Howdy folks once again another post when i see something that appears to be a noteworthy update in my software updater, i'll post the change log here, there is one other post i'll be making pretty shortly.
Technical description
Package: snapd
Install, configure, refresh and remove snap packages. Snaps are 'universal' packages that work across many different Linux systems, enabling secure distribution of the latest apps and utilities for cloud, servers, desktops and the internet of things.
Start with 'snap list' to see installed snaps.
Changes for snapd versions:
Installed version: 2.72+ubuntu24.04
Available version: 2.73+ubuntu24.04
Version 2.73+ubuntu24.04:
- New upstream release, LP: #2132084
- FDE: do not save incomplete FDE state when resealing was skipped
- FDE: warn of inconsistent primary or policy counter
- Confdb: document confdb in snapctl help messages
- Confdb: only confdb hooks wait if snaps are disabled
- Confdb: relax confdb change conflict checks
- Confdb: remove empty parent when removing last leaf
- Confdb: support parsing field filters
- Confdb: wrap confdb write values under "values" key
- dm-verity for essential snaps: add new naming convention for
verity files - dm-verity for essential snaps: add snap integrity discovery
- dm-verity for essential snaps: fix verity salt calculation
- Assertions: add hardware identity assertion
- Assertions: add integrity stanza in snap resources revisions
- Assertions: add request message assertion required for remote
device management - Assertions: add response-message assertion for secure remote
device management - Assertions: expose WithStackedBackstore in RODatabase
- Packaging: cross-distro | install upstream NEWS file into relevant
snapd package doc directory - Packaging: cross-distro | tweak how the blocks injecting
$SNAP_MOUNT_DIR/bin are generated as required for openSUSE - Packaging: remove deprecated snap-gdb-shim and all references now
that snap run --gdb is unsupported and replaced by --gdbserver - Preseed: call systemd-tmpfiles instead handle-writable-paths on
uc26 - Preseed: do not remove the /snap dir but rather all its contents
during reset - snap-confine: attach name derived from security tag to BPF maps
and programs - snap-confine: ensure permitted capabilities match expectation
- snap-confine: fix cached snap-confine profile cleanup to report
the correct error instead of masking backend setup failures - snap-confine: Improve validation of user controlled paths
- snap-confine: tighten snap cgroup checks to ensure a snap cannot
start another snap in the same cgroup, preventing incorrect
device-filter installation - core-initrd: add 26.04 ubuntu-core-initramfs package
- core-initrd: add missing order dependency for setting default
system files - core-initrd: avoid scanning loop and mmc boot partitions as the
boot disk won't be any of these - core-initrd: make cpio a Depends and remove from Build-Depends
- core-initrd: start plymouth sooner and reload when gadget is
available - Cross-distro: modify syscheck to account for differences in
openSUSE 16.0+ - Validation sets: use in-flight validation sets when calling
'snapctl install' from hook - Prompting: enable prompting for the camera interface
- Prompting: remove polkit authentication when modifying/deleting
prompting rules - LP: #2127189 Prompting: do not record notices for unchanged rules
on snapd startup - AppArmor: add free and pidof to the template
- AppArmor: adjust interfaces/profiles to cope with coreutils paths
- Interfaces: add support for compatibility expressions
- Interfaces: checkbox-support | complete overhaul
- Interfaces: define vulkan-driver-libs, cuda-driver-libs, egl-
driver-libs, gbm-driver-libs, opengl-driver-libs, and opengles-
driver-libs - Interfaces: allow snaps on classic access to nvidia graphics
libraries exported by *-driver-libs interfaces - Interfaces: fwupd | broaden access to /boot/efi/EFI
- Interfaces: gsettings | set dconf-service as profile for
ca.desrt.dconf.Writer - Interfaces: iscsi-initiator, dm-multipath, nvme-control | add new
interfaces - Interfaces: opengl | grant read/write permission to /run/nvidia-
persistenced/socket - interfaces: ros-snapd-support | add access to /v2/changes/
- Interfaces: system-observe | read access to btrfs/ext4/zfs
filesystem information - Interfaces: system-trace | allow /sys/kernel/tracing/** rw
- Interfaces: usb-gadget | add support for ffs mounts in attributes
- Add autocompletion to run command
- Introduce option for disallowing auto-connection of a specific
interface - Only log errors for user service operations performed as a part of
snap removal - Patch snap names in service requests for parallel installed snaps
- Simplify traits for eMMC special partitions
- Strip apparmor_parser from debug symbols shrinking snapd size by
~3MB - Fix InstallPathMany skipping refresh control
- Fix waiting for GDB helper to stop before attaching gdbserver
- Protect the per-snap tmp directory against being reaped by age
- Prevent disabling base snaps to ensure dependent snaps can be
removed - Modify API endpoint /v2/logs to reject n <= 0 (except for special
case -1 meaning all) - Avoid potential deadlock when task is injected after the change
was aborted - Avoid race between store download stream and cache cleanup
executing in parallel when invoked by snap download task - LP: #1851490 Use "current" instead of revision number for icons
- LP: #2121853 Add snapctl version command
- LP: #2127214 Ensure no more than one partition on disk can match a
gadget partition - LP: #2127244 snap-confine: update AppArmor profile to allow
read/write to journal as workaround for snap-confine fd
inheritance prevented by newer AppArmor - LP: #2127766 Add new tracing mechanism with independently running
strace and shim synchronization