release: 2.74.1 (attempt2)

[ernestl]

DEBEMAIL="Ernest Lotter <ernest.lotter@canonical.com>" release-tools/changelog.py 2.74.1 2138629 NEWS.md

Some serious issues was discovered since the first attempt: #16537

CHERRY PICKED:

Fixes for serious issues found since previous attempt:

• Revert: "wrappers/internal: add implicit graphical user daemons" #16587 (internal)
• overlord/devicestate, secboot: install setup encryption check must use cached context #16577
• mkversion.sh: correct for deb release flow #16572
• overlord/devicestate: fix do-install-setup-storage-encryption check for preinstall context availability #16584 (internal)

Functional fixes:

• secboot: update to rev e638825ef829 #16521
• snap-confine: add CAP_SYS_RESOURCE #16525
• i/builtin/camera: add locking permission for /dev/video devices for RealSense cameras #16517
• cmd/libsnap-confine-private/device-cgroup-support: bump devices BPF map size to 1000 #16505
• daemon/api_system_secureboot.go: allow multiple payloads in db update #16541
• interfaces/seccomp: allow memfd_secret #16545
• interfaces/seccomp: allow pidfd_open syscall #16478

Test fixes:

• snapd-testing-tools: update to rev a377392 #16590
• tests/nested/manual: add workaround for cloud-init issue #16570
• tests: update auth file for remodeling #16567
• tests: increase nested 24/26 disk size to 30GB #16548
• tests/main, tests/upgrade, : fix main/snap-ns-forward-compat, main/upgrade-from-release, upgrade/basic #16555
• tests: skip i18n test on noble #16560
• tests/main/layout-content-provider-change, fakestore: add a test mixing content, layouts and snap refreshes #16442
• tests: skip kernel-base-gadget tests when running beta validation #16316
• tests/nested/manual: fix muinstaller-real #16447
• tests: enable some nested tests by setting up proper kernel declarations on UC26 #16452
• tests: update preseed-reset to account for new logic leaving snap dir intact #16460
• tests: remove setuid on snap-confine in snap-confine-from-core #16464
• tests: fix static checks in spread  #16474
• github, tests: get store creds tests running on master #16481
• tests/nested/manual: fix muinstaller #16483
• tests/nested/manual: fix minute+ seeding time match #16485
• spread: use 16GB for focal on google #16496
• tests/main/layout-content-refresh-connect-hooks: verify mount namespace content visibility #16497
• tests: migrate tests.exec is-skipped to new skip format #16501
• tests: fix build-with-kernel-modules-components by updating modules check #16510
• tests: move main tests to new skip format - part 1 #16511
• tests: move main tests to new skip format - part 2 #16512
• tests: move main tests to new skip format - part 3 #16513
• tests: move main tests to new skip format - part 4 #16514
• tests: fix interfaces-block-devices when fde is used #16523
• tests: fix sru validation #16524
• tests/lib/nested.sh: disable cloud-init check on core26 for now #16528

LP Bugs: https://launchpad.net/snapd/+milestone/2.74.1
SRU Bug: https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/2138629
Jira: https://warthogs.atlassian.net/browse/SNAPDENG-36361

Requires rebase merge

[github-actions]

Fri Feb 13 09:42:42 UTC 2026
The following results are from: https://github.com/canonical/snapd/actions/runs/21961159773

Failures:

Preparing:

• openstack:ubuntu-26.04-64:tests/main/
• openstack:ubuntu-26.04-64:tests/main/
• openstack:ubuntu-26.04-64:tests/main/
• openstack:ubuntu-18.04-64:tests/main/nss-modules:nis
• openstack:ubuntu-18.04-64:tests/main/nss-modules:winbind

Executing:

• openstack:debian-sid-64:tests/main/interfaces-network-status-classic
• openstack-ext:ubuntu-26.04-64:tests/nested/manual/minimal-smoke:secboot_enabled
• openstack-ext:ubuntu-26.04-64:tests/nested/manual/broken-model:tpm
• openstack-ext:ubuntu-26.04-64:tests/nested/core/remount-hotplug
• openstack-ext:ubuntu-26.04-64:tests/nested/manual/core20-fde-dbx
• openstack-ext:ubuntu-26.04-64:tests/nested/manual/broken-model:hook
• openstack-ext:ubuntu-26.04-64:tests/nested/manual/minimal-smoke:secboot_disabled

[olivercalder]

LGTM, thanks!

[olivercalder]

Ah I see, the encryption check fix hasn't been cherry-picked yet...

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 77.49%. Comparing base (36023da) to head (8e36c19).
⚠️ Report is 9 commits behind head on release/2.74.

Additional details and impacted files

@@               Coverage Diff                @@
##           release/2.74   #16581      +/-   ##
================================================
- Coverage         77.49%   77.49%   -0.01%     
================================================
  Files              1342     1344       +2     
  Lines            184303   184231      -72     
  Branches           2444     2444              
================================================
- Hits             142825   142769      -56     
+ Misses            32838    32828      -10     
+ Partials           8640     8634       -6     

Flag	Coverage Δ
unittests	77.49% <100.00%> (-0.01%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[pedronis]

+1

[olivercalder]

We may need to pull in #16586 as an urgent fix, as it's breaking GNOME 50 and resolute. The cause is #16326 which was new in 2.74.

[ernestl]

Failure analysis:

spread nested-ubuntu-26.04

(1) This passes in the dev environment, this is understood to be related to the new 6.19 kernel:

• openstack-ext:ubuntu-26.04-64:tests/nested/core/remount-hotplug

(2) These passes in the dev environment, it is related to the 6.19 kernel. The problem is
that we cannot successfully pass the recovery code over the serial connection. Workaround is in progress
where we proved using a different method works: #16589:

• openstack-ext:ubuntu-26.04-64:tests/nested/manual/broken-model:hook
• openstack-ext:ubuntu-26.04-64:tests/nested/manual/broken-model:tpm
• openstack-ext:ubuntu-26.04-64:tests/nested/manual/core20-fde-dbx

Known, see as previous release attempt:

• openstack-ext:ubuntu-26.04-64:tests/nested/manual/minimal-smoke:secboot_disabled
• openstack-ext:ubuntu-26.04-64:tests/nested/manual/minimal-smoke:secboot_enabled

spread ubuntu-daily

(3) Known issue with 6.19 kernel affecting networking/sockets: https://bugs.launchpad.net/ubuntu/+source/linux-meta/+bug/2141298

• openstack:ubuntu-26.04-64:tests/main/desktop-portal-filechooser
• openstack:ubuntu-26.04-64:tests/main/interfaces-firewall-control
• openstack:ubuntu-26.04-64:tests/main/interfaces-network
• openstack:ubuntu-26.04-64:tests/main/interfaces-network-bind
• openstack:ubuntu-26.04-64:tests/main/server-snap:goServer
• openstack:ubuntu-26.04-64:tests/main/server-snap:pythonServer

spread ubuntu-xenial-bionic

(4) Needs to be investigated...

• openstack:ubuntu-18.04-64:tests/main/nss-modules:nis
• openstack:ubuntu-18.04-64:tests/main/nss-modules:winbind

spread opensuse

(5) Needs to be investigated...

• Error: Failed to CreateArtifact: Unable to make request: ECONNRESET

We will continue with the release, and investigate the remaining failures in parallel, only in the interest of time.