I think Red Hat should really be stepping up more here, especially since with RHEL 10 they stopped maintaining a ton of desktop packages with the advice for users of those packages being "get the package from Flathub instead of from us" (see https://docs.redhat.com/en/documentation/red_hat_enterprise_... , search for Flathub). If that's Red Hat's attitude towards desktop software, they should be providing the resources to make Flatpak a viable alternative.
> A user's Linux distribution may still be providing an older version of Flatpak that does not have support for --device=input, or whatever new feature that a Flatpak developer may wish to use. Wick said there needs to be a way for applications to use the new permissions by default, but fall back to the older permission models if used on a system with an older version of Flatpak.
I'm glad he brought that up as a problem. I maintain a game on Flathub that has audio and controller support. Because of the limited permissions granularity, that means that the game is displayed as requiring arbitrary device access (--device=input is too new, so the Flathub maintainers don't allow it in packages yet) and being able to listen to your device's microphone (the audio permission doesn't allow only accessing speakers but not microphones). I hope that Flatpak adds backwards compatibility for permissions so newer Flatpak versions can start having more granular permissions.
Seems there were a myriad of causes for this including lack of Native Messaging, no ability to deploy policies centrally, and broken integrations with various other parts of the desktop ecosystem.
The only place I really see RHEL workstations is in special purpose applications, and in most of those the users either have a separate Windows box, or they Citrix/RDP into the corporate Windows environment to do normal office productivity things anyway.
Also, several releases ago, RedHat already started to wind down their desktop efforts, just leaving server/container/cloud as the primary use case for RHEL, with desktops just as "this could also work". That latest decision to drop a lot of desktop related stuff is just a logical continuation of this policy.
This is just made all the more true if there is an alternative source for these tools, like Flathub.
The point I was trying to make is that Red Hat is deprecating graphical desktop programs on RHEL and telling their customers to switch to getting them from Flathub, while a Red Hat employee giving a talk about the future of Flatpak is saying that it's not actively developed anymore and that there's nobody responsible for reviewing MRs for new features. I'm not saying that it's necessarily a bad thing that Red Hat stopped packaging graphical programs. I'm saying that since they've endorsed Flatpak as their alternative to packaged graphical programs, I wish Red Hat would put some of the development resources they've saved from no longer packaging/supporting those graphical programs into helping to improve Flatpak.
I very much agree with this. It would be nice to see some better coordination and support, especially for those who are able to leverage Flatpaks to reduce their own overhead.
Didn't that get undone with RHEL 8?
I'd really like to know how many workstation licenses Redhat really sells. It's been so long, I didn't even realize that they still had a separate workstation license available for purchase. When you have the same distribution setup for Servers and Workstations, it seems to me that one of those flavors is going to dominate and the other will be eventually be neglected. Who are the users that are buying and using Workstation licenses?
But, when it comes down to it, I still don't see why they would want to package an Office Suite for RHEL. Or, more importantly, why a user would want to use it. RHEL is designed for stability. It's a great server OS that's well supported. Because of this, it's also known to have older versions of libraries and programs. This is okay, because many new features and fixes get backported, but it's still usually an older (stable) version of software that's included. Why would you want to have an older version of an Office Suite? Why would they want to package a newer (and riskier) version that can be installed on a server? It just doesn't make that much sense to me... it's a fundamental dichotomy between what makes a good server OS vs a good workstation OS.
Note: this give and take has been going on with Linux on the server vs Linux on the Desktop for decades. It's probably going to keep going on for decades. The things that one wants for one use case isn't what makes sense for other use cases. This is why we have different distributions, which is a good thing. The part I don't get is why RH would want to merge the two back together. Which is why I see the idea of deprecating workstation applications (as packaged by RHEL) in favor of Flatpak versions of them as a good thing from the RHEL point of view.
Sometimes institutes and businesses that insist on support contracts, and ones from the vendor publishing the software itself. Sometimes there is actual legal red tape requiring them of such, usually its just management doing management things. That requirement immediately cuts down the majority of their options, even if what I would describe as more sensible options exist under such a criteria.
Running the same OS on the client and on the server makes support much simpler. ISVs may not even support more modern OSs like Fedora or Ubuntu.
Those companies don't need an Office Suite as they have Windows machines that can run Microsoft Office. They just need a Linux desktop environment that is easy to use and stays out of the way when accessing the Workstation through VNC.
Quite a few years ago, when Flatpak was a brand new project, I met some of the original developers. I tried, and failed, to convince them to change one particular fundamental part of the design. In the original design, and today, an installed Flatpak has a name, the permissions are bound to that name, you run that Flatpak and it has its assigned permissions, and, if anything else talks to it, it talks to it by that name. If I install a VSCode Flatpak as my UID and grant it access to my Documents directory, then VSCode, running as me, has access to Documents.
I argued that this was the wrong design. If I install VSCode as me, then there should be an installed copy, and that should have approximately no significance. If I run VSCode, then the running instance should have some id (possibly ephemeral), and that instance should have a set of permissions. If I want to run VSCode with access to ~/project_a and another instance with access to ~/project_b, it should just work and the instances should not be able to access each other's data, even if they're running at the same time. If I want to run two Tailscales, it should work. If I want to fire up an ephemeral instance of Firefox, that should work, too.
However many years later, I still think I was right. Flatpak gets this wrong, MS and Apple's App Stores get this wrong, Mac OS gets this (very very) wrong, etc. There's plenty of opportunity to do better.
(This is important from a bug-mitigation perspective: a LibreOffice document that achieves RCE should not be able to access my other documents. It's also important frmo a vendor-doesn't-care-at-all perspective: VScode has basically no security to begin with, and VSCode inside Flatpak ought to have a degree of real security courtesy of Flatpak.)
I really dislike these towers of complexity in the name of security. A PC is a general purpose device and it is mine. I don't need to have permissions per each instance, i don't want sandboxes that cannot share files with other applications and I don't want the concept of everything is a file to go away in my PC. My PC is not a single window device, nor do I run a server facing the internet. Please model the threats and adjust security with usability accordingly.
I have a reason for this: Thunderbird and firefox on Ubuntu now do not have access to the /tmp directory and instead have their own directories in some unconventional place. When i want to do something as simple as save an attachment in thunderbird and open it in another program I cannot have done to /tmp and need to put it in some permanent storage. But it gets worse due to the sandboxing. Now thunderbird cannot also show me viewer applications because it is sandboxed and does have the means to suggest other installed applications.
The computer stops being mine so it becomes the playground of architecture astronauts that think usability of said programs are always less important than security. To those people I would like them to tinker on the most secure devices in the planet [1] so they would not intrude on people trying to get things done.
In any case, the right solution for saving files from Thunderbird has been known for years: “portals” or whatever a particular sandbox system calls it. The sandboxed code in Thunderbird asks more privileged code to pop up a file chooser, and Thunderbird gets to save the chosen file. Zero friction and excellent security. Sadly, no one has gotten the whole ecosystem to play along. Android has supported this for years and app developers complain and refuse to use the correct API. iOS apps barely support files. I think Flatpak can do this, but almost no one does it.
Flatpak can do it poorly. What I see is opening a file for read once gives the sandboxed app write access to that path name forever.
The threat model for a programmer is likely much more complicated than for a regular user, but not related to sandboxing.
Regarding the "server facing the internet is real", I am not sure I get your point. Could you elaborate?
The point you make about portals and how the support exists but neither Flatpack/IOS or Android ecosystems get it right is very revealing: when nobody gets it right then it likely means the design is broken. Even Fuscia failed and it was an OS built from scratch to focus on userspace isolation and contracts for IPC and syscall.
Anyway it is very unfair to the users when designs supplant existing ones breaking things that used to work. Again we are talking about very basic computer usage patterns that have existed for several decades.
What I mean is: once upon a time, computers were often not really accessible to the Internet, and a server with an open port was the major attack vector. Sure, you could maybe get compromised by opening a malicious document that someone emailed you or gave you, but that was a slower-moving and more unusual attack vector. The code that you intentionally executed was largely things that you bought, possibly offline and possibly online, installed, and used for a long time.
Nowadays, everything has a web browser, but fortunately it has a decent internal sandbox. But people run "apps", and "apps" have broad permissions and, by design, execute code that comes from their supposed vendor. And people literally buy out vendors of popular apps to be able to deploy arguably malicious code to their user base. And some of these "apps" and plenty of developer applications, by design, run code or the equivalent of native code (thanks, Apple, for your lovely incoherent policies about code integrity) that come from third parties, and possibly from the fourth parties selected by those third parties, etc, and auto-update this code. Increasingly, people do things like running MCP, which is basically a tool to give a remote system remote control of your system. And, in my book, on client machines (e.g. the kind that are likely to use Flatpak or similar systems, all these things are more important attack vectors than servers facing the Internet.
In the end, when it comes to security, the average user doesn't know best and should let the people who do design the systems. This is why we have seatbelt and child endangerment laws.
But it has been mine for decades and nefarious developers somehow weren't a real issue in my distro's repositories for this whole time. It's a self-inflicted problem.
And it mah still not have been the right decision because when it comes to products like Flatpak there are a lot of considerations beyond just what the best technically correct choice is.
For example, based only on your comment, basically every other OS does it the same way Flatpak does it. So if the Flatpak developers had done it the technically correct way like you suggested, it may have been enough of a burden for app developers, especially multiplatform app decelopers, that they wouldn’t have used Flatpak in the first place.
For your documents, you will usually want your approach. Maybe with some optinal allowance for useful things like a "recently used documents" menu or something.
But for more enviromental things, I would want at least the option of allowing all instances the same access without a lot of permission prompts later on. E.g. my git config, my fonts folder, my code snippets library, stuff like that.
It is what I had wanted too, not only you.
I think that the entire operating system should need to be redesigned for many reasons (I mentioned before how to design a better one), and it would have that effect, that specific instances of a running program would be given capabilities as arguments (or through other capabilities, but the first ones must be given as arguments), and these capabilities can have restricted permissions, as well as more versatile things e.g. to log access, or to go through a proxy, or to set a disk quota, etc.
Web browsers do already use a variety of sandboxing techniques to achieve separation between tabs. Some of these techniques work inside Flatpak, but some of them are broken by Flatpak:
> Ideally, Flatpak would simply support nested namespacing and nested sandboxes, but currently it does not. Flatpak uses seccomp to prevent applications in a sandbox from having direct access to user namespaces.
Some of them are replaced by Flatpak, for application developers that wish to use the APIs:
> What Flatpak does instead, currently, is to have a kind of side sandbox that applications can call to and spawn another Flatpak instance that can be restricted even further
Fortunately, it seems Wick is optimistic about UID namespacing, the main thing stopping Firefox and Chrome from fixing this:
> Wick feels that user namespaces are, nowadays, a well-tested and a much-used interface. He does not think that there is much of a good argument against user namespaces anymore.
Back to the topic of instanced Flatpaks, as I understand one snag is that there is a long-term desire (by app stores/platforms in general) for a full boot-to-userspace code-signing setup to be tied into the sandboxing. The identity of each application should remain the same (unless specifically overridden by a power user) so that a fake version of an application can't adopt an existing application's confidential encrypted files if it doesn't meet the codesigning requirements. I guess one solution here would be for the segregated instances to be nested inside the application's identity, but that's getting quite complex. And we don't even have encryption nor any functioning secure boot + confidential computing implementation yet -- all we really have so far on this front is the reverse domain name notation being verified by Flathub, with filesystem access sandboxing to keep these folders separate.
As far as I know, older packaging systems like dnf/yum and apt allow what Flatpak allows.
Maybe the developers just wanted to focus on being a good packaging system, which as we’re seeing is a hard enough job, and not on changing the permission model of packaging systems. Seems reasonable?
Flatpak is probably the best way to distribute desktop apps on Linux. I say this as an app dev, a packager, and a user. At one point I maintained close to a dozen packages.
I eagerly waited for months to see what they would do next - what magical features they would introduce. I was active on the forums helping other users package apps, helped review Flathub submissions (since it was always the same problems each time), and started checking out what PRs were happening. Silence.
The months turned into years, and as more years came, I slowly fell away from engaging with Flatpak. I'm back to using the AUR for most things (Arch, btw), but I'm quite sad to hear the situation get spelt out. Flatpak really was revolutionary; bringing modern apps and painless distribution to all desktops - LTS or rolling release. But it hasn't really changed at all since it first took off years ago.
I couldn't care less about sandboxing if the UX sucks as a result.
If binary portability wasn't such a complete joke on Linux we wouldn't need Flatpak, but here we are.
There's just one problem: they don't integrate with desktop without an additional application. We need a feature where dropping an AppImage into "~/.local/share/applications" would automatically detect it as a ".desktop" file and make it appear in the DE menus.
Their biggest problem is that they're not actually truly portable between distributions. They're a gamble of what they're compiled and bundled against, and it's possible for two distributions to not have binary compatibility with each other due to user space differences (different versions, compile flags etc). The kernel developers may not break userspace between updates, but userspace developers certainly have no qualms about breaking userspace.
When you head out of Ubuntu/Debian where developers often build AppImages on (because Linux is a neglected platform and when they think Linux they think Ubuntu), they often fail to run or have errors (e.g. on Fedora). There's more problems such as the terrible practice of encouraging people to set the execute flag on binaries they download off the web.
Flatpak avoids the dependency problem entirely because it's uses runtimes and namespace to ensure reproducible and stable runtime environments.
- installing: easy to locate, install and has centralized management for updates.
- flatpaks are also persistent. User-installs are in the home dir.
- sandboxing built-in.
Can't comment on other stuff. Haven't had issues.
This is both a pro and a con. For example, one big downside of this approach is that it can make installing third party plugins and scripts much harder than it should be.
https://www.omgubuntu.co.uk/2022/10/appimagelauncher-install...
GitHub link: https://github.com/TheAssassin/AppImageLauncher
They seem to work on my current systems, though, and I use a few, but flatpak has always worked on any system, and I expect it has higher chance of working as it delivers more of the system.
Me too.
But there is a "bigger picture" view of this which I think is important and relevant:
• AppImage encapsulates apps' requirements using the app bundle format from the ROX desktop: https://rox.sourceforge.net/desktop/
• ROX borrowed the idea of app bundles from Acorn's RISC OS, which is still around and is FOSS now: https://www.riscosopen.org/content/
• The RISC OS desktop treats folders whose names begin with a pling (`!`, an exclamation mark) specially. It expects a structure inside with an icon, a launcher script, etc.
• RISC OS also had an "icon bar", a forerunner of the Windows taskbar
• One of the Acorn engineers who worked on RISC OS was head-hunted to NeXT Computer in California. He took his Archimedes with him.
Source: an interview I arranged: https://www.theregister.com/2022/06/23/how_risc_os_happened/
• About a year later, Steve Jobs demonstrated NeXTstep 0.8 with a Dock
• NeXTstep also has app bundles, demarked by a folder called $NAME.app instead of !$NAME
This is a pervasive and influential idea. It's how macOS apps work and that can be traced to RISC OS.
NeXT style bundles are available and work on Linux if you have GNUstep. There are 2 extant GNUstep desktops:
https://onflapp.github.io/gs-desktop/index.html
https://github.com/trunkmaster/nextspace
But there is a distro which takes this idea much further and packages the _entire Linux OS_ in app-bundle directories:
I think the makers of Flatpak, Nix, Guix, and Spack -- https://spack.io/ -- all really ought to take a deep look at ROX, AppImage, and GoboLinux.
What all of these do can be done better, in a more human-readable way, if you throw away ancient UNIX assumptions about filesystem directory hierarchies.
This was mostly not designed and was in historical fact accidental anyway:
https://lists.busybox.net/pipermail/busybox/2010-December/07...
Theme is also an odd one. GUI design in general has shifted away from an OS theme and more towards an app/product theme which stays consistent between the product on different platforms. Discord for example looks largely the same on Linux, Windows, iOS, and web.
They don't even have the same cursor as the system a lot of the time. It's especially cool when running display scaling when some apps shrink the cursor to a minuscule size too because of poor system integration.
I've worked around by running a local web server for that content, but I'd rather if it just worked. The problem is also in some apps that open web browser for their documentation by invoking them directly.
Flatpaks are not perfect and I have my gripes with flatpak but the only alternative is Ubuntu's snaps.
First, library/software/data versions inside the flatpak can and will be different from the ones outside. So a flatpak might as "what is the current Qt5 theme", and get the answer "don't know about Qt5, but the Qt6 theme is cute-cats-qt6" which it cannot interpret. Things like themes might not even be available inside the flatpak, so even if the answer were parseable, cute-cats-qt6 might just not be available on the inside.
Second, flatpaks are sandboxed, so things will be filtered. This means that a query might not get through, an answer might not get through, both might be altered. Or maybe an answer might be useless because "you can get the theme at /usr/share/themes/cute-cats-qt6" points to a path that the flatpak is not allowed to access.
And is the sandboxing perhaps going a step too far if apps can't access the things they need from the environment?
For example "global push-to-talk in Discord is always fun, especially with Wayland" was solved by using the [Global Shortcuts Portal](https://flatpak.github.io/xdg-desktop-portal/docs/doc-org.fr...).
Most desktop environments / window managers support that portal and stuff like Electron does too, so for example with Slack (installed over Flatpak) in can now toggle mute even If i dont focus Slack.
True enough I'm happy with flatpak but I never stray from the default GTK themes.
I was unhappy with flatpak until I found Flatseal, now I include it on all my workstation setups.
But I can't help you with the theming unfortunately, I think that's a sore point for a lot of users that like customizing their Linux DE.
> I'm back to using the AUR for most
Have you tried makedeb then as a second channel? https://www.makedeb.org/ It uses PKGBUILDs, so pretty easy to translate. It seems so well-placed to help packagers I'm not sure why it isn't heard of more.
https://news.ycombinator.com/item?id=32936114
https://drewdevault.com/2021/09/27/Let-distros-do-their-job....
Basically, he argues that application distribution outside of the distro (a la flatpak, snap, appimage) is just a bad model. The right model is the one distros have been using for years: You get software through the distro's package manager, and that software is packaged by people working on behalf of the distro. As he says: "Software distributions are often volunteer-run and represent the interests of the users; in a sense they are a kind of union of users."
The other issue, of course, is that in practice flatpaks/snaps/appimages never seem to 100% work as well as distro packages do.
So, the model you mention only works for open source packages. And I would argue that even in the case an app is 100% open source it's a bad idea for somebody not affiliated with the core development team to be second guessing a lot of things about that application.
It results in a lot of issues that aren't necessary. Like needless lag between developers releasing new software and some third party doing whatever uninvited tweaks they think are necessary, or adding their own bugs and new issues.
It's why I always install Firefox in tar ball form straight from Mozilla for example. It updates itself as soon as developers OK some patch. This happens a lot and mostly for security and stability reasons. I want those patches when they release them. The things external distribution maintainers do are redundant. I trust Mozilla to do the right thing and be the most clued in about any issues regarding their own software. With proprietary stuff, I just want stuff to run with a minimum of hassle.
Flatpak is trying to do too many things. It's trying to emulate an appstore. I don't necessarily like app stores. They are gate keepers. What do developers on Windows and Apple do? They put binaries on their own website. You download them. You install them. And then they run. Downloaded apps have the same rights as apps provided via app stores. The app stores don't repackage the app, they merely distribute them. It's an add on service. An optional extra. All the essentials that provide security are baked into the OS and the application package. There are a few mechanisms that windows and mac provide to make things secure. Binaries are signed, the OS has a permission model for things that need that (screen sharing, directory access to certain things, using the webcam, etc). That's the right model. That could work for Linux as well. It shouldn't require taking control of distribution or packaging by some third party.
I wouldn't consider flatpak as a gatekeeper as there is no "team" going through some arbitrary process to allow/disallow an app.
I also disagree with the fact that macos and windows did the right thing, what I found in my experience managing laptops in a company that is roughly 1/3 windows, 1/3 linux, 1/3 macos is that: - What windows is teaching users is to download random stuff and bypass the warning screens if something is not signed. Unless there is a company policy and a third party software to update what is installed, by default things installed are a mix of up to date and not update to date software. - Macos user do not install operating system and software updates unless a third party software is installed and force them too - Linux users have things up to date, only distribution version updates (e.g. fedora 41 to fedora 42) are inconsistent.
So my take is that, even if things on not perfect with flatpak, rpm/dnf, fwupdmgr and package manager, this is much better than having to pay for third party tools in macos and windows because of the lack of a good way to distribute and maintain apps at the operating system level.
Of course everybody (including Mozilla) can create their own repository and then you can install from any repository you like. But how is that different than just downloading whatever and installing that? And that's more of a hypothetical. Mozilla doesn't do that and doing such things is not common.
What Apple and MS enforce via signatures is that what you install and run was produced by somebody with a valid certificate that passed their screening.
The problem flatpak hasn't solved is that the likes of Mozilla still have no good way to distribute the most recent version of their application to all Linux users. So they put a tar ball on their website instead.
Fedora has its own repo, they manage it, i don't see the problem there. After it doesn't prevent adding others like flathub and the experience from a user point of view is the same.
You can also provide a flatpak ref file that user can use to install.
Signing app doesn't means much appart that someone paid for that and went through a process IMO, there's not much value to it from the user pov, especially when the first thing a Windows user learns is to ignore signature warnings.
Have you tried using flatpak?
There are, I suppose, always a few programs that don't get upated by 'sudo dnf update' but do get bothered by updates to the shared libraries via the same. Perhaps there are some config files that get damaged by software bugs or power outages or system crashes or my own mistakes and carelessness. I also found out that if one loses the dnf program, one will discover just how impossible it is to pull oneself up by oneself's bootstraps.
Mint was a very similar situation. Maybe not so bad for one who follows all the rules, but in those bygone days there were people suggesting that updating Mint programs with newer versions fron the ubuntu or debian repos was a good idea. And because Mint was slow to get updates, I would attempt to update some apps by downloading source and building and installing here.
Last year, when I upgraded Fedora from 39 to 41, was the first time I got any OS upgrade to work instead of wiping the disk, doing a fresh install of the new OS version, and then spending a week or month trying to get my data for the installed apps (eg web browser and email) from backups. But the upgrade took much longer than it should have, because once I started running the upgrade process, I did not know that the computer sitting there dead silent with no action on the screen for about 30 hours was a sign that all was going well. Computers are evil.
The worst thing about unvetted app stores it that anyone can publish software!
Besides this, for open source packages, the code gets built on Flathub's build servers without internet access. The source code associated with a given Flathub package version must be either a specific Git commit (verified with a commit hash) or a release tarball (verified with a sha256 hash). This means that it's always possible to verify that the code a developer publishes corresponds to the binaries being shipped to users. Closed source packages get a big warning on their Flathub pages saying that the program's code is proprietary and not auditable.
With the traditional distro packaging model, the requirements to become a maintainer are stringent and there's human review when a package is added, but there's typically no review after that point. If you'd like a recent example of the drawbacks of this system, see here: https://security.opensuse.org/2025/05/07/deepin-desktop-remo... . After the OpenSUSE security team rejected certain components of the Deepin DE for containing major security problems (including multiple root privilege escalation vulnerabilities), the Deepin maintainer smuggled them in anyway through an innocuous looking package called "deepin-feature-enable" and nobody in the security team noticed for several years. I'm not trying to call out the OpenSUSE security team here, I'm sure they don't have the resources to vet random packages. I'm saying that expecting maintainers to never ship malicious code because they went through the process to become a maintainer is a weakness of the traditional distro packaging model.
If you don't have even one user willing to do that for the distro they use, you probably weren't going to have users on that distro anyway.
If you are unwilling to use tools like Flatpak, then that limits what distros you can make. e.g., in a world without Flatpak, only distros with X users can exist. In a world with Flatpak, distros with X/10 users can exist.
Another way to think about it: if you want to make/use your own distro, then using Flatpak will cut down the amount of work you have to do by some large multiple. You're free to not use it, just like you're free to install custom electrical sockets in your house and make custom adaptors for every single appliance you buy.
Standardization/centralization exists for a reason.
I feel like there's a constant tug of war on this issue. If you leave it up to app developers then they have to package their app for N distros. If you leave it up to the distro maintainers then they have to compile N apps for their distro. I don't envy either group given how different distros are and how varied apps are in quality, methodology, etc.
I look at Podman. In my opinion it could be (could have been?) a huge disruptor, but its RedHat (or Fedora or CentOS or whatever the hell those guys do now) versions are way higher than versions for other distributions, which creates for me (just a home user) an interoperability problem between all my different Linux boxes. RedHat if anybody has the resources to fix this but I guess they'd rather try to use it as a way to force adoption of their distro? I don't even know.
Both the apps and the distros are volunteer-heavy. App packaging is a big job for either side. I'm still hopeful that Flatpak can help that job
You are a good candidate to package for your distro, so there's that. And then for a random distro, if nobody feels like packaging for it, then it's just not there. Either there is not enough interest in your project, or there is not enough interest in the distro itself.
Is Devault basically saying that the application developer should just throw their source code over the wall and hope that other parties notice and figure out how to build it correctly? I would find that model of software distribution unsatisfying as a developer because merely distributing a source tarball and leaving the rest to middlemen makes it difficult for me to predict how my users will experience the final product. Even if my product is fully open source and free to fork, it's my reputation on the line when things don't work as intended. I would prefer to establish a more direct relationship with my users; to personally build and test my software in all environments that I support; and to hear directly from users whenever they experience problems.
I think that everyone who is worrying about that wants to apply corporate thinking on the open source model. Meaning they want to be a special thing where everything is supposed to be interchangeable. Just yesterday, I was compiling a program that hard depends on the GNU C library for just 2 functions and not even critical one. To be fair, the author said that they only test on Debian.
While the linux world may be fragmented, the true differences are mostly minimal (systemd vs other init system, glibc vs musl, networking manager,…) So it’s possible to decouple yourself from these concerns if you want to. But often the developer hard depends on decision made by their preferred distro team, and create a complicated build script that only works there.
Distros should not package random open source projects they don't use/understand, and developers should not package their project for distros they don't use/understand. For both, it's like shipping untested code and the conclusion is always going to be "you should all run the same system I do" or "we should all have the exact same system, let's implement Flatpak".
Developers should package their project for the distros they support (often that's just Ubuntu). Random people should package the open source projects they want to use in their distro of choice (the more popular the distro, the higher the chance that someone else has done it already). All that under the supervision of distro maintainers.
That's how you ended up with Erlang being split into 20+ packages on Ubuntu/Debian in the past. Because it was packaged by people who know little about erlang, and had too much time on their hands probably.
And that is the main issue: you want distro maintainers to compile and package every single pieces of software under the sun, but they can't possibly know every piece of software, how it works, or how it's supposed to work. Times that by the number of distros.
No. I want people who will actually use the package to package the software they need, and distro maintainer to supervise that.
> Because it was packaged by people who know little about erlang
Yep, people who won't use Erlang shouldn't package Erlang. But on the other hand, developers who won't use Erlang on platform X shouldn't package Erlang on platform X.
The "we absolutely need flatpak because otherwise it fundamentally doesn't work" philosophy is, to me, very close to saying "we must consolidate everything under one single OS. Everybody should use the exact same thing otherwise it doesn't work". That's not what I want. I want to have freedom, and the cost of it is that I may have to package stuff from time to time.
If you don't want to contribute to your distro, choose a super popular distro where everything is already packaged (and used!). Or use macOS. Or use Windows. You don't get to complain about Alpine Linux not having a package you want: you chose Alpine, that was part of the deal.
It is totally unreasonable to expect distros to be able to package every software in the world
Now I can run my latest user softwares on a stable distribution. That’s pretty cool.
There are still issues of UX. Especially when the app you are using doesn’t have enough permissions to do the job, you have no information about it and when you guess it by yourself, changing this is hard.
I’d expect that Flatpack should allow apps to specifically ask for permissions in real time or when they try to access external resources like in macOS : just expose the APIs but make them wait for user approval.
I'm at a bit of a loss. Isn't the entire point of a stable distribution _not_ having cutting edge userspace? It's an inherently double edged sword.
If you just wanted to mix and match you were always able to run (for example) a debian testing chroot under debian stable. Something like Nix is the more extreme version of that. The point of something like Flatpak then is either sandboxing or the distribution model (ie getting software from the original author).
> Flatpak still uses PulseAudio even if a host system uses PipeWire. The problem with that is that PulseAudio bundles together access to speakers and microphones—you can have access to both, or neither, but not just one. So if an application has access to play sound, it also has access to capture audio
That's a pretty decent sized hole.
Of course, Linux is then conveniently redefined in a way that nobody can be responsible, with finger pointing on every issue, rather than admit design flaws like this plague Linux as a whole.
I'm personally disappointed that sandboxing isn't easier in Linux. I hoped it would move past Windows and Mac, imagine a world where the majority of libraries are sandboxed too, we only let compression and decompression libraries read one stream and write to another, this would improve security. This has been done by both Google (in Android) and Apple (in iOS and Mac OS X), but hasn't seen general acceptance in Linux (as far as I can tell).
It sounds like not many volunteers find it very fun (which isn’t surprising, it sounds incredibly tedious, high-stakes, and annoying to work on). This isn’t the sort of thing people do for free and it also isn’t obvious what the business model is supposed to be… the incentives aren’t here.
A lot of Android vulnerabilities are bugs in open source parsers of untrusted data (open source as in AOSP or more widely used open source libraries). But the impact is smaller because Android has proper security boundaries. If desktop Linux was as popular as Android -- we would have a security disaster of epic proportions.
My Linux distribution doesn't have a built-in advertising id, unknown manufacturer modifications I can't even look at or shady processes which have more power than I do.
I think it's time for the tech community to move beyond just the tech side and understand that security is also a social contract.
Irony being that Mac OS X is the best at privacy out of the commercial OS out there.
> Irony being that Mac OS X is the best at privacy out of the commercial OS out there.
The bar is very low and OSX is still way below a Linux distribution
Once in college I cited Linus's Law in an impassioned apologia for Open Source. And I was duly corrected. Because Linus's Law really has no basis in reality.
https://en.wikipedia.org/wiki/Linus%27s_law
The reason Linux has such a model of blind trust in system services and applications is because it was based on Unix, which had an even more naïve model, because mostly, it was administrators and authorized users installing that stuff, there was more top-down monitoring and control, and just a smaller incidence of naked malice.
It's the same thing we see in earlier versions of Windows, or macOS, or the Internet. Look at the Internet in the mid-90s. Was it secure, with all the open source running on it? Hell naw. Every OS and protocol is vulnerable and attacked, and every OS and protocol revises security models based on modern-day threats. F/OSS saves nobody and mitigates virtually nothing.
To answer the GP, sandboxing has to be bolted-in to Linux after the fact. Linux's POSIX model is so old and needs to be so compatible. The only sandboxing in SVR3 Unix was chroot(2), you know? The Docker support and cgroups and virtualization are all new layers, and need careful integration. Nobody says that F/OSS doesn't need sandboxing. Nobody says that F/OSS is so secure that it can deviate from better-secured models. Quite the opposite.
Android and iOS are clean starts, mostly; didn't need to be backwards compatible, so they're tuned to the latest threat models of adversarial computing as you describe. But every single app you install on Linux could be a malware, too. I have no idea what "trusted security" or "untrusted security" are, but they aren't real terms of art in Cybersecurity, and they do nothing to describe the provenance or evolution of Linux security (which often has a lot of unused mitigations such as AppArmor or SELinux that get turned off right quick.)
Security is also a social contract.
So you still can have bad actors in the package manager model, but something like Adobe who treat user agency with contempt is less likely to happen.
So I trust my distros and its maintainers more than I trust Apple. And Apple already have most of my data via iOS.
Debian: probably, yes.
Ubuntu derivatives such as Mint, Zorin OS, and ArduinOS use Flatpak instead.
Others, such as Asmi and Linux Lite, remove snap and offer the user the option of adding it back if they wish.
I'm on Ubuntu and mostly use debs (apt), I'll use Snaps if that's the easiest way to get an update. I use Appimages for some ephemeral stuff or when that's the only way developers release it (some 3d printing stuff). I haven't installed Flatpaks at all because it doesn't jibe with the distro overall.
Ok, I do have one spare Linux laptop in my garage that I barely use, and I'm pretty sure how ever I installed Chromium used snap.
Flatpack is useful for the few ones that aren’t or for actively developed apps that get new useful features frequently.
My brother in christ, systemd, x11 and even GNU are weird extra layers on top of Linux. Linux is just the kernel. This is exactly what "redefining Linux so it's never responsible for 99% you need to put on top of Linux to have a functional modern OS" is about.
I also explained why I thought it was not really right to focus on the deficiencies of Flatpack… so, I’m not sure what the point in repeating that would be. In conclusion,
> Linux is […] exactly what […] you need
I agree!
For all of the crap that people gave the term "GNU/Linux" it's even more true today considering there are Linux-based operating systems that don't use GNU utilities.
gjsman-1000 talks about "design flaws" in Linux above, but Linux is just the kernel. There is no "Linux" operating system, despite everyone, and even Linus probably? using that term.
If you call booting init and getting a black screen "an operating system," well... that's cool I guess.
I doubt Linus ever talks to the GTK people in any meaningful way, or any other desktop environment authors. So, what design flaws?
Do you call a ladder a badly designed scaffold because it doesn't have a horizontal platform? No, it's just something entirely different all together.
Interestingly he has had arguments with them over the years, most fervently related to the development of https://subsurface-divelog.org/
I'm comparing to Windows or Mac. There's only one Bluetooth audio stack in Windows. If you want help with it, whatever you find online will apply to you, unless of course you've gone out of your way to swap it for another. Unlike Windows, Linux is open and people can build their own flavors, but those can have their own names.
Don't even get me started with how Ubuntu changed its entire GUI like 3 times so that it's unrecognizable each time. Feel bad for whatever IT departments had to keep taking new screenshots of how to do stuff.
What made FreeBSD harder in the end was just that fewer people use it, so tons of third-party software supports Linux better, and it's easier to find online answers.
I found ports works very well myself - everything kept up to date with upstream, and they take care to rebuild everything all the time so you rarely run into library ABI issues.
- I had to run around with a distrobox running WINE and a bunch of permissions and kludges to run an external tool for Godot
- I gave up on the flatpak for Firefox because it can't talk to my KeepassDX flatpak
- The Godot and Krita flatpaks are oddly unstable and crash more than they did on Windows (may just be Gnome or something)
- non-flatpak tools like AppImages and .rpms feel pretty dang grungy
I want to see more cool stuff with Flatpak so seeing the state it's in is kind of a bummer.
It still isn't possible to package Tailscale or anything that creates a virtual interface as a Flatpak because there is no permission for that. macOS has an API to ask for permissions to add an interface/change routes.
Tailscale is more like a system service that I'd prefer a distro package for (Arch Linux repos contain Tailscale, btw).
It's possible but not ideal. The application could use flatpak-spawn (to get out the sandbox) and then polkit-exec (to ask user for root perms for arbitrary use) to get root privileges on the host, but you're removing nearly all sandboxing.
To me, Linux doesn’t have a granular modern permission system, and I don’t expect my package manager to solve it for me. I still run proprietary software on it, because I kind of have to. Is that an ideal situation? No. But I rather have a distribution system and vet vendors (which I’m doing anyway) than wait another decade for permissions to be perfect. Distribution, packaging and updates is the pressing need imo.
Years later, I still only see drawbacks.
[1]: https://gitlab.com/DaveJarvis/KmCaster
[2]: https://github.com/flathub/com.whitemagicsoftware.kmcaster
[3]: https://flathub.org/apps/search?q=kmcaster - whoops!
- Easy use on immutable distros - The user doesn't have to make sure they have the right version of Java installed - Auto-updates even if there is no repo for your specific distro
And also you can find it through searching on Flathub I guess
Did you click the third link I posted, which searches Flathub for KmCaster only to come up dry? This was point (c): You have to trust that their search engine is correct, maintained, and updated. That doesn't come for free, it takes effort, and things go wrong.
[0] https://flathub.org/apps/com.whitemagicsoftware.kmcaster
https://flathub.org/apps/com.whitemagicsoftware.kmcaster
https://github.com/flathub/com.whitemagicsoftware.kmcaster/p...
Diversity is good. I don't want "one distribution" that chooses the init system, distribution, compositor, window manager, etc. I want to have choice.
When it comes to distributing packages, I personally like system package managers. Not such a big fan of flatpak.
For example it's completely useless to me. Why do you expect me to help on something I don't use?
I have unfortunately not read the whole thing but I just want these two things:
better cli support
better permission support as I have had some issues with permissions. Currently using nix-shell as a sort of substitute against flatpak because I just want to use ephemeral environments without any permission issue or smth. Like I do nix-shell -p obs-studio and run obs and then close the shell and be peaceful as I rarely use obs for example and dependency hell. I may have wrote the exact same comment in the past but I want to use archlinux so much but nix-shell is way more comfortable to use on nix(I know its available on arch as well) and nix has the same name but arch might have different name so IDK.
I have AppImages for things like Zoom, KeePass and LibreOffice. I don't need to keep updating them. They do what I want them to do. I have them on a separate partition. If I reinstall my system they're all ready to go out of the gate.
It's ridiculously simple.
I did try out Fedora awhile ago, but decided it wasn't for me. Why is everything a Flatpak? Just use the repo mechanism.
(I mean, from the distributing point of view. The sandboxing and resource management is a OS-thing that should be an orthogonal issue. Users must be able to sandbox programs that they don't trust, regardless to how they are packaged and distributed.)
You absolutely can't, since you need to link to the system libGL.so and friends for gpu acceleration, libva.so for video acceleration, and so on.
Which now has me wondering, is the common wisdom wrong? Could I actually statically link opengl if I went to enough trouble?
And the code I work on has loadable plugins, too.
add -static to your link flags? Sometimes you need to fiddle a bit with the order of the libraries, but that's it.
In the ideal case, for maximum portability, i'd like to use the αpε format!
Fedora 41 started with a bunch of apps distributed as rpm, but some of them have since been updated as flatpaks when I run 'sudo dnf update'. Splendid, except that the rpm apps, now a little out-of-date, are not deleted, which may be good or bad, but that explains why I have duplicate icons for the same app all over my desktop, and its pretty confusing trying to tell which is which, which is better, or how to manage the all the differences and conflicts, which Fedora 41 makes anything but scrutable.
The thing about the microphones and speakers getting tangled up, as explained in TFA, also was somethig of and for which I was unaware and unprepared respectively when I had some problem with the old-fashioned way and decided to install musescore as a flatpak.
I've been thinking about upgrading to Fedora 42, but this article is giving me considerable premonitions of additional inconvenience and incidental despair. Anyone have this stuff under control?
WASM solves a lot of problems, but I don't think its chances of providing a uniform API to things like that are any better than Snap/Flatpak's, because those problems are fundamentally not about the runtime/packaging system. They're caused by OS functionality being a fragmented and moving target. Directly executable applications have to deal with those complexities themselves. Containerized applications in WASM/Docker/Snap/Flatpak/whatever rely on the container layer to do it. But someone's software has to chase that moving target, and it moves very fast.
> Tons of features are stuck in merge-request limbo because there just aren’t enough reviewers, and if we don’t swap some “+1”s for actual PR reviews (or funding), we’ll be shipping apps in 2030 with a sandbox frozen in 2024 while everything else rides OCI.
It just feels so ugly. Square peg meets round hole.
We built all these tools for defining security boundaries for user-installed applications, and it turned out that the Linux packaging/distribution landscape was such a wasteland that people spent a lot of time duct taping software distribution artifact reproducibility onto the security-boundary tools.
So now we're in this weird worst-of-all-worlds spot:
The simplicity, performance, and decades of work we spent to make it easy to develop powerful applications that run directly on userland is now bifurcated/trifurcated and a mess. The legibility of "I want to run an application that dynamically links a cryptography library; that library is provided by the distro and I know it is both patched and compatible with the rest of the distro" or "my application can access files/devices at /path/to/whatever and use those resources if it has permission to do so" is buried under tons of container indirection.
Meanwhile, as TFA explains in detail, the actual security/encapsuation boundaries that these tools were originally built for proved to be a fast-moving target for which tons of support is still missing years later.
We can see the possibilities of what could have been in other systems. Take BSD's pledge(2) for example: its approach is so aggressively oriented towards only solving the security problem that I can't really imagine a world where the pledge/capability system "grew" a packaging/distribution ecosystem the way Snap and Flatpak did. Or take plan9's approach: perhaps if we had modeled the entirety of the OS in such a way that the basic SysV permissions model (users, groups, files, permissions) covered as much as possible of applications' security sandboxing needs, then things like SElinux/snap/flatpak wouldn't have ended up being necessary.
The biggest thing that got us into this state wasn't the tools, though--it was the human stuff: the tensions between "distro/package repo maintainers are burnt out and want to support a relatively small number of dependency targets and ways to add things to the package graph on a given OS"; "app developers want to make complex software available to users as quickly as possible"; and "users are very willing to do insecure things to get new applications to run, but are generally unwilling to do complex things (configure/make, customize AUR sources, know what nix is) in order to install stuff".
Fast forward a few years, add a lot of false starts and other bullshit due to dueling desktop environments/compositors/audio systems, and where we ended up is not good.
The current situation is basically:
"Come on down to DLL hell but way worse, we have: tons of brittleness when apps want to talk to the rest of the OS (sucks for users--but only when apps need rare and advanced functionality like ... uuuh basic audio playback), all baked into highly complex container systems (sucks for application authors) aimed at delivering apps that each package their own look/feel/OS integrations (sucks for distro maintainers and consistency of UX) in massive "it's not actually static linking, I promise" images, each of which contains 75% of an OS, running on leaky isolates (sucks for the security patchers) with an update story of "just download the universe again" (sucks for bandwidth/CDN costs)."
Like, I understand how we got here. I get that it's better than the bad old days of "but which autoconf?"/"I just wanted to update my browser but then glibc-2.11-compat-compat-compat-but-for-real-this-time-FINAL updated and broke my bootloader". And I get that some of those areas might improve over time (e.g. OCI images help with redownload-the-world; eventually Wayland will percolate around and the container runtime X compositor geometric complexity explosion will die down; someday someone will finally fix universal D-Bus discoverability and security for the eighteenth time...).
But overall it is and will remain a mess at a fundamental, philosophical level. Seems like the Linux ecosystem did this in a maximally slow and fragmented way, which is nothing new. But it sucks to see such an "everyone loses" end state as the result.
I dunno. So far my experience with these third party store things (or whatever) is that occasionally Firefox gets switched to a Snap, requiring active intervention and possibly nuking my profile is I do it wrong. It is… pretty annoying.
It's pythons virtual environment and pip-is-weak problem, magnified. It's homebrew or Mac ports or fink or pkgsrc.
Mechanisms designed after fork, are never fork neutral.
The only problem I've had is fonts installed system wide not being available in the sandbox, but this is due to how NixOS exports fonts and can be solved by telling NixOS to publish fonts in /usr/share/fonts.
Oh, hey... I made that feature. Nice to see that other people want narrower permissions, too.
I do like AppImage better (it's simpler), but there's no equivalent of FlatHub, the discoverability is just poor.
Also, per TFA: https://m.xkcd.com/2347/
As long as Red Hat wants to stay in business selling RHEL, Fedora as a distribution is probably not going away nor losing development focus.
[0] An example https://flathub.org/apps/vet.rsc.OpenRSC.Launcher
Edit: I could be misremembering, but there was an attempt to add donations. Maybe it was rejected
Interesting that the creator is thinking about the next thing already.
They could have been good, but they chose not to go down this route. This is one area Snap shines. Flathub rejects terminal only apps for this reason as well
What do you think is all that stuff in C:\Program Files, C:\Program Files (x86), c:\Windows\System, C:\Windows\System32, C:\Windows\SysWOW64, %USERPROFILES%\%APPDATA%\Local and %USERPROFILE%\%APPDATA%\LocalLow or the seven versions of the C/C++ VS Redistributable you have installed?
EDIT: typos
The Linux world is just in complete shambles in this regard. You build something on one LTS release, you don't know if it executes on the next. As the joke goes (it isn't even really a joke), it's so bad that Win32 is the only stable ABI on Linux
Running a statically linked elf doesn't. Meanwhile modern Windows does its best to corral users into the Microsoft Store. The primary difference is a single centralized ecosystem versus true user freedom and the anarchy that results in.
(Note that Windows also does vitalization for compatibility reasons.)
On another level, maybe it's just "in the name". Windows lets you run your GUI windowing programs, and that all keeps working. GNU/Linux lets you run 1990 base industry standard API programs, all that keeps working, but for anything else, all bets are off.
That's why windows is so full of malware and viruses.
I actually am disappointed about pretty much that. There is still no good permissions/sandboxing mechanism for PC operating systems like what's on smartphones. (to be clear I'm not calling for smartphone-like freedom restrictions on PCs, just more control over what applications can do)
That's one of the issues Flatpak tried to resolve on Linux. AFAIK Windows Store is an idea pretty similar to Flatpak (permissions, solving distribution problems...) but also no one uses it. So it's not like Microsoft doesn't want to evolve exe either.
But due to old apps which nobody will update to package, I assume a lot of users will just disable all sort of warnings.
Getting software from repositories is not just laziness, you automatically get updates and the software from repos is supposed to work with your distro, that apparently is not always true with AppImages.
Personally I use AppImage whenever it's an option. It's the closest we get to Windows and MacOS executable applications
For a long time, there was a pax debiana in my world. I used Ubuntu mostly (swapped to Debian and added Fedora towards the end) and the package management was really good. APT was a great tool and I got quite chummy with its ways. It was straightforward to keep my system updated and resolve dependencies. It was way smoother than any other updater system had been, even across major system upgrades.
I sort of lost it when snap started usurping stuff. I knew it was coming, because docker was already making inroads. Then we had flatpak and company. As an admin, as a system architect, I felt that's the point when I lost control of my system. It wasn't possible to know its update state anymore. It wasn't possible to centrally manage or monitor those updates. It became a free-for-all of self-updates and shadow updates. Ubuntu was also introducing livepatch and kernel updates that went outside the apt model.
I think that perhaps it became too great a burden for the major distros to be packaging all of their own downstream packages. Perhaps they saw the opportunity to offload some of that packaging burden on a really pro service that could just package everything, and make pan-distro packages available. If Debian and RHEL packagers are doing less downstream packaging, then perhaps they could focus on their core competencies. I noticed that nearly every Ubuntu package needed to include Ubuntu-specific tweaks, and basically when Ubuntu was already downstream from Debian, why should Canonical be maintaining every damn package themselves as well?
So what's the endgame for all this? Would apt or dnf/rpm eventually get abandoned and have them go all-in on a new system? Or does the proliferation and splintering continue? Many of us said that the beauty of Linux is our freedom of choice. Well there's too much choice. Look at Distrowatch and be paralyzed by not knowing what to choose. Windows or macOS on your desktop is easy to choose because there's... one of each.
When I visited Catalonia my friend took me to Carrefour. We strolled the aisles and I spotted pig-legs (jamon serrano) on every counter. A huge selection of eggs. Everything my stomach could desire. She led me into the olives aisle and gestured around to all the olives there. She said pick whichever I want. There were so many. They were all in fancy jars. I knew nothing of olives. I left without choosing any.
Linux will die a death of a thousand cuts, until some consolidation and unification can happen that's beyond the kernel.
Like literally APT did not exist, no predecessor existed, there was absolutely no package management for those systems. Or if there was, it was by script or some bespoke framework that came with the app you downloaded. There was 100% no system-wide management of what was installed on my computers.
I've been in states of recompiling the kernel from source. I've run those "./configure" scripts that came with GNU. I've fiddled with custom kernel configuration files and Tripwire databases that tried to keep track of everything there. I've applied patches issued by Sun Microsystems.
Absolutely none of that above jumble can hold a candle to the way we use APT today. I'm sorry you suffered nightmares and needed 3rd-party stuff. But it was a dream come true to type out a one-liner and have the system upgrade itself, accounting for all dependencies, replacing all necessary files, being aware of all config updates, leaving audit trails and versioned files. Simply like falling off a log at this point.
Who would ever go back? What can be simpler? It was simply the degrading of this unified control and the loss of a singular point of management that has begun to dismay us.
I really wish Linux distributions started adopting a similar model to the BSDs. Ship a base system that's minimal but rock solid; stick to LTS kernels, etc. Issue patches/updates for security issues ONLY. Ship another major release once or twice a year. (Fedora Silverblue is kinda going in that direction.)
Everything else? Pick from Flatpak, Snap, or AppImage, but just go all-in on that. Focus all development on making the experience first-class. Let Gnome, KDE, etc ship their own builds.
The tricky question is how much to include in the base system vs Flatpak. It's kinda-obvious that for workstations, the installation media must ship enough GUI to get you a functioning desktop, a web browser, and an app manager ("store"). OpenBSD's base system includes X11 and a couple basic WMs, but the story is a bit more complex if your target audience is less technical.
This path would kinda dilute the difference between distributions, but that would actually be good for them. I already tell friends, if you want to try Linux, just pick between Ubuntu and Fedora. They're both OK.
Servers? Go all-in on Docker/Podman. There are plenty of existing distros that do exactly that.
That's underway, it's called systemd.
Soon, something like Modal Systemd Installers: `systemd-msid`
I have played with using FlatPak, and while it seems snappier than snap, I always ended up with something not quite working, because of permissions or sandboxing. The answer to a lot of problems seemed to be "don't use the FlatPak version".
The set of software I use complex enough to need something like FlatPak while also not needing to interact with other things is basically very, very small.
Snap _was_ a bit slow in the early days. It's not any more.
I use Ubuntu 22.04, 24.04 and 25.04. Snap is pretty fast these days.
I have gone around purging all my custom repos and PPAs, removing those apps, and reinstalling the snap versions. It's just easier and it works.
I am running 3 quite elderly Thinkpads in near-daily use: an X220, T420, and W520. All Core i7, all with RAM maxed out, all with SSDs. They are perfectly usable for what I need and they have great keyboards which no more modern Thinkpads do.
Ubuntu 22.04 on a 13-year-old Thinkpad loads snap apps in an eyeblink now. I can't detect any delay compared to natively-packaged apps.
Yes, it uses a bit more disk space.
I used to remove all snaps and then `apt purge snapd` but it's not worth the extra effort any more.
I have natively-packaged browsers: Waterfox and Chrome.
In Snaps I run less essential but workaday stuff: Ferdium (my multi-protocol messaging client), Slack, Signal, Telegram, Skype (RIP), Spotify. I don't care if they can't access my filesystem; I don't want them to.
All are trouble-free for me.
I used to carefully remove all snaps, then do `apt purge snapd`, then block it from being reinstalled. After that I installed deb-get:
https://github.com/wimpysworld/deb-get
And then I used that to get, install, and update all the apps I needed that weren't in the Ubuntu repos.
It worked very well, but Ubuntu version upgrades were hazardous: the best result will be that the `do-release-upgrade` tool disables them all, the upgrade works fine, then you have to go through and manually re-enable them all, where necessary, editing the apt `.list` files to point to the new version of each app's repo.
It was a PITA, and that's why now, I recommend just leaving snap there.
I don't know if flatpak or appimage or whatever are a solution, and I cannot propose one myself. But I really think that at one point the linux model will completely fail if it doesn't improve
BTW I'm not saying that the linux model is always inferior. Actually it is often superior: in the server world were professionals take care of things, in the embedded world where the resources are scarce, the possibilities to configure and select everything to the smallest detail make it great.
It has none. You can't install new apps.
It's ChromeOS. It has something like quarter to half a billion users, judging from the sales numbers of ChromeBooks and their supported lifetime.
Real ChromeBooks let you install Android apps, but that is side-stepping the issue.
ChromeOS Flex on a PC, which I use, doesn't offer that. You can open a Debian shell and install Debian packages in there, though. Handy for VLC.
Ubuntu, from its own numbers, has maybe 20-30 million users. Debian about a third of that. All the RH distros less than Debian, maybe a tenth.
In China, UnionTech says it passed 3 million paying users of UOS last year, implying numbers maybe comparable to Ubuntu's. Which in turn implies that most of China still runs on pirated MS Windows.
All the other distros put together come to about 10% of the number of ChromeBooks sold in the last 3-4 years.
The way to win in Linux packaging seems to be: don't do it at all.
"A strange game. The only winning move is not to play."
Linux DEB/RPM (https://kubernetes.io/docs/tasks/tools/install-kubectl-linux...):
1. sudo apt-get install -y apt-transport-https ca-certificates curl gnupg
2. curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.33/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
3. sudo chmod 644 /etc/apt/keyrings/kubernetes-apt-keyring.gpg # allow unprivileged APT programs to read this keyring
4. echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.33/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
5. sudo chmod 644 /etc/apt/sources.list.d/kubernetes.list # helps tools such as command-not-found to work correctly
Mac OS (https://kubernetes.io/docs/tasks/tools/install-kubectl-macos...):
1. brew install kubectl