What use to be the PPA that allowed Ubuntu users to use native .deb packages for Firefox has recently changed to the same meta package that forces installation of Snap and the Firefox snap package.
I am having to remove the meta package, then re-uninstall the snap firefox, then re-uninstall Snap, then install pin the latest build I could get (firefox_116.0.3+build2-0ubuntu0.22.04.1~mt1_arm64.deb) to keep the native firefox build.
I’m so done with Ubuntu.
Yeah they’re all in on snaps. Vote with your distro choice.
What I don’t get is why. What with the recent Red Hat debacle one would think Canonical would make a stronger case as opposed to force feeding the issue.
Because it’s canonical’s thing they’re marketing to server markets
haha… ubuntu on enterprise doesn’t even touch 5% of the market, where 90% of it is RHEL and 5% another is Windows Server and some OSX… so… I don’t think canonical is dumb enough
*please read, enterprise market, not hobbyist. Hobbyist doesn’t make money for ubuntu. Well if the hobbyist is a decision maker in enterprise, they probably will have effect, but the problem is, most of them opt in RHEL/Clones
You got any data to back that up?
You can look into fortune 500 report on Server stack, and self published red hat report. Red Hat claims is higher, but I will say, it should be at max 90%, not 95% as Red Hat Claims.
https://www.redhat.com/en/about/company
Seems they revise it. hem… the fly-er I got for Red Hat academy promotion written is 95% in 2019… strange…
But anyway, you can see anywhere, on any business medium high, mostly use Linux.
Azure, 100% backed by Red Hat in their Infra, even Microsoft doesn’t deny or agree with it. AWS 100% EL based (old times RHEL, nowdays Fedora), Linode, Scaleway, Contabo, Hetzner, BiznetGio, Aliyun (even their Aliyun/Alibaba Linux is RHEL), OVH, etc. so I will say it’s high enough… that almost entire infrastructure rely on Red Hat Engineering. At least if Red Hat gone, CentOS Stream code still there, Fedora Code still there. The community can continue to develop it.
Ubuntu only popular and first class only on Digital Ocean. No other cloud providers make ubuntu first class other than DO. Sure enough Ubuntu/Debian is there, you can install it, but, it’s not entirely first class as RHEL/Clones
Hate it or love it. Red Hat still the king of mission critical system except in Europe, where SUSE is leading, but SUSE itself is well… have same or near identical to Red Hat… so… welp… kind like in same EL boat.
Some will say data like this https://www.enterpriseappstoday.com/stats/linux-statistics.html#The_Most_Popular_Linux_Distribution is more re presentable for general mass, but I don’t think it’s for enterprises…
I’m afraid they’ll break off Debian one day. Supporting snap is one thing, sabotaging well established user cases (apt installing deb, not being a snap prozy) is another.
On my corporate laptop, because they require ubuntu to… well spy on us, I wrote a interface in front of snap to works like flatpak… as snap forcing through on everything I work on…
At least I tried to disable it. and failed, so I wrote a piece of junk code to accomodate my flatpak muscle memory
Are forks of Ubuntu like Mint and Pop_OS still good choices, or do they suffer from a Chromium-style lack of freedom?
Mint is great. Definitely one of the best distros around. PopOS I’d wait for their new DE. Though with Ubuntu going balls deep on snaps, all those ubuntu based distros hang in the balance. At least Mint got a Debian edition already and they are working on a new version right now. Or just use straight up Debian with flatpaks, which is what I do.
Mint also does not force either
dpkg
/apt-get
/apt
norflatpak
.
Even its GUI installer is a GUI wrapper arounddpkg
andflatpak
, every application available on both shows a drop-down allowing you to choose between the two.
You can also change its config to allow other sources, in case you want to add something else like snap.
The Pop_Shop gives you the option via a little drop down of flatpak/Deb. I’m not sure if the option is flagged by application developers or system76.
I recently went to Nobara, not a Deb/Ubuntu fork, but its literally been the easiest, smoothest Linux install/usage experience of my life.
So, as someone that’s been on flavors of Ubuntu/Linux Mint for me personal computer since Breezy Badger, any good distro recommendations? I’ve been using Ubuntu Mate and upgrading in place for the last ~5 years, so I’ve mostly avoided Snaps, but I’m looking to upgrade my computer and I’m probably going to need a fresh install. I’d like to stay on the Ubuntu/Debian tree, but I’ve been using RHEL on my work computer for a while now, so I’m not totally unfamiliar with that distro branch.
Also, should I be as concerned about Flatpaks as everyone seems to be concerned about Snaps?
deleted by creator
I was on Ubuntu for almost ten years. The snap BS really started bugging me a few years ago, and I started distro hopping to find a new home.
If you’re really wanting to stick with an Ubuntu derivative, you could try Pop!_OS. They remove Snaps.
I ended up settling on Manjaro. Access to the AUR is pretty awesome.
Manjaro and aur are not a good idea. I ran manjaro for a year or two. Things from the aur were constantly breaking and causing problems because of the manjaro repositories. If they were even able to be installed at all. There are many reasons not to use Manjaro. But if you want to use the Aur. Check out endeavor os. Very straightforward simple easy to install Arch. The Aur works perfectly and doesn’t break randomly. Because they use the Straight Up Arch repositories with just slightly different configs
Interesting. I’ve been running Manjaro for two years now and I’ve found it to be extremely stable on my computer and my partners computer. I haven’t had any trouble with AUR packages breaking either.
Even the manjaro team discourages their users from running things from the Aur. It’s not a guarantee. Some things will work okay for a long time. But due to the fact that Manjaro is not Arch. There will be problems with many things. It will be a bit of a crap shoot as to what and for how often. But it is something that even they acknowledge.
I hear ya and have recently been scaling-back my personal use of Ubuntu. I am a long-time Debian user for servers (since around the time potato was released), but always found it far too “long in the tooth” for use on a desktop. When Ubuntu first came out, it filled that gap perfectly and it was always my recommendation to people that wanted/needed to use Linux and needed it to “just work”. This is especially the case with laptops. However, times have changed and vanilla Debian is actually a viable distro as long as you are not on the bleeding edge hardware-wise and/or don’t want/need the very latest desktop software.
For my personal desktop, I’ve actually been using Linux Mint since around the time Ubuntu switched to Unity. From the moves Mint has been making lately, it seems that they are also wary of Canonical (i.e. having to revert things like snap out of their Ubuntu base). Mint has always been hedging their bets through their LMDE release, so I would not be surprised if they cut over vanilla Debian as their base sometime soon. I have LMDE on some older machines and it works great (they are still based on bullseye, last I checked).
I was a Xubuntu user for about 15 years but have an old EeePC running Debian.
I just recently moved my main, home computer (10+ yo EliteBook) to Debian 12 and am very happy. I will be soon moving my amateur radio “shack” computer (bought last year) to Debian as well.
Forcing Snaps and Snaps’ terrible usage of disk space (in my experience) is what made me move. The annoying Firefox update warning only served to aggravate me further.
I do use a couple Flatpaks (did with Ubuntu as well) but it was my choice - not a requirement. I haven’t had any disk use problems or bad experiences with them.
I can’t comment on specifics. I’m back in linux after several years away in mac land. The snap experience is awful, and confusing. I have not had the same experience with flatpaks. They seem to act more like regular apps that you update. The issue with snap is that firefox will say the snap needs to update, and that the update is pending warning my I only have days (or hours) to use it, but no way to actually do the upgrade. Then it will say its upgrading, but nothing happens. I just keep using firefox, and every once in a while it may say something like the update failed (I honestly can’t remember, since I just ignore any notification with the word ‘snap’ in it since they’re all meaningless). Eventually, when I quit firefox, it might update and quit pestering me. But how knows? Maybe it won’t upgrade, and then I’ll open it again and it won’t be upgraded.
Flatpaks, I can just update in the package GUI (Discover for me, since KDE) alongside other updates, and we roll on.
Distro-wise, I dunno :/ I like ubuntu cause its more standardized in terms of software availability — most things will support an ubuntu package. However, I’m really considering just jumping into debian and going with the rolling releases.
Flatpak won’t replace RPM on Fedora, so, use Fedora… and be happy, or Nobara for gaming
Check out VanillaOS. I think it’s pretty neat. Their webpage doesn’t really get into the benefits as much as I think they should, but a very quick summary is that it leverages distrobox and some custom package manager to allow you to seamlessly install and run packages from other distros. It’s also kind of an immutable OS (but not really). It lets you pick which types of apps you want during the install (snaps, fltapak, AppImage, etc)
I am not super in the loop about why people are so against snaps, but I don’t like the centralized nature of them, and if that’s also the general concern, then flatpak should be fine, since it’s decentralized.
I saw a couple youtube videos about VanillaOS; I could certainly find you one of them if you want to know more.
Why do you say it’s “not really” immutable? It is immutable with an A/B partitioning system using ABRoot.
You can disable it to install stuff if you want.
That was true with Almost, but they’ve now switched to ABRoot, which uses overlays instead. https://documentation.vanillaos.org/docs/ABRoot/
rpm-ostree does this longgg way before
True, but how is that relevant? ABRoot has its own benefits and drawbacks over OSTree.
Imo avoid Mint. If you like apt/debs PopOS.
If you don’t care about debs Fedora is an awesome distro. I’ve used it for several years and upgrades never go bad.
Why avoid Mint?
Imagine having to fight your OS to do what you want. True Windows experience.
Yes exactly. This is the main problem. It’s one thing to offer Snaps as an alternative, but to force them on users is not the Libre/FOSS way at all.
I switched away to Mint and I’m very glad I did. I’m in control and it works perfectly. Fantastic distro. No Snaps BS and it uses less RAM and is faster than Ubuntu.
I would encourage all Ubuntu users to switch to Mint. You won’t regret it.
It’s no wonder Canonical is partnering up with Microsoft to EEE Linux
You know what, enough is enough. Snaps run like shit in my system (IDK/DC why), I hate companies forcing their shit down my throat, and I was planning a clean reinstall anyway from Ubuntu 20.04 to 22.04. Might as well use the opportunity to go back to Debian. Or Mint. Or Mint Debian Edition. Who knows.
Next on the news, Ubuntu (“humanity”) gets renamed to Amasimba (“shit”). /s
Feeling bold? Try MenuetOS, it even claims to have an http client.
TempleOS and give it a try. The prophet Terry will be smilling from the Heaven TempleOS
I toyed with the idea of gentoo. Not because I want a rolling distro, but because of that 4chan meme.
Gentoo is very good actually, specially if you have a modern CPU.
I tried it on my desktop, and I never want anything else.
Redistribution, reverse engineering, disassembly or decompilation prohibited without permission from the copyright holders.
no
MX23, even no systemd
This is the way.
I don’t even mind systemd to be honest. My bone to pick against Poettering is because of pulseaudio.
After using it since Lucid Lynx 10.04, I switched from Ubuntu to Mint last weekend. I’m lazy about distros these days, and I really didn’t want to switch, but Firefox instability was driving me nuts. The web browser must be reliable, IMO. It’s a fundamental requirement for a desktop OS, and this problem didn’t exist before snaps.
Why not slackware /s
I warned you guys. “It’s so easy, just do these three steps if you don’t like snaps” but then later they tighten the vise
Yeah. I switched away from Ubuntu for all this crap.
I moved to Fedora for my laptop & desktop, and Debian for my home server. I’m considering switching everything to Debian eventually, but there’s a couple dedicated repos that make using Fedora on my laptop much easier for now.
I’m considering switching everything to Debian eventually, but there’s a couple dedicated repos that make using Fedora on my laptop much easier for now.
I’d recommend against that. Debian is fantastic for a server, but I think it leaves a lot to be desired as a workstation OS as compared to Fedora.
You can get it there/make it that way, but Fedora is just better from a user experience/convenience perspective out of the box.
I don’t know. I like Debian. My home server also doubles as a desktop sometimes and it does a good job.
I’m mostly not super interested in cutting edge versions. I run a newer kernel and mesa than default Debian, but the rest is just fine. I’m fine with Firefox ESR, and lagging a little bit behind the state of the art.
There’s a simple reason why Mozilla/canonical does this and that is security fixes. Due to the difference in support cycles of Firefox and Ubuntu LTS versions fixes would have to be manually backported to the system Firefox version and newer versions won’t run due to library dependencies. Snap solves all of that.
Don’t get me wrong though, snap is still terrible, but other than flatpak or doing the work of backporting it’s the only option to get security fixes to Ubuntu
Previous to the switch to snaps, Ubuntu was providing the latest version of Firefox built for each supported Ubuntu release. I’m sure this was more work, but the older system library version issue was not a blocker.
Edit: in fact, Mozilla still provides an apt repo with Firefox deb packages built for each supported Ubuntu release.
But around the same time mozilla shortened the support cycles for their lts releases
and newer versions won’t run due to library dependencies.
Mozilla seem to be able to limit library dependencies in their builds: https://www.mozilla.org/en-US/firefox/system-requirements/
But are they actually doing this? I am not seeing any changes: https://launchpad.net/~mozillateam/+archive/ubuntu/ppa still has the .deb packages
literally every other distribution can solve this problem but Ubuntu can’t?
Not really. After working with CentOS (RIP) for a half decade, that Firefox version was so out of date I was practically in diapers when it came out. Getting the latest version of Firefox was such a pain that my org didn’t bother even if it would have given us some niceties.
LTS and other “enterprise” distros don’t push the latest version precisely because of dependencies.
There are several high quality community run distributions which aren’t beholden to corporate tools.
Hot take: PPAs suck and snaps/flatpaks are better.
With PPAs, inevitably some repo that hasn’t been updated since 2015 causes dependency conflicts and you have to sit there and troubleshoot, or pick between the software you need and actually having an OS that’s not EOL. With snaps, you can keep your decade old dependencies all bundled up and still upgrade your system even if the package maintainer has abandoned it.
The issue people have with snaps isn’t the containerization or the bundles, but the proprietary backend. There is no way to point the snaps at a different store other than the one canonical controls. Canonicals forcing snaps on people pisses a lot of people off because it’s a blatant power grab, an attempt to get people dependent on something they have control over in a microsoft-esque move. Flatpaks and docker don’t have that issue.
Hot take: it doesn’t feel nice to have a change forced.
It should be the personal preference of the user to decide whether to use native or snap/flatpak. If native package manager decide to not support the package any longer it would be better to make user aware and stop maintaining app, than to install a snap package. This is a user’s decision.
Also this can have far reaching consequences. Imagine you cannot use/install snaps on your machine due some reason, what now?
I tried so hard to embrace snaps and flatpak. I really did. But the snap service kept bogging down. Installs specifically of Firefox were ponderously slow to start up. And ultimately I ended up with regular installs, PPAs, snaps, and flatpaks all together with their own daemons, update paths, and quirks sucking up my system bandwidth and emotional resources. System was constantly slow. Felt like I was running Windows.
I flipped over to endeavours, really enjoying it. Feels like Ubuntu did in the earlier years. Great support community, lots of choice, but a straightforward path to just using your system if that’s what you’re there for. And the same computer runs a good 25% faster.
Valid opinion and immutable distros like silverblue might be where the future is headed.
It’s not the point though, I’m not going with a distro that tries to force their proprietary solution on me.
deleted by creator
In NixOS you can do an overlay and just make your own package. If the package works, you can submit it to the NUR. If it’s good, you can maintain it in the official channel. I’m doing both, the crappy fork of some GUI is in the NUR, the underlying service is maintained by me in nixpkgs
deleted by creator
Or how about… they each have their advantages and disadvantages, and therefore are each better suited to different uses and it doesn’t have to be a competition?
So your saying a Snap based Firefox use case is limited to downloading a different browser… so it’s effectively IE6? I agree, if that’s what you are saying.
PPAs suck, no doubt. But the thing is, if snap is so superior, just switch your whole distribution over to it and be done with it. Don’t do this underhanded switcheroo with individual packages spread over so many years.
The crux here is ultimately that snap just doesn’t look to be up to the task of replacing
.deb
, otherwise they’d have already done it. But they still want their proprietary appstore, so they have to make snap relevant by force.I can agree with that only if they solved the problems with extensions and a few other features that were not working with the snap version. If they did not, then they are assholes.
I use keepass to fill login forms, and that does not work with the snap version.
Just curious if you know why? I thought snap was just a package format, not a siloed container.
In my case, KeePass and ExpressVPN could not function. For KeepassXC, this was the reason:
It is impossible to support native messaging when a browser is running as a sandboxed snap. This is a limitation in snapd not keepassxc.
It appears they found some work-around with an extra script after installation as of 2 years ago. Basically, snaps are sandboxed, which is a feature. That wreaks havoc with certain tools, though. ExpressVPN’s browser plugin was having similar problems, and on Linux, that’s you’re only GUI interface for ExpressVPN.
I just checked, and I was updated to the Snap version, and I had no problems with either extension, so they did solve the problems. Therefore, I’m not outraged. Ubuntu has the right to standardize their deployments on a system that makes their work easier or less chaotic - as long as it does not screw over their customers.
Edit: i was mistaken. I still use the Mozilla PPA, so the problems migjt remain.
Hot take: PPAs suck
Agreed. I’d rather install manually than use a third-party PPA. I’ve had way too many problems, especially when it comes time for an OS upgrade.
snaps/flatpaks are better
I see this as a false dichotomy. The point of a distro is to have a wide array of stuff tested and available in official repositories. If the official repositories only contain half-assed snap ports, what’s the point? I either suffer with a shitty Firefox or jump through more hoops than ever before to install it from external sources? Ugh.
I’m on Ubuntu again, and I’ve had it up to my eyeballs with snaps. When the time comes to upgrade again, I’m either going back upstream to Debian, or downstream to a de-snapped Ubuntu derivative.
Yes, that is the acceptable use case. Aging, I maintained software in a usable form. Not “we’re showing off our container engine so everyone has to use it now”.
I haven’t had any problems with using Snap. I am currently switching from Chrome to Firefox. Firefox has ran great with Snaps so far.
But I also have an Nvidia RTX 3080. The Linux community hates both Snap and Nvidia. But they are working fine for me.
I tried PopOS but they didn’t have the current drivers for my Nvidia card, so I switched back to Ubuntu. This was about a year or so ago
The NVIDIA driver in Pop!_OS is currently 535.98. I’ve been using a RTX 3080 with Pop!_OS since the pandemic lockdown.
I am at work and can’t check the driver version but they sound like the current one.
How is Steam’s new big picture mode running for you under Pop!OS? I used to run Wayland with Steam’s old big picture mode but had to go back to x because it wouldn’t work.
I’m on ARM, arm64 to be more specific. There’s no native Widevine package for the browsers. There is a way to rip it from the new chromeOS for arm64, and to then plug it into chromium and firefox… but not with snap firefox. And to top it off, flatpak doesn’t even have firefox or thunderbird for arm64.
I like the approach Pop OS takes. Their software store lets you choose between deb or flatpak when you install software. I’ve had issues with flatpak versions of some software, and flipping to the deb package usually fixes it.
Fedora does the same thing where you can choose between RPM or Flatpak. The only flatpak package I’ve ever had problems with was OnlyOffice, and the issue was that the scaling was blown way out of proportions. Switching to the RPM version resolved that.
Mint does this, too!
@Linuturk @PseudoSpock My problem here is that I don’t understand the purpose of flatpak when Deb seems to have everything from my experience, but I’d love to be proven wrong.
- Flatpaks are usually fresher than point release distro packages
- Flatpaks are distro-agnostic
- Flatpaks are easily containerized for increased security and privacy
- Flatpaks can guarantee you have a known-good dependency chain directly tested by the developers/maintainers themselves
- Flatpaks can be installed and managed entirely in userspace
@bear
Thank you for the very clean and clear explanation. I’ll have to give them another chance.and better than snaps in experience…
All of that is good but you are overlooking the small detail that installing flatpack implies using up a lot more disk space than just pulling a distro package.
I can point one specific example with libre office: 3.9GB for the pack vs 785MB for the .deb.
We can argue disk space nowadays is cheap but overloading a machine with duplicated packages also goes against the main goal of running a Linux.
When I first started using it, one of the talking points was that Linux kept the system clean of clutter and that improved longevity for the hardware and delivered stability by not having unnecessary and unused or orphaned and redundant libraries and dependencies.
With flatpacks we get the latest and greatest - I’m a debian fan and I hurt for not getting more up to date software - but we are carting in a ton of junk that should not be necessary.
And the container/sandbox part is not that great, apparently. Debian wiki links to this to further educate/alert on the down sides of flatpacks. Debian is not the ultimate bearer of truth but they do move a lot of respect.
The 3.9GB is not just libreoffice, that number also includes runtimes. At most you would only install maybe around half of your host systems’s packages in runtimes for all the apps you use. There shouldn’t be any more usage than that. And even less if you stick to apps that fit your DE. Like if I just stuck to apps that used the gnome runtimes, I would have a pretty minimal installation.
Unfortunately, the dependency problem is really hard to solve, and at least they deduplicate what they can. Everything else works perfectly as well besides some minor issues with the sandbox connecting to the host system in certain edge cases.
Also please don’t link flatkill, it’s woefully outdated and every point on there has been addressed for years; it should be taken down.
I can point one specific example with libre office: 3.9GB for the pack vs 785MB for the .deb.
You already have most of the major dependencies installed natively as they are depended on for many other packages, and you’re not including the space they take up as part of installing the native package, but you are including them as part of the flatpak.
When I first started using it, one of the talking points was that Linux kept the system clean of clutter and that improved longevity for the hardware and delivered stability by not having unnecessary and unused or orphaned and redundant libraries and dependencies.
Flatpaks literally improve this. The core system itself remains extremely minimal and lean when you use containers, in both the server and desktop space. This greatly improves stability and longevity. We all know how much of a pain it is to do a point release upgrade on a system with tons of installed software. Flatpaks do not have this problem because they are independent of the system and each other.
but we are carting in a ton of junk that should not be necessary
It is necessary, and it’s not junk.
Debian wiki links to this to further educate/alert on the down sides of flatpacks.
Much like Debian packages, the Debian wiki is stale and outdated.
I’m learning as I go. Having imput on my talking points is always a good thing.
I remember dipping my feet into the Linux pool, through Debian, searching online for a given tool/program, just to get disappointed as I wouldn’t have it or the version available from the repositories was extremely outdated or some library required to run it would be as well.
And back then I remember thinking it would be great to have some way to get access to more recent software versions with all the necessary dependencies to run it from a realiable source.
But one thing I always thought should be obligatory was that during installation of such programs, only the resources absent from the system would be added to the installation/system and any other resource bundled would be automatically discarded, thus saving disk space and avoiding redundant libraries present on the system.
Do flatpaks have such working structure?
I am not a programmer of any sort and up until now, everything single information I’ve read states these sources throw every necessary resource it require for running into the system storage, regardless if some/all are already available per the system or other programs.
For me, this implies if I run 12 different programs that share, let’s say 2 libraries, for the sake of this conversation, and such libraries already exist in the base system, by using flatpaks to install each program I’ll be adding 24 redundant files to my hard drive.
For someone that usually runs entry level hardware, as I do, the storage getting full(er) translates into an heavier, sluggish system. Not to mention that only this year, I’ll be finnally running a machine with more than 500GB of storage. Storage space is a concern for me.
When I read on my distro “app store” that installing Libre Office from a flatpak would require 3.9GB after installed versus less than 1/4 of that if opting for the repo pack, the math wasn’t hard to make.
Where am I missing here? What am I failling to understand regarding flatpacks?
Easier system maintenance is a plus, per your words. I’m sold on that point.
But one thing I always thought should be obligatory was that during installation of such programs, only the resources absent from the system would be added to the installation/system and any other resource bundled would be automatically discarded, thus saving disk space and avoiding redundant libraries present on the system.
Do flatpaks have such working structure?
It’s possible, but rarely allowed because that would produce instability. Linux programs are built to rely on a specific version of a library. Depending on how much actually changes, you can sometimes get away with using a different version than the one it expects, but the more it changes the riskier it gets.
One of the major goals of flatpaks was to create a way for developers to ship one build that was guaranteed to run the same regardless of distro or environment. The isolation is very much the point. It does use more storage space, but in most cases it’s not enough to matter. When storage space is at a premium, yeah, you generally want to avoid containers. They trade space for stability.
Pretty much everything in the Linux space is converging on this concept. Desktop is moving to immutability with flatpak apps. The server space has been entirely taken over by containers. Even Valve has shipped a separate Linux runtime for as long as they’ve officially supported it, and they’re progressing on deeper containerization. You can direct it to run against your native packages instead of the runtime, but it’s rarely a good idea.
The point is that it gives developers a single target that they can all rely on, instead of having to account for 20 distros with multiple still-supported versions each. And believe me, these efforts have made Linux so much easier as a user as well. It used to be that lots developers only targeted Ubuntu. Trying to get anything to run on another system was off like pulling teeth. Now, you can almost always expect to find a flatpak instead which runs on any distro.
You mind if I poke the subject for a little more? It is opening a new understanding for me.
Please keep in mind I’m not a programmer, to any degree.
As per what you are explaining, flatpaks working remembers me of a flower blooming on a tree: it uses resources provided by it, adds functions to it but doesn’t alter it in a significant fashion.
But again on the space saving and version controlling.
Let’s take a given flatpak, where 50 libraries are shipped with it to ensure it works properly, on any given distro.
As you already said, library versions between distros can vary wildly but would it be that difficult to have a script running pre installation (I think “connection” is more adequate to describe the process at this point) to check for what already available required resources exist on the system to avoid redundancies?
I can understand that by having this sort of an homeostatic environment aids in assuring a given program will be capable of running on any machine but I can’t shake the intuition that at some point this will backfire. It’s not hard to imagine software to be kept relying on older, perhaps unsafe or not as streamlined versions of given libraries just because the developer is not that motivated to make whatever changes necessary to keep up to date with the new versions, as their software already runs as expected.
I’ll risk it and try it.
- Some software is on the Flathub instead of on Debian’s repos, so sometimes the choice is between Flatpak, AppImage and Snap.
Flatpaks can guarantee you have a known-good dependency chain directly tested by the developers/maintainers themselves
What does known-good mean? What if a security vulnerability is found in one of the dependencies. With an old-style distribution there is a security team that monitors security reports and they will provide a fixed package. With flatpaks it’s not clear to me if those developers will monitor each dependency for security vulnerabilities and how they will handle that. Will users even be informed about a security issue, will a fix be backported or will it only be available in the latest version?
What does known-good mean?
Known-good meaning a tested and working configuration approved by the developers/maintainers.
What if a security vulnerability is found in one of the dependencies. With an old-style distribution there is a security team that monitors security reports and they will provide a fixed package.
Flatpak is just another model of distribution. There isn’t really anything that needs to change here. The bugs are fixed upstream and they get pushed via the method of distribution, which is Flathub in this case.
The security team in a given distribution is charged with getting upstream fixes backported and shipped. There’s no need for this role because they’re just shipped directly in most cases.
With flatpaks it’s not clear to me if those developers will monitor each dependency for security vulnerabilities and how they will handle that.
The developers are usually the ones doing the fixes in the first place.
Will users even be informed about a security issue, will a fix be backported or will it only be available in the latest version?
Well, fixes don’t normally need to be backported because flatpaks are usually fresh. They’re just built normally in most cases.
For notifications, you’d have to follow the relevant projects directly.
Known-good meaning a tested and working configuration The bugs are fixed upstream and they get pushed via the method of distribution, which is Flathub in this case. Well, fixes don’t normally need to be backported because flatpaks are usually fresh.
There are a few assumptions in here in order for that to work: the known-good version needs to be the latest upstream version (otherwise you might not have the latest security fixes) and users need to be comfortable always using the latest flatpak version. Some users might be more comfortable staying on a known stable version for some time.
For notifications, you’d have to follow the relevant projects directly.
Right, and each project will have its own way of handling security issues (particularly when it comes to older versions). Will they point out that versions x - y of their flatpak are affected by a security issue in component z?
When a project doesn’t publish a deb or other native package, or when the flatpak is much newer and has features you need.
Flatpacks include the dependencies with the application. So different flatpacks may have the same libraries over and over, wasting space. RPM/DEB install just the application and each dependency is a separate package, and packages that use the same dependency will share the one copy. So flatpack is better for consistency when running the app because everyone is running the same dependency version, and space isn’t as much of an issue anymore with nearly everything having more than enough storage.
Flatpak share dependencies when they have same version, so they aren’t wasting space. e
If you don’t embrace snaps just don’t use Ubuntu.
Hence me now moving off of it.
I’m curious, what are you considering moving into?
EndeavourOS. It’s available for Arm64. Has firefox, has chromium, has vivaldi, and even has a widevine plugin builder in their AUR repo for the first two.
For UTM hypervisor, select the Arch for ARM from their gallery and install it. Then follow the instructions for Parallels to EndeavourOS it. Oh, expand the disk and filesystem first, though.
It’s quite a step back in time for an installation process, though. Even after getting it installed and setup for KDE Plasma, still need to install a lot of things:
- NetworkManager
- git base-devel
- man-pages man-db
- dnsutils
- LibreOffice Plus all the things one installs for customization on any Linux… preferred shell(s), if not bash, shell customizations and completions, various cli’s you’ll want or need, your favorite IDE, browsers, browser extensions, programming languages, ansible, terraform, helm, kubectl, podman and or docker, etc etc.
deleted by creator
LibreWolf is a Firefox fork with features removed which we don’t want (Telemetry, Pocket, …) and a few (privacy) features enabled (which can be deactivated if they’re too annoying). I didn’t had any issues with Firefox extensions as well.
I’m currently using it on Debian and it runs smoothly. Recent Ubuntu versions are also supported and you can install them via your package manager, see here.
I’ve recently distro hopped and the new distro came with Firefox preinstalled (had arch before but with xfs and wanted btrf snapshots).
Do you think its telemetry is so bad? I want to help Mozilla to some extent to keep them working on Firefox as I think Librewolf isn’t showing much usage or support for Firefox itself.
@hornedfiend @Seltsamsel That’s a good question and got me curious. I had a look at Telemetry collection and deletion from Mozilla. You can enter
about:telemetry
in the address bar to see what Firefox is collecting (even if it is not being sent).You shouldbea able to turn off from settings. More options are present in the config. You can find github guides doing more hardening for sedurity and privacy.
Not sure about librewolf specifically but most of these firefox forks do these initial setups for you and maybeave a couple of addons preinstalled. You would still be using firefox. Beyond crash reports and some reduced usage metrics turning them off should hinder firefox much.
Time to switch to Mint ( or Debian ). I have not like Ubuntu for a while but this forced match to snaps seems too much.
I use Arch myself. I have been considering trying Debian Stable with Distrobox / Arch. The stability of Debian with a totally current and massive package inventory ( thank you AUR ) sounds like perhaps the best of all worlds.
This is on an arm64 (m1) platform, in a VM.
I stopped using Ubuntu because of snap a while ago. I tend to run Linux on older machines and flat packs tend to take much longer to load than native apps. I get that they have their purpose but I would prefer to choose to use rather than be forced. I’m currently trying out POP_OS! and it’s a welcome flavor of Ubuntu
They forget this
Most normies using linux distros use it because they don’t have 16gb of ram and a massive ssd
Now the most mainstream linux distro does a lil trolling
Fedora spins time!
yay! another company damaging itself!
I’m a bit confused to see that the hate falls entirely on ubuntu. Isn’t the change in the ppa of mozillateam,
owned by mozilla?Edit: It seems that mozillateam is actually ubuntu.
Was there even a change to the Firefox PPA? I am not seeing a change.