Last active
January 26, 2023 16:47
-
-
Save alyandon/97813f577fe906497495439c37dacf37 to your computer and use it in GitHub Desktop.
Give users control over snapd autorefresh mechanism - apply patch over offiical repo and build binaries
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git a/cmd/snapd/main.go b/cmd/snapd/main.go | |
| index 741d998404..55d06d2d9c 100644 | |
| --- a/cmd/snapd/main.go | |
| +++ b/cmd/snapd/main.go | |
| @@ -52,6 +52,10 @@ func init() { | |
| } | |
| func main() { | |
| + if _, found := os.LookupEnv("SNAPD_DISABLE_AUTOREFRESH"); found { | |
| + logger.Noticef("AutoRefresh disabled due to SNAPD_DISABLE_AUTOREFRESH environment variable being set") | |
| + } | |
| + | |
| // When preseeding re-exec is not used | |
| if snapdenv.Preseeding() { | |
| logger.Noticef("running for preseeding") | |
| diff --git a/overlord/snapstate/autorefresh.go b/overlord/snapstate/autorefresh.go | |
| index 7faed91d6c..51e1d5405d 100644 | |
| --- a/overlord/snapstate/autorefresh.go | |
| +++ b/overlord/snapstate/autorefresh.go | |
| @@ -327,6 +327,11 @@ func (m *autoRefresh) Ensure() error { | |
| return err | |
| } | |
| + if _, found := os.LookupEnv("SNAPD_DISABLE_AUTOREFRESH"); found { | |
| + logger.Noticef("AutoRefresh disabled due to SNAPD_DISABLE_AUTOREFRESH environment variable being set") | |
| + held = true | |
| + } | |
| + | |
| // do refresh attempt (if needed) | |
| if !held { | |
| if !holdTime.IsZero() { |
My build/deploy script
#!/bin/sh
set -xe
MYVER="9.99.99-$(git describe)"
./mkversion.sh $MYVER
go build -o ./snapd.bin github.com/snapcore/snapd/cmd/snapd
go build -o ./snap.bin github.com/snapcore/snapd/cmd/snap
sudo systemctl stop snapd
sudo cp ./snapd.bin /usr/lib/snapd/snapd
sudo cp ./snap.bin /usr/bin/snap
sudo systemctl start snapd
Will need to apt-mark hold snapd to prevent it from getting updated OOB.
Oct 05 15:08:15 nebula snapd[6400]: autorefresh.go:331: AutoRefresh disabled by presence of /snapd_disable_autorefresh.
Oct 05 15:13:15 nebula snapd[6400]: autorefresh.go:331: AutoRefresh disabled by presence of /snapd_disable_autorefresh.
Oct 05 15:18:15 nebula snapd[6400]: autorefresh.go:331: AutoRefresh disabled by presence of /snapd_disable_autorefresh.
Oct 05 15:23:15 nebula snapd[6400]: autorefresh.go:331: AutoRefresh disabled by presence of /snapd_disable_autorefresh.
Something better - because why not?
index 7faed91d6c..51e1d5405d 100644
--- a/overlord/snapstate/autorefresh.go
+++ b/overlord/snapstate/autorefresh.go
@@ -327,6 +327,11 @@ func (m *autoRefresh) Ensure() error {
return err
}
+ if _, found := os.LookupEnv("SNAPD_DISABLE_AUTOREFRESH"); found {
+ logger.Noticef("AutoRefresh disabled due to SNAPD_DISABLE_AUTOREFRESH environment variable being set")
+ held = true
+ }
+
// do refresh attempt (if needed)
if !held {
if !holdTime.IsZero() {
systemctl edit snapd.service
[Service]
Environment=SNAPD_DISABLE_AUTOREFRESH=Y
Done
Canonical doesn't really make it easy to build a target for a particular release distro. If you run into any errors about AF_QIPCRTR the quickest work-around I've found so far is:
index 583f8cd9fd..b924e5fa04 100644
--- a/interfaces/seccomp/template.go
+++ b/interfaces/seccomp/template.go
@@ -481,7 +481,7 @@ socket AF_NFC
socket AF_VSOCK
socket AF_MPLS
socket AF_IB
-socket AF_QIPCRTR
+#socket AF_QIPCRTR
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This is for testing only - I may actually fork and maintain a real patch that'll return control of how and when snaps get updated to sysadmins.