this post was submitted on 04 Mar 2024
205 points (80.1% liked)
Linux
47994 readers
1727 users here now
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Rules
- Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
- No misinformation
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
We're also regularly debating Flatpak here. That password managers don't tie into the browser and the desktop themes don't apply. It's also not the best solution and regularly confuses newer users.
That native messaging portal is probably developed somewhere. But for sure, also apps installing themselves "partly" as an extension of another, like Zotero and Libreoffice. This could be done though, okay.
Themes generally just work on KDE at least. At least light/dark themes, which may not really be the fanciest of choices
I'd be happy if people just cut down on advertising Chrome/Firefox and LibreOffice via Flatpak to new users. They should use the packaged version. That's why we have distributions, to make the whole system a smooth experience and everything tie together.
Flatpak is slowly getting there and I think at least some distros have it preconfigured so the default GTK themes are in place.
Ultimately, I'd like sandboxing to be available natively in Linux, at least for desktop applications. And we can talk about a packaging format that is available to the user, allows pulling software directly from the upstream project, includes libraries and runtimes.
Yes SELinux confined users or apparmor could allow sandboxing apps the same way as flatpaks.
On 2GB of RAM systems that would make a lot of sense.
Chromium cant use its native sandbox, Firefox supposedly can.
But Librewolf and more should be used as Flatpak, unless you need multiple apps to chat between (native messaging) which doesnt work yet, its way more stable.
Yeah, I think we should extend on the sandboxing features like AppArmor, SELinux and Flatpak for desktop use. Look at MacOS and Android and what they're doing for desktop users. That is currently not the Linux experience. Ultimately I'd like my system to have an easy and fine grained system to limit permissions. Force third-party apps to ask permission before accessing my documents or microphone. have sane defaults. make it easy to revoke for example internet access with a couple of clicks. make it so I can open an app multiple times. and have different profiles for work, private stuff and testing. This should be the default and active in 100% of the desktop applications. And apps should all use a dedicated individual place to store their data and config files.
That's just not true. I've been using Linux for quite a while now. And I can't remember my browser crashing in years, seriously. Firefox slowed down a bit when I had 3000 tabs open, but that's it. How stable is your Flatpak browser? Does it crash minus 5 times each year? How would that even work? And what about the theming and addons like password managers I talked about in the other comment? Use the distro's packaged version. It is way more stable. And as a bonus all the edge-cases will now work, too.
Most things already work. You know, desktops need to start with that, they need to implement popups for these permissions. And I guess apps also dont ask for permissions yet (like they do with Pipewire access), they just take it or fail.
So its again a problem of adapted apps.
Storage is all stored in
~/.var/app/
and could be duplicated etc if you really want to. That would require some hacking, but you could have multiple profiles for apps. Tbh this is not hard to do at all, just rename the app folder to "appname-profile" and rename the active folder back to the apps name.A GUI for that would be interesting.
Browsers are a big example of good native packaging, as they get most attention. But for example on Debian, or Ubuntu, or many other platforms, I would prefer to use Flatpak Firefox (if firefox didnt have their deb repo now).
Chromium is hacky as Flatpak as the Sandbox is imcompatible and needed to be replaced.
For firefox there is no statement about this, hopefully soon. I use native browsers for the same reason as you.
Flatpak is the best solution.
Password manager is usualy an add on.
Themes not applying is wrong packaging, not flatpaks fault.
Flatpaks limitations are real but you should install as flatpak first and if not working, then use the native package or nix. And limitations in flatpaks should be advertised.
Hehe, No. It's the sandboxing.
But with this approach you take over the answering questions to newbies... Why doesn't the webcam show up in the videoconferencing? Why doesn't my GTK / QT themes apply to some software and it's a 2 page tutorial with lots of command line commands to fix that? Why can't I install Firefox add-ons and on Windows and MacOS everything just works? Why is Linux so complicated and regularly stuff doesn't work?
I had this argument multiple times now. There is an easy solution: Do it the other way around until you know what you're doing and about the consequences. Distributions are there for a reason. They put everything into one package and do testing to make sure everything works together. They provide you with security patches if you choose the right distro. LibreOffice and a Browser even come preinstalled most of the times. If you do away with all of that, it's now your job to tie the software into your desktop, your job to handle the sandboxing if there is addons that need to pierce the sandbox. Your job to make sure the Flatpak publishers do quick updates and keep the runtimes up-to-date if a security vulnerability arise within an used library...
I'm not directly opposed to using Flatpak. I'm just saying there are some consequences that aren't that obvious. There are valid use-cases and I also use Flatpak. But in my experience hyping some of the available technologies without simultaneously explaining the consequences is regularly doing a disservice to new users.
Do you mean fedora not installing codecs by default and the flatpak version of firefox has it bundled, i.e. just works?
I don't want to argument with you about that. If something doesn't work as expected or intended, you've done a bad job. Stuff not working on linux isn't exclusive to flatpak. It's the fault of maintainers if people complain about a flatpak version compared to distro package.
More people have to use flatpak and report the bugs they experience. The more people focus on flstpak the less infancy bugs will appear.
I've got only recent runtimes installed. There's no old runtime. I understand your concern though, but it's less of a problem for maintained software. Moreover, you've got the same problrm for other package manager. Flatpakcan even improve upon this because it's bundled.
There's also a distinction to be made if it's an official distribution channel or if someone else packaged it.
I mean it's not even my own problem. I just have Spotify, Microsoft Teams and Zoom installed that way, and a few pieces of software that I'm testing. I use a rolling distro so I have the most recent versions of every software I need anyways. And I have the skills to configure stuff. So I myself don't have an use-case for a spyware-riddled Chrome browser from Flathub or something. I have a nice LibreWolf from the unstable channel of my distro. Steam and all the other stuff is there, too. And it works almost flawlessly. Why would I trade that in for a 4GB version of the same software that has downsides?
It's the newer users I'm concerned with. Their sub-par experience of Linux.
This is what I mean:
As I said, it's okay for someone like me - and probably you - to use, and I don't complain. I'm glad I have Flatpak available as a tool. But look at the issues I've linked above and the steep learning curve for the beginner. They need to learn what GTK is, what QT is, what desktop they use, learn what Flatseal is, use the CLI. They have no clue why it is even required to do that much work to get their Keepass set up. And that it's not Linux' fault but their decision from 2 weeks ago to install the browser that way. And their experience is just worse than it needs to be. And this isn't unsubstianced, I'm speaking from experience. I've answered these questions over and over again. It's already annoying to get the NVidia stuff set up reliably, find new software and adapt your workflow. And the switch from X11 to Wayland broke things like screen sharing/recording, anyways. And we're now piling 20 other things on top, to learn and do manually if you happen to be one of the users who don't use the default standard setup.
And nothing of that is "bad" or can't be fixed... We're making progress with all of that. And we'll get there. All I can say with my experience helping people with their Linux woes and the current state of Flatpak: The "use Flatpak for everything" mentality is causing issues for some newer users. And experience shows: They rarely understand the consequences but heard the hype about Flatpak. And few of them can explain why they used Flatpak over the proper packages in their distro.
So my opinion in short: