[ubuntu/jammy-proposed] snapd 2.71+ubuntu22.04 (Accepted)
Ernest Lotter
ernest.lotter at canonical.com
Thu Sep 11 22:00:46 UTC 2025
snapd (2.71+ubuntu22.04) jammy; urgency=medium
* New upstream release, LP: #2118396
- FDE: auto-repair when recovery key is used
- FDE: revoke keys on shim update
- FDE: revoke old TPM keys when dbx has been updated
- FDE: do not reseal FDE hook keys every time
- FDE: store keys in the kernel keyring when installing from initrd
- FDE: allow disabled DMA on Core
- FDE: snap-bootstrap: do not check for partition in scan-disk on
CVM
- FDE: support secboot preinstall check for 25.10+ hybrid installs
via the /v2/system/{label} endpoint
- FDE: support generating recovery key at install time via the
/v2/systems/{label} endpoint
- FDE: update passphrase quality check at install time via the
/v2/systems/{label} endpoint
- FDE: support replacing recovery key at runtime via the new
/v2/system-volumes endpoint
- FDE: support checking recovery keys at runtime via the /v2/system-
volumes endpoint
- FDE: support enumerating keyslots at runtime via the /v2/system-
volumes endpoint
- FDE: support changing passphrase at runtime via the /v2/system-
volumes endpoint
- FDE: support passphrase quality check at runtime via the
/v2/system-volumes endpoint
- FDE: update secboot to revision 3e181c8edf0f
- Confdb: support lists and indexed paths on read and write
- Confdb: alias references must be wrapped in brackets
- Confdb: support indexed paths in confdb-schema assertion
- Confdb: make API errors consistent with options
- Confdb: fetch confdb-schema assertion on access
- Confdb: prevent --previous from being used in read-side hooks
- Components: fix snap command with multiple components
- Components: set revision of seed components to x1
- Components: unmount extra kernel-modules components mounts
- AppArmor Prompting: add lifespan "session" for prompting rules
- AppArmor Prompting: support restoring prompts after snapd restart
- AppArmor Prompting: limit the extra information included in probed
AppArmor features and system key
- Notices: refactor notice state internals
- SELinux: look for restorecon/matchpathcon at all known locations
rather than current PATH
- SELinux: update policy to allow watching cgroups (for RAA), and
talking to user session agents (service mgmt/refresh)
- Refresh App Awareness: Fix unexpected inotify file descriptor
cleanup
- snap-confine: workaround for glibc fchmodat() fallback and handle
ENOSYS
- snap-confine: add support for host policy for limiting users able
to run snaps
- LP: #2114923 Reject system key mismatch advise when not yet seeded
- Use separate lanes for essential and non-essential snaps during
seeding and allow non-essential installs to retry
- Fix bug preventing remodel from core18 to core18 when snapd snap
is unchanged
- LP: #2112551 Make removal of last active revision of a snap equal
to snap remove
- LP: #2114779 Allow non-gpt in fallback mode to support RPi
- Switch from using systemd LogNamespace to manually controlled
journal quotas
- Change snap command trace logging to only log the command names
- Grant desktop-launch access to /v2/snaps
- Update code for creating the snap journal stream
- Switch from using core to snapd snap for snap debug connectivity
- LP: #2112544 Fix offline remodel case where we switched to a
channel without an actual refresh
- LP: #2112332 Exclude snap/snapd/preseeding when generating preseed
tarball
- LP: #1952500 Fix snap command progress reporting
- LP: #1849346 Interfaces: kerberos-tickets | add new interface
- Interfaces: u2f | add support for Thetis Pro
- Interfaces: u2f | add OneSpan device and fix older device
- Interfaces: pipewire, audio-playback | support pipewire as system
daemon
- Interfaces: gpg-keys | allow access to GPG agent sockets
- Interfaces: usb-gadget | add new interface
- Interfaces: snap-fde-control, firmware-updater-support | add new
interfaces to support FDE
- Interfaces: timezone-control | extend to support timedatectl
varlink
- Interfaces: cpu-control | fix rules for accessing IRQ sysfs and
procfs directories
- Interfaces: microstack-support | allow SR-IOV attachments
- Interfaces: modify AppArmor template to allow snaps to read their
own systemd credentials
- Interfaces: posix-mq | allow stat on /dev/mqueue
- LP: #2098780 Interfaces: log-observe | add capability
dac_read_search
- Interfaces: block-devices | allow access to ZFS pools and datasets
- LP: #2033883 Interfaces: block-devices | opt-in access to
individual partitions
- Interfaces: accel | add new interface to support accel kernel
subsystem
- Interfaces: shutdown | allow client to bind on its side of dbus
socket
- Interfaces: modify seccomp template to allow pwritev2
- Interfaces: modify AppArmor template to allow reading
/proc/sys/fs/nr_open
- Packaging: drop snap.failure service for openSUSE
- Packaging: add SELinux support for openSUSE
- Packaging: disable optee when using nooptee build tag
- Packaging: add support for static PIE builds in snapd.mk, drop
pie.patch from openSUSE
- Packaging: add libcap2-bin runtime dependency for ubuntu-16.04
- Packaging: use snapd.mk for packaging on Fedora
- Packaging: exclude .git directory
- Packaging: fix DPKG_PARSECHANGELOG assignment
- Packaging: fix building on Fedora with dpkg installed
snapd (2.70+ubuntu22.04) jammy; urgency=medium
- FDE: Fix reseal with v1 hook key format
- FDE: set role in TPM keys
- AppArmor prompting (experimental): add handling for expired
requests or listener in the kernel
- AppArmor prompting: log the notification protocol version
negotiated with the kernel
- AppArmor prompting: implement notification protocol v5 (manually
disabled for now)
- AppArmor prompting: register listener ID with the kernel and
resend notifications after snapd restart (requires protocol v5+)
- AppArmor prompting: select interface from metadata tags and set
request interface accordingly (requires protocol v5+)
- AppArmor prompting: include request PID in prompt
- AppArmor prompting: move the max prompt ID file to a subdirectory
of the snap run directory
- AppArmor prompting: avoid race between closing/reading socket fd
- Confdb (experimental): make save/load hooks mandatory if affecting
ephemeral
- Confdb: clear tx state on failed load
- Confdb: modify 'snap sign' formats JSON in assertion bodies (e.g.
confdb-schema)
- Confdb: add NestedEphemeral to confdb schemas
- Confdb: add early concurrency checks
- Simplify building Arch package
- Enable snapd.apparmor on Fedora
- Build snapd snap with libselinux
- Emit snapd.apparmor warning only when using apparmor backend
- When running snap, on system key mismatch e.g. due to network
attached HOME, trigger and wait for a security profiles
regeneration
- Avoid requiring state lock to get user, warnings, or pending
restarts when handling API requests
- Start/stop ssh.socket for core24+ when enabling/disabling the ssh
service
- Allow providing a different base when overriding snap
- Modify snap-bootstrap to mount snapd snap directly to /snap
- Modify snap-bootstrap to mount /lib/{modules,firmware} from snap
as fallback
- Modify core-initrd to use systemctl reboot instead of /sbin/reboot
- Copy the initramfs 'manifest-initramfs.yaml' to initramfs file
creation directory so it can be copied to the kernel snap
- Build the early initrd from installed ucode packages
- Create drivers tree when remodeling from UC20/22 to UC24
- Load gpio-aggregator module before the helper-service needs it
- Run 'systemctl start' for mount units to ensure they are run also
when unchanged
- Update godbus version to 'v5 v5.1.0'
- Add support for POST to /v2/system-info with system-key-mismatch
indication from the client
- Add 'snap sign --update-timestamp' flag to update timestamp before
signing
- Add vfs support for snap-update-ns to use to simulate and evaluate
mount sequences
- Add refresh app awareness debug logging
- Add snap-bootstrap scan-disk subcommand to be called from udev
- Add feature to inject proxy store assertions in build image
- Add OP-TEE bindings, enable by default in ARM and ARM64 builds
- Fix systemd dependency options target to go under 'unit' section
- Fix snap-bootstrap reading kernel snap instead of base resulting
in bad modeenv
- Fix a regression during seeding when using early-config
- LP: #2107443 reset SHELL to /bin/bash in non-classic snaps
- Make Azure kernels reboot upon panic
- Fix snap-confine to not drop capabilities if the original user is
already root
- Fix data race when stopping services
- Fix task dependency issue by temporarily disable re-refresh on
prerequisite updates
- Fix compiling against op-tee on armhf
- Fix dbx update when not using FDE
- Fix potential validation set deadlock due to bases waiting on
snaps
- LP: #2104066 Only cancel notices requests on stop/shutdown
- Interfaces: bool-file | fix gpio glob pattern as required for
'[XXXX]*' format
- Interfaces: system-packages-doc | allow access to
/usr/local/share/doc
- Interfaces: ros-snapd-support interface | added new interface
- Interfaces: udisks2 | allow chown capability
- Interfaces: system-observe | allow reading cpu.max
- Interfaces: serial-port | add ttyMAXX to allowed list
- Interfaces: modified seccomp template to disallow
'O_NOTIFICATION_PIPE'
- Interfaces: fwupd | add support for modem-manager plugin
- Interfaces: gpio-chardev | make unsupported and remove
experimental flag to hide this feature until gpio-aggregator is
available
- Interfaces: hardware-random | fix udev match rule
- Interfaces: timeserver-control | extend to allow timedatectl
timesync commands
- Interfaces: add symlinks backend
- Interfaces: system key mismatch handling
snapd (2.69+ubuntu22.04) jammy; urgency=medium
- FDE: re-factor listing of the disks based on run mode model and
model to correctly resolve paths
- FDE: run snapd from snap-failure with the correct keyring mode
- Snap components: allow remodeling back to an old snap revision
that includes components
- Snap components: fix remodel to a kernel snap that is already
installed on the system, but not the current kernel due to a
previous remodel.
- Snap components: fix for snapctl inputs that can crash snapd
- Confdb (experimental): load ephemeral data when reading data via
snapctl get
- Confdb (experimental): load ephemeral data when reading data via
snap get
- Confdb (experimental): rename {plug}-view-changed hook to observe-
view-{plug}
- Confdb (experimental): rename confdb assertion to confdb-schema
- Confdb (experimental): change operator grouping in confdb-control
assertion
- Confdb (experimental): add confdb-control API
- AppArmor: extend the probed features to include the presence of
files, as well as directories
- AppArmor prompting (experimental): simplify the listener
- AppArmor metadata tagging (disabled): probe parser support for
tags
- AppArmor metadata tagging (disabled): implement notification
protocol v5
- Confidential VMs: sysroot.mount is now dynamically created by
snap-bootstrap instead of being a static file in the initramfs
- Confidential VMs: Add new implementation of snap integrity API
- Non-suid snap-confine: first phase to replace snap-confine suid
with capabilities to achieve the required permissions
- Initial changes for dynamic security profiles updates
- Provide snap icon fallback for /v2/icons without requiring network
access at runtime
- Add eMMC gadget update support
- Support reexec when using /usr/libexec/snapd on the host (Arch
Linux, openSUSE)
- Auto detect snap mount dir location on unknown distributions
- Modify snap-confine AppArmor template to allow all glibc HWCAPS
subdirectories to prevent launch errors
- LP: #2102456 update secboot to bf2f40ea35c4 and modify snap-
bootstrap to remove usage of go templates to reduce size by 4MB
- Fix snap-bootstrap to mount kernel snap from
/sysroot/writable/system-data
- LP: #2106121 fix snap-bootstrap busy loop
- Fix encoding of time.Time by using omitzero instead of omitempty
(on go 1.24+)
- Fix setting snapd permissions through permctl for openSUSE
- Fix snap struct json tags typo
- Fix snap pack configure hook permissions check incorrect file mode
- Fix gadget snap reinstall to honor existing sizes of partitions
- Fix to update command line when re-executing a snapd tool
- Fix 'snap validate' of specific missing newline and add error on
missed case of 'snap validate --refresh' without another action
- Workaround for snapd-confine time_t size differences between
architectures
- Disallow pack and install of snapd, base and os with specific
configure hooks
- Drop udev build dependency that is no longer required and add
missing systemd-dev dependency
- Build snap-bootstrap with nomanagers tag to decrease size by 1MB
- Interfaces: polkit | support custom polkit rules
- Interfaces: opengl | LP: #2088456 fix GLX on nvidia when xorg is
confined by AppArmor
- Interfaces: log-observe | add missing udev rule
- Interfaces: hostname-control | fix call to hostnamectl in core24
- Interfaces: network-control | allow removing created network
namespaces
- Interfaces: scsi-generic | re-enable base declaration for scsi-
generic plug
- Interfaces: u2f | add support for Arculus AuthentiKey
Date: Fri, 25 Jul 2025 13:18:47 +0200
Changed-By: Ernest Lotter <ernest.lotter at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Julian Andres Klode <julian.klode at canonical.com>
https://launchpad.net/ubuntu/+source/snapd/2.71+ubuntu22.04
-------------- next part --------------
Format: 1.8
Date: Fri, 25 Jul 2025 13:18:47 +0200
Source: snapd
Built-For-Profiles: noudeb
Architecture: source
Version: 2.71+ubuntu22.04
Distribution: jammy
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Ernest Lotter <ernest.lotter at canonical.com>
Launchpad-Bugs-Fixed: 1849346 1952500 2033883 2088456 2098780 2102456 2104066 2106121 2107443 2112332 2112544 2112551 2114779 2114923 2118396
Changes:
snapd (2.71+ubuntu22.04) jammy; urgency=medium
.
* New upstream release, LP: #2118396
- FDE: auto-repair when recovery key is used
- FDE: revoke keys on shim update
- FDE: revoke old TPM keys when dbx has been updated
- FDE: do not reseal FDE hook keys every time
- FDE: store keys in the kernel keyring when installing from initrd
- FDE: allow disabled DMA on Core
- FDE: snap-bootstrap: do not check for partition in scan-disk on
CVM
- FDE: support secboot preinstall check for 25.10+ hybrid installs
via the /v2/system/{label} endpoint
- FDE: support generating recovery key at install time via the
/v2/systems/{label} endpoint
- FDE: update passphrase quality check at install time via the
/v2/systems/{label} endpoint
- FDE: support replacing recovery key at runtime via the new
/v2/system-volumes endpoint
- FDE: support checking recovery keys at runtime via the /v2/system-
volumes endpoint
- FDE: support enumerating keyslots at runtime via the /v2/system-
volumes endpoint
- FDE: support changing passphrase at runtime via the /v2/system-
volumes endpoint
- FDE: support passphrase quality check at runtime via the
/v2/system-volumes endpoint
- FDE: update secboot to revision 3e181c8edf0f
- Confdb: support lists and indexed paths on read and write
- Confdb: alias references must be wrapped in brackets
- Confdb: support indexed paths in confdb-schema assertion
- Confdb: make API errors consistent with options
- Confdb: fetch confdb-schema assertion on access
- Confdb: prevent --previous from being used in read-side hooks
- Components: fix snap command with multiple components
- Components: set revision of seed components to x1
- Components: unmount extra kernel-modules components mounts
- AppArmor Prompting: add lifespan "session" for prompting rules
- AppArmor Prompting: support restoring prompts after snapd restart
- AppArmor Prompting: limit the extra information included in probed
AppArmor features and system key
- Notices: refactor notice state internals
- SELinux: look for restorecon/matchpathcon at all known locations
rather than current PATH
- SELinux: update policy to allow watching cgroups (for RAA), and
talking to user session agents (service mgmt/refresh)
- Refresh App Awareness: Fix unexpected inotify file descriptor
cleanup
- snap-confine: workaround for glibc fchmodat() fallback and handle
ENOSYS
- snap-confine: add support for host policy for limiting users able
to run snaps
- LP: #2114923 Reject system key mismatch advise when not yet seeded
- Use separate lanes for essential and non-essential snaps during
seeding and allow non-essential installs to retry
- Fix bug preventing remodel from core18 to core18 when snapd snap
is unchanged
- LP: #2112551 Make removal of last active revision of a snap equal
to snap remove
- LP: #2114779 Allow non-gpt in fallback mode to support RPi
- Switch from using systemd LogNamespace to manually controlled
journal quotas
- Change snap command trace logging to only log the command names
- Grant desktop-launch access to /v2/snaps
- Update code for creating the snap journal stream
- Switch from using core to snapd snap for snap debug connectivity
- LP: #2112544 Fix offline remodel case where we switched to a
channel without an actual refresh
- LP: #2112332 Exclude snap/snapd/preseeding when generating preseed
tarball
- LP: #1952500 Fix snap command progress reporting
- LP: #1849346 Interfaces: kerberos-tickets | add new interface
- Interfaces: u2f | add support for Thetis Pro
- Interfaces: u2f | add OneSpan device and fix older device
- Interfaces: pipewire, audio-playback | support pipewire as system
daemon
- Interfaces: gpg-keys | allow access to GPG agent sockets
- Interfaces: usb-gadget | add new interface
- Interfaces: snap-fde-control, firmware-updater-support | add new
interfaces to support FDE
- Interfaces: timezone-control | extend to support timedatectl
varlink
- Interfaces: cpu-control | fix rules for accessing IRQ sysfs and
procfs directories
- Interfaces: microstack-support | allow SR-IOV attachments
- Interfaces: modify AppArmor template to allow snaps to read their
own systemd credentials
- Interfaces: posix-mq | allow stat on /dev/mqueue
- LP: #2098780 Interfaces: log-observe | add capability
dac_read_search
- Interfaces: block-devices | allow access to ZFS pools and datasets
- LP: #2033883 Interfaces: block-devices | opt-in access to
individual partitions
- Interfaces: accel | add new interface to support accel kernel
subsystem
- Interfaces: shutdown | allow client to bind on its side of dbus
socket
- Interfaces: modify seccomp template to allow pwritev2
- Interfaces: modify AppArmor template to allow reading
/proc/sys/fs/nr_open
- Packaging: drop snap.failure service for openSUSE
- Packaging: add SELinux support for openSUSE
- Packaging: disable optee when using nooptee build tag
- Packaging: add support for static PIE builds in snapd.mk, drop
pie.patch from openSUSE
- Packaging: add libcap2-bin runtime dependency for ubuntu-16.04
- Packaging: use snapd.mk for packaging on Fedora
- Packaging: exclude .git directory
- Packaging: fix DPKG_PARSECHANGELOG assignment
- Packaging: fix building on Fedora with dpkg installed
.
snapd (2.70+ubuntu22.04) jammy; urgency=medium
.
- FDE: Fix reseal with v1 hook key format
- FDE: set role in TPM keys
- AppArmor prompting (experimental): add handling for expired
requests or listener in the kernel
- AppArmor prompting: log the notification protocol version
negotiated with the kernel
- AppArmor prompting: implement notification protocol v5 (manually
disabled for now)
- AppArmor prompting: register listener ID with the kernel and
resend notifications after snapd restart (requires protocol v5+)
- AppArmor prompting: select interface from metadata tags and set
request interface accordingly (requires protocol v5+)
- AppArmor prompting: include request PID in prompt
- AppArmor prompting: move the max prompt ID file to a subdirectory
of the snap run directory
- AppArmor prompting: avoid race between closing/reading socket fd
- Confdb (experimental): make save/load hooks mandatory if affecting
ephemeral
- Confdb: clear tx state on failed load
- Confdb: modify 'snap sign' formats JSON in assertion bodies (e.g.
confdb-schema)
- Confdb: add NestedEphemeral to confdb schemas
- Confdb: add early concurrency checks
- Simplify building Arch package
- Enable snapd.apparmor on Fedora
- Build snapd snap with libselinux
- Emit snapd.apparmor warning only when using apparmor backend
- When running snap, on system key mismatch e.g. due to network
attached HOME, trigger and wait for a security profiles
regeneration
- Avoid requiring state lock to get user, warnings, or pending
restarts when handling API requests
- Start/stop ssh.socket for core24+ when enabling/disabling the ssh
service
- Allow providing a different base when overriding snap
- Modify snap-bootstrap to mount snapd snap directly to /snap
- Modify snap-bootstrap to mount /lib/{modules,firmware} from snap
as fallback
- Modify core-initrd to use systemctl reboot instead of /sbin/reboot
- Copy the initramfs 'manifest-initramfs.yaml' to initramfs file
creation directory so it can be copied to the kernel snap
- Build the early initrd from installed ucode packages
- Create drivers tree when remodeling from UC20/22 to UC24
- Load gpio-aggregator module before the helper-service needs it
- Run 'systemctl start' for mount units to ensure they are run also
when unchanged
- Update godbus version to 'v5 v5.1.0'
- Add support for POST to /v2/system-info with system-key-mismatch
indication from the client
- Add 'snap sign --update-timestamp' flag to update timestamp before
signing
- Add vfs support for snap-update-ns to use to simulate and evaluate
mount sequences
- Add refresh app awareness debug logging
- Add snap-bootstrap scan-disk subcommand to be called from udev
- Add feature to inject proxy store assertions in build image
- Add OP-TEE bindings, enable by default in ARM and ARM64 builds
- Fix systemd dependency options target to go under 'unit' section
- Fix snap-bootstrap reading kernel snap instead of base resulting
in bad modeenv
- Fix a regression during seeding when using early-config
- LP: #2107443 reset SHELL to /bin/bash in non-classic snaps
- Make Azure kernels reboot upon panic
- Fix snap-confine to not drop capabilities if the original user is
already root
- Fix data race when stopping services
- Fix task dependency issue by temporarily disable re-refresh on
prerequisite updates
- Fix compiling against op-tee on armhf
- Fix dbx update when not using FDE
- Fix potential validation set deadlock due to bases waiting on
snaps
- LP: #2104066 Only cancel notices requests on stop/shutdown
- Interfaces: bool-file | fix gpio glob pattern as required for
'[XXXX]*' format
- Interfaces: system-packages-doc | allow access to
/usr/local/share/doc
- Interfaces: ros-snapd-support interface | added new interface
- Interfaces: udisks2 | allow chown capability
- Interfaces: system-observe | allow reading cpu.max
- Interfaces: serial-port | add ttyMAXX to allowed list
- Interfaces: modified seccomp template to disallow
'O_NOTIFICATION_PIPE'
- Interfaces: fwupd | add support for modem-manager plugin
- Interfaces: gpio-chardev | make unsupported and remove
experimental flag to hide this feature until gpio-aggregator is
available
- Interfaces: hardware-random | fix udev match rule
- Interfaces: timeserver-control | extend to allow timedatectl
timesync commands
- Interfaces: add symlinks backend
- Interfaces: system key mismatch handling
.
snapd (2.69+ubuntu22.04) jammy; urgency=medium
.
- FDE: re-factor listing of the disks based on run mode model and
model to correctly resolve paths
- FDE: run snapd from snap-failure with the correct keyring mode
- Snap components: allow remodeling back to an old snap revision
that includes components
- Snap components: fix remodel to a kernel snap that is already
installed on the system, but not the current kernel due to a
previous remodel.
- Snap components: fix for snapctl inputs that can crash snapd
- Confdb (experimental): load ephemeral data when reading data via
snapctl get
- Confdb (experimental): load ephemeral data when reading data via
snap get
- Confdb (experimental): rename {plug}-view-changed hook to observe-
view-{plug}
- Confdb (experimental): rename confdb assertion to confdb-schema
- Confdb (experimental): change operator grouping in confdb-control
assertion
- Confdb (experimental): add confdb-control API
- AppArmor: extend the probed features to include the presence of
files, as well as directories
- AppArmor prompting (experimental): simplify the listener
- AppArmor metadata tagging (disabled): probe parser support for
tags
- AppArmor metadata tagging (disabled): implement notification
protocol v5
- Confidential VMs: sysroot.mount is now dynamically created by
snap-bootstrap instead of being a static file in the initramfs
- Confidential VMs: Add new implementation of snap integrity API
- Non-suid snap-confine: first phase to replace snap-confine suid
with capabilities to achieve the required permissions
- Initial changes for dynamic security profiles updates
- Provide snap icon fallback for /v2/icons without requiring network
access at runtime
- Add eMMC gadget update support
- Support reexec when using /usr/libexec/snapd on the host (Arch
Linux, openSUSE)
- Auto detect snap mount dir location on unknown distributions
- Modify snap-confine AppArmor template to allow all glibc HWCAPS
subdirectories to prevent launch errors
- LP: #2102456 update secboot to bf2f40ea35c4 and modify snap-
bootstrap to remove usage of go templates to reduce size by 4MB
- Fix snap-bootstrap to mount kernel snap from
/sysroot/writable/system-data
- LP: #2106121 fix snap-bootstrap busy loop
- Fix encoding of time.Time by using omitzero instead of omitempty
(on go 1.24+)
- Fix setting snapd permissions through permctl for openSUSE
- Fix snap struct json tags typo
- Fix snap pack configure hook permissions check incorrect file mode
- Fix gadget snap reinstall to honor existing sizes of partitions
- Fix to update command line when re-executing a snapd tool
- Fix 'snap validate' of specific missing newline and add error on
missed case of 'snap validate --refresh' without another action
- Workaround for snapd-confine time_t size differences between
architectures
- Disallow pack and install of snapd, base and os with specific
configure hooks
- Drop udev build dependency that is no longer required and add
missing systemd-dev dependency
- Build snap-bootstrap with nomanagers tag to decrease size by 1MB
- Interfaces: polkit | support custom polkit rules
- Interfaces: opengl | LP: #2088456 fix GLX on nvidia when xorg is
confined by AppArmor
- Interfaces: log-observe | add missing udev rule
- Interfaces: hostname-control | fix call to hostnamectl in core24
- Interfaces: network-control | allow removing created network
namespaces
- Interfaces: scsi-generic | re-enable base declaration for scsi-
generic plug
- Interfaces: u2f | add support for Arculus AuthentiKey
Checksums-Sha1:
1c46285564e5c17570b8e5758682c3ea0ee78180 3060 snapd_2.71+ubuntu22.04.dsc
c4ac1d5a49d8bd6a646b7ffc6790edae0ca9e269 11080680 snapd_2.71+ubuntu22.04.tar.xz
f9a60d1c88ef1dc50be46717810dad30363b6dad 16043 snapd_2.71+ubuntu22.04_source.buildinfo
Checksums-Sha256:
54b502ea00703261b95f3f2bc752a8c0883db0116829aa390c9ac81ab6bf9e76 3060 snapd_2.71+ubuntu22.04.dsc
0ce9405e7475a1f2aadec7008c392f69ca665586a3ce5d906dff68949cb718b7 11080680 snapd_2.71+ubuntu22.04.tar.xz
b0440e1ab3f2b349be05375675568956d12893138c032d930ca5a924b26684dc 16043 snapd_2.71+ubuntu22.04_source.buildinfo
Files:
be6eaf54fc22997e5d07fdc1eeae8e8a 3060 devel optional snapd_2.71+ubuntu22.04.dsc
ec61a9aadacd4728a86bf5a340faf161 11080680 devel optional snapd_2.71+ubuntu22.04.tar.xz
86fc387a5f6249836f0285a507851852 16043 devel optional snapd_2.71+ubuntu22.04_source.buildinfo
More information about the jammy-changes
mailing list