Sorry to ask, I’m not really familiar with Linux desktop nowadays: I’ve seen Flatpak and Flathub talked about a lot lately and it seems to be kinda a controversial topic. Anyone wanna fill me in what’s all the noice about? It’s some kind of cross-distro “app store” thingy?
Flatpak is a universal application packaging standard for Linux. It allows devs to create a single application that gets bundled with all necessary dependencies including versioning.
These apps run in their own semi-isolated “container” which makes immutable distros possible. (Distros like Fedora Silverblue that are effectively impossible to break by installing or removing critical system files.)
This means that a Linux app doesn’t have to have a .deb version, an .rpm version, or be pre-compiled for any other distros. A user can simply go to Flathub, (the main repository for Flatpak apps), download the flatpak, and install it on their distro of choice.
It’s quickly becoming the most popular way for users to install apps on Linux because it’s so easy and quick. But there are a few downsides like size on disk, first party verification, per-distro optimizations, and the centralization of application sources. That’s why some users aren’t fully endorsing or embracing how popular they are becoming.
It’s more like android apps from early versions of Android before the permissions became user-managable.
It won’t prompt you to give the application access to certain permissions, all the permissions are predefined in the manifest by whoever published the application to flathub. When you run the application you just hope it won’t cause too much havoc (you can of course verify the permissions before running it, but I guarantee most people won’t)
Flatpak supports sandboxing but due to how most desktop applications want access to your home folder, network etc many apps simply disable it.
Regardless of the level of sandboxing applied to the app, Flatpak is a great way for a developer to package once run anywhere. Prior to Flatpak, if you wanted to support multiple distros, you had to build a package for each distro or hope somebody working on that distro would do it for you.
Inb4 AppImage was here first. And if you mention Snap then GTFO
Appimage is probably the most similar to a naked .exe in Windows. They are useful for small apps or simple indie games, but I prefer Flatpaks for my everyday big applications.
Agreed, Snaps are like Flatpaks but worse because locked down back end and Canonical’s sketchy nature. Imagine a really delicious pastry that anybody can make and sell, then imagine the same pastry but only one bakery in the world can make and sell it. Which would you prefer? Lol
Keep in mind there are certain permissions that can lead to a sandbox escape. These permissions are banned on Flathub but can still be used by flatpaks files and custom repos.
a single application that gets bundled with all necessary dependencies including versioning
Does that mean that if I were to install Application A and Application B that both have dependency to package C version 1.2.3 I then would have package C (and all of its possible sub dependencies) twice on my disk? I don’t know how much external dependencies applications on Linux usually have but doesn’t that have the potential to waste huge amounts of disk space?
Essentially yes, if you start using lots if older applications or mixing applications that use many different dependency versions, you will start to use lots of extra disk space because the different apps have to use their own separate dependency trees and so forth.
This doesn’t mean it will be like 2x-3x the size as traditional packages, but from what I’ve seen, it could definitely be 10-20% larger on disk. Not a huge deal for most people, but if you have limited disk space for one reason or another, it could be a problem.
It CAN get pretty wild sometimes, though. For example, Flameshot (screenshotting utility) is only ~560KB as a system package, while its flatpak version is ~1.4GB (almost 2.5k times as big)
Weird, the software manager (using LM 21.3) reports 1.1GB dl, 2.4GB installed (which is different from when i checked yesterday for some reason?). flatpak install reports around 2.1GB of dependencies and the package itself at just 1.3MB
EDIT: nvm im stupid, the other reply explains the discrepancy
on a desktop it might not be significant but I tried using flatpak apps on a device with very limited root emmc storage (16 GB) and ran out of space really fast. Its really common to see a couple multi-hundred-megabyte library downloads for each new app IME.
I like them for some stuff but there are glaring issues that I don’t like. I’ve posted about it before, poor integration of apps/not getting the right permissions is a big problem, the people packaging them don’t often do as good of a job as someone like a distro maintainer.
But admittedly my experience using it probably isn’t representative (pop os through their shop and arch on a mobile device). Neither were amazing, but not having to compile shit myself or install with an untrusted shell script was nice for some apps. Without some significant improvements it’s not a good replacement for a distro’s package repos but it might be a good way to broaden the available applications without having to maintain 10x more packages.
Not necessarily. GNOME and KDE dependencies and “base system” for flatpaks to run in are flatpaks themselves so apps that depend on them will not use duplicated dependencies. Storage usage may not be as efficient as using a traditional package manager but you don’t install a new OS per app either.
Most dependencies are bundled in the “runtime” images, and it uses file deduplication to reduce the size of the dependencies, but it’s still a little more than a normal package manager.
Each package can choose one from a handful of runtimes to use, each of which include common dependencies (like gnome or qt libraries), and if multiple flatpaks use the same runtime, that runtime is only downloaded once.
It is less space efficient than your typical package manager, but brings other benefits like sandboxing.
What about those apps using out of date libraries? Wouldn’t that become a security issue - since containers usually aren’t that secure, right? And all app developers would have to update their container libraries separately, instead of just updating the system libraries?
As containers are isolated - it’s mostly a security issue for the container itself. It may become an issue, though, if the container is allowed to freely interact with filesystem, for example.
Apps like Flatseal allow you to easily control such variables using a GUI instead of tinkering in the terminal.
I don’t hate flatpaks, but flatpaks require more disk space than the same apps from traditional repositories, and they only support a handful of the most common default themes. Since I only ever use older and slower computers, my disk space is limited, and I like to rice my desktop, I personally avoid them. But your use-case may differ.
Most of the issue is that they’re unreliable. Sometimes the app will work. Sometimes it doesn’t. Sometimes you have to fiddle blindly with flatseal settings, which ones? Who knows? Guessing is part of the fun.
In over 3 years of daily flatpak use (of multiple apps) I’ve never had a single reliability issue with flatpak, the only ones being caused by me because I was trying out settings in flatseal that the app didn’t like. On the flip side I’ve found native packages to be broken more often than not, with .Deb files sometimes just not working and throwing an error or something. Package managers are better for sure but I’ve had dependency issues that I have never experienced with flatpak.
yes it’s cross distro, it’s controversial becaune some people don’t want to install apps with their own libraries or dependecies, and some apps are not oficial so they break with the flatpak sandbox
Flatpak is the best - thats all you need to know!!!
But seriously, apart from obvious things other people have said, I would like to add that the HUGE advantage of flatpak is that each app is using its own dependencies, this way you can avoid dependency hell, which is mostly time-consuming and hard to fix.
To everyone saying you can’t mirror a flatpak repo… you’re absolutely right. There should be a far easier way to set up your own mirror without needing to build everything from scratch. That being said, if you wanted to try to make your own repo with every one of flathub’s apps, here you go:
Edit: Some did get a flathub mirror working. The issue is that a. Fastly works good enough and b. There is no concept of “packages” on the server side. It’s just one big addressed content store because of ostree, and syncing is apparently difficult? Idk, not being able to sync the state of content is like the entire point of ostree…
It’s not about funding. Many prefer mirrors because the main instance isn’t globally available (the GitHub issue I linked, for example, is all about people trying and failing to access flathub in China) or because they can’t for compliance reasons (many businesses already mirror stuff like epel, too, which is what throws off Rocky’s stat counters). Neither of those issues can be assessed by throwing more money at a CDN.
Well that isn’t the fault of Flathub. If a country or organization blocks it that’s a local issue. This is especially true in China where they need to control the movement of information. Blaming flathub and Flatpak for censorship is frankly unfair.
Just to be clear I do not support Chinese Authoritarianism
I’m not sure if anyone said it was the fault of flathub. My point is that, regardless of fault, accessibility to the main instance is an issue for several reasons, and a good way to solve it is to build a system for mirrors.
Your bypassing restrictions that could get you in trouble. Tor is the right answer in that case. However, bypassing restrictions can have dire consequences.
There are existing mirrors for Fedora and Ubuntu packages in China, which are used because mirrors in other countries are often blocked. I’m sure there are no legality issues—the issue in the case of flatpak and china in particular is that China blocks Fastly because Fastly does not host any POPs in China. This is why Cloudflare, for example, has their own network in China that international users can pay to use. There’s no legal issues here, just logistical. Besides, as previously shown, people do (with great difficulty) managed to bring up their own flatpak mirror without any consequences for a few years now.
Besides, there shouldn’t be legality issues for businesses wanting to host their own mirrors for compliance issues.
I just think Flathub shouldn’t get involved with Chinese attacks on human rights. The Chinese version of things lack proper encryption and are heavily censored. You can’t use things like normal Wikipedia or Ticktok.
China isolates there own people. You can’t blame Flathub for attacks on freedom. As for mirrors your welcome to create your own repo based on Flathub. However, it is never going to be officially enforced. Flathub is very careful with user safety.
Oh no, this is Flatpaks’ fault because they made this twisted repository system instead of doing sane things and then it is Flathub’s fault as well because they aren’t opening their storage to rsync or other sane syncing methods.
I’m using a Sony ZV-1 in a SmallRig camera cage, attached to an HDMI capture device. It’s a step below a DSLR, also in price, but it makes a huge difference to the quality and I get frequent comments about the “AWMAHGAWD amazing set up you’ve got, look at how crisp it is!” when I join meetings. The lens is really open and it captures a lot of detail. By far the best compact/quality setup I’ve found.
It sounds like you want these files to be encrypted.
Someone already suggested encrypting them with GPG, but maybe you want the files themselves to also be isolated, even while their data is encrypted. In that case, consider an encrypted volume. I assume you’re familiar with LUKS - you can encrypt a partition with a different password and disable auto-mount pretty easily. But if you’d rather use a file-based volume, then check out VeraCrypt - it’s a FOSS-ish [1], cross-platform tool that provides this capability. The official documentation is very Windows-focused - the ArchLinux wiki article is a pretty useful Linux focused alternative.
Normal operation is that you use a file to store the volume, which can be “dynamic” with a max size or can be statically sized (you can also directly encrypt a disk partition, but you could do that with LUKS, too). Then, before you can access the files - read or write - you have to enter the password, supply the encryption key, etc., in order to unlock it.
Someone without the password but with permission to modify the file will be capable of corrupting it (which would prevent you from accessing every protected file), but unless they somehow got access to the password they wouldn’t be able to view or modify the protected files.
The big advantage over LUKS is ease of creating/mounting file-based volumes and portability. If you’re concerned about another user deleting your encrypted volume, then you can easily back it up without decrypting it. You can easily load and access it on other systems, too - there are official, stable apps on Windows and Mac, though you’ll need admin access to run them. On Android and iOS options are a bit more slim - EDS on Android and Disk Decipher on iOS. If you’re copying a volume to a Linux system without VeraCrypt installed, you’ll likely still be able to mount it, as dm-crypt has support for VeraCrypt volumes.
1 - It’s based on TrueCrypt, which has some less free restrictions, e.g., c. Phrase “Based on TrueCrypt, freely available at http://www.truecrypt.org/” must be displayed by Your Product (if technically feasible) and contained in its documentation.”
Someone without the password but with permission to modify the file will be capable of corrupting it (which would prevent you from accessing every protected file), but unless they somehow got access to the password they wouldn’t be able to view or modify the protected files.
Is it possible to force a corruption if a disk clone is attempted?
Is it possible to force a corruption if a disk clone is attempted?
Anything that corrupts a single file would work. You could certainly change your own disk cloning binaries to include such functionality, but if someone were accessing your data directly via their own OS, that wouldn’t be effective. I don’t know of a way to circumvent that last part other than ensuring that the data isn’t left on disk when you’re done. For example, you could use a ramdisk instead of non-volatile storage. You could delete or intentionally corrupt the volume when you unmount it. You could split the file, storing half on your USB flash drive and keeping the other half on your PC. You could XOR the file with contents of another file (e.g., one on your USB flash drive instead of on your PC) and then XOR it again when you need to access it.
What sort of attack are you trying to protect from here?
If the goal is plausible deniability, then it’s worth noting that VeraCrypt volumes aren’t identifiable as distinct from random data. So if you have a valid reason for having a big block of random data on disk, you could say that’s what the file was. Random files are useful because they are not compressible. For example, you could be using those files to test: network/storage media performance or compression/hash/backup&restore/encrypt&decrypt functions. You could be using them to have a repeatable set of random values to use in a program (like using a seed, but without necessarily being limited to using a PRNG to generate the sequence).
If that’s not sufficient, you should look into hidden volumes. The idea is that you take a regular encrypted volume, whose free space, on disk, looks just like random data, you store your hidden volume within the free space. The hidden volume gets its own password. Then, you can mount the volume using the first password and get visibility into a “decoy” set of files or use the second password to view your “hidden” files. Note that when mounting it to view the decoy files, any write operations will have a chance of corrupting the hidden files. However, you can supply both passwords to mount it in a protected mode, allowing you to change the decoy files and avoid corrupting the hidden ones.
It’s an app store made for distributing Flatpak applications (desktop apps that work on every distro where Flatpak is installed, most distros install flatpak by default now). Flatpaks also allow isolation between apps and a fine permission system like you get on a smartphone (check out Flatseal for that)
I never looked into flatseal and I don’t have any issues with Steam. But I wonder if flatseal can allow a Flatpak Java application to run systemctl poweroff.
I already use FDE. However, unless I’m wrong, FDE does not protect disk clone from occurring. Therefore, if one has access to the password, then also they have access to all my files; including the ones I specifically want to protect. Am I wrong?
So, I’ll make it simple for ya, you don’t need to understand why; however, I seek for some method that prevents files from being copied through disk cloning. Them files being encrypted or whatsoever doesn’t do a thing if the password is known. Unless you propose a method by which the password used to decrypt/unlock the disk on device X doesn’t work when it’s cloned to another disk. If, somehow, one has to rely on another password to decrypt the disk on device Y, then that might make it work out.
Yes but surely you’re aware that even the most new-user-friendly distros and their tools aren’t necessarily aimed at new users.
That warning is a perfect example of how Linux developers choose which hill to die on. They post a warning for an app that everyone knows can deliver bad times to two camps of users; those that know and don’t care and those that don’t understand the warning. If we could quantify the helpfulness of that warning, odds are that it saved 0 users from malicious action from that avenue of attack.
Never expect Linux as a whole to be “helpful” to the new crowd.
Which is why I said “linux as a whole”. Many distros will try to undo the nerdery and neckbeardism that is built into the parent distros but as a whole, linux is going to always be less welcoming to a new user than someone that’s used to useless warnings and repeated password entries for elevated privileges. Being safer and being new-user-friendly rarely go hand in hand.
Not all user friendly distros have a parent distro. Checkout Solus.
There are sometimes things upstream causing problems. The Linux kernel itself isn’t one of them though as Linus is pretty adamant that Linux distributions should be easy to setup and use. KDE is also designed to be pretty friendly while being customizable still. The main issues seem to come from apps and distributions.
I like flatpaks and flathub, but this is just something they do badly. I think as well they also have “probably safe” which is just as unhelpful… And what does “access certain files and folders” even mean!?
I think they should just follow the example of every other app store; list the permissions in an easily understandable list and let the user decide whether or not they are comfortable with it.
I think they should just follow the example of every other app store; list the permissions in an easily understandable list and let the user decide whether or not they are comfortable with it.
Totally agree. The “verified” label will give new users enough comfort, and the ones who wish to know more will read the permissions.
When I look at Firefox in Discover, it only shows the list of permissions the flatpak will be given out of the box, with no warning of it being “potentially unsafe.” This certainly does seem like the better way to handle it.
Also, the warning on the Flathub website is clickable - it expands into the full permissions list. Why it defaults to “no information except maybe dangerous” is beyond me.
beyond root processes, none that I am aware of. Hence I configured all my internet applications and steam to run in a jail :) firejail & bubblewrap come as native packages, unlike the flatpak contents
linux
Oldest
This magazine is from a federated server and may be incomplete. Browse more on the original instance.