[ubuntu/resolute-proposed] snapd 2.74+ubuntu26.04 (Accepted)
Ernest Lotter
ernest.lotter at canonical.com
Tue Jan 27 15:46:15 UTC 2026
snapd (2.74+ubuntu26.04) resolute; urgency=medium
* New upstream release, LP: #2138629
- FDE: use new activation API from secboot
- FDE: use activation API also with non keydata keys
- FDE: ignore internal recovery key expiration during install
- FDE: support adding/removing PINs post-installation
- FDE: support changing PINs post-installation
- FDE: support adding a recovery key post-installation
- FDE: provide activation status via new endpoint v2/system-
info/storage-encrypted
- FDE: support sealing and resealing using the preinstall check
result
- FDE: disable passphrase support during install
- FDE: add keyboard configuration helpers
- FDE: lazily inject keyboard layout configuration in kernel cmdline
- FDE: enable pin tries and limits PIN entry attempts to 3
- FDE: extend secureboot endpoint to accept DB, KEK, and PK
- FDE: simplify /v2/system-volumes keyslots handling by allowing
name-only entries, implicitly expanding to all system containers
- FDE: support extra non-system key slot names to support agents
such as Landscape to set dedicated recovery keys
- FDE: initialize fde state after device state
- FDE: use device node to find the storage container and keys
- FDE: provide user visible name for disk based on ID_MODEL
- FDE: update secboot in snapd with latest additions and fixes
- core-initrd: add systemd service for setting plymouth keyboard
layout and X11 keyboard layouts
- core-initrd: set plymouth cleartext toggle option
- core-initrd: fix plymouth missing font issue
- core-initrd: update dependency from libteec1 to libteec2
- core-initrd: add new dlopened libs
- LP: #2116949 Preseeding: add support for preseeding of hybrid
systems via the installer API$
- Preseeding: check whether a path is a mountpoint before remounting
- Confdb: support tagging paths as secret in storage schemas
- Confdb: support filtering on placeholder sub-keys
- Confdb: support filtering in API and confdbstate
- Confdb: support field filtering on reads
- Confdb: support "parameters" stanza and check filters against them
- Confdb: add support for '--with' contraints
- Confdb: parsing fixes and error handling improvements
- Assertions: restrict serials to new format in confdb-control
- Assertions: add verify signature function
- Remote device management: modify request-message assertion to
expose its time constraints for remote device management
- Remote device management: support polling of store messages
- Remote device management: add signing of response messages with
device key
- Prompting: enable notify protocol v5 and test prompt restoration
after snapd restart
- snap: change malformed '--channel=' warning to error
- snap: add 'snap report-issue' command to get the available contact
details for the specified snap
- snap: add 'snap version --verbose' flag to include information on
snap binaries origin
- snap: create the XDG_RUNTIME_DIR folder
- LP: #2068493 snap: add support for 'snap refresh --tracking'
- snapctl: add '--tracking' flag to 'snapctl refresh'
- Reexec: include the info filepath in the version compare debug log
- Reexec: add support for forcing reexec into and older snapd snap
by setting SNAP_REEXEC=force in the environment
- snap-confine: correct error message related to snap-confine group
policy validation
- snap-confine: ensure we only mount existing directories
- LP: #2134364 snap-confine: handle potential race when creating
/tmp/snap-private-tmp when lacking systemd-tmpfiles support
- snap-confine: filter plus characters from security tags
- Desktop: use desktop file IDs as desktop IDs
- Desktop: store the common ID in the desktop file
- Desktop: allow graphical daemons to show icons in the dock
- Desktop: change user daemons with desktop plug defined to depend
on graphical-session.target
- dm-verity for essential snaps: made change to prerequisite struct
- Cross-distro: modify SELinux profile to allow connecting to squid
proxy
- Cross-distro: add support for migrating snap mount directory
- Packaging: drop ubuntu-14.04 packaging
- Packaging: drop ubuntu-{14.04,16.04} transitional binary packages
- Packaging: remove desktop files and state lock file during snapd
purge
- Packaging: fix inhibition hint file being left behind on failed
unlink-current-snap
- Disallow timeouts < 1us in systemd units
- Add snap-store to the user-daemons support overrides
- Support for SuccessExitStatus= generation for systemd daemon
- Make standby output more verbose
- Add prepare-serial-request hook
- Try to discard snap mount namespaces when no processes are running
during snap updates
- Improve handling of snap downloads cache by introducing periodic
cleanup with more aggressive policy
- Interfaces: mediatek-accel | create new interface
- Interfaces: nvidia-video-driver-libs | create new interface
- Interfaces: *-driver-libs | accept component paths
- Interfaces: desktop-legacy, unity7 | remove workaround for slash
filtering in ibus address
- Interfaces: fwupd | allow writing reboot notification in /run
- Interfaces: add 'install' coreutil to base AppArmor template
- Interfaces: u2f-devices | add apparmor permissions to allow the
use of the libfido2 library in snaps
- Interfaces: u2f-devices | add support for Thetis security key
- Interfaces: add AppArmor workaround for mmap MAP_HUGETLB
- Interfaces: timeserver-control | manage per-link ntp settings via
systemd-networkd
Date: Tue, 20 Jan 2026 18:54:17 +0200
Changed-By: Ernest Lotter <ernest.lotter at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Julian Andres Klode <julian.klode at canonical.com>
https://launchpad.net/ubuntu/+source/snapd/2.74+ubuntu26.04
-------------- next part --------------
Format: 1.8
Date: Tue, 20 Jan 2026 18:54:17 +0200
Source: snapd
Built-For-Profiles: noudeb
Architecture: source
Version: 2.74+ubuntu26.04
Distribution: resolute
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Ernest Lotter <ernest.lotter at canonical.com>
Launchpad-Bugs-Fixed: 2068493 2116949 2134364 2138629
Changes:
snapd (2.74+ubuntu26.04) resolute; urgency=medium
.
* New upstream release, LP: #2138629
- FDE: use new activation API from secboot
- FDE: use activation API also with non keydata keys
- FDE: ignore internal recovery key expiration during install
- FDE: support adding/removing PINs post-installation
- FDE: support changing PINs post-installation
- FDE: support adding a recovery key post-installation
- FDE: provide activation status via new endpoint v2/system-
info/storage-encrypted
- FDE: support sealing and resealing using the preinstall check
result
- FDE: disable passphrase support during install
- FDE: add keyboard configuration helpers
- FDE: lazily inject keyboard layout configuration in kernel cmdline
- FDE: enable pin tries and limits PIN entry attempts to 3
- FDE: extend secureboot endpoint to accept DB, KEK, and PK
- FDE: simplify /v2/system-volumes keyslots handling by allowing
name-only entries, implicitly expanding to all system containers
- FDE: support extra non-system key slot names to support agents
such as Landscape to set dedicated recovery keys
- FDE: initialize fde state after device state
- FDE: use device node to find the storage container and keys
- FDE: provide user visible name for disk based on ID_MODEL
- FDE: update secboot in snapd with latest additions and fixes
- core-initrd: add systemd service for setting plymouth keyboard
layout and X11 keyboard layouts
- core-initrd: set plymouth cleartext toggle option
- core-initrd: fix plymouth missing font issue
- core-initrd: update dependency from libteec1 to libteec2
- core-initrd: add new dlopened libs
- LP: #2116949 Preseeding: add support for preseeding of hybrid
systems via the installer API$
- Preseeding: check whether a path is a mountpoint before remounting
- Confdb: support tagging paths as secret in storage schemas
- Confdb: support filtering on placeholder sub-keys
- Confdb: support filtering in API and confdbstate
- Confdb: support field filtering on reads
- Confdb: support "parameters" stanza and check filters against them
- Confdb: add support for '--with' contraints
- Confdb: parsing fixes and error handling improvements
- Assertions: restrict serials to new format in confdb-control
- Assertions: add verify signature function
- Remote device management: modify request-message assertion to
expose its time constraints for remote device management
- Remote device management: support polling of store messages
- Remote device management: add signing of response messages with
device key
- Prompting: enable notify protocol v5 and test prompt restoration
after snapd restart
- snap: change malformed '--channel=' warning to error
- snap: add 'snap report-issue' command to get the available contact
details for the specified snap
- snap: add 'snap version --verbose' flag to include information on
snap binaries origin
- snap: create the XDG_RUNTIME_DIR folder
- LP: #2068493 snap: add support for 'snap refresh --tracking'
- snapctl: add '--tracking' flag to 'snapctl refresh'
- Reexec: include the info filepath in the version compare debug log
- Reexec: add support for forcing reexec into and older snapd snap
by setting SNAP_REEXEC=force in the environment
- snap-confine: correct error message related to snap-confine group
policy validation
- snap-confine: ensure we only mount existing directories
- LP: #2134364 snap-confine: handle potential race when creating
/tmp/snap-private-tmp when lacking systemd-tmpfiles support
- snap-confine: filter plus characters from security tags
- Desktop: use desktop file IDs as desktop IDs
- Desktop: store the common ID in the desktop file
- Desktop: allow graphical daemons to show icons in the dock
- Desktop: change user daemons with desktop plug defined to depend
on graphical-session.target
- dm-verity for essential snaps: made change to prerequisite struct
- Cross-distro: modify SELinux profile to allow connecting to squid
proxy
- Cross-distro: add support for migrating snap mount directory
- Packaging: drop ubuntu-14.04 packaging
- Packaging: drop ubuntu-{14.04,16.04} transitional binary packages
- Packaging: remove desktop files and state lock file during snapd
purge
- Packaging: fix inhibition hint file being left behind on failed
unlink-current-snap
- Disallow timeouts < 1us in systemd units
- Add snap-store to the user-daemons support overrides
- Support for SuccessExitStatus= generation for systemd daemon
- Make standby output more verbose
- Add prepare-serial-request hook
- Try to discard snap mount namespaces when no processes are running
during snap updates
- Improve handling of snap downloads cache by introducing periodic
cleanup with more aggressive policy
- Interfaces: mediatek-accel | create new interface
- Interfaces: nvidia-video-driver-libs | create new interface
- Interfaces: *-driver-libs | accept component paths
- Interfaces: desktop-legacy, unity7 | remove workaround for slash
filtering in ibus address
- Interfaces: fwupd | allow writing reboot notification in /run
- Interfaces: add 'install' coreutil to base AppArmor template
- Interfaces: u2f-devices | add apparmor permissions to allow the
use of the libfido2 library in snaps
- Interfaces: u2f-devices | add support for Thetis security key
- Interfaces: add AppArmor workaround for mmap MAP_HUGETLB
- Interfaces: timeserver-control | manage per-link ntp settings via
systemd-networkd
Checksums-Sha1:
86ea108bade438a7dfc2d5df5b7c8f009b2911dd 2556 snapd_2.74+ubuntu26.04.dsc
7e4cb37cc8c5e1add38acda7eba0d56e23fcd047 11326860 snapd_2.74+ubuntu26.04.tar.xz
80a1effaa2ecdcdb73d875c762525a7984bfd178 9073 snapd_2.74+ubuntu26.04_source.buildinfo
Checksums-Sha256:
ec0e747ea5c02d60249d7040eeb6f4dc73a8deefc2af32ccc0d2d1c80b50d49b 2556 snapd_2.74+ubuntu26.04.dsc
a6938d6bd5f70507b86d75bd69a5624e15e88bec9130dc926ae087e7f7b83589 11326860 snapd_2.74+ubuntu26.04.tar.xz
05e1dbde872f0c61a8f6c641f651ef7fe3dc9fc3ab98bf351326f24e81268387 9073 snapd_2.74+ubuntu26.04_source.buildinfo
Files:
8c4835fe01d798953e74f6bf5d3c91db 2556 devel optional snapd_2.74+ubuntu26.04.dsc
8f3c8df2fde2a63f9fc34aacc7e3f72d 11326860 devel optional snapd_2.74+ubuntu26.04.tar.xz
56b37bc46e1cadc2d9e1aabb9d2c53d1 9073 devel optional snapd_2.74+ubuntu26.04_source.buildinfo
More information about the Resolute-changes
mailing list