broken how?
#yafti is broken in kinoite-main-userns-hardened
late gazelle
strange. @lapis needle looks like another possible issue with the rpm version?
@spice bramble i'll rebuild now, it'll fix it
@spice bramble fiftydinar fixed this upstream already but i didn't rebuild yet
give it thirty minutes then upgrade
just rpm-ostree upgrade
you basically never have to reinstall an rpm-ostree system
i think it's not user namespaces
i think there's a missing python dep or something
what? no
it's just a subset of flathub
ujust harden-flatpak
run that
that's all yafti does
it's not unique to secureblue
it's just a function of flatpak
yeah because you need to run ujust harden-flatpak..
since yafti is broken
wait
no
you also need this
- run: flatpak remote-delete --system --force fedora
- run: flatpak remote-delete --user --force fedora
- run: flatpak remote-delete --system --force flathub
- run: flatpak remote-delete --user --force flathub
- run: flatpak remove --system --noninteractive --all
- run: flatpak remote-add --if-not-exists --user --subset=verified flathub-verified https://flathub.org/repo/flathub.flatpakrepo
run each of these 🙂
no
unless you want yafti to do it
then yes
user
late gazelle
what?
the error about namespace has nothing to do with user namespaces........
what does that have to do with anything
you can play games now
late gazelle
i think it's not user namespaces
.
the error is from python
if you open hardened-chromium and check chrome://sandbox
what does it say on the first row of the table
if it says namespace, you have userns
🙂
it's a python gobject dep
you should ignore that error
it's only relevant to yafti
nothing else
...
np
build is done, if you upgrade it should be fixed
lapis needle
strange. <@277886998709010433> looks like another possible issue with the rpm ve...
Seems that yafti rpm spec doesn't request libadwaita in it's dependencies, which it should do, so if the image doesn't have libadwaita already installed, it fails
yafti bling script manually installs libadwaita, so there's no issue
Bazzite does this too in the Containerfile, hence the reason they don't notice this issue
I informed Kyle about this now
late gazelle
yafti bling script manually installs libadwaita, so there's no issue
Bazzite doe...
hmm but then why did this show up for @spice bramble when secureblue had the rpm layered?
lapis needle
hmm but then why did this show up for <@456226577798135808> when secureblue had ...
he's on main kinoite image which doesn't have libadwaita package
oh, you say that secureblue has libadwaita layered?
I don't see that libadwaita is layered in the recipe
I can confirm that libadwaita is not layered when looking at this kinoite-main action in period when yafti RPM was installing:
https://github.com/secureblue/secureblue/actions/runs/10193108000/job/28198312665
late gazelle
oh, you say that secureblue has libadwaita layered?
i thought the yafti module installs it
lapis needle
i thought the yafti module installs it
that's with pip version
I talk about rpm version itself
We can install libadwaita manually before installing rpm too to fix this quirk
but this is something that rpm spec file should handle
just need to add Requires: libadwaita & that's it
late gazelle
that's with `pip` version
oh, i forgot i removed libadwaita
cause i assumed it was a dep
yeah makes sense
spice bramble
yafti is broken in kinoite-main-userns-hardened