I didn’t want to containerize every installed app. Switched to Arch and don’t have to worry about it.
this post was submitted on 08 Mar 2024
197 points (94.6% liked)
Linux
50344 readers
1546 users here now
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Rules
- Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
- No misinformation
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
founded 5 years ago
MODERATORS
I installed PyCharm via flatpak. I don’t appreciate that I can’t access vim via the IDE’s terminal, and so far that’s all I really have to say about it. I like that things are sandboxed, and I think maybe this wasn’t the kind of thing I ought to have used flatpak for.
I have to agree. I tried some of the JetBrains IDEs from Flathub, and I switched back to the regular JetBrains Toolbox versions.
I usually prefer not to use them, but they flatpak for Prism Launcher comes with all versions of Java preinstalled which is convenient because I play verious versions of Minecraf, other than that I try to use xbps as much as possible
I think Flatpaks are great for applications like Firefox, Steam, etc. where dependencies or delay in package distribution due to building multiple versions can be a problem.
However, there are many situations where Flatpak's sandbox can be more detriment than helpful, if the application wasn't developed with that in mind. It's not a silver bullet for everything.
The sandbox can be very cumbersome when there is not a way to break out. I'm thinking specifically of command line tools for developers. You can poke holes in the sandbox to access the filesystem, but the moment you want to run an executable it won't let you.
Flathub doesn't accept CLI tools (unlike the Snap store)
Regarding modifying Sandboxes, try Flatseal
Other way around, accessing command line tools. As far as I know, there is no sandbox setting to allow access to execute commands directly on the host system.
load more comments
(2 replies)
load more comments
(1 replies)
load more comments
(2 replies)
I like it but I would prefer it to be more restrictive out of the box. Such as have apps declare a list of urls the are permitted to contact , a browser could have * .
I'd like a more granular filesystem list too more akin to apparmors were each file path needed is explicitly defined, in some cases you would need a wildcard or a directory but for most apps this could be done.
It's the easiest solution to packaging software for Linux that doesn't mean it's good, In fact fhe way no dependencies are shared absolutely wrecks my hard drive and makes everything super long (downloading, updating, etc...).
Where it shines is security but to be honest do you really need an open source app to be in it's own secure sandbox?
I vastly prefer nix and I wish packaging stuff for it was easier.
As other have pointed out, saying that "no dependencies are shared" is a very missinformed take, given that sharing dependencies as runtimes is an integral part of Flatpak's structure. But what makes it even funnier and more obvious that you don't know what your talking about, is that you than cite Nix as something you "vastly prefer" when Nix actually deals with dependencies in a very similar way to Flatpak. From the official site:
You can have multiple versions or variants of a package installed at the same time. This is especially important when different applications have dependencies on different versions of the same package — it prevents the “DLL hell”.
In both Flatpak and Nix, apps will only download a different version of a dependency when they need it. This ensure that, instead of breaking, the app will work the same on any system (be it an old stable Debian or a bleeding edge Arch system), without requiring devs to create monkey patches that they have to maintain as things evolve. It has the potential to immensely reduce the burden on app devs and maintainers, and make it a lot easier to make apps for Linux.
load more comments
(4 replies)
I dont use insecure tools to install software
What's not to Ike? These systems' development has been long overdue.