-
Wed Jan 22 2025 Zygmunt Krynicki <zygmunt.krynicki@canonical.com>
- The changelog date and author have been modified to maintain linearity.
- Drop 0001-data-selinux-remove-timedatex.patch - applied upstream.
- New upstream release 2.67
- AppArmor prompting (experimental): allow overlapping rules
- Registry view (experimental): Changes to registry data (from both
users and snaps) can be validated and saved by custodian snaps
- Registry view (experimental): Support 'snapctl get --pristine' to
read the registry data excluding staged transaction changes
- Registry view (experimental): Put registry commands behind
experimental feature flag
- Components: Make modules shipped/created by kernel-modules
components available right after reboot
- Components: Add tab completion for local component files
- Components: Allow installing snaps and components from local files
jointly on the CLI
- Components: Allow 'snapctl model' command for gadget and kernel
snaps
- Components: Add 'snap components' command
- Components: Bug fixes
- eMMC gadget updates (WIP): add syntax support in gadget.yaml for
eMMC schema
- Support for ephemeral recovery mode on hybrid systems
- Support for dm-verity options in snap-bootstrap
- Support for overlayfs options and allow empty what argument for
tmpfs
- Enable ubuntu-image to determine the size of the disk image to
create
- Expose 'snap debug' commands 'validate-seed' and 'seeding'
- Add debug API option to use dedicated snap socket /run/snapd-
snap.socket
- Hide experimental features that are no longer required
(accepted/rejected)
- Mount ubuntu-save partition with no{exec,dev,suid} at install, run
and factory-reset
- Improve memory controller support with cgroup v2
- Support ssh socket activation configurations (used by ubuntu
22.10+)
- Fix generation of AppArmor profile with incorrect revision during
multi snap refresh
- Fix refresh app awareness related deadlock edge case
- Fix not caching delta updated snap download
- Fix passing non root uid, guid to initial tmpfs mount
- Fix ignoring snaps in try mode when amending
- Fix reloading of service activation units to avoid systemd errors
- Fix snapd snap FIPS build on Launchpad to use Advantage Pro FIPS
updates PPA
- Make killing of snap apps best effort to avoid possibility of
malicious failure loop
- Alleviate impact of auto-refresh failure loop with progressive
delay
- Dropped timedatex in selinux-policy to avoid runtime issue
- Fix missing syscalls in seccomp profile
- Modify AppArmor template to allow using SNAP_REEXEC on arch
systems
- Modify AppArmor template to allow using vim.tiny (available in
base snaps)
- Modify AppArmor template to add read-access to debian_version
- Modify AppArmor template to allow owner to read
@{PROC}/@{pid}/sessionid
- {common,personal,system}-files interface: prohibit trailing @ in
filepaths
- {desktop,shutdown,system-observe,upower-observe} interface:
improve for Ubuntu Core Desktop
- custom-device interface: allow @ in custom-device filepaths
- desktop interface: improve launch entry and systray integration
with session
- desktop-legacy interface: allow DBus access to
com.canonical.dbusmenu
- fwupd interface: allow access to nvmem for thunderbolt plugin
- mpris interface: add plasmashell as label
- mount-control interface: add support for nfs mounts
- network-{control,manager} interface: add missing dbus link rules
- network-manager-observe interface: add getDevices methods
- opengl interface: add Kernel Fusion Driver access to opengl
- screen-inhibit-control interface: improve screen inhibit control
for use on core
- udisks2 interface: allow ping of the UDisks2 service
- u2f-devices interface: add Nitrokey Passkey
-
Sun Jan 19 2025 Fedora Release Engineering <releng@fedoraproject.org> - 2.66.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
-
Tue Dec 03 2024 Orion Poplawski <orion@nwra.com>
- Drop RestartMode from snapd.service on EL8 (rhbz#2315759)
-
Fri Nov 29 2024 Zygmunt Krynicki <me@zygoon.pl>
- Re-cherry pick fix for SELinux timedatex problem from upstream
as it was not released in 2.66.1, sorry.
-
Wed Nov 20 2024 Zygmunt Krynicki <me@zygoon.pl>
- Drop only patch, applied upstream.
-
Fri Oct 25 2024 Zygmunt Krynicki <me@zygoon.pl>
- Cherry pick fix for SELinux timedatex problem from upstream
-
Fri Oct 11 2024 Ernest Lotter <ernest.lotter@canonical.com>
- New upstream release 2.66.1
- AppArmor prompting (experimental): Fix kernel prompting support
check
- Allow kernel snaps to have content slots
- Fix ignoring snaps in try mode when amending
-
Fri Oct 04 2024 Ernest Lotter <ernest.lotter@canonical.com>
- New upstream release 2.66
- AppArmor prompting (experimental): expand kernel support checks
- AppArmor prompting (experimental): consolidate error messages and
add error kinds
- AppArmor prompting (experimental): grant /v2/snaps/{name} via
snap-interfaces-requests-control
- AppArmor prompting (experimental): add checks for duplicate
pattern variants
- Registry views (experimental): add handlers that commit (and
cleanup) registry transactions
- Registry views (experimental): add a snapctl fail command for
rejecting registry transactions
- Registry views (experimental): allow custodian snaps to implement
registry hooks that modify and save registry data
- Registry views (experimental): run view-changed hooks only for
snaps plugging views affected by modified paths
- Registry views (experimental): make registry transactions
serialisable
- Snap components: handle refreshing components to revisions that
have been on the system before
- Snap components: enable creating Ubuntu Core images that contain
components
- Snap components: handle refreshing components independently of
snaps
- Snap components: handle removing components when refreshing a snap
that no longer defines them
- Snap components: extend snapd Ubuntu Core installation API to
allow for picking optional snaps and components to install
- Snap components: extend kernel.yaml with "dynamic-modules",
allowing kernel to define a location for kmods from component
hooks
- Snap components: renamed component type "test" to "standard"
- Desktop IDs: support installing desktop files with custom names
based on desktop-file-ids desktop interface plug attr
- Auto-install snapd on classic systems as prerequisite for any non-
essential snap install
- Support loading AppArmor profiles on WSL2 with non-default kernel
and securityfs mounted
- Debian/Fedora packaging updates
- Add snap debug command for investigating execution aspects of the
snap toolchain
- Improve snap pack error for easier parsing
- Add support for user services when refreshing snaps
- Add snap remove --terminate flag for terminating running snap
processes
- Support building FIPS complaint snapd deb and snap
- Fix to not use nss when looking up for users/groups from snapd
snap
- Fix ordering in which layout changes are saved
- Patch snapd snap dynamic linker to ignore LD_LIBRARY_PATH and
related variables
- Fix libexec dir for openSUSE Slowroll
- Fix handling of the shared snap directory for parallel installs
- Allow writing to /run/systemd/journal/dev-log by default
- Avoid state lock during snap removal to avoid delaying other snapd
operations
- Add nomad-support interface to enable running Hashicorp Nomad
- Add intel-qat interface
- u2f-devices interface: add u2f trustkey t120 product id and fx
series fido u2f devices
- desktop interface: improve integration with xdg-desktop-portal
- desktop interface: add desktop-file-ids plug attr to desktop
interface
- unity7 interface: support desktop-file-ids in desktop files rule
generation
- desktop-legacy interface: support desktop-file-ids in desktop
files rule generation
- desktop-legacy interface: grant access to gcin socket location
- login-session-observe interface: allow introspection
- custom-device interface: allow to explicitly identify matching
device in udev tagging block
- system-packages-doc interface: allow reading /usr/share/javascript
- modem-manager interface: add new format of WWAN ports
- pcscd interface: allow pcscd to read opensc.conf
- cpu-control interface: add IRQ affinity control to cpu_control
- opengl interface: add support for cuda workloads on Tegra iGPU in
opengl interface
-
Thu Sep 12 2024 Ernest Lotter <ernest.lotter@canonical.com>
- New upstream release 2.65.3
- Fix missing aux info from store on snap setup
-
Fri Sep 06 2024 Ernest Lotter <ernest.lotter@canonical.com>
- New upstream release 2.65.2
- Bump squashfuse from version 0.5.0 to 0.5.2 (used in snapd deb
only)