196
submitted 9 months ago by Pantherina@feddit.de to c/linux@lemmy.ml

There are big wishes for Signal to adopt the perfectly working Flatpak.

This will make Signal show up in the verified subsection of Flathub, it will improve trust, allow a central place for bug reports and support and ease maintenance.

Flatpak works on pretty much all Distros, including the ones covered by their current "Linux = Ubuntu" .deb repo.

To make a good decision, we need to have some statistics about who uses which package.

you are viewing a single comment's thread
view the rest of the comments
[-] danielquinn@lemmy.ca 7 points 9 months ago

Personally I install it with pacman and generally avoid Flatpaks due to annoying problems I've had with it limiting filesystem access in the past. My biggest problem is that it seems to "forget" that I'm logged in if I don't use it regularly, meaning I have to regularly re-auth it on my desktop since I use it infrequently there.

[-] Pantherina@feddit.de 3 points 9 months ago

Flatpaks are generally made way to loosely. Always "not breaking" > "being secure".

So this should not really be the case, drag&drop doesnt work yet, maybe copy-pasting files doesnt if the app cannot access that directory statically (you need to add an attachment from within the app, your file picker will open which is a "portal" which links that file into the apps container and thus allows the app to see it.)

Everything else works normally, screensharing too

[-] danielquinn@lemmy.ca 3 points 9 months ago

That's an understandable goal, but as a user, breaking the user experience when I go to send a file to someone only to find that I can't even see it in some apps is a deal breaker. If the app can't be trusted to do that, I won't use it.

[-] Pantherina@feddit.de 0 points 9 months ago* (last edited 9 months ago)

What do you mean by this?

This makes no sense.

You cannot trust any app to do anything. Look at their code, or ask people that know people that heard of people that looked at their code (how it is currently done in FOSS, lol).

Modern apps integrate portals & pipewire permissions. Bad apps dont, and they suck. Please annoy Slack with that, they have to adopt the Flatpak and modernize the code. Its like a few dozen lines to replace a custom own filepicker with the xdg-desktop-portal file picker of the OS.

[-] danielquinn@lemmy.ca 1 points 9 months ago

I wasn't talking about Slack. Actually, my worst Flatpak experience was with PyCharm. The fs limitations mean it couldn't see files like ${HOME}/.config/git/ignore or load up my shell environment inside the IDE. It's basically a neutered version of the app because someone decided to draw the security/usability line too far in the one direction.

It's fine if you think that's a good idea, but as a user, the choice of packaging means it's not useful to me, so I won't use it.

[-] Pantherina@feddit.de 0 points 9 months ago

Oh, the user above was mentioning slack, sorry.

Pycham is also proprietary. This is an unofficial repackage of the app done by volunteers.

It probably works fine just not for your workload. But I can imagine why someone would want to sandbox Pycharm...

And to your issues, have you even tried to poke holes in the sandbox? You can use KDEs settings or Flatseal.

Launching a terminal can be done via flatpak-spawn.

I think you dont get this. Flatpak is important. Linux is completely powerless, there are people installing invasive apps which then can do what they can on Windows. Compare that to Android (which is obviously way less complicated because of how apps are used).

Flatpak is a new system to build apps, of course it cant read some ~/.config directory thats the point. If you store stuff there you are used to a different way and will need to adapt. Or you use their official binaries.

Just because apps are not ready this doesnt mean it is not clearly the way we will do GUI apps. 800+ apps officially verified. We are approaching official universal Linux support here!

[-] danielquinn@lemmy.ca 1 points 9 months ago* (last edited 8 months ago)

No, I haven't tried to poke a hole in a sandbox. Generally speaking, if I have a choice between pacman -S <app> or "install with Flatpak and then fiddle with sandbox settings" I opt for the former. I get that you think this is important, and Flatpak is a nifty idea, but in terms of usability, it has failed me repeatedly to the point where I don't want to use it, so I don't.

You seem to be coming from a position of "Flatpak good, so everyone must use it", which is nice, but it's naïve. Flatpak is ok, but it has usability problems, and since you want people to use it, usability is kind of important. It also introduces a frustrating divide from a user perspective. The idea that "desktop apps" should be installed via Flatpak, and everything else with a proper package manager is madness from a user's perspective. I don't understand how you can't see that, but you're going to have to accept it 'cause newsflash: not everyone thinks like you.

Finally, packaging for Flatpack is a Pain In The Ass. I say this as someone who's tried it. The build system is clearly biased toward particular use cases and particular languages, which is great if you're in that camp, but for everyone else it comes across as impractical for the intended purpose.

So yeah, it's great that this is important to you. Go ahead and develop the shit out of Flatpak, and maybe even work on the user experience some more. I'll keep having a look from time to time, but for now, it's not happening, and this attitude of yours, that the rest of us will just "need to adapt" to your preferred way of working... if I wanted that I'd use a Mac. GTFO.

[-] Pantherina@feddit.de 1 points 9 months ago

Its easy. If you have a problem, report it. Instead of arguing about it they may have already fixed it.

If you want to run a proprietary app unconfined, do so.

But you also have to admit that reading some git config in a non flatpak directory is actively against the sandboxing principle, and thus requires manually allowing that access.

Sure, flatpaks need more popups that do exactly that.


Dividing "GUI apps" and other packages is easy. Go to a store, if it has an icon, install it via flatpak, if it has no icon, then you may not do that.

Appstream metadata so to speak.

Finally, packaging for Flatpack is a Pain In The Ass

Agreed.

okay maybe stop being so rude? Flatpak is the possibility for a secure system. We see how painfully slow adoption for that is on every Desktop, mac and windows too.

But it is great to have this, and I am sure we could make your Pycharm work by applying that override. The rest has to be done by the developers and it is important to care.

It is the same as with wayland, people need to change their software to ask for permission, follow standards and dont do weird shit. Only then the UX is solved.

And by the way what is stopping you from just using some apps as native system apps, and flatpak for the rest?

[-] danielquinn@lemmy.ca 1 points 9 months ago* (last edited 8 months ago)

Dude, you're the one being rude. I was done with this conversation yesterday and you just keep coming back like it's an argument you can "win" by insisting that I think like you and change my behaviour to be like you.

You started the whole thread looking for input and when you didn't get the response you wanted you just berated the respondents telling then how wrong they were.

I'm done here. You've forced me to go digging around Lemmy to see if there's a block function.

[-] Pantherina@feddit.de 1 points 9 months ago* (last edited 9 months ago)

Ok strange. I gave you a good and not one sided response.

Like, totally strange. I dont see how my comment could have been offending in any way. You had a specific problem leading to a generalized conclusion.

[-] where_am_i@sh.itjust.works 1 points 9 months ago

Last time I installed slack through flatpack I couldn't send any files. Not through drag-and-drop, neither through the filepicker. The latter was just empty.

Downloading files from slack also had awfully weird side-effects.

Slack doesn't have an apt repo, so I download debs and updat manually. Maybe once half-a-year.

If that's the experience I'd get on my signal through flatpack, I'd also rather be downloading manually. And I'd even compile from source rather than deal with that flatpack stuff.

[-] Pantherina@feddit.de 1 points 9 months ago

Slack is proprietary garbage with bad Linux adoption. Apps need to integrate Portals themselves, if they are used to having access to anything they will use a regular file picker which only works if they already have access to your stuff.

Signal integrated all the stuff, Pipewire, Portals.

Please try... before comparing random proprietary apps (that also probably still dont work on Wayland, which also means they are insecure by design) to general Flathub.

Just learned yesterday there are over 800 verified apps on Flathub! Made by official developers! On Distro repos this is nearly 0

[-] where_am_i@sh.itjust.works 1 points 9 months ago

This is just so bad. I can't use anything snap/flatpack cuz it simply won't let me send a file. As it runs on it's on file subsystem and doesn't have access to anything else.

On the other hand, an app that has access to my entire hard-drive is awfully insecure, right? So, what's the solution?

in the meantime they could include an option "I allow this app to acess my whole $HOME, thanks, I need it cuz I am a user not a security researcher". Until then I'm not touching flatpack

[-] Danitos@reddthat.com 1 points 9 months ago

You can use Flatseat to config the permissions (including files) that Flatpaks have. It has a nice GUI

this post was submitted on 05 Feb 2024
196 points (91.9% liked)

Linux

48332 readers
569 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS