snapcraft 2.27 has been released
Joseph Rushton Wakeling
joseph.wakeling at webdrake.net
Sat Feb 18 00:12:46 UTC 2017
On 17/02/17 13:49, Sergio Schvezov wrote:
> ## classic confinement
>
> Improvements have been made to the experimental `classic` confinement build setup to be more robust and reliable. These improvements allow to build `classic` confined snaps that work across a wider set of OS releases (particularly those with differing glibc versions). An early adopter of this work is *conjure-up* which now sports Trusty Tahr support. Learn more about conjure-up by visiting http://conjure-up.io/
I have good news and bad news here.
The good news is that `snapcraft cleanbuild` now seems to work with classic
snaps (presumably you knew this already;-).
The bad news is that running the snapped applications seems to run into trouble.
I'm presuming this is a snapcraft issue rather than snapd since
already-installed classic snaps built with snapcraft 2.26 seem fine.
Specifically, given the snap defined in this branch:
https://github.com/WebDrake/dub.snap/pull/5
... it builds fine (with or without `cleanbuild`), and installs fine, but when I
try to run even something simple like
dub --version
... then the command hangs. Watching `top` sees CPU jump to 100%, alternating
between dub, snap-exec and snap-confine.
Running `snappy-debug.security scanlog` reveals the following after the `dub`
command is invoked:
= AppArmor =
Time: Feb 18 01:07:30
Log: apparmor="DENIED" operation="file_inherit"
profile="/usr/lib/snapd/snap-confine" name="/dev/tty" pid=7488
comm="snap-confine" requested_mask="wr" denied_mask="wr" fsuid=1000 ouid=0
File: /dev/tty (write)
Suggestion:
* add 'serial-port (with gadget or core support)' to 'plugs'
... while the `dub --version` command outputs to console:
runtime/cgo: pthread_create failed: Resource temporarily unavailable
runtime/cgo: runtime/cgo: runtime/cgo: runtime/cgo: pthread_create failed:
Resource temporarily unavailableruntime/cgo: runtime/cgo: pthread_create failed:
Resource temporarily unavailable
runtime/cgo: runtime/cgo: pthread_create failed: Resource temporarily unavailable
runtime/cgo: pthread_create failed: Resource temporarily unavailable
runtime/cgo: pthread_create failed: Resource temporarily unavailable
runtime/cgo: pthread_create failed: Resource temporarily unavailable
runtime/cgo: pthread_create failed: Resource temporarily unavailable
runtime/cgo: pthread_create failed: Resource temporarily unavailable
... repeating seemingly endlessly.
Note the above results whether or not the snap was built using `cleanbuild`.
Possibly relatedly, while running `snapcraft cleanbuild` to build this snap, the
following shows up in the scanlog:
= AppArmor =
Time: Feb 18 00:59:46
Log: apparmor="DENIED" operation="file_perm"
namespace="root//lxd-snapcraft-truly-ace-amoeba_<var-lib-lxd>"
profile="/sbin/dhclient" name="/apparmor/.null" pid=30305 comm="dhclient"
requested_mask="w" denied_mask="w" fsuid=165536 ouid=0
File: /apparmor/.null (write)
Suggestion:
* adjust program to write to $SNAP_DATA, $SNAP_COMMON, $SNAP_USER_DATA or
$SNAP_USER_COMMON
= AppArmor =
Time: Feb 18 00:59:46
Log: apparmor="DENIED" operation="file_perm"
namespace="root//lxd-snapcraft-truly-ace-amoeba_<var-lib-lxd>"
profile="/sbin/dhclient" name="/apparmor/.null" pid=30305 comm="dhclient"
requested_mask="w" denied_mask="w" fsuid=165536 ouid=0
File: /apparmor/.null (write)
Suggestion:
* adjust program to write to $SNAP_DATA, $SNAP_COMMON, $SNAP_USER_DATA or
$SNAP_USER_COMMON
Any ideas what's up here?
Thanks & best wishes,
-- Joe
More information about the Snapcraft
mailing list