Released: snapd 2.27

Hello everybody,

We are happy to announce that version 2.27 of snapd is now available in the latest core snap released in the stable channel. Simply updating your core snap should be enough for you to use this release on a Linux distribution that allows snapd re-executions.

Here are some of the highlights of this release:

Dynamic filesystem updates

As perhaps the longest in-development feature to land on this release, the snap-update-ns tool is finally available. This tool addresses a limitation that we’ve been working on since late last year, by enabling changes to be performed dynamically in the filesystem that is available inside the snap mount namespace.

In practice, the first visible outcome is that connections performed with the content interface are immediately available for the snap software to consume, even while it’s still running. This abstraction is the beginning of more interesting stories, though. We expect to see more interfaces leveraging that same functionality, and we’re already working on layouts, which in the near future will allow arbitrary mappings inside the snap namespace.

Android boot support

The snapd boot sequence can now handle Android-style boot management. We’re especially happy about this as it opens up a new range of devices for snapd that will support transactional updates of the OS and the kernel with automatic reverts on boot failures.

Install and remove hooks

The new install and remove hooks allow the snap to implement logic that is activated only when the snap is being installed for the first time or removed from the system. More of these hooks are coming soon, and the upcoming 2.28 will carry at least one more hook for refreshes as well.

General snapctl support

The snapctl tool which may be called inside any snap to communicate with snapd for various reasons (reading and writing configuration, etc) can now be used outside of hooks, which means it finally becomes the general mechanism it’s meant to be for starting a conversation with snapd at any point while software inside the snap is running. In the near future other improvements will levearge that same mechanism via new commands.

New title field

The title field is now supported across the entire pipeline (snapd, API, store, snapcraft, etc).

This field is supposed to hold a high-level and usually uppercased name for the application, as for example “Heroku CLI” for the application named “heroku”.

This also clarifies further the distinction between summary which is a one-line description and title which is a high-level uppercased name.

Install --unaliased parameter

The new snap install --unaliased parameter allows installing a snap without its aliases being enabled in the system. That means its commands will only be observable under names that have the snap name itself as a prefix, as was the case before the support for aliases was introduced.

–last in abort and watch

The snap abort and watch commands now accept the –last=<kind> parameter, previously available only in the changes command. This parameter allows the command to operate on the last change of a particular kind performed, as in:

$ snap watch --last=install

See the command help for more details.

Seccomp argument filtering

This release re-enables seccomp argument filtering, which means systems with working seccomp support will see more strict rules when operating with the relevant interfaces.

Command change is now tasks

The snap change command was renamed tasks as that’s a better counterpart for snap changes. The latter lists the latest changes in the system, the former lists tasks in a particular change.

The old command remains available as an alias to preserve backwards compatibility.

New search alias

The search command is just an alias for snap find. Although we won’t be introducing such aliases regularly, this one was found to be a common source of frustation due to the well known apt search command. No more frustration.

Types in snap list

The snap list command will now display the snap type under the Notes column for those snaps which are not applications (type != app).

More info in info

The snap info command will now display the snap unique ID, and will show the sha3-386 hash on verbose mode when given a snap filename.

Configuration defaults on first boot

Devices managed entirely by snapd will now also apply the default configuration specified by the gadget snap during the first system boot.

Auto-import assertions only vfat and ext4

The auto-import of assertions performed when media is plugged into devices managed by snapd will now only happen on ext4 and vfat filesystems.

New interfaces

The following interfaces were introduced in this release to support new needs:

  • broadcom-asic-control
  • greengrass-support
  • password-manager-service

Updated interfaces

Many of the pre-existing interfaces were updates with new rules to accommodate their needs appropriately. Here are the ones that were tuned during this release:

  • alsa
  • browser-support
  • log-observe
  • mir
  • mount-observe
  • network-control
  • optical-drive
  • optical-observe
  • pulseaudio
  • screen-inhibit-control
  • system-observe
  • timezone-control
  • unity7
  • x11

… and much more

Complete details are avaliable in the project’s commit history as usual.

We hope you enjoy this release as much as we enjoyed working on it.

– The snapd team

6 Likes

Great write-up, thanks @niemeyer.