[Bug 2059730] Re: Focal 5.15 kernel apparmor mismatch missing snap_validate_preseed functionality in livecd-rootfs

Fri Apr 5 15:37:40 UTC 2024

Verified Focal:

This exact proposed version of livecd-rootfs has been used in cloud
image build for many weeks now and has met all of the steps listed in
the test plan.

GCE daily minimal image daily-ubuntu-minimal-2004-focal-v20240405``
being one such image with snaps and built using this version of livecd-
rootfs.

Steps:

1. Launch `daily-ubuntu-minimal-2004-focal-v20240405` from project
`ubuntu-os-cloud-devel` in GCE

```
gcloud compute instances create $(petname) --zone=europe-west1-d --image=daily-ubuntu-minimal-2004-focal-v20240405 --image-project=ubuntu-os-cloud-devel
```

4. logged in and ran `sudo snap debug seeding`

```
ubuntu at usable-mullet:~$ sudo snap debug seeding
seeded: true
preseeded: true
image-preseeding: 5.744s
seed-completion: 3.278s
```

5. and just to double check, yes there are snaps

```
ubuntu at usable-mullet:~$ snap list
Name Version Rev Tracking Publisher Notes
core20 20240111 2182 latest/stable canonical✓ base
google-cloud-cli 471.0.0 229 latest/stable/… google-cloud-sdk✓ classic
snapd 2.61.2 21184 latest/stable canonical✓ snapd
```

** Tags removed: verification-needed-focal
** Tags added: verification-done-focal

-- 
You received this bug notification because you are a member of Ubuntu
Sponsors, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2059730

Title:
  Focal 5.15 kernel apparmor mismatch missing snap_validate_preseed
  functionality in livecd-rootfs

Status in livecd-rootfs package in Ubuntu:
  New
Status in livecd-rootfs source package in Focal:
  Fix Committed

Bug description:
  kernel bug

  https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2045384

  introduced an apparmor change to the 5.15. This rolled down to the
  Focal HWE 5.15 kernel, causing failures to properly snap seed

  The original functionality was added into ubuntu/master and
  ubuntu/jammy with this bug:

  https://bugs.launchpad.net/ubuntu/+source/livecd-rootfs/+bug/2015596

  which happened during the HWE roll to the 5.19 kernel. There was an
  assumption that a breaking change like this would not affect Focal, as
  rolls were done. However, 2045384 shows that this is not necessarily
  true.

  To fix 2045384, a backport to focal of the functionality in
  snap_validate_seed allowing matching on kernel version, and the
  creation of kernel specific directories is required

  [ Impact ]

  Boot will be slowed by ~200ms until this is resolved in livecd-rootfs

  [ Test Plan ]

   * for focal build any cloud image with preseeded snaps with HWE 5.15 kernel
   * boot
   * run `snap debug seeding`
   * assert the test described above passes

  [ Where problems could occur ]

   * Similar patches already exist for later releases 6.2, 6.5 kernel
  etc. and have been used on other private customer kernels and all
  kernels released after 22.04, so there is already a good track record
  for this patchset and it shouldn't create any issues.

  [ Other Info ]

   * This is a time-sensitive issue for a paying customer

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/livecd-rootfs/+bug/2059730/+subscriptions