| 2016-10-14 00:48:22 |
Zygmunt Krynicki |
bug |
|
|
added bug |
| 2016-10-14 00:48:32 |
Zygmunt Krynicki |
snap-confine: status |
New |
Fix Committed |
|
| 2016-10-14 00:48:35 |
Zygmunt Krynicki |
snap-confine: importance |
Undecided |
Critical |
|
| 2016-10-14 00:48:38 |
Zygmunt Krynicki |
snap-confine: assignee |
|
Zygmunt Krynicki (zyga) |
|
| 2016-10-14 00:48:40 |
Zygmunt Krynicki |
snap-confine: milestone |
|
1.0.44 |
|
| 2016-10-20 10:52:35 |
Zygmunt Krynicki |
snap-confine: status |
Fix Committed |
Fix Released |
|
| 2016-11-03 08:25:21 |
Zygmunt Krynicki |
description |
Snaps such as udisks can mount anything in /media. While this works the mount is only visible to the snap that performed the operation (as it is stuck in the mount namespace).
The mount namespace should be setup up in a way that makes /media shared with the outside namespace. |
[Impact]
TBD
[Test Case]
The test case can be found here:
https://github.com/snapcore/snap-confine/blob/master/spread-tests/main/media-sharing/task.yaml
The test case is ran automatically for each pull request and for each final release. It can be reproduced manually by executing the shell commands listed in the prepare/execute/restore phases manually.
The commands there assume that snapd and snap-confine are installed.
No other additional setup is necessary.
[Regression Potential]
TBD
[Other Info]
* snap-confine is technically an integral part of snapd which has an SRU exception and is allowed to introduce new features and take advantage of accelerated procedure. For more information see https://wiki.ubuntu.com/SnapdUpdates
== # Pre-SRU bug description follows # ==
Snaps such as udisks can mount anything in /media. While this works the mount is only visible to the snap that performed the operation (as it is stuck in the mount namespace).
The mount namespace should be setup up in a way that makes /media shared with the outside namespace. |
|
| 2016-11-03 08:35:42 |
Zygmunt Krynicki |
description |
[Impact]
TBD
[Test Case]
The test case can be found here:
https://github.com/snapcore/snap-confine/blob/master/spread-tests/main/media-sharing/task.yaml
The test case is ran automatically for each pull request and for each final release. It can be reproduced manually by executing the shell commands listed in the prepare/execute/restore phases manually.
The commands there assume that snapd and snap-confine are installed.
No other additional setup is necessary.
[Regression Potential]
TBD
[Other Info]
* snap-confine is technically an integral part of snapd which has an SRU exception and is allowed to introduce new features and take advantage of accelerated procedure. For more information see https://wiki.ubuntu.com/SnapdUpdates
== # Pre-SRU bug description follows # ==
Snaps such as udisks can mount anything in /media. While this works the mount is only visible to the snap that performed the operation (as it is stuck in the mount namespace).
The mount namespace should be setup up in a way that makes /media shared with the outside namespace. |
[Impact]
The /media directory is special in that mount events propagate outward from the mount namespace used by snap applications into the main mount
namespace.
[Test Case]
The test case can be found here:
https://github.com/snapcore/snap-confine/blob/master/spread-tests/main/media-sharing/task.yaml
The test case is ran automatically for each pull request and for each final release. It can be reproduced manually by executing the shell commands listed in the prepare/execute/restore phases manually.
The commands there assume that snapd and snap-confine are installed.
No other additional setup is necessary.
[Regression Potential]
This change involved relatively complex changes in the core logic of snap-confine and while extensive testing was performed since in both core and classic environments there's always possibility of some edge case.
For inspecting the layout of the mount namespace with this feature enabled please look at
https://github.com/snapcore/snap-confine/tree/master/spread-tests/main/mount-ns-layout
[Other Info]
* snap-confine is technically an integral part of snapd which has an SRU exception and is allowed to introduce new features and take advantage of accelerated procedure. For more information see https://wiki.ubuntu.com/SnapdUpdates
== # Pre-SRU bug description follows # ==
Snaps such as udisks can mount anything in /media. While this works the mount is only visible to the snap that performed the operation (as it is stuck in the mount namespace).
The mount namespace should be setup up in a way that makes /media shared with the outside namespace. |
|
| 2016-11-03 08:47:57 |
Zygmunt Krynicki |
tags |
|
verification-needed |
|
| 2016-11-03 18:16:31 |
Brian Murray |
bug task added |
|
snap-confine (Ubuntu) |
|
| 2016-11-04 09:39:06 |
Andy Whitcroft |
snap-confine (Ubuntu Yakkety): status |
New |
Fix Committed |
|
| 2016-11-04 09:39:08 |
Andy Whitcroft |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2016-11-04 09:39:10 |
Andy Whitcroft |
bug |
|
|
added subscriber SRU Verification |
| 2016-11-04 10:00:36 |
Andy Whitcroft |
snap-confine (Ubuntu Xenial): status |
New |
Fix Committed |
|
| 2016-11-17 15:17:31 |
Federico Gimenez |
tags |
verification-needed |
verification-done |
|
