1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143 | 2017-09-20 13:43:58 Error executing external:ubuntu-core-16-64:tests/main/snap-run-hook:reexec1 :
-----
+ echo 'Test that snap run can call valid hooks'
Test that snap run can call valid hooks
++ snap run --hook=configure basic-hooks
error: error running snapctl: cannot get without a context
+ output='configure hook'
+ expected_output='configure hook'
+ '[' 'configure hook' '!=' 'configure hook' ']'
+ echo 'Test that snap run cannot call invalid hooks'
Test that snap run cannot call invalid hooks
++ snap run --hook=invalid-hook basic-hooks
error: cannot find hook "invalid-hook" in "basic-hooks"
+ output=
+ expected_output=
+ '[' '' '!=' '' ']'
+ snap set basic-hooks command=dump-env
[|] Run configure hook of "basic-hooks" snap�[K
�[K+ echo 'Test that environment variables were interpolated'
Test that environment variables were interpolated
+ MATCH '^TEST_COMMON=/var/snap/basic-hooks/common$'
+ cat /var/snap/basic-hooks/current/hooks-env
error: pattern not found, got:
SNAP_COMMON=/var/snap/basic-hooks/common
TEMPDIR=/tmp
LISTEN_PID=18546
HOME=/root/snap/basic-hooks/x1
LISTEN_FDS=2
SNAP_LIBRARY_PATH=/var/lib/snapd/lib/gl:/var/lib/snapd/void
SNAP_USER_DATA=/root/snap/basic-hooks/x1
NOTIFY_SOCKET=/run/systemd/notify
SNAP_REVISION=x1
TEST_DATA=$SNAP_DATA
TMPDIR=/tmp
SNAP_CONTEXT=M2cM7NyQsfhk6N6TnQx2dqjtBBgs44NHSS83lfmxSc7L
SNAP_VERSION=1.0
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games
XDG_RUNTIME_DIR=/run/user/0/snap.basic-hooks
LISTEN_FDNAMES=snapd.socket:snapd.socket
SNAP_DATA=/var/snap/basic-hooks/x1
LANG=C.UTF-8
SNAP_USER_COMMON=/root/snap/basic-hooks/common
SNAP_ARCH=amd64
SNAP_COOKIE=M2cM7NyQsfhk6N6TnQx2dqjtBBgs44NHSS83lfmxSc7L
SNAP_REEXEC=
SNAP_NAME=basic-hooks
TEST_COMMON=$SNAP_COMMON
PWD=/
SNAP=/snap/basic-hooks/x1
TEST_SNAP=$SNAP
-----
.
2017-09-20 13:43:58 Debug output for external:ubuntu-core-16-64:tests/main/snap-run-hook:reexec1 :
-----
+ echo '# journal messages for snapd'
# journal messages for snapd
+ journalctl -u snapd
-- Logs begin at Wed 2017-09-20 13:43:40 UTC, end at Wed 2017-09-20 13:43:58 UTC. --
Sep 20 13:43:41 localhost.localdomain snapd[18271]: 2017/09/20 13:43:41.407922 cmd.go:134: exe doesn't have snap mount dir prefix: "/usr/lib/snapd/snapd" vs "/snap"
Sep 20 13:43:41 localhost.localdomain snapd[18271]: 2017/09/20 13:43:41.629592 main.go:78: Exiting on terminated signal.
Sep 20 13:43:41 localhost.localdomain systemd[1]: Stopping Snappy daemon...
Sep 20 13:43:41 localhost.localdomain systemd[1]: Stopped Snappy daemon.
Sep 20 13:43:50 localhost.localdomain systemd[1]: Starting Snappy daemon...
Sep 20 13:43:50 localhost.localdomain snapd[18546]: 2017/09/20 13:43:50.857964 daemon.go:290: started snapd/2.27.6+git378.bd3c0be~ubuntu16.04.1 (series 16) ubuntu-core/16 (amd64) linux/4.4.0-96-generic.
Sep 20 13:43:50 localhost.localdomain systemd[1]: Started Snappy daemon.
+ echo '# apparmor denials '
# apparmor denials
+ grep DENIED
+ dmesg --ctime
[Wed Sep 20 13:43:57 2017] audit: type=1400 audit(1505915037.673:506): apparmor="DENIED" operation="create" profile="snap.basic-hooks.hook.configure" pid=18684 comm="snapctl" family="inet" sock_type="stream" protocol=6 requested_mask="create" denied_mask="create"
[Wed Sep 20 13:43:57 2017] audit: type=1400 audit(1505915037.673:507): apparmor="DENIED" operation="create" profile="snap.basic-hooks.hook.configure" pid=18684 comm="snapctl" family="inet6" sock_type="stream" protocol=6 requested_mask="create" denied_mask="create"
[Wed Sep 20 13:43:57 2017] audit: type=1400 audit(1505915037.673:508): apparmor="DENIED" operation="create" profile="snap.basic-hooks.hook.configure" pid=18684 comm="snapctl" family="inet6" sock_type="stream" protocol=6 requested_mask="create" denied_mask="create"
[Wed Sep 20 13:43:57 2017] audit: type=1400 audit(1505915037.789:509): apparmor="DENIED" operation="create" profile="snap.basic-hooks.hook.configure" pid=18700 comm="snapctl" family="inet" sock_type="stream" protocol=6 requested_mask="create" denied_mask="create"
[Wed Sep 20 13:43:57 2017] audit: type=1400 audit(1505915037.789:510): apparmor="DENIED" operation="create" profile="snap.basic-hooks.hook.configure" pid=18700 comm="snapctl" family="inet6" sock_type="stream" protocol=6 requested_mask="create" denied_mask="create"
[Wed Sep 20 13:43:57 2017] audit: type=1400 audit(1505915037.789:511): apparmor="DENIED" operation="create" profile="snap.basic-hooks.hook.configure" pid=18700 comm="snapctl" family="inet6" sock_type="stream" protocol=6 requested_mask="create" denied_mask="create"
[Wed Sep 20 13:43:57 2017] audit: type=1400 audit(1505915037.965:512): apparmor="DENIED" operation="create" profile="snap.basic-hooks.hook.configure" pid=18719 comm="snapctl" family="inet" sock_type="stream" protocol=6 requested_mask="create" denied_mask="create"
[Wed Sep 20 13:43:57 2017] audit: type=1400 audit(1505915037.965:513): apparmor="DENIED" operation="create" profile="snap.basic-hooks.hook.configure" pid=18719 comm="snapctl" family="inet6" sock_type="stream" protocol=6 requested_mask="create" denied_mask="create"
+ echo '# seccomp denials (kills) '
# seccomp denials (kills)
+ grep type=1326
+ dmesg --ctime
+ true
+ echo '# snap interfaces'
# snap interfaces
+ snap interfaces
Slot Plug
:account-control -
:alsa -
:autopilot-introspection -
:bluetooth-control -
:broadcom-asic-control -
:browser-support -
:camera -
:classic-support -
:core-support core:core-support-plug
:dcdbas-control -
:docker-support -
:firewall-control -
:framebuffer -
:fuse-support -
:greengrass-support -
:hardware-observe -
:hardware-random-control -
:hardware-random-observe -
:home -
:io-ports-control -
:joystick -
:kernel-module-control -
:kubernetes-support -
:kvm -
:log-observe -
:lxd-support -
:mount-observe -
:netlink-audit -
:netlink-connector -
:network -
:network-bind -
:network-control -
:network-observe -
:network-setup-control -
:network-setup-observe -
:opengl -
:openvswitch-support -
:physical-memory-control -
:physical-memory-observe -
:ppp -
:process-control -
:raw-usb -
:removable-media -
:shutdown -
:snapd-control -
:system-observe -
:system-trace -
:time-control -
:timeserver-control -
:timezone-control -
:tpm -
:uhid -
-----
.
|