snapcore
o/i/ifacemgr: do not check for apparmor
Checking for snapd.apparmor service requires to query systemd. This is done during the boot, before notifying systemd the daemon is ready, when systemd is busy. On cloud VMs, this can take several seconds.
Codecov Report
All modified and coverable lines are covered by tests :white_check_mark:
Project coverage is 78.90%. Comparing base (
68fe7eb) to head (525a751). Report is 88 commits behind head on master.
:exclamation: Your organization needs to install the Codecov GitHub app to enable full functionality.
Additional details and impacted files
@@ Coverage Diff @@
## master #13096 +/- ##
==========================================
+ Coverage 78.88% 78.90% +0.02%
==========================================
Files 1038 1043 +5
Lines 133499 134336 +837
==========================================
+ Hits 105308 106002 +694
- Misses 21617 21721 +104
- Partials 6574 6613 +39
| Flag | Coverage Δ | |
|---|---|---|
| unittests | 78.90% <100.00%> (+0.02%) |
:arrow_up: |
Flags with carried forward coverage won't be shown. Click here to find out more.
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
I am going to remove blocked for now, unless someone else belives this PR is still blocked.
We can make that service a no-op on systems without apparmor, we could handle that internally in snapd-apparmor
The service already has ConditionSecurity=apparmor.
It doesn't really matter if something is an app or service in the sense that if we get things right for services, it works for apps as well.
Do you mean the case where no service is installed and snapd.service is disabled. Then snap run should still have snapd.apparmor.service active? Well, yes in this case it should be added to multi-user.target and be before systemd-user-sessions.service.