--- /dev/null
+snapd (2.51.7-2) unstable; urgency=medium
+
+ * debian: cherry-pick PR#10745
+ - cherry pick https://github.com/snapcore/snapd/pull/10745
+ (closes: #993783)
+ * debian/control:
+ - build with go-1.15 for now until snapd-2.52 is released
+ which fully supports go.mod
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Tue, 07 Sep 2021 13:53:22 +0200
+
+snapd (2.51.7-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1929842
+ - cmd/snap-seccomp/syscalls: update syscalls list to libseccomp
+ v2.2.0-428-g5c22d4b1
+ - tests: cherry-pick shellcheck fix `bd730fd4`
+ - interfaces/dsp: add /dev/ambad into dsp interface
+ - many: shellcheck fixes
+ - snapstate: abort kernel refresh if no gadget update can be found
+ - overlord: add manager test for "assumes" checking
+ - store: deal correctly with "assumes" from the store raw yaml
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Wed, 01 Sep 2021 13:32:06 +0200
+
+snapd (2.51.6-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1929842
+ - secboot: use half the mem for KDF in AddRecoveryKey
+ - secboot: switch main key KDF memory cost to 32KB
+
+ -- Ian Johnson <ian.johnson@canonical.com> Thu, 19 Aug 2021 15:49:47 -0500
+
+snapd (2.51.5-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1929842
+ - snap/squashfs: handle squashfs-tools 4.5+
+ - tests/core20-install-device-file-install-via-hook-hack: adjust
+ test for 2.51
+ - o/devicestate/handlers_install.go: add workaround to create dirs
+ for install
+ - tests: fix linter warning
+ - tests: update other spread tests for new behaviour
+ - tests: ack assertions by default, add --noack option
+ - release-tools/changelog.py: also fix opensuse changelog date
+ format
+ - release-tools/changelog.py: fix typo in function name
+ - release-tools/changelog.py: fix fedora date format
+ - release-tools/changelog.py: handle case where we don't have a TZ
+ - release-tools/changelog.py: fix line length check
+ - release-tools/changelog.py: specify the LP bug for the release as
+ an arg too
+ - interface/modem-manager: add support for MBIM/QMI proxy
+ clients
+ - .github/workflows/test.yaml: use snapcraft 4.x to build the snapd
+ snap
+
+ -- Ian Johnson <ian.johnson@canonical.com> Mon, 16 Aug 2021 15:02:40 -0500
+
+snapd (2.51.4-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1929842
+ - {device,snap}state: skip kernel extraction in seeding
+ - vendor: move to snapshot-4c814e1 branch and set fixed KDF options
+ - tests/interfaces/tee: fix HasLen check for udev snippets
+ - interfaces/tee: add support for Qualcomm qseecom device node
+ - gadget: check for system-save with multi volumes if encrypting
+ correctly
+ - gadget: drive-by: drop unnecessary/supported passthrough in test
+ gadget.yaml
+
+ -- Ian Johnson <ian.johnson@canonical.com> Mon, 09 Aug 2021 18:56:18 -0500
+
+snapd (2.51.3-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1929842
+ - interfaces/builtin: add sd-control interface
+ - store: set ResponseHeaderTimeout on the default transport
+
+ -- Ian Johnson <ian.johnson@canonical.com> Wed, 14 Jul 2021 15:26:54 -0500
+
+snapd (2.51.2-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1929842
+ - snapstate: remove temporary snap file for local revisions early
+ - interface: allows reading sd cards internal info from block-
+ devices interface
+ - o/ifacestate: do not visit same halt tasks in waitChainSearch to
+ avoid slow convergence (or unlikely cycles)
+ - corecfg: allow using `# snapd-edit: no` header to disable pi-
+ config
+ - configcore: ignore system.pi-config.* setting on measured kernels
+ - many: pass device/model info to configcore via sysconfig.Device
+ interface
+ - o/configstate/configcore: support snap set system swap.size=...
+ - store: make the log with download size a debug one
+ - interfaces/opengl: add support for Imagination PowerVR
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Wed, 07 Jul 2021 15:35:46 +0200
+
+snapd (2.51.1-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1929842
+ - interfaces: add netlink-driver interface
+ - interfaces: builtin: add dm-crypt interface to support external
+ storage encryption
+ - interfaces/dsp: fix typo in udev rule
+ - overlord/snapstate: lock the mutex before returning from stop
+ snap services undo
+ - interfaces: opengl: change path for Xilinx zocl driver
+ - interfaces/dsp: add /dev/cavalry into dsp interface
+ - packaging/fedora/snapd.spec: correct date format in changelog
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Tue, 15 Jun 2021 12:45:08 +0200
+
+snapd (2.51-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1929842
+ - cmd/snap: stacktraces debug endpoint
+ - secboot: deactivate volume again when model checker fails
+ - store: extra log message, a few minor cleanups
+ - packaging/debian-sid: update systemd patch
+ - snapstate: adjust update-gadget-assets user visible message
+ - tests/nested/core/core20-create-recovery: verify that recovery
+ system can be created at runtime
+ - gadget: support creating vfat partitions during bootstrap
+ - daemon/api_quotas.go: support updating quotas with ensure action
+ - daemon: tighten access to a couple of POST endpoints that should
+ be really be root-only
+ - seed/seedtest, overlord/devicestate: move seed validation helper
+ to seedtest
+ - overlord/hookstate/ctlcmd: remove unneeded parameter
+ - snap/quota: add CurrentMemoryUsage for current memory usage of a
+ quota group
+ - systemd: add CurrentMemoryUsage to get current memory usage for a
+ unit
+ - o/snapstate: introduce minimalInstallInfo interface
+ - o/hookstate: print pending info (ready, inhibited or none)
+ - osutil: a helper to find out the total amount of memory in the
+ system
+ - overlord, overlord/devicestate: allow for reloading modeenv in
+ devicemgr when testing
+ - daemon: refine access testing
+ - spread: disable unattended-upgrades on debian
+ - tests/lib/reset: make nc exit after a while when connection is
+ idle
+ - daemon: replace access control flags on commands with access
+ checkers
+ - release-tools/changelog.py: refactor regexp + file reading/writing
+ - packaging/debian-sid: update locale patch for the latest master
+ - overlord/devicestate: tasks for creating recovery systems at
+ runtime
+ - release-tools/changelog.py: implement script to update all the
+ changelog files
+ - tests: change machine type used for nested testsPrices:
+ - cmd/snap: include locale when linting description being lower case
+ - o/servicestate: add RemoveSnapFromQuota
+ - interfaces/serial-port: add Qualcomm serial port devices to
+ allowed list
+ - packaging: merge 2.50.1 changelog back
+ - interfaces/builtin: introduce raw-input interface
+ - tests: remove tests.cleanup prepare from nested test
+ - cmd/snap-update-ns: fix linter errors
+ - asserts: fix errors reported by linter
+ - o/hookstate/ctlcmd: allow system-mode for non-root
+ - overlord/devicestate: comment why explicit system mode check is
+ needed in ensuring tried recovery systems (#10275)
+ - overlord/devicesate: observe snap writes when creating recovery
+ systems
+ - packaging/ubuntu-16.04/changelog: add placeholder for 2.50.1
+ - tests: moving to tests directories snaps built locally - part 1
+ - seed/seedwriter: fail early when system seed directory exists
+ - o/snapstate: autorefresh phase1 for refresh-control
+ - c/snap: more precise message for ErrorKindSystemRestart op !=
+ reboot
+ - tests: simplify the tests.cleanup tool
+ - boot: helpers for manipulating current and good recovery systems
+ list
+ - o/hookstate, o/snapstate: print revision, version, channel with
+ snapctl --pending
+ - overlord: unit test tweaks, use well known snap IDs, setup snap
+ declarations for most common snaps
+ - tests/nested/manual: add test for install-device + snapctl reboot
+ - o/servicestate: restart slices + services on modifications
+ - tests: update mount-ns test to support changes in the distro
+ - interfaces: fix linter issues
+ - overlord: mock logger in managers unit tests
+ - tests: adding support for fedora-34
+ - tests: adding support for debian 10 on gce
+ - boot: reseal given keys when the respective boot chain has changed
+ - secboot: switch encryption key size to 32 byte (thanks to Chris)
+ - interfaces/dbus: allow claiming 'well-known' D-Bus names with a
+ wildcard suffix
+ - spread: bump delta reference version
+ - interfaces: builtin: update permitted paths to be compatible with
+ UC20
+ - overlord: fix errors reported by linter
+ - tests: remove old fedora systems from tests
+ - tests: update spread url
+ - interfaces/camera: allow devices in /sys/devices/platform/**/usb*
+ - interfaces/udisks2: Allow access to the login manager via dbus
+ - cmd/snap: exit normally if "snap changes" has no changes
+ (LP #1823974)
+ - tests: more fixes for spread suite on openSUSE
+ - tests: fix tests expecting cgroup v1/hybrid on openSUSE Tumbleweed
+ - daemon: fix linter errors
+ - spread: add Fedora 34, leave a TODO about dropping Fedora 32
+ - interfaces: fix linter errors
+ - tests: use op.paths tools instead of dirs.sh helper - part 2
+ - client: Fix linter errors
+ - cmd/snap: Fix errors reported by linter
+ - cmd/snap-repair: fix linter issues
+ - cmd/snap-bootstrap: Fix linter errors
+ - tests: update permission denied message for test-snapd-event on
+ ubuntu 2104
+ - cmd/snap: small tweaks based on previous reviews
+ - snap/snaptest: helper that mocks both the squashfs file and a snap
+ directory
+ - overlord/devicestate: tweak comment about creating recovery
+ systems, formatting tweaks
+ - overlord/devicestate: move devicemgr base suite helpers closer to
+ test suite struct
+ - overlord/devicestate: keep track of tried recovery system
+ - seed/seedwriter: clarify in the diagram when SetInfo is called
+ - overlord/devicestate: add helper for creating recovery systems at
+ runtime
+ - snap-seccomp: update syscalls.go list
+ - boot,image: support image.Customizations.BootFlags
+ - overlord: support snapctl --halt|--poweroff in gadget install-
+ device
+ - features,servicestate: add experimental.quota-groups flag
+ - o/servicestate: address comments from previous PR
+ - tests: basic spread test for snap quota commands
+ - tests: moving the snaps which are not locally built to the store
+ directory
+ - image,c/snap: implement prepare-image --customize
+ - daemon: implement REST API for quota groups (create / list / get)
+ - cmd/snap, client: snap quotas command
+ - o/devicestate,o/hookstate/ctlcmd: introduce SystemModeInfo methods
+ and snapctl system-mode
+ - o/servicestate/quota_control.go: introduce (very) basic group
+ manipulation methods
+ - cmd/snap, client: snap remove-quota command
+ - wrappers, quota: implement quota groups slice generation
+ - snap/quotas: followups from previous PR
+ - cmd/snap: introduce 'snap quota' command
+ - o/configstate/configcore/picfg.go: use ubuntu-seed config.txt in
+ uc20 run mode
+ - o/servicestate: test has internal ordering issues, consider both
+ cases
+ - o/servicestate/quotas: add functions for getting and setting
+ quotas in state
+ - tests: new buckets for snapd-spread project on gce
+ - spread.yaml: update the gce project to start using snapd-spread
+ - quota: new package for managing resource groups
+ - many: bind and check keys against models when using FDE hooks v2
+ - many: move responsibilities down seboot -> kernel/fde and boot ->
+ secboot
+ - packaging: add placeholder changelog
+ - o/configstate/configcore/vitality: fix RequireMountedSnapdSnap
+ bug
+ - overlord: properly mock usr-lib-snapd tests to mimic an Ubuntu
+ Core system
+ - many: hide EncryptionKey size and refactors for fde hook v2 next
+ steps
+ - tests: adding debug info for create user tests
+ - o/hookstate: add "refresh" command to snapctl (hidden, not
+ complete yet)
+ - systemd: wait for zfs mounts (LP #1922293)
+ - testutil: support referencing files in FileEquals checker
+ - many: refactor to kernel/fde and allow `fde-setup initial-setup`
+ to return json
+ - o/snapstate: store refresh-candidates in the state
+ - o/snapstate: helper for creating gate-auto-refresh hooks
+ - bootloader/bootloadertest: provide interface implementation as
+ mixins, provide a mock for recovery-aware-trusted-asses bootloader
+ - tests/lib/nested: do not compress images, return early when
+ restored from pristine image
+ - boot: split out a helper for making recovery system bootable
+ - tests: update os.query check to match new bullseye codename used
+ on sid images
+ - o/snapstate: helper for getting snaps affected by refresh, define
+ new hook
+ - wrappers: support in EnsureSnapServices a callback to observe
+ changes (#10176)
+ - gadget: multi line support in gadget's cmdline file
+ - daemon: test that requesting restart from (early) Ensure works
+ - tests: use op.paths tools instead of dirs.sh helper - part 1
+ - tests: add new command to snaps-state to get current core, kernel
+ and gadget
+ - boot, gadget: move opening the snap container into the gadget
+ helper
+ - tests, overlord: extend unit tests, extend spread tests to cover
+ full command line support
+ - interfaces/builtin: introduce dsp interface
+ - boot, bootloader, bootloader/assets: support for full command line
+ override from gadget
+ - overlord/devicestate, overlord/snapstate: add task for updating
+ kernel command lines from gadget
+ - o/snapstate: remove unused DeviceCtx argument of
+ ensureInstallPreconditions
+ - tests/lib/nested: proper status return for tpm/secure boot checks
+ - cmd/snap, boot: add snapd_full_cmdline_args to dumped boot vars
+ - wrappers/services.go: refactor helper lambda function to separate
+ function
+ - boot/flags.go: add HostUbuntuDataForMode
+ - boot: handle updating of components that contribute to kernel
+ command line
+ - tests: add 20.04 to systems for nested/core
+ - daemon: add new accessChecker implementations
+ - boot, overlord/devicestate: consider gadget command lines when
+ updating boot config
+ - tests: fix prepare-image-grub-core18 for arm devices
+ - tests: fix gadget-kernel-refs-update-pc test on arm and when
+ $TRUST_TEST_KEY is false
+ - tests: enable help test for all the systems
+ - boot: set extra command line arguments when preparing run mode
+ - boot: load bits of kernel command line from gadget snaps
+ - tests: update layout for tests - part 2
+ - tests: update layout for tests - part 1
+ - tests: remove the snap profiler from the test suite
+ - boot: drop gadget snap yaml which is already defined elsewhere in
+ the tests
+ - boot: set extra kernel command line arguments when making a
+ recovery system bootable
+ - boot: pass gadget path to command line helpers, load gadget from
+ seed
+ - tests: new os.paths tool
+ - daemon: make ucrednetGet() return a *ucrednet structure
+ - boot: derive boot variables for kernel command lines
+ - cmd/snap-bootstrap/initramfs-mounts: fix boot-flags location from
+ initramfs
+
+ -- Ian Johnson <ian.johnson@canonical.com> Thu, 27 May 2021 11:15:20 -0500
+
+snapd (2.50.1-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1926005
+ - interfaces: update permitted /lib/.. paths to be compatible with
+ UC20
+ - interfaces: builtin: update permitted paths to be compatible with
+ UC20
+ - interfaces/greengrass-support: delete white spaces at the end of
+ lines
+ - snap-seccomp: update syscalls.go list
+ - many: backport kernel command line for 2.50
+ - interfaces/dbus: allow claiming 'well-known' D-Bus names with a
+ wildcard suffix
+ - interfaces/camera: allow devices in /sys/devices/platform/**/usb*
+ - interfaces/builtin: introduce dsp interface
+
+ -- Ian Johnson <ian.johnson@canonical.com> Wed, 19 May 2021 10:46:02 -0500
+
+snapd (2.50-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1926005
+ - overlord: properly mock usr-lib-snapd tests to mimic an Ubuntu
+ Core system
+ - o/configstate/configcore/vitality: fix RequireMountedSnapdSnap bug
+ - o/servicestate/servicemgr.go: add ensure loop for snap service
+ units
+ - wrappers/services.go: introduce EnsureSnapServices()
+ - snapstate: add "kernel-assets" to featureSet
+ - systemd: wait for zfs mounts
+ - overlord: make servicestate responsible to compute
+ SnapServiceOptions
+ - boot,tests: move where we write boot-flags one level up
+ - o/configstate: don't pass --root=/ when
+ masking/unmasking/enabling/disabling services
+ - cmd/snap-bootstrap/initramfs-mounts: write active boot-flags to
+ /run
+ - gadget: be more flexible with kernel content resolving
+ - boot, cmd/snap: include extra cmdline args in debug boot-vars
+ output
+ - boot: support read/writing boot-flags from userspace/initramfs
+ - interfaces/pwm: add PWM interface
+ - tests/lib/prepare-restore.sh: clean out snapd changes and snaps
+ before purging
+ - systemd: enrich UnitStatus returned by systemd.Status() with
+ Installed flag
+ - tests: updated restore phase of spread tests - part 1
+ - gadget: add support for kernel command line provided by the gadget
+ - tests: Using GO111MODULE: "off" in spread.yaml
+ - features: add gate-auto-refresh-hook feature flag
+ - spread: ignore linux kernel upgrade in early stages for arch
+ preparation
+ - tests: use snaps-state commands and remove them from the snaps
+ helper
+ - o/configstate: fix panic with a sequence of config unset ops over
+ same path
+ - api: provide meaningful error message on connect/disconnect for
+ non-installed snap
+ - interfaces/u2f-devices: add HyperFIDO Pro
+ - tests: add simple sanity check for systemctl show
+ --property=UnitFileState for unknown service
+ - tests: use tests.session tool on interfaces-desktop-document-
+ portal test
+ - wrappers: install D-Bus service activation files for snapd session
+ tools on core
+ - many: add x-gvfs-hide option to mount units
+ - interfaces/builtin/gpio_test.go: actually test the generated gpio
+ apparmor
+ - spread: tentative workaround for arch failure caused by libc
+ upgrade and cgroups v2
+ - tests: add spread test for snap validate against store assertions
+ - tests: remove snaps which are not used in any test
+ - ci: set the accept-existing-contributors parameter for the cla-
+ check action
+ - daemon: introduce apiBaseSuite.(json|sync|async|error)Req (and
+ some apiBaseSuite cosmetics)
+ - o/devicestate/devicemgr: register install-device hook, run if
+ present in install
+ - o/configstate/configcore: simple refactors in preparation for new
+ function
+ - tests: unifying the core20 nested suite with the core nested suite
+ - tests: uboot-unpacked-assets updated to reflect the real path used
+ to find the kernel
+ - daemon: switch api_test.go to daemon_test and various other
+ cleanups
+ - o/configstate/configcore/picfg.go: add hdmi_cvt support
+ - interfaces/apparmor: followup cleanups, comments and tweaks
+ - boot: cmd/snap-bootstrap: handle a candidate recovery system v2
+ - overlord/snapstate: skip catalog refresh when snappy testing is
+ enabled
+ - overlord/snapstate, overlord/ifacestate: move late security
+ profile removal to ifacestate
+ - snap-seccomp: fix seccomp test on ppc64el
+ - interfaces, interfaces/apparmor, overlord/snapstate: late removal
+ of snap-confine apparmor profiles
+ - cmd/snap-bootstrap/initramfs-mounts: move time forward using
+ assertion times
+ - tests: reset the system while preparing the test suite
+ - tests: fix snap-advise-command check for 429
+ - gadget: policy for gadget/kernel refreshes
+ - o/configstate: deal with no longer valid refresh.timer=managed
+ - interfaces/udisks2: allow locking /run/mount/utab for udisks 2.8.4
+ - cla-check: Use has-signed-canonical-cla GitHub Action
+ - tests: validation sets spread test
+ - tests: simplify the reset.sh logic by removing not needed command
+ - overlord/snapstate: make sure that snapd current symlink is not
+ removed during refresh
+ - tests/core/fsck-on-boot: unmount /run/mnt/snapd directly on uc20
+ - tests/lib/fde-setup-hook: also verify that fde-reveal-key key data
+ is base64
+ - o/devicestate: split off ensuring next boot goes to run mode into
+ new task
+ - tests: fix cgroup-tracking test
+ - boot: export helper for clearing tried system state, add tests
+ - cmd/snap: use less aggressive client timeouts in unit tests
+ - daemon: fix signing key validity timestamp in unit tests
+ - o/{device,hook}state: encode fde-setup-request key as base64
+ string
+ - packaging: drop dh-systemd from build-depends on ubuntu-16.04+
+ - cmd/snap/pack: unhide the compression option
+ - boot: extend set try recovery system unit tests
+ - cmd/snap-bootstrap: refactor handling of ubuntu-save, do not use
+ secboot's implicit fallback
+ - o/configstate/configcore: add hdmi_timings to pi-config
+ - snapstate: reduce reRefreshRetryTimeout to 1/2 second
+ - interfaces/tee: add TEE/OPTEE interface
+ - o/snapstate: update validation sets assertions with auto-refresh
+ - vendor: update go-tpm2/secboot to latest version
+ - seed: ReadSystemEssentialAndBetterEarliestTime
+ - tests: replace while commands with the retry tool
+ - interfaces/builtin: update unit tests to use proper distro's
+ libexecdir
+ - tests: run the reset.sh helper and check test invariants while the
+ test is restored
+ - daemon: switch preexisting daemon_test tests to apiBaseSuite and
+ .req
+ - boot, o/devicestate: split makeBootable20 into two parts
+ - interfaces/docker-support: add autobind unix rules to docker-
+ support
+ - interfaces/apparmor: allow reading
+ /proc/sys/kernel/random/entropy_avail
+ - tests: use retry tool instead a loops
+ - tests/main/uc20-create-partitions: fix tests cleanup
+ - asserts: mode where Database only assumes cur time >= earliest
+ time
+ - daemon: validation sets/api tests cleanup
+ - tests: improve tests self documentation for nested test suite
+ - api: local assertion fallback when it's not in the store
+ - api: validation sets monitor mode
+ - tests: use fs-state tool in interfaces tests
+ - daemon: move out /v2/login|logout and errToResponse tests from
+ api_test.go
+ - boot: helper for inspecting the outcome of a recovery system try
+ - o/configstate, o/snapshotstate: fix handling of nil snap config on
+ snapshot restore
+ - tests: update documentation and checks for interfaces tests
+ - snap-seccomp: add new `close_range` syscall
+ - boot: revert #10009
+ - gadget: remove `device-tree{,-origin}` from gadget tests
+ - boot: simplify systems test setup
+ - image: write resolved-content from snap prepare-image
+ - boot: reseal the run key for all recovery systems, but recovery
+ keys only for the good ones
+ - interfaces/builtin/network-setup-{control,observe}: allow using
+ netplan directly
+ - tests: improve sections prepare and restore - part 1
+ - tests: update details on task.yaml files
+ - tests: revert os.query usage in spread.yaml
+ - boot: export bootAssetsMap as AssetsMap
+ - tests/lib/prepare: fix repacking of the UC20 kernel snap for with
+ ubuntu-core-initramfs 40
+ - client: protect against reading too much data from stdin
+ - tests: improve tests documentation - part 2
+ - boot: helper for setting up a try recover system
+ - tests: improve tests documentation - part 1
+ - tests/unit/go: use tests.session wrapper for running tests as a
+ user
+ - tests: improvements for snap-seccomp-syscalls
+ - gadget: simplify filterUpdate (thanks to Maciej)
+ - tests/lib/prepare.sh: use /etc/group and friends from the core20
+ snap
+ - tests: fix tumbleweed spread tests part 2
+ - tests: use new commands of os.query tool on tests
+ - o/snapshotstate: create snapshots directory on import
+ - tests/main/lxd/prep-snapd-in-lxd.sh: dump contents of sources.list
+ - packaging: drop 99-snapd.conf via dpkg-maintscript-helper
+ - osutil: add SetTime() w/ 32-bit and 64-bit implementations
+ - interfaces/wayland: rm Xwayland Xauth file access from wayland
+ slot
+ - packaging/ubuntu-16.04/rules: turn modules off explicitly
+ - gadget,devicestate: perform kernel asset update for $kernel: style
+ refs
+ - cmd/recovery: small fix for `snap recovery` tab output
+ - bootloader/lkenv: add recovery systems related variables
+ - tests: fix new tumbleweed image
+ - boot: fix typo, should be systems
+ - o/devicestate: test that users.create.automatic is configured
+ early
+ - asserts: use Fetcher in AddSequenceToUpdate
+ - daemon,o/c/configcore: introduce users.create.automatic
+ - client, o/servicestate: expose enabled state of user daemons
+ - boot: helper for checking and marking tried recovery system status
+ from initramfs
+ - asserts: pool changes for validation-sets (#9930)
+ - daemon: move the last api_foo_test.go to daemon_test
+ - asserts: include the assertion timestamp in error message when
+ outside of signing key validity range
+ - ovelord/snapshotstate: keep a few of the last line tar prints
+ before failing
+ - gadget/many: rm, delay sector size + structure size checks to
+ runtime
+ - cmd/snap-bootstrap/triggerwatch: fix returning wrong errors
+ - interfaces: add allegro-vcu and media-control interfaces
+ - interfaces: opengl: add Xilinx zocl bits
+ - mkversion: check that version from changelog is set before
+ overriding the output version
+ - many: fix new ineffassign warnings
+ - .github/workflows/labeler.yaml: try work-around to not sync
+ labels
+ - cmd/snap, boot: add debug set-boot-vars
+ - interfaces: allow reading the Xauthority file KDE Plasma writes
+ for Wayland sessions
+ - tests/main/snap-repair: test running repair assertion w/ fakestore
+ - tests: disable lxd tests for 21.04 until the lxd images are
+ published for the system
+ - tests/regression/lp-1910456: cleanup the /snap symlink when done
+ - daemon: move single snap querying and ops to api_snaps.go
+ - tests: fix for preseed and dbus tests on 21.04
+ - overlord/snapshotstate: include the last message printed by tar in
+ the error
+ - interfaces/system-observe: Allow reading /proc/zoneinfo
+ - interfaces: remove apparmor downgrade feature
+ - snap: fix unit tests on Go 1.16
+ - spread: disable Go modules support in environment
+ - tests: use new path to find kernel.img in uc20 for arm devices
+ - tests: find files before using cat command when checking broadcom-
+ asic-control interface
+ - boot: introduce good recovery systems, provide compatibility
+ handling
+ - overlord: add manager gadget refresh test
+ - tests/lib/fakestore: support repair assertions too
+ - github: temporarily disable action labeler due to issues with
+ labels being removed
+ - o/devicestate,many: introduce DeviceManager.preloadGadget for
+ EarlyConfig
+ - tests: enable ubuntu 21.04 for spread tests
+ - snap: provide a useful error message if gdbserver is not installed
+ - data/selinux: allow system dbus to watch /var/lib/snapd/dbus-1
+ - tests/lib/prepare.sh: split reflash.sh into two parts
+ - packaging/opensuse: sync with openSUSE packaging
+ - packaging: disable Go modules in snapd.mk
+ - snap: add deprecation noticed to "snap run --gdb"
+ - daemon: add API for checking and installing available theme snaps
+ - tests: using labeler action to add automatically a label to run
+ nested tests
+ - gadget: improve error handling around resolving content sources
+ - asserts: repeat the authority cross-check in CheckSignature as
+ well
+ - interfaces/seccomp/template.go: allow copy_file_range
+ - o/snapstate/check_snap.go: add support for many subversions in
+ assumes snapdX..
+ - daemon: move postSnap and inst.dispatch tests to api_snaps_test.go
+ - wrappers: use proper paths for mocked mount units in tests
+ - snap: rename gdbserver option to `snap run --gdbserver`
+ - store: support validation sets with fetch-assertions action
+ - snap-confine.apparmor.in: support tmp and log dirs on Yocto/Poky
+ - packaging/fedora: sync with downstream packaging in Fedora
+ - many: add Delegate=true to generated systemd units for special
+ interfaces (master)
+ - boot: use a common helper for mocking boot assets in cache
+ - api: validate snaps against validation set assert from the store
+ - wrappers: don't generate an [Install] section for timer or dbus
+ activated services
+ - tests/nested/core20/boot-config-update: skip when snapd was not
+ built with test features
+ - o/configstate,o/devicestate: introduce devicestate.EarlyConfig
+ implemented by configstate.EarlyConfig
+ - cmd/snap-bootstrap/initramfs-mounts: fix typo in func name
+ - interfaces/builtin: mock distribution in fontconfig cache unit
+ tests
+ - tests/lib/prepare.sh: add another console= to the reflash magic
+ grub entry
+ - overlord/servicestate: expose dbus activators of a service
+ - desktop/notification: test against a real session bus and
+ notification server implementation
+ - cmd/snap-bootstrap/initramfs-mounts: write realistic modeenv for
+ recover+install
+ - HACKING.md: explain how to run UC20 spread tests with QEMU
+ - asserts: introduce AtSequence
+ - overlord/devicestate: task for updating boot configs, spread test
+ - gadget: fix documentation/typos
+ - gadget: cleanup MountedFilesystem{Writer,Updater}
+ - gadget: use ResolvedSource in MountedFilesystemWriter
+ - snap/info.go: add doc-comment for SortServices
+ - interfaces: add an optional mount-host-font-cache plug attribute
+ to the desktop interface
+ - osutil: skip TestReadBuildGo inside sbuild
+ - o/hookstate/ctlcmd: add optional --pid and --apparmor-label
+ arguments to "snapctl is-connected"
+ - data/env/snapd: use quoting in case PATH contains spaces
+ - boot: do not observe successful boot assets if not in run mode
+ - tests: fix umount for snapd snap on fsck-on-boot testumount:
+ /run/mnt/ubuntu-seed/systems/*/snaps/snapd_*.snap: no mount
+ - misc: little tweaks
+ - snap/info.go: ignore unknown daemons in SortSnapServices
+ - devicestate: keep log from install-mode on installed system
+ - seed: add LoadEssentialMeta to seed16 and allow all of its
+ implementations to be called multiple times
+ - cmd/snap-preseed: initialize snap.SanitizePlugsSlots for gadget in
+ seeds
+ - tests/core/uc20-recovery: move recover mode helpers to generic
+ testslib script
+ - interfaces/fwupd: allow any distros to access fw files via fwupd
+ - store: method for fetching validation set assertion
+ - store: switch to v2/assertions api
+ - gadget: add new ResolvedContent and populate from LayoutVolume()
+ - spread: use full format when listing processes
+ - osutil/many: make all test pkgs osutil_test instead of "osutil"
+ - tests/unit/go: drop unused environment variables, skip coverage
+ - OpenGL interface: Support more Tegra libs
+ - gadget,overlord: pass kernelRoot to install.Run()
+ - tests: run unit tests in Focal instead of Xenial
+ - interfaces/browser-support: allow sched_setaffinity with browser-
+ sandbox: true
+ - daemon: move query /snaps/<name> tests to api_snaps_test.go
+ - cmd/snap-repair/runner.go: add SNAP_SYSTEM_MODE to env of repair
+ runner
+ - systemd/systemd.go: support journald JSON messages with arrays for
+ values
+ - cmd: make string/error code more robust against errno leaking
+ - github, run-checks: do not collect coverage data on subsequent
+ test runs
+ - boot: boot config update & reseal
+ - o/snapshotstate: handle conflicts between snapshot forget, export
+ and import
+ - osutil/stat.go: add RegularFileExists
+ - cmd/snapd-generator: don't create mount overrides for snap-try
+ snaps inside lxc
+ - gadget/gadget.go: rename ubuntu-* to system-* in doc-comment
+ - tests: use 6 spread workers for centos8
+ - bootloader/assets: support injecting bootloader assets in testing
+ builds of snapd
+ - gadget: enable multi-volume uc20 gadgets in
+ LaidOutSystemVolumeFromGadget; rename too
+ - overlord/devicestate, sysconfig: do nothing when cloud-init is not
+ present
+ - cmd/snap-repair: filter repair assertions based on bases + modes
+ - snap-confine: make host /etc/ssl available for snaps on classic
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Sat, 24 Apr 2021 12:17:45 +0200
+
+snapd (2.49.2-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1915248
+ - interfaces/tee: add TEE/OPTEE interface
+ - o/configstate/configcore: add hdmi_timings to pi-config
+ - interfaces/udisks2: allow locking /run/mount/utab for udisks 2.8.4
+ - snap-seccomp: fix seccomp test on ppc64el
+ - interfaces{,/apparmor}, overlord/snapstate:
+ late removal of snap-confine apparmor profiles
+ - overlord/snapstate, wrappers: add dependency on usr-lib-
+ snapd.mount for services on core with snapd snap
+ - o/configstate: deal with no longer valid refresh.timer=managed
+ - overlord/snapstate: make sure that snapd current symlink is not
+ removed during refresh
+ - packaging: drop dh-systemd from build-depends on ubuntu-16.04+
+ - o/{device,hook}state: encode fde-setup-request key as base64
+ - snapstate: reduce reRefreshRetryTimeout to 1/2 second
+ - tests/main/uc20-create-partitions: fix tests cleanup
+ - o/configstate, o/snapshotstate: fix handling of nil snap config on
+ snapshot restore
+ - snap-seccomp: add new `close_range` syscall
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Fri, 26 Mar 2021 16:49:46 +0100
+
+snapd (2.49.1-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1915248
+ - tests: turn modules off explicitly in spread go unti test
+ - o/snapshotstate: create snapshots directory on import
+ - cmd/snap-bootstrap/triggerwatch: fix returning wrong errors
+ - interfaces: add allegro-vcu and media-control interfaces
+ - interfaces: opengl: add Xilinx zocl bits
+ - many: fix new ineffassign warnings
+ - interfaces/seccomp/template.go: allow copy_file_range
+ - interfaces: allow reading the Xauthority file KDE Plasma writes
+ for Wayland sessions
+ - data/selinux: allow system dbus to watch
+ /var/lib/snapd/dbus-1
+ - Remove apparmor downgrade feature
+ - Support tmp and log dirs on Yocto/Poky
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Mon, 08 Mar 2021 10:47:05 +0100
+
+snapd (2.49-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1915248
+ - many: add Delegate=true to generated systemd units for special
+ interfaces
+ - cmd/snap-bootstrap: rename ModeenvFromModel to
+ EphemeralModeenvForModel
+ - cmd/snap-bootstrap/initramfs-mounts: write realistic modeenv for
+ recover+install
+ - osutil: skip TestReadBuildGo inside sbuild
+ - tests: fix umount for snapd snap on fsck-on-boot test
+ - snap/info_test.go: add unit test cases for bug
+ - tests/main/services-after-before: add regression spread test
+ - snap/info.go: ignore unknown daemons in SortSnapServices
+ - cmd/snap-preseed: initialize snap.SanitizePlugsSlots for gadget in
+ seeds
+ - OpenGL interface: Support more Tegra libs
+ - interfaces/browser-support: allow sched_setaffinity with browser-
+ sandbox: true
+ - cmd: make string/error code more robust against errno leaking
+ - o/snapshotstate: handle conflicts between snapshot forget, export
+ and import
+ - cmd/snapd-generator: don't create mount overrides for snap-try
+ snaps inside lxc
+ - tests: update test pkg for fedora and centos
+ - gadget: pass sector size in to mkfs family of functions, use to
+ select block sz
+ - o/snapshotstate: fix returning of snap names when duplicated
+ snapshot is detected
+ - tests/main/snap-network-errors: skip flushing dns cache on
+ centos-7
+ - interfaces/builtin: Allow DBus property access on
+ org.freedesktop.Notifications
+ - cgroup-support.c: fix link to CGROUP DELEGATION
+ - osutil: update go-udev package
+ - packaging: fix arch-indep build on debian-sid
+ - {,sec}boot: pass "key-name" to the FDE hooks
+ - asserts: sort by revision with Sort interface
+ - gadget: add gadget.ResolveContentPaths()
+ - cmd/snap-repair: save base snap and mode in device info; other
+ misc cleanups
+ - tests: cleanup the run-checks script
+ - asserts: snapasserts method to validate installed snaps against
+ validation sets
+ - tests: normalize test tools - part 1
+ - snapshotstate: detect duplicated snapshot imports
+ - interfaces/builtin: fix unit test expecting snap-device-helper at
+ /usr/lib/snapd
+ - tests: apply workaround done for snap-advise-command to apt-hooks
+ test
+ - tests: skip main part of snap-advise test if 429 error is
+ encountered
+ - many: clarify gadget role-usage consistency checks for UC16/18 vs
+ UC20
+ - sandbox/cgroup, tess/main: fix unit tests on v2 system, disable
+ broken tests on sid
+ - interfaces/builtin: more drive by fixes, import ordering, removing
+ dead code
+ - tests: skip interfaces-openvswitch spread test on debian sid
+ - interfaces/apparmor: drive by comment fix
+ - cmd/libsnap-confine-private/cleanup-funcs-test.c: rm g_autofree
+ usage
+ - cmd/libsnap-confine-private: make unit tests execute happily in a
+ container
+ - interfaces, wrappers: misc comment fixes, etc.
+ - asserts/repair.go: add "bases" and "modes" support to the repair
+ assertion
+ - interfaces/opengl: allow RPi MMAL video decoding
+ - snap: skip help output tests for go-flags v1.4.0
+ - gadget: add validation for "$kernel:ref" style content
+ - packaging/deb, tests/main/lxd-postrm-purge: fix purge inside
+ containers
+ - spdx: update to SPDX license list version: 3.11 2020-11-25
+ - tests: improve hotplug test setup on classic
+ - tests: update check to verify is the current system is arm
+ - tests: use os-query tool to check debian, trusty and tumbleweed
+ - daemon: start moving implementation to api_snaps.go
+ - tests/main/snap-validate-basic: disable test on Fedora due to go-
+ flags panics
+ - tests: fix library path used for tests.pkgs
+ - tests/main/cohorts: replace yq with a Python snippet
+ - run-checks: update to match new argument syntax of ineffassign
+ - tests: use apiBaseSuite for snapshots tests, fix import endpoint
+ path
+ - many: separate consistency/content validation into
+ gadget.Validate|Content
+ - o/{device,snap}state: enable devmode snaps with dangerous model
+ assertions
+ secboot: add test for when systemd-run does not honor
+ RuntimeMaxSec
+ - secboot: add workaround for snapcore/core-initrd issue #13
+ - devicestate: log checkEncryption errors via logger.Noticef
+ - o/daemon: validation sets api and basic spread test
+ - gadget: move BuildPartitionList to install and make it unexported
+ - tests: add nested spread end-to-end test for fde-hooks
+ - devicestate: implement checkFDEFeatures()
+ - boot: tweak resealing with fde-setup hooks
+ - tests: add os query commands for subsystems and architectures
+ - o/snapshotstate: don't set auto flag in the snapshot file
+ - tests: use os.query tool instead of comparing the system var
+ - testutil: use the original environment when calling shellcheck
+ - sysconfig/cloudinit.go: add "manual_cache_clean: true" to cloud-
+ init restrict file
+ - gadget,o/devicestate,tests: drop EffectiveFilesystemLabel and
+ instead set the implicit labels when loading the yaml
+ - secboot: add new LockSealedKeys() that uses either TPM/fde-reveal-
+ key
+ - gadget/quantity: introduce Offset, start using it for offset
+ related fields in the gadget
+ - gadget: use "sealed-keys" to determine what method to use for
+ reseal
+ - tests/main/fake-netplan-apply: disable test on xenial for now
+ - daemon: start splitting snaps op tests out of api_test.go
+ - testutil: make DBusTest use a custom bus configuration file
+ - tests: replace pkgdb.sh (library) with tests.pkgs (program)
+ - gadget: prepare gadget kernel refs (0/N)
+ - interfaces/builtin/docker-support: allow /run/containerd/s/...
+ - cmd/snap-preseed: reset run inhibit locks on --reset.
+ - boot: add sealKeyToModeenvUsingFdeSetupHook()
+ - daemon: reorg snap.go and split out sections and icons support
+ from api.go
+ - sandbox/seccomp: use snap-seccomp's stdout for getting version
+ info
+ - daemon: split find support to its own api_*.go files and move some
+ helpers
+ - tests: move snapstate config defaults tests to a separate file.
+ - bootloader/{lk,lkenv}: followups from #9695
+ - daemon: actually move APIBaseSuite to daemon_test.apiBaseSuite
+ - gadget,o/devicestate: set implicit values for schema and role
+ directly instead of relying on Effective* accessors
+ - daemon: split aliases support to its own api_*.go files
+ - gadget: start separating rule/convention validation from basic
+ soundness
+ - cmd/snap-update-ns: add better unit test for overname sorting
+ - secboot: use `fde-reveal-key` if available to unseal key
+ - tests: fix lp-1899664 test when snapd_x1 is not installed in the
+ system
+ - tests: fix the scenario when the "$SRC".orig file does not exist
+ - cmd/snap-update-ns: fix sorting of overname mount entries wrt
+ other entries
+ - devicestate: add runFDESetupHook() helper
+ - bootloader/lk: add support for UC20 lk bootloader with V2 lkenv
+ structs
+ - daemon: split unsupported buy implementation to its own api_*.go
+ files
+ - tests: download timeout spread test
+ - gadget,o/devicestate: hybrid 18->20 ready volume setups should be
+ valid
+ - o/devicestate: save model with serial in the device save db
+ - bootloader: add check for prepare-image time and more tests
+ validating options
+ - interfaces/builtin/log_observe.go: allow controlling apparmor
+ audit levels
+ - hookstate: refactor around EphemeralRunHook
+ - cmd/snap: implement 'snap validate' command
+ - secboot,devicestate: add scaffoling for "fde-reveal-key" support
+ - boot: observe successful command line update, provide a default
+ - tests: New queries for the os tools
+ - bootloader/lkenv: specify backup file as arg to NewEnv(), use ""
+ as path+"bak"
+ - osutil/disks: add FindMatchingPartitionUUIDWithPartLabel to Disk
+ iface
+ - daemon: split out snapctl support and snap configuration support
+ to their own api_*.go files
+ - snapshotstate: improve handling of multiple errors
+ - tests: sign new nested-18|20* models to allow for generic serials
+ - bootloader: remove installableBootloader interface and methods
+ - seed: cleanup/drop some no longer valid TODOS, clarify some other
+ points
+ - boot: set kernel command line in modeenv during install
+ - many: rename disks.FindMatching... to FindMatching...WithFsLabel
+ and err type
+ - cmd/snap: suppress a case of spurious stdout logging from tests
+ - hookstate: add new HookManager.EphemeralRunHook()
+ - daemon: move some more api tests from daemon to daemon_test
+ - daemon: split apps and logs endpoints to api_apps.go and tests
+ - interfaces/utf: Add Ledger to U2F devices
+ - seed/seedwriter: consider modes when checking for deps
+ availability
+ - o/devicestate,daemon: fix reboot system action to not require a
+ system label
+ - cmd/snap-repair,store: increase initial retry time intervals,
+ stalling TODOs
+ - daemon: split interfacesCmd to api_interfaces.go
+ - github: run nested suite when commit is pushed to release branch
+ - client: reduce again the /v2/system-info timeout
+ - tests: reset fakestore unit status
+ - update-pot: fix typo in plural keyword spec
+ - tests: remove workarounds that add "ubuntu-save" if missing
+ - tests: add unit test for auto-refresh with validate-snap failure
+ - osutil: add helper for getting the kernel command line
+ - tests/main/uc20-create-partitions: verify ubuntu-save encryption
+ keys, tweak not MATCH
+ - boot: add kernel command lines to the modeenv file
+ - spread: bump delta ref, tweak repacking to make smaller delta
+ archives
+ - bootloader/lkenv: add v2 struct + support using it
+ - snapshotstate: add cleanup of abandonded snapshot imports
+ - tests: fix uc20-create-parition-* tests for updated gadget
+ - daemon: split out /v2/interfaces tests to api_interfaces_test.go
+ - hookstate: implement snapctl fde-setup-{request,result}
+ - wrappers, o/devicestate: remove EnableSnapServices
+ - tests: enable nested on 20.10
+ - daemon: simplify test helpers Get|PostReq into Req
+ - daemon: move general api to api_general*.go
+ - devicestate: make checkEncryption fde-setup hook aware
+ - client/snapctl, store: fix typos
+ - tests/main/lxd/prep-snapd-in-lxd.sh: wait for valid apt files
+ before doing apt ops
+ - cmd/snap-bootstrap: update model cross-check considerations
+ - client,snapctl: add naive support for "stdin"
+ - many: add new "install-mode: disable" option
+ - osutil/disks: allow building on mac os
+ - data/selinux: update the policy to allow operations on non-tmpfs
+ /tmp
+ - boot: add helper for generating candidate kernel lines for
+ recovery system
+ - wrappers: generate D-Bus service activation files
+ - bootloader/many: rm ConfigFile, add Present for indicating
+ presence of bloader
+ - osutil/disks: allow mocking DiskFromDeviceName
+ - daemon: start cleaning up api tests
+ - packaging/arch: sync with AUR packaging
+ - bootloader: indicate when boot config was updated
+ - tests: Fix snap-debug-bootvars test to make it work on arm devices
+ and core18
+ - tests/nested/manual/core20-save: verify handling of ubuntu-save
+ with different system variants
+ - snap: use the boot-base for kernel hooks
+ - devicestate: support "storage-safety" defaults during install
+ - bootloader/lkenv: mv v1 to separate file,
+ include/lk/snappy_boot_v1.h: little fixups
+ - interfaces/fpga: add fpga interface
+ - store: download timeout
+ - vendor: update secboot repo to avoid including secboot.test binary
+ - osutil: add KernelCommandLineKeyValue
+ - gadget/gadget.go: allow system-recovery-{image,select} as roles in
+ gadget.yaml
+ - devicestate: implement boot.HasFDESetupHook
+ - osutil/disks: add DiskFromName to get a disk using a udev name
+ - usersession/agent: have session agent connect to the D-Bus session
+ bus
+ - o/servicestate: preserve order of services on snap restart
+ - o/servicestate: unlock state before calling wrappers in
+ doServiceControl
+ - spread: disable unattended-upgrades on ubuntu
+ - tests: testing new fedora 33 image
+ - tests: fix fsck on boot on arm devices
+ - tests: skip boot state test on arm devices
+ - tests: updated the systems to run prepare-image-grub test
+ - interfaces/raw_usb: allow read access to /proc/tty/drivers
+ - tests: unmount /boot/efi in fsck-on-boot test
+ - strutil/shlex,osutil/udev/netlink: minimally import go-check
+ - tests: fix basic20 test on arm devices
+ - seed: make a shared seed system label validation helper
+ - tests/many: enable some uc20 tests, delete old unneeded tests or
+ TODOs
+ - boot/makebootable.go: set snapd_recovery_mode=install at image-
+ build time
+ - tests: migrate test from boot.sh helper to boot-state tool
+ - asserts: implement "storage-safety" in uc20 model assertion
+ - bootloader: use ForGadget when installing boot config
+ - spread: UC20 no longer needs 2GB of mem
+ - cmd/snap-confine: implement snap-device-helper internally
+ - bootloader/grub: replace old reference to Managed...Blr... with
+ Trusted...Blr...
+ - cmd/snap-bootstrap: add readme for snap-bootstrap + real state
+ diagram
+ - interfaces: fix greengrass attr namingThe flavor attribute names
+ are now as follows:
+ - tests/lib/nested: poke the API to get the snap revisions
+ - tests: compare options of mount units created by snapd and snapd-
+ generator
+ - o/snapstate,servicestate: use service-control task for service
+ actions
+ - sandbox: track applications unconditionally
+ - interfaces/greengrass-support: add additional "process" flavor for
+ 1.11 update
+ - cmd/snap-bootstrap, secboot, tests: misc cleanups, add spread test
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Wed, 10 Feb 2021 10:47:17 +0100
+
+snapd (2.48.2-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1906690
+ - tests: sign new nested-18|20* models to allow for generic serials
+ - secboot: add extra paranoia when waiting for that fde-reveal-key
+ - tests: backport netplan workarounds from #9785
+ - secboot: add workaround for snapcore/core-initrd issue #13
+ - devicestate: log checkEncryption errors via logger.Noticef
+ - tests: add nested spread end-to-end test for fde-hooks
+ - devicestate: implement checkFDEFeatures()
+ - boot: tweak resealing with fde-setup hooks
+ - sysconfig/cloudinit.go: add "manual_cache_clean: true" to cloud-
+ init restrict file
+ - secboot: add new LockSealedKeys() that uses either TPM or
+ fde-reveal-key
+ - gadget: use "sealed-keys" to determine what method to use for
+ reseal
+ - boot: add sealKeyToModeenvUsingFdeSetupHook()
+ - secboot: use `fde-reveal-key` if available to unseal key
+ - cmd/snap-update-ns: fix sorting of overname mount entries wrt
+ other entries
+ - o/devicestate: save model with serial in the device save db
+ - devicestate: add runFDESetupHook() helper
+ - secboot,devicestate: add scaffoling for "fde-reveal-key" support
+ - hookstate: add new HookManager.EphemeralRunHook()
+ - update-pot: fix typo in plural keyword spec
+ - store,cmd/snap-repair: increase initial expontential time
+ intervals
+ - o/devicestate,daemon: fix reboot system action to not require a
+ system label
+ - github: run nested suite when commit is pushed to release branch
+ - tests: reset fakestore unit status
+ - tests: fix uc20-create-parition-* tests for updated gadget
+ - hookstate: implement snapctl fde-setup-{request,result}
+ - devicestate: make checkEncryption fde-setup hook aware
+ - client,snapctl: add naive support for "stdin"
+ - devicestate: support "storage-safety" defaults during install
+ - snap: use the boot-base for kernel hooks
+ - vendor: update secboot repo to avoid including secboot.test binary
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Tue, 15 Dec 2020 20:21:44 +0100
+
+snapd (2.48.1-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1906690
+ - gadget: disable ubuntu-boot role validation check
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 03 Dec 2020 17:43:30 +0100
+
+snapd (2.48-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1904098
+ - osutil: add KernelCommandLineKeyValue
+ - devicestate: implement boot.HasFDESetupHook
+ - boot/makebootable.go: set snapd_recovery_mode=install at image-
+ build time
+ - bootloader: use ForGadget when installing boot config
+ - interfaces/raw_usb: allow read access to /proc/tty/drivers
+ - boot: add scaffolding for "fde-setup" hook support for sealing
+ - tests: fix basic20 test on arm devices
+ - seed: make a shared seed system label validation helper
+ - snap: add new "fde-setup" hooktype
+ - cmd/snap-bootstrap, secboot, tests: misc cleanups, add spread test
+ - secboot,cmd/snap-bootstrap: fix degraded mode cases with better
+ device handling
+ - boot,dirs,c/snap-bootstrap: avoid InstallHost* at the cost of some
+ messiness
+ - tests/nested/manual/refresh-revert-fundamentals: temporarily
+ disable secure boot
+ - snap-bootstrap,secboot: call BlockPCRProtectionPolicies in all
+ boot modes
+ - many: address degraded recover mode feedback, cleanups
+ - tests: Use systemd-run on tests part2
+ - tests: set the opensuse tumbleweed system as manual in spread.yaml
+ - secboot: call BlockPCRProtectionPolicies even if the TPM is
+ disabled
+ - vendor: update to current secboot
+ - cmd/snap-bootstrap,o/devicestate: use a secret to pair data and
+ save
+ - spread.yaml: increase number of workers on 20.10
+ - snap: add new `snap recovery --show-keys` option
+ - tests: minor test tweaks suggested in the review of 9607
+ - snapd-generator: set standard snapfuse options when generating
+ units for containers
+ - tests: enable lxd test on ubuntu-core-20 and 16.04-32
+ - interfaces: share /tmp/.X11-unix/ from host or provider
+ - tests: enable main lxd test on 20.10
+ - cmd/s-b/initramfs-mounts: refactor recover mode to implement
+ degraded mode
+ - gadget/install: add progress logging
+ - packaging: keep secboot/encrypt_dummy.go in debian
+ - interfaces/udev: use distro specific path to snap-device-helper
+ - o/devistate: fix chaining of tasks related to regular snaps when
+ preseeding
+ - gadget, overlord/devicestate: validate that system supports
+ encrypted data before install
+ - interfaces/fwupd: enforce the confined fwupd to align Ubuntu Core
+ ESP layout
+ - many: add /v2/system-recovery-keys API and client
+ - secboot, many: return UnlockMethod from Unlock* methods for future
+ usage
+ - many: mv keys to ubuntu-boot, move model file, rename keyring
+ prefix for secboot
+ - tests: using systemd-run instead of manually create a systemd unit
+ - part 1
+ - secboot, cmd/snap-bootstrap: enable or disable activation with
+ recovery key
+ - secboot: refactor Unlock...IfEncrypted to take keyfile + check
+ disks first
+ - secboot: add LockTPMSealedKeys() to lock access to keys
+ independently
+ - gadget: correct sfdisk arguments
+ - bootloader/assets/grub: adjust fwsetup menuentry label
+ - tests: new boot state tool
+ - spread: use the official image for Ubuntu 20.10, no longer an
+ unstable system
+ - tests/lib/nested: enable snapd logging to console for core18
+ - osutil/disks: re-implement partition searching for disk w/ non-
+ adjacent parts
+ - tests: using the nested-state tool in nested tests
+ - many: seal a fallback object to the recovery boot chain
+ - gadget, gadget/install: move helpers to install package, refactor
+ unit tests
+ - dirs: add "gentoo" to altDirDistros
+ - update-pot: include file locations in translation template, and
+ extract strings from desktop files
+ - gadget/many: drop usage of gpt attr 59 for indicating creation of
+ partitions
+ - gadget/quantity: tweak test name
+ - snap: fix failing unittest for quantity.FormatDuration()
+ - gadget/quantity: introduce a new package that captures quantities
+ - o/devicestate,a/sysdb: make a backup of the device serial to save
+ - tests: fix rare interaction of tests.session and specific tests
+ - features: enable classic-preserves-xdg-runtime-dir
+ - tests/nested/core20/save: check the bind mount and size bump
+ - o/devicetate,dirs: keep device keys in ubuntu-save/save for UC20
+ - tests: rename hasHooks to hasInterfaceHooks in the ifacestate
+ tests
+ - o/devicestate: unit test tweaks
+ - boot: store the TPM{PolicyAuthKey,LockoutAuth}File in ubuntu-save
+ - testutil, cmd/snap/version: fix misc little errors
+ - overlord/devicestate: bind mount ubuntu-save under
+ /var/lib/snapd/save on startup
+ - gadget/internal: tune ext4 setting for smaller filesystems
+ - tests/nested/core20/save: a test that verifies ubuntu-save is
+ present and set up
+ - tests: update google sru backend to support groovy
+ - o/ifacestate: handle interface hooks when preseeding
+ - tests: re-enable the apt hooks test
+ - interfaces,snap: use correct type: {os,snapd} for test data
+ - secboot: set metadata and keyslots sizes when formatting LUKS2
+ volumes
+ - tests: improve uc20-create-partitions-reinstall test
+ - client, daemon, cmd/snap: cleanups from #9489 + more unit tests
+ - cmd/snap-bootstrap: mount ubuntu-save during boot if present
+ - secboot: fix doc comment on helper for unlocking volume with key
+ - tests: add spread test for refreshing from an old snapd and core18
+ - o/snapstate: generate snapd snap wrappers again after restart on
+ refresh
+ - secboot: version bump, unlock volume with key
+ - tests/snap-advise-command: re-enable test
+ - cmd/snap, snapmgr, tests: cleanups after #9418
+ - interfaces: deny connected x11 plugs access to ICE
+ - daemon,client: write and read a maintenance.json file for when
+ snapd is shut down
+ - many: update to secboot v1 (part 1)
+ - osutil/disks/mockdisk: panic if same mountpoint shows up again
+ with diff opts
+ - tests/nested/core20/gadget,kernel-reseal: add sanity checks to the
+ reseal tests
+ - many: implement snap routine console-conf-start for synchronizing
+ auto-refreshes
+ - dirs, boot: add ubuntu-save directories and related locations
+ - usersession: fix typo in test name
+ - overlord/snapstate: refactor ihibitRefresh
+ - overlord/snapstate: stop warning about inhibited refreshes
+ - cmd/snap: do not hardcode snapshot age value
+ - overlord,usersession: initial notifications of pending refreshes
+ - tests: add a unit test for UpdateMany where a single snap fails
+ - o/snapstate/catalogrefresh.go: don't refresh catalog in install
+ mode uc20
+ - tests: also check snapst.Current in undo-unlink tests
+ - tests: new nested tool
+ - o/snapstate: implement undo handler for unlink-snap
+ - tests: clean systems.sh helper and migrate last set of tests
+ - tests: moving the lib section from systems.sh helper to os.query
+ tool
+ - tests/uc20-create-partitions: don't check for grub.cfg
+ - packaging: make sure that static binaries are indeed static, fix
+ openSUSE
+ - many: have install return encryption keys for data and save,
+ improve tests
+ - overlord: add link participant for linkage transitions
+ - tests: lxd smoke test
+ - tests: add tests for fsck; cmd/s-b/initramfs-mounts: fsck ubuntu-
+ seed too
+ - tests: moving main suite from systems.sh to os.query tool
+ - tests: moving the core test suite from systems.sh to os.query tool
+ - cmd/snap-confine: mask host's apparmor config
+ - o/snapstate: move setting updated SnapState after error paths
+ - tests: add value to INSTANCE_KEY/regular
+ - spread, tests: tweaks for openSUSE
+ - cmd/snap-confine: update path to snap-device-helper in AppArmor
+ profile
+ - tests: new os.query tool
+ - overlord/snapshotstate/backend: specify tar format for snapshots
+ - tests/nested/manual/minimal-smoke: use 384MB of RAM for nested
+ UC20
+ - client,daemon,snap: auto-import does not error on managed devices
+ - interfaces: PTP hardware clock interface
+ - tests: use tests.backup tool
+ - many: verify that unit tests work with nosecboot tag and without
+ secboot package
+ - wrappers: do not error out on read-only /etc/dbus-1/session.d
+ filesystem on core18
+ - snapshots: import of a snapshot set
+ - tests: more output for sbuild test
+ - o/snapstate: re-order remove tasks for individual snap revisions
+ to remove current last
+ - boot: skip some unit tests when running as root
+ - o/assertstate: introduce
+ ValidationTrackingKey/ValidationSetTracking and basic methods
+ - many: allow ignoring running apps for specific request
+ - tests: allow the searching test to fail under load
+ - overlord/snapstate: inhibit startup while unlinked
+ - seed/seedwriter/writer.go: check DevModeConfinement for dangerous
+ features
+ - tests/main/sudo-env: snap bin is available on Fedora
+ - boot, overlord/devicestate: list trusted and managed assets
+ upfront
+ - gadget, gadget/install: support for ubuntu-save, create one during
+ install if needed
+ - spread-shellcheck: temporary workaround for deadlock, drop
+ unnecessary test
+ - snap: support different exit-code in the snap command
+ - logger: use strutil.KernelCommandLineSplit in
+ debugEnabledOnKernelCmdline
+ - logger: fix snapd.debug=1 parsing
+ - overlord: increase refresh postpone limit to 14 days
+ - spread-shellcheck: use single thread pool executor
+ - gadget/install,secboot: add debug messages
+ - spread-shellcheck: speed up spread-shellcheck even more
+ - spread-shellcheck: process paths from arguments in parallel
+ - tests: tweak error from tests.cleanup
+ - spread: remove workaround for openSUSE go issue
+ - o/configstate: create /etc/sysctl.d when applying early config
+ defaults
+ - tests: new tests.backup tool
+ - tests: add tests.cleanup pop sub-command
+ - tests: migration of the main suite to snaps-state tool part 6
+ - tests: fix journal-state test
+ - cmd/snap-bootstrap/initramfs-mounts: split off new helper for misc
+ recover files
+ - cmd/snap-bootstrap/initramfs-mounts: also copy /etc/machine-id for
+ same IP addr
+ - packaging/{ubuntu,debian}: add liblzo2-dev as a dependency for
+ building snapd
+ - boot, gadget, bootloader: observer preserves managed bootloader
+ configs
+ - tests/nested/manual: add uc20 grade signed cloud-init test
+ - o/snapstate/autorefresh.go: eliminate race when launching
+ autorefresh
+ - daemon,snapshotstate: do not return "size" from Import()
+ - daemon: limit reading from snapshot import to Content-Length
+ - many: set/expect Content-Length header when importing snapshots
+ - github: switch from ::set-env command to environment file
+ - tests: migration of the main suite to snaps-state tool part 5
+ - client: cleanup the Client.raw* and Client.do* method families
+ - tests: moving main suite to snaps-state tool part 4
+ - client,daemon,snap: use constant for snapshot content-type
+ - many: fix typos and repeated "the"
+ - secboot: fix tpm connection leak when it's not enabled
+ - many: scaffolding for snapshots import API
+ - run-checks: run spread-shellcheck too
+ - interfaces: update network-manager interface to allow
+ ObjectManager access from unconfined clients
+ - tests: move core and regression suites to snaps-state tool
+ - tests: moving interfaces tests to snaps-state tool
+ - gadget: preserve files when indicated by content change observer
+ - tests: moving smoke test suite and some tests from main suite to
+ snaps-state tool
+ - o/snapshotstate: pass set id to backend.Open, update tests
+ - asserts/snapasserts: introduce ValidationSets
+ - o/snapshotstate: improve allocation of new set IDs
+ - boot: look at the gadget for run mode bootloader when making the
+ system bootable
+ - cmd/snap: allow snap help vs --all to diverge purposefully
+ - usersession/userd: separate bus name ownership from defining
+ interfaces
+ - o/snapshotstate: set snapshot set id from its filename
+ - o/snapstate: move remove-related tests to snapstate_remove_test.go
+ - desktop/notification: switch ExpireTimeout to time.Duration
+ - desktop/notification: add unit tests
+ - snap: snap help output refresh
+ - tests/nested/manual/preseed: include a system-usernames snap when
+ preseeding
+ - tests: fix sudo-env test
+ - tests: fix nested core20 shellcheck bug
+ - tests/lib: move to new directory when restoring PWD, cleanup
+ unpacked unpacked snap directories
+ - desktop/notification: add bindings for FDO notifications
+ - dbustest: fix stale comment references
+ - many: move ManagedAssetsBootloader into TrustedAssetsBootloader,
+ drop former
+ - snap-repair: add uc20 support
+ - tests: print all the serial logs for the nested test
+ - o/snapstate/check_snap_test.go: mock osutil.Find{U,G}id to avoid
+ bug in test
+ - cmd/snap/auto-import: stop importing system user assertions from
+ initramfs mnts
+ - osutil/group.go: treat all non-nil errs from user.Lookup{Group,}
+ as Unknown*
+ - asserts: deserialize grouping only once in Pool.AddBatch if needed
+ - gadget: allow content observer to have opinions about a change
+ - tests: new snaps-state command - part1
+ - o/assertstate: support refreshing any number of snap-declarations
+ - boot: use test helpers
+ - tests/core/snap-debug-bootvars: also check snap_mode
+ - many/apparmor: adjust rules for reading profile/ execing new
+ profiles for new kernel
+ - tests/core/snap-debug-bootvars: spread test for snap debug boot-
+ vars
+ - tests/lib/nested.sh: more little tweaks
+ - tests/nested/manual/grade-signed-above-testkeys-boot: enable kvm
+ - cmd/s-b/initramfs-mounts: use ConfigureTargetSystem for install,
+ recover modes
+ - overlord: explicitly set refresh-app-awareness in tests
+ - kernel: remove "edition" from kernel.yaml and add "update"
+ - spread: drop vendor from the packed project archive
+ - boot: fix debug bootloader variables dump on UC20 systems
+ - wrappers, systemd: allow empty root dir and conditionally do not
+ pass --root to systemctl
+ - tests/nested/manual: add test for grades above signed booting with
+ testkeys
+ - tests/nested: misc robustness fixes
+ - o/assertstate,asserts: use bulk refresh to refresh snap-
+ declarations
+ - tests/lib/prepare.sh: stop patching the uc20 initrd since it has
+ been updated now
+ - tests/nested/manual/refresh-revert-fundamentals: re-enable test
+ - update-pot: ignore .go files inside .git when running xgettext-go
+ - tests: disable part of the lxd test completely on 16.04.
+ - o/snapshotstate: tweak comment regarding snapshot filename
+ - o/snapstate: improve snapshot iteration
+ - bootloader: lk cleanups
+ - tests: update to support nested kvm without reboots on UC20
+ - tests/nested/manual/preseed: disable system-key check for 20.04
+ image
+ - spread.yaml: add ubuntu-20.10-64 to qemu
+ - store: handle v2 error when fetching assertions
+ - gadget: resolve device mapper devices for fallback device lookup
+ - tests/nested/cloud-init-many: simplify tests and unify
+ helpers/seed inputs
+ - tests: copy /usr/lib/snapd/info to correct directory
+ - check-pr-title.py * : allow "*" in the first part of the title
+ - many: typos and small test tweak
+ - tests/main/lxd: disable cgroup combination for 16.04 that is
+ failing a lot
+ - tests: make nested signing helpers less confusing
+ - tests: misc nested changes
+ - tests/nested/manual/refresh-revert-fundamentals: disable
+ temporarily
+ - tests/lib/cla_check: default to Python 3, tweaks, formatting
+ - tests/lib/cl_check.py: use python3 compatible code
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 19 Nov 2020 17:51:02 +0100
+
+snapd (2.47.1-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1895929
+ - o/configstate: create /etc/sysctl.d when applying early config
+ defaults
+ - cmd/snap-bootstrap/initramfs-mounts: also copy /etc/machine-id for
+ same IP addr
+ - packaging/{ubuntu,debian}: add liblzo2-dev as a dependency for
+ building snapd
+ - cmd/snap: allow snap help vs --all to diverge purposefully
+ - snap: snap help output refresh
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 08 Oct 2020 09:30:44 +0200
+
+snapd (2.47-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1895929
+ - tests: fix nested core20 shellcheck bug
+ - many/apparmor: adjust rule for reading apparmor profile for new
+ kernel
+ - snap-repair: add uc20 support
+ - cmd/snap/auto-import: stop importing system user assertions from
+ initramfs mnts
+ - cmd/s-b/initramfs-mounts: use ConfigureTargetSystem for install,
+ recover modes
+ - gadget: resolve device mapper devices for fallback device lookup
+ - secboot: add boot manager profile to pcr protection profile
+ - sysconfig,o/devicestate: mv DisableNoCloud to
+ DisableAfterLocalDatasourcesRun
+ - tests: make gadget-reseal more robust
+ - tests: skip nested images pre-configuration by default
+ - tests: fix for basic20 test running on external backend and rpi
+ - tests: improve kernel reseal test
+ - boot: adjust comments, naming, log success around reseal
+ - tests/nested, fakestore: changes necessary to run nested uc20
+ signed/secured tests
+ - tests: add nested core20 gadget reseal test
+ - boot/modeenv: track unknown keys in Read and put back into modeenv
+ during Write
+ - interfaces/process-control: add sched_setattr to seccomp
+ - boot: with unasserted kernels reseal if there's a hint modeenv
+ changed
+ - client: bump the default request timeout to 120s
+ - configcore: do not error in console-conf.disable for install mode
+ - boot: streamline bootstate20.go reseal and tests changes
+ - boot: reseal when changing kernel
+ - cmd/snap/model: specify grade in the model command output
+ - tests: simplify
+ repack_snapd_snap_with_deb_content_and_run_mode_first_boot_tweaks
+ - test: improve logging in nested tests
+ - nested: add support to telnet to serial port in nested VM
+ - secboot: use the snapcore/secboot native recovery key type
+ - tests/lib/nested.sh: use more focused cloud-init config for uc20
+ - tests/lib/nested.sh: wait for the tpm socket to exist
+ - spread.yaml, tests/nested: misc changes
+ - tests: add more checks to disk space awareness spread test
+ - tests: disk space awareness spread test
+ - boot: make MockUC20Device use a model and MockDevice more
+ realistic
+ - boot,many: reseal only when meaningful and necessary
+ - tests/nested/core20/kernel-failover: add test for failed refresh
+ of uc20 kernel
+ - tests: fix nested to work with qemu and kvm
+ - boot: reseal when updating boot assets
+ - tests: fix snap-routime-portal-info test
+ - boot: verify boot chain file in seal and reseal tests
+ - tests: use full path to test-snapd-refresh.version binary
+ - boot: store boot chains during install, helper for checking
+ whether reseal is needed
+ - boot: add call to reseal an existing key
+ - boot: consider boot chains with unrevisioned kernels incomparable
+ - overlord: assorted typos and miscellaneous changes
+ - boot: group SealKeyModelParams by model, improve testing
+ - secboot: adjust parameters to buildPCRProtectionProfile
+ - strutil: add SortedListsUniqueMergefrom the doc comment:
+ - snap/naming: upgrade TODO to TODO:UC20
+ - secboot: add call to reseal an existing key
+ - boot: in seal.go adjust error message and function names
+ - o/snapstate: check available disk space in RemoveMany
+ - boot: build bootchains data for sealing
+ - tests: remove "set -e" from function only shell libs
+ - o/snapstate: disk space check on UpdateMany
+ - o/snapstate: disk space check with snap update
+ - snap: implement new `snap reboot` command
+ - boot: do not reorder boot assets when generating predictable boot
+ chains and other small tweaks
+ - tests: some fixes and improvements for nested execution
+ - tests/core/uc20-recovery: fix check for at least specific calls to
+ mock-shutdown
+ - boot: be consistent using bootloader.Role* consts instead of
+ strings
+ - boot: helper for generating secboot load chains from a given boot
+ asset sequence
+ - boot: tweak boot chains to support a list of kernel command lines,
+ keep track of model and kernel boot file
+ - boot,secboot: switch to expose and use snapcore/secboot load event
+ trees
+ - tests: use `nested_exec` in core{20,}-early-config test
+ - devicestate: enable cloud-init on uc20 for grade signed and
+ secured
+ - boot: add "rootdir" to baseBootenvSuite and use in tests
+ - tests/lib/cla_check.py: don't allow users.noreply.github.com
+ commits to pass CLA
+ - boot: represent boot chains, helpers for marshalling and
+ equivalence checks
+ - boot: mark successful with boot assets
+ - client, api: handle insufficient space error
+ - o/snapstate: disk space check with single snap install
+ - configcore: "service.console-conf.disable" is gadget defaults only
+ - packaging/opensuse: fix for /usr/libexec on TW, do not hardcode
+ AppArmor profile path
+ - tests: skip udp protocol in nfs-support test on ubuntu-20.10
+ - packaging/debian-sid: tweak code preparing _build tree
+ - many: move seal code from gadget/install to boot
+ - tests: remove workaround for cups on ubuntu-20.10
+ - client: implement RebootToSystem
+ - many: seed.Model panics now if called before LoadAssertions
+ - daemon: add /v2/systems "reboot" action API
+ - github: run tests also on push to release branches
+ - interfaces/bluez: let slot access audio streams
+ - seed,c/snap-bootstrap: simplify snap-bootstrap seed reading with
+ new seed.ReadSystemEssential
+ - interfaces: allow snap-update-ns to read /proc/cmdline
+ - tests: new organization for nested tests
+ - o/snapstate, features: add feature flags for disk space awareness
+ - tests: workaround for cups issue on 20.10 where default printer is
+ not configured.
+ - interfaces: update cups-control and add cups for providing snaps
+ - boot: keep track of the original asset when observing updates
+ - tests: simplify and fix tests for disk space checks on snap remove
+ - sysconfig/cloudinit.go: add AllowCloudInit and use GadgetDir for
+ cloud.conf
+ - tests/main: mv core specific tests to core suite
+ - tests/lib/nested.sh: reset the TPM when we create the uc20 vm
+ - devicestate: rename "mockLogger" to "logbuf"
+ - many: introduce ContentChange for tracking gadget content in
+ observers
+ - many: fix partion vs partition typo
+ - bootloader: retrieve boot chains from bootloader
+ - devicestate: add tests around logging in RequestSystemAction
+ - boot: handle canceled update
+ - bootloader: tweak doc comments (thanks Samuele)
+ - seed/seedwriter: test local asserted snaps with UC20 grade signed
+ - sysconfig/cloudinit.go: add DisableNoCloud to
+ CloudInitRestrictOptions
+ - many: use BootFile type in load sequences
+ - boot,bootloader: clarifications after the changes to introduce
+ bootloader.Options.Role
+ - boot,bootloader,gadget: apply new bootloader.Options.Role
+ - o/snapstate, features: add feature flag for disk space check on
+ remove
+ - testutil: add checkers for symbolic link target
+ - many: refactor tpm seal parameter setting
+ - boot/bootstate20: reboot to rollback to previous kernel
+ - boot: add unit test helpers
+ - boot: observe update & rollback of trusted assets
+ - interfaces/utf: Add MIRKey to u2f devices
+ - o/devicestate/devicestate_cloudinit_test.go: test cleanup for uc20
+ cloud-init tests
+ - many: check that users of BaseTest don't forget to consume
+ cleanups
+ - tests/nested/core20/tpm: verify trusted boot assets tracking
+ - github: run macOS job with Go 1.14
+ - many: misc doc-comment changes and typo fixes
+ - o/snapstate: disk space check with InstallMany
+ - many: cloud-init cleanups from previous PR's
+ - tests: running tests on opensuse leap 15.2
+ - run-checks: check for dirty build tree too
+ - vendor: run ./get-deps.sh to update the secboot hash
+ - tests: update listing test for "-dirty" versions
+ - overlord/devicestate: do not release the state lock when updating
+ gadget assets
+ - secboot: read kernel efi image from snap file
+ - snap: add size to the random access file return interface
+ - daemon: correctly parse Content-Type HTTP header.
+ - tests: account for apt-get on core18
+ - cmd/snap-bootstrap/initramfs-mounts: compute string outside of
+ loop
+ - mkversion.sh: simple hack to include dirty in version if the tree
+ is dirty
+ - cgroup,snap: track hooks on system bus only
+ - interfaces/systemd: compare dereferenced Service
+ - run-checks: only check files in git for misspelling
+ - osutil: add a package doc comment (via doc.go)
+ - boot: complain about reused asset name during initial install
+ - snapstate: installSize helper that calculates total size of snaps
+ and their prerequisites
+ - snapshots: export of snapshots
+ - boot/initramfs_test.go: reset boot vars on the bootloader for each
+ iteration
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Tue, 29 Sep 2020 17:19:13 +0200
+
+snapd (2.46.1-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1891134
+ - interfaces: allow snap-update-ns to read
+ /proc/cmdline
+ - github: run macOS job with Go 1.14
+ - o/snapstate, features: add feature flag for disk space check on
+ remove
+ - tests: account for apt-get on core18
+ - mkversion.sh: include dirty in version if the tree
+ is dirty
+ - interfaces/systemd: compare dereferenced Service
+ - vendor.json: update mysterious secboot SHA again
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Fri, 04 Sep 2020 17:42:54 +0200
+
+snapd (2.46-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1891134
+ - logger: add support for setting snapd.debug=1 on kernel cmdline
+ - o/snapstate: check disk space before creating automatic snapshot
+ on remove
+ - boot, o/devicestate: observe existing recovery bootloader trusted
+ boot assets
+ - many: use transient scope for tracking apps and hooks
+ - features: add HiddenSnapFolder feature flag
+ - tests/lib/nested.sh: fix partition typo, unmount the image on uc20
+ too
+ - runinhibit: open the lock file in read-only mode in IsLocked
+ - cmd/s-b/initramfs-mounts: make recover -> run mode transition
+ automatic
+ - tests: update spread test for unknown plug/slot with snapctl is-
+ connected
+ - osutil: add OpenExistingLockForReading
+ - kernel: add kernel.Validate()
+ - interfaces: add vcio interface
+ - interfaces/{docker,kubernetes}-support: load overlay and support
+ systemd cgroup driver
+ - tests/lib/nested.sh: use more robust code for finding what loop
+ dev we mounted
+ - cmd/snap-update-ns: detach all bind-mounted file
+ - snap/snapenv: set SNAP_REAL_HOME
+ - packaging: umount /snap on purge in containers
+ - interfaces: misc policy updates xlvi
+ - secboot,cmd/snap-bootstrap: cross-check partitions before
+ unlocking, mounting
+ - boot: copy boot assets cache to new root
+ - gadget,kernel: add new kernel.{Info,Asset} struct and helpers
+ - o/hookstate/ctlcmd: make is-connected check whether the plug or
+ slot exists
+ - tests: find -ignore_readdir_race when scanning cgroups
+ - interfaces/many: deny arbitrary desktop files and misc from
+ /usr/share
+ - tests: use "set -ex" in prep-snapd-in-lxd.sh
+ - tests: re-enable udisks test on debian-sid
+ - cmd/snapd-generator: use PATH fallback if PATH is not set
+ - tests: disable udisks2 test on arch linux
+ - github: use latest/stable go, not latest/edge
+ - tests: remove support for ubuntu 19.10 from spread tests
+ - tests: fix lxd test wrongly tracking 'latest'
+ - secboot: document exported functions
+ - cmd: compile snap gdbserver shim correctly
+ - many: correctly calculate the desktop file prefix everywhere
+ - interfaces: add kernel-crypto-api interface
+ - corecfg: add "system.timezone" setting to the system settings
+ - cmd/snapd-generator: generate drop-in to use fuse in container
+ - cmd/snap-bootstrap/initramfs-mounts: tweak names, add comments
+ from previous PR
+ - interfaces/many: miscellaneous updates for strict microk8s
+ - secboot,cmd/snap-bootstrap: don't import boot package from secboot
+ - cmd/snap-bootstrap/initramfs-mounts: call systemd-mount instead of
+ the-tool
+ - tests: work around broken update of systemd-networkd
+ - tests/main/install-fontconfig-cache-gen: enhance test by
+ verifying, add fonts to test
+ - o/devicestate: wrap asset update observer error
+ - boot: refactor such that bootStateUpdate20 mainly carries Modeenv
+ - mkversion.sh: disallow changelog versions that have git in it, if
+ we also have git version
+ - interfaces/many: miscellaneous updates for strict microk8s
+ - snap: fix repeated "cannot list recovery system" and add test
+ - boot: track trusted assets during initial install, assets cache
+ - vendor: update secboot to fix key data validation
+ - tests: unmount FUSE file-systems from XDG runtime dir
+ - overlord/devicestate: workaround non-nil interface with nil struct
+ - sandbox/cgroup: remove temporary workaround for multiple cgroup
+ writers
+ - sandbox/cgroup: detect dangling v2 cgroup
+ - bootloader: add helper for creating a bootloader based on gadget
+ - tests: support different images on nested execution
+ - many: reorg cmd/snapinfo.go into snap and new client/clientutil
+ - packaging/arch: use external linker when building statically
+ - tests: cope with ghost cgroupv2
+ - tests: fix issues related to restarting systemd-logind.service
+ - boot, o/devicestate: TrustedAssetUpdateObserver stubs, hook up to
+ gadget updates
+ - vendor: update github.com/kr/pretty to fix diffs of values with
+ pointer cycles
+ - boot: move bootloaderKernelState20 impls to separate file
+ - .github/workflows: move snap building to test.yaml as separate
+ cached job
+ - tests/nested/manual/minimal-smoke: run core smoke tests in a VM
+ meeting minimal requirements
+ - osutil: add CommitAs to atomic file
+ - gadget: introduce content update observer
+ - bootloader: introduce TrustedAssetsBootloader, implement for grub
+ - o/snapshotstate: helpers for calculating disk space needed for an
+ automatic snapshot
+ - gadget/install: retrieve command lines from bootloader
+ - boot/bootstate20: unify commit method impls, rm
+ bootState20MarkSuccessful
+ - tests: add system information and image information when debug
+ info is displayed
+ - tests/main/cgroup-tracking: try to collect some information about
+ cgroups
+ - boot: introduce current_boot_assets and
+ current_recovery_boot_assets to modeenv
+ - tests: fix for timing issues on journal-state test
+ - many: remove usage and creation of hijacked pid cgroup
+ - tests: port regression-home-snap-root-owned to tests.session
+ - tests: run as hightest via tests.session
+ - github: run CLA checks on self-hosted workers
+ - github: remove Ubuntu 19.10 from actions workflow
+ - tests: remove End-Of-Life opensuse/fedora releases
+ - tests: remove End-Of-Life releases from spread.yaml
+ - tests: fix debug section of appstream-id test
+ - interfaces: check !b.preseed earlier
+ - tests: work around bug in systemd/debian
+ - boot: add deepEqual, Copy helpers for Modeenv to simplify
+ bootstate20 refactor
+ - cmd: add new "snap recovery" command
+ - interfaces/systemd: use emulation mode when preseeding
+ - interfaces/kmod: don't load kernel modules in kmod backend when
+ preseeding
+ - interfaces/udev: do not reload udevadm rules when preseeding
+ - cmd/snap-preseed: use snapd from the deb if newer than from seeds
+ - boot: fancy marshaller for modeenv values
+ - gadget, osutil: use atomic file copy, adjust tests
+ - overlord: use new tracking cgroup for refresh app awareness
+ - github: do not skip gofmt with Go 1.9/1.10
+ - many: introduce content write observer, install mode glue, initial
+ seal stubs
+ - daemon,many: switch to use client.ErrorKind and drop the local
+ errorKind...
+ - tests: new parameters for nested execution
+ - client: move all error kinds into errors.go and add doc strings
+ - cmd/snap: display the error in snap debug seeding if seeding is in
+ error
+ - cmd/snap/debug/seeding: use unicode for proper yaml
+ - tests/cmd/snap-bootstrap/initramfs-mounts: add test case for empty
+ recovery_mode
+ - osutil/disks: add mock disk and tests for happy path of mock disks
+ - tests: refresh/revert snapd in uc20
+ - osutil/disks: use a dedicated error to indicate a fs label wasn't
+ found
+ - interfaces/system-key: in WriteSystemKey during tests, don't call
+ ParserFeatures
+ - boot: add current recovery systems to modeenv
+ - bootloader: extend managed assets bootloader interface to compose
+ a candidate command line
+ - interfaces: make the unmarshal test match more the comment
+ - daemon/api: use pointers to time.Time for debug seeding aspect
+ - o/ifacestate: update security profiles in connect undo handler
+ - interfaces: add uinput interface
+ - cmd/snap-bootstrap/initramfs-mounts: add doSystemdMount + unit
+ tests
+ - o/devicestate: save seeding/preseeding times for use with debug
+ seeding api
+ - cmd/snap/debug: add "snap debug seeding" command for preseeding
+ debugging
+ - tests/main/selinux-clean: workaround SELinux denials triggered by
+ linger setup on Centos8
+ - bootloader: compose command line with mode and extra arguments
+ - cmd/snap, daemon: detect and bail purge on multi-snap
+ - o/ifacestate: fix bug in snapsWithSecurityProfiles
+ - interfaces/builtin/multipass: replace U+00A0 no-break space with
+ simple space
+ - bootloader/assets: generate bootloader assets from files
+ - many/tests/preseed: reset the preseeded images before preseeding
+ them
+ - tests: drop accidental accents from e
+ - secboot: improve key sealing tests
+ - tests: replace _wait_for_file_change with retry
+ - tests: new fs-state which replaces the files.sh helper
+ - sysconfig/cloudinit_test.go: add test for initramfs case, rm "/"
+ from path
+ - cmd/snap: track started apps and hooks
+ - tests/main/interfaces-pulseaudio: disable start limit checking for
+ pulseaudio service
+ - api: seeding debug api
+ - .github/workflows/snap-build.yaml: build the snapd snap via GH
+ Actions too
+ - tests: moving journalctl.sh to a new journal-state tool
+ - tests/nested/manual: add spread tests for cloud-init vuln
+ - bootloader/assets: helpers for registering per-edition snippets,
+ register snippets for grub
+ - data,packaging,wrappers: extend D-Bus service activation search
+ path
+ - spread: add opensuse 15.2 and tumbleweed for qemu
+ - overlord,o/devicestate: restrict cloud-init on Ubuntu Core
+ - sysconfig/cloudinit: add RestrictCloudInit
+ - cmd/snap-preseed: check that target path exists and is a directory
+ on --reset
+ - tests: check for pids correctly
+ - gadget,gadget/install: refactor partition table update
+ - sysconfig/cloudinit: add CloudInitStatus func + CloudInitState
+ type
+ - interface/fwupd: add more policies for making fwupd upstream
+ strict
+ - tests: new to-one-line tool which replaces the strings.sh helper
+ - interfaces: new helpers to get and compare system key, for use
+ with seeding debug api
+ - osutil, many: add helper for checking whether the process is a go
+ test binary
+ - cmd/snap-seccomp/syscalls: add faccessat2
+ - tests: adjust xdg-open after launcher changes
+ - tests: new core config helper
+ - usersession/userd: do not modify XDG_DATA_DIRS when calling xdg-
+ open
+ - cmd/snap-preseed: handle relative chroot path
+ - snapshotstate: move sizer to osutil.Sizer()
+ - tests/cmd/snap-bootstrap/initramfs-mounts: rm duplicated env ref
+ kernel tests
+ - gadget/install,secboot: use snapcore/secboot luks2 api
+ - boot/initramfs_test.go: add Commentf to more Assert()'s
+ - tests/lib: account for changes in arch package file name extension
+ - bootloader/bootloadertest: fix comment typo
+ - bootloader: add helper for getting recovery system environment
+ variables
+ - tests: preinstall shellcheck and run tests on focal
+ - strutil: add a helper for parsing kernel command line
+ - osutil: add CheckFreeSpace helper
+ - secboot: update tpm connection error handling
+ - packaging, cmd/snap-mgmt, tests: remove modules files on purge
+ - tests: add tests.cleanup helper
+ - packaging: add "ca-certificates" to build-depends
+ - tests: more checks in core20 early config spread test
+ - tests: fix some snapstate tests to use pointers for
+ snapmgrTestSuite
+ - boot: better naming of helpers for obtaining kernel command line
+ - many: use more specific check for unit test mocking
+ - systemd/escape: fix issues with "" and "\t" handling
+ - asserts: small improvements and corrections for sequence-forming
+ assertions' support
+ - boot, bootloader: query kernel command line of run mod and
+ recovery mode systems
+ - snap/validate.go: disallow snap layouts with new top-level
+ directories
+ - tests: allow to add a new label to run nested tests as part of PR
+ validation
+ - tests/core/gadget-update-pc: port to UC20
+ - tests: improve nested tests flexibility
+ - asserts: integer headers: disallow prefix zeros and make parsing
+ more uniform
+ - asserts: implement Database.FindSequence
+ - asserts: introduce SequenceMemberAfter in the asserts backstores
+ - spread.yaml: remove tests/lib/tools from PATH
+ - overlord: refuse to install snaps whose activatable D-Bus services
+ conflict with installed snaps
+ - tests: shorten lxd-state undo-mount-changes
+ - snap-confine: don't die if a device from sysfs path cannot be
+ found by udev
+ - tests: fix argument handling of apt-state
+ - tests: rename lxd-tool to lxd-state
+ - tests: rename user-tool to user-state, fix --help
+ - interfaces: add gconf interface
+ - sandbox/cgroup: avoid parsing security tags twice
+ - tests: rename version-tool to version-compare
+ - cmd/snap-update-ns: handle anomalies better
+ - tests: fix call to apt.Package.mark_install(auto_inst=True)
+ - tests: rename mountinfo-tool to mountinfo.query
+ - tests: rename memory-tool to memory-observe-do
+ - tests: rename invariant-tool to tests.invariant
+ - tests: rename apt-tool to apt-state
+ - many: managed boot config during run mode setup
+ - asserts: introduce the concept of sequence-forming assertion types
+ - tests: tweak comments/output in uc20-recovery test
+ - tests/lib/pkgdb: do not use quiet when purging debs
+ - interfaces/apparmor: allow snap-specific /run/lock
+ - interfaces: add system-source-code for access to /usr/src
+ - sandbox/cgroup: extend SnapNameFromPid with tracking cgroup data
+ - gadget/install: move udev trigger to gadget/install
+ - many: make nested spread tests more reliable
+ - tests/core/uc20-recovery: apply hack to get gopath in recover mode
+ w/ external backend
+ - tests: enable tests on uc20 which now work with the real model
+ assertion
+ - tests: enable system-snap-refresh test on uc20
+ - gadget, bootloader: preserve managed boot assets during gadget
+ updates
+ - tests: fix leaked dbus-daemon in selinux-clean
+ - tests: add servicestate.Control tests
+ - tests: fix "restart.service"
+ - wrappers: helper for enabling services - extract and move enabling
+ of services into a helper
+ - tests: new test to validate refresh and revert of kernel and
+ gadget on uc20
+ - tests/lib/prepare-restore: collect debug info when prepare purge
+ fails
+ - bootloader: allow managed bootloader to update its boot config
+ - tests: Remove unity test from nightly test suite
+ - o/devicestate: set mark-seeded to done in the task itself
+ - tests: add spread test for disconnect undo caused by failing
+ disconnect hook
+ - sandbox/cgroup: allow discovering PIDs of given snap
+ - osutil/disks: support IsDecryptedDevice for mountpoints which are
+ dm devices
+ - osutil: detect autofs mounted in /home
+ - spread.yaml: allow amazon-linux-2-64 qemu with
+ ec2-user/ec2-user
+ - usersession: support additional zoom URL schemes
+ - overlord: mock timings.DurationThreshold in TestNewWithGoodState
+ - sandbox/cgroup: add tracking helpers
+ - tests: detect stray dbus-daemon
+ - overlord: refuse to install snaps providing user daemons on Ubuntu
+ 14.04
+ - many: move encryption and installer from snap-boostrap to gadget
+ - o/ifacestate: fix connect undo handler
+ - interfaces: optimize rules of multiple connected iio/i2c/spi plugs
+ - bootloader: introduce managed bootloader, implement for grub
+ - tests: fix incorrect check in smoke/remove test
+ - asserts,seed: split handling of essential/not essential model
+ snaps
+ - gadget: fix typo in mounted filesystem updater
+ - gadget: do only one mount point lookup in mounted fs updater
+ - tests/core/snap-auto-mount: try to make the test more robust
+ - tests: adding ubuntu-20.04 to google-sru backend
+ - o/servicestate: add updateSnapstateServices helper
+ - bootloader: pull recovery grub config from internal assets
+ - tests/lib/tools: apply linger workaround when needed
+ - overlord/snapstate: graceful handling of denied "managed" refresh
+ schedule
+ - snapstate: fix autorefresh from classic->strict
+ - overlord/configstate: add system.kernel.printk.console-loglevel
+ option
+ - tests: fix assertion disk handling for nested UC systems
+ - snapstate: use testutil.HostScaledTimeout() in snapstate tests
+ - tests: extra worker for google-nested backend to avoid timeout
+ error on uc20
+ - snapdtool: helper to check whether the current binary is reexeced
+ from a snap
+ - tests: mock servicestate in api tests to avoid systemctl checks
+ - many: rename back snap.Info.GetType to Type
+ - tests/lib/cla_check: expect explicit commit range
+ - osutil/disks: refactor diskFromMountPointImpl a bit
+ - o/snapstate: service-control task handler
+ - osutil: add disks pkg for associating mountpoints with
+ disks/partitions
+ - gadget,cmd/snap-bootstrap: move partitioning to gadget
+ - seed: fix LoadEssentialMeta when gadget is not loaded
+ - cmd/snap: Debian does not allow $SNAP_MOUNT_DIR/bin in sudo
+ secure_path
+ - asserts: introduce new assertion validation-set
+ - asserts,daemon: add support for "serials" field in system-user
+ assertion
+ - data/sudo: drop a failed sudo secure_path workaround
+ - gadget: mv encodeLabel to osutil/disks.EncodeHexBlkIDFormat
+ - boot, snap-bootstrap: move initramfs-mounts logic to boot pkg
+ - spread.yaml: update secure boot attribute name
+ - interfaces/block_devices: add NVMe subsystem devices, support
+ multipath paths
+ - tests: use the "jq" snap from the edge channel
+ - tests: simplify the tpm test by removing the test-snapd-mokutil
+ snap
+ - boot/bootstate16.go: clean snap_try_* vars when not in Trying
+ status too
+ - tests/main/sudo-env: check snap path under sudo
+ - tests/main/lxd: add test for snaps inside nested lxd containers
+ not working
+ - asserts/internal: expand errors about invalid serialized grouping
+ labels
+ - usersession/userd: add msteams url support
+ - tests/lib/prepare.sh: adjust comment about sgdisk
+ - tests: fix how gadget pc is detected when the snap does not exist
+ and ls fails
+ - tests: move a few more tests to snapstate_update_test.go
+ - tests/main: add spread test for running svc from install hook
+ - tests/lib/prepare: increase the size of the uc16/uc18 partitions
+ - tests/special-home-can-run-classic-snaps: re-enable
+ - workflow: test PR title as part of the static checks again
+ - tests/main/xdg-open-compat: backup and restore original xdg-open
+ - tests: move update-related tests to snapstate_update_test.go
+ - cmd,many: move Version and bits related to snapd tools to
+ snapdtool, merge cmdutil
+ - tests/prepare-restore.sh: reset-failed systemd-journald before
+ restarting
+ - interfaces: misc small interface updates
+ - spread: use find rather than recursive ls, skip mounted snaps
+ - tests/lib/prepare-restore.sh: if we failed to purge snapd deb, ls
+ /var/lib/snapd
+ - tests: enable snap-auto-mount test on core20
+ - cmd/snap: do not show $PATH warning when executing under sudo on a
+ known distro
+ - asserts/internal: add some iteration benchmarks
+ - sandbox/cgroup: improve pid parsing code
+ - snap: add new `snap run --experimental-gdbserver` option
+ - asserts/internal: limit Grouping size switching to a bitset
+ representationWe don't always use the bit-set representation
+ because:
+ - snap: add an activates-on property to apps for D-Bus activation
+ - dirs: delete unused Cloud var, fix typo
+ - sysconfig/cloudinit: make callers of DisableCloudInit use
+ WritableDefaultsDir
+ - tests: fix classic ubuntu core transition auth
+ - tests: fail in setup_reflash_magic() if there is snapd state left
+ - tests: port interfaces-many-core-provided to tests.session
+ - tests: wait after creating partitions with sfdisk
+ - bootloader: introduce bootloarder assets, import grub.cfg with an
+ edition marker
+ - riscv64: bump timeouts
+ - gadget: drop dead code, hide exports that are not used externally
+ - tests: port 2 uc20 part1
+ - tests: fix bug waiting for snap command to be ready
+ - tests: move try-related tests to snapstate_try_test.go
+ - tests: add debug for 20.04 prepare failure
+ - travis.yml: removed, all our checks run in GH actions now
+ - tests: clean up up the use of configcoreSuite in the configcore
+ tests
+ - sandbox/cgroup: remove redundant pathOfProcPidCgroup
+ - sandbox/cgroup: add tests for ParsePids
+ - tests: fix the basic20 test for uc20 on external backend
+ - tests: use configcoreSuite in journalSuite and remove some
+ duplicated code
+ - tests: move a few more tests to snapstate_install_test
+ - tests: assorted small patches
+ - dbusutil/dbustest: separate license from package
+ - interfaces/builtin/time-control: allow POSIX clock API
+ - usersession/userd: add "slack" to the white list of URL schemes
+ handled by xdg-open
+ - tests: check that host settings like hostname are settable on core
+ - tests: port xdg-settings test to tests.session
+ - tests: port snap-handle-link test to tests.session
+ - arch: add riscv64
+ - tests: core20 early defaults spread test
+ - tests: move install tests from snapstate_test.go to
+ snapstate_install_test.go
+ - github: port macOS sanity checks from travis
+ - data/selinux: allow checking /var/cache/app-info
+ - o/devicestate: core20 early config from gadget defaults
+ - tests: autoremove after removing lxd in preseed-lxd test
+ - secboot,cmd/snap-bootstrap: add tpm sealing support to secboot
+ - sandbox/cgroup: move FreezerCgroupDir from dirs.go
+ - tests: update the file used to detect the boot path on uc20
+ - spread.yaml: show /var/lib/snapd in debug
+ - cmd/snap-bootstrap/initramfs-mounts: also copy systemd clock +
+ netplan files
+ - snap/naming: add helpers to parse app and hook security tags
+ - tests: modernize retry tool
+ - tests: fix and trim debug section in xdg-open-portal
+ - tests: modernize and use snapd.tool
+ - vendor: update to latest github.com/snapcore/bolt for riscv64
+ - cmd/snap-confine: add support for libc6-lse
+ - interfaces: miscellaneous policy updates xlv
+ - interfaces/system-packages-doc: fix typo in variable names
+ - tests: port interfaces-calendar-service to tests.session
+ - tests: install/run the lzo test snap too
+ - snap: (small) refactor of `snap download` code for
+ testing/extending
+ - data: fix shellcheck warnings in snapd.sh.in
+ - packaging: disable buildmode=pie for riscv64
+ - tests: install test-snapd-rsync snap from edge channel
+ - tests: modernize tests.session and port everything using it
+ - tests: add ubuntu 20.10 to spread tests
+ - cmd/snap/remove: mention snap restore/automatic snapshots
+ - dbusutil: move all D-Bus helpers and D-Bus test helpers
+ - wrappers: pass 'disable' flag to StopServices wrapper
+ - osutil: enable riscv64 build
+ - snap/naming: add ParseSecurityTag and friends
+ - tests: port document-portal-activation to session-tool
+ - bootloader: rename test helpers to reflect we are mocking EFI boot
+ locations
+ - tests: disable test of nfs v3 with udp proto on debian-sid
+ - tests: plan to improve the naming and uniformity of utilities
+ - tests: move *-tool tests to their own suite
+ - snap-bootstrap: remove sealed key file on reinstall
+ - bootloader/ubootenv: don't panic with an empty uboot env
+ - systemd: rename actualFsTypeAndMountOptions to
+ hostFsTypeAndMountOptions
+ - daemon: fix filtering of service-control changes for snap.app
+ - tests: spread test for preseeding in lxd container
+ - tests: fix broken snapd.session agent.socket
+ - wrappers: add RestartServices function and ReloadOrRestart to
+ systemd
+ - o/cmdstate: handle ignore flag on exec-command tasks
+ - gadget: make ext4 filesystems with or without metadata checksum
+ - tests: update statx test to run on all LTS releases
+ - configcore: show better error when disabling services
+ - interfaces: add hugepages-control
+ - interfaces-ssh-keys: Support reading /etc/ssh/ssh_config.d/
+ - tests: run ubuntu-20.04-* tests on all ubuntu-2* releases
+ - tests: skip interfaces-openvswitch for centos 8 in nightly suite
+ - tests: reload systemd --user for root, if present
+ - tests: reload systemd after editing /etc/fstab
+ - tests: add missing dependencies needed for sbuild test on debian
+ - tests: reload systemd after removing pulseaudio
+ - image, tests: core18 early config.
+ - interfaces: add system-packages-doc interface
+ - cmd/snap-preseed, systemd: fix handling of fuse.squashfuse when
+ preseeding
+ - interfaces/fwupd: allow bind mount to /boot on core
+ - tests: improve oom-vitality tests
+ - tests: add fedora 32 to spread.yaml
+ - config: apply vitality-hint immediately when the config changes
+ - tests: port snap-routine-portal-info to session-tool
+ - configcore: add "service.console-conf.disable" config option
+ - tests: port xdg-open to session-tool
+ - tests: port xdg-open-compat to session-tool
+ - tests: port interfaces-desktop-* to session-tool
+ - spread.yaml: apply yaml formatter/linter
+ - tests: port interfaces-wayland to session-tool
+ - o/devicestate: refactor current system handling
+ - snap-mgmt: perform cleanup of user services
+ - snap/snapfile,squashfs: followups from 8729
+ - boot, many: require mode in modeenv
+ - data/selinux: update policy to allow forked processes to call
+ getpw*()
+ - tests: log stderr from dbus-monitor
+ - packaging: build cmd/snap and cmd/snap-bootstrap with nomanagers
+ tag
+ - snap/squashfs: also symlink snap Install with uc20 seed snap dir
+ layout
+ - interfaces/builtin/desktop: do not mount fonts cache on distros
+ with quirks
+ - data/selinux: allow snapd to remove/create the its socket
+ - testutil/exec.go: set PATH after running shellcheck
+ - tests: silence stderr from dbus-monitor
+ - snap,many: mv Open to snapfile pkg to support add'l options to
+ Container methods
+ - devicestate, sysconfig: revert support for cloud.cfg.d/ in the
+ gadget
+ - github: remove workaround for bug 133 in actions/cache
+ - tests: remove dbus.sh
+ - cmd/snap-preseed: improve mountpoint checks of the preseeded
+ chroot
+ - spread.yaml: add ps aux to debug section
+ - github: run all spread systems in a single go with cached results
+ - test: session-tool cli tweaks
+ - asserts: rest of the Pool API
+ - tests: port interfaces-network-status-classic to session-tool
+ - packaging: remove obsolete 16.10,17.04 symlinks
+ - tests: setup portals before starting user session
+ - o/devicestate: typo fix
+ - interfaces/serial-port: add NXP SC16IS7xx (ttySCX) to allowed
+ devices
+ - cmd/snap/model: support store, system-user-authority keys in
+ --verbose
+ - o/devicestate: raise conflict when requesting system action while
+ seeding
+ - tests: detect signs of crashed snap-confine
+ - tests: sign kernel and gadget to run nested tests using current
+ snapd code
+ - tests: remove gnome-online-accounts we install
+ - tests: fix the issue where all the tests were executed on secboot
+ system
+ - tests: port interfaces-accounts-service to session-tool
+ - interfaces/network-control: bring /var/lib/dhcp from host
+ - image,cmd/snap,tests: add support for store-wide cohort keys
+ - configcore: add nomanagers buildtag for conditional build
+ - tests: port interfaces-password-manager-service to session-tool
+ - o/devicestate: cleanup system actions supported by recover mode
+ - snap-bootstrap: remove create-partitions and update tests
+ - tests: fix nested tests
+ - packaging/arch: update PKGBUILD to match one in AUR
+ - tests: port interfaces-location-control to session-tool
+ - tests: port interfaces-contacts-service to session-tool
+ - state: log task errors in the journal too
+ - o/devicestate: change how current system is reported for different
+ modes
+ - devicestate: do not report "ErrNoState" for seeded up
+ - tests: add a note about broken test sequence
+ - tests: port interfaces-autopilot-introspection to session-tool
+ - tests: port interfaces-dbus to session-tool
+ - packaging: update sid packaging to match 16.04+
+ - tests: enable degraded test on uc20
+ - c/snaplock/runinhibit: add run inhibition operations
+ - tests: detect and report root-owned files in /home
+ - tests: reload root's systemd --user after snapd tests
+ - tests: test registration with serial-authority: [generic]
+ - cmd/snap-bootstrap/initramfs-mounts: copy auth.json and macaroon-
+ key in recover
+ - tests/mount-ns: stop binfmt_misc mount unit
+ - cmd/snap-bootstrap/initramfs-mounts: use booted kernel partition
+ uuid if available
+ - daemon, tests: indicate system mode, test switching to recovery
+ and back to run
+ - interfaces/desktop: silence more /var/lib/snapd/desktop/icons
+ denials
+ - tests/mount-ns: update to reflect new UEFI boot mode
+ - usersession,tests: clean ups for userd/settings.go and move
+ xdgopenproxy under usersession
+ - tests: disable mount-ns test
+ - tests: test user belongs to systemd-journald, on core20
+ - tests: run core/snap-set-core-config on uc20 too
+ - tests: remove generated session-agent units
+ - sysconfig: use new _writable_defaults dir to create cloud config
+ - cmd/snap-bootstrap/initramfs-mounts: cosmetic changes in prep for
+ future work
+ - asserts: make clearer that with label we mean a serialized label
+ - cmd/snap-bootstrap: tweak recovery trigger log messages
+ - asserts: introduce PoolTo
+ - userd: allow setting default-url-scheme-handler
+ - secboot: append uuid to ubuntu-data when decrypting
+ - o/configcore: pass extra options to FileSystemOnlyApply
+ - tests: add dbus-user-session to bionic and reorder package names
+ - boot, bootloader: adjust comments, expand tests
+ - tests: improve debugging of user session agent tests
+ - packaging: add the inhibit directory
+ - many: add core.resiliance.vitality-hint config setting
+ - tests: test adjustments and fixes for recently published images
+ - cmd/snap: coldplug auto-import assertions from all removable
+ devices
+ - secboot,cmd/snap-bootstrap: move initramfs-mounts tpm access to
+ secboot
+ - tests: not fail when boot dir cannot be determined
+ - tests: new directory used to store the cloud images on gce
+ - tests: inject snapd from edge into seeds of the image in manual
+ preseed test
+ - usersession/agent,wrappers: fix races between Shutdown and Serve
+ - tests: add dependency needed for next upgrade of bionic
+ - tests: new test user is used for external backend
+ - cmd/snap: fix the order of positional parameters in help output
+ - tests: don't create root-owned things in ~test
+ - tests/lib/prepare.sh: delete patching of the initrd
+ - cmd/snap-bootstrap/initramfs-mounts: add sudoers to dirs to copy
+ as well
+ - progress: tweak multibyte label unit test data
+ - o/devicestate,cmd/snap-bootstrap: seal to recover mode cmdline
+ - gadget: fix fallback device lookup for 'mbr' type structures
+ - configcore: only reload journald if systemd is new enough
+ - cmd/snap-boostrap, boot: use /run/mnt/data instead of ubuntu-data
+ - wrappers: allow user mode systemd daemons
+ - progress: fix progress bar with multibyte duration units
+ - tests: fix raciness in pulseaudio test
+ - asserts/internal: introduce Grouping and Groupings
+ - tests: remove user.sh
+ - tests: pair of follow-ups from earlier reviews
+ - overlord/snapstate: warn of refresh/postpone events
+ - configcore,tests: use daemon-reexec to apply watchdog config
+ - c/snap-bootstrap: check mount states via initramfsMountStates
+ - store: implement DownloadAssertions
+ - tests: run smoke test with different bases
+ - tests: port user-mounts test to session-tool
+ - store: handle error-list in fetch-assertions results
+ - tests: port interfaces-audio-playback-record to session-tool
+ - data/completion: add `snap` command completion for zsh
+ - tests/degraded: ignore failure in systemd-vconsole-setup.service
+ - image: stub implementation of image.Prepare for darwin
+ - tests: session-tool --restore -u stops user-$UID.slice
+ - o/ifacestate/handlers.go: fix typo
+ - tests: port pulseaudio test to session-tool
+ - tests: port user-session-env to session-tool
+ - tests: work around journald bug in core16
+ - tests: add debug to core-persistent-journal test
+ - tests: port selinux-clean to session-tool
+ - tests: port portals test to session-tool, fix portal tests on sid
+ - tests: adding option --no-install-recommends option also when
+ install all the deps
+ - tests: add session-tool --has-systemd-and-dbus
+ - packaging/debian-sid: add gcc-multilib to build deps
+ - osutil: expand FileLock to support shared locks and more
+ - packaging: stop depending on python-docutils
+ - store,asserts,many: support the new action fetch-assertions
+ - tests: port snap-session-agent-* to session-tool
+ - packaging/fedora: disable FIPS compliant crypto for static
+ binaries
+ - tests: fix for preseeding failures
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Tue, 25 Aug 2020 17:26:21 +0200
+
+snapd (2.45.3.1-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1875071
+ - o/ifacestate: fix bug in snapsWithSecurityProfiles
+ - tests/main/selinux-clean: workaround SELinux denials triggered by
+ linger setup on Centos8
+
+ -- Samuele Pedroni <pedronis@lucediurna.net> Tue, 28 Jul 2020 21:43:38 +0200
+
+snapd (2.45.3-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1875071
+ - many: backport _writable_defaults dir changes
+ - tests: fix incorrect check in smoke/remove test
+ - cmd/snap-bootstrap,seed: backport of uc20 PRs
+ - tests: avoid exit when nested type var is not defined
+ - cmd/snap-preseed: backport fixes
+ - interfaces: optimize rules of multiple connected iio/i2c/spi plugs
+ - many: cherry-picks for 2.45, gh-action, test fixes
+ - tests/lib: account for changes in arch package file name extension
+ - postrm, snap-mgmt: cleanup modules and other cherry-picks
+ - snap-confine: don't die if a device from sysfs path cannot be
+ found by udev
+ - data/selinux: update policy to allow forked processes to call
+ getpw*()
+ - tests/main/interfaces-time-control: exercise setting time via date
+ - interfaces/builtin/time-control: allow POSIX clock API
+ - usersession/userd: add "slack" to the white list of URL schemes
+ handled by xdg-open
+
+ -- Zygmunt Krynicki <me@zygoon.pl> Mon, 27 Jul 2020 12:01:14 +0200
+
+snapd (2.45.2-1) unstable; urgency=high
+
+ * SECURITY UPDATE: sandbox escape vulnerability on snapctl xdg-open
+ implementation
+ - usersession/userd/launcher.go: remove XDG_DATA_DIRS environment
+ variable modification when calling the system xdg-open. Patch
+ thanks to James Henstridge
+ - packaging/ubuntu-16.04/snapd.postinst: ensure "snap userd" is
+ restarted. Patch thanks to Michael Vogt
+ - CVE-2020-11934
+ * SECURITY UPDATE: arbitrary code execution vulnerability on core
+ devices with access to physical removable media
+ - devicestate: Disable/restrict cloud-init after seeding.
+ - CVE-2020-11933
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Fri, 10 Jul 2020 20:06:29 +0200
+
+snapd (2.45.1-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1875071
+ - data/selinux: allow checking /var/cache/app-info
+ - cmd/snap-confine: add support for libc6-lse
+ - interfaces: miscellaneous policy updates xlv
+ - snap-bootstrap: remove sealed key file on reinstall
+ - interfaces-ssh-keys: Support reading /etc/ssh/ssh_config.d/
+ - gadget: make ext4 filesystems with or without metadata checksum
+ - interfaces/fwupd: allow bind mount to /boot on core
+ - tests: cherry-pick test fixes from master
+ - snap/squashfs: also symlink snap Install with uc20 seed snap dir
+ layout
+ - interfaces/serial-port: add NXP SC16IS7xx (ttySCX) to allowed
+ devices
+ - snap,many: mv Open to snapfile pkg to support add'l options to
+ Container methods
+ - interfaces/builtin/desktop: do not mount fonts cache on distros
+ with quirks
+ - devicestate, sysconfig: revert support for cloud.cfg.d/ in the
+ gadget
+ - data/completion, packaging: cherry-pick zsh completion
+ - state: log task errors in the journal too
+ - devicestate: do not report "ErrNoState" for seeded up
+ - interfaces/desktop: silence more /var/lib/snapd/desktop/icons
+ denials
+ - packaging/fedora: disable FIPS compliant crypto for static
+ binaries
+ - packaging: stop depending on python-docutils
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Fri, 05 Jun 2020 15:13:49 +0200
+
+snapd (2.45-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1875071
+ - o/devicestate: support doing system action reboots from recover
+ mode
+ - vendor: update to latest secboot
+ - tests: not fail when boot dir cannot be determined
+ - configcore: only reload journald if systemd is new enough
+ - cmd/snap-bootstrap/initramfs-mounts: append uuid to ubuntu-data
+ when decrypting
+ - tests/lib/prepare.sh: delete patching of the initrd
+ - cmd/snap: coldplug auto-import assertions from all removable
+ devices
+ - cmd/snap: fix the order of positional parameters in help output
+ - c/snap-bootstrap: port mount state mocking to the new style on
+ master
+ - cmd/snap-bootstrap/initramfs-mounts: add sudoers to dirs to copy
+ as well
+ - o/devicestate,cmd/snap-bootstrap: seal to recover mode cmdline,
+ unlock in recover mode initramfs
+ - progress: tweak multibyte label unit test data
+ - gadget: fix fallback device lookup for 'mbr' type structures
+ - progress: fix progress bar with multibyte duration units
+ - many: use /run/mnt/data over /run/mnt/ubuntu-data for uc20
+ - many: put the sealed keys in a directory on seed for tidiness
+ - cmd/snap-bootstrap: measure epoch and model before unlocking
+ encrypted data
+ - o/configstate: core config handler for persistent journal
+ - bootloader/uboot: use secondary ubootenv file boot.sel for uc20
+ - packaging: add "$TAGS" to dh_auto_test for debian packaging
+ - tests: ensure $cache_dir is actually available
+ - secboot,cmd/snap-bootstrap: add model to pcr protection profile
+ - devicestate: do not use snap-boostrap in devicestate to install
+ - tests: fix a typo in nested.sh helper
+ - devicestate: add support for cloud.cfg.d config from the gadget
+ - cmd/snap-bootstrap: cleanups, naming tweaks
+ - testutil: add NewDBusTestConn
+ - snap-bootstrap: lock access to sealed keys
+ - overlord/devicestate: preserve the current model inside ubuntu-
+ boot
+ - interfaces/apparmor: use differently templated policy for non-core
+ bases
+ - seccomp: add get_tls, io_pg* and *time64/*64 variants for existing
+ syscalls
+ - cmd/snap-bootstrap/initramfs-mounts: mount ubuntu-seed first,
+ other misc changes
+ - o/snapstate: tweak "waiting for restart" message
+ - boot: store model model and grade information in modeenv
+ - interfaces/firewall-control: allow -legacy and -nft for core20
+ - boot: enable makeBootable20RunMode for EnvRefExtractedKernel
+ bootloaders
+ - boot/bootstate20: add EnvRefExtractedKernelBootloader bootstate20
+ implementation
+ - daemon: fix error message from `snap remove-user foo` on classic
+ - overlord: have a variant of Mock that can take a state.State
+ - tests: 16.04 and 18.04 now have mediating pulseaudio (again)
+ - seed: clearer errors for missing essential snapd or core snap
+ - cmd/snap-bootstrap/initramfs-mounts: support
+ EnvRefExtractedKernelBootloader's
+ - gadget, cmd/snap-bootstrap: MBR schema support
+ - image: improve/adjust DownloadSnap doc comment
+ - asserts: introduce ModelGrade.Code
+ - tests: ignore user-12345 slice and service
+ - image,seed/seedwriter: support redirect channel aka default
+ tracks
+ - bootloader: use binary.Read/Write
+ - tests: uc20 nested suite part II
+ - tests/boot: refactor to make it easier for new
+ bootloaderKernelState20 impl
+ - interfaces/openvswitch: support use of ovs-appctl
+ - snap-bootstrap: copy auth data from real ubuntu-data in recovery
+ mode
+ - snap-bootstrap: seal and unseal encryption key using tpm
+ - tests: disable special-home-can-run-classic-snaps due to jenkins
+ repo issue
+ - packaging: fix build on Centos8 to support BUILDTAGS
+ - boot/bootstate20: small changes to bootloaderKernelState20
+ - cmd/snap: Implement a "snap routine file-access" command
+ - spread.yaml: switch back to latest/candidate for lxd snap
+ - boot/bootstate20: re-factor kernel methods to use new interface
+ for state
+ - spread.yaml,tests/many: use global env var for lxd channel
+ - boot/bootstate20: fix bug in try-kernel cleanup
+ - config: add system.store-certs.[a-zA-Z0-9] support
+ - secboot: key sealing also depends on secure boot enabled
+ - httputil: fix client timeout retry tests
+ - cmd/snap-update-ns: handle EBUSY when unlinking files
+ - cmd/snap/debug/boot-vars: add opts for setting dir and/or uc20
+ vars
+ - secboot: add tpm support helpers
+ - tests/lib/assertions/developer1-pi-uc20.model: use 20/edge for
+ kernel and gadget
+ - cmd/snap-bootstrap: switch to a 64-byte key for unlocking
+ - tests: preserve size for centos images on spread.yaml
+ - github: partition the github action workflows
+ - run-checks: use consistent "Checking ..." style messages
+ - bootloader: add efi pkg for reading efi variables
+ - data/systemd: do not run snapd.system-shutdown if finalrd is
+ available
+ - overlord: update tests to work with latest go
+ - cmd/snap: do not hide debug boot-vars on core
+ - cmd/snap-bootstrap: no error when not input devices are found
+ - snap-bootstrap: fix partition numbering in create-partitions
+ - httputil/client_test.go: add two TLS version tests
+ - tests: ignore user@12345.service hierarchy
+ - bootloader, gadget, cmd/snap-bootstrap: misc cosmetic things
+ - tests: rewrite timeserver-control test
+ - tests: fix racy pulseaudio tests
+ - many: fix loading apparmor profiles on Ubuntu 20.04 with ZFS
+ - tests: update snap-preseed --reset logic to accommodate for 2.44
+ change
+ - cmd/snap: don't wait for system key when stopping
+ - sandbox/cgroup: avoid making arrays we don't use
+ - osutil: mock proc/self/mountinfo properly everywhere
+ - selinux: export MockIsEnforcing; systemd: use in tests
+ - tests: add 32 bit machine to GH actions
+ - tests/session-tool: kill cron session, if any
+ - asserts: it should be possible to omit many snap-ids if allowed,
+ fix
+ - boot: cleanup more things, simplify code
+ - github: skip spread jobs when corresponding label is set
+ - dirs: don't depend on osutil anymore, mv apparmor vars to apparmor
+ pkg
+ - tests/session-tool: add session-tool --dump
+ - github: allow cached debian downloads to restore
+ - tests/session-tool: session ordering is non-deterministic
+ - tests: enable unit tests on debian-sid again
+ - github: move spread to self-hosted workers
+ - secboot: import secboot on ubuntu, provide dummy on !ubuntu
+ - overlord/devicestate: support for recover and run modes
+ - snap/naming: add validator for snap security tag
+ - interfaces: add case for rootWritableOverlay + NFS
+ - tests/main/uc20-create-partitions: tweaks, renames, switch to
+ 20.04
+ - github: port CLA check to Github Actions
+ - interfaces/many: miscellaneous policy updates xliv
+ - configcore,tests: fix setting watchdog options on UC18/20
+ - tests/session-tool: collect information about services on startup
+ - tests/main/uc20-snap-recovery: unbreak, rename to uc20-create-
+ partitions
+ - state: add state.CopyState() helper
+ - tests/session-tool: stop anacron.service in prepare
+ - interfaces: don't use the owner modifier for files shared via
+ document portal
+ - systemd: move the doc comments to the interface so they are
+ visible
+ - cmd/snap-recovery-chooser: tweaks
+ - interfaces/docker-support: add overlayfs file access
+ - packaging: use debian/not-installed to ignore snap-preseed
+ - travis.yml: disable unit tests on travis
+ - store: start splitting store.go and store_test.go into subtopic
+ files
+ - tests/session-tool: stop cron/anacron from meddling
+ - github: disable fail-fast as spread cannot be interrupted
+ - github: move static checks and spread over
+ - tests: skip "/etc/machine-id" in "writablepaths" test
+ - snap-bootstrap: store encrypted partition recovery key
+ - httputil: increase testRetryStrategy max timelimit to 5s
+ - tests/session-tool: kill leaking closing session
+ - interfaces: allow raw access to USB printers
+ - tests/session-tool: reset failed session-tool units
+ - httputil: increase httpclient timeout in
+ TestRetryRequestTimeoutHandling
+ - usersession: extend timerange in TestExitOnIdle
+ - client: increase timeout in client tests to 100ms
+ - many: disentagle release and snapdenv from sandbox/*
+ - boot: simplify modeenv mocking to always write a modeenv
+ - snap-bootstrap: expand data partition on install
+ - o/configstate: add backlight option for core config
+ - cmd/snap-recovery-chooser: add recovery chooser
+ - features: enable robust mount ns updates
+ - snap: improve TestWaitRecovers test
+ - sandbox/cgroup: add ProcessPathInTrackingCgroup
+ - interfaces/policy: fix comment in recent new test
+ - tests: make session tool way more robust
+ - interfaces/seccomp: allow passing an address to setgroups
+ - o/configcore: introduce core config handlers (3/N)
+ - interfaces: updates to login-session-observe, network-manager and
+ modem-manager interfaces
+ - interfaces/policy/policy_test.go: add more tests'allow-
+ installation: false' and we grant based on interface attributes
+ - packaging: detect/disable broken seed in the postinst
+ - cmd/snap-confine/mount-support-nvidia.c: add libnvoptix as nvidia
+ library
+ - tests: remove google-tpm backend from spread.yaml
+ - tests: install dependencies with apt using --no-install-recommends
+ - usersession/userd: add zoommtg url support
+ - snap-bootstrap: fix disk layout sanity check
+ - snap: add `snap debug state --is-seeded` helper
+ - devicestate: generate warning if seeding fails
+ - config, features: move and rename config.GetFeatureFlag helper to
+ features.Flag
+ - boot, overlord/devicestate, daemon: implement requesting boot
+ into a given recovery system
+ - xdgopenproxy: forward requests to the desktop portal
+ - many: support immediate reboot
+ - store: search v2 tweaks
+ - tests: fix cross build tests when installing dependencies
+ - daemon: make POST /v2/systems/<label> root only
+ - tests/lib/prepare.sh: use only initrd from the kernel snap
+ - cmd/snap,seed: validate full seeds (UC 16/18)
+ - tests/main/user-session-env: stop the user session before deleting
+ the test-zsh user
+ - overlord/devicestate, daemon: record the seed current system was
+ installed from
+ - gadget: SystemDefaults helper function to convert system defaults
+ config into a flattened map suitable for FilesystemOnlyApply.
+ - many: comment or avoid cryptic snap-ids in tests
+ - tests: add LXD_CHANNEL environment
+ - store: support for search API v2
+ - .github: register a problem matcher to detect spread failures
+ - seed: add Info() method for seed.Snap
+ - github: always run the "Discard spread workers" step, even if the
+ job fails
+ - github: offload self-hosted workers
+ - cmd/snap: the model command needs just a client, no waitMixin
+ - github: combine tests into one workflow
+ - github: fix order of go get caches
+ - tests: adding more workers for ubuntu 20.04
+ - boot,overlord: rename operating mode to system mode
+ - config: add new Transaction.GetPristine{,Maybe}() function
+ - o/devicestate: rename readMaybe* to maybeRead*
+ - github: cache Debian dependencies for unit tests
+ - wrappers: respect pre-seeding in error path
+ - seed: validate UC20 seed system label
+ - client, daemon, overlord/devicestate: request system action API
+ and stubs
+ - asserts,o/devicestate: support model specified alternative serial-
+ authority
+ - many: introduce naming.WellKnownSnapID
+ - o/configcore: FilesystemOnlyApply method for early configuration
+ of core (1/N)
+ - github: run C unit tests
+ - github: run spread tests on PRs only
+ - interfaces/docker-support: make containerd abstract socket more
+ generic
+ - tests: cleanup security-private-tmp properly
+ - overlord/devicestate,boot: do not hold to the originally read
+ modeenv
+ - dirs: rm RunMnt; boot: add vars for early boot env layout;
+ sysconfig: take targetdir arg
+ - cmd/snap-bootstrap/initramfs-mounts/tests: use dirs.RunMnt over
+ s.runMnt
+ - tests: add regression test for MAAS refresh bug
+ - errtracker: add missing mocks
+ - github: apt-get update before installing build-deps
+ - github: don't fail-fast
+ - github: run spread via github actions
+ - boot,many: add modeenv.WriteTo, make Write take no args
+ - wrappers: fix timer schedules that are days only
+ - tests/main/snap-seccomp-syscalls: install gperf
+ - github: always checkout to snapcore/snapd
+ - github: add prototype workflow running unit tests
+ - many: improve comments, naming, a possible TODO
+ - client: use Assert when checking for error
+ - tests: ensure sockets target is ready in session agent spread
+ tests
+ - osutil: do not leave processes behind after the test run
+ - tests: update proxy-no-core to match latest CDN changes
+ - devicestate,sysconfig: support "cloud.cfg.d" in uc20 for grade:
+ dangerous
+ - cmd/snap-failure,tests: try to make snap-failure more robust
+ - many: fix packages having mistakenly their copyright as doc
+ - many: enumerate system seeds, return them on the /v2/systems API
+ endpoint
+ - randutil: don't consume kernel entropy at init, just mix more info
+ to try to avoid fleet collisions
+ - snap-bootstrap: add creationSupported predicate for partition
+ types
+ - tests: umount partitions which are not umounted after remount
+ gadget
+ - snap: run gofmt -s
+ - many: improve environment handling, fixing duplicate entries
+ - boot_test: add many boot robustness tests for UC20 kernel
+ MarkBootSuccessul and SetNextBoot
+ - overlord: remove unneeded overlord.MockPruneInterval() mocks
+ - interfaces/greengrass-support: fix typo
+ - overlord,timings,daemon: separate timings from overlord/state
+ - tests: enable nested on core20 and test current branch
+ - snap-bootstrap: remove created partitions on reinstall
+ - boot: apply Go 1.10 formatting
+ - apparmor: use rw for uuidd request to default and remove from
+ elsewhere
+ - packaging: add README.source for debian
+ - tests: cleanup various uc20 boot tests from previous PR
+ - devicestate: disable cloud-init by default on uc20
+ - run-checks: tweak formatting checks
+ - packaging,tests: ensure debian-sid builds without vendor/
+ - travis.yml: run unit tests with go/master as well* travis.yml: run
+ unit tests with go/master as well
+ - seed: make Brand() part of the Seed interface
+ - cmd/snap-update-ns: ignore EROFS from rmdir/unlink
+ - daemon: do a forceful server shutdown if we hit a deadline
+ - tests/many: don't use StartLimitInterval anymore, unify snapd-
+ failover variants, build snapd snap for UC16 tests
+ - snap-seccomp: robustness improvements
+ - run-tests: disable -v for go test to avoid spaming the logs
+ - snap: whitelist lzo as support compression for snap pack
+ - snap: tweak comment in Install() for overlayfs detection
+ - many: introduce snapdenv.Preseeding instead of release.PreseedMode
+ - client, daemon, overlord/devicestate: structures and stubs for
+ systems API
+ - o/devicestate: delay the creation of mark-seeded task until
+ asserts are loaded
+ - data/selinux, tests/main/selinux: cleanup tmpfs operations in the
+ policy, updates
+ - interfaces/greengrass-support: add new 1.9 access
+ - snap: do not hardlink on overlayfs
+ - boot,image: ARM kernel extract prepare image
+ - interfaces: make gpio robust against not-existing gpios in /sys
+ - cmd/snap-preseed: handle --reset flag
+ - many: introduce snapdenv to present common snapd env options
+ - interfaces/kubernetes-support: allow autobind to journald socket
+ - snap-seccomp: allow mprotect() to unblock the tests
+ - tests/lib/reset: workaround unicode dot in systemctl output
+ - interfaces/udisks2: also allow Introspection on
+ /org/freedesktop/UDisks/**
+ - snap: introduce Container.RandomAccessFile
+ - o/ifacestate, api: implementation of snap disconnect --forget
+ - cmd/snap: make the portal-info command search for the network-
+ status interface
+ - interfaces: work around apparmor_parser slowness affecting uio
+ - tests: fix/improve failing spread tests
+ - many: clean separation of bootenv mocking vs mock bootloader kinds
+ - tests: mock prune ticker in overlord tests to reduce wait times
+ - travis: disable arm64 again
+ - httputil: add support for extra snapd certs
+ - travis.yml: run unit tests on arm64 as well
+ - many: fix a pair of ineffectual assignments
+ - tests: add uc20 kernel snap upgrade managers test, fix
+ bootloadertest bugs
+ - o/snapstate: set base in SnapSetup on snap revert
+ - interfaces/{docker,kubernetes}-support: updates for lastest k8s
+ - cmd/snap-exec: add test case for LP bug 1860369
+ - interfaces: make the network-status interface implicit on
+ classic
+ - interfaces: power control interfaceIt is documented in the
+ kernel
+ - interfaces: miscellaneous policy updates
+ - cmd/snap: add a "snap routine portal-info" command
+ - usersession/userd: add "apt" to the white list of URL schemes
+ handled by xdg-open
+ - interfaces/desktop: allow access to system prompter interface
+ - devicestate: allow encryption regardless of grade
+ - tests: run ipv6 network-retry test too
+ - tests: test that after "remove-user" the system is unmanaged
+ - snap-confine: unconditionally add /dev/net/tun to the device
+ cgroup
+ - snapcraft.yaml: use sudo -E and remove workaround
+ - interfaces/audio_playback: Fix pulseaudio config access
+ - ovelord/snapstate: update only system wide fonts cache
+ - wrappers: import /etc/environment in all services
+ - interfaces/u2f: Add Titan USB-C key
+ - overlord, taskrunner: exit on task/ensure error when preseeding
+ - tests: add session-tool, a su / sudo replacement
+ - wrappers: add mount unit dependency for snapd services on core
+ devices
+ - tests: just remove user when the system is not managed on create-
+ user-2 test
+ - snap-preseed: support for preseeding of snapd and core18
+ - boot: misc UC20 changes
+ - tests: adding arch-linux execution
+ - packaging: revert "work around review-tools and snap-confine"
+ - netlink: fix panic on arm64 with the new rawsockstop codewith a
+ nil Timeval panics
+ - spread, data/selinux: add CentOS 8, update policy
+ - tests: updating checks to new test account for snapd-test snaps
+ - spread.yaml: mv opensuse 15.1 to unstable
+ - cmd/snap-bootstrap,seed: verify only in-play snaps
+ - tests: use ipv4 in retry-network to unblock failing master
+ - data/systemd: improve the description
+ - client: add "Resume" to DownloadOptions and new test
+ - tests: enable snapd-failover on uc20
+ - tests: add more debug output to the snapd-failure handling
+ - o/devicestate: unset recovery_system when done seeding
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Tue, 12 May 2020 17:17:57 +0200
+
+snapd (2.44.5-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1864808
+ - spread.yaml: adding more workers for ubuntu 20.04
+ - packaging: stop depending on python-docutils on opensuse
+ - spread.yaml: do not run ubuntu-core-20-64 with snapd 2.44, snapd
+ is not recent enough to drive ubuntu-core-20
+ - spread.yaml: Preserve size for centos images on spread.yaml
+ - spread.yaml: use non-uefi enabled image for uc20
+ - tests: ensure $cache_dir is actually available
+ - tests: disable preseed tests, they work in master but require too
+ much cherry-picking here
+ - travis.yml: remove go/master unit tests from 2.44
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 30 Apr 2020 09:09:22 +0200
+
+snapd (2.44.4-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1864808
+ - packaging/fedora: disable FIPS compliant crypto for static
+ binaries
+ - interfaces/firewall-control: allow -legacy and -nft for core20
+ - seccomp: add get_tls, io_pg* and *time64/*64 variants for existing
+ syscalls
+ - tests: 16.04 and 18.04 now have mediating pulseaudio
+ - tests: ignore user@12345.service hierarchy
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Wed, 29 Apr 2020 08:32:56 +0200
+
+snapd (2.44.3-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1864808
+ - tests: fix racy pulseaudio tests
+ - many: fix loading apparmor profiles on Ubuntu 20.04 with ZFS
+ - tests: update snap-preseed --reset logic
+ - tests: backport partition fixes
+ - cmd/snap: don't wait for system key when stopping
+ - interfaces/many: miscellaneous policy updates xliv
+ - tests/main/uc20-snap-recovery: use 20.04 system
+ - tests: skip "/etc/machine-id" in "writablepaths
+ - interfaces/docker-support: add overlays file access
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Fri, 10 Apr 2020 16:57:25 +0200
+
+snapd (2.44.2-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1864808
+ - packaging: detect/disable broken seeds in the postinst
+ - cmd/snap,seed: validate full seeds (UC 16/18)
+ - snap: add `snap debug state --is-seeded` helper
+ - devicestate: generate warning if seeding fails
+ - store: support for search API v2
+ - cmd/snap-seccomp/syscalls: update the list of known syscalls
+ - snap/cmd: the model command needs just a client, no waitMixin
+ - tests: cleanup security-private-tmp properly
+ - wrappers: fix timer schedules that are days only
+ - tests: update proxy-no-core to match latest CDN changes
+ - cmd/snap-failure,tests: make snap-failure more robust
+ - tests, many: don't use StartLimitInterval anymore, unify snapd-
+ failover variants, build snapd snap for UC16 tests
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 02 Apr 2020 09:51:34 +0200
+
+snapd (2.44.1-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1864808
+ - randutil: switch back to setting up seed with lower entropy data
+ - interfaces/greengrass-support: fix typo
+ - packaging,tests: ensure debian-sid builds without vendor/
+ - travis.yml: run unit tests with go/master as well
+ - cmd/snap-update-ns: ignore EROFS from rmdir/unlink
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Sat, 21 Mar 2020 18:32:12 +0100
+
+snapd (2.44-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1864808
+ - daemon: do a forceful serer shutdown if we hit a deadline
+ - snap: whitelist lzo as support compression for snap pack
+ - data/selinux: update policy to allow more ops
+ - interfaces/greengrass-support: add new 1.9 access
+ - snap: do not hardlink on overlayfs
+ - cmd/snap-preseed: handle --reset flag
+ - interfaces/kubernetes-support: allow autobind to journald socket
+ - snap-seccomp: allow mprotect() to unblock the tests
+ - tests/lib/reset: workaround unicode dot in systemctl output
+ - interfaces: work around apparmor_parser slowness affecting uio
+ - interfaces/udisks2: also allow Introspection on
+ /org/freedesktop/UDisks2/**
+ - tests: mock prune ticker in overlord tests to reduce wait times
+ - interfaces/{docker,kubernetes}-support: updates for lastest k8s
+ - interfaces: miscellaneous policy updates
+ - interfaces/audio_playback: Fix pulseaudio config access
+ - overlord: disable Test..AbortShortlyAfterStartOfOperation for 2.44
+ - ovelord/snapstate: update only system wide fonts cache
+ - wrappers: import /etc/environment in all services
+ - interfaces/u2f: Add Titan USB-C key
+ - overlord, taskrunner: exit on task/ensure error when preseeding
+ - overlord/snapstate/backend: update snapd services contents in unit
+ tests
+ - wrappers: add mount unit dependency for snapd services on core
+ devices
+ - Revert "tests: remove /tmp/snap.* left over by other tests"
+ - Revert "packaging: work around review-tools and snap-confine"
+ - netlink: fix panic on arm64 with the new rawsockstop code
+ - spread, data/selinux: add CentOS 8, update policy
+ - spread.yaml: mv opensuse tumbleweed to unstable too
+ - spread.yaml: mv opensuse 15.1 to unstable
+ - tests: use ipv4 in retry-network to unblock failing master
+ - data/systemd: improve the description
+ - tests/lib/prepare.sh: simplify, combine code paths
+ - tests/main/user-session-env: add test verifying environment
+ variables inside the user session
+ - spread.yaml: make qemu ubuntu-core-20-64 use ubuntu-20.04-64
+ - run-checks: SKIP_GMFMT really skips formatting checks
+ - tests: enable more tests for UC20/UC18
+ - tests: remove tmp dir for snap not-test-snapd-sh on security-
+ private-tmp test
+ - seed,cmd/snap-bootstrap: introduce seed.Snap.EssentialType,
+ simplify bootstrap code
+ - snapstate: do not restart in undoLinkSnap unless on first install
+ - cmd/snap-bootstrap: subcommand to detect UC chooser trigger
+ - cmd/snap-bootstrap/initramfs-mounts: mount the snapd snap in run-
+ mode too
+ - cmd/libsnap, tests: fix C unit tests failing as non-root
+ - cmd/snap-bootstrap: verify kernel snap is in modeenv before
+ mounting it
+ - tests: adding amazon linux to google backend
+ - cmd/snap-failure/snapd: rm snapd.socket, reset snapd.socket failed
+ status
+ - client: add support for "ResumeToken", "HeaderPeek" to download
+ - build: enable type: snapd
+ - tests: rm -rf /tmp/snap.* in restore
+ - cmd/snap-confine: deny snap-confine to load nss libs
+ - snapcraft.yaml: add comments, rename snapd part to snapd-deb
+ - boot: write current_kernels in bootstate20, makebootable
+ - packaging: work around review-tools and snap-confine
+ - tests: skipping interfaces-openvswitch on centos due to package is
+ not available
+ - packaging,snap-confine: stop being setgid root
+ - cmd/snap-confine: bring /var/lib/dhcp from host, if present
+ - store: rely on CommandFromSystemSnap to find xdelta3
+ - tests: bump sleep time of the new overlord tests
+ - cmd/snap-preseed: snapd version check for the target
+ - netlink: fix/support stopping goroutines reading netlink raw
+ sockets
+ - tests: reset PS1 before possibly interactive dash
+ - overlord, state: don't abort changes if spawn time before
+ StartOfOperationTime (2/2)
+ - snapcraft.yaml: add python3-apt, tzdata as build-deps for the
+ snapd snap
+ - tests: ask tar to speak English
+ - tests: using google storage when downloading ubuntu cloud images
+ from gce
+ - Coverity produces false positives for code like this:
+ - many: maybe restart & security backend options
+ - o/standby: add SNAPD_STANDBY_WAIT to control standby in
+ development
+ - snap: use the actual staging snap-id for snapd
+ - cmd/snap-bootstrap: create a new parser instance
+ - snapcraft.yaml: use build-base and adopt-info, rm builddeb
+ plugin
+ - tests: set StartLimitInterval in snapd failover test
+ - tests: disable archlinux system
+ - tests: add preseed test for classic
+ - many, tests: integrate all preseed bits and add spread tests
+ - daemon: support resuming downloads
+ - tests: use Filename() instead of filepath.Base(sn.MountFile())
+ - tests/core: add swapfiles test
+ - interfaces/cpu-control: allow to control cpufreq tunables
+ - interfaces: use commonInteface for desktopInterface
+ - interfaces/{desktop-legacy,unity7}: adjust for new ibus socket
+ location
+ - snap/info: add Filename
+ - bootloader: make uboot a RecoveryAwareBootloader
+ - gadget: skip update when mounted filesystem content is identical
+ - systemd: improve is-active check for 'failed' services
+ - boot: add current_kernels to modeenv
+ - o/devicestate: StartOfOperationTime helper for Prune (1/2)
+ - tests: detect LXD launching i386 containers
+ - tests: move main/ubuntu-core-* tests to core/ suite
+ - tests: remove snapd in ubuntu-core-snapd
+ - boot: enable base snap updates in bootstate20
+ - tests: Fix core revert channel after 2.43 has been released to
+ stable
+ - data/selinux: unify tabs/spaces
+ - o/ifacestate: move ResolveDisconnect to ifacestate
+ - spread: move centos to stable systems
+ - interfaces/opengl: allow datagrams to nvidia-driver
+ - httputil: add NoNetwork(err) helper, spread test and use in serial
+ acquire
+ - store: detect if server does not support http range headers
+ - test/lib/user: add helper lib for doing things for and as a user
+ - overlord/snapstate, wrappers: undo of snapd on core
+ - tests/main/interfaces-pulseaudio: use custom pulseaudio script,
+ set kill timeout
+ - store: add support for resume in DownloadStream
+ - cmd/snap: implement 'snap remove-user'
+ - overlord/devicestate: fix preseed unit tests on systems not using
+ /snap
+ - tests/main/static: ldd in glibc 2.31 logs to stderr now
+ - run-checks, travis: allow skipping spread jobs by adding a label
+ - tests: add new backend which includes images with tpm support
+ - boot: use constants for boot status values
+ - tests: add "core" suite for UC specific tests
+ - tests/lib/prepare: use a local copy of uc20 initramfs skeleton
+ - tests: retry mounting the udisk2 device due to timing issue
+ - usersession/client: add a client library for the user session
+ agent
+ - o/devicestate: Handle preseed mode in the firstboot mode (core16
+ only for now).
+ - boot: add TryBase and BaseStatus to modeenv; use in snap-bootstrap
+ - cmd/snap-confine: detect base transitions on core16
+ - boot: don't use "kernel" from the modeenv anymore
+ - interfaces: add uio interface
+ - tests: repack the initramfs + kernel snap for UC20 spread tests
+ - interfaces/greengrass-support: add /dev/null ->
+ /proc/latency_stats mount
+ - httputil: remove workaround for redirect handling in go1.7
+ - httputil: remove go1.6 transport workaround
+ - snap: add `snap pack --compression=<comp>` options
+ - tests/lib/prepare: fix hardcoded loopback device names for UC
+ images
+ - timeutil: add a unit test case for trivial schedule
+ - randutil,o/snapstate,-mkauthors.sh: follow ups to randutil
+ introduction
+ - dirs: variable with distros using alternate snap mount
+ - many,randutil: centralize and streamline our random value
+ generation
+ - tests/lib/prepare-restore: Revert "Continue on errors updating or
+ installing dependencies"
+ - daemon: Allow clients to call /v2/logout via Polkit
+ - dirs: manjaro-arm is like manjaro
+ - data, packaging: Add sudoers snippet to allow snaps to be run with
+ sudo
+ - daemon, store: better expose single action errors
+ - tests: switch mount-ns test to differential data set
+ - snapstate: refactor things to add the re-refresh task last
+ - daemon: drop support for the DELETE method
+ - client: move to /v2/users; implement RemoveUser
+ - boot: enable UC20 kernel extraction and bootState20 handling
+ - interfaces/policy: enforce plug-names/slot-names constraints
+ - asserts: parse plug-names/slot-names constraints
+ - daemon: make users result more consistent
+ - cmd/snap-confine,tests: support x.y.z nvidia version
+ - dirs: fixlet for XdgRuntimeDirGlob
+ - boot: add bootloader options to coreKernel
+ - o/auth,daemon: do not remove unknown user
+ - tests: tweak and enable tests on ubuntu 20.04
+ - daemon: implement user removal
+ - cmd/snap-confine: allow snap-confine to link to libpcre2
+ - interfaces/builtin: Allow NotificationReplied signal on
+ org.freedesktop.Notifications
+ - overlord/auth: add RemoveUserByName
+ - client: move user-related things to their own files
+ - boot: tweak kernel cmdline helper docstring
+ - osutil: implement deluser
+ - gadget: skip update when raw structure content is unchanged
+ - boot, cmd/snap, cmd/snap-bootstrap: move run mode and system label
+ detection to boot
+ - tests: fix revisions leaking from snapd-refresh test
+ - daemon: refactor create-user to a user action & hide behind a flag
+ - osutil/tests: check there are no leftover symlinks with
+ AtomicSymlink
+ - grub: support atomically renaming kernel symlinks
+ - osutil: add helpers for creating symlinks and renaming in an
+ atomic manner
+ - tests: add marker tag for core 20 test failure
+ - tests: fix gadget-update-pc test leaking snaps
+ - tests: remove revision leaking from ubuntu-core-refresh
+ - tests: remove revision leaking from remodel-kernel
+ - tests: disable system-usernames test on core20
+ - travis, tests, run-checks: skip nakedret
+ - tests: run `uc20-snap-recovery-encrypt` test on 20.04-64 as well
+ - tests: update mount-ns test tables
+ - snap: disable auto-import in uc20 install-mode
+ - tests: add a command-chain service test
+ - tests: use test-snapd-upower instead of upower
+ - data/selinux: workaround incorrect fonts cache labeling on RHEL7
+ - spread.yaml: fix ubuntu 19.10 and 20.04 names
+ - debian: check embedded keys for snap-{bootstrap,preseed} too
+ - interfaces/apparmor: fix doc-comments, unnecessary code
+ - o/ifacestate,o/devicestatate: merge gadget-connect logic into
+ auto-connect
+ - bootloader: add ExtractedRunKernelImageBootloader interface,
+ implement in grub
+ - tests: add spread test for hook permissions
+ - cmd/snap-bootstrap: check device size before boostrapping and
+ produce a meaningful error
+ - cmd/snap: add ability to register "snap routine" commands
+ - tests: add a test demonstrating that snaps can't access the
+ session agent socket
+ - api: don't return connections referring to non-existing
+ plugs/slots
+ - interfaces: refactor path() from raw-volume into utils with
+ comments for old
+ - gitignore: ignore snap files
+ - tests: skip interfaces-network-manager on arm devices
+ - o/devicestate: do not create perfTimings if not needed inside
+ ensureSeed/Operational
+ - tests: add ubuntu 20.04 to the tests execution and remove
+ tumbleweed from unstable
+ - usersession: add systemd user instance service control to user
+ session agent
+ - cmd/snap: print full channel in 'snap list', 'snap info'
+ - tests: remove execution of ubuntu 19.04 from google backend
+ - cmd/snap-boostrap: add mocking for fakeroot
+ - tests/core18/snapd-failover: collect more debug info
+ - many: run black formatter on all python files
+ - overlord: increase settle timeout for slow machines
+ - httputil: use shorter timeout in TestRetryRequestTimeoutHandling
+ - store, o/snapstate: send default-tracks header, use
+ RedirectChannel
+ - overlord/standby: fix possible deadlock in standby test
+ - cmd/snap-discard-ns: fix pattern for .info files
+ - boot: add HasModeenv to Device
+ - devicestate: do not allow remodel between core20 models
+ - bootloader,snap: misc tweaks
+ - store, overlord/snapstate, etc: SnapAction now returns a []…Result
+ - snap-bootstrap: create encrypted partition
+ - snap: remove "host" output from `snap version`
+ - tests: use snap remove --purge flag in most of the spread tests
+ - data/selinux, test/main/selinux-clean: update the test to cover
+ more scenarios
+ - many: drop NameAndRevision, use snap.PlaceInfo instead
+ - boot: split MakeBootable tests into their own file
+ - travis-ci: add go import path
+ - boot: split MakeBootable implementations into their own file
+ - tests: enable a lot of the tests of main on uc20
+ - packaging, tests: stop services in prerm
+ - tests: enable regression suite on core20
+ - overlord/snapstate: improve snapd snap backend link unit tests
+ - boot: implement SetNextBoot in terms of bootState.setNext
+ - wrappers: write and undo snapd services on core
+ - boot,o/devicestate: refactor MarkBootSuccessful over bootState
+ - snap-bootstrap: mount the correct snapd snap to /run/mnt/snapd
+ - snap-bootstrap: refactor partition creation
+ - tests: use new snapd.spread-tests-run-mode-tweaks.service unit
+ - tests: add core20 tests
+ - boot,o/snapstate: SetNextBoot/LinkSnap return whether to reboot,
+ use the information
+ - tests/main/snap-sign: add test for non-stdin signing
+ - snap-bootstrap: trigger udev after filesystem creation
+ - boot,overlord: introduce internal abstraction bootState and use it
+ for InUse/GetCurrentBoot
+ - overlord/snapstate: tracks are now sticky
+ - cmd: sign: add filename param
+ - tests: remove "test-snapd-tools" in smoke/sandbox on restore
+ - cmd/snap, daemon: stop over-normalising channels
+ - tests: fix classic-ubuntu-core-transition-two-cores after refactor
+ of MATCH -v
+ - packaging: ship var/lib/snapd/desktop/applications in the pkg
+ - spread: drop copr repo with F30 build dependencies
+ - tests: use test-snapd-sh snap instead of test-snapd-tools - Part 3
+ - tests: fix partition creation test
+ - tests: unify/rename services-related spread tests to start with
+ services- prefix
+ - test: extract code that modifies "writable" for test prep
+ - systemd: handle preseed mode
+ - snap-bootstrap: read only stdout when parsing the sfdisk json
+ - interfaces/browser-support: add more product/vendor paths
+ - boot: write compat UC16 bootvars in makeBootable20RunMode
+ - devicestate: avoid adding mockModel to deviceMgrInstallModeSuite
+ - devicestate: request reboot after successful doSetupRunSystem()
+ - snapd.core-fixup.sh: do not run on UC20 at all
+ - tests: unmount automounted snap-bootstrap devices
+ - devicestate: run boot.MakeBootable in doSetupRunSystem
+ - boot: copy kernel/base to data partition in makeBootable20RunMode
+ - tests: also check nested lxd container
+ - run-checks: complain about MATCH -v
+ - boot: always return the trivial boot participant in ephemeral mode
+ - o/devicestate,o/snapstate: move the gadget.yaml checkdrive-by: use
+ gadget.ReadInfoFromSnapFile in checkGadgetRemodelCompatible
+ - snap-bootstrap: append new partitions
+ - snap-bootstrap: mount filesystems after creation
+ - snapstate: do not try to detect rollback in ephemeral modes
+ - snap-bootstrap: trigger udev for new partitions
+ - cmd/snap-bootstrap: xxx todos about kernel cross-checks
+ - tests: avoid mask rsyslog service in case is not enabled on the
+ system
+ - tests: fix use of MATCH -v
+ - cmd/snap-preseed: update help strings
+ - cmd/snap-bootstrap: actually parse snapd_recovery_system label
+ - bootstrap: reduce runmode mounts from 5 to 2 steps.
+ - lkenv.go: adjust for new location of include file
+ - snap: improve squashfs.ReadFile() error
+ - systemd: fix uc20 shutdown
+ - boot: write modeenv when creating the run mode
+ - boot,image: add skeleton boot.makeBootable20RunMode
+ - cmd/snap-preseed: add snap-preseed executable
+ - overlord,boot: follow ups to #7889 and #7899
+ - interfaces/wayland: Add access to Xwayland's shm files
+ - o/hookstate/ctlcmd: fix command name in snapctl -h
+ - daemon,snap: remove screenshot deprecation notice
+ - overlord,o/snapstate: make sure we never leave config behind
+ - many: pass consistently boot.Device state to boot methods
+ - run-checks: check multiline string blocks in
+ restore/prepare/execute sections of spread tests
+ - intrefaces: login-session-control - added missing dbus commands
+ - tests/main/parallel-install-remove-after: parallel installs should
+ not break removal
+ - overlord/snapstate: tweak assumes error hint
+ - overlord: replace DeviceContext.OldModel with GroundContext
+ - devicestate: use httputil.ShouldRetryError() in
+ prepareSerialRequest
+ - tests: replace "test-snapd-base-bare" with real "bare" base snap
+ - many: pass a Model to the gadget info reading functions
+ - snapstate: relax gadget constraints in ConfigDefaults Et al.
+ - devicestate: only run ensureBootOk() in "run" mode
+ - tests/many: quiet lxc launching, file pushing
+ - tests: disable apt-hooks test until it can be properly fixed
+ - tests: 16.04 and 18.04 now have mediating pulseaudio
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Tue, 17 Mar 2020 20:55:47 +0100
+
+snapd (2.43.3-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1856159
+ - interfaces/opengl: allow datagrams to nvidia-driver
+ - httputil: add NoNetwork(err) helper, spread test and use
+ in serial acquire
+ - interfaces: add uio interface
+ - interfaces/greengrass-support: 'aws-iot-greengrass' snap fails to
+ start due to apparmor deny on mounting of "/proc/latency_stats".
+ - data, packaging: Add sudoers snippet to allow snaps to be run with
+ sudo
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Wed, 12 Feb 2020 14:59:15 +0100
+
+snapd (2.43.2-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1856159
+ - cmd/snap-confine: Revert #7421 (unmount /writable from snap view)
+ - overlord/snapstate: fix for re-refresh bug
+ - tests, run-checks, many: fix nakedret issues
+ - data/selinux: workaround incorrect fonts cache labeling on RHEL7
+ - tests: use test-snapd-upower instead of upower
+ - overlord: increase overall settle timeout for slow arm boards
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Tue, 28 Jan 2020 15:50:25 +0100
+
+snapd (2.43.1-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1856159
+ - devicestate: use httputil.ShouldRetryError() in prepareSerialRequest
+ - overlord/standby: fix possible deadlock in standby test
+ - cmd/snap-discard-ns: fix pattern for .info files
+ - overlord,o/snapstate: make sure we never leave config behind
+ - data/selinux: update policy to cover more cases
+ - snap: remove "host" output from `snap version`
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Tue, 14 Jan 2020 20:30:07 +0100
+
+snapd (2.43-1) unstable; urgency=medium
+
+ * New upstream release
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 09 Jan 2020 17:16:12 +0100
+
+snapd (2.42.5-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1853244
+ - snap-confine: revert, with comment, explicit unix deny for nested
+ lxd
+ - Disable mount-ns test on 16.04. It is too flaky currently.
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Fri, 06 Dec 2019 14:10:56 +0100
+
+snapd (2.42.4-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1853244
+ - overlord/snapstate: make sure configuration defaults are applied
+ only once
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 28 Nov 2019 06:48:26 +0100
+
+snapd (2.42.3-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1853244
+ - overlord/snapstate: pick up system defaults when seeding the snapd
+ snap
+ - cmd/snap-update-ns: fix overlapping, nested writable mimic
+ handling
+ - interfaces: misc updates for u2f-devices, browser-support,
+ hardware-observe, et al
+ - tests: reset failing "fwupd-refresh.service" if needed
+ - tests/main/gadget-update-pc: use a program to modify gadget yaml
+ - snap-confine: suppress noisy classic snap file_inherit denials
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Wed, 27 Nov 2019 12:41:07 +0100
+
+snapd (2.42.2-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1853244
+ - interfaces/lxd-support: Fix on core18
+ - tests/main/system-usernames: Amazon Linux 2 comes with libseccomp
+ 2.4.1 now
+ - snap-seccomp: add missing clock_getres_time64
+ - cmd/snap-seccomp/syscalls: update the list of known
+ syscalls
+ - sandbox/seccomp: accept build ID generated by Go toolchain
+ - interfaces: allow access to ovs bridge sockets
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Wed, 20 Nov 2019 08:09:15 +0100
+
+snapd (2.42.1-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1846181
+ - interfaces: de-duplicate emitted update-ns profiles
+ - packaging: tweak handling of usr.lib.snapd.snap-confine
+ - interfaces: allow introspecting network-manager on core
+ - tests/main/interfaces-contacts-service: disable on openSUSE
+ Tumbleweed
+ - tests/lib/lxd-snapfuse: restore mount changes introduced by LXD
+ - snap: fix default-provider in seed validation
+ - tests: update system-usernames test now that opensuse-15.1 works
+ - overlord: set fake sertial in TestRemodelSwitchToDifferentKernel
+ - gadget: rename "boot{select,img}" -> system-boot-{select,image}
+ - tests: listing test, make accepted snapd/core versions consistent
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Wed, 30 Oct 2019 13:17:43 +0100
+
+snapd (2.42-1) unstable; urgency=medium
+
+ * New upstream release
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Tue, 01 Oct 2019 11:40:58 +0200
+
+snapd (2.41-1) unstable; urgency=medium
+
+ [ Michael Vogt ]
+ * New upstream release, LP: #1840740
+
+ [ Jamie Strandboge ]
+ * debian/control: Depends on apparmor >= 2.10.95-5 instead of
+ 2.10.95-0ubuntu2.2 since 2.10.95-5 in Debian is the first version to have
+ all the patches that 2.10.95-0ubuntu2.2 in Ubuntu brought.
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Fri, 30 Aug 2019 08:53:57 +0200
+
+snapd (2.40-1) unstable; urgency=medium
+
+ * New upstream release.
+
+ -- Michael Vogt <mvo@debian.org> Tue, 23 Jul 2019 15:38:36 +0200
+
+snapd (2.39.3-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1827495
+ - daemon: increase `shutdownTimeout` to 25s to deal with slow HW
+ - spread: run tests against openSUSE 15.1
+ - data/selinux: fix policy for snaps with bases and classic snaps
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Fri, 21 Jun 2019 09:06:01 +0200
+
+snapd (2.39.2-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1827495
+ - debian: rework how we run autopkgtests
+ - interfaces/docker-support: add overlayfs accesses for ubuntu core
+ - data/selinux: permit init_t to remount snappy_snap_t
+ - strutil/shlex: fix ineffassign
+ - packaging: fix build-depends on powerpc
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Wed, 05 Jun 2019 08:46:14 +0200
+
+snapd (2.39-1) unstable; urgency=medium
+
+ * New upstream release
+ * d/patches0008-snap-squashsh-skip-TestBuildDate-on-Debian.patch: drop,
+ fixed upstream
+
+ -- Zygmunt Krynicki <me@zygoon.pl> Thu, 28 Feb 2019 18:21:26 +0100
+
+snapd (2.39.1-1) unstable; urgency=medium
+
+ * New upstream release
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Wed, 29 May 2019 12:08:43 +0200
+
+snapd (2.38-1) unstable; urgency=medium
+
+ * New upstream release
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 21 Mar 2019 11:02:04 +0100
+
+snapd (2.37.4-1) unstable; urgency=medium
+
+ * New upstream release
+ * d/patches0008-snap-squashsh-skip-TestBuildDate-on-Debian.patch: drop,
+ fixed upstream
+
+ -- Zygmunt Krynicki <me@zygoon.pl> Thu, 28 Feb 2019 18:21:26 +0100
+
+snapd (2.37.3-1) unstable; urgency=medium
+
+ * New upstream release
+
+ -- Zygmunt Krynicki <me@zygoon.pl> Tue, 19 Feb 2019 13:46:24 +0100
+
+snapd (2.37.2-1) unstable; urgency=medium
+
+ * New upstream releease.
+
+ -- Michael Hudson-Doyle <mwhudson@debian.org> Thu, 07 Feb 2019 21:26:34 +1300
+
+snapd (2.37.1-1) unstable; urgency=medium
+
+ * New upstream release.
+ * d/patches/0009-interfaces-apparmor-mock-presence-of-overlayfs-root.patch:
+ applied upstream
+
+ -- Zygmunt Krynicki <me@zygoon.pl> Tue, 29 Jan 2019 19:24:35 +0100
+
+snapd (2.37-3) unstable; urgency=medium
+
+ * Fix --no-arch-any build.
+
+ -- Michael Hudson-Doyle <mwhudson@debian.org> Thu, 24 Jan 2019 16:11:17 +1300
+
+snapd (2.37-2) unstable; urgency=medium
+
+ * d/patches/0010-man-page-sections.patch: fix a couple of instances of the
+ lintian warning 'manpage-section-mismatch'.
+
+ -- Michael Hudson-Doyle <mwhudson@debian.org> Thu, 24 Jan 2019 09:52:09 +1300
+
+snapd (2.37-1) unstable; urgency=medium
+
+ [ Michael Hudson-Doyle ]
+ * New upstream version.
+ * d/control: make myself Maintainer, use my Debian address, update Vcs-* to
+ point to salsa.
+ * Add new build-dependencies.
+ * d/watch: update to download new upstream-provided no-vendor tarballs.
+ * d/patches: refresh/drop.
+ * d/patches/no-snapfuse.patch: do not depend on snapfuse fork of squashfuse.
+ * d/patches/upstram-bolt.patch: use upstream version of boltdb.
+ * d/patches/systemd-activation-compat.patch: compatibility for the
+ newer go-systemd in debian
+
+ [ Ondřej Nový ]
+ * d/copyright: Use https protocol in Format field
+ * d/changelog: Remove trailing whitespaces
+
+ [ Zygmunt Krynicki ]
+ * Update unreleased package to 2.37
+ * Drop and recreate all patches
+ * Add patches for failing unit tests
+ * Reconcile packaging with snapd upstream
+
+ -- Zygmunt Krynicki <me@zygoon.pl> Tue, 22 Jan 2019 12:39:58 +0100
+
+snapd (2.30-5) unstable; urgency=medium
+
+ * Team upload.
+ * add fix-pkg-config-line.patch to fix FTBFS
+ * Set XS-Go-Import-Path
+
+ -- Michael Stapelberg <stapelberg@debian.org> Sat, 10 Feb 2018 23:18:15 +0100
+
+snapd (2.30-4) unstable; urgency=medium
+
+ * Fix Built-Using computation on Debian.
+ * Add d/patches/disable-TestDoRequestSerialErrorsOnNoHost.patch to disable
+ a flaky test.
+
+ -- Michael Hudson-Doyle <mwhudson@debian.org> Tue, 16 Jan 2018 13:02:31 +1300
+
+snapd (2.30-3) unstable; urgency=medium
+
+ * Fix arch builds again, sigh,
+
+ -- Michael Hudson-Doyle <mwhudson@debian.org> Tue, 09 Jan 2018 13:56:48 +1300
+
+snapd (2.30-2) unstable; urgency=medium
+
+ * Fix arch-all-only build. (Closes: 886431)
+
+ -- Michael Hudson-Doyle <mwhudson@debian.org> Tue, 09 Jan 2018 10:48:20 +1300
+
+snapd (2.30-1) unstable; urgency=medium
+
+ * New upstream release.
+ * Remove several patches:
+ - 0001-osutil-adjust-StreamCommand-tests-for-golang-1.9.patch: included in
+ release.
+ - apparmor-compat.patch, no-reexec-on-debian.patch: Removed as upstream
+ now implements a better solution to the problem.
+ - pb.v1-canonical-path.patch: applied upstream.
+ * Stop installing udev/rules.d/80-snappy-assign.rules, gone upstream
+
+ -- Michael Hudson-Doyle <mwhudson@debian.org> Fri, 05 Jan 2018 09:39:07 +1300
+
+snapd (2.28.5) xenial; urgency=medium
+
+ * New upstream release, LP: #1714984
+ - snap-confine: cleanup broken nvidia udev tags
+ - cmd/snap-confine: update valid security tag regexp
+ - overlord/ifacestate: refresh udev backend on startup
+ - dbus: ensure io.snapcraft.Launcher.service is created on re-
+ exec
+ - snap-confine: add support for handling /dev/nvidia-modeset
+ - interfaces/network-control: remove incorrect rules for tun
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Fri, 13 Oct 2017 23:25:46 +0200
+
+snapd (2.28.4) xenial; urgency=medium
+
+ * New upstream release, LP: #1714984
+ - interfaces/opengl: don't udev tag nvidia devices and use snap-
+ confine instead
+ - debian: fix replaces/breaks for snap-xdg-open (thanks to apw!)
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Wed, 11 Oct 2017 19:40:57 +0200
+
+snapd (2.28.3) xenial; urgency=medium
+
+ * New upstream release, LP: #1714984
+ - interfaces/lxd: lxd slot implementation can also be an app
+ snap
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Wed, 11 Oct 2017 08:20:26 +0200
+
+snapd (2.28.2) xenial; urgency=medium
+
+ * New upstream release, LP: #1714984
+ - interfaces: fix udev rules for tun
+ - release,cmd,dirs: Redo the distro checks to take into account
+ distribution families
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Tue, 10 Oct 2017 18:39:58 +0200
+
+snapd (2.28.1) xenial; urgency=medium
+
+ * New upstream release, LP: #1714984
+ - snap-confine: update apparmor rules for fedora based basesnaps
+ - snapstate: rename refresh hook to post-refresh for consistency
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Wed, 27 Sep 2017 17:59:49 -0400
+
+snapd (2.28) xenial; urgency=medium
+
+ * New upstream release, LP: #1714984
+ - hooks: rename refresh to after-refresh
+ - snap-confine: bind mount /usr/lib/snapd relative to snap-confine
+ - cmd,dirs: treat "liri" the same way as "arch"
+ - snap-confine: fix base snaps on core
+ - hooks: substitute env vars when executing hooks
+ - interfaces: updates for default, browser-support, desktop, opengl,
+ upower and stub-resolv.conf
+ - cmd,dirs: treat manjaro the same as arch
+ - systemd: do not run auto-import and repair services on classic
+ - packaging/fedora: Ensure vendor/ is empty for builds and fix spec
+ to build current master
+ - many: fix TestSetConfNumber missing an Unlock and other fragility
+ improvements
+ - osutil: adjust StreamCommand tests for golang 1.9
+ - daemon: allow polkit authorisation to install/remove snaps
+ - tests: make TestCmdWatch more robust
+ - debian: improve package description
+ - interfaces: add netlink kobject uevent to hardware observe
+ - debian: update trusted account-keys check on 14.04 packaging
+ - interfaces/network-{control,observe}: allow receiving
+ kobject_uevent() messages
+ - tests: fix lxd test for external backend
+ - snap-confine,snap-update-ns: add -no-pie to fix FTBFS on
+ go1.7,ppc64
+ - corecfg: mock "systemctl" in all corecfg tests
+ - tests: fix unit tests on Ubuntu 14.04
+ - debian: add missing flags when building static snap-exec
+ - many: end-to-end support for the bare base snap
+ - overlord/snapstate: SetRootDir from SetUpTest, not in just some
+ tests
+ - store: have an ad-hoc method on cfg to get its list of uris for
+ tests
+ - daemon: let client decide whether to allow interactive auth via
+ polkit
+ - client,daemon,snap,store: add license field
+ - overlord/snapstate: rename HasCurrent to IsInstalled, remove
+ superfluous/misleading check from All
+ - cmd/snap: SetRootDir from SetUpTest, not in just some individual
+ tests.
+ - systemd: rename snap-repair.{service,timer} to snapd.snap-
+ repair.{service,timer}
+ - snap-seccomp: remove use of x/net/bpf from tests
+ - httputil: more naive per go version way to recreate a default
+ transport for tls reconfig
+ - cmd/snap-seccomp/main_test.go: add one more syscall for arm64
+ - interfaces/opengl: use == to compare, not =
+ - cmd/snap-seccomp/main_test.go: add syscalls for armhf and arm64
+ - cmd/snap-repair: track and use a lower bound for the time for
+ TLSÂ checks
+ - interfaces: expose bluez interface on classic OS
+ - snap-seccomp: add in-kernel bpf tests
+ - overlord: always try to get a serial, lazily on classic
+ - tests: add nmcli regression test
+ - tests: deal with __PNR_chown on aarch64 to fix FTBFS on arm64
+ - tests: add autopilot-introspection interface test
+ - vendor: fix artifact from manually editing vendor/vendor.json
+ - tests: rename complexion to test-snapd-complexion
+ - interfaces: add desktop and desktop-legacy
+ interfaces/desktop: add new 'desktop' interface for modern DEs
+ interfaces/builtin/desktop_test.go: use modern testing techniques
+ interfaces/wayland: allow read on /etc/drirc for Plasma desktop
+ interfaces/desktop-legacy: add new 'legacy' interface (currently
+ for a11y and input)
+ - tests: fix race in snap userd test
+ - devices/iio: add read/write for missing sysfs entries
+ - spread: don't set HTTPS?_PROXY for linode
+ - cmd/snap-repair: check signatures of repairs from Next
+ - env: set XDG_DATA_DIRS for wayland et.al.
+ - interfaces/{default,account-control}: Use username/group instead
+ of uid/gid
+ - interfaces/builtin: use udev tagging more broadly
+ - tests: add basic lxd test
+ - wrappers: ensure bash completion snaps install on core
+ - vendor: use old golang.org/x/crypto/ssh/terminal to build on
+ powerpc again
+ - docs: add PULL_REQUEST_TEMPLATE.md
+ - interfaces: fix network-manager plug
+ - hooks: do not error out when hook is optional and no hook handler
+ is registered
+ - cmd/snap: add userd command to replace snapd-xdg-open
+ - tests: new regex used to validate the core version on extra snaps
+ ass...
+ - snap: add new `snap switch` command
+ - tests: wait more and more debug info about fakestore start issues
+ - apparmor,release: add better apparmor detection/mocking code
+ - interfaces/i2c: adjust sysfs rule for alternate paths
+ - interfaces/apparmor: add missing call to dirs.SetRootDir
+ - cmd: "make hack" now also installs snap-update-ns
+ - tests: copy files with less verbosity
+ - cmd/snap-confine: allow using additional libraries required by
+ openSUSE
+ - packaging/fedora: Merge changes from Fedora Dist-Git
+ - snapstate: improve the error message when classic confinement is
+ not supported
+ - tests: add test to ensure amd64 can run i386 syscall binaries
+ - tests: adding extra info for fakestore when fails to start
+ - tests: install most important snaps
+ - cmd/snap-repair: more test coverage of filtering
+ - squashfs: remove runCommand/runCommandWithOutput as we do not need
+ it
+ - cmd/snap-repair: ignore superseded revisions, filter on arch and
+ models
+ - hooks: support for refresh hook
+ - Partial revert "overlord/devicestate, store: update device auth
+ endpoints URLs"
+ - cmd/snap-confine: allow reading /proc/filesystems
+ - cmd/snap-confine: genearlize apparmor profile for various lib
+ layout
+ - corecfg: fix proxy.* writing and add integration test
+ - corecfg: deal with system.power-key-action="" correctly
+ - vendor: update vendor.json after (presumed) manual edits
+ - cmd/snap: in `snap info`, don't print a newline between tracks
+ - daemon: add polkit support to /v2/login
+ - snapd,snapctl: decode json using Number
+ - client: fix go vet 1.7 errors
+ - tests: make 17.04 shellcheck clean
+ - tests: remove TestInterfacesHelp as it breaks when go-flags
+ changes
+ - snapstate: undo a daemon restart on classic if needed
+ - cmd/snap-repair: recover brand/model from
+ /var/lib/snapd/seed/assertions checking signatures and brand
+ account
+ - spread: opt into unsafe IO during spread tests
+ - snap-repair: update snap-repair/runner_test.go for API change in
+ makeMockServer
+ - cmd/snap-repair: skeleton code around actually running a repair
+ - tests: wait until the port is listening after start the fake store
+ - corecfg: fix typo in tests
+ - cmd/snap-repair: test that redirects works during fetching
+ - osutil: honor SNAPD_UNSAFE_IO for testing
+ - vendor: explode and make more precise our golang.go/x/crypto deps,
+ use same version as Debian unstable
+ - many: sanitize NewStoreStack signature, have shared default store
+ test private keys
+ - systemd: disable `Nice=-5` to fix error when running inside lxd
+ - spread.yaml: update delta ref to 2.27
+ - cmd/snap-repair: use E-Tags when refetching a repair to retry
+ - interfaces/many: updates based on chromium and mrrescue denials
+ - cmd/snap-repair: implement most logic to get the next repair to
+ run/retry in a brand sequence
+ - asserts/assertstest: copy headers in SigningDB.Sign
+ - interfaces: convert uhid to common interface and test cases
+ improvement for time_control and opengl
+ - many tests: move all panicing fake store methods to a common place
+ - asserts: add store assertion type
+ - interfaces: don't crash if content slot has no attributes
+ - debian: do not build with -buildmode=pie on i386
+ - wrappers: symlink completion snippets when symlinking binaries
+ - tests: adding more debug information for the interfaces-cups-
+ control …
+ - apparmor: pass --quiet to parser on load unless SNAPD_DEBUG is set
+ - many: allow and support serials signed by the 'generic' authority
+ instead of the brand
+ - corecfg: add proxy configuration via `snap set core
+ proxy.{http,https,ftp}=...`
+ - interfaces: a bunch of interfaces test improvement
+ - tests: enable regression and completion suites for opensuse
+ - tests: installing snapd for nested test suite
+ - interfaces: convert lxd_support to common iface
+ - interfaces: add missing test for camera interface.
+ - snap: add support for parsing snap layout section
+ - cmd/snap-repair: like for downloads we cannot have a timeout (at
+ least for now), less aggressive retry strategies
+ - overlord: rely on more conservative ensure interval
+ - overlord,store: no piles of return args for methods gathering
+ device session request params
+ - overlord,store: send model assertion when setting up device
+ sessions
+ - interfaces/misc: updates for unity7/x11, browser-
+ support, network-control and mount-observe
+ interfaces/unity7,x11: update for NETLINK_KOBJECT_UEVENT
+ interfaces/browser-support: update sysfs reads for
+ newer browser versions, interfaces/network-control: rw for
+ ieee80211 advanced wireless interfaces/mount-observe: allow read
+ on sysfs entries for block devices
+ - tests: use dnf --refresh install to avert stale cache
+ - osutil: ensure TestLockUnlockWorks uses supported flock
+ - interfaces: convert lxd to common iface
+ - tests: restart snapd to ensure re-exec settings are applied
+ - tests: fix interfaces-cups-control test
+ - interfaces: improve and tweak bunch of interfaces test cases.
+ - tests: adding extra worker for fedora
+ - asserts,overlord/devicestate: support predefined assertions that
+ don't establish foundational trust
+ - interfaces: convert two hardware_random interfaces to common iface
+ - interfaces: convert io_ports_control to common iface
+ - tests: fix for upgrade test on fedora
+ - daemon, client, cmd/snap: implement snap start/stop/restart
+ - cmd/snap-confine: set _FILE_OFFSET_BITS to 64
+ - interfaces: covert framebuffer to commonInterface
+ - interfaces: convert joystick to common iface
+ - interfaces/builtin: add the spi interface
+ - wrappers, overlord/snapstate/backend: make link-snap clean up on
+ failure.
+ - interfaces/wayland: add wayland interface
+ - interfaces: convert kvm to common iface
+ - tests: extend upower-observe test to cover snaps providing slots
+ - tests: enable main suite for opensuse
+ - interfaces: convert physical_memory_observe to common iface
+ - interfaces: add missing test for optical_drive interface.
+ - interfaces: convert physical_memory_control to common iface
+ - interfaces: convert ppp to common iface
+ - interfaces: convert time-control to common iface
+ - tests: fix failover test
+ - interfaces/builtin: rework for avahi interface
+ - interfaces: convert broadcom-asic-control to common iface
+ - snap/snapenv: document the use of CoreSnapMountDir for SNAP
+ - packaging/arch: drop patches merged into master
+ - cmd: fix mustUnsetenv docstring (thanks to Chipaca)
+ - release: remove default from VERSION_ID
+ - tests: enable regression, upgrade and completion test suites for
+ fedora
+ - tests: restore interfaces-account-control properly
+ - overlord/devicestate, store: update device auth endpoints URLs
+ - tests: fix install-hook test failure
+ - tests: download core and ubuntu-core at most once
+ - interfaces: add common support for udev
+ - overlord/devicestate: fix, don't assume that the serial is backed
+ by a 1-key chain
+ - cmd/snap-confine: don't share /etc/nsswitch from host
+ - store: do not resume a download when we already have the whole
+ thing
+ - many: implement "snap logs"
+ - store: don't call useDeltas() twice in quick succession
+ - interfaces/builtin: add kvm interface
+ - snap/snapenv: always expect /snap for $SNAP
+ - cmd: mark arch as non-reexecing distro
+ - cmd: fix tests that assume /snap mount
+ - gitignore: ignore more build artefacts
+ - packaging: add current arch packaging
+ - interfaces/unity7: allow receiving media key events in (at least)
+ gnome-shell
+ - interfaces/many, cmd/snap-confine: miscellaneous policy updates
+ - interfaces/builtin: implement broadcom-asic-control interface
+ - interfaces/builtin: reduce duplication and remove cruft in
+ Sanitize{Plug,Slot}
+ - tests: apply underscore convention for SNAPMOUNTDIR variable
+ - interfaces/greengrass-support: adjust accesses now that have
+ working snap
+ - daemon, client, cmd/snap: implement "snap services"
+ - tests: fix refresh tests not stopping fake store for fedora
+ - many: add the interface command
+ - overlord/snapstate/backend: some copydata improvements
+ - many: support querying and completing assertion type names
+ - interfaces/builtin: discard empty Validate{Plug,Slot}
+ - cmd/snap-repair: start of Runner, implement first pass of Peek
+ and Fetch
+ - tests: enable main suite on fedora
+ - snap: do not always quote the snap info summary
+ - vendor: update go-flags to address crash in "snap debug"
+ - interfaces: opengl support pci device and vendor
+ - many: start implenting "base" snap type on the snapd side
+ - arch,release: map armv6 correctly
+ - many: expose service status in 'snap info'
+ - tests: add browser-support interface test
+ - tests: disable snapd-notify for the external backend
+ - interfaces: Add /run/uuid/request to openvswitch
+ - interfaces: add password-manager-service implicit classic
+ interface
+ - cmd: rework reexec detection
+ - cmd: fix re-exec bug when starting from snapd 2.21
+ - tests: dependency packages installed during prepare-project
+ - tests: remove unneeded check for re-exec in InternalToolPath()
+ - cmd,tests: fix classic confinement confusing re-execution code
+ - store: configurable base api
+ - tests: fix how package lists are updated for opensuse and fedora
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Mon, 25 Sep 2017 12:07:34 -0400
+
+snapd (2.27.6-2) unstable; urgency=medium
+
+ * Add d/patches/0001-osutil-adjust-StreamCommand-tests-for-golang-1.9.patch
+ to fix FTBFS with Go 1.9. (Closes: #876867)
+
+ -- Michael Hudson-Doyle <mwhudson@debian.org> Tue, 26 Sep 2017 13:41:53 -0400
+
+snapd (2.27.6-1) unstable; urgency=medium
+
+ * New upstream release, LP: #1703798:
+ - interfaces: add udev netlink support to hardware-observe
+ - interfaces/network-{control,observe}: allow receiving
+ kobject_uevent() messages
+
+ -- Zygmunt Krynicki <me@zygoon.pl> Fri, 08 Sep 2017 00:03:18 +0200
+
+snapd (2.27.5-1) unstable; urgency=medium
+
+ * New upstream release.
+ - interfaces: fix network-manager plug regression
+ - hooks: do not error when hook handler is not registered
+ - interfaces/alsa,pulseaudio: allow read on udev data for sound
+ - interfaces/optical-drive: read access to udev data for /dev/scd*
+ - interfaces/browser-support: read on /proc/vmstat and misc udev data
+
+ -- Zygmunt Krynicki <me@zygoon.pl> Thu, 31 Aug 2017 10:11:20 +0200
+
+snapd (2.27.4-1) unstable; urgency=medium
+
+ * New upstream release.
+ * Enable seccomp.
+
+ -- Michael Hudson-Doyle <michael.hudson@ubuntu.com> Thu, 24 Aug 2017 22:12:52 +1200
+
+snapd (2.27.2-2) unstable; urgency=medium
+
+ * Fix re-exec test failure.
+
+ -- Michael Hudson-Doyle <michael.hudson@ubuntu.com> Fri, 18 Aug 2017 11:37:47 +1200
+
+snapd (2.27.2-1) unstable; urgency=medium
+
+ * New upstream release.
+ * Stop using single-debian-patch, split delta into separate patches.
+ * Allow confining snap-confine even when --disable-apparmor is used.
+ * Pass --enable-static-libcap to cmd/configure, as was always the intention.
+ * Disable re-exec on Debian until core snap can cope with a partial apparmor
+ implementation. (Closes: #851473)
+
+ -- Michael Hudson-Doyle <michael.hudson@ubuntu.com> Fri, 18 Aug 2017 11:00:31 +1200
+
+snapd (2.27.1-1) unstable; urgency=medium
+
+ * New upstream release. (Closes: #868959, #869268, #872071)
+ * New changes to upstream sources:
+ - Disable cmd/snap-seccomp tests as they depend on an unpackaged fork of
+ golang/x/net.
+ - Use upstream version of libseccomp-golang.
+ * Do not install ancient ubuntu-core-launcher symlink.
+
+ -- Michael Hudson-Doyle <michael.hudson@ubuntu.com> Mon, 14 Aug 2017 21:53:09 +1200
+
+snapd (2.27.1) xenial; urgency=medium
+
+ * New upstream release, LP: #1703798:
+ - tests: use dnf --refresh install to avert stale cache
+ - tests: fix test failure on 14.04 due to old version of
+ flock
+ - updates for unity7/x11, browser-support, network-control,
+ mount-observe
+ - interfaces/unity7,x11: update for NETLINK_KOBJECT_UEVENT
+ - interfaces/browser-support: update sysfs reads for
+ newer browser versions
+ - interfaces/network-control: rw for ieee80211 advanced wireless
+ - interfaces/mount-observe: allow read on sysfs entries for block
+ devices
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Mon, 14 Aug 2017 08:02:17 +0200
+
+snapd (2.27) xenial; urgency=medium
+
+ * New upstream release, LP: #1703798
+ - fix build failure on 32bit fedora
+ - interfaces: add password-manager-service implicit classic interface
+ - interfaces/greengrass-support: adjust accesses now that have working
+ snap
+ - interfaces/many, cmd/snap-confine: miscellaneous policy updates
+ - interfaces/unity7: allow receiving media key events in (at least)
+ gnome-shell
+ - cmd: fix re-exec bug when starting from snapd 2.21
+ - tests: restore interfaces-account-control properly
+ - cmd: fix tests that assume /snap mount
+ - cmd: mark arch as non-reexecing distro
+ - snap-confine: don't share /etc/nsswitch from host
+ - store: talk to api.snapcraft.io for purchases
+ - hooks: support for install and remove hooks
+ - packaging: fix Fedora support
+ - tests: add bluetooth-control interface test
+ - store: talk to api.snapcraft.io for assertions
+ - tests: remove snapd before building from branch
+ - tests: add avahi-observe interface test
+ - store: orders API now checks if customer is ready
+ - cmd/snap: snap find only searches stable
+ - interfaces: updates default, mir, optical-observe, system-observe,
+ screen-inhibit-control and unity7
+ - tests: speedup prepare statement part 1
+ - store: do not send empty refresh requests
+ - asserts: fix error handling in snap-developer consistency check
+ - systemd: add explicit sync to snapd.core-fixup.sh
+ - snapd: generate snap cookies on startup
+ - cmd,client,daemon: expose "force devmode" in sysinfo
+ - many: introduce and use strutil.ListContains and also
+ strutil.SortedListContains
+ - assserts,overlord/assertstate: test we don't accept chains of
+ assertions founded on a self-signed key coming externally
+ - interfaces: enable access to bridge settings
+ - interfaces: fix copy-pasted iio vs io in io-ports-control
+ - cmd/snap-confine: various small fixes and tweaks to seccomp
+ support code
+ - interfaces: bring back seccomp argument filtering
+ - systemd, osutil: rework systemd logs in preparation for services
+ commands
+ - tests: store /etc/systemd/system/snap-*core*.mount in snapd-
+ state.tar.gz
+ - tests: shellcheck improvements for tests/main tasks - first set of
+ tests
+ - cmd/snap: `--last` for abort and watch, and aliases
+ (search→find, change→tasks)
+ - tests: shellcheck improvements for tests/lib scripts
+ - tests: create ramdisk if it's not present
+ - tests: shellcheck improvements for nightly upgrade and regressions
+ tests
+ - snapd: fix for snapctl get panic on null config values.
+ - tests: fix for rng-tools service not restarting
+ - systemd: add snapd.core-fixup.service unit
+ - cmd: avoid using current symlink in InternalToolPath
+ - tests: fix timeout issue for test refresh core with hanging …
+ - intefaces: control bridged vlan/ppoe-tagged traffic
+ - cmd/snap: include snap type in notes
+ - overlord/state: Abort() only visits each task once
+ - tests: extend find-private test to cover more cases
+ - snap-seccomp: skip socket() tests on systems that use socketcall()
+ instead of socket()
+ - many: support snap title as localized/title-cased name
+ - snap-seccomp: deal with mknod on aarch64 in the seccomp tests
+ - interfaces: put base policy fragments inside each interface
+ - asserts: introduce NewDecoderWithTypeMaxBodySize
+ - tests: fix snapd-notify when it takes more time to restart
+ - snap-seccomp: fix snap-seccomp tests in artful
+ - tests: fix for create-key task to avoid rng-tools service ramains
+ alive
+ - snap-seccomp: make sure snap-seccomp writes the bpf file
+ atomically
+ - tests: do not disable ipv6 on core systems
+ - arch: the kernel architecture name is armv7l instead of armv7
+ - snap-confine: ensure snap-confine waits some seconds for seccomp
+ security profiles
+ - tests: shellcheck improvements for tests/nested tasks
+ - wrappers: add SyslogIdentifier to the service unit files.
+ - tests: shellcheck improvements for unit tasks
+ - asserts: implement FindManyTrusted as well
+ - asserts: open up and optimize Encoder to help avoiding unnecessary
+ copying
+ - interfaces: simplify snap-confine by just loading pre-generated
+ bpf code
+ - tests: restart rng-tools services after few seconds
+ - interfaces, tests: add mising dbus abstraction to system-observe
+ and extend spread test
+ - store: change main store host to api.snapcraft.io
+ - overlord/cmdstate: new package for running commands as tasks.
+ - spread: help libapt resolve installing libudev-dev
+ - tests: show the IP from .travis.yaml
+ - tests/main: use pkgdb function in more test cases
+ - cmd,daemon: add debug command for displaying the base policy
+ - tests: prevent quoting error on opensuse
+ - tests: fix nightly suite
+ - tests: add linode-sru backend
+ - snap-confine: validate SNAP_NAME against security tag
+ - tests: fix ipv6 disable for ubuntu-core
+ - tests: extend core-revert test to cover bluez issues
+ - interfaces/greengrass-support: add support for Amazon Greengrass
+ as a snap
+ - asserts: support timestamp and optional disabled header on repair
+ - tests: reboot after upgrading to snapd on the -proposed pocket
+ - many: fix test cases to work with different DistroLibExecDir
+ - tests: reenable help test on ubuntu and debian systems
+ - packaging/{opensuse,fedora}: allow package build with testkeys
+ included
+ - tests/lib: generalize RPM build support
+ - interfaces/builtin: sync connected slot and permanent slot snippet
+ - tests: fix snap create-key by restarting automatically rng-tools
+ - many: switch to use http numeric statuses as agreed
+ - debian: add missing Type=notify in 14.04 packaging
+ - tests: mark interfaces-openvswitch as manual due to prepare errors
+ - debian: unify built_using between the 14.04 and 16.04 packaging
+ branch
+ - tests: pull from urandom when real entropy is not enough
+ - tests/main/manpages: install missing man package
+ - tests: add refresh --time output check
+ - debian: add missing "make -C data/systemd clean"
+ - tests: fix for upgrade test when it is repeated
+ - tests/main: use dir abstraction in a few more test cases
+ - tests/main: check for confinement in a few more interface tests
+ - spread: add fedora snap bin dir to global PATH
+ - tests: check that locale-control is not present on core
+ - many: snapctl outside hooks
+ - tests: add whoami check
+ - interfaces: compose the base declaration from interfaces
+ - tests: fix spread flaky tests linode
+ - tests,packaging: add package build support for openSUSE
+ - many: slight improvement of some snap error messaging
+ - errtracker: Include /etc/apparmor.d/usr.lib.snap-confine md5sum in
+ err reports
+ - tests: fix for the test postrm-purge
+ - tests: restoring the /etc/environment and service units config for
+ each test
+ - daemon: make snapd a "Type=notify" daemon and notify when startup
+ is done
+ - cmd/snap-confine: add support for --base snap
+ - many: derive implicit slots from interface meta-data
+ - tests: add core revert test
+ - tests,packaging: add package build support for Fedora for our
+ spread setup
+ - interfaces: move base declaration to the policy sub-package
+ - tests: fix for snapd-reexec test cheking for restart info on debug
+ log
+ - tests: show available entropy on error
+ - tests: clean journalctl logs on trusty
+ - tests: fix econnreset on staging
+ - tests: modify core before calling set
+ - tests: add snap-confine privilege test
+ - tests: add staging snap-id
+ - interfaces/builtin: silence ptrace denial for network-manager
+ - tests: add alsa interface spread test
+ - tests: prefer ipv4 over ipv6
+ - tests: fix for econnreset test checking that the download already
+ started
+ - httputil,store: extract retry code to httputil, reorg usages
+ - errtracker: report if snapd did re-execute itself
+ - errtracker: include bits of snap-confine apparmor profile
+ - tests: take into account staging snap-ids for snap-info
+ - cmd: add stub new snap-repair command and add timer
+ - many: stop "snap refresh $x --channel invalid" from working
+ - interfaces: revert "interfaces: re-add reverted ioctl and quotactl
+ - snapstate: consider connect/disconnect tasks in
+ CheckChangeConflict.
+ - interfaces: disable "mknod |N" in the default seccomp template
+ again
+ - interfaces,overlord/ifacestate: make sure installing slots after
+ plugs works similarly to plugs after slots
+ - interfaces/seccomp: add bind() syscall for forced-devmode systems
+ - packaging/fedora: Sync packaging from Fedora Dist-Git
+ - tests: move static and unit tests to spread task
+ - many: error types should be called FooError, not ErrFoo.
+ - partition: add directory sync to the save uboot.env file code
+ - cmd: test everything (100% coverage \o/)
+ - many: make shell scripts shellcheck-clean
+ - tests: remove additional setup for docker on core
+ - interfaces: add summary to each interface
+ - many: remove interface meta-data from list of connections
+ - logger (& many more, to accommodate): drop explicit syslog.
+ - packaging: import packaging bits for opensuse
+ - snapstate,many: implement snap install --unaliased
+ - tests/lib: abstract build dependency installation a bit more
+ - interfaces, osutil: move flock code from interfaces/mount to
+ osutil
+ - cmd: auto import assertions only from ext4,vfat file systems
+ - many: refactor in preparation for 'snap start'
+ - overlord/snapstate: have an explicit code path last-refresh
+ unset/zero => immediately refresh try
+ - tests: fixes for executions using the staging store
+ - tests: use pollinate to seed the rng
+ - cmd/snap,tests: show the sha3-384 of the snap for snap info
+ --verbose SNAP-FILE
+ - asserts: simplify and adjust repair assertion definition
+ - cmd/snap,tests: show the snap id if available in snap info
+ - daemon,overlord/auth: store from model assertion wins
+ - cmd/snap,tests/main: add confinement switch instead of spread
+ system blacklisting
+ - many: cleanup MockCommands and don't leave a process around after
+ hookstate tests
+ - tests: update listing test to the core version number schema
+ - interfaces: allow snaps to use the timedatectl utility
+ - packaging: Add Fedora packaging files
+ - tests/libs: add distro_auto_remove_packages function
+ - cmd/snap: correct devmode note for anomalous state
+ - tests/main/snap-info: use proper pkgdb functions to install distro
+ packages
+ - tests/lib: use mktemp instead of tempfile to work cross-distro
+ - tests: abstract common dirs which differ on distributions
+ - many: model and expose interface meta-data.
+ - overlord: make config defaults from gadget work also at first boot
+ - interfaces/log-observe: allow using journalctl from hostfs for
+ classic distro
+ - partition,snap: add support for android boot
+ - errtracker: small simplification around readMachineID
+ - snap-confine: move rm_rf_tmp to test-utils.
+ - tests/lib: introduce pkgdb helper library
+ - errtracker: try multiple paths to read machine-id
+ - overlord/hooks: make sure only one hook for given snap is executed
+ at a time.
+ - cmd/snap-confine: use SNAP_MOUNT_DIR to setup /snap inside the
+ confinement env
+ - tests: bump kill-timeout and remove quiet call on build
+ - tests/lib/snaps: add a test store snap with a passthrough
+ configure hook
+ - daemon: teach the daemon to wait on active connections when
+ shutting down
+ - tests: remove unit tests task
+ - tests/main/completion: source from /usr/share/bash-completion
+ - assertions: add "repair" assertion
+ - interfaces/seccomp: document Backend.NewSpecification
+ - wrappers: make StartSnapServices cleanup any services that were
+ added if a later one fails
+ - overlord/snapstate: avoid creating command aliases for daemons
+ - vendor: remove unused packages
+ - vendor,partition: fix panics from uenv
+ - cmd,interfaces/mount: run snap-update-ns and snap-discard-ns from
+ core if possible
+ - daemon: do not allow to install ubuntu-core anymore
+ - wrappers: service start/stop were inconsistent
+ - tests: fix failing tests (snap core version, syslog changes)
+ - cmd/snap-update-ns: add actual implementation
+ - tests: improve entropy also for ubuntu
+ - cmd/snap-confine: use /etc/ssl from the core snap
+ - wrappers: don't convert between []byte and string needlessly.
+ - hooks: default timeout
+ - overlord/snapstate: Enable() was ignoring the flags from the
+ snap's state, resulting in losing "devmode" on disable/enable.
+ - difs,interfaces/mount: add support for locking namespaces
+ - interfaces/mount: keep track of kept mount entries
+ - tests/main: move a bunch of greps over to MATCH
+ - interfaces/builtin: make all interfaces private
+ - interfaces/mount: spell unmount correctly
+ - tests: allow 16-X.Y.Z version of core snap
+ - the timezone_control interface only allows changing /etc/timezone
+ and /etc/writable/timezone. systemd-timedated also updated the
+ link of /etc/localtime and /etc/writable/localtime ... allow
+ access to this file too
+ - cmd/snap-confine: aggregate operations holding global lock
+ - api, ifacestate: resolve disconnect early
+ - interfaces/builtin: ensure we don't register interfaces twice
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 10 Aug 2017 12:43:16 +0200
+
+snapd (2.26.14) xenial; urgency=medium
+
+ * New upstream release, LP: #1690083
+ - cmd: fix incorrect re-exec when starting from snapd 2.21
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 20 Jul 2017 13:52:05 +0200
+
+snapd (2.26.13) xenial; urgency=medium
+
+ * New upstream release, LP: #1690083
+ - cmd,tests: fix classic confinement confusing re-execution code
+ - cmd: fix incorrect check check for re-exec in InternalToolPath()
+ - snap-seccomp: add secondary arch for unrestricted snaps as well
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Tue, 18 Jul 2017 20:34:33 +0200
+
+snapd (2.26.10) xenial; urgency=medium
+
+ * New upstream release, LP: #1690083
+ - Fix snap-seccomp tests in artful/trusty on i386/s390x/aarch64
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Mon, 17 Jul 2017 11:58:22 +0200
+
+snapd (2.26.9) xenial; urgency=medium
+
+ * New upstream release, LP: #1690083
+ - statically link libseccomp in snap-seccomp to fix refresh issue
+ on trusty
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Wed, 12 Jul 2017 08:27:14 +0200
+
+snapd (2.26.8) xenial; urgency=medium
+
+ * New upstream release, LP: #1690083
+ - Fix snap-seccomp tests in artful/trusty on i386/s390x/aarch64
+ - add snapd.core-fixup.service unit
+ - ensure re-exec uses the right internal tools
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Wed, 05 Jul 2017 07:48:22 +0200
+
+snapd (2.26.6) xenial; urgency=medium
+
+ * New upstream release, LP: #1690083
+ - interfaces: allow snaps to use the timedatectl utility in
+ time-control
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Tue, 27 Jun 2017 08:36:23 +0100
+
+snapd (2.26.5) xenial; urgency=medium
+
+ * New upstream release, LP: #1690083
+ - backport of seccomp-bpf branch to the 2.26 release to ensure snap
+ revert with new seccomp syntax works correctly
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Mon, 26 Jun 2017 15:30:15 +0100
+
+snapd (2.26.4) xenial; urgency=medium
+
+ * New upstream release, LP: #1690083
+ - partly revert aace15ab53 to unbreak core reverts
+ - Revert "interfaces: re-add reverted ioctl and quotactl (revert 21bc6b9f)"
+ - Disable "mknod |N" in the default seccomp template
+ reasons outline in https://forum.snapcraft.io/t/snapd-2-25-blocked-because-of-revert-race-condition
+ - errtracker: include bits of snap-confine apparmor profile
+ - errtracker: report if snapd did re-execute itself
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 01 Jun 2017 18:50:52 +0200
+
+snapd (2.26.3) xenial; urgency=medium
+
+ * New upstream release, LP: #1690083
+ - cherry pick test fixes f0103a6, 9de5c8a, d7725a7 to make
+ sure the image tests are updated for the changes in the
+ `snap info core` output and the removal of the rsyslog
+ package from core.
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Wed, 17 May 2017 11:31:56 +0200
+
+snapd (2.26.2) xenial; urgency=medium
+
+ * New upstream release, LP: #1690083
+ - cherry pick d444728 to make the uboot.env file parsing more
+ robust
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Tue, 16 May 2017 18:37:07 +0200
+
+snapd (2.26.1) xenial; urgency=medium
+
+ * New upstream release, LP: #1690083
+ - store: fix panic error in auth
+ - tests: the new ubuntu-image snap needs classic confinement, adjust
+ tests
+ - cmd/snap-confine: don't fail on pre 3.8 kernel
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 11 May 2017 21:44:27 +0200
+
+snapd (2.26) xenial; urgency=medium
+
+ * New upstream release, LP: #1690083
+ - timeutil: avoid panicking when the window is very small
+ - image: fix go vet issue
+ - overlord/ifacestate: don't spam logs with harmless auto-connect
+ messages
+ - interfaces/builtin: add network-status interface
+ - interfaces/builtin: add online-accounts-service interface
+ - interfaces/builtin: distribute code of touching allInterfaces
+ - interfaces: API additions for interface hooks
+ - interfaces/builtin: add storage-framework-service interface
+ - tests: disable create-key test on ppc64el for artful (expect not
+ working)
+ - snap: make `snap prepare-image --extra-snaps` derive side info
+ - tests: unify tests/{main/completion,completion}/lib.exp0
+ - cmd/snap: tweak info channels output
+ - interfaces: ensure that legacy interface methods are unused
+ - packaging: cleanup how built-using is generated
+ - tests: extend kernel-module-control interface test
+ - interfaces/network: workaround Go's need for NETLINK_ROUTE with
+ 'net'.
+ - cmd/snap-confine: use defensive argument parser
+ - tests: add test for empty snap name on revert
+ - overlord/hookstate: remove unused Context.timeout
+ - tests: additional setup in docker test for core systems
+ - configstate: return error if patch is invalid
+ - interfaces: add random interface
+ - store, daemon, client, cmd/snap: handle PASSWORD_POLICY_ERROR
+ - cmd/snap, client: add "whoami" command
+ - cmd/snap: iterate interface tab completion
+ - snap: move locale-control to only be present on classic
+ - interfaces/browser-support: deny read on squashfs backing files
+ and LVM vg names
+ - tests: wait for the docker socket to be listening
+ - snap: add `snap refresh --time` option
+ - tests: re-enable and moderninze /media sharing test
+ - cmd: make rst2man optional
+ - tests: remove quoting from [[ ]] when globs
+ - interfaces: allow plugging DBus clients to introspect the slot
+ service
+ - packaging/ubuntu*/changelog: drop extra dash
+ - snap-confine: init the ENTRY variable, coverity is unhappy
+ otherwise
+ - cmd/snap-confine/spread-tests: discard useless --version test
+ - spread: add spread target qemu:debian-9-64
+ - interfaces: mediate netlink sockets via seccomp
+ - tests,cmd/snap-confine: port older snapd-discard-ns tests
+ - cmd/snap-confine/tests: fix shellcheck on recently added files
+ - tests/upgrade: force install core snap from beta for debian
+ - overlord/snapstate/backend,interfaces/mount: move ns management
+ code.
+ - tests: extend network-control spread test to cope with network
+ namespaces
+ - tests: fail early in the spread suite if trying to run it inside a
+ container
+ - tests: set ownership of $PROJECT_PATH for the external backend
+ - tests: specify the auto-refreshable snap being tested
+ - many: fix tests with go1.8 / artful
+ - fix for tests: debian does not have /snap/bin in secure_path so
+ sudo
+ - snap: support for snap tasks --last=...
+ - cmd/snap-confine: remove obsolete debug message
+ - address review feedback, add a lot of comments :-), call
+ shellcheck on the completion scripts, fix a bug in compopt
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 11 May 2017 10:05:44 +0200
+
+snapd (2.25) xenial; urgency=medium
+
+ * New upstream release, LP: #1686713
+ - interfaces/default: allow mknod for regular files, pipes and
+ sockets
+ - many: use "SNAP.APP as ALIAS" instead of => when listing
+ added/removed aliases
+ - cmd/snap-confine: write current mount profile
+ - cmd/snap-discard-ns: remove current profile when cleaning up
+ - many: support debian in our CI
+ - tests: tweak time for econnreset test a bit more
+ - cmd/snap-confine: re-enable re-assciate fix for CE
+ - many: aliases v2 cleanups
+ - cmd/snap-confine: don't use apparmor if it is disabled on boot
+ - many: implement `snap prefer <snap>` (aliases v2)
+ - many: adjust /aliases and "snap aliases" to aliases v2, also some
+ cleanup
+ - snapstate: normalize gadget defaults
+ - many: allow core refresh.schedule setting
+ - many: show alias changes on snap alias/unalias (aliases v2)
+ - client,cmd/snap: improve messaging on --devmode and --classic
+ - many: implement `snap unalias <alias-or-snap>` (aliases v2)
+ - store: retry on connection reset
+ - interfaces/mount: add Change.Perform
+ - tests: add openvswitch interface spread test
+ - interfaces/i2c: allow modifying device-specific sysfs entries
+ - interfaces: allow writing to /run/systemd/journal/stdout by
+ default
+ - tests: ensure travis fails early if static checks fail
+ - store,daemon: make store interpret channel="" as stable in most
+ cases
+ - overlord/snapstate: make UpdateAliases idempotent, simplify the
+ backend interface bits for aliases not used anymore (aliases v2)
+ - many: implement snap alias <snap.app> <alias> (aliases v2)
+ - snap-confine: add code to ensure that / or /snap is mounted
+ "shared"
+ - many: show available "tracks" in `snap info`
+ - cmd/snap: make users Xauthority file available in snap environment
+ - interfaces/mount: write current fstab files with mode 0644
+ - overlord: switch to aliases v2 tasks for install/refresh etc ops
+ plus transition
+ - tests: parameterize gadget snap channel (#3117)
+ - tests: copy .real profile as .real
+ - tests: add empty initrd failover test
+ - many: mount squashfs as read-only
+ - cmd: make locking around namespaces explicit
+ - tests: address review comments from #3186
+ - tests: add dbus interface spread test
+ - interfaces/mount: add ReadMountInfo and LoadMountInfo
+ - snap: require snap name for 'revert'
+ - overlord: maintain per-revision snapshots of snap configuration
+ - tests: relax network-bind interface regexps
+ - interfaces: re-add reverted ioctl and quotactl (revert 21bc6b9f)
+ - store: retry once on hashsum mismatches in a Download()
+ - interfaces/builtin: don't panic if content plug has nil attrs
+ - interfaces/mount: pass mount.Profile to mount.NeededChanges
+ - packaging: add `built-using` header for 16.04 packaging
+ - interfaces: add media-hub interface
+ - interfaces/builtin: allow full access to properties iface of the
+ udisks service
+ - tests: handle case when both .real and plain are present
+ - interfaces/mount: add Change.String for readable output
+ - tests: ensure we mock force dev mode as well to fix FTBFS in
+ sbuild
+ - store: add more logs around retry in download
+ - interfaces/mount: add stub Change.{Needed,Perform}
+ - tests: allow installing snapd from -proposed for SRU validation
+ - interfaces/mount: parse mount options to map[string]string
+ - snap: added tasks subcommand
+ - tests: copy snap-confine apparmor profile into testbed
+ - interfaces/mount: improve go identifier names of mountinfo, parse
+ optional fields
+ - Arch Linux wants to respect FHS
+ (https://bugs.archlinux.org/task/53656),
+ - daemon: do not set RemoveSnapPath flag when doing a try
+ - debian: add maintscript helper to remove usr.lib.snapd.snap-
+ confine in snap-confine
+ - cmd/snap-confine: don't use plain "classic" term
+ - cmd/snap-confine: set TMPDIR and TEMPDIR each time
+ - many: fixes for `go vet` in go 1.7
+ - tests: add kernel-module-control interface test
+ - overlord/snapstate: introduce tasks for aliases v2 semantics with
+ temporary names for now (aliases v2)
+ - overlord/devicestate: switch to ssh-keygen for device key
+ generation
+ - snap: skip /dev/ram from auto-import assertions to make it less
+ noisy (#3010)
+ - interfaces: add kubernetes-support interface and adjust related
+ interfaces (LP: #1664638)
+ - tests: download previous snapd package from published versions
+ instead of specific PPA
+ - snap: run snap-confine from core if snap is also running from core
+ - overlord/ifacestate: automatically rename connections on core snap
+ - many: break the /aliases mutation API with a clean 400 (aliases
+ v2)
+ - interfaces/builting: allow read-only access to /sys/module
+ - tests: add extra test after the core transition for snap get/set
+ core
+ - store: misc cleanups in tests
+ - interfaces/mount: add parser for mountinfo entries
+ - store: tests for unexpected EOF
+ - tests: fix unity test
+ - interfaces,overlord: log interface auto-connection failures
+ - cmd/snap-update-ns: add C preamble for setns
+ - interfaces: validate plug/slot uniqueness
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Fri, 28 Apr 2017 07:57:49 +0200
+
+snapd (2.24.1) xenial; urgency=medium
+
+ * New upstream release, LP: #1681799:
+ - fix autopkgtest failures with stable core snap
+ - ensure the snap-confine transitional package cleans up
+ the no-longer-used apparmor profile to fix the kernels
+ autopkgtest failures
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Wed, 19 Apr 2017 11:54:33 +0200
+
+snapd (2.24) xenial; urgency=medium
+
+ * New upstream release, LP: #1681799:
+ - interfaces/mount: add InfoEntry type
+ - many: fix plug auto-connect during core transition
+ - interfaces: fold network bind into core support with tests
+ - .travis.yml: add option to make raw log less noisy
+ - interfaces: adjust shm accesses to use 'm' for updated mmap kernel
+ mediation
+ - many: rename two core plugs that clash with slot names
+ - snap-confine,browser-support: /dev/tty for snap-confine, misc
+ browser-support for gnome-shell
+ - store: add download test with EOF in the middle
+ - tests: adjust to look for network-bind-plug
+ - store: make hash error message more accurate
+ - overlord/snapstate: simplify AliasesStatus down to just an
+ AutoAliasesDisabled bool flag (aliases v2)
+ - errtracker: never send errtracker reports when running under
+ SNAPPY_TESTING
+ - interfaces/repo: validate slot/plug names
+ - daemon: Give the snap directories via GET /v2/system-info
+ - interfaces/unity7: support unity messaging menu
+ - interfaces/mount: add high-level Profile functions
+ - git: ignore only the cmd/Makefile{,.in}
+ - cmd: explicitly set _GNU_SOURCE and _FILE_OFFSET_BITS for xfs
+ support
+ - daemon: add desktop file location for app to the API
+ - overlord,release: disable classic snap support when not possible
+ - overlord: fix TestEnsureLoopPrune not to be so racy
+ - many: abstract path to /bin/{true,false}
+ - data/systemd: tweak data/systemd/Makefile to be slightly simpler
+ - store: handle EOF via url.Error check
+ - packaging: use templates for relevant systemd units
+ - tests: run gccgo only on ubuntu-16.04-64
+ - .travis.yml: remove travis matrix and do a single sequential run
+ - overlord/state: make sure that setting to nil a state key is
+ equivalent to deleting it
+ - tests: fix incorrect shell expression
+ - interfaces/mount: add OptsToFlags for converting arguments to
+ syscall…
+ - interfaces: add a joystick interface
+ - tests: enable docker test for more ubuntu-core systems
+ - tests: download and install additional dependencies when using
+ prepackaged snapd
+ - many: add support for partially static builds
+ - interfaces: allow slot to introspect dbus-daemon in dbus
+ interface, allow /usr/bin/arch by default
+ - interfaces/mount: fix golint issues
+ - interfaces/mount: add function for saving fstab-like file
+ - osutil: introducing GetenvInt64, like GetenvBool but Int64er.
+ - interfaces: drop udev tagging from framebuffer interface
+ - snapstate: more helpers to work with aliases state (aliases
+ v2)
+ - interfaces/mount: add function for parsing fstab-like file
+ - cmd: disable the re-associate fix as requested by jdstrand
+ - overlord/snapstate: unlock/relock the state less, especially not
+ across mutating the SnapState of a snap
+ - interfaces: allow executing ld.so (needed with new AppArmor base
+ abstraction)
+ - interfaces/mount: add function for parsing mount entries
+ - cmd: rework header check for xfs/xqm.h
+ - cmd: add poky to the list of distros which don't support reexec
+ - overlord: finish reorg, revert "be more conservative until we have
+ cut 2.23.x"
+ - cmd: select what socket to use in cmd/snap{,ctl}
+ - overlord: remove snap config values when snap is removed
+ - snapstate: introduce helper to apply to disk a alias states change
+ for a snap (aliases v2)
+ - configstate,hookstate: timeout the configure hook after 5 mins,
+ report failures to the errtracker
+ - interfaces/seccomp: add bind as part of the default seccomp policy
+ for hooks
+ - cmd: discard the C implementation of snap-update-ns
+ - tests: remove stale apt proxy leftover from cloud-init
+ - tests: move unity test to nightly suite
+ - interfaces: add support for location-observe for
+ dbus::ObjectManager session paths
+ - boot: log error in KernelOrOsRebootRequired
+ - interfaces: remove old API
+ - interfaces: use udev spec
+ - interfaces: convert systemd backend to new APIs
+ - osutil: add BootID
+ - tests: move docker test to new nightly suite
+ - interfaces/mount: compute mount changes required to transition
+ mount profiles
+ - data/selinux: add context definition for snapctl
+ - overlord: clean up organization under state packages
+ - overlord: make sure all managers packages have *state.go with the
+ main state manipulation/query APIs
+ - interfaces: use spec in the dbus backend
+ - store: download from authenticated URL if there is a device
+ session set
+ - tests: remove core_name variable
+ - interfaces: rename thumbnailer to thumbnailer-service
+ - interfaces: add chroot to base templates
+ - asserts: remove some unused things
+ - systemd: mount the squashfs with nodev
+ - overlord: when shutting down assume errors might be due to
+ cancellation so retry
+ - cmd: rename all unit tests to $command/unit-test
+ - cmd/snap: fix help string for version command
+ - asserts: don't allow revocations with other items for the same
+ developer
+ - tests: skip lp-1644439 test on older kernels
+ - interfaces: allow "sync" to be used by core support
+ - assertstate,snapstate: have assertstate.AutoAliases use the
+ "aliases" header
+ - interfaces: allow writing config.txt.tmp in the core-support
+ interface
+ - tests: adjust network-bind test
+ - interfaces: dbus backend spec
+ - asserts: introduce a snap-declaration "aliases" header to list
+ auto aliases with explicit targets
+ - cmd: enable large file support
+ - cmd/snap: handle missing snap-confine
+ - cmd/snap-confine: re-associate with pid-1 mount namespace if
+ required
+ - cmd/libsnap: make mountinfo structures public
+ - tests: fix interfaces-cups-control for zesty
+ - misc: revert "Log if the system goes into ForceDevMode"
+ - interfaces: seccomp tests cleanup
+ - cmd: validate SNAP_NAME
+ - interfaces: log if the system goes into ForceDevMode
+ - tests: fix classic-ubuntu-core-transition race
+ - interfaces: use apparmor spec in the apparmor backend
+ - interfaces: alphabetize framebuffer in base decl and add it to
+ all_test.go
+ - tests: add ubuntu-core-16-32 system to the external backend and
+ fix docker test
+ - cmd/libsnap: simplify sc_string_quote default case
+ - osutil: fix double expand in environment map code and add test
+ - interfaces: extend location-control out-of-process provider
+ support
+ - cmd/snap-update-ns: use bidirectional lists for mount entries
+ - tests: prevent automatic transition before setting the initial
+ state of the test
+ - release: detect if we are in ForcedDevMode by inspecting the
+ kernel
+ - tests: add core-snap-refresh test
+ - interfaces: add maliit input method interface
+ - interfaces: seccomp spec API tweaks for better tests
+ - interfaces: updates for mir-kiosk in browser-support, mir, opengl,
+ unity7
+ - testutils: address review feedback from PR#2997
+ - tests: specify the core version to be unsquashfs'ed in the
+ failover tests
+ - interfaces: use MockInfo in tests
+ - cmd/libsnap: add sc_quote_string
+ - cmd/snap-confine: use sc_do_umount everywhere
+ - interfaces: add unity8 plug permissions
+ - timeutil: a few helpers for the recurring events
+ - asserts: implement snap-developer type
+ - partition: deal with grub{,2}-editenv in tests
+ - many: add new (hidden) `snap debug ensure-state-soon` command and
+ use in tests
+ - interfaces/builtin: small refactor of dbus tests
+ - packaging, tests: use "systemctl list-unit-files --full"
+ everywhere
+ - many: some opensuse patches that are ready to go into master
+ - packaging: add opensuse permissions files
+ - client, daemon: move "snap list" name filtering into snapd.
+ - interfaces: use seccomp specs
+ - overlord/snapstate: small cleanup of
+ ensureForceDevmodeDropsDevmodeFromState
+ - interfaces/builtin/alsa: add read access to alsa state dir
+ - interfaces: use spec in kmod backend, updated firewall_control,
+ openvswitch_support, ppp
+ - cmd/snap-confine: use sc_do_mount everywhere
+ - tests: remove workaround for docker again, snap-declaration is
+ fixed now
+ - interfaces: interface to allow autopilot introspection
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Tue, 11 Apr 2017 13:31:46 +0200
+
+snapd (2.23.6) xenial; urgency=medium
+
+ * New upstream release, LP: #1673568
+ - cmd: use the most appropriate snap/snapctl sockets
+ - tests: fix interfaces-cups-control for zesty
+ - configstate,hookstate: timeout the configure hook after 5 mins,
+ report failures
+ - packaging: rename the file shipping snap-confine AA profile to
+ workaround dpkg bug #858004
+ - many: ignore configure hook failures on core refresh to ensure
+ upgrades are always possible
+ - snapstate: restart as needed if we undid unlinking aka relinked
+ core or kernel snap
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Wed, 29 Mar 2017 15:30:35 +0200
+
+snapd (2.23.5) xenial; urgency=medium
+
+ * New upstream release, LP: #1673568
+ - allow "sync" in core-support
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Fri, 17 Mar 2017 18:13:43 +0100
+
+snapd (2.23.4) xenial; urgency=medium
+
+ * New upstream release, LP: #1673568
+ - fix core-support interface for the new pi-config options
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Fri, 17 Mar 2017 16:05:57 +0100
+
+snapd (2.23.3) xenial; urgency=medium
+
+ * FTBFS due to missing files in vendor/
+
+ -- Zygmunt Krynicki <zygmunt.krynicki@canonical.com> Thu, 16 Mar 2017 19:56:55 +0100
+
+snapd (2.23.2) xenial; urgency=medium
+
+ * New upstream release, LP: #1673568
+ - cmd/snap: handle missing snap-confine (#3041)
+
+ -- Zygmunt Krynicki <zygmunt.krynicki@canonical.com> Thu, 16 Mar 2017 19:38:24 +0100
+
+snapd (2.23.1) xenial; urgency=medium
+
+ * New upstream release, LP: #1665608
+ - packaging, tests: use "systemctl list-unit-files --full"
+ everywhere
+ - interfaces: fix default content attribute value
+ - tests: do not nuke the entire snapd.conf.d dir when changing
+ store settings
+ - hookstate: run the right "snap" command in the hookmanager
+ - snapstate: revert PR#2958, run configure hook again everywhere
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Wed, 08 Mar 2017 14:29:56 +0100
+
+snapd (2.23) xenial; urgency=medium
+
+ * New upstream release, LP: #1665608
+ - overlord: phase 2 with 2nd setup-profiles and hook done after
+ restart for core installation
+ - data: re-add snapd.refresh.{timer,service} with weekly schedule
+ - interfaces: allow 'getent' by default with some missing dbs to
+ various interfaces
+ - overlord/snapstate: drop forced devmode
+ - snapstate: disable running the configure hook on classic for the
+ core snap
+ - ifacestate: re-generate apparmor in InterfaceManager.initialize()
+ - daemon: DevModeDistro does not imply snapstate.Flags{DevMode:true}
+ - interfaces/bluez,network-manager: implement ConnectedSlot policy
+ - cmd: add helpers for mounting / unmounting
+ - snapstate: error in LinkSnap() if revision is unset
+ - release: add linuxmint 18 to the non-devmode distros
+ - cmd: fixes to run correctly on opensuse
+ - interfaces: consistently use 'const' instead of 'var' for security
+ policy
+ - interfaces: miscellaneous policy updates for unity7, udisks2 and
+ browser-support
+ - interfaces/apparmor: compensate for kernel behavior change
+ - many: only tweak core config if hook exists
+ - overlord/hookstate: don't report a run hook output error without
+ any context
+ - cmd/snap-update-ns: move test data and helpers to new module
+ - vet: fix vet error on mount test.
+ - tests: empty init (systemd) failover test
+ - cmd: add .indent.pro file to the tree
+ - interfaces: specs for apparmor, seccomp, udev
+ - wrappers/services: RemainAfterExit=yes for oneshot daemons w/ stop
+ cmds
+ - tests: several improvements to the nested suite
+ - tests: do not use core for "All snaps up to date" check
+ - cmd/snap-update-ns: add function for sorting mount entries
+ - httputil: copy some headers over redirects
+ - data/selinux: merge SELinux policy module
+ - kmod: added Specification for kmod security backend
+ - tests: failover test for rc.local crash
+ - debian/tests: map snapd deb pockets to core snap channels for
+ autopkgtest
+ - many: switch channels on refresh if needed
+ - interfaces/builtin: add /boot/uboot/config.txt access to core-
+ support
+ - release: assume higher version of supported distros will still
+ work
+ - cmd/snap-update-ns: add compare function for mount entries
+ - tests: enable docker test
+ - tests: bail out if core snap is not installed
+ - interfaces: use mount.Entry instead of string snippets.
+ - osutil: trivial tweaks to build ID support
+ - many: display kernel version in 'snap version'
+ - osutil: add package for reading Build-ID
+ - snap: error when `snap list foo` is run and no snap is installed
+ - cmd/snap-confine: don't crash if nvidia module is loaded but
+ drivers are not available
+ - tests: update listing test for latest core snap version update
+ - overlord/hookstate/ctlcmd: helper function for creating a deep
+ copy of interface attributes
+ - interfaces: add a linux framebuffer interface
+ - cmd/snap, store: change error messages to reflect latest UX doc
+ - interfaces: initial unity8 interface
+ - asserts: improved information about assertions format in the
+ Decode doc comment
+ - snapstate: ensure snapstate.CanAutoRefresh is nil in tests
+ - mkversion.sh: Add support for taking the version as a parameter
+ - interfaces: add an interface for use by thumbnailer
+ - cmd/snap-confine: ensure that hostfs is root owned.
+ - screen-inhibit-control: add methods for delaying screensavers
+ - overlord: optional device registration and gadget support on
+ classic
+ - overlord: make seeding work also on classic, optionally
+ - image,cmd/snap: refactoring and initial envvar support to use
+ stores needing auth
+ - tests: add libvirt interface spread test
+ - cmd/libsnap: add helper for dropping permissions
+ - interfaces: misc updates for network-control, firewall-control,
+ unity7 and default policy
+ - interfaces: allow recv* and send* by default, accept4 with accept
+ and other cleanups
+ - interfaces/builtin: add classic-support interface
+ - store: use xdelta3 from core if available and not on the regular
+ system
+ - snap: add contact: line in `snap info`
+ - interfaces/builtin: add network-setup-control which allows rw
+ access to netplan
+ - unity7: support missing signals and methods for status icons
+ - cmd: autoconf for RHEL
+ - cmd/snap-confine: look for PROCFS_SUPER_MAGIC
+ - dirs: use the right snap mount dir for the distribution
+ - many: differentiate between "distro" and "core" libexecdir
+ - cmd: don't reexec on RHEL family
+ - config: make helpers reusable
+ - snap-exec: support nested environment variables in environment
+ - release: add galliumos support
+ - interfaces/builtin: more path options for serial
+ - i18n: look into core snaps when checking for translations
+ - tests: nested image testing
+ - tests: add basic test for docker
+ - hookstate,ifacestate: support snapctl set/get slot and plug attrs
+ (step 3)
+ - cmd/snap: add shell completion to connect
+ - cmd: add functions to load/save fstab-like files
+ - snap run: create "current" symlink in user data dir
+ - cmd: autoconf for centos
+ - tests: add more debug if ubuntu-core-upgrade fails
+ - tests: increase service retries
+ - packaging/ubuntu-14.04: inform user how to extend PATH with
+ /snap/bin.
+ - cmd: add helpers for working with mount/umount commands
+ - overlord/snapstate: prepare for using snap-update-ns
+ - cmd: use per-snap mount profile to populate the mount namespace
+ - overlord/ifacestate: setup seccomp security on startup
+ - interface/seccomp: sort combined snippets
+ - release: don't force devmode on LinuxMint "serena"
+ - tests: filter ubuntu-core systems for authenticated find-private
+ test
+ - interfaces/builtin/core-support: Allow modifying logind
+ configuration from the core snap
+ - tests: fix "snap managed" output check and suppress output from
+ expect in the authenticated login tests
+ - interfaces: shutdown: also allow shutdown/reboot/suspend via
+ logind
+ - cmd/snap-confine-tests: reformat test to pass shellcheck
+ - cmd: add sc_is_debug_enabled
+ - interfaces/mount: add dedicated mount entry type
+ - interfaces/core-support: allow modifying systemd-timesyncd and
+ sysctl configuration
+ - snap: improve message after `snap refresh pkg1 pkg2`
+ - tests: improve snap-env test
+ - interfaces/io-ports-control: use /dev/port, not /dev/ports
+ - interfaces/mount-observe: add quotactl with arg filtering (LP:
+ #1626359)
+ - interfaces/mount: generate per-snap mount profile
+ - tests: add spread test for delta downloads
+ - daemon: show "$snapname (delta)" in progress when downloading
+ deltas
+ - cmd: use safer functions in sc_mount_opt2str
+ - asserts: introduce a variant of model assertions for classic
+ systems
+ - interfaces/core-support: allow modifying snap rsyslog
+ configuration
+ - interfaces: remove some syscalls already in the default policy
+ plus comment cleanups
+ - interfaces: miscellaneous updates for hardware-observe, kernel-
+ module-control, unity7 and default
+ - snap-confine: add the key for which hsearch_r fails
+ - snap: improve the error message for `snap try`
+ - tests: fix pattern and use MATCH in find-private
+ - tests: stop tying setting up staging store access to the setup of
+ the state tarball
+ - tests: add regression spread test for #1660941
+ - interfaces/default: don't allow TIOCSTI ioctl
+ - interfaces: allow nice/setpriority to 0-19 values for calling
+ process by default
+ - tests: improve debug when the core transition test hangs
+ - tests: disable ubuntu-core->core transition on ppc64el (its just
+ too slow)
+ - snapstate: move refresh from a systemd timer to the internal
+ snapstate Ensure()
+ - tests/lib/fakestore/refresh: some more info when we fail to copy
+ asserts
+ - overlord/devicestate: backoff between retries if the server seems
+ to have refused the serial-request
+ - image: check kernel/gadget publisher vs model brand, warn on store
+ disconnected snaps
+ - vendor: move gettext.go back to github.com/ojii/gettext.go
+ - store: retry on 502 http response as well
+ - tests: increase snap-service kill-timeout
+ - store,osutil: use new osutil.ExecutableExists(exe) check to only
+ use deltas if xdelta3 is present
+ - cmd: fix autogen.sh on fedora
+ - overlord/devicemgr: fix test: setup account-key before using the
+ key for signing
+ - cmd: add /usr/local/* to PATH
+ - cmd: add sc_string_append
+ - asserts: support for correctly suggesting format 2 for snap-
+ declaration
+ - interfaces: port mount backend to new APIs, unify content of per
+ app/hook profiles
+ - overlord/devicestate: implement policy about gadget and kernel
+ matching the model
+ - interfaces: allow sched_setscheduler again by default
+ - debian: update breaks/replaces for snap-confine->snapd
+ - debian: move the snap-confine packaging into snapd
+ - 14.04/integrationtests: rely on upstart to restart ssh.
+ - store: enable download deltas on classic by default
+ - spread: add unit suite
+ - snapctl: add config in client to disable auth and use it in
+ snapctl
+ - overlord/ifacestate: register all security backends with the
+ repository
+ - overlord,tests: have enable/disable affect security profiles
+ - tests: install ubuntu-core from the same channel as core
+ - overlord: move configstate.Transaction into config package
+ - seccomp-support.c: add PF_* domains which can be used instead of
+ AF_*
+ - store: always log retry summary when SNAPD_DEBUG is set
+ - tests: parameterize kernel snap channel
+ - snapenv: do not append ":" to the SNAP_LIBRARY_PATH
+ - interfaces/builtin: refine the content interface rules using $SLOT
+ - asserts,interfaces/policy: add support for
+ $SLOT()/$PLUG()/$MISSING in *-attributes constraintsThis adds
+ support for $SLOT(arg), $PLUG(arg) and $MISSING attribute
+ constraints in plugs and slots rules in snap-declarations:
+ - cmd/snap-confine: add snap-confine command line parser module
+ - tests: remove (some) garbage files found by restore cleanup
+ analysis
+ - cmd: fix issues uncovered by valgrind
+ - tests: fix typo in systems name
+ - cmd: collect string utilities in one module, add missing tests
+ - cmd: rename mountinfo to sc_mountinfo
+ - tests: allow to install snapd debs from a ppa instead of building
+ them
+ - spread: remove state tar on project restore
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Fri, 17 Feb 2017 12:21:42 +0100
+
+snapd (2.22.7) xenial; urgency=medium
+
+ * New upstream release:
+ - errtracker,overlord/snapstate: more info in errtracker reports
+ - interfaces/apparmor: compensate for kernel behavior change
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Fri, 24 Feb 2017 19:24:11 +0100
+
+snapd (2.22.6) xenial; urgency=medium
+
+ * New upstream release, LP: #1667105
+ - overlord/ifacestate: don't fail if affected snap is gone
+ - revert #2910: osutil: add package for reading Build-ID (#2918)
+ - errtracker: include the build-id of host and core snapd (#2912)
+ - errtracker: include the number of ubuntu-core -> core retries
+ (#2915)
+ - snapstate: retry ubuntu-core -> core transition every 6h (#2914)
+ - osutil: add package for reading Build-ID (#2910)
+ - errtracker: include kernel version in error reports (#2905)
+ - release: return "unknown" if uname fails
+ - many: rebased uname branch for 2.22
+ - errtracker: include snapd version in err reports
+ - overlord/ifacestate: don't unconditionally retry stuff (#2906)
+ - snapstate: fix incorrect cut of the timestamps for the error
+ reports (#2908)
+ - tests: update listing test for latest core snap version update
+
+ -- Zygmunt Krynicki <zygmunt.krynicki@canonical.com> Wed, 22 Feb 2017 23:34:23 +0100
+
+snapd (2.22.5) xenial; urgency=medium
+
+ * Fix FTBFS due to machine-id file
+
+ -- Zygmunt Krynicki <zygmunt.krynicki@canonical.com> Tue, 21 Feb 2017 09:43:42 +0100
+
+snapd (2.22.4) xenial; urgency=medium
+
+ * New bugfix release:
+ - errtracker: add support for error reporting via daisy.ubuntu.com
+ - snapstate: allow for 6 retries for the core transition
+ - httputils: ensure User-Agent works across redirects
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Tue, 21 Feb 2017 09:07:10 +0100
+
+snapd (2.22.3) xenial; urgency=medium
+
+ * New bugfix release, LP: #1665729:
+ - Limit the number of retries for the ubuntu-core -> core
+ transition to fix possible store overload.
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Fri, 17 Feb 2017 18:58:34 +0100
+
+snapd (2.22.2) xenial; urgency=medium
+
+ * New upstream release, LP: #1659522
+ - cherry pick fix for sched_setscheduler regression
+ (LP: #1661265)
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 02 Feb 2017 17:13:51 +0100
+
+snapd (2.22.1) xenial; urgency=medium
+
+ * New upstream release, LP: #1659522
+ - cherry pick fix for snapctl auth.json handling
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Wed, 01 Feb 2017 17:09:31 +0100
+
+snapd (2.22) xenial; urgency=medium
+
+ * New upstream release, LP: #1659522
+ - many: make ubuntu-core-launcher mostly go
+ - interfaces/builtin: add account-control interface
+ - interfaces/builtin: add missing syscalls to core-support needed
+ for systemctl
+ - interfaces/builtin: rework core-support to only allow full access
+ to systemctl
+ - debian/tests: drop stale autopkgtest dependencies.
+ - tests: make the debugging of c-unit-tests more useful
+ - store: retry auth-related requests
+ - tests: integration test for system reload
+ - snap: be more helpful in the `snap install <already-installed>`
+ error message
+ - tests: set SNAPPY_USE_STAGING_STORE in su call
+ - tests: use test snap
+ - spread: set SNAPD_DEBUG=1 in the core snap as well
+ - tests: add extra debugging to security-setuid-root test
+ - cmd,snap,wrappers: systemd reload command support
+ - interfaces: builtin: mir: Allow recv and send
+ - overlord/ifacestate: use ParseConnRef
+ - overlord/snapstate,overlord/ifacestate: add automatic ubuntu-core
+ -> core transition
+ - debian: remove aliases as well in snapd.postrm
+ - many: change interfaces.ParseID to return value
+ - interfaces/opengl: allow access to the nvidia abstract socket
+ - overlord, daemon: flag failures feature fancy forms.
+ - many: add --classic support to try and revert, and make missing
+ these things a little harder
+ - interfaces: allow reading non-PCI-attached usb devices via raw-usb
+ - many: rename snap-alter-ns to snap-update-ns
+ - interfaces/builtin: add core-support
+ - store: increase the retry.LimitTime()
+ - debian: move the packaging out into package/$id-$version_id
+ - overlord/stapstate: don't use unkeyed fields
+ - many: add stub implementation of snap-alter-ns
+ - asserts: improve error message when key is not valid at the given
+ time
+ - snapstate, ifacestate: add snapstate.CheckChangeConflict() to
+ ifacestate.{Connect,Disconnect}
+ - debian: remove trusty specific bits
+ - docs: Add a note about building snapd.
+ - interfaces: miscellaneous updates for default and network-control
+ - daemon: bubble out store.ErrSnapNotFound in the findOne codepath
+ - store: add retry logging into download as well
+ - snap: show price in `snap info`
+ - cmd: add fault injection support code
+ - interfaces: network-manager: allow rw access to /etc/netplan
+ - debian: move systemd files out of ./debian and into ./data/systemd
+ - asserts: implement SuggestFormat to help avoid specifying the
+ wrong format iteration for an assertion
+ - many: detect potentially insecure use of snap-confine
+ - interfaces: allow querying added security backends
+ - cmd: ensure that all .c files have a -test.c file
+ - asserts: don't use 'context' for the path of attributes, want to
+ reuse the concept for something else
+ - interfaces: abbreviate ConnRef construction
+ - tests: ensure systemd override directory is available before using
+ it
+ - cmd: more build system cleanups and a small fix
+ - tests: increase retries for service up
+ - cmd: move seccomp cleanup function to seccomp-support
+ - many: auto-connect plugs and slots symmetrically
+ - overlord: use a ticker for the pruning
+ - interfaces/builtin: add uhid interface
+ - cmd/snap-confine: add shutdown helper
+ - tests: fix path used when debugging
+ - cmd: switch to non-recursive make
+ - overlord/ifacestate: setup security of snaps affected by auto-
+ connection
+ - spread: refresh apt cache before first install
+ - overlord: allow max 500 changes in "ready" state to avoid growing
+ changes for 24h
+ - snap: add {Plug,Slot}Info.SecurityTags
+ - cmd: move snap-discard-ns to dedicated directory
+ - tests: skip i18n test when no "snappy.mo" file is available
+ - interfaces,overlord/ifacestate: small refactor around reference
+ methods
+ - tests: remove the snapd dirs last (should fix random test errors)
+ - interfaces: mm: permissions for protocol proxies
+ - interfaces/builtin: add evolution interfaces
+ - many: extract the logging http client and user-agent handling for
+ use in devicestate
+ - interfaces: unity8-download-manager is the chosen name for this
+ interface.
+ - tests: add "quiet" wrapper function that only prints output on
+ failure
+ - tests: fix failing snapd-reexec test
+ - docs: simplify HACKING.md that snapd itself supports setting up
+ the sockets
+ - overlord: flag required-snaps from model as required and prevent
+ removing them
+ - spread: exclude .o and .a files
+ - tests: parameterize remote store
+ - cmd: fix hardcoded paths to rst2man and support rst2man.py
+ - tests: improve debug output when reexec is used
+ - tests: disable ipv6 before unpacking delta
+ - interfaces: add new interface API
+ - tests: change TRUST_TEST_KEYS to be controlled from the host
+ - spread: add boilerplate for Linode delta uploads
+ - wrappers: add support for the X-Ayatana-Desktop-Shortcuts=
+ extension
+ - partition: add support for native grubenv read/write and use it
+ - tests: add test ensuring manual pages are shipped
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Fri, 27 Jan 2017 23:18:57 +0100
+
+snapd (2.21-2) unstable; urgency=medium
+
+ * Modify snap-confine's apparmor rules to work on Debian when apparmor is
+ enabled on the kernel command line.
+
+ -- Michael Hudson-Doyle <michael.hudson@ubuntu.com> Wed, 25 Jan 2017 10:26:51 +1300
+
+snapd (2.21-1) unstable; urgency=medium
+
+ * New upstream release.
+ * Disable i18n so the package can build in stretch without new packages.
+
+ -- Michael Hudson-Doyle <michael.hudson@ubuntu.com> Mon, 16 Jan 2017 11:15:32 +1300
+
+snapd (2.21) xenial; urgency=medium
+
+ * New upstream release, LP: #1656382
+ - daemon: re-enable reexec
+ - interfaces: allow reading installed files from previous revisions
+ by default
+ - daemon: make activation optional
+ - tests: run all snap-confine tests in c-unit-tests task
+ - many: fix abbreviated forms of disconnect
+ - tests: switch more tests to MATCH
+ - store: export userAgent. daemon: print store.UserAgent() on
+ startup.
+ - tests: test classic confinement `snap list` and `snap info`
+ output
+ - debian: skip snap-confine unit tests on nocheck
+ - overlord/snapstate: share code between Update and UpdateMany, so
+ that it deals with auto-aliases correctly
+ - interfaces: upower-observe: refactor to allow snaps to provide a
+ slot
+ - tests: add end-to-end store test for classic confinement
+ - overlord,overlord/snapstate: have UpdateMany retire/enable auto-
+ aliases even without new revision
+ - interfaces/browser-support: add @{PROC}/@{pid}/fd/[0-9] w and misc
+ /run/udev
+ - interfaces/builtin: add physical-memory-* and io-ports-control
+ - interfaces: allow getsockopt by default since it is so commonly
+ used
+ - cmd/snap, daemon, overlord/snapstate: tests and fixes for "snap
+ refresh" of a classic snap
+ - interfaces: allow read/write access of real-time clock with time-
+ control interface
+ - store: request no CDN via a header using SNAPPY_STORE_NO_CDN
+ envvar
+ - snap: add information about tracking channel (not just actual
+ channel)
+ - interfaces: use fewer dot imports
+ - overlord/snapstate: remove restrictions on ResetAliases
+ - overlord, store: move confinement filtering to the overlord (from
+ The Store)
+ - many: move interface test helpers to ifacetest package
+ - many: implement 'snap aliases'
+ - vet: fix for unkeyed fields error on aliases_test.go
+ - interfaces: miscellaneous policy updates for network-control,
+ unity7, pulseaudio, default and home
+ - tests: test for auto-aliases
+ - interface hooks: connect plug slot hooks (step 2)
+ - cmd/snap: fix internal naming in snap connect
+ - snap: use "size" as the json tag in snap.ChannelSnapInfo
+ - tests: restore the missing initialization of iface manager causing
+ race
+ - snap: fix missing sizes in `snap info <remote-snap>`
+ - tests: improve cleanup for c-unit-tests
+ - cmd/snap-confine: build non-installed libsnap-confine-private.a
+ - cmd/snap-confine: small tweaks to seccomp support code
+ - interfaces/docker-support: allow /run/shm/aufs.xeno for 14.04
+ - many: obtain installed snaps developer/publisher username through
+ assertions
+ - store: setting of fields for details endpoint
+ - cmd/snap-confine: check for rst2man on configure
+ - snap: show `snap --help` output when just running `snap`
+ - interface/builtin: drop the obsolete checks in udisks2
+ SanitizeSlot
+ - cmd/snap: remove currency switch following UX review
+ - spread: find top-level directory before running generate-
+ packaging-dir
+ - interface hooks: prepare plug slot hooks (step 1)
+ - i18n: use github.com/mvo5/gettext.go (pure go) for i18n to avoid
+ cgo
+ - many: put a marker in the User-Agent sent by snapd/snap when under
+ testingThe User-Agent will look like:
+ - tests: fix -reuse and -resend when govendor is missing
+ - snap: provide friendlier `snap find` message when no snaps are
+ found
+ - tests: fix mkversions.sh failure on zesty
+ - spread: install build-essential unconditionally
+ - spread: improve qemu ubuntu-14.04-{32,64} support
+ - overlord/snapstate,daemon: implement GET /v2/aliases handling
+ - store: retry user info request
+ - tests: port more snap-confine regression tests
+ - tests: cancel the scheduled reboot on ubuntu-core-upgrade-no-gc
+ and restore state
+ - tests: debug zesty autopkgtest failures
+ - overlord/snapstate: use keyed fields on literals
+ - tests: use MATCH in install-remove-multi
+ - tests: increase wait time for service to be up
+ - tests: make debug-each succeed if DENIED doesn't match
+ - tests: skip packaging dir generation for non-git based autopkgtest
+ runs
+ - tests: port refresh-all-undo to MATCH
+ - tests: improve snap connect test
+ - tests: port additional snap-confine regression tests
+ - tests: show --version when it matches unknown
+ - tests: optionally use apt proxy for qemu
+ - tests: add hello-classic test
+ - many: behave more consistently when pointed to staging and
+ possibly the fake store
+ - overlord/ifacestate: remove stale comments
+ - interfaces/apparmor: ignore snippets in classic confinement
+ - tests: port first regression test from snap-confine
+ - cmd/snap-confine: disable old tests
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Fri, 13 Jan 2017 19:39:51 +0100
+
+snapd (2.20.1) xenial; urgency=medium
+
+ * New upstream release, LP: #1648520
+ - tests: enable the ppc64el tests again
+ - tests: add classic confinement test
+ - tests: run snap confine tests in debian/rules already
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Mon, 19 Dec 2016 11:53:29 +0100
+
+snapd (2.20-2) unstable; urgency=medium
+
+ * Replace unversioned Conflicts on snap package with versioned
+ Breaks/Replaces, now that snap has dropped /usr/bin/snap.
+ Closes: #849162.
+
+ -- Steve Langasek <vorlon@debian.org> Sun, 25 Dec 2016 17:50:25 -0600
+
+snapd (2.20-1) unstable; urgency=medium
+
+ * New upstream release.
+ * Update one test (cmd/snap/cmd_interfaces_test.go) to cope with the newer
+ golang-go-flags-dev in unstable.
+ * Explicitly include 'udev' in Build-Depends.
+ * Add tzdata to Build-Depends to avoid ftbfs. (Closes: #848754)
+
+ -- Michael Hudson-Doyle <michael.hudson@ubuntu.com> Mon, 19 Dec 2016 11:43:55 +1300
+
+snapd (2.20) xenial; urgency=medium
+
+ * New upstream release, LP: #1648520
+ - many: implement "snap alias --reset" using snapstate.ResetAliases
+ - debian: use a packaging branch for 14.04
+ - store: retry downloads on io.Copy errors and sha3 checksum errors
+ - snap: show apps in `snap info`
+ - store: send an explicit X-Ubuntu-Classic header to the store
+ - overlord/snapstate: implement snapstate.ResetAliases
+ - interfaces/builtin: add dbus interface
+ - tests: fix tests on 17.04
+ - store: use mocked retry strategy to make store tests faster
+ - overlord: apply auto-aliases information from the snap-declaration
+ on install or refresh
+ - many: prepare landing on trusty
+ - many: implement snap unalias using snapstate.Unalias
+ - overlord/snapstate: fixing the placement/grouping of some
+ functions
+ - interfaces: support network namespaces via 'ip netns' in network-
+ control
+ - interfaces/builtin: fix pulseaudio apparmor rules
+ - interfaces/builtin: add iio interface
+ - tests: update custom core snap with the freshly build snap-confine
+ - interfaces: use sysd.{Disable,Stop} instead of sysd.DisableNow()
+ - overlord,overlord/snapstate: implement snapstate.Unalias by
+ generalizing the "alias" task
+ - interfaces: misc openstack snap enablement
+ - cmd/snap: mock terminal.ReadPassword instead of using /dev/ptmx
+ - notifications, daemon: kill the unsupported events endpoint
+ - client: only allow Dangerous option in InstallPath
+ - overlord/ifacestate: no interface checks if no snap id
+ - many: implement alias command
+ - snap: tweak snap install output as designed by Mark
+ - debian: fix Pre-Depends on dpkg
+ - tests: check if snap-confine --version is unknown
+ - cmd/snap-confine: allow content interface mounts
+ - tests: remove ppa:snappy-dev/image again
+ - interfaces/apparmor: allow access to core snap
+ - tests: remove snap-confine/ubuntu-core-launcher after the tests
+ - overlord,overlord/snapstate: implement snapstate.Alias
+ - cmd/snap: reject "snap disconnect foo"
+ - debian: add split ubuntu-core-launcher and snap-confine packages
+ - cmd: fix mkversion.sh and add regression test
+ - overlord/snapstate: setup/remove aliases as we link/unlink snaps
+ - cmd/snap,tests: alias support in snap run
+ - snap/snapenv: don't obscure HOME if snap uses classic confinement
+ - store: decode response.Body json inside retry loops
+ - cmd/snap-confine: fix compilation on platforms with gcc < 4.9.0
+ - vendor: update tomb package fixing context support
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 15 Dec 2016 22:07:08 +0100
+
+snapd (2.19) xenial; urgency=medium
+
+ * New upstream release, LP: #1648520
+ - cmd/snap-confine: disable support for XDG_RUNTIME_DIR
+ - cmd/snap-confine/tests: fix stale path after move to snapd
+ - cmd/snap-confine: don't use __attribute__((nonull))
+ - snap: add description to `snap info`
+ - snap: show last refresh time
+ - store: switch default delta format from xdelta to xdelta3
+ - interfaces: fix system-observe interface to work with ps_mem
+ - debian: add missing ca-certificates dependency
+ - cmd/snap-confine: add support for classic confinement
+ - snapstate/backend: add backend methods to manage aliases
+ - tests: re-enable snap-confine unit tests via spread
+ - many: merge snap-confine into snapd
+ - many: add support for classic confinement
+ - snap: abort install with ctrl+c
+ - cmd/snap: change terms accept URL following UX review
+ - interfaces/apparmor: use distinct apparmor template for classic
+ - snap: add snap size to `snap info`
+ - interfaces: add unconfined access to modem-manager
+ - snap: support for parsing and exposing on snap.Info aliases
+ - debian: disable autopkgtests on ppc64el
+ - snap: disable support for socket activation
+ - tests: fix incorrect restore of the current symlink
+ - asserts: introduce auto-aliases header in snap-declaration
+ - interfaces/seccomp: add support for classic confinement
+ - tests: do not use external snaps
+ - daemon: close the dup()ed file descriptor to not leak it
+ - overlord, daemon, progress: enable building snapd without CGO
+ - daemon, store: let snap info find things in any channel
+ - store: retry tweaks and logging
+ - snap: Improve `snap --help` output as designed by Mark
+ - interfaces/builtin: fix incorrect udev rule in i2c
+ - overlord: increase test timeout and improve failure message
+ - snap: remove unused experimental command
+ - debian: remove unneeded conflict against the "snappy" package
+ - daemon, strutil: move daemon.quotedNames to strutil.Quoted
+ - docs: document SNAP_DEBUG_HTTP in HACKING.md
+ - cmd/snap: have some completers
+ - snap: support "daemon: notify" in snap.yaml
+ - snap: fix try command when daemon linie is added
+ - interfaces: apparmor support for classic confinement
+ - debian/rules: build with -buildoptions=pie
+ - tests: include /boot in saved state (including bootenv and any
+ kernels)
+ - daemon: ensure `snap try` installs core if it's missing
+ - tests: save/restore /snap/core/current symlink
+ - tests: decrease the number of expected featured apps
+ - tests: add set -e to the prepare ssh script
+ - cmd/snap: add tests for section completion; fix bugs.
+ - cmd/snap: document 'snap list --all'
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 08 Dec 2016 16:16:04 +0100
+
+snapd (2.18.1) xenial; urgency=medium
+
+ * New upstream release, LP: #1644625
+ - daemon: fix crash when `snap refresh` contains a single update
+ - fix unhandled error from io.Copy() in download()
+ - interfaces/builtin: fix incorrect udev rule in i2c
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Mon, 05 Dec 2016 15:04:13 +0100
+
+snapd (2.18) xenial; urgency=medium
+
+ * New upstream release, LP: #1644625
+ - store: retry on io.EOF
+ - tests: skip pty tests on ppc64el and powerpc
+ - client, cmd/snap: introducing "snap info"
+ - snap: do exit 0 on install/remove if that snap is already
+ installed or already removed
+ - snap: add `snap watch <change-id>` to attach to a running change
+ - store: retry downloads using retry loop
+ - snap: try doesn't require snap-dir when run in snap's directory
+ - daemon: show what will change in the "refresh-all" changes
+ - tests: disable autorefresh for the external backend
+ - snap: add `snap list -a` to show all snaps (even inactive ones)
+ - many: unify boolean env var handling
+ - overlord/ifacestate: don't setup jailmode snaps with devmode
+ confinement
+ - snapstate: do not garbage collect the snaps used by the bootenv
+ - debian: drop hard xdelta dependency for now
+ - snap: make `snap login` ask for email if not given as argument
+ - osutil: fix build on armhf (arm in go-arch) and powerpc (ppc in
+ go-arch)
+ - many: rename DevmodeConfinement to DevModeConfinement
+ - store: resp.Body.Close() missing in ReadyToBuy
+ - many: use ConfinementOptions instead of ConfinementType
+ - snap, daemon, store: fake the channel map in the REST API
+ - misc: run github.com/gordonklaus/ineffassign as part of the static
+ checks
+ - docs: add goreportcard badge and remove coveralls badge
+ - tests: force gofmt -s in static checks
+ - many: run gofmt -s -w on all the code
+ - store: DRY actual retry code
+ - many: fix various errors uncovered by goreportcard.com
+ - interfaces/builtin: allow additional shared memory for webkit
+ - many: some more missing snapState->snapst
+ - asserts: introduce an optional freeform display-name for model
+ - interfaces/builtin: rename usb-raw to raw-usb
+ - progress: init pbar with correct total value
+ - daemon/api.go: add quotedNames() helper
+ - interfaces: add ConfinementOptions type
+ - tests: add a test about the extra bits that prepare-device can
+ specify for device registration
+ - tests: check that gpio device nodes are exported after reboot
+ - tests: parameterize core channel with env var for classic too
+ - many: rename variable "ss" to "snapsup" or "snapst" or "st"
+ (depending on context)
+ - tests: do not use external snaps in spread
+ - store: retry buy request
+ - store: retry store.Find
+ - store: retry assertion store call
+ - store: retry call for snap details
+ - many: use snap.ConfinementType rather than bool devmode
+ - daemon: if a bad snap is posted it is not an internal error but a
+ bad request
+ - client: add "Snap.Screenshots" to the client API
+ - interfaces: update base declaration documentation and policy for
+ on-classic and snap-type
+ - store: check payment method before TOS for a better UX
+ - interfaces: allow sched_setaffinity in process-control
+ - tests: parameterize core channel with env var
+ - tests: ensure that the XDG_ env contains at least XDG_RUNTIME_DIR
+ - interfaces: fcitx also listens on the session bus for Qt apps
+ - store: retry ListRefresh
+ - snap: use "Password of <email>:" in the `snap login`
+ - many: reshuffle how we load/inject tests keys so image doesn't
+ need assertstate anymore
+ - store: use range requests if we have a local file already
+ - dirs,interfaces,overlord,snap,snapenv,test: export per-snap
+ XDG_RUNTIME_DIR per user
+ - osutil: make RealUser only look at SUDO_USER when uid==0
+ - tests: do not use the ppa:snappy-dev/image in the tests
+ - store: retry readyToBuy request
+ - tests: increase `expect` timeouts
+ - static tests: add spell check
+ - tests: add debug to all flaky expect tests
+ - systemd: correct the mount arguments when mounting with squashfuse
+ - interfaces: add avahi-observe
+ - store: bring delta downloads back
+ - interfaces: add alsa
+ - interfaces/builtin: fix a broken test that snuck into master
+ - osutil: add chattr funcs
+ - image: init "snap_mode" on image creation time to avoid ugly
+ messages
+ - tests: test-snapd-fuse-consumer needs python-fuse as a build-
+ package
+ - interfaces/builtin: add i2c interface
+ - interfaces: add ofono interface
+ - tests: do not use hello-world in our tests
+ - snap: add support for classic confinement
+ - interfaces: remove LegacyAutoConnect() from the interfaces
+ - interfaces: miscellaneous policy updates
+ - tests: run autopkgtests in the autopkgtest.ubuntu.com
+ infrastructure
+ - Implement lxd-client interface exposing the lxd snap
+ - asserts: validate optional account username
+ - many: remove unnecessary snap name parameter from buying endpoint
+ - tests: do not hardcode the size of /dev/ram0
+ - tests: add test that ensures the right content for /etc/os-release
+ - spread tests: fix snap mode check
+ - docs: fix path for source files location in HACKING.md
+ - interfaces/builtin/mir: allow slot to make recvfrom syscalls
+ - store: sections/featured snaps store support
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 24 Nov 2016 19:43:08 +0100
+
+snapd (2.17.1) xenial; urgency=medium
+
+ * New upstream release, LP: #1637215:
+ - release: os-release on core has changed
+ - tests: /dev/ptmx does not work on powerpc, skip here
+ - docs: moved to github.com/snapcore/snapd/wiki (#2258)
+ - debian: golang is not installable on powerpc, use golang-any
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Fri, 04 Nov 2016 18:13:10 +0200
+
+snapd (2.17) xenial; urgency=medium
+
+ * New upstream release, LP: #1637215:
+ - overlord/ifacestate: add unit tests for undo of setup-snap-
+ security (#2243)
+ - daemon,overlord,snap,tests: download to .partial in final dir
+ (#2237)
+ - overlord/state: marshaling tests for lanes (#2245)
+ - overlord/state: introduce state lanes (#2241)
+ - overlord/snapstate: fix revert+refresh (#2224)
+ - interfaces/sytemd: enable/disable generated service units (#2229)
+ - many: fix incorrect security files generation on undo
+ - overlord/snapstate: add dynamic snapdX.Y assumes (#2227)
+ - interfaces: network-manager: give slot full read-write access to
+ /run/NetworkManager
+ - docs: update the name of the command for the cross-build
+ - overlord/snapstate: fix missing argument to Noticef
+ - snapstate: ensure gadget/core/kernel can not be disabled (#2218)
+ - asserts: limit to 1y only if len(models) == 0 (#2219)
+ - debian: only install share/locale if available (missing on
+ powerpc)
+ - overlrod/snapstate: fix revert followed by refresh to old-current
+ (#2214)
+ - interfaces/builtin: network-manager and bluez can change hostname
+ (#2204)
+ - snap: switch the auto-import dir to /run/snapd/auto-import
+ - docs: less details about cloud.cfg as requested in trello (#2206)
+ - spread.yaml: Ensure ubuntu user has passwordless sudo for
+ autopkgtests (#2201)
+ - interfaces/builtin: add dcdbas-control interface
+ - boot: do not set boot to try mode if the revision is unchanged
+ - interfaces: add shutdown interface (#2162)
+ - interfaces: add system-power-control interface
+ - many: use the new systemd backend for configuring GPIOs
+ - overlord/ifacestate: setup security for slots before plugs
+ - snap: spool assertion candidates if snapd is not up yet
+ - store,daemon,overlord: download things to a partials dir
+ - asserts,daemon: implement system-user-authority header/concept
+ - interfaces/builtin: home base declaration rule using on-classic
+ for its policy
+ - interfaces/builtin: finish decl based checks
+ - asserts: bump snap-declaration to allow signing with new-style
+ plugs and slots
+ - overlord: checks for kernel installation/refresh based on model
+ assertion and previous kernel
+ - tests/lib/fakestore: fix logic to distinguish assertion not found
+ errors
+ - client: add a few explicit error types (around the request cycle)
+ - tests/lib/fakestore/cmd/fakestore: make it log, and fix a typo
+ - overlord/snapstate: two bugs for one
+ - snappy: disable auto-import of assertions on classic (#2122)
+ - overlord/snapstate: move trash cleanup to a cleanup handler
+ (#2173)
+ - daemon: make create-user --known fail on classic without --force-
+ managed (#2123)
+ - asserts,interfaces/policy: implement on-classic plug/slot
+ constraints
+ - overlord: check that the first installed gadget matches the model
+ assertion
+ - tests: use the snapd-control-consumer snap from the store
+ - cmd/snap: make snap run not talk to snapd for finding the revision
+ - snap/squashfs: try to hard link instead of copying. Also, switch
+ to osutil.CopyFile for cp invocation.
+ - store: send supported max-format when retrieving assertions
+ - snapstate, devicestate: do not remove seed
+ - boot,image,overlord,partition: read/write boot variables in single
+ operation
+ - tests: reenable ubuntu-core tests on qemu
+ - asserts,interfaces/policy: allow OR-ing of subrule constraints in
+ plug/slot rules
+ - many: move from flags as ints to flags as structs-of-bools (#2156)
+ - many: add supports for keeping and finding assertions with
+ different format iterations
+ - snap: stop using ubuntu-core-launcher, use snap-confine
+ - many: introduce an assertion format iteration concept, refuse to
+ add unsupported assertion
+ - interfaces: tweak wording and comment
+ - spread.yaml: dump apparmor denials on spread failure
+ - tests: unflake ubuntu-core-reboot (#2150)
+ - cmd/snap: tweak unknown command error message (#2139)
+ - client,daemon,cmd: add payment-declined error kind (#2107)
+ - cmd/snap: update remove command help (#2145)
+ - many: removed frameworks target and fixed service files (#2138)
+ - asserts,snap: validate attributes to a JSON-compatible type subset
+ (#2140)
+ - asserts: remove unused serial-proof type
+ - tests: skip auto-import tests on systems without test keys (#2142)
+ - overlord/devicestate: don't spam the debug log on classic (#2141)
+ - cmd/snap: simplify auto-import mountinfo parsing (#2135)
+ - tests: run ubuntu-core upgrades on isolated machine (#2137)
+ - overlord/devicestate: recover seeding from old external approach
+ (#2134)
+ - overlord: merge overlord/boot pkg into overlord/devicestate
+ (#2118)
+ - daemon: add postCreateUserSuite test suite (#2124)
+ - tests: abort tests if an update process is scheduled (#2119)
+ - snapstate: avoid reboots if nothing in the boot setup has changed
+ (#2117)
+ - cmd/snap: do not auto-import from loop or non-dev devices (#2121)
+ - tests: add spread test for `snap auto-import` (#2126)
+ - tests: add test for auto-mount assertion import (#2127)
+ - osutil: add missing unit tests for IsMounted (#2133)
+ - tests: check for failure creating user on managed ubuntu-core
+ systems (#2096)
+ - snap: ignore /dev/loop addings from udev (#2111)
+ - tests: remove snapd.boot-ok reference (#2109)
+ - tests: enable tests related to the home interface in all-snaps
+ (#2106)
+ - snapstate: only import defaults from gadget on install (#2105)
+ - many: move firstboot code into the snapd daemon (#2033)
+ - store: send correct JSON type of string for expected payment
+ amount (#2103)
+ - cmd/snap: rename is-managed to managed and tune (#2102)
+ - interfaces,overlord/ifacestate: initial cleaning up of no arg
+ AutoConnect related bits (#2090)
+ - client, cmd: prompt for password when buying (#2086)
+ - snapstate: fix hanging `snap remove` if snap is no longer mounted
+ - image: support gadget specific cloud.conf file (#2101)
+ - cmd/snap,ctlcmd: fix behavior of snap(ctl) get (#2093)
+ - store: local users download from the anonymous url (#2100)
+ - docs/hooks.md: fix typos (#2099)
+ - many: check installation of slots and plugs against declarations
+ - docs: fix missing "=" in the systemd-active docs
+ - store: do not set store auth for local users (#2092)
+ - interfaces,overlord/ifacestate: use declaration-based checking for
+ auto-connect (#2071)
+ - overlord, daemon, snap: support gadget config defaults (#2082)The
+ main semantic changes are:
+ - tests: fix snap-disconnect tests after core rename (#2088)
+ - client,daemon,overlord,cmd: add /v2/users and create-user on auto-
+ import (#2074)
+ - many: abbreviated forms of disconnect (#2066)
+ - asserts: require lowercase model until insensitive matching is
+ ready (#2076)
+ - cmd/snap: add version command, same as --version (#2075)
+ - all: use "core" by default but allow "ubuntu-core" still (#2070)
+ - overlord/devicestate, docs/hooks.md: nest prepare-device
+ configuration options
+ - daemon: fix login API to return local macaroons (#2078)
+ - daemon: do not hardcode UID in userLookup (#2080)
+ - client, cmd: connect fixes (#2026)
+ - many: preparations for switching most of autoconnect to use the
+ declarationsfor now:
+ - overlord/auth: update CheckMacaroon to verify local snapd
+ macaroons (#2069)
+ - cmd/snap: trivial auto-import and download tweaks (#2067)
+ - interfaces: add repo.ResolveConnect that handles name resolution
+ - interfaces/policy: introduce InstallCandidate and its checks
+ - interfaces/policy,overlord: check connection requests against the
+ declarations in ifacestate
+ - many: setup snapd macaroon for local users (#2051)Next step: do
+ snapd macaroons verification.
+ - interfaces/policy: implement snap-id/publisher-id checks
+ - many: change Connect to take ConnRef instead of strings (#2060)
+ - snap: auto mount block devices and import assertions (#2047)
+ - daemon: add `snap create-user --force-managed` support (#2041)
+ - docs: remove references to removed buying features (#2057)
+ - interfaces,docs: allow sharing SNAP{,_DATA,_COMMON} via content
+ iface (#2063)
+ - interfaces: add Plug/Slot/Connection reference helpers (#2056)
+ - client,daemon,cmd/snap: improve create-user APIs (#2054)
+ - many: introduce snap refresh --ignore-validation <snap> to
+ override refresh validation (#2052)
+ - daemon: add support for `snap create-user --known` (#2040)
+ - interfaces/policy: start of interface policy checking code based
+ on declarations (#2050)
+ - overlord/configstate: support nested configuration (#2039)
+ - asserts,interfaces/builtin,overlord/assertstate: introduce base-
+ declaration (#2037)
+ - interfaces: builtin: Allow writing DHCP lease files to
+ /run/NetworkManager/dhcp (#2049)
+ - many: remove all traces of the /v2/buy/methods endpoint (#2045)
+ - tests: add external spread backend (#1918)
+ - asserts: parse the slot rules in snap-declarations (#2035)
+ - interfaces: allow read of /etc/ld.so.preload by default for armhf
+ on series 16 (#2048)
+ - store: change purchase to order and store clean up first pass
+ (#2043)
+ - daemon, store: switch to new store APIs in snapd (#2036)
+ - many: add email to UserState (#2038)
+ - asserts: support parsing the plugs stanza i.e. plug rules in snap-
+ declarations (#2027)
+ - store: apply deltas if explicitly enabled (#2031)
+ - tests: fix create-key/snap-sign test isolation (#2032)
+ - snap/implicit: don't restrict the camera iface to classic (#2025)
+ - client, cmd: change buy command to match UX document (#2011)
+ - coreconfig: nuke it. Also, ignore po/snappy.pot. (#2030)
+ - store: download deltas if explicitly enabled (#2017)
+ - many: allow use of the system user assertion with create-user
+ (#1990)
+ - asserts,overlord,snap: add prepare-device hook for device
+ registration (#2005)
+ - debian: adjust packaging for trusty/deputy systemd (#2003)
+ - asserts: introduce AttributeConstraints (#2015)
+ - interface/builtin: access system bus on screen-inhibit-control
+ - tests: add firewall-control interface test (#2009)
+ - snapstate: pass errors from ListRefresh in updateInfo (#2018)
+ - README: add links to IRC, mailing list and social media (#2022)
+ - docs: add `configure` hook to hooks list (#2024)LP: #1596629
+ - cmd/snap,configstate: rename apply-config variables to configure.
+ (#2023)
+ - store: retry download on 500 (#2019)
+ - interfaces/builtin: support time and date settings via
+ 'org.freedesktop.timedate1 (#1832)
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Wed, 02 Nov 2016 01:17:36 +0200
+
+snapd (2.16-1) unstable; urgency=medium
+
+ [ Michael Hudson-Doyle ]
+ * New upstream release.
+ * Import gopkg.in/cheggaaa/pb.v1 rather than github.com/cheggaaa/pb.
+ * Switch to unconditional conflict against `snap` (Closes: #826884)
+ * Update Vcs-Git and Vcs-Browser to point to alioth.
+
+ [ Steve Langasek ]
+ * Remove govendor from gbp.conf, and import Ubuntu tarball as our
+ orig.tar.gz (switching our packaging to non-native).
+ * Add Uploaders.
+ * Drop lintian overrides not used in Debian because we dynamically link
+ against golang-yaml.v2.
+ * Bump standards-version, no changes required.
+ * Add/fix various lintian overrides.
+
+ -- Steve Langasek <vorlon@debian.org> Wed, 02 Nov 2016 12:14:52 +0000
+
+snapd (2.16) xenial; urgency=medium
+
+ * New upstream release, LP: #1628425
+ - overlord/state: prune old empty changes
+ - interfaces: ppp: load needed kernel module (#2007)
+ - interfaces/builtin: add missing rule to allow run-parts to
+ execute all resolvconf scripts
+ - many: rename apply-config hook to configure
+ - tests: use new spread `debug` feature
+ - many: finish `snap set` API.
+ - overlord: fix and simplify configstate.Transaction
+ - assertions: add system-user assertion
+ - snap: add `snap known --remote`
+ - tests: replace systemd-run with on-the-fly generation of units.
+ - overlord/boot: switch to using assertstate.Batch
+ - snap, daemon, store: pass through screenshots from store
+ - image: add meta/gadget.yaml infrastructure
+ - tests: add test benchmark script
+ - daemon: add the actual ssh keys that got added to the create-user
+ response
+ - daemon: add REST API behind `snap get`
+ - debian: re-add golang-github-gosexy-gettext-dev
+ - tests: added install_local function
+ - interfaces/builtin: fix resolvconf permissions for network-manager
+ interface
+ - tests: use apt as compatible with trusty
+ - many: discard preserved namespace after removing snap
+ - daemon, overlord, store: add ReadyToBuy API to snapd
+ - many: add support for installing/removing multiple snaps
+ - progress: use New64 and fix output newline
+ - interfaces/builtin: allow network-manager to access netplan conf
+ files
+ - tests: build once and install test snap from cache
+ - overlord/state: introduce cleanup support
+ - snap: move/clarify Info.Broken
+ - ctlcmd: add snapctl get.
+ - overlord,store: clean up serial-proof plumbing code
+ - interfaces/builtin: add network-setup-observe interface
+ - daemon,overlord/assertstate: support streams of assertions with
+ snap ack
+ - snapd: kmod backend
+ - tests: ensure HOME is also set correctly
+ - configstate,hookstate: add snapctl set
+ - tests: disable broken create-key test
+ - interfaces: adjust bluetooth-control to allow getsockopt (LP:
+ #1613572)
+ - tests: add a test for core about device initialization and device
+ registration and auth
+ - many: show snap name before the download progress bar
+ - interfaces/builtin: add rcvfrom for client connected plugs to mir
+ interface
+ - asserts: support for maps in assertions
+ - tests: increase timeout for key generation in create-key test
+ - many: validate refreshes against validation assertions by gating
+ snaps
+ - interfaces/apparmor: allow 'm' in default policy for snap-exec
+ - many: avoid snap.InfoFromSnapYaml in tests
+ - interfaces/builtin: allow /dev/net/tun with network-control
+ - tests: add spread test for snap create-key/snap sign
+ - tests: add missing quotes in security-device-cgroups/task.yaml
+ - interfaces: drop ErrUnknownSecurity
+ - store: add "ready to buy" method
+ - snap/snapenv, tests: use root's data dirs when running via sudo
+ - interfaces/builtin: add initial docker interface
+ - snap: remove extra newline after progress is done
+ - docs: fix formating of HACKING.md "Testing snapd"
+ - store : add requestOptions.ExtraHeaders so that individual
+ requests can customise headers.
+ - many: use unique plug/slot names in tests
+ - tests: add tests for the classic dimension
+ - many: add vendoring of dependencies by default
+ - tests: use in-tree snap{ctl,-exec} for all tests
+ - many: support snapctl -h
+ - tests: adjust regex after changes in stat output
+ - store,snap: initial support for delta downloads
+ - interfaces/builtin: add run/udev/data paths to mir interface
+ - snap: lessen annoyance of implicit interface tests
+ - tests: ensure http{,s}_proxy is defined inside the fake-store
+ - interfaces: allow xdg-open in unity7, unity7 cleanups
+ - daemon,store: move store login user logic to store
+ - tests: replace realpath with readlink -f for trusty support.
+ - tests: add https_proxy into environment as well
+ - interfaces/builtin: allow mmaping pulseaudio buffers
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Wed, 28 Sep 2016 11:09:27 +0200
+
+snapd (2.15.2ubuntu1) xenial; urgency=medium
+
+ * New upstream release, LP: #1623579
+ - snap/snapenv, tests: use root's data dirs when running via sudo
+ (cherry pick PR: #1857)
+ - tests: add https_proxy into environment
+ (cherry pick PR: #1926)
+ - interfaces: allow xdg-open in unity7, unity7 cleanups
+ (cherry pick PR: #1946)
+ - tests: ensure http{,s}_proxy is defined inside the fake-store
+ (cherry pick PR: #1949)
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Wed, 21 Sep 2016 17:21:12 +0200
+
+snapd (2.15.2) xenial; urgency=medium
+
+ * New upstream release, LP: #1623579
+ - asserts: define a bit less terse Ref.String
+ - interfaces: disable auto-connect in libvirt interface
+ - asserts: check that validation assertions are signed by the
+ publisher of the gating snap
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Mon, 19 Sep 2016 10:42:29 +0200
+
+snapd (2.15.1) xenial; urgency=medium
+
+ * New upstream release, LP: #1623579
+ - image: ensure local snaps are put last in seed.yaml
+ - asserts: revert change that made the account-key's name mandatory.
+ - many: refresh all snap decls
+ - interfaces/apparmor: allow reading /etc/environment
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Mon, 19 Sep 2016 09:19:44 +0200
+
+snapd (2.15) xenial; urgency=medium
+
+ * New upstream release, LP: #1623579
+ - tests: disable prepare-image-grub test in autopkgtest
+ - interfaces: allow special casing for auto-connect until we have
+ assertions
+ - docs: add a little documentation on hooks.
+ - hookstate,daemon: don't mock HookRunner, mock command.
+ - tests: add http_proxy to /etc/environment in the autopkgtest
+ environment
+ - backends: first bits of kernel-module security backend
+ - tests: ensure openssh-server is installed in autopkgtest
+ - tests: make ubuntu-core tests more robust
+ - many: mostly work to support ABA upgrades
+ - cmd/snap: do runtime linting of descriptions
+ - spread.yaml: don't assume LANG is set
+ - snap: fix SNAP* environment merging in `snap run`
+ - CONTRIBUTING.md: remove integration-tests, include spread
+ - store: don't discard error body from request device session call
+ - docs: add create-user documentation
+ - cmd/snap: match UX document for message when buying without login
+ - firstboot: do not overwrite any existing netplan config
+ - tests: add debug output to ubuntu-core-update-rollback-
+ stresstest:
+ - tests/lib/prepare.sh: test that classic does not setting bootvars
+ - snap: run all tests with gpg2
+ - asserts: basic support for validation assertion and refresh-
+ control
+ - interfaces: miscellaneous policy updates for default, browser-
+ support and camera
+ - snap: (re)add --force-dangerous compat option
+ - tests: ensure SUDO_{USER,GID} is unset in the spread tests
+ - many: clean out left over references to integration tests
+ - overlord/auth,store: fix raciness in updating device/user in state
+ through authcontext and other issuesbonus fixes:
+ - tests: fix spread tests on yakkety
+ - store: refactor auth/refresh tests
+ - asserts: use gpg --fixed-list-mode to be compatible with both gpg1
+ and gpg2
+ - cmd/snap: i18n option descriptions
+ - asserts: required account key name header
+ - tests: add yakkety test host
+ - packaging: make sure debhelper-generated snippet is invoked on
+ postrm
+ - snap,store: capture newest digest from the store, make it
+ DownloadInfo only
+ - tests: add upower-observe spread test
+ - Merge github.com:snapcore/snapd
+ - tests: fixes to actually run the spread tests inside autopkgtest
+ - cmd/snap: make "snap find" error nicer.
+ - tests: get the gadget name from snap list
+ - cmd/snap: tweak help of 'snap download'
+ - cmd/snap,image: teach snap download to download also assertions
+ - interfaces/builtin: tweak opengl interface
+ - interfaces: serial-port use udevUsbDeviceSnippet
+ - store: ensure the payment methods method handles auth failure
+ - overlord/snapstate: support revert flags
+ - many: add snap configuration to REST API
+ - tests: use ubuntu-image for the ubuntu-core-16 image creation
+ - cmd/snap: serialise empty keys list as [] rather than null
+ - cmd/snap,client: add snap set and snap get commands
+ - asserts: update trusted account-key asserts with names
+ - overlord/snapstate: misc fixes/tweaks/cleanups
+ - image: have prepare-image set devmode correctly
+ - overlord/boot: have firstboot support assertion files with
+ multiple assertions
+ - daemon: bail from enable and disable if revision given, and from
+ multi-op if unsupported optons given
+ - osutil: call sync after cp if
+ requested.overlord/snapstate/backend: switch to use osutil instead
+ of another buggy call to cp
+ - cmd/snap: generate account-key-request "since" header in UTC
+ - many: use symlinks instead of wrappers
+ - tests: remove silly [Service] entry from snapd.socket.d/local.conf
+ - store: switch device session to use device-session-request
+ assertion
+ - snap: ensure that plug and slot names are unique
+ - cmd/snap: fix test suite (no Exit(0) on tests!)
+ - interfaces: add interface for hidraw devices
+ - tests: use the real model assertion when creating the core test
+ image
+ - interfaces/builtin: add udisks2 and removable-media interfaces
+ - interface: network_manager: enable resolvconf
+ - interfaces/builtin: usb serial-port support via udev
+ - interfaces/udev: support noneSecurityTag keyed snippets
+ - snap: switch to the new agreed regexp for snap names
+ - tests: adjust test setup after ubuntu user removal
+ - many: start services only after the snap is fully ready (link-snap
+ was run)
+ - asserts: don't have Add/Check panic in the face of unsupported no-
+ authority assertions
+ - asserts: initial support to generate/sign snap-build assertions
+ - asserts: support checking account-key-request assertions
+ - overlord: introduce AuthContext.DeviceSessionRequest with support
+ in devicestate
+ - overlord/state: fix for reloaded task/change crashing on Set if
+ checkpointed w. no custom data yet
+ - snapd.refresh.service: require snap.socket and /snap/*/current.
+ - many: spell --force-dangerous as just --dangerous, devmode should
+ imply it
+ - overlord/devicestate: try to fetch/refresh the signing key of
+ serial (also in case is not there yet)
+ - image,overlord/boot,snap: metadata from asserts for image snaps
+ - many: automatically restart all-snap devices after os/kernel
+ updates
+ - interfaces: modem-manager: ignore camera
+ - firstboot: only configure en* and eth* interfaces by default
+ - interfaces: fix interface handling on no-app snaps
+ - snap: set user variables even if HOME is unset (like with systemd
+ services)
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Fri, 16 Sep 2016 07:46:22 +0200
+
+snapd (2.14.2~16.04) xenial; urgency=medium
+
+ * New upstream release: LP: #1618095
+ - tests: use the spread tests with the adhoc interface inside
+ autopkgtest
+ - interfaces: add fwupd interface
+ - asserts,cmd/snap: add "name" header to account-key(-request)
+ - client,cmd/snap: display os-release data only on classic
+ - asserts/tool,cmd/snap: introduce hidden "snap sign"
+ - many: when installing snap file derive metadata from assertions
+ unless --force-dangerous
+ - osutil: tweak the createUserTests a bit and extract common code
+ - debian: umount --lazy before rm on snapd.postrm
+ - interfaces: updates to default policy, browser-support, and x11
+ - store: set initial device session
+ - interfaces: add upower-observe interface (LP: #1595813)
+ - tests: use beta u-d-f in test by default
+ - interfaces/builtin: allow writing on /dev/vhci in bluetooth-
+ control
+ - interfaces/builtin: allow /dev/vhci on bluetooth-control
+ - tests: port integration tests to spread
+ - snapstate: use umount --lazy when removing the mount units
+ - spread: enable halt-timeout, tweak image selection
+ - tests: fix firstboot-assertions to actually be runnable on classic
+ again
+ - asserts: introduce device-session-request
+ - interfaces: add screen-inhibit-control interface (LP: #1604880)
+ - firstboot: change location of netplan config
+ - overlord/devicestate: some cleanups and solving a couple todos
+ - daemon,overlord: add subcommand handling to snapctl
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 01 Sep 2016 18:52:05 +0200
+
+snapd (2.14.1) xenial; urgency=medium
+
+ * New upstream release: LP: #1618095
+ - snap-exec: add support for commands with internal args in snap-
+ exec
+ - store: refresh expired device sessions
+ - debian: re-add ubuntu-core-snapd-units as a transitional package
+ - image: snap assertions into image
+ - overlord/assertstate,asserts/snapasserts: give snap assertions
+ helpers a package, introduce ReconstructSideInfo
+ - docs/interfaces: Add empty line after lxd-support title
+ - README: cover the new /run/snapd-snap.socket
+ - daemon: make socket split backward-compatible.
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Tue, 30 Aug 2016 16:43:29 +0200
+
+snapd (2.14) xenial; urgency=medium
+
+ * New upstream release: LP: #1618095
+ - cmd: enable SNAP_REEXEC only if it is set to SNAP_REEXEC=1
+ - osutil: fix create-user on classic
+ - firstboot: disable firstboot on classic for now
+ - cmd/snap: add export-key --account= option
+ - many: split public snapd REST API into separate socket.
+ - many: drop ubuntu-core-snapd-units package, use release.OnClassic
+ instead
+ - tests: add content-shareing binary test that excersises snap-
+ confine
+ - snap: use "up to date" instead of "up-to-date"
+ - asserts: add an account-key-request assertion
+ - asserts: fix GPG key generation parameters
+ - tests, integration-tests: implement the cups-control manual test
+ as a spread test
+ - many: clarify/tie down model assertion
+ - cmd/snap: add "snap download" command
+ - integration-tests: remove them in favour of the spread tests
+ - tests: test all snap ubuntu core upgrade
+ - many: support install and remove by revision
+ - overlord/state: prevent change ready => unready
+ - tests: fixes to make the ubuntu-core-16 image usable with
+ -keep/-reuse
+ - asserts: authority-id and brand-id of serial must match
+ - firstboot: generate netplan config rather than ifupdown
+ - store: request device session macaroon from store
+ - tests: add workaround for u-d-f to unblock all-snap image tests
+ - tests: the stable ubuntu-core snap has snap run support now
+ - many: use make StripGlobalRootDir public
+ - asserts: add some stricter checks around format
+ - many: have AuthContext expose device store-id, serial and serial-
+ proof signing to the store
+ - tests: fix "tests/main/ack" to not break if asserts are alreay
+ there
+ - tests/main/ack: fix test/style
+ - snap: add key management commands
+ - firstboot: add firstboot assertions importing
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Mon, 29 Aug 2016 17:07:20 +0200
+
+snapd (2.13) xenial; urgency=medium
+
+ * New upstream release: LP: #1616157
+ - many: respect dirs.SnapSnapsDir in tests
+ - tests: update listing test for latest stable image
+ - many: hook in start of code to fetch/check assertions when
+ installing snap from store
+ - boot: add missing udevadm mock to fix FTBFS
+ - interfaces: add lxd-support interface
+ - dirs,snap: handle empty root directory in SetRootDir
+ - dirs,snap: define methods for SNAP_USER_DATA and SNAP_USER_COMMON
+ - tests: spread all-snap test cleanup
+ - tests: add all-snap spread image tests
+ - store,tests: have just one envvar SNAPPY_USE_STAGING_STORE to
+ control talking to staging
+ - overlord/hookstate: use snap run posix parameters.
+ - interfaces/builtin: allow bind in the network interface
+ - asserts,overlord/devicestate: simplify private key/key pairs APIs,
+ they take just key ids
+ - dependencies: update godeps
+ - boot: add support for "devmode: {true,false}" in seed.yaml
+ - many: teach prepare-image to copy the model assertion (and
+ prereqs) into the seed area of the image
+ - tests: start teaching the fakestore about assertions
+ - asserts/sysdb: embed the new format official root/trusted
+ assertions
+ - overlord/devicestate: first pass at device registration logic
+ - tests: add process-control interface spread test
+ - tests: disable unity test
+ - tests: adapt to new spread version
+ - asserts: add serial-proof device assertion
+ - client, cmd/snap: use the new multi-refresh endpoint
+ - many: preparations for image code to fetch model prereqs
+ - debian: add extra checks when debian/snapd.postrm purge is run
+ - overlord/snapstate, daemon: support for multi-snap refresh
+ - tests: do not leave "squashfs-root" around
+ - snap-exec: Fix broken `snap run --shell` and add test
+ - overlord/snapstate: check changes to SnapState for conflicts also.
+ - docs/interfaces: change snappy command to snap
+ - tests: test `snap run --hook` using in-tree snap-exec.
+ - partition: ensure that snap_{kernel,core} is not overridden with an
+ empty value
+ - asserts,overlord/assertstate: introduce an assertstate task
+ handler to fetch snap assertions
+ - spread: disable re-exec to always test development tree.
+ - interfaces: implement a fuse interface
+ - interfaces/hardware-observe.go: re-add /run/udev/data
+ - overlord/assertstate,daemon: reorg how the assert manager exposes
+ the assertion db and adding to it
+ - release: Remove "UBUNTU_CODENAME" from the test data
+ - many: implement snapctl command.
+ - interfaces: mpris updates (fix unconfined introspection, add name
+ attribute)
+ - asserts: export DecodePublicKey
+ - asserts: introduce support for assertions with no authority,
+ implement serial-request
+ - interfaces: bluez: add a few more tests to verify interface
+ connection works
+ - interfaces: bluez: add missing mount security snippet case
+ - interfaces: add kernel-module interface for module insertion.
+ - integration-tests: look for ubuntu-device-flash on PATH before
+ calling sudo
+ - client, cmd, daemon, osutil: support --yaml and --sudoer flags for
+ create-user
+ - spread: use snap-confine from ppa:snappy-dev/image for the tests
+ - many: move to purely hash based key lookup and to new
+ key/signature format (v1)
+ - spread: Use /home/gopath in spread.yaml
+ - tests: base security spread tests
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Wed, 24 Aug 2016 14:48:28 +0200
+
+snapd (2.12) xenial; urgency=medium
+
+ * New upstream release: LP: #1612362
+ - many: do not require root for `snap prepare-image`
+ - tests: prevent restore error on test failure
+ - osutil: change escaping for create-user's sudoers
+ - docs: private flag doesn't exist on /v2/find (it's select)
+ - snap: do not sort the result of `snap find`
+ - interfaces/builtin: add gpio interface
+ - partition: fix cleaning of the boot variables on the second good
+ boot
+ - tests: add udev rules spread test
+ - docs: fix references to refresh action
+ - interfaces/udev,osutil: avoid doubled rules and put all in a per
+ snap file
+ - store: minor store improvements from previous reviews
+ - many: support interactive payments in snapd, filter from command
+ line
+ - docs/interfaces.md: improve interfaces documentation
+ - overlord,store: set store device authorization header
+ - store: add device nonce API support
+ - many: various fixes around the `create-user` command
+ - client, osutil: chown the auth file
+ - interfaces/builtin: add transitional browser-support interface
+ - snap: don't load unsupported implicit hooks.
+ - cmd/snap,cmd/snap-exec: support hooks again.
+ - interfaces/builtin: improve pulseaudio interface
+ - asserts: make account-key's `until` optional to represent a never-
+ expiring key
+ - store: refactor newRequest/doRequest to take requestOptions
+ - tests: allow-downgrades on upgrade test to prevent version errors
+ - daemon: stop using group membership as succedaneous of running
+ things with sudo
+ - interfaces: add bluetooth-control interfaces
+ - many: remove integration-test coverage metrics
+ - daemon,docs: drop license docs and error kind
+ - tests: add network-control interface spread test
+ - tests: add hardware-observe spread test
+ - interfaces: add system-trace interface LP: #1600085
+ - boot: use `cp -aLv` instead of `cp -a` (no symlinks on vfat)
+ - store: soft-refresh discharge macaroon from store when required
+ - partition: clear snap_try_{kernel,core} on success
+ - tests: add snapd-control interface spread test
+ - tests: add locale-control write spread test
+ - store: fix buy method after some refactoring broke it
+ - interfaces/builtin: read perms for network devices in network-
+ observe
+ - interfaces: also allow rfkill in network_control
+ - snapstate: remove artifacts from a snap try dir that vanished
+ - client, cmd/snap: better errors for empty snap list result
+ - wrappers: set BAMF_DESKTOP_FILE_HINT for unity
+ - many: cleanup/update rest.md; improve auth errors
+ - interfaces: miscelleneous policy updates for default, log-observe,
+ mount-observe, opengl, pulseaudio, system-observe and unity7
+ - interfaces: add process-control interface (LP: #1598225)
+ - osutil: support both "nobody" and "nogroup" for grpnam tests
+ - cmd: support defaulting to the user's preferred payment method
+ - overlord: actually run hooks.
+ - overlord/state,overlord/ifacestate: define basic infrastructure
+ for and then setting up serialising of interface mgr tasks
+ - asserts: add Assertion.Prerequisites and SigningKey, Ref and
+ FindTrusted
+ - overlord/snapstate: ensure calls to store are done without the
+ state lock held
+ - asserts,client: switch snap-build and snap-revision to be indexed
+ by snap-sha3-384
+ - many: make seed.yaml on firstboot mandatory and include sideInfo
+ - asserts,many: start supporting structured headers using the new
+ parseHeaders
+ - many: update code for the new snap_mode
+ - tests: added spread find private test
+ - store: deal with 404 froms the SSO store properly
+ - snap: remove meta/kernel.yaml again
+ - daemon: always mock release info in tests
+ - snapstate: drop revisions after "current" on refresh
+ - asserts: introduce new parseHeadersThis introduces the new
+ parseHeaders returning map[string]interface{} and capable of
+ accepting:
+ - asserts: remove/disable comma separated lists and their uses
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 11 Aug 2016 19:30:36 +0200
+
+snapd (2.11) xenial; urgency=medium
+
+ * New upstream release: LP: #1605303
+ - increase version number to reflect the nature of the update
+ better
+ - store, daemon, client, cmd/snap, docs/rest.md: adieu search
+ grammar
+ - debian: move snapd.refresh.timer into timers.target
+ - snapstate: add daemon-reload to fix autopkgtest on yakkety
+ - Interfaces: hardware-observe
+ - snap: rework the output after a snap operation
+ - daemon, cmd/snap: refresh --devmode
+ - store, daemon, client, cmd/snap: implement `snap find --private`
+ - tests: add network-observe interface spread test
+ - interfaces/builtin: allow getsockopt for connected x11 plugs
+ - osutil: check for nogrup instead of adm
+ - store: small cleanups (more needed)
+ - snap/squashfs: fix test not to hardcode snap size
+ - client,cmd/snap: cleanup cmd/snap test suite, add extra args
+ testThis cleans up the cmd/snap test suite:
+ - wrappers: map "never" restart condition to "no."
+ - wrappers: run update-desktop-database after add/remove of desktop
+ files
+ - release: work around elementary mistake
+ - many: remove all traces of channel from the buying codepath
+ - store: kill setUbuntuStoreHeaders
+ - docs: add payment methods documentation
+ - many: present user with a choice of payment backends
+ - asserts: add cross checks for snap asserts
+ - cmd/snap,cmd/snap-exec: support running hooks via snap-exec.
+ - tests: improve snap run symlink tests
+ - tests: add content sharing interface spread test
+ - store & many: a mechanical branch shortening store names
+ - snappy: remove old snappy pkg
+ - overlord/snapstate: kill flagscompat
+ - overlord/snapstate, daemon, client, cmd/snap: devmode override
+ (aka confined)
+ - tests: extend refresh test to talk to the staging and production
+ stores
+ - asserts,daemon: cross checks for account and account-key
+ assertions
+ - client: existing JSON fixtures uses tabs for indentation
+ - snap-exec: add proper integration test for snap-exec
+ - spread.yaml, tests: replace hello-world with test-snapd-tools
+ - tests: add locale-control interface spread test
+ - tests: add mount-observe interface spread test
+ - tests: add system-observe interface spread test
+ - many: add AuthContext to mediate user updates to the state
+ - store/auth: add helper for the macaroon refresh endpoint
+ - cmd: add buy command
+ - overlord: switch snapstate.Update to use ListRefresh (aka
+ /snaps/metadata)
+ - snap-exec: fix silly off-by-one error
+ - tests: stop using hello-world.echo in the tests
+ - tests: add env command to test-snapd-tools
+ - classic: remove (most of) "classic" mode, this is implemented as a
+ snap now
+ - many: remove snapstate.Candidate and other cleanups
+ - many: removed authenticator, store gets a user instead
+ - asserts: fix minor doc comment typo
+ - snap: ensure unknown arguments to `snap run` are ignored
+ - overlord/auth: add Device/SetDevice to persist device identity in
+ state
+ - overlord: make SyncBoot work again
+ - tests: add -y flag to apt autoremove command in unity task restore
+ - many: migrate SnapSetup and SideInfo to use RealName
+ - daemon: drop auther()
+ - client: improve error from client.do() on json decode failures
+ - tests: readd the fake store tests
+ - many: allow removal of broken snaps, add spread test
+ - overlord: implement &Retry{After: duration} support for handlers
+ - interface: add new interfaces.all.SecurityBackends
+ - integration-tests: remove login tests
+ - cmd,interfaces,snap: implement hook whitelist.
+ - daemon,overlord/auth,store: update macaroon authentication to use
+ the new endpoints
+ - daemon, overlord: add buy endpoint to REST API
+ - tests: use systemd-run for starting and stopping the unity app
+ - tests, integration-tests: port systemd service check test to
+ spread
+ - store: switch search to new snap-specific endpoint
+ - store, many: start using the new details endpoint
+ - tests, integration-tests: port unity test to spread
+ - tests: add spread test for tried snaps removal
+ - tests, integration-tests: port auth errors test to spread
+ - snapstate: rename OfficialName to RealName in the new tests
+ - many: rename SideInfo.OfficialName to SideInfo.RealName
+ - snapstate: use snapstate.Type in backend.RemoveSnapFiles
+ - many: add `snap enable/disable` commands
+ - tests, integration-tests: port refresh all test to spread
+ - snap: add `snap run --shell`
+ - tests: set yaml indentation to 4 spaces
+ - snapstate: cleanup downloaded temp snap files
+ - overlord: make patch1_test more robust
+ - debian: add snapd.postrm that purges
+ - integration-tests: drop already covered refresh app test
+ - many: add concept of "broken" snaps
+ - tests, integration-tests: port remove errors tests to spread
+ - tests, integration-tests: port revert test to spread
+ - debian: fix snapbuild path
+ - overlord: fix access to the state without lock in firstboot.go and
+ add test
+ - snapstate: add very simple garbage collection on upgrade
+ - asserts: introduce assertstest with helpers to test code involving
+ assertions
+ - tests, integration tests: port undone failed install test to
+ spread
+ - snap,store: switch to the new snaps/metadata endpoint, introduce
+ and start capturing DeveloperID
+ - tests, integration-tests: port the op remove retry test to spread
+ - po: remove snappy.pot from git, it will be generated at build time
+ - many: add some missing tests, clarify some things and nitpicks as
+ follow up to `snap revert`
+ - snapstate: when doing snapsate.Update|Install, talk to the store
+ early
+ - tests, integration-tests: port the op remove test to spread
+ - interfaces: allow /usr/bin/locale in default policy
+ - many: add `snap revert`
+ - overlord/auth,store: add macaroon serialization/deserialization
+ helpers
+ - many: embed main store trusted assertions in snapd, way to have
+ test ones, spread tests for ack and known
+ - overlord/snapstate,daemon: clarify active vs current, add
+ SnapState.HasCurrent,CurrentInfo
+ - tests: do not search for a specific snap (we hit 100 items) and
+ pagination kicks in
+ - tests: use printf instead of echo where we need portability
+ - tests: rename and generalize basic-binaries to test-snapd-tools
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Tue, 26 Jul 2016 15:49:04 +0200
+
+snapd (2.0.10) xenial; urgency=medium
+
+ * New upstream release: LP: #1597329
+ - interfaces: also allow @{PROC}/@{pid}/mountinfo and
+ @{PROC}/@{pid}/mountstats
+ - interfaces: allow read access to /etc/machine-id and
+ @{PROC}/@{pid}/smaps
+ - interfaces: miscelleneous policy updates for default, log-observe
+ and system-observe
+ - snapstate: add logging after a successful doLinkSnap
+ - tests, integration-tests: port try tests to spread
+ - store, cmd/snapd: send a basic user-agent to the store
+ - store: add buy method
+ - client: retry on failed GETs
+ - tests: actual refresh test
+ - docs: REST API update
+ - interfaces: add mount support for hooks.
+ - interfaces: add udev support for hooks.
+ - interfaces: add dbus support for hooks.
+ - tests, integration-tests: port refresh test to spread
+ - tests, integration-tests: port change errors test to spread
+ - overlord/ifacestate: don't retry snap security setup
+ - integration-tests: remove unused file
+ - tests: manage the socket unit when reseting state
+ - overlord: improve organization of state patches
+ - tests: wait for snapd listening after reset
+ - interfaces/builtin: allow other sr*/scd* optical devices
+ - systemd: add support for squashfuse
+ - snap: make snaps vanishing less fatal for the system
+ - snap-exec: os.Exec() needs argv0 in the args[] slice too
+ - many: add new `create-user` command
+ - interfaces: auto-connect content interfaces with the same content
+ and developer
+ - snapstate: add Current revision to SnapState
+ - readme: tweak readme blurb
+ - integration-tests: wait for listening port instead of active
+ service reported by systemd
+ - many: rename Current -> {CurrentSideInfo,CurrentInfo}
+ - spread: fix home interface test after suite move
+ - many: name unversioned data.
+ - interfaces: add "content" interface
+ - overlord/snapstate: defaultBackend can go away now
+ - debian: comment to remember why the timer is setup like it is
+ - tests,spread.yaml: introduce an upgrade test, support/split into
+ two suites for this
+ - overlord,overlord/snapstate: ensure we keep snap type in snapstate
+ of each snap
+ - many: rework the firstboot support
+ - integration-tests: fix test failure
+ - spread: keep core on suite restore
+ - tests: temporary fix for state reset
+ - overlord: add infrastructure for simple state format/content
+ migrations
+ - interfaces: add seccomp support for hooks.
+ - interfaces: allow gvfs shares in home and temporarily allow
+ socketcall by default (LP: #1592901, LP: #1594675)
+ - tests, integration-tests: port network-bind interface tests to
+ spread
+ - snap,snap/snaptest: use PopulateDir/MakeTestSnapWithFiles directly
+ and remove MockSnapWithHooks
+ - interfaces: add mpris interface
+ - tests: enable `snap run` on i386
+ - tests, integration-tests: port network interface test to spread
+ - tests, integration-tests: port interfaces cli to spread
+ - tests, integration-tests: port leftover install tests to spread
+ - interfaces: add apparmor support for hooks.
+ - tests, integration-tests: port log-observe interface tests to
+ spread
+ - asserts: improve Decode doc comment about assertion format
+ - tests: moved snaps to lib
+ - many: add the camera interface
+ - many: add optical-drive interface
+ - interfaces: auto-connect home if running on classic
+ - spread: bump gccgo test timeout
+ - interfaces: use security tags to index security snippets.
+ - daemon, overlord/snapstate, store: send confinement header to the
+ store for install
+ - spread: run tests on 16.04 i386 concurrently
+ - tests,integration-tests: port install error tests to spread
+ - interfaces: add a serial-port interface
+ - tests, integration-tests, debian: port sideload install tests to
+ spread
+ - interfaces: add new bind security backend and refactor
+ backendtests
+ - snap: load and validate implicit hooks.
+ - tests: add a build/run test for gccgo in spread
+ - cmd/snap/cmd_login: Adjust message after adding support for wheel
+ group
+ - tests, integration-tests: ported install from store tests to
+ spread
+ - snap: make `snap change <taskid>` show task progress
+ - tests, integration-tests: port search tests to spread
+ - overlord/state,daemon: make abort proceed immediately, fix doc
+ comment, improve tests
+ - daemon: extend privileged access to users in "wheel" group
+ - snap: tweak `snap refresh` and `snap refresh --list` outputTiny
+ branch that does three things:
+ - interfaces: refactor auto-connection candidate check
+ - snap: add support for snap {install,refresh}
+ --{edge,beta,candidate,stable}
+ - release: don't force KDE Neon into devmode.
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Wed, 29 Jun 2016 21:02:39 +0200
+
+snapd (2.0.9) xenial; urgency=medium
+
+ * New upstream release: LP: #1593201
+ - snap: add the magic redirect part of `snap run`
+ - tests, integration-tests: port server related tests to spread
+ - overlord/snapstate: log restarting in the task
+ - daemon: test restart wiring, fix setup/teardown
+ - cmd: don't show the price if a snap has already been purchased
+ - tests, integration-tests: port listing tests to spread
+ - integration-tests: do not try to kill ubuntu-clock-app.clock (no
+ longer a process)
+ - several: tie up overlord's restart handler into daemon; adjust
+ snap to cope
+ - tests, integration-tests: port abort tests to spread
+ - integration-tests: fix flaky TestRemoveBusyRetries
+ - testutils: refactor/mock exec
+ - snap,cmd: add hook support to snap run.
+ - overlord/snapstate: remove Download from backend
+ - store: use a custom logging transport
+ - overlord/hookstate: implement basic HookManager.
+ - spread: move the suite restore to restore-each
+ - asserts: turn model os into model core field, making it also more
+ like the kernel and gadget fields
+ - asserts: / is not allowed in primary key headers, follow the store
+ in this
+ - release: enable full confinement on Elementary 0.4
+ - integration-tests: fix another i386 autopkgtest failure.
+ - cmd/snap: create SNAP_USER_DATA and common dirs in `snap run`
+ - many: have the installation of the core snap request a restart (on
+ classic)
+ - asserts: allow to load also account assertions into the trusted
+ set
+ - many: install snaps in devmode on distributions without complete
+ apparmor and seccomp support
+ - spread: run on travis
+ - snapenv: do not hardcode amd64 in tests
+ - spread: initial harness and first test
+ - interfaces: miscelleneous policy updates for chromium, x86,
+ opengl, etc
+ - integration-tests: remove daemon to use the log-observe interface
+ - client: remove client.Revision and import snap.Revision instead
+ - integration-tests: wait for network-bind service in try test
+ - many: move over from snappy to snapstate/backend SetupSnap and
+ related code
+ - integration-tests: add interfaces cli tests
+ - snapenv: cleanup snapenv.{Basic,User}
+ - cmd/snap: also print slots that connect to the wanted snap (LP:
+ #1590704)
+ - asserts: error style, use "cannot" instead of "failed to"
+ following the main decided style
+ - integration-tests: wait until the network-bind service is up
+ before testing
+ - many: add new `snap run` command
+ - snappy: unexport snappy.Install and snappy.Overlord.{Un,}Install
+ - many: add some shared testing helpers to snap/snaptest and to
+ boot/boottest
+ - rest-api: support to send apps per snap (LP: #1564076)
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 16 Jun 2016 13:56:12 +0200
+
+snapd (2.0.8.1) UNRELEASED; urgency=medium
+
+ * New upstream release
+ - Cherry pick four commits that show snaps as installed in devmode on
+ distributions without full confinement dependencies available:
+
+ 25634d3364a46b5e9147e4466932c59b1b572d35
+ 53f2e8d5f1b2d7ce13f5b50be4c09fa1de8cf1e0
+ 38771f4cc324ad9dd4aa48b03108d13a2c361aad
+ c46e069351c61e45c338c98ab12689a319790bd5
+
+ -- Zygmunt Krynicki <zygmunt.krynicki@canonical.com> Tue, 14 Jun 2016 15:55:30 +0200
+
+snapd (2.0.8+1) unstable; urgency=medium
+
+ * New upstream release.
+ * Update lintian-overrides for new paths.
+ * debian/copyright: fix a typo (thanks, lintian!)
+
+ -- Steve Langasek <vorlon@debian.org> Fri, 10 Jun 2016 23:17:22 +0000
+
+snapd (2.0.8) xenial; urgency=medium
+
+ * New upstream release: LP: #1589534
+ - debian: make `snap refresh` times more random (LP: #1537793)
+ - cmd: ExecInCoreSnap looks in "core" snap first, and only in
+ "ubuntu-core" snap if rev>125.
+ - cmd/snap: have 'snap list' display helper message on stderr
+ (LP: #1587445)
+ - snap: make app names more restrictive.
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Wed, 08 Jun 2016 07:56:58 +0200
+
+snapd (2.0.7) xenial; urgency=medium
+
+ * New upstream release: LP: #1589534
+ - debian: do not ship /etc/ld.so.conf.d/snappy.conf (LP: #1589006)
+ - debian: fix snapd.refresh.service install and usage (LP: #1588977)
+ - ovlerlord/state: actually support task setting themself as
+ done/undone
+ - snap: do not use "." import in revision_test.go, as this breaks
+ gccgo-6 (fix build failure on powerpc)
+ - interfaces: add fcitx and mozc input methods to unity7
+ - interfaces: add global gsettings interfaces
+ - interfaces: autoconnect home and doc updates (LP: #1588886)
+ - integration-tests: remove
+ abortSuite.TestAbortWithValidIdInDoingStatus
+ - many: adding backward compatible code to upgrade SnapSetup.Flags
+ - overlord/snapstate: handle sideloading over an old sideloaded snap
+ without panicing
+ - interfaces: add socketcall() to the network/network-bind
+ interfaces (LP: #1588100)
+ - overlord/snapstate,snappy: move over CanRemoveThis moves over the
+ CanRemove check to snapstate itself.overlord/snapstate
+ - snappy: move over CanRemove
+ - overlord/snapstate,snappy: move over CopyData and Remove*Data code
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Mon, 06 Jun 2016 16:35:50 +0200
+
+snapd (2.0.6) xenial; urgency=medium
+
+ * New upstream release: LP: #1588052:
+ - many: repository moved to snapcore/snapd
+ - debian: add transitional pkg for the github location change
+ - snap: ensure `snap try` work with relative paths
+ - debian: drop run/build dependency on lsb-release
+ - asserts/tool: gpg key pair manager
+ - many: add new snap-exec
+ - many: implement `snap refresh --list` and `snap refresh`
+ - snap: add parsing support for hooks.
+ - many: add the cups interface
+ - interfaces: misc policy fixes (LP: #1583794)
+ - many: add `snap try`
+ - interfaces: allow using sysctl and scmp_sys_resolver for parsing
+ kernel logs
+ - debian: make snapd get its environ from /etc/environment
+ - daemon,client,snap: revisions are now strings
+ - interfaces: allow access to new ibus abstract socket path
+ LP: #1580463
+ - integration-tests: add remove tests
+ - asserts: stronger crypto choices and follow better latest designs
+ - snappy,daemon: hollow out more of snappy (either removing or not
+ exporting stuff on its way out), snappy/gadget.go is gone
+ - asserts: rename device-serial to serial
+ - asserts: rename identity to account (and username access)
+ - integration-tests: add changes tests
+ - backend: add tests for environment wrapper generation
+ - interfaces/builtin: add location-control interface
+ - overlord/snapstate: move over check snap logic from snappy
+ - release: use os-release instead of lsb-release for cross-distro
+ use
+ - asserts: allow empty snap-name for snap-declaration
+ - interfaces/builtin,docs,snap: add the pulseaudio interface
+ - many: add support for an environment map inside snap.yaml
+ - overlord/snapstate: increase robustness of doLinkSnap/undoLinkSnap
+ with sanity unit tests
+ - snap: parse epoch property
+ - snappy: do nothing in SetNextBoot when running on classic
+ - snap: validate snap type
+ - integration-tests: extend find command tests
+ - asserts: extend tests to cover mandatory and empty headers
+ - tests: stop the update-pot check in run-checks
+ - snap: parse confinement property.
+ - store: change applyUbuntuStoreHeaders to not take accept, and to
+ take a channel
+ - many: struct-based revisions, new representation
+ - interfaces: remove 'audit deny' rules from network_control.go
+ - interfaces: add com.canonical.UrlLauncher.XdgOpen to unity7
+ interface
+ - interfaces: firewall-control can access xtables lock file
+ - interfaces: allow unity7 AppMenu
+ - interfaces: allow unity7 launcher API
+ - interfaces/builtin: add location-observe interface
+ - snap: fixed snap empty list text LP: #1587445
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 02 Jun 2016 08:23:50 +0200
+
+snapd (2.0.5+1) unstable; urgency=medium
+
+ * Initial Debian upload. Closes: #824943.
+ * release/release{,_test}.go: use /etc/os-release, which is guaranteed to
+ be part of base-files on both Ubuntu and Debian, instead of
+ /etc/lsb-release which doesn't exist at all on Debian.
+ * drop transitional packages, not needed in Debian.
+ * Add lintian overrides for false-positive detection of embedded libyaml.
+ * Update Vcs-* fields to point at maintainer's branch.
+ * Add a further lintian override for the /snap directory so that the
+ package is not automatically rejected by the NEW queue; this directory
+ location is certainly subject to discussion for Debian, but let's have
+ the discussion rather than blocking the package at the archive level.
+
+ -- Steve Langasek <vorlon@debian.org> Mon, 23 May 2016 00:36:06 +0000
+
+snapd (2.0.5) xenial; urgency=medium
+
+ * New upstream release: LP: #1583085
+ - interfaces: add dbusmenu, freedesktop and kde notifications to
+ unity7 (LP: #1573188)
+ - daemon: make localSnapInfo return SnapState
+ - cmd: make snap list with no snaps not special
+ - debian: workaround for XDG_DATA_DIRS issues
+ - cmd,po: fix conflicts, apply review from #1154
+ - snap,store: load and store the private flag sent by the store in
+ SideInfo
+ - interfaces/apparmor/template.go: adjust /dev/shm to be more usable
+ - store: use purchase decorator in Snap and FindSnaps
+ - interfaces: first version of the networkmanager interface
+ - snap, snappy: implement the new (minmimal) kernel spec
+ - cmd/snap, debian: move manpage generation to depend on an environ
+ key; also, fix completion
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 19 May 2016 15:29:16 +0200
+
+snapd (2.0.4) xenial; urgency=medium
+
+ * New upstream release:
+ - interfaces: cleanup explicit denies
+ - integration-tests: remove the ancient integration daemon tests
+ - integration-tests: add network-bind interface test
+ - integration-tests: add actual checks for undoing install
+ - integration-tests: add store login test
+ - snap: add certain implicit slots only on classic
+ - integration-tests: add coverage flags to snapd.service ExecStart
+ setting when building from branch
+ - integration-tests: remove the tests for features removed in 16.04.
+ - daemon, overlord/snapstate: "(de)activate" is no longer a thing
+ - docs: update meta.md and security.md for current snappy
+ - debian: always start snapd
+ - integration-tests: add test for undoing failed install
+ - overlord: handle ensureNext being in the past
+ - overlord/snapstate,overlord/snapstate/backend,snappy: start
+ backend porting LinkSnap and UnlinkSnap
+ - debian/tests: add reboot capability to autopkgtest and execute
+ snapPersistsSuite
+ - daemon,snappy,progress: drop license agreement broken logic
+ - daemon,client,cmd/snap: nice access denied message
+ (LP: #1574829)
+ - daemon: add user parameter to all commands
+ - snap, store: rework purchase methods into decorators
+ - many: simplify release package and add OnClassic
+ - interfaces: miscellaneous policy updates
+ - snappy,wrappers: move desktop files handling to wrappers
+ - snappy: remove some obviously dead code
+ - interfaces/builtin: quote apparmor label
+ - many: remove the gadget yaml support from snappy
+ - snappy,systemd,wrappers: move service units generation to wrappers
+ - store: add method to determine if a snap must be bought
+ - store: add methods to read purchases from the store
+ - wrappers,snappy: move binary wrapper generation to new package
+ wrappers
+ - snap: add `snap help` command
+ - integration-tests: remove framework-test data and avoid using
+ config-snap for now
+ - add integration test to verify fix for LP: #1571721
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Fri, 13 May 2016 17:19:37 -0700
+
+snapd (2.0.3) xenial; urgency=medium
+
+ * New upstream micro release:
+ - integration-tests, debian/tests: add unity snap autopkg test
+ - snappy: introduce first feature flag for assumes: common-data-dir
+ - timeout,snap: add YAML unmarshal function for timeout.Timeout
+ - many: go into state.Retry state when unmounting a snap fails.
+ (LP: #1571721, #1575399)
+ - daemon,client,cmd/snap: improve output after snap
+ install/refresh/remove (LP: #1574830)
+ - integration-tests, debian/tests: add test for home interface
+ - interfaces,overlord: support unversioned data
+ - interfaces/builtin: improve the bluez interface
+ - cmd: don't include the unit tests when building with go test -c
+ for integration tests
+ - integration-tests: teach some new trick to the fake store,
+ reenable the app refresh test
+ - many: move with some simplifications test snap building to
+ snap/snaptest
+ - asserts: define type for revision related errors
+ - snap/snaptest,daemon,overlord/ifacestate,overlord/snapstate: unify
+ mocking snaps behind MockSnap
+ - snappy: fix openSnapFile's handling of sideInfo
+ - daemon: improve snap sideload form handling
+ - snap: add short and long description to the man-page
+ (LP: #1570280)
+ - snappy: remove unused SetProperty
+ - snappy: use more accurate test data
+ - integration-tests: add a integration test about remove removing
+ all revisions
+ - overlord/snapstate: make "snap remove" remove all revisions of a
+ snap (LP: #1571710)
+ - integration-tests: re-enable a bunch of integration tests
+ - snappy: remove unused dbus code
+ - overlord/ifacestate: fix setup-profiles to use new snap revision
+ for setup (LP: #1572463)
+ - integration-tests: add regression test for auth bug LP:#1571491
+ - client, snap: remove obsolete TypeCore which was used in the old
+ SystemImage days
+ - integration-tests: add apparmor test
+ - cmd: don't perform type assertion when we know error to be nil
+ - client: list correct snap types
+ - intefaces/builtin: allow getsockname on connected x11 plugs
+ (LP: #1574526)
+ - daemon,overlord/snapstate: read name out of sideloaded snap early,
+ improved change summary
+ - overlord: keep tasks unlinked from a change hidden, prune them
+ - integration-tests: snap list on fresh boot is good again
+ - integration-tests: add partial term to the find test
+ - integration-tests: changed default release to 16
+ - integration-tests: add regression test for snaps not present after
+ reboot
+ - integration-tests: network interface
+ - integration-tests: add proxy related environment variables to
+ snapd env file
+ - README.md: snappy => snap
+ - etc: trivial typo fix (LP:#1569892)
+ - debian: remove unneeded /var/lib/snapd/apparmor/additional
+ directory (LP: #1569577)
+ - builtin/unity7.go: allow using gmenu. LP: #1576287
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Tue, 03 May 2016 07:51:57 +0200
+
+snapd (2.0.2) xenial; urgency=medium
+
+ * New upstream release:
+ - systemd: add multi-user.target (LP: #1572125)
+ - release: our series is 16
+ - integration-tests: fix snapd binary path for mounting the daemon
+ built from branch
+ - overlord,snap: add firstboot state sync
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Tue, 19 Apr 2016 16:02:44 +0200
+
+snapd (2.0.1) xenial; urgency=medium
+
+ * client,daemon,overlord: fix authentication:
+ - fix incorrect authenication check (LP: #1571491)
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Mon, 18 Apr 2016 07:24:33 +0200
+
+snapd (2.0) xenial; urgency=medium
+
+ * New upstream release:
+ - debian: put snapd in /usr/lib/snapd/
+ - cmd/snap: minor polishing
+ - cmd,client,daemon: add snap abort command
+ - overlord: don't hold locks when callling backends
+ - release,store,daemon: no more default-channel, release=>series
+ - many: drop support for deprecated environment variables
+ (SNAP_APP_*)
+ - many: support individual ids in changes cmd
+ - overlord/state: use numeric change and task ids
+ - overlord/auth,daemon,client,cmd/snap: logout
+ - daemon: don't install ubuntu-core twice
+ - daemon,client,overlord/state,cmd: add changes command
+ - interfaces/dbus: drop superfluous backslash from template
+ - daemon, overlord/snapstate: updates are users too!
+ - cmd/snap,daemon,overlord/ifacestate: add support for developer
+ mode
+ - daemon,overlord/snapstate: on refresh use the remembered channel,
+ default to stable channel otherwise
+ - cmd/snap: improve UX of snap interfaces when there are no results
+ - overlord/state: include time in task log messages
+ - overlord: prune and abort old changes and tasks
+ - overlord/ifacestate: add implicit slots in setup-profiles
+ - daemon,overlord: setup authentication for store downloads
+ - daemon: macaroon-authed users are like root, and sudoers can login
+ - daemon,client,docs: send install options to daemon
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Sat, 16 Apr 2016 22:15:40 +0200
+
+snapd (1.9.4) xenial; urgency=medium
+
+ * New upstream release:
+ - etc: fix desktop file location
+ - overlord/snapstate: stop an update once download sees the revision
+ is already installed
+ - overlord: make SnapState.DevMode a method, store flags
+ - snappy: no more snapYaml in snappy.Snap
+ - daemon,cmd,dirs,lockfile: drop all lockfiles
+ - debian: use sudo in setup of the proxy environment
+ - snap/snapenv,snappy,systemd: expose SNAP_REVISION to app
+ environment
+ - snap: validate similarly to what we did with old snapYaml info
+ from squashfs snaps
+ - daemon,store: plug in authentication for store search/details
+ - overlord/snapstate: fix JSON name of SnapState.Candidate
+ - overlord/snapstate: start using revisions higher than 100000 for
+ local installs (sideloads)
+ - interfaces,overlorf/ifacestate: honor user choice and don't auto-
+ connect disconnected plugs
+ - overlord/auth,daemon,client: hide user ids again
+ - daemon,overlord/snapstate: back /snaps (and so snap list) using
+ state
+ - daemon,client,overlord/auth: rework state auth data
+ - overlord/snapstate: disable Activate and Deactivate
+ - debian: fix silly typo in autopkgtest setup
+ - overlord/ifacestate: remove connection state with discard-conns
+ task, on the removal of last snap
+ - daemon,client: rename API update action to refresh
+ - cmd/snap: rework login to be more resilient
+ - overlord/snapstate: deny two changes on one snap
+ - snappy: fix crash on certain snap.yaml
+ - systemd: use native systemctl enable instead of our own
+ implementation
+ - store: add workaround for misbehaving store
+ - debian: make autopkgtest use the right env vars
+ - state: log do/undo status too when a task is run
+ - docs: update rest.md with price information
+ - daemon: only include price property if the snap is non-free
+ - daemon, client, cmd/snap: connect/disconnect now async
+ - snap,snappy: allow snaps to require system features
+ - integration-tests: fix report of skips in SetUpTest method
+ - snappy: clean out major bits (still using Installed) now
+ unreferenced as cmd/snappy is gone
+ - daemon/api,overlord/auth: add helper to get UserState from a
+ client request
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Fri, 15 Apr 2016 23:30:00 +0200
+
+snapd (1.9.3) xenial; urgency=medium
+
+ * New upstream release:
+ - many: prepare for opengl support on classic
+ - interfaces/apparmor: load all apparmor profiles on snap setup
+ - daemon,client: move async resource to change in meta
+ - debian: disable autopilot
+ - snap: add basic progress reporting
+ - client,cmd,daemon,snap,store: show the price of snaps in the cli
+ - state: add minimal taskrunner logging
+ - daemon,snap,overlord/snapstate: in the API get the snap icon using
+ state
+ - client,daemon,overlord: don't guess snap file vs. name
+ - overlord/ifacestate: reload snap connections when setting up
+ security for a given snap
+ - snappy: remove cmd/snappy (superseded in favour of cmd/snap)
+ - interfaecs/apparmor: remove all traces of old-security from
+ apparmor backend
+ - interfaces/builtin: add bluez interface
+ - overlord/ifacestate: don't crash if connection cannot be reloaded
+ - debian: add searchSuite to autopkgtest
+ - client, daemon, cmd/snap: no more tasks; everything is changes
+ - client: send authorization header in client requests
+ - client, daemon: marshal suggested currency over REST
+ - docs, snap: enumerate snap types correctly in docs and comments
+ - many: add store authenticator parameter
+ - overlord/ifacestate,daemon: setup security on conect and
+ disconnect
+ - interfaces/apparmor: remove unused apparmor variables
+ - snapstate: add missing "TaskProgressAdapter.Write()" for working
+ progress reporting
+ - many: clean out snap config related code not for OS
+ - daemon,client,cmd: return snap list from /v2/snaps
+ - docs: update `/v2/snaps` endpoint documentation
+ - interfaces: rename developerMode to devMode
+ - daemon,client,overlord: progress current => done
+ - daemon,client,cmd/snap: move query metadata to top-level doc
+ - interfaces: add TestSecurityBackend
+ - many: replace typographic quotes with ASCII
+ - client, daemon: rework rest changes to export "ready" and "err"
+ - overlord/snapstate,snap,store: track snap-id in side-info and
+ therefore in state
+ - daemon: improve mocking of interfaces API tests
+ - integration-tests: remove origins in default snap names for udf
+ call
+ - integration-test: use "snap list" in GetCurrentVersion
+ - many: almost no more NewInstalledSnap reading manifest from
+ snapstate and backend
+ - daemon: auto install ubuntu-core if missing
+ - oauth,store: remove OAuth authentication logic
+ - overlord/ifacestate: simplify some tests with implicit manager
+ initialization
+ - store, snappy: move away from hitting details directly
+ - overlord/ifacestate: reload connections when restarting the
+ manager
+ - overlord/ifacestate: increase flexibility of unit tests
+ - overlord: use state to discover all installed snaps
+ - overlord/ifacestate: track connections in the state
+ - many: separate copy-data from unlinking of current snap
+ - overlord/auth,store/auth: add macaroon authenticator to UserState
+ - client: support for /v2/changes and /v2/changes/{id}
+ - daemon/api,overlord/auth: rework authenticated users information
+ in state
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 14 Apr 2016 23:29:43 +0200
+
+snapd (1.9.2) xenial; urgency=medium
+
+ * New upstream release:
+ - cmd/snap,daemon,store: rework login command to use daemon login
+ API
+ - store: cache suggested currency from the store
+ - overlord/ifacestate: modularize and extend tests
+ - integration-tests: reenable failure tests
+ - daemon: include progress in rest changes
+ - daemon, overlord/state: expose individual changes
+ - overlord/ifacestate: drop duplicate package comment
+ - overlord/ifacestate: allow tests to override security backends
+ - cmd/snap: install *.snap and *.snap.* as files too
+ - interfaces/apparmor: replace /var/lib/snap with /var/snap
+ - daemon,overlord/ifacestate: connect REST API to interfaces in the
+ overlord
+ - debian: remove unneeded dependencies from snapd
+ - overlord/state: checkpoint on final progress only
+ - osutil: introduce IsUIDInAny
+ - overlord/snapstate: rename GetSnapState to Get, SetSnapState to
+ Set
+ - daemon: add id to changes json
+ - overlord/snapstate: SetSnapState() needs locks
+ - overlord: fix broken tests
+ - overlord/snapstate,overlord/ifacestate: reimplement SnapInfo (as
+ Info) actually using the state
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Wed, 13 Apr 2016 17:27:00 +0200
+
+snapd (1.9.1.1) xenial; urgency=medium
+
+ * debian/tests/control:
+ - add git to make autopkgtest work
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Tue, 12 Apr 2016 17:19:19 +0200
+
+snapd (1.9.1) xenial; urgency=medium
+
+ * Add warning about installing ubuntu-core-snapd-units on Desktop systems.
+ * Add ${misc:Depends} to ubuntu-core-snapd-units.
+ * interfaces,overlord: add support for auto-connecting plugs on
+ install
+ * fix sideloading snaps and (re)add tests for this
+ * add `ca-certificates` to the test-dependencies to fix autopkgtest
+ failure on armhf
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Tue, 12 Apr 2016 14:39:57 +0200
+
+snapd (1.9) xenial; urgency=medium
+
+ * rename source and binary package to "snapd"
+ * update directory layout to final 16.04 layout
+ * use `snap` command instead of the previous `snappy`
+ * use `interface` based security
+ * use new state engine for install/update/remove
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Tue, 12 Apr 2016 01:05:09 +0200
+
+ubuntu-snappy (1.7.3+20160310ubuntu1) xenial; urgency=medium
+
+ - debian: update versionized ubuntu-core-launcher dependency
+ - debian: tweak desktop file dir, ship Xsession.d snip for seamless
+ integration
+ - snappy: fix hw-assign to work with per-app udev tags
+ - snappy: use $snap.$app as per-app udev tag
+ - snap,snappy,systemd: %s/\<SNAP_ORIGIN\>/SNAP_DEVELOPER/g
+ - snappy: add mksquashfs --no-xattrs parameter
+ - snap,snappy,systemd: kill SNAP_FULLNAME
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 10 Mar 2016 09:26:20 +0100
+
+ubuntu-snappy (1.7.3+20160308ubuntu1) xenial; urgency=medium
+
+ - snappy,snap: move icon under meta/gui/
+ - debian: add snap.8 manpage
+ - debian: move snapd to /usr/lib/snappy/snapd
+ - snap,snappy,systemd: remove TMPDIR, TEMPDIR, SNAP_APP_TMPDIR
+ - snappy,dirs: add support to use desktop files from inside snaps
+ - daemon: snapd API events endpoint redux
+ - interfaces/builtin: add "network" interface
+ - overlord/state: do small fixes (typo, id clashes paranoia)
+ - overlord: add first pass of the logic in StateEngine itself
+ - overlord/state: introduce Status/SetStatus on Change
+ - interfaces: support permanent security snippets
+ - overlord/state: introduce Status/SetStatus and
+ Progress/SetProgress on Task
+ - overlord/state: introduce Task and Change.NewTask
+ - many: selectively swap semantics of plugs and slots
+ - client,cmd/snap: remove useless indirection in Interfaces
+ - interfaces: maintain Plug and Slot connection details
+ - client,daemon,cmd/snap: change POST /2.0/interfaces to work with
+ lists
+ - overlord/state: introduce Change and NewChange on state to create
+ them
+ - snappy: bugfix for snap.yaml parsing to be more consistent with
+ the spec
+ - snappy,systemd: remove "ports" from snap.yaml
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Tue, 08 Mar 2016 11:24:09 +0100
+
+ubuntu-snappy (1.7.3+20160303ubuntu4) xenial; urgency=medium
+
+ * rename:
+ debian/golang-snappy-dev.install ->
+ debian/golang-github-ubuntu-core-snappy-dev.install:
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 03 Mar 2016 12:29:16 +0100
+
+ubuntu-snappy (1.7.3+20160303ubuntu3) xenial; urgency=medium
+
+ * really fix typo in dependency name
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 03 Mar 2016 12:21:39 +0100
+
+ubuntu-snappy (1.7.3+20160303ubuntu2) xenial; urgency=medium
+
+ * fix typo in dependency name
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 03 Mar 2016 12:05:36 +0100
+
+ubuntu-snappy (1.7.3+20160303ubuntu1) xenial; urgency=medium
+
+ - debian: update build-depends for MIR
+ - many: implement new REST API: GET /2.0/interfaces
+ - integration-tests: properly stop snapd from branch
+ - cmd/snap: update tests for go-flags changes
+ - overlord/state: implement Lock/Unlock with implicit checkpointing
+ - overlord: split out the managers and State to their own
+ subpackages of overlord
+ - snappy: rename "migration-skill" to "old-security" and use new
+ interface names instead of skills
+ - client,cmd/snap: clarify name ambiguity in Plug or Slot
+ - overlord: start working on state engine along spec v2, have the
+ main skeleton follow that
+ - classic, oauth: update tests for change in MakeRandomString()
+ - client,cmd/snap: s/add/install/:-(
+ - interfaces,daemon: specialize Name to either Plug or Slot
+ - interfaces,interfaces/types: unify security snippet functions
+ - snapd: close the listener on Stop, to force the http.Serve loop to
+ exit
+ - snappy,daemon,snap/lightweight,cmd/snappy,docs/rest.md: expose
+ explicit channel selection to rest api
+ - interfaces,daemon: rename package holding built-in interfaces
+ - integration-tests: add the first classic dimension tests
+ - client,deaemon,docs: rename skills to interfaces on the wire
+ - asserts: add identity assertion type
+ - integration-tests: add the no_proxy env var
+ - debian: update build-depends for new package names
+ - oauth: fix oauth & quoting in the oauth_signature
+ - integration-tests: remove unused field
+ - integration-tests: add the http proxy argument
+ - interfaces,interfaces/types,deamon: mass internal rename to
+ interfaces
+ - client,cmd/snap: rename skills to interfaces (part 2)
+ - arch: fix missing mapping for powerpc
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 03 Mar 2016 11:00:19 +0100
+
+ubuntu-snappy (1.7.3+20160225ubuntu1) xenial; urgency=medium
+
+ - integration-tests: always use the built snapd when compiling
+ binaries from branch
+ - cmd/snap: rename skills to interfaces
+ - testutil,skills/types,skills,daemon: tweak discovery of know skill
+ types
+ - docs: add docs for arm64 cross building
+ - overlord: implement basic ReadState/WriteState
+ - overlord: implement Get/Set/Copy on State
+ - integration-tests: fix dd output check
+ - integration-tests: add fromBranch config field
+ - integration-tests: use cli pkg methods in hwAssignSuite
+ - debian: do not create the snappypkg user, we don't need it anymore
+ - arch: fix build failure on s390x
+ - classic: cleanup downloaded lxd tarball
+ - cmd/snap,client,integration-tests: rename snap subcmds
+ 'assert'=>'ack', 'asserts'=>'known'
+ - skills: fix broken tests builds
+ - skills,skills/types: pass slot to SlotSecuritySnippet()
+ - skills/types: teach bool-file about udev security
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 25 Feb 2016 16:17:19 +0100
+
+ubuntu-snappy (1.7.2+20160223ubuntu1) xenial; urgency=medium
+
+ * New git snapshot:
+ - asserts: introduce snap-declaration
+ - cmd/snap: fix integration tests for the "cmd_asserts"
+ - integration-tests: fix fanctl output check
+ - cmd/snap: fix test failure after merging 23a64e6
+ - cmd/snap: replace skip-help with empty description
+ - docs: update security.md to match current migration-skill
+ semantics
+ - snappy: treat commands with 'daemon' field as services
+ - asserts: use more consistent names for receivers in
+ snap_asserts*.go
+ - debian: add missing golang-websocket-dev build-dependency
+ - classic: if classic fails to get created, undo the bind mounts
+ - snappy: never return nil in NewLocalSnapRepository()
+ - notifications: A simple notification system
+ - snappy: when using staging, authenticate there instead
+ - integration-tests/snapd: fix the start of the test snapd socket
+ - skills/types: use CamelCase for security names
+ - skills: add support for implicit revoke
+ - skills: add security layer
+ - integration-tests: use exec.Command wrapper for updates
+ - cmd/snap: add 'snap skills'
+ - cms/snap: add 'snap revoke'
+ - docs: add docs for skills API
+ - cmd/snap: add 'snap grant'
+ - cmd/snappy, coreconfig, daemon, snappy: move config to always be
+ bytes (in and out)
+ - overlord: start with a skeleton and stubs for Overlord,
+ StateEngine, StateJournal and managers
+ - integration-tests: skip tests affected by LP: #1544507
+ - skills/types: add bool-file
+ - po: refresh translation templates
+ - cmd/snap: add 'snap experimental remove-skill-slot'
+ - asserts: introduce device assertion
+ - cmd/snap: implemented add, remove, purge, refresh, rollback,
+ activate, deactivate
+ - cmd/snap: add 'snap experimental add-skill-slot'
+ - cmd/snap: add 'snap experimental remove-skill'
+ - cmd/snap: add tests for common skills code
+ - cmd/snap: add 'snap experimental add-skill'
+ - asserts: make assertion checkers used by db.Check modular and
+ pluggable
+ - cmd,client,daemon,caps,docs,po: remove capabilities
+ - scripts: move the script to get dependencies to a separate file
+ - asserts: make the disk layout compatible for storing more than one
+ revision
+ - cmd/snap: make the assert command options exported
+ - integration-tests: Remove the target release and channel
+ - asserts: introduce model assertion
+ - integration-tests: add exec.Cmd wrapper
+ - cmd/snap: add client test support methods
+ - cmd/snap: move key=value attribute parsing to commmon
+ - cmd/snap: apply new style consistency to "snap" commands.
+ - cmd/snap: support redirecting the client for testing
+ - cmd/snap: support testing command output
+ - snappy,daemon: remove the meta repositories abstractions
+ - cmd: add support for experimental commands
+ - cmd/snappy,daemon,snap,snappy: remove SetActive from parts
+ - cmd/snappy,daemon,snappy,snap: remove config from parts interface
+ - client: improve test data
+ - cmd: allow to construct a fresh parser
+ - cmd: don't treat help as an error
+ - cmd/snappy,snappy: remove "Details" from the repository interface
+ - asserts: check that primary keys are set when
+ Decode()ing/assembling assertions
+ - snap,snappy: refactor to remove "Install" from the Part interface
+ - client,cmd: make client.New() configurable
+ - client: enable retrieving asynchronous operation information with
+ `Client.Operation`.
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Tue, 23 Feb 2016 11:28:18 +0100
+
+ubuntu-snappy (1.7.2+20160204ubuntu1) xenial; urgency=medium
+
+ * New git snapshot:
+ - integration-tests: fix the rollback error messages
+ - integration-test: use the common cli method when trying to install
+ an unexisting snap
+ - integration-tests: rename snap find test
+ - daemon: refactor makeErrorResponder()
+ - integration: add regression test for LP: #1541317
+ - integration-tests: reenable TestRollbackMustRebootToOtherVersion
+ - asserts: introduce "snap asserts" subcmd to show assertions in the
+ system db
+ - docs: fix parameter style
+ - daemon: use underscore in JSON interface
+ - client: add skills API
+ - asserts,docs/rest.md: change Encoder not to add extra newlines at
+ the end of the stream
+ - integration-tests: "snappy search" is no more, its "snap search"
+ now
+ - README, integration-tests/tests: chmod snapd.socket after manual
+ start.
+ - snappy: add default security profile if none is specified
+ - skills,daemon: add REST APIs for skills
+ - cmd/snap, cmd/snappy: move from `snappy search` to `snap find`.
+ - The first step towards REST world domination: search is now done
+ via
+ - debian: remove obsolete /etc/grub.d/09_snappy on upgrade
+ - skills: provide different security snippets for skill and slot
+ side
+ - osutil: make go vet happy again
+ - snappy,systemd: use Type field in systemd.ServiceDescription
+ - skills: add basic grant-revoke methods
+ - client,daemon,asserts: expose the ability to query assertions in
+ the system db
+ - skills: add basic methods for slot handling
+ - snappy,daemon,snap: move "Uninstall" into overlord
+ - snappy: move SnapFile.Install() into Overlord.Install()
+ - integration-tests: re-enable some failover tests
+ - client: remove snaps
+ - asserts: uniform searching across trusted (account keys) and main
+ backstore
+ - asserts: introduce Decoder to parse streams of assertions and
+ Encoder to build them
+ - client: filter snaps with a search query
+ - client: pass query as well as path in client internals
+ - skills: provide different security snippets for skill and slot
+ side
+ - snappy: refactor snapYaml to remove methods on snapYaml type
+ - snappy: remove unused variable from test
+ - skills: add basic methods for skill handing
+ - snappy: remove support for meta/package.yaml and implement new
+ meta/snap.yaml
+ - snappy: add new overlord type responsible for
+ Installed/Install/Uninstall/SetActive and stub it out
+ - skills: add basic methods for type handling
+ - daemon, snappy: add find (aka search)
+ - client: filter snaps by type
+ - skills: tweak valid names and error messages
+ - skills: add special skill type for testing
+ - cmd/snapd,daemon: filter snaps by type
+ - partition: remove obsolete uEnv.txt
+ - skills: add Type interface
+ - integration-tests: fix the bootloader path
+ - asserts: introduce a memory backed assertion backstore
+ - integration-tests: get name of OS snap from bootloader
+ - cmd/snapd,daemon: filter snaps by source
+ - asserts,daemon: bump some copyright years for things that have
+ been touched in the new year
+ - skills: add the initial Repository type
+ - skills: add a name validation function
+ - client: filter snaps by source
+ - snappy: unmount the squashfs snap again if it fails to install
+ - snap: make a copy of the search uri before mutating it
+ Closes: LP#1537005
+ - cmd/snap,client,daemon,asserts: introduce "assert " snap
+ subcommand
+ - cmd/snappy, snappy: fix failover handling of the "active"
+ kernel/os snap
+ - daemon, client, docs/rest.md, snapd integration tests: move to the
+ new error response
+ - asserts: change Backstore interface, backstores can now access
+ primary key names from types
+ - asserts: make AssertionType into a real struct exposing the
+ metadata Name and PrimaryKey
+ - caps: improve bool-file sanitization
+ - asserts: fixup toolbelt to use exposed key ID.
+ - client: return by reference rather than by value
+ - asserts: exported filesystem backstores + explicit backstores
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 04 Feb 2016 16:35:31 +0100
+
+ubuntu-snappy (1.7.2+20160113ubuntu1) xenial; urgency=medium
+
+ * New git snapshot
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Wed, 13 Jan 2016 11:25:40 +0100
+
+ubuntu-snappy (1.7.2ubuntu1) xenial; urgency=medium
+
+ * New upstream release:
+ - bin-path integration
+ - assertions/capability work
+ - fix squashfs based snap building
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Fri, 04 Dec 2015 08:46:35 +0100
+
+ubuntu-snappy (1.7.1ubuntu1) xenial; urgency=medium
+
+ * New upstream release:
+ - fix dependencies
+ - fix armhf builds
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Wed, 02 Dec 2015 07:46:07 +0100
+
+ubuntu-snappy (1.7ubuntu1) xenial; urgency=medium
+
+ * New upstream release:
+ - kernel/os snap support
+ - squashfs snap support
+ - initial capabilities work
+ - initial assertitions work
+ - rest API support
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Wed, 18 Nov 2015 19:59:51 +0100
+
+ubuntu-snappy (1.6ubuntu1) wily; urgency=medium
+
+ * New upstream release, including the following changes:
+ - Fix hwaccess for gpio (LP: #1493389, LP: #1488618)
+ - Fix handleAssets name normalization
+ - Run boot-ok job late (LP: #1476129)
+ - Add support for systemd socket files
+ - Add "snappy service" command
+ - Documentation improvements
+ - Many test improvements (unit and integration)
+ - Override sideload versions
+ - Go1.5 fixes
+ - Add i18n
+ - Add man-page
+ - Add .snapignore
+ - Run services that uses external ports only after the network is up
+ - Bufix in Synbootloader (LP: 1474125)
+ - Use uboot.env for boot state tracking
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Wed, 09 Sep 2015 14:20:22 +0200
+
+ubuntu-snappy (1.5ubuntu1) wily; urgency=medium
+
+ * New upstream release, including the following changes:
+ - Use O_TRUNC when copying files
+ - Added path redefinition to include test's binaries location
+ - Don't run update-grub, instead use grub.cfg from the oem
+ package
+ - Do network configuration from first boot
+ - zero size systemd of new partition made executable to
+ prevent unrecoverable boot failure
+ - Close downloaded files
+
+ -- Ricardo Salveti de Araujo <ricardo.salveti@canonical.com> Mon, 06 Jul 2015 15:14:37 -0300
+
+ubuntu-snappy (1.4ubuntu1) wily; urgency=medium
+
+ * New upstream release, including the following changes:
+ - Allow to run the integration tests using snappy from branch
+ - Add CopyFileOverwrite flag and behaviour to helpers.CopyFile
+ - add a bunch of missing i18n.G() now that we have gettext
+ - Generate only the translators comments that start with
+ TRANSLATORS
+ - Try both clickpkg and snappypkg when dropping privs
+
+ -- Ricardo Salveti de Araujo <ricardo.salveti@canonical.com> Thu, 02 Jul 2015 16:21:53 -0300
+
+ubuntu-snappy (1.3ubuntu1) wily; urgency=medium
+
+ * New upstream release, including the following changes:
+ - gettext support
+ - use snappypkg user for the installed snaps
+ - switch to system-image-3.x as the system-image backend
+ - more reliable developer mode detection
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Wed, 01 Jul 2015 10:37:05 +0200
+
+ubuntu-snappy (1.2-0ubuntu1) wily; urgency=medium
+
+ * New upstream release, including the following changes:
+ - Consider the root directory when installing and removing policies
+ - In the uboot TestHandleAssetsNoHardwareYaml, patch the cache dir
+ before creating the partition type
+ - In the PartitionTestSuite, remove the unnecessary patches for
+ defaultCacheDir
+ - Fix the help output of "snappy install -h"
+
+ -- Ricardo Salveti de Araujo <ricardo.salveti@canonical.com> Wed, 17 Jun 2015 11:42:47 -0300
+
+ubuntu-snappy (1.1.2-0ubuntu1) wily; urgency=medium
+
+ * New upstream release, including the following changes:
+ - Remove compatibility for click-bin-path in generated exec-wrappers
+ - Release the readme.md after parsing it
+
+ -- Ricardo Salveti de Araujo <ricardo.salveti@canonical.com> Thu, 11 Jun 2015 23:42:49 -0300
+
+ubuntu-snappy (1.1.1-0ubuntu1) wily; urgency=medium
+
+ * New upstream release, including the following changes:
+ - Set all app services to restart on failure
+ - Fixes the missing oauth quoting and makes the code a bit nicer
+ - Added integrate() to set Integration to default values needed for
+ integration
+ - Moved setActivateClick to be a method of SnapPart
+ - Make unsetActiveClick a method of SnapPart
+ - Check the package.yaml for the required fields
+ - Integrate lp:snappy/selftest branch into snappy itself
+ - API to record information about the image and to check if the kernel was
+ sideloaded.
+ - Factor out update from cmd
+ - Continue updating when a sideload error is returned
+
+ -- Ricardo Salveti de Araujo <ricardo.salveti@canonical.com> Wed, 10 Jun 2015 15:54:12 -0300
+
+ubuntu-snappy (1.1-0ubuntu1) wily; urgency=low
+
+ * New wily upload with fix for go 1.4 syscall.Setgid() breakage
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Tue, 09 Jun 2015 10:02:04 +0200
+
+ubuntu-snappy (1.0.1-0ubuntu1) vivid; urgency=low
+
+ * fix symlink unpacking
+ * fix typo in apparmor rules generation
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 23 Apr 2015 16:09:56 +0200
+
+ubuntu-snappy (1.0-0ubuntu1) vivid; urgency=low
+
+ * 15.04 archive upload
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 23 Apr 2015 11:08:22 +0200
+
+ubuntu-snappy (0.1.2-0ubuntu1) vivid; urgency=medium
+
+ * initial ubuntu archive upload
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Mon, 13 Apr 2015 22:48:13 -0500
+
+ubuntu-snappy (0.1.1-0ubuntu1) vivid; urgency=low
+
+ * new snapshot
+
+ -- Michael Vogt <michael.vogt@ubuntu.com> Thu, 12 Feb 2015 13:51:22 +0100
+
+ubuntu-snappy (0.1-0ubuntu1) vivid; urgency=medium
+
+ * Initial packaging
+
+ -- Sergio Schvezov <sergio.schvezov@canonical.com> Fri, 06 Feb 2015 02:25:43 -0200
projects / snapd.git / commitdiff