diff --git a/NEWS.md b/NEWS.md index 4b737b3d5ce..7417d45439d 100644 --- a/NEWS.md +++ b/NEWS.md @@ -1,3 +1,55 @@ +# New in snapd 2.67 +* AppArmor prompting (experimental): allow overlapping rules +* Registry view (experimental): Changes to registry data (from both users and snaps) can be validated and saved by custodian snaps +* Registry view (experimental): Support 'snapctl get --pristine' to read the registry data excluding staged transaction changes +* Registry view (experimental): Put registry commands behind experimental feature flag +* Components: Make modules shipped/created by kernel-modules components available right after reboot +* Components: Add tab completion for local component files +* Components: Allow installing snaps and components from local files jointly on the CLI +* Components: Allow 'snapctl model' command for gadget and kernel snaps +* Components: Add 'snap components' command +* Components: Bug fixes +* eMMC gadget updates (WIP): add syntax support in gadget.yaml for eMMC schema +* Support for ephemeral recovery mode on hybrid systems +* Support for dm-verity options in snap-bootstrap +* Support for overlayfs options and allow empty what argument for tmpfs +* Enable ubuntu-image to determine the size of the disk image to create +* Expose 'snap debug' commands 'validate-seed' and 'seeding' +* Add debug API option to use dedicated snap socket /run/snapd-snap.socket +* Hide experimental features that are no longer required (accepted/rejected) +* Mount ubuntu-save partition with no{exec,dev,suid} at install, run and factory-reset +* Improve memory controller support with cgroup v2 +* Support ssh socket activation configurations (used by ubuntu 22.10+) +* Fix generation of AppArmor profile with incorrect revision during multi snap refresh +* Fix refresh app awareness related deadlock edge case +* Fix not caching delta updated snap download +* Fix passing non root uid, guid to initial tmpfs mount +* Fix ignoring snaps in try mode when amending +* Fix reloading of service activation units to avoid systemd errors +* Fix snapd snap FIPS build on Launchpad to use Advantage Pro FIPS updates PPA +* Make killing of snap apps best effort to avoid possibility of malicious failure loop +* Alleviate impact of auto-refresh failure loop with progressive delay +* Dropped timedatex in selinux-policy to avoid runtime issue +* Fix missing syscalls in seccomp profile +* Modify AppArmor template to allow using SNAP_REEXEC on arch systems +* Modify AppArmor template to allow using vim.tiny (available in base snaps) +* Modify AppArmor template to add read-access to debian_version +* Modify AppArmor template to allow owner to read @{PROC}/@{pid}/sessionid +* {common,personal,system}-files interface: prohibit trailing @ in filepaths +* {desktop,shutdown,system-observe,upower-observe} interface: improve for Ubuntu Core Desktop +* custom-device interface: allow @ in custom-device filepaths +* desktop interface: improve launch entry and systray integration with session +* desktop-legacy interface: allow DBus access to com.canonical.dbusmenu +* fwupd interface: allow access to nvmem for thunderbolt plugin +* mpris interface: add plasmashell as label +* mount-control interface: add support for nfs mounts +* network-{control,manager} interface: add missing dbus link rules +* network-manager-observe interface: add getDevices methods +* opengl interface: add Kernel Fusion Driver access to opengl +* screen-inhibit-control interface: improve screen inhibit control for use on core +* udisks2 interface: allow ping of the UDisks2 service +* u2f-devices interface: add Nitrokey Passkey + # New in snapd 2.66.1: * AppArmor prompting (experimental): Fix kernel prompting support check * Allow kernel snaps to have content slots diff --git a/packaging/arch/PKGBUILD b/packaging/arch/PKGBUILD index 02b98356738..2f97d9c3d74 100644 --- a/packaging/arch/PKGBUILD +++ b/packaging/arch/PKGBUILD @@ -11,7 +11,7 @@ pkgdesc="Service and tools for management of snap packages." depends=('squashfs-tools' 'libseccomp' 'libsystemd' 'apparmor') optdepends=('bash-completion: bash completion support' 'xdg-desktop-portal: desktop integration') -pkgver=2.66.1 +pkgver=2.67 pkgrel=1 arch=('x86_64' 'i686' 'armv7h' 'aarch64') url="https://github.com/snapcore/snapd" diff --git a/packaging/debian-sid/changelog b/packaging/debian-sid/changelog index 7149129aee8..66064ac9386 100644 --- a/packaging/debian-sid/changelog +++ b/packaging/debian-sid/changelog @@ -1,3 +1,84 @@ +snapd (2.67-1) unstable; urgency=medium + + * New upstream release, LP: #2089691 + - AppArmor prompting (experimental): allow overlapping rules + - Registry view (experimental): Changes to registry data (from both + users and snaps) can be validated and saved by custodian snaps + - Registry view (experimental): Support 'snapctl get --pristine' to + read the registry data excluding staged transaction changes + - Registry view (experimental): Put registry commands behind + experimental feature flag + - Components: Make modules shipped/created by kernel-modules + components available right after reboot + - Components: Add tab completion for local component files + - Components: Allow installing snaps and components from local files + jointly on the CLI + - Components: Allow 'snapctl model' command for gadget and kernel + snaps + - Components: Add 'snap components' command + - Components: Bug fixes + - eMMC gadget updates (WIP): add syntax support in gadget.yaml for + eMMC schema + - Support for ephemeral recovery mode on hybrid systems + - Support for dm-verity options in snap-bootstrap + - Support for overlayfs options and allow empty what argument for + tmpfs + - Enable ubuntu-image to determine the size of the disk image to + create + - Expose 'snap debug' commands 'validate-seed' and 'seeding' + - Add debug API option to use dedicated snap socket /run/snapd- + snap.socket + - Hide experimental features that are no longer required + (accepted/rejected) + - Mount ubuntu-save partition with no{exec,dev,suid} at install, run + and factory-reset + - Improve memory controller support with cgroup v2 + - Support ssh socket activation configurations (used by ubuntu + 22.10+) + - Fix generation of AppArmor profile with incorrect revision during + multi snap refresh + - Fix refresh app awareness related deadlock edge case + - Fix not caching delta updated snap download + - Fix passing non root uid, guid to initial tmpfs mount + - Fix ignoring snaps in try mode when amending + - Fix reloading of service activation units to avoid systemd errors + - Fix snapd snap FIPS build on Launchpad to use Advantage Pro FIPS + updates PPA + - Make killing of snap apps best effort to avoid possibility of + malicious failure loop + - Alleviate impact of auto-refresh failure loop with progressive + delay + - Dropped timedatex in selinux-policy to avoid runtime issue + - Fix missing syscalls in seccomp profile + - Modify AppArmor template to allow using SNAP_REEXEC on arch + systems + - Modify AppArmor template to allow using vim.tiny (available in + base snaps) + - Modify AppArmor template to add read-access to debian_version + - Modify AppArmor template to allow owner to read + @{PROC}/@{pid}/sessionid + - {common,personal,system}-files interface: prohibit trailing @ in + filepaths + - {desktop,shutdown,system-observe,upower-observe} interface: + improve for Ubuntu Core Desktop + - custom-device interface: allow @ in custom-device filepaths + - desktop interface: improve launch entry and systray integration + with session + - desktop-legacy interface: allow DBus access to + com.canonical.dbusmenu + - fwupd interface: allow access to nvmem for thunderbolt plugin + - mpris interface: add plasmashell as label + - mount-control interface: add support for nfs mounts + - network-{control,manager} interface: add missing dbus link rules + - network-manager-observe interface: add getDevices methods + - opengl interface: add Kernel Fusion Driver access to opengl + - screen-inhibit-control interface: improve screen inhibit control + for use on core + - udisks2 interface: allow ping of the UDisks2 service + - u2f-devices interface: add Nitrokey Passkey + + -- Ernest Lotter Mon, 02 Dec 2024 23:14:24 +0200 + snapd (2.66.1-1) unstable; urgency=medium * New upstream release, LP: #2083490 diff --git a/packaging/fedora/snapd.spec b/packaging/fedora/snapd.spec index 2a1eae465d0..acfbcdf690c 100644 --- a/packaging/fedora/snapd.spec +++ b/packaging/fedora/snapd.spec @@ -104,7 +104,7 @@ %endif Name: snapd -Version: 2.66.1 +Version: 2.67 Release: 0%{?dist} Summary: A transactional software package manager License: GPL-3.0-only @@ -1003,6 +1003,84 @@ fi %changelog +* Mon Dec 02 2024 Ernest Lotter +- New upstream release 2.67 + - AppArmor prompting (experimental): allow overlapping rules + - Registry view (experimental): Changes to registry data (from both + users and snaps) can be validated and saved by custodian snaps + - Registry view (experimental): Support 'snapctl get --pristine' to + read the registry data excluding staged transaction changes + - Registry view (experimental): Put registry commands behind + experimental feature flag + - Components: Make modules shipped/created by kernel-modules + components available right after reboot + - Components: Add tab completion for local component files + - Components: Allow installing snaps and components from local files + jointly on the CLI + - Components: Allow 'snapctl model' command for gadget and kernel + snaps + - Components: Add 'snap components' command + - Components: Bug fixes + - eMMC gadget updates (WIP): add syntax support in gadget.yaml for + eMMC schema + - Support for ephemeral recovery mode on hybrid systems + - Support for dm-verity options in snap-bootstrap + - Support for overlayfs options and allow empty what argument for + tmpfs + - Enable ubuntu-image to determine the size of the disk image to + create + - Expose 'snap debug' commands 'validate-seed' and 'seeding' + - Add debug API option to use dedicated snap socket /run/snapd- + snap.socket + - Hide experimental features that are no longer required + (accepted/rejected) + - Mount ubuntu-save partition with no{exec,dev,suid} at install, run + and factory-reset + - Improve memory controller support with cgroup v2 + - Support ssh socket activation configurations (used by ubuntu + 22.10+) + - Fix generation of AppArmor profile with incorrect revision during + multi snap refresh + - Fix refresh app awareness related deadlock edge case + - Fix not caching delta updated snap download + - Fix passing non root uid, guid to initial tmpfs mount + - Fix ignoring snaps in try mode when amending + - Fix reloading of service activation units to avoid systemd errors + - Fix snapd snap FIPS build on Launchpad to use Advantage Pro FIPS + updates PPA + - Make killing of snap apps best effort to avoid possibility of + malicious failure loop + - Alleviate impact of auto-refresh failure loop with progressive + delay + - Dropped timedatex in selinux-policy to avoid runtime issue + - Fix missing syscalls in seccomp profile + - Modify AppArmor template to allow using SNAP_REEXEC on arch + systems + - Modify AppArmor template to allow using vim.tiny (available in + base snaps) + - Modify AppArmor template to add read-access to debian_version + - Modify AppArmor template to allow owner to read + @{PROC}/@{pid}/sessionid + - {common,personal,system}-files interface: prohibit trailing @ in + filepaths + - {desktop,shutdown,system-observe,upower-observe} interface: + improve for Ubuntu Core Desktop + - custom-device interface: allow @ in custom-device filepaths + - desktop interface: improve launch entry and systray integration + with session + - desktop-legacy interface: allow DBus access to + com.canonical.dbusmenu + - fwupd interface: allow access to nvmem for thunderbolt plugin + - mpris interface: add plasmashell as label + - mount-control interface: add support for nfs mounts + - network-{control,manager} interface: add missing dbus link rules + - network-manager-observe interface: add getDevices methods + - opengl interface: add Kernel Fusion Driver access to opengl + - screen-inhibit-control interface: improve screen inhibit control + for use on core + - udisks2 interface: allow ping of the UDisks2 service + - u2f-devices interface: add Nitrokey Passkey + * Fri Oct 11 2024 Ernest Lotter - New upstream release 2.66.1 - AppArmor prompting (experimental): Fix kernel prompting support diff --git a/packaging/opensuse/snapd.changes b/packaging/opensuse/snapd.changes index 9086d85b64b..68612cd92b5 100644 --- a/packaging/opensuse/snapd.changes +++ b/packaging/opensuse/snapd.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Mon Dec 02 21:14:24 UTC 2024 - ernest.lotter@canonical.com + +- Update to upstream release 2.67 + ------------------------------------------------------------------- Fri Oct 11 08:05:46 UTC 2024 - ernest.lotter@canonical.com diff --git a/packaging/opensuse/snapd.spec b/packaging/opensuse/snapd.spec index c373c1b71cb..5ed51ae32ed 100644 --- a/packaging/opensuse/snapd.spec +++ b/packaging/opensuse/snapd.spec @@ -82,7 +82,7 @@ Name: snapd -Version: 2.66.1 +Version: 2.67 Release: 0 Summary: Tools enabling systems to work with .snap files License: GPL-3.0 diff --git a/packaging/ubuntu-14.04/changelog b/packaging/ubuntu-14.04/changelog index 0387fba496a..e06ea1f8c5a 100644 --- a/packaging/ubuntu-14.04/changelog +++ b/packaging/ubuntu-14.04/changelog @@ -1,3 +1,84 @@ +snapd (2.67~14.04) trusty; urgency=medium + + * New upstream release, LP: #2089691 + - AppArmor prompting (experimental): allow overlapping rules + - Registry view (experimental): Changes to registry data (from both + users and snaps) can be validated and saved by custodian snaps + - Registry view (experimental): Support 'snapctl get --pristine' to + read the registry data excluding staged transaction changes + - Registry view (experimental): Put registry commands behind + experimental feature flag + - Components: Make modules shipped/created by kernel-modules + components available right after reboot + - Components: Add tab completion for local component files + - Components: Allow installing snaps and components from local files + jointly on the CLI + - Components: Allow 'snapctl model' command for gadget and kernel + snaps + - Components: Add 'snap components' command + - Components: Bug fixes + - eMMC gadget updates (WIP): add syntax support in gadget.yaml for + eMMC schema + - Support for ephemeral recovery mode on hybrid systems + - Support for dm-verity options in snap-bootstrap + - Support for overlayfs options and allow empty what argument for + tmpfs + - Enable ubuntu-image to determine the size of the disk image to + create + - Expose 'snap debug' commands 'validate-seed' and 'seeding' + - Add debug API option to use dedicated snap socket /run/snapd- + snap.socket + - Hide experimental features that are no longer required + (accepted/rejected) + - Mount ubuntu-save partition with no{exec,dev,suid} at install, run + and factory-reset + - Improve memory controller support with cgroup v2 + - Support ssh socket activation configurations (used by ubuntu + 22.10+) + - Fix generation of AppArmor profile with incorrect revision during + multi snap refresh + - Fix refresh app awareness related deadlock edge case + - Fix not caching delta updated snap download + - Fix passing non root uid, guid to initial tmpfs mount + - Fix ignoring snaps in try mode when amending + - Fix reloading of service activation units to avoid systemd errors + - Fix snapd snap FIPS build on Launchpad to use Advantage Pro FIPS + updates PPA + - Make killing of snap apps best effort to avoid possibility of + malicious failure loop + - Alleviate impact of auto-refresh failure loop with progressive + delay + - Dropped timedatex in selinux-policy to avoid runtime issue + - Fix missing syscalls in seccomp profile + - Modify AppArmor template to allow using SNAP_REEXEC on arch + systems + - Modify AppArmor template to allow using vim.tiny (available in + base snaps) + - Modify AppArmor template to add read-access to debian_version + - Modify AppArmor template to allow owner to read + @{PROC}/@{pid}/sessionid + - {common,personal,system}-files interface: prohibit trailing @ in + filepaths + - {desktop,shutdown,system-observe,upower-observe} interface: + improve for Ubuntu Core Desktop + - custom-device interface: allow @ in custom-device filepaths + - desktop interface: improve launch entry and systray integration + with session + - desktop-legacy interface: allow DBus access to + com.canonical.dbusmenu + - fwupd interface: allow access to nvmem for thunderbolt plugin + - mpris interface: add plasmashell as label + - mount-control interface: add support for nfs mounts + - network-{control,manager} interface: add missing dbus link rules + - network-manager-observe interface: add getDevices methods + - opengl interface: add Kernel Fusion Driver access to opengl + - screen-inhibit-control interface: improve screen inhibit control + for use on core + - udisks2 interface: allow ping of the UDisks2 service + - u2f-devices interface: add Nitrokey Passkey + + -- Ernest Lotter Mon, 02 Dec 2024 23:14:24 +0200 + snapd (2.66.1~14.04) trusty; urgency=medium * New upstream release, LP: #2083490 diff --git a/packaging/ubuntu-16.04/changelog b/packaging/ubuntu-16.04/changelog index 2d6afa8b319..881ad9cb687 100644 --- a/packaging/ubuntu-16.04/changelog +++ b/packaging/ubuntu-16.04/changelog @@ -1,3 +1,84 @@ +snapd (2.67) xenial; urgency=medium + + * New upstream release, LP: #2089691 + - AppArmor prompting (experimental): allow overlapping rules + - Registry view (experimental): Changes to registry data (from both + users and snaps) can be validated and saved by custodian snaps + - Registry view (experimental): Support 'snapctl get --pristine' to + read the registry data excluding staged transaction changes + - Registry view (experimental): Put registry commands behind + experimental feature flag + - Components: Make modules shipped/created by kernel-modules + components available right after reboot + - Components: Add tab completion for local component files + - Components: Allow installing snaps and components from local files + jointly on the CLI + - Components: Allow 'snapctl model' command for gadget and kernel + snaps + - Components: Add 'snap components' command + - Components: Bug fixes + - eMMC gadget updates (WIP): add syntax support in gadget.yaml for + eMMC schema + - Support for ephemeral recovery mode on hybrid systems + - Support for dm-verity options in snap-bootstrap + - Support for overlayfs options and allow empty what argument for + tmpfs + - Enable ubuntu-image to determine the size of the disk image to + create + - Expose 'snap debug' commands 'validate-seed' and 'seeding' + - Add debug API option to use dedicated snap socket /run/snapd- + snap.socket + - Hide experimental features that are no longer required + (accepted/rejected) + - Mount ubuntu-save partition with no{exec,dev,suid} at install, run + and factory-reset + - Improve memory controller support with cgroup v2 + - Support ssh socket activation configurations (used by ubuntu + 22.10+) + - Fix generation of AppArmor profile with incorrect revision during + multi snap refresh + - Fix refresh app awareness related deadlock edge case + - Fix not caching delta updated snap download + - Fix passing non root uid, guid to initial tmpfs mount + - Fix ignoring snaps in try mode when amending + - Fix reloading of service activation units to avoid systemd errors + - Fix snapd snap FIPS build on Launchpad to use Advantage Pro FIPS + updates PPA + - Make killing of snap apps best effort to avoid possibility of + malicious failure loop + - Alleviate impact of auto-refresh failure loop with progressive + delay + - Dropped timedatex in selinux-policy to avoid runtime issue + - Fix missing syscalls in seccomp profile + - Modify AppArmor template to allow using SNAP_REEXEC on arch + systems + - Modify AppArmor template to allow using vim.tiny (available in + base snaps) + - Modify AppArmor template to add read-access to debian_version + - Modify AppArmor template to allow owner to read + @{PROC}/@{pid}/sessionid + - {common,personal,system}-files interface: prohibit trailing @ in + filepaths + - {desktop,shutdown,system-observe,upower-observe} interface: + improve for Ubuntu Core Desktop + - custom-device interface: allow @ in custom-device filepaths + - desktop interface: improve launch entry and systray integration + with session + - desktop-legacy interface: allow DBus access to + com.canonical.dbusmenu + - fwupd interface: allow access to nvmem for thunderbolt plugin + - mpris interface: add plasmashell as label + - mount-control interface: add support for nfs mounts + - network-{control,manager} interface: add missing dbus link rules + - network-manager-observe interface: add getDevices methods + - opengl interface: add Kernel Fusion Driver access to opengl + - screen-inhibit-control interface: improve screen inhibit control + for use on core + - udisks2 interface: allow ping of the UDisks2 service + - u2f-devices interface: add Nitrokey Passkey + + -- Ernest Lotter Mon, 02 Dec 2024 23:14:24 +0200 + snapd (2.66.1) xenial; urgency=medium * New upstream release, LP: #2083490