(Snapcraft and) strict Multipass [Call For Testing]

Saviq · April 8, 2020, 3:07pm

Hi all o/

In the Multipass team we’ve been working on converting the Multipass snap to be strict, and we believe we’re ready to get it to you.

This is a significant change, and so we’d like a bit more real-life testing to go into it before we bless it. To this end, we’re asking for anyone using Multipass, either standalone or through Snapcraft, to have a go and let us know of any problems.

To get the strict Multipass, you need to refresh to edge/pr1074:

$ snap refresh multipass --channel edge/pr1074
multipass (edge/pr1074) 1.2.0-dev.79.pr1074+gefa6e12 from Canonical✓ refreshed

This will tell you that indeed it’s running confined:

$ snap info multipass | grep installed
installed:          1.2.0-dev.79.pr1074+gefa6e12            (1869) 214MB -

NOTE: Snapcraft needs an update to function with it confined - you need at least 3.11+git31.g888707cf from --edge:

$ snap refresh snapcraft --edge
snapcraft (edge) 3.11+git32.g4d12177e from Canonical✓ refreshed

Everything should behave as usual, with the added benefit that you can run Multipass on Ubuntu Core, too! With Core, you will need sudo to run multipass for now.

Thank you! And please report any problems on our PR: #1074 or below.

lucyllewy · April 8, 2020, 3:19pm

first test with GIMP:

$ snapcraft
Launching a VM.
Launched: snapcraft-gimp                                                        
error: no changes of type "auto-refresh" found                                  
2020-04-08T15:19:02Z INFO Waiting for restart...
snapd 2.44.1 from Canonical✓ installed
Source path "/tmp/tmp01w0rqs3/core18.snap" does not exist
An error occurred with the instance when trying to copy files with 'multipass': returned exit code 1.
Ensure that 'multipass' is setup correctly and try again.

EDIT: seems reproducible… EDIT2: also errors the same way for audacity EDIT3: ignore this post - I screwed up and didn’t update snapcraft

Saviq · April 8, 2020, 4:08pm

Can you confirm you’ve got snapcraft 3.11+git32.g4d12177e or newer?

If yes, could you please run with SNAPCRAFT_ENABLE_DEVELOPER_DEBUG=yes?

Thanks!

lucyllewy · April 8, 2020, 4:14pm

ok, I overlooked updating snapcraft. With the right version of snapcraft everything works

lucyllewy · April 9, 2020, 11:29am

After reboot multipassd is dead:

-- Logs begin at Tue 2020-03-03 19:40:12 GMT, end at Thu 2020-04-09 12:27:22 BST. --
Apr 09 11:39:56 defiant systemd[1]: Started Service for snap application multipass.multipassd.
Apr 09 11:39:57 defiant multipass.multipassd[3519]: cannot perform operation: mount --rbind /dev /tmp/snap.rootfs_jjNqnk//dev: No such file or directory
Apr 09 11:39:57 defiant systemd[1]: snap.multipass.multipassd.service: Main process exited, code=exited, status=1/FAILURE
Apr 09 11:39:57 defiant systemd[1]: snap.multipass.multipassd.service: Failed with result 'exit-code'.
Apr 09 11:39:57 defiant systemd[1]: snap.multipass.multipassd.service: Scheduled restart job, restart counter is at 1.
Apr 09 11:39:57 defiant systemd[1]: Stopped Service for snap application multipass.multipassd.
Apr 09 11:39:57 defiant systemd[1]: Started Service for snap application multipass.multipassd.
Apr 09 11:39:57 defiant multipass.multipassd[3754]: cannot perform operation: mount --rbind /dev /tmp/snap.rootfs_NuZQm2//dev: No such file or directory
Apr 09 11:39:57 defiant systemd[1]: snap.multipass.multipassd.service: Main process exited, code=exited, status=1/FAILURE
Apr 09 11:39:57 defiant systemd[1]: snap.multipass.multipassd.service: Failed with result 'exit-code'.
Apr 09 11:39:57 defiant systemd[1]: snap.multipass.multipassd.service: Scheduled restart job, restart counter is at 2.
Apr 09 11:39:57 defiant systemd[1]: Stopped Service for snap application multipass.multipassd.
Apr 09 11:39:57 defiant systemd[1]: Started Service for snap application multipass.multipassd.
Apr 09 11:39:57 defiant multipass.multipassd[3906]: cannot perform operation: mount --rbind /dev /tmp/snap.rootfs_f9EIZy//dev: No such file or directory
Apr 09 11:39:57 defiant systemd[1]: snap.multipass.multipassd.service: Main process exited, code=exited, status=1/FAILURE
Apr 09 11:39:57 defiant systemd[1]: snap.multipass.multipassd.service: Failed with result 'exit-code'.
Apr 09 11:39:57 defiant systemd[1]: snap.multipass.multipassd.service: Scheduled restart job, restart counter is at 3.
Apr 09 11:39:57 defiant systemd[1]: Stopped Service for snap application multipass.multipassd.
Apr 09 11:39:57 defiant systemd[1]: Started Service for snap application multipass.multipassd.
Apr 09 11:39:57 defiant multipass.multipassd[4048]: cannot perform operation: mount --rbind /dev /tmp/snap.rootfs_z6Rhck//dev: No such file or directory
Apr 09 11:39:57 defiant systemd[1]: snap.multipass.multipassd.service: Main process exited, code=exited, status=1/FAILURE
Apr 09 11:39:57 defiant systemd[1]: snap.multipass.multipassd.service: Failed with result 'exit-code'.
Apr 09 11:39:57 defiant systemd[1]: snap.multipass.multipassd.service: Scheduled restart job, restart counter is at 4.
Apr 09 11:39:57 defiant systemd[1]: Stopped Service for snap application multipass.multipassd.
Apr 09 11:39:57 defiant systemd[1]: Started Service for snap application multipass.multipassd.
Apr 09 11:39:57 defiant multipass.multipassd[4174]: cannot perform operation: mount --rbind /dev /tmp/snap.rootfs_J4lEyQ//dev: No such file or directory
Apr 09 11:39:57 defiant systemd[1]: snap.multipass.multipassd.service: Main process exited, code=exited, status=1/FAILURE
Apr 09 11:39:57 defiant systemd[1]: snap.multipass.multipassd.service: Failed with result 'exit-code'.
Apr 09 11:39:58 defiant systemd[1]: snap.multipass.multipassd.service: Scheduled restart job, restart counter is at 5.
Apr 09 11:39:58 defiant systemd[1]: Stopped Service for snap application multipass.multipassd.
Apr 09 11:39:58 defiant systemd[1]: snap.multipass.multipassd.service: Start request repeated too quickly.
Apr 09 11:39:58 defiant systemd[1]: snap.multipass.multipassd.service: Failed with result 'exit-code'.
Apr 09 11:39:58 defiant systemd[1]: Failed to start Service for snap application multipass.multipassd.

This might be a reappearance of the AppArmor bug that @jdstrand tried to fix for @popey and myself when running on ZFS.

Saviq · April 10, 2020, 7:33am

Yeah this is not a Multipass issue (you mentioned LXD was dead, too).

lucyllewy · April 10, 2020, 10:46am

Yup, this is another ZFS-triggered bug with AppArmor and Snaps starting out of order on boot. Jamie has had a look at it, and @zyga-snapd is working on fixing it in Snapd.

Saviq · April 28, 2020, 10:48am

This is now in Multipass’s edge channel.

spacegardener · May 8, 2020, 2:24am

do you have any workaround for this? I am new to snapcraft, using version 3.11 / on 20.04 and tried some of the suggestions listed here about testing and restarting multipass and my multipass seems to be working as I can see them running with “multipass list” but whenever I run “snapcraft” I get:

error: no changes of type “auto-refresh” found
Source path “/tmp/tmpa6n0l5pa/snapd.snap” does not exist
An error occurred with the instance when trying to copy files with ‘multipass’: returned exit code 1.
Ensure that ‘multipass’ is setup correctly and try again.

jamesh · May 8, 2020, 3:08am

It sounds like you need a newer Snapcraft. As @Saviq mentioned in the initial post, 3.11 is too old. At this point, you can probably use the candidate channel rather than edge though.

The problem is that strict confined snaps run with a private /tmp directory. Snapcraft <= 3.11 try to use /tmp to pass a file to Multipass, which worked fine when Multipass used classic confinement but breaks under strict confinement. Newer Snapcraft uses a method that works for both old and new Multipass.

spacegardener · May 8, 2020, 4:26pm

thanks a ton! I changed to candidate 4.0 snapcraft and it seems to be working or at least did not get caught on the same thing