I’m having an odd problem: if I build and install snapd from the 2.68.5 branch from GIT, everything works fine; but if I build and install snapd from the MASTER branch, it’s not possible to launch any snap, they always return cannot set capabilities: Operation not permitted error (even with a simple command like “snapcraft -h”). The snap run command only seems to work when run as root…
Snapd native package or snapd snap you built yourself?
We landed a change in master which uses capabilities for snap-confine (rather than being setuid root as before). However, this is not relevant for snapd from 2.68.5 tag. If you’re building it yourself, you can run make hack when in cmd directory.
I’m building snapd snap. Just to be as explicit as possible:
- git clone git@github.com:snapcore/snapd.git
- git checkout 2.68.5
- snapcraft clean && snapcraft -v && sudo snap install --dangerous snapd_2…
Everything works as expected
- git checkout master
- snapcraft clean && snapcraft -v && sudo snap install --dangerous snapd_2…
Running any snap as the user (just a simple snapcraft -h, for example) fails with the specified error.
Make sure to remove snapcraft containers which are used during the build. It’s likely that snapd 2.67.x is used inside the container to pack the snap, and that version did not have the necessary changes to ensure that extended file attributes are preserved.
Mmm… how do I do that?
Try this:
lxc --project snapcraft list
iterate over container names and run this for each:
lxc --project snapcraft delete --force <name>
1 Like
Thanks. Trying again.
That fixed it. Thanks!!!
I’m trying to install Snapd I built myself too, but in another machine, one that doesn’t even have LXC installed. Any ideas?
Mmm… LXC should not be required to install or run snapd… only to build it with snapcraft…
Thanks Sergio, I misunderstood the cause of the problem. It would never occur to me that a specific version of Snapd (not even Snapcraft!) somehow would contaminate the Snapd I built and used in another installation.
I tried to only delete the container used to build the Snapd snap, as I had state that I wished to preserve in other containers. But it seems that even for the new container Snapd is 2.67. I guess it is being pulled from a base container so that the process of building multiple different snaps is not so resource wasteful. But then would just deleting the base containers be enough?
Mmm… but how did you delete the container?
With lxc delete --project snapcraft <snapd-container>.
Hmm… I think that you forgot the --force part…
No, not really. I only deleted one container instead of all. After deleting all containers, it works. The point of my comment was to ask whether all the containers really need to be deleted, or only the Snapd and Base ones.
I only deleted the snapd one, and it worked… it’s odd that it didn’t work for you.
I think you may need to delete one of:
+---------------------------------------------------------------+---------+------+------+-----------+-----------+
| base-instance-snapcraft-buildd-base-v7-c-f91ee4af44ccdf02cefb | STOPPED | | | CONTAINER | 0 |
+---------------------------------------------------------------+---------+------+------+-----------+-----------+
| base-instance-snapcraft-buildd-base-v71--d799df4d4588b4abe861 | STOPPED | | | CONTAINER | 0 |
+---------------------------------------------------------------+---------+------+------+-----------+-----------+
but unfortunately I have no clue which one. Try removing both along with the snapd build container.
There should be a --nuke-all option in LXC 