307
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 22 Oct 2023
307 points (97.5% liked)
Linux
48334 readers
1140 users here now
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Rules
- Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
- No misinformation
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
founded 5 years ago
MODERATORS
Ok, so it’s time for me to do some research on Flatpaks now. I’m an old schooler from Redhat days and haven’t kept up with the new stuff all that much.
Flatpaks is a distro independent way of installing apps, similair to snaps. However it does not require a proprietary backend like snaps do.
It uses “runtimes” that contain the libraries that are required for the app, such as freedesktop, gnome, kde and elementary. Each app requests a specific runtime and version which prevents library conflicts.
Although runtimes are shared the different versions can take up quite a bit of space. This is a common criticism of Flatpak and one of the major drawbacks compared to the distro’s native package manager. Another disadvantage is that the sandboxing can cause issues with the functionality of the app if it requires certain system functionality. Authors (and users) can configure which parts of the system to expose (dbus, files, network, etc) but sometimes this is done incorrectly (looking at you Discord) which can cause the aforementioned issues.
One of the major advantages is that it simplifies the work for Application developers, they can target 1 system and don’t have to package the application and it’s libraries for each distro. It also means that the applications aren’t dependent on the distro’s for newer versions. You can use Debian stable with a version of an app that came out yesterday.
I personally tend to use Flatpaks quite often except for software that is included in the distro by default and apps that have issues with sandboxing such as Steam and VSCode.
Sounds a bit like docker and its containers?
Yes and no. It's much better suited for desktop applications. Try to run something playing audio in Docker. It's doable but not pleasant in any way.
Well yeah, I only meant it sounds like a similar idea, I’d be surprised if it was powered by docker.
It’s certainly doable to run desktop apps in containers, have you tried Distrobox?
No, I didn't. Looks interesting. Not something I'm looking for right now but I'll keep it in mind.
It's actually not that much of a concern, since Flatpak does deduplication behind the scenes - yes, even between different versions of runtimes.
https://blogs.gnome.org/wjjt/2021/11/24/on-flatpak-disk-usage-and-deduplication/
I’m aware about the deduplication but last time I checked it was still using roughly 30GiB of storage.
As well as running on all distros, it also provides other benefits:
However, some applications don't work as well because of the sandbox, but I think this will change with the rising popularity of Flatpak, as more developers will use portals instead of direct access. Also, there are some bugs and missing features, like how heavy use of the org.freedesktop.Flatpak portal for dbus causes a memory leak (https://github.com/flatpak/xdg-dbus-proxy/issues/51), but it's overall pretty good. Most applications I use are Flatpaks.
Flatpaks are to distros what Alpine is for docker containers. A base for creating distro agnostic desktop applications. It's really cool and has picked up quite some good support within the Linux community.
I think that Flatpak being Docker for desktop applications would be a better comparison.
Mint integrates flatpak seemlessly into its graphic package management and update tools.
KDE's "Discover Store" (gui package manager) also does as well, which is awesome. While I don't like the idea of packaging system libraries with software due to the fact that they can and will sit out of date and hold on to vulnerabilities, I do like what flatpak is trying to achieve and the fact that we have a very solid leader in the area, putting the closed-source proprietary Snaps system firmly in second place.
AFAIK it's a system to let Linux software bundle all of it's dependencies up with it so it just works in a self contained way that doesn't care about what else is and isn't installed.
Advantages is that they are more reliable and user friendly than traditional approaches to Linux software installation.
Disadvantages are that they have bigger footprints where you might have the same dependencies I dependently installed for each app rather than as a single installation that they all utilise and that they need to be updated individually (as part of the flatpak.) IE if basically every app uses the same dependency and it turns out to have a huge security hole, under normal Linux software the developer would patch it, you'd update it and the hole would be filled. With Flatpaks you need each individual Flatpak developer to update the version used by their Flatpak and for you to update all those Flatpaks before the hole is plugged. I think I remember they run in some kind of sandbox to mitigate this though.
(This is going to be grossly oversimplified and possibly minorly inaccurate, but) Flatpaks are built against and run using shared runtimes, so if two Flatpaks share the same basic dependencies (and those dependencies are included in the most common runtimes, which they usually are), you only have to download the shared runtime once. Every Flatpak built on the same runtime will share the one runtime. The way you described it is a common misconception.
Now if the packager manually bundles less common dependencies into the app itself, yes, that would have to be individually updated, but that's theoretically more of an edge case.
Same, I have MX (Debian based) and have 100% native and 0% flatpak... Old grumpy bearded guy