Comment 2 for bug 2031943

Verification -- build an image with a 6.2 kernel, and ensure that snap preseed operates as expected.

note: the package in proposed has 2 commits related to snap preseeding -- the one related to this Bug, and https://bugs.launchpad.net/ubuntu/+source/livecd-rootfs/+bug/2024639 . Can't really separate them fully, so i'll comment on both bugs with this specific test case

Test case and instructions

1. downloaded deb-source of proposed-livecd-rootfs
    1a. lxc launch ubuntu:j
    1b. apt update && apt install dpkg-dev (to download the deb source)
    1c. enable `proposed` in sources.list
    1d. sudo apt-get source livecd-rootfs=2.765.24
    1e. exit container and lxc file pull source
2. using `ubuntu-bartender` from `ubuntu-old-fashioned`, run a build that requires the 6.2 kernel and does snap preseeding
    2a. in this case, built an project=ubuntu-cpc image-target=gce
        * NOTE: This requires cpc secret sauce to build. Unfortunately, there aren't any images in non-secret-sauce that use the HWE kernel.
3. Check for copying / mounting 6.2 kernel features in the code. log snippet:

+ snap_validate_seed mountpoint_gce
+ local CHROOT_ROOT=mountpoint_gce
+ '[' -e mountpoint_gce/boot/vmlinuz ']'
++ readlink --canonicalize --no-newline mountpoint_gce/boot/vmlinuz
++ grep --extended-regexp --only-matching --max-count 1 '[0-9]+\.[0-9]+'
+ local kern_major_min=6.2
+ '[' -d /usr/share/livecd-rootfs/live-build/apparmor/6.2 ']'
+ umount mountpoint_gce/sys/kernel/security/apparmor/features/
+ mount --bind /usr/share/livecd-rootfs/live-build/apparmor/6.2 mountpoint_gce/sys/kernel/security/apparmor/features/
+ '[' -e mountpoint_gce/var/lib/snapd/seed/seed.yaml ']'
+ snap debug validate-seed mountpoint_gce/var/lib/snapd/seed/seed.yaml
++ realpath mountpoint_gce
+ /usr/lib/snapd/snap-preseed --reset /build/mountpoint_gce
++ realpath mountpoint_gce
+ /usr/lib/snapd/snap-preseed /build/mountpoint_gce
ubuntu classic preseeding
starting to preseed root: /build/mountpoint_gce
using snapd binary: /tmp/snapd-preseed/usr/lib/snapd/snapd (2.59.5)
2023/08/21 21:25:46.286526 main.go:57: running for preseeding
2023/08/21 21:25:46.310274 overlord.go:272: Acquiring state lock file
2023/08/21 21:25:46.310292 overlord.go:277: Acquired state lock file
2023/08/21 21:25:46.354527 daemon.go:247: started snapd/2.59.5 (series 16; classic) ubuntu/22.04 (amd64) linux/5.15.0-1041-aws.
2023/08/21 21:25:46.370960 daemon.go:340: adjusting startup timeout by 30s (pessimistic estimate of 30s plus 5s per snap)
2023/08/21 21:25:46.382935 backends.go:58: AppArmor status: apparmor is enabled and all features are available
2023/08/21 21:25:46.889313 helpers.go:146: error trying to compare the snap system key: system-key missing on disk
2023/08/21 21:25:58.334026 daemon.go:428: stopping snapd as requested
2023/08/21 21:25:58.349910 daemon.go:521: gracefully waiting for running hooks
2023/08/21 21:25:58.349930 daemon.go:523: done waiting for running hooks
2023/08/21 21:25:58.350457 overlord.go:516: Released state lock file
unmounting: /tmp/snapd-preseed

4. register the image in GCE
    4a. push resultant builds tar.gz to a bucket
    4b. register an image by pointing to the file in the bucket
        * NOTE: this elides a few details. I used a Canonical internal only tool to speed this up.
5. boot the image as an instance and check kernel and snap debug preseeding

john.chittum@test-snap-preseed-jammy-62:~$ sudo snap debug seeding
seeded: true
preseeded: true
image-preseeding: 11.433s
seed-completion: 17.179s
john.chittum@test-snap-preseed-jammy-62:~$ uname -a
Linux test-snap-preseed-jammy-62 6.2.0-1011-gcp #11~22.04.1-Ubuntu SMP Wed Aug 2 05:19:58 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux

this validates that the 6.2 kernel apparmor info was mounted, and snap preseeding done with the proper set of features and capabilities.