?? I manage flatpaks exclusively in the terminal
I’ve never heard anyone say that Flatpaks could result in losing access to the terminal.
My only problem with Flatpaks are the lack of digital signature, neither from the repository nor the uploader. Other major package managers do use digital signatures, and Flatpaks should too.
Nah, it’s the same as with systemd, docker, immutable distros etc. Some people just don’t appreciate the added complexity for features they don’t need/use and prefer to opt out. Then the advocates come, take not using their favorite software as a personal insult and make up straw-men to ridicule and argue against. Then the less enlightened of those opting out will get defensive and let themselves get dragged into the argument. 90% that’s the way these flame wars get started and not the other way around.
For the record, I use flatpak on all my desktops, it’s great, and all of the other mentioned things in some capacity, but I get why someone might want to not use them. Let’s not make software choice a tribalism thing please. Love thy neighbor as thyself, unless they use Windows, in which case, kill the bastard. /s
I was just wondering the connection between flatpaks and the terminal because I’ve never heard of flatpaks before and Wikipedia says they’re a sandboxed package management system or something?
I love installing things from the CLI and prefer to only do it that way but Linux needs a single click install method for applications if it’s ever going to become a mainstream OS. The average person just wants to Google a program, hit download and install. If not that then they want to use a mobile-like App Store.
Flatpak is kind of perfect at achieving both those things
There have been GUI package managers for decades.
Oh 100% but have you tried to explain how to use one to a computer novice? Like yes, the answer is usually “they should just…” but novice users will never. With flatpak, they get an experience similar to how MacOS works and a bit like how .exes work and it Just Works™️
Edit: like I’ve had trouble showing people how to use the GNOME App Store which could not be any more simple. Anyone who has been convinced to install Linux already feels way out of their element so making everything feel as natural as possible is essential (and I mean, flatpaks are awesome anyway)
Wait how do you install flatpaks? I add the remote (if necessary) and then install it from there. That is nothing like I have ever seen on Windows (though apparently there are package managers).
I think he’s referencing the flathub install button where you can just hit install.
That just displays the command or is there a browser extension that runs it for you too? Most Windows apps certainly don’t run by just clicking a button either.
It’s a flatpak://url that opens the app store on the computer where you do a one click install. So technically it’s two clicks.
Ah, I don’t have an app store. That would explain why I have never seen it.
OpenSUSE has OneClick install for RPMs. https://en.opensuse.org/openSUSE:One_Click_Install
Edit: and if you happen to download an rpm, you just double click it in the filemanager (or single click if that is your setting) and it launces the install GUI.
Its similar to how MSI file install looks…just next next finish kind of thing
For sure and I agree that should be enough but the average person is not good with computers and they don’t want to learn. They won’t understand the nuances of different distributions of Linux. Like try explaining the difference between a .deb, a .tar.gz, and a .rpm to a person who’s already hésitent about using Linux. Flatpak solves that by just having one download that any Linux install can use
Those mystical average people would probably stay on Windows, if they don’t care or cannot learn basics of other systems. Its really not hard to explain and understand, even for “average person” that there is an universal source for applications and there are packages designed and managed by your operating system. I think its important for people to learn basics and we should teach them, not dumb them down like on Windows. Soon people won’t be able to eat themselves anymore…
Appimage
Ah, that’s actually what I was thinking of in my previous comment
deleted by creator
I spent my time fighting AppImages until Canonical started to force Snap on me. I hated Snap so bad it forced me to switch distros. Now I appreciate Flatpak as a result and I don’t find AppImages all that bad, either. Also, I haven’t found myself in dependency-hell nor have I crashed my distro from unofficial Repos in well over a decade.
-It’s a long way of saying It works for me and it’s not Snap.
Appimages are ok, bloated but ok. Unless a library inside is old and won’t work.
Flatpak is annoying and I don’t like it at all, so I don’t use it. Easy solution.
Fuck snap though.
Flatpaks are great for situations where installing software is unnecessary complex or complicated.
I have Steam installed for some games, and since this is a 32 bits application it would install a metric shit-don of 32 bit dependencies I do not use for anything else except Steam, so I use the Flatpak version.
Or Kdenlive for video editing. Kdenlive is the only KDE software I use but when installing it, it feels like due to dependencies I also get pretty much all of the KDE desktop’s applications I do not need nor use nor want on my machine. So Flatpak it is.
And then there is software like OBS, which is known for being borderline unusable when not using the only officially supported way to use it on Linux outside of Ubuntu – which is Flatpak.
deleted by creator
btw
OBS worked pretty well for me last time I used it, using the basic package Debian provided.
And then there is software like OBS, which is known for being borderline unusable when not using the only officially supported way to use it on Linux outside of Ubuntu – which is Flatpak.
But why is that? I mean just because it is packaged by someone else does not mean its unusable. So its not the package formats issue, but your distribution packaging it wrong. Right? In installed the Flatpak version, because they developers recommended it to me. I’m not sure why the Archlinux package should be unusable (and I don’t want to mess around with it, because I don’t know what part is unusable).
But why is that?
Because the OBS developers say so.
And since I’m not on Ubuntu, I use the Flatpak version to get OBS as intended bey the OBS developers.
So its not the package formats issue, but your distribution packaging it wrong. Right?
Exactly. Most distributions fail hard when it comes to packaging OBS correctly. The OBS devs even threatened to sue Fedora over this.
https://gitlab.com/fedora/sigs/flatpak/fedora-flatpaks/-/issues/39#note_2344970813
The quoted image does not say so, they do not say the native packaging from your distribution is borderline unusable. That judgement was added by YOU. The devs just state the package on Archlinux is not officially supported, without making a judgement (at least in the quoted image).
As for the Fedora issue, that is a completely different thing. That is also Flatpak, so its not the package format itself the issue. Fedora did package the application in Flatpak their own way and presented it as the official product. That is a complete different issue! That has nothing to do with Archlinux packaging their own native format. Archlinux never said or presented it as the official package either and it does not look like the official Flatpak version.
So where does the developers say that anything that is not their official Flatpak package is “borderline unusable”?
The quoted image does not say so
It does exactly say so. Flatpak is the only supported and official method of installation when you’re not using Ubuntu.
As for the Fedora issue, that is a completely different thing. That is also Flatpak, so its not the package format itself the issue.
Exactly. And the Flatpak version from Fedora was unusable.
So where does the developers say that anything that is not their official Flatpak package is “borderline unusable”?
They don’t. It’s just unsupported.
I don’t know what you are smoking, I’ve used OBS for years installed from the AUR with zero problems…
This is the main benefit. However, i’m finding the software I use requires less dependencies and libraries these days.
I barely even use flatpaks anymore. Almost everything is in official repos. I couldn’t tell you the last time I had a dependency conflict.
Flatpaks are great for situations where installing software is unnecessary complex or complicated.
That’s my main use for flatpaks too. Add to that any and all closed source software, because you can’t trust that without a sandbox around it.
Recently I’ve moved from using flatpak for electron apps and instead have a single flatpak ungoogled chromium instance I use for PWAs.
I have used rpms, AppImages, Flatpaks, and source. I have even used a snap or two when I had no other choice.
If you can’t work with them all, can you even say you Linux Bro?
Bro, TRUTH. I have preferences but when you gotta get something done, it doesn’t matter how the app comes bundled. I’d run .exe’s through Wine if I needed to.
If you don’t compile everything from source, you may as well get a Chromebook!
Never, ever, ever do more effort than is required.
If it’s a mostly self-contained app, like a game or a utility, then Flatpak is just fine. If a Flatpak needs to interact with other apps on the host or, worst case, another Flatpak it gets tricky or even impossible. From what I’ve seen though, AppImage and Snap are even worse at this.
Flatpak doesn’t support dev device access no matter what I use flatseal and all the shabang, so bottles is useless to me for a lot of the wine applications I would like to “not emulate”
Former OS security here (I worked at an OS vendor who sold an OS or two and my job involved keeping it secure).
Fuck no.
Sorry if that makes you downvote, but it doesn’t make them safer.
Would you mind elaborating?
A few reasons security people can have to hesitate on Flatpak:
- In comparison to sticking with strictly vetted repos from the big distros like Debian, RHEL, etc., using Flathub and other sources means normalizing installing software that isn’t so strongly vetted. Flathub does at least have a review process but it’s by necessity fairly lax.
- Bundling libraries with an application means you can still be vulnerable to an exploit in some library, even if your OS vendor has already rolled out the fix, because of using Flatpak software that still loads the vulnerable version. The freedesktop runtimes at least help limit the scope of this issue but don’t eliminate it.
- The sandboxing isn’t as secure as many users might expect, which can further encourage installing untrusted software.
By a typical home user’s perspective this probably seems like nothing; in terms of security you’re still usually better off with Flatpak than installing random AUR packages, adding random PPA repos, using AppImage programs, installing a bunch of Steam games, blindly building an unfamiliar project you cloned from github, or running bash scripts you find online. But in many contexts none of that is acceptable.
I thought flatpaks were created to make packaging easier, not to solve all security issues. Still sounds like a win to me.
I mean, they added “bash scripts you find online”, which are only a problem if you don’t look them over or cannot understand them first… Their post is very much cemented in the paranoid camp of security.
Not that they’re wrong. That’s the big thing about security once you go deep enough: the computer has to work for someone, and being able to execute much at all opens up some avenues of abuse. Like securing a web based service. It has to work for someone, so of course everything is still vulnerable at some point. Usually when private keys or passwords are compromised if they’re doing things remotely correctly, but they’re still technically vulnerable at some point.
The parent comment mentions working on security for a paid OS, so looking at the perspective of something like the users of RHEL and SUSE: supply chain “paranoia” absolutely does matter a lot to enterprise users, many of which are bound by contract to specific security standards (especially when governments are involved). I noted that concerns at that level are rather meaningless to home users.
On a personal system, people generally do whatever they need to in order to get the software they want. Those things I listed are very common options for installing software outside of your distro’s repos, and all of them offer less inherent vetting than Flathub while also tampering with your system more substantially. Though most of them at least use system libraries.
they added “bash scripts you find online”, which are only a problem if you don’t look them over or cannot understand them
I would honestly expect that the vast majority of people who see installation steps including
curl [...] | sh(so common that even reputable projects like cargo/rust recommend it) simply run the command as-is without checking the downloaded script, and likewise do the same even if it’ssudo sh. That can still be more or less fine if you trust the vendor/host, its SSL certificate, and your ability to type/copy the domain without error. Even if you look at the script, that might not get you far if it happens to be a self-extracting one unless you also check its payload.Yea, that’s why I added the, “not that they’re wrong…” part. Interesting how no one actually understands what those simple words mean.
Not a fan. There’s often trouble, and some settings is hassle, and sometimes not even working.
Flatpak have their own set of issues. One thing is, that Flatpak applications do not integrate that easily and perfect like a native package. Either rights are to given, you need to know what rights are needed and how to set it up. Theming can be an issue, because it uses its own libraries in the Flatpak eco system instead your current distributions theme and desktop environment.
But on the other hand, they have actually a permission system and are a little bit sandbox compared to normal applications. Packages often are distributed quickly and are up to date directly from the developers, and usually are not installed with root rights.
I’m pretty much a CLI guy as well and prefer native packages (Arch based, plus the AUR). But I also use Flatpaks for various reasons, alongside with AppImages.
Could things like this go in linuxmemes? Memes are fun but it would be nice to keep this a place for actual information. And no, this is not a comment on what it’s saying, I’m just tired of so many memes.
deleted by creator
The issue I have with flatpaks is the size for most applications. It just doesn’t make sense for me. Not that it’s not useful and has it’s purposes.
Flatpaks aim to be a middle ground between dependency hell and “let’s pull in the universe” bloat.
Applications packaged as Flatpaks can reference runtimes to share “bases” with other applications, and then provide their own libraries if they need anything bespoke on top of that.
and has it’s purposes
Unlike that apostrophe.
I’m 2 months into my Linux journey and I don’t use flatpak. I’ve had the odd problem with it. I stick to pacman and yay now.
I’m not a huge fan of Flatpaks, they’re a lot harder to distribute offline versus something like AppImage. Seriously, you have to like create an offline repository, then create a bundle, and it’s like 6 or 7 steps, it’s honestly kind of ridiculous lol but other than that they seem fine, and they’re easy enough to update (but so are apt packages)
I know some people may say “oh why do you need that”, but Linux has taught me that my computer is my own, and I should be able to use it the way I want to. I shouldn’t have to fight with my package manager to get it to do what I want. So I guess you could say, no I’m not really a fan of Flatpaks.
Personally, I didn’t mind Snaps, but I’m getting kind of really fed up with especially for-profit companies etc so I don’t like Snap that much now either.
Apt packages are nice, but the more of them you have installed, especially if you’re using Ubuntu-based distros and have lots of PPAs, the more annoying upgrading your distro version can be because of all the dependencies and cross-dependencies.
AppImage tends to just work for me, as long as it’s not compiled with a newer libc-bin version than the distro I’m currently using has, and I really enjoy that it’s just one file I can copy and run pretty much anywhere.
I seem to have constant issues with AppImages. Every single one I have currently won’t open. I get an error message relating to either qT or GTK. Tried searching for the error and get a bunch of old forum threads talking about either not being compatible with Wayland at all, or comments stating that the one specific AppImage in question must have been “packaged badly”. Thankfully, nothing ‘mission critical’ for me is an AppImage currently, but it is quite upsetting that I have the most problems with the supposed “just works” app packaging/distribution option.
Yes, Flatpak is overall a better approach when compared to AppImages, since being dependent on a known runtime ensures the program will run whenever the runtime is available.
What I wish they would add is a way to run the flatpak in a portable way. Because as it stands, AppImages is the only option for that. Flatpak doesn’t really allow to have a portable installation in a pendrive, for example. At the moment there’s no replacement for AppImage in such use cases, which is a pity.
But there’s no fundamental technical design roadblock in flatpak that would prevent it from supporting this in the future, imho. theoretically one could create a program that mounts the flatpak file into a ramfs layered with the runtime and run it.
Yeah that’s why I’m a bit weary of switching to Wayland, so many apps still seem unsupported, or have issues, whereas on X11 everything for me just works. Plus, the two DE’s I’d actually consider using either don’t have Wayland support at all or have very early experimental support (Cinnamon and Xfce) so it’ll still be a while for me before I am able to consider switching to Wayland, assuming everything else works.
I don’t actually know if it is a Wayland issue - most of those forum posts are like 3 years old… And I have definitely used these same AppImages in the past on Wayland without issue. I think the AppImages are expecting some specific dependency to be installed on my system that is no longer installed due to updates. (which I thought was counter to the entire point of an AppImage? I thought it was supposed to be kinda like Flatpak where it has it’s dependencies in the image? Maybe I just misunderstood AppImage…)
To give you some hope, my Distro switched to Wayland as default a little over a year ago (i think) and I have not been running into problems (outside this AppImage problem, if it is indeed a Wayland issue, which I cannot confirm or deny).