstrap: move initramfs-mounts logic to boot pkg
+ - spread.yaml: update secure boot attribute name
+ - interfaces/block_devices: add NVMe subsystem devices, support
+ multipath paths
+ - tests: use the "jq" snap from the edge channel
+ - tests: simplify the tpm test by removing the test-snapd-mokutil
+ snap
+ - boot/bootstate16.go: clean snap_try_* vars when not in Trying
+ status too
+ - tests/main/sudo-env: check snap path under sudo
+ - tests/main/lxd: add test for snaps inside nested lxd containers
+ not working
+ - asserts/internal: expand errors about invalid serialized grouping
+ labels
+ - usersession/userd: add msteams url support
+ - tests/lib/prepare.sh: adjust comment about sgdisk
+ - tests: fix how gadget pc is detected when the snap does not exist
+ and ls fails
+ - tests: move a few more tests to snapstate_update_test.go
+ - tests/main: add spread test for running svc from install hook
+ - tests/lib/prepare: increase the size of the uc16/uc18 partitions
+ - tests/special-home-can-run-classic-snaps: re-enable
+ - workflow: test PR title as part of the static checks again
+ - tests/main/xdg-open-compat: backup and restore original xdg-open
+ - tests: move update-related tests to snapstate_update_test.go
+ - cmd,many: move Version and bits related to snapd tools to
+ snapdtool, merge cmdutil
+ - tests/prepare-restore.sh: reset-failed systemd-journald before
+ restarting
+ - interfaces: misc small interface updates
+ - spread: use find rather than recursive ls, skip mounted snaps
+ - tests/lib/prepare-restore.sh: if we failed to purge snapd deb, ls
+ /var/lib/snapd
+ - tests: enable snap-auto-mount test on core20
+ - cmd/snap: do not show $PATH warning when executing under sudo on a
+ known distro
+ - asserts/internal: add some iteration benchmarks
+ - sandbox/cgroup: improve pid parsing code
+ - snap: add new `snap run --experimental-gdbserver` option
+ - asserts/internal: limit Grouping size switching to a bitset
+ representationWe don't always use the bit-set representation
+ because:
+ - snap: add an activates-on property to apps for D-Bus activation
+ - dirs: delete unused Cloud var, fix typo
+ - sysconfig/cloudinit: make callers of DisableCloudInit use
+ WritableDefaultsDir
+ - tests: fix classic ubuntu core transition auth
+ - tests: fail in setup_reflash_magic() if there is snapd state left
+ - tests: port interfaces-many-core-provided to tests.session
+ - tests: wait after creating partitions with sfdisk
+ - bootloader: introduce bootloarder assets, import grub.cfg with an
+ edition marker
+ - riscv64: bump timeouts
+ - gadget: drop dead code, hide exports that are not used externally
+ - tests: port 2 uc20 part1
+ - tests: fix bug waiting for snap command to be ready
+ - tests: move try-related tests to snapstate_try_test.go
+ - tests: add debug for 20.04 prepare failure
+ - travis.yml: removed, all our checks run in GH actions now
+ - tests: clean up up the use of configcoreSuite in the configcore
+ tests
+ - sandbox/cgroup: remove redundant pathOfProcPidCgroup
+ - sandbox/cgroup: add tests for ParsePids
+ - tests: fix the basic20 test for uc20 on external backend
+ - tests: use configcoreSuite in journalSuite and remove some
+ duplicated code
+ - tests: move a few more tests to snapstate_install_test
+ - tests: assorted small patches
+ - dbusutil/dbustest: separate license from package
+ - interfaces/builtin/time-control: allow POSIX clock API
+ - usersession/userd: add "slack" to the white list of URL schemes
+ handled by xdg-open
+ - tests: check that host settings like hostname are settable on core
+ - tests: port xdg-settings test to tests.session
+ - tests: port snap-handle-link test to tests.session
+ - arch: add riscv64
+ - tests: core20 early defaults spread test
+ - tests: move install tests from snapstate_test.go to
+ snapstate_install_test.go
+ - github: port macOS sanity checks from travis
+ - data/selinux: allow checking /var/cache/app-info
+ - o/devicestate: core20 early config from gadget defaults
+ - tests: autoremove after removing lxd in preseed-lxd test
+ - secboot,cmd/snap-bootstrap: add tpm sealing support to secboot
+ - sandbox/cgroup: move FreezerCgroupDir from dirs.go
+ - tests: update the file used to detect the boot path on uc20
+ - spread.yaml: show /var/lib/snapd in debug
+ - cmd/snap-bootstrap/initramfs-mounts: also copy systemd clock +
+ netplan files
+ - snap/naming: add helpers to parse app and hook security tags
+ - tests: modernize retry tool
+ - tests: fix and trim debug section in xdg-open-portal
+ - tests: modernize and use snapd.tool
+ - vendor: update to latest github.com/snapcore/bolt for riscv64
+ - cmd/snap-confine: add support for libc6-lse
+ - interfaces: miscellaneous policy updates xlv
+ - interfaces/system-packages-doc: fix typo in variable names
+ - tests: port interfaces-calendar-service to tests.session
+ - tests: install/run the lzo test snap too
+ - snap: (small) refactor of `snap download` code for
+ testing/extending
+ - data: fix shellcheck warnings in snapd.sh.in
+ - packaging: disable buildmode=pie for riscv64
+ - tests: install test-snapd-rsync snap from edge channel
+ - tests: modernize tests.session and port everything using it
+ - tests: add ubuntu 20.10 to spread tests
+ - cmd/snap/remove: mention snap restore/automatic snapshots
+ - dbusutil: move all D-Bus helpers and D-Bus test helpers
+ - wrappers: pass 'disable' flag to StopServices wrapper
+ - osutil: enable riscv64 build
+ - snap/naming: add ParseSecurityTag and friends
+ - tests: port document-portal-activation to session-tool
+ - bootloader: rename test helpers to reflect we are mocking EFI boot
+ locations
+ - tests: disable test of nfs v3 with udp proto on debian-sid
+ - tests: plan to improve the naming and uniformity of utilities
+ - tests: move *-tool tests to their own suite
+ - snap-bootstrap: remove sealed key file on reinstall
+ - bootloader/ubootenv: don't panic with an empty uboot env
+ - systemd: rename actualFsTypeAndMountOptions to
+ hostFsTypeAndMountOptions
+ - daemon: fix filtering of service-control changes for snap.app
+ - tests: spread test for preseeding in lxd container
+ - tests: fix broken snapd.session agent.socket
+ - wrappers: add RestartServices function and ReloadOrRestart to
+ systemd
+ - o/cmdstate: handle ignore flag on exec-command tasks
+ - gadget: make ext4 filesystems with or without metadata checksum
+ - tests: update statx test to run on all LTS releases
+ - configcore: show better error when disabling services
+ - interfaces: add hugepages-control
+ - interfaces-ssh-keys: Support reading /etc/ssh/ssh_config.d/
+ - tests: run ubuntu-20.04-* tests on all ubuntu-2* releases
+ - tests: skip interfaces-openvswitch for centos 8 in nightly suite
+ - tests: reload systemd --user for root, if present
+ - tests: reload systemd after editing /etc/fstab
+ - tests: add missing dependencies needed for sbuild test on debian
+ - tests: reload systemd after removing pulseaudio
+ - image, tests: core18 early config.
+ - interfaces: add system-packages-doc interface
+ - cmd/snap-preseed, systemd: fix handling of fuse.squashfuse when
+ preseeding
+ - interfaces/fwupd: allow bind mount to /boot on core
+ - tests: improve oom-vitality tests
+ - tests: add fedora 32 to spread.yaml
+ - config: apply vitality-hint immediately when the config changes
+ - tests: port snap-routine-portal-info to session-tool
+ - configcore: add "service.console-conf.disable" config option
+ - tests: port xdg-open to session-tool
+ - tests: port xdg-open-compat to session-tool
+ - tests: port interfaces-desktop-* to session-tool
+ - spread.yaml: apply yaml formatter/linter
+ - tests: port interfaces-wayland to session-tool
+ - o/devicestate: refactor current system handling
+ - snap-mgmt: perform cleanup of user services
+ - snap/snapfile,squashfs: followups from 8729
+ - boot, many: require mode in modeenv
+ - data/selinux: update policy to allow forked processes to call
+ getpw*()
+ - tests: log stderr from dbus-monitor
+ - packaging: build cmd/snap and cmd/snap-bootstrap with nomanagers
+ tag
+ - snap/squashfs: also symlink snap Install with uc20 seed snap dir
+ layout
+ - interfaces/builtin/desktop: do not mount fonts cache on distros
+ with quirks
+ - data/selinux: allow snapd to remove/create the its socket
+ - testutil/exec.go: set PATH after running shellcheck
+ - tests: silence stderr from dbus-monitor
+ - snap,many: mv Open to snapfile pkg to support add'l options to
+ Container methods
+ - devicestate, sysconfig: revert support for cloud.cfg.d/ in the
+ gadget
+ - github: remove workaround for bug 133 in actions/cache
+ - tests: remove dbus.sh
+ - cmd/snap-preseed: improve mountpoint checks of the preseeded
+ chroot
+ - spread.yaml: add ps aux to debug section
+ - github: run all spread systems in a single go with cached results
+ - test: session-tool cli tweaks
+ - asserts: rest of the Pool API
+ - tests: port interfaces-network-status-classic to session-tool
+ - packaging: remove obsolete 16.10,17.04 symlinks
+ - tests: setup portals before starting user session
+ - o/devicestate: typo fix
+ - interfaces/serial-port: add NXP SC16IS7xx (ttySCX) to allowed
+ devices
+ - cmd/snap/model: support store, system-user-authority keys in
+ --verbose
+ - o/devicestate: raise conflict when requesting system action while
+ seeding
+ - tests: detect signs of crashed snap-confine
+ - tests: sign kernel and gadget to run nested tests using current
+ snapd code
+ - tests: remove gnome-online-accounts we install
+ - tests: fix the issue where all the tests were executed on secboot
+ system
+ - tests: port interfaces-accounts-service to session-tool
+ - interfaces/network-control: bring /var/lib/dhcp from host
+ - image,cmd/snap,tests: add support for store-wide cohort keys
+ - configcore: add nomanagers buildtag for conditional build
+ - tests: port interfaces-password-manager-service to session-tool
+ - o/devicestate: cleanup system actions supported by recover mode
+ - snap-bootstrap: remove create-partitions and update tests
+ - tests: fix nested tests
+ - packaging/arch: update PKGBUILD to match one in AUR
+ - tests: port interfaces-location-control to session-tool
+ - tests: port interfaces-contacts-service to session-tool
+ - state: log task errors in the journal too
+ - o/devicestate: change how current system is reported for different
+ modes
+ - devicestate: do not report "ErrNoState" for seeded up
+ - tests: add a note about broken test sequence
+ - tests: port interfaces-autopilot-introspection to session-tool
+ - tests: port interfaces-dbus to session-tool
+ - packaging: update sid packaging to match 16.04+
+ - tests: enable degraded test on uc20
+ - c/snaplock/runinhibit: add run inhibition operations
+ - tests: detect and report root-owned files in /home
+ - tests: reload root's systemd --user after snapd tests
+ - tests: test registration with serial-authority: [generic]
+ - cmd/snap-bootstrap/initramfs-mounts: copy auth.json and macaroon-
+ key in recover
+ - tests/mount-ns: stop binfmt_misc mount unit
+ - cmd/snap-bootstrap/initramfs-mounts: use booted kernel partition
+ uuid if available
+ - daemon, tests: indicate system mode, test switching to recovery
+ and back to run
+ - interfaces/desktop: silence more /var/lib/snapd/desktop/icons
+ denials
+ - tests/mount-ns: update to reflect new UEFI boot mode
+ - usersession,tests: clean ups for userd/settings.go and move
+ xdgopenproxy under usersession
+ - tests: disable mount-ns test
+ - tests: test user belongs to systemd-journald, on core20
+ - tests: run core/snap-set-core-config on uc20 too
+ - tests: remove generated session-agent units
+ - sysconfig: use new _writable_defaults dir to create cloud config
+ - cmd/snap-bootstrap/initramfs-mounts: cosmetic changes in prep for
+ future work
+ - asserts: make clearer that with label we mean a serialized label
+ - cmd/snap-bootstrap: tweak recovery trigger log messages
+ - asserts: introduce PoolTo
+ - userd: allow setting default-url-scheme-handler
+ - secboot: append uuid to ubuntu-data when decrypting
+ - o/configcore: pass extra options to FileSystemOnlyApply
+ - tests: add dbus-user-session to bionic and reorder package names
+ - boot, bootloader: adjust comments, expand tests
+ - tests: improve debugging of user session agent tests
+ - packaging: add the inhibit directory
+ - many: add core.resiliance.vitality-hint config setting
+ - tests: test adjustments and fixes for recently published images
+ - cmd/snap: coldplug auto-import assertions from all removable
+ devices
+ - secboot,cmd/snap-bootstrap: move initramfs-mounts tpm access to
+ secboot
+ - tests: not fail when boot dir cannot be determined
+ - tests: new directory used to store the cloud images on gce
+ - tests: inject snapd from edge into seeds of the image in manual
+ preseed test
+ - usersession/agent,wrappers: fix races between Shutdown and Serve
+ - tests: add dependency needed for next upgrade of bionic
+ - tests: new test user is used for external backend
+ - cmd/snap: fix the order of positional parameters in help output
+ - tests: don't create root-owned things in ~test
+ - tests/lib/prepare.sh: delete patching of the initrd
+ - cmd/snap-bootstrap/initramfs-mounts: add sudoers to dirs to copy
+ as well
+ - progress: tweak multibyte label unit test data
+ - o/devicestate,cmd/snap-bootstrap: seal to recover mode cmdline
+ - gadget: fix fallback device lookup for 'mbr' type structures
+ - configcore: only reload journald if systemd is new enough
+ - cmd/snap-boostrap, boot: use /run/mnt/data instead of ubuntu-data
+ - wrappers: allow user mode systemd daemons
+ - progress: fix progress bar with multibyte duration units
+ - tests: fix raciness in pulseaudio test
+ - asserts/internal: introduce Grouping and Groupings
+ - tests: remove user.sh
+ - tests: pair of follow-ups from earlier reviews
+ - overlord/snapstate: warn of refresh/postpone events
+ - configcore,tests: use daemon-reexec to apply watchdog config
+ - c/snap-bootstrap: check mount states via initramfsMountStates
+ - store: implement DownloadAssertions
+ - tests: run smoke test with different bases
+ - tests: port user-mounts test to session-tool
+ - store: handle error-list in fetch-assertions results
+ - tests: port interfaces-audio-playback-record to session-tool
+ - data/completion: add `snap` command completion for zsh
+ - tests/degraded: ignore failure in systemd-vconsole-setup.service
+ - image: stub implementation of image.Prepare for darwin
+ - tests: session-tool --restore -u stops user-$UID.slice
+ - o/ifacestate/handlers.go: fix typo
+ - tests: port pulseaudio test to session-tool
+ - tests: port user-session-env to session-tool
+ - tests: work around journald bug in core16
+ - tests: add debug to core-persistent-journal test
+ - tests: port selinux-clean to session-tool
+ - tests: port portals test to session-tool, fix portal tests on sid
+ - tests: adding option --no-install-recommends option also when
+ install all the deps
+ - tests: add session-tool --has-systemd-and-dbus
+ - packaging/debian-sid: add gcc-multilib to build deps
+ - osutil: expand FileLock to support shared locks and more
+ - packaging: stop depending on python-docutils
+ - store,asserts,many: support the new action fetch-assertions
+ - tests: port snap-session-agent-* to session-tool
+ - packaging/fedora: disable FIPS compliant crypto for static
+ binaries
+ - tests: fix for preseeding failures
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Tue, 25 Aug 2020 17:26:21 +0200
+
+ snapd (2.45.3.1-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1875071
+ - o/ifacestate: fix bug in snapsWithSecurityProfiles
+ - tests/main/selinux-clean: workaround SELinux denials triggered by
+ linger setup on Centos8
+
+ -- Samuele Pedroni <pedronis@lucediurna.net> Tue, 28 Jul 2020 21:43:38 +0200
+
+ snapd (2.45.3-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1875071
+ - many: backport _writable_defaults dir changes
+ - tests: fix incorrect check in smoke/remove test
+ - cmd/snap-bootstrap,seed: backport of uc20 PRs
+ - tests: avoid exit when nested type var is not defined
+ - cmd/snap-preseed: backport fixes
+ - interfaces: optimize rules of multiple connected iio/i2c/spi plugs
+ - many: cherry-picks for 2.45, gh-action, test fixes
+ - tests/lib: account for changes in arch package file name extension
+ - postrm, snap-mgmt: cleanup modules and other cherry-picks
+ - snap-confine: don't die if a device from sysfs path cannot be
+ found by udev
+ - data/selinux: update policy to allow forked processes to call
+ getpw*()
+ - tests/main/interfaces-time-control: exercise setting time via date
+ - interfaces/builtin/time-control: allow POSIX clock API
+ - usersession/userd: add "slack" to the white list of URL schemes
+ handled by xdg-open
+
+ -- Zygmunt Krynicki <me@zygoon.pl> Mon, 27 Jul 2020 12:01:14 +0200
snapd (2.45.2-1) unstable; urgency=high
projects / snapd.git / commitdiff