Running `snapcraft --use-lxd` on Ubuntu Arm64 reports craft-providers error: LXD requires additional permissions

snapcraft
1

Running snapcraft --use-lxd on Ubuntu Arm64 reports craft-providers error: LXD requires additional permissions.

snapcraft.yaml

name: appname
version: 1.0.0
summary: appname
description: appname
icon: snap/gui/appname.png
title: AppName
contact: hello@example.com
license: MIT
architectures:
  - build-on: [amd64]
  - build-on: [arm64]
confinement: strict
base: core22
grade: stable
slots:
  dbus-appname: # adjust accordingly to your app name
    interface: dbus
    bus: session
    name: com.appname # adjust accordingly to your app name and
apps:
  appname:
    command: appname
    extensions: [gnome] # gnome includes the libraries required by flutter
    plugs:
      - network
    slots:
      - dbus-appname
parts:
  appname:
    source: .
    plugin: flutter
    # flutter-target: lib/main.dart # The main entry-point file of the application
    build-environment:
      - FLUTTER_TARGET: lib/main.dart
      - TARGET_PLATFORM: linux-arm64
    stage-packages:
      - clang
      - cmake
      - ninja-build
      - pkg-config
      - libgtk-3-dev
      - liblzma-dev
    override-build: |
      # https://github.com/canonical/snapcraft/blob/main/snapcraft/parts/plugins/flutter_plugin.py
      chmod +x install-ubuntu-lxd.sh && ./install-ubuntu-lxd.sh
      flutter doctor -v
      flutter precache --linux
      flutter pub get
      flutter build linux --release --dart-define-from-file=.env --target-platform $TARGET_PLATFORM --target $FLUTTER_TARGET
      cp -r build/linux/*/release/bundle/* $CRAFT_PART_INSTALL/

GitHub Actions

name: Test Snapcraft(arm64)

on:
  workflow_dispatch:

# Declare default permissions as readonly.
permissions: read-all

jobs:
  snap_arm64:
    name: Create snap(arm64)
    runs-on: buildjet-4vcpu-ubuntu-2204-arm
    steps:
      - uses: actions/checkout@v4

      - name: Setup LXD
        uses: canonical/setup-lxd@main
        with:
          group: lxd
          channel: latest/stable

      - name: Add user to the LXD (lxd) group
        run: |
          sudo usermod -a -G lxd ${USER}
          newgrp lxd

      - name: Install snapcraft
        run: |
          sudo snap install snapcraft --classic

      - name: Install yq
        run: |
          if ! command -v yq >/dev/null 2>&1; then
            echo "yq not exists"
            sudo snap install -y yq
          fi
          yq --version

      - name: Update snapcraft.yaml
        run: |
          rm -f snap/snapcraft.yaml
          mv snap/snapcraft-arm64.yaml snap/snapcraft.yaml

      - name: Build snap
        run: |
          # https://snapcraft.io/docs/flutter-applications
          snapcraft --use-lxd

      # Package the build.
      - name: Copy build for snap
        run: ls -la *.snap

      - name: Clean up
        if: ${{ always() }}
        run: |
          rm -f .env
          snapcraft clean
2

You are running a github action which installs and configures LXD.

Then you’re running snapcraft, which creates and jumps into a LXD container. Inside that container in the override-build you’re then trying to install LXD again!?

I suspect that’s where you’re going wrong here.

3

Nope.

install-ubuntu-lxd.sh

#!/bin/sh

set -e

if ! command -v wget >/dev/null 2>&1; then
   echo "🟩 Installing wget"
   apt install wget xz -y
fi

PG_FLUTTER_BUILD_DIR="$CRAFT_PART_BUILD/flutter-distro"

if [ -d "$PG_FLUTTER_BUILD_DIR" ]; then
   echo "🟩 Removing flutter directory"
   rm -rf "$PG_FLUTTER_BUILD_DIR"
fi

if [ ! -f "$CRAFT_PART_BUILD/flutter-3.19.6-aarch64.tar.xz" ]; then
   echo "🟩 Downloading Flutter"
   wget https://github.com/containerbase/flutter-prebuild/releases/download/3.19.6/flutter-3.19.6-aarch64.tar.xz -P "$CRAFT_PART_BUILD"
fi

echo "🟩 Unzipping"
mkdir -p "$PG_FLUTTER_BUILD_DIR" && tar -xf flutter-3.19.6-aarch64.tar.xz -C "$PG_FLUTTER_BUILD_DIR" --strip-components 1

echo "🟩 Config $PG_FLUTTER_BUILD_DIR"
git config --global --add safe.directory "$PG_FLUTTER_BUILD_DIR"

echo "🟩 Running ls"
ls

exit 0
4

Apologies, my mistake.

5

Is it possible to debug if LXD is setup correctly with a step before running snapcraft --use-lxd, by doing a simple lxc launch ubuntu:22.04 testlxd to identify if this is a LXD or snapcraft issue?

6

Also apt install wget xz -y in the script will fail as there is no package called xz, it’s xz-utils and is likely already installed inside the container.

7

2024-05-25 20.34.55
2024-05-25 20.34.552024×468 103 KB

8

Ok, this looks like a problem with the setup-lxd github action. Can you show more logs, specifically from that action, rather than just this snippet?

9

The following is the log of the job. If you need logs from other jobs, please tell me.

2024-05-25T13:17:35.8859371Z ##[group]Run canonical/setup-lxd@v0.1.1
2024-05-25T13:17:35.8860418Z with:
2024-05-25T13:17:35.8861068Z   channel: latest/stable
2024-05-25T13:17:35.8861866Z ##[endgroup]
2024-05-25T13:17:35.9434226Z ##[group]Run set -x
2024-05-25T13:17:35.9435004Z e[36;1mset -xe[0m
2024-05-25T13:17:35.9435766Z e[36;1mif snap info lxd | grep "installed"; thene[0m
2024-05-25T13:17:35.9436865Z e[36;1m  sudo snap refresh lxd --channel=latest/stablee[0m
2024-05-25T13:17:35.9438022Z e[36;1melsee[0m
2024-05-25T13:17:35.9438818Z e[36;1m  sudo snap install lxd --channel=latest/stablee[0m
2024-05-25T13:17:35.9439756Z e[36;1mfie[0m
2024-05-25T13:17:35.9498566Z shell: /usr/bin/bash --noprofile --norc -e -o pipefail {0}
2024-05-25T13:17:35.9499600Z ##[endgroup]
2024-05-25T13:17:35.9724203Z + snap info lxd
2024-05-25T13:17:35.9725766Z + grep installed
2024-05-25T13:17:36.7064900Z installed:          5.0.2-838e1b2             (24326) 114MB -
2024-05-25T13:17:36.7067369Z + sudo snap refresh lxd --channel=latest/stable
2024-05-25T13:17:50.6629119Z lxd 5.21.1-2d13beb from Canonical** refreshed
2024-05-25T13:17:50.6837149Z ##[group]Run sudo lxd waitready
2024-05-25T13:17:50.6838861Z e[36;1msudo lxd waitreadye[0m
2024-05-25T13:17:50.6841149Z e[36;1msudo lxd init --autoe[0m
2024-05-25T13:17:50.6940726Z shell: /usr/bin/bash --noprofile --norc -e -o pipefail {0}
2024-05-25T13:17:50.6942834Z ##[endgroup]
2024-05-25T13:17:59.6221397Z ##[group]Run sudo snap set lxd daemon.group=adm
2024-05-25T13:17:59.6223524Z e[36;1msudo snap set lxd daemon.group=adme[0m
2024-05-25T13:17:59.6225394Z e[36;1msudo snap restart lxde[0m
2024-05-25T13:17:59.6321322Z shell: /usr/bin/bash --noprofile --norc -e -o pipefail {0}
2024-05-25T13:17:59.6323423Z ##[endgroup]
2024-05-25T13:18:01.5257530Z 2024-05-25T13:18:01Z INFO Waiting for "snap.lxd.daemon.service" to stop.
2024-05-25T13:18:02.1612710Z Restarted.
2024-05-25T13:18:02.1745766Z ##[group]Run set -x
2024-05-25T13:18:02.1746831Z e[36;1mset -xe[0m
2024-05-25T13:18:02.1748140Z e[36;1msudo iptables -I DOCKER-USER -i lxdbr0 -j ACCEPTe[0m
2024-05-25T13:18:02.1751097Z e[36;1msudo iptables -I DOCKER-USER -o lxdbr0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPTe[0m
2024-05-25T13:18:02.1906672Z shell: /usr/bin/bash --noprofile --norc -e -o pipefail {0}
2024-05-25T13:18:02.1908251Z ##[endgroup]
2024-05-25T13:18:02.2040119Z + sudo iptables -I DOCKER-USER -i lxdbr0 -j ACCEPT
2024-05-25T13:18:02.2194412Z + sudo iptables -I DOCKER-USER -o lxdbr0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT

      - name: Setup LXD
        uses: canonical/setup-lxd@v0.1.1
        with:
          channel: latest/stable

[EDIT]

I tested it and found that both version v0.1.1 and main branch code have this problem.

10

May be not related, but in my KDE Neon installation, I needed to manually add the user to the lxd group and then log out and log back in to make lxd work.

11

If you look at the github action pasted above, they do that but use newgrp rather than logout/in.

12

Yeah I saw that. That’s why I am also kinda confused.

13

It runs normally under x64 architecture, but has this problem with arm64 architecture.