Due to a security hardening of snapd currently in beta, calling snap apps from other snap apps is now correctly blocked in the situations where it would partially break confinement. Given that Checkbox does this when testing core system capabilities, we have designed a new execution model for tests on Ubuntu Core. This new execution model leverages systemd transient units to escape the snap sandbox and will allow us to continue calling snap apps in our tests as we did before.
Our plan was to release this new systemd-based runner to beta before the winter break to get more internal testing before releasing it to the stable channel.
We have sadly identified that the runner does not work on core16-based systems due to a bug in systemd so we are obliged to take a step back and work around it, postponing our releases.
Sadly this means that once snapd is released to stable, some tests will stop working. This will happen on the 6th of January.
The error you will start seeing will look like the this:
/system.slice/snap.checkbox.agent.service is not a snap cgroup for tag snap.bluez.hcitool
To work around this, refresh Checkbox to the edge channel. This version of Checkbox is already using the new runner by default on core.
If you need to try your new tests but the aren’t in beta yet, you can use edge, all artifacts beside core16 did pass validation, so they would be ok for a beta release. Remember that if you use edge and you don’t want to use this new runner you can always disable it via the following lines (to add to your launcher):
[features]
systemd_based_job_runner=False