this post was submitted on 07 Jul 2025
693 points (92.5% liked)

Linux

56133 readers
803 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 6 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
693
Fan of Flatpaks ...or Not? (lemmy.ml)
submitted 3 days ago by [email protected] to c/[email protected]
314 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 30 points 3 days ago (37 children)

Certainly a fan, and I don't understand the hate towards it.

Flatpaks are my preferred way of installing Linux apps, unless it is a system package, or something that genuinely requires extensive permissions like a VPN client, or something many other apps depend on like Wine.

The commonly cited issues with Flatpaks are:

  • Performance. Honestly, do you even care if your Pomodoro timer app takes up 1 more megabyte of RAM? Do you actually notice?
  • Bloat. Oh, yes, an app now takes 20 MB instead of 10 MB. Again, does anybody care?
  • Slower and larger updates. Could be an issue for someone on a metered traffic, or with very little time to do updates. Flatpaks update in the background, though, and you typically won't notice the difference unless you need something newest now (in which case you'll have to wait an extra minute)
  • Having to check permissions. This is a feature, not a bug. For common proponents of privacy and security, Linuxheads grew insanely comfortable granting literally every maintainer full access to their system. Flatpaks intentionally limit apps functionality to what is allowed, and if in some case defaults aren't good for your use case - just toggle a switch in Flatseal, c'mon, you don't need any expertise to change it.

What you gain for it? Everything.

  • Full control over app's permissions. Your mail client doesn't need full system permissions, and neither do your messengers. Hell, even your backup client only needs to access what it backs up.
  • All dependencies built in. You'll never have to face dependency hell, ever, no matter what. And you can be absolutely sure the app is fully featured and you won't have to look for missing nonessential dependencies.
  • Fully distro-agnostic. If something works on my EndeavourOS, it will work on my OpenSUSE Slowroll, and on my Debian 12. And it will be exactly the same thing, same version, same features. It's beautiful.
  • Stability. Flatpaks are sandboxed, so they don't affect your system and cannot harm it in any way. This is why immutable distros feature Flatpaks as the main application source. Using them with mutable distributions will also greatly enhance stability.

Alternatives?

AppImages don't need an installation, so they are nice to see what the program is about. But for other uses, they are garbage-tier. Somehow they manage both not to integrate with the system and not be sandboxed, you need manual intervention or additional tools to at least update them/add to application menu, and ultimately, they depend on one file somewhere. This is extremely unreliable and one should likely never use AppImages for anything but "use and delete".

Snaps...aside from all the controversy about Snap Store being proprietary and Ubuntu shoving snaps down people's throats, they were just never originally developed with desktop applications in mind. As a result, Snaps are commonly so much slower and bulkier that it actually starts getting very noticeable. Permissions are also way less detailed, meaning you can't set apps up with minimum permissions for your use case.

This all leaves us with one King:

And it is Flatpak.

[–] [email protected] 19 points 3 days ago* (last edited 3 days ago) (15 children)

I've been working on Linux for 15 years now and I perfectly remember the origin of many concepts. If you look at it through time, what would it be like:

  1. We can build applications with external dependencies or a single binary, what should we choose?
  2. The community is abandoning a single binary due to the increased weight of applications and memory consumption and libraries problems
  3. Dependency hell is coming ...
  4. Snap, flatpack, appimage and other strange solutions are inventing something, which are essentially a single binary, but with an overlay (if the developer has hands from the right place, which is often not the case)
  5. Someone on lemmy says that he literally doesn't care if the application is built in a single binary, consumes extra memory and have libraries problems. Just close all permissions for that application...

Well, all I can say about this is just assemble a single binary for all applications, stop doing nonsense with a flatpack/snap/etc.

UPD: or if you really want to break all the conventions, just use nixos. You don't need snap/flatpack/etc.

[–] [email protected] 5 points 3 days ago* (last edited 3 days ago) (6 children)

I don't mind other solutions, as long as they have the key features Flatpak offers, namely:

  • Being open-source
  • Having app permission system
  • Having bundled dependencies
  • Integrating decently with the system

Times are changing, and memory constraints for most programs are generally not relevant anymore.

[–] [email protected] 11 points 3 days ago (1 children)

Times are changing, and memory constraints for most programs are generally not relevant anymore.

But there are gaps in the libraries that, unlike distributions with dependencies, can no longer be managed. And all the security of your system depends on a small flatpack access control, which 99% of users do not understand at all and, with any problems simply opens access to the entire home directory.

[–] [email protected] 7 points 3 days ago* (last edited 3 days ago) (1 children)

I'm not saying Flatpak is perfect, but it appears to be the best we have.

I absolutely agree more needs to be done to explain permissions and have sane defaults. Flatseal in particular could introduce more warnings, and this is where non-technical users set their permissions.

In my experience, most Flatpaks do not request full home folder access by default, and making Flatpak access everything everywhere typically requires user intervention.

Native apps, meanwhile, just run with full system-wide access; I get it that they're more vetted and more properly updated, but this is an unhealthy and insecure arrangement.

[–] [email protected] 4 points 3 days ago* (last edited 3 days ago) (1 children)

this is a system for work tasks. Of course, I understand what the developers are going for. that is Android. And it's really nice to read the Internet on android. But try to do something more complicated than that and you'll realize that it's hell. However, I don't mind if such distributions appear. Why not? I just don't understand people who voluntarily limit their abilities. And why you don't just install Android 64?

The flatpack approach automatically remove everything low-level from the equation. Do you want to write directly to the graphics card buffer? Read the input? Do I set the fan rotation parameters directly in the /proc? All these applications will never work in flat pack.

On the other hand, flatpack is superfluous and for convenience. You can simply build an executable file without dependencies and configure firejail for it yourself... That's all. Or run the file from another user. That is so popular exactly bacause RedHat pushed them. Literaly like Canonical pushed snap.

[–] [email protected] 8 points 3 days ago (1 children)

All these applications will never work in flat pack.

They don't have to! Flatpak doesn't remove all other ways to install software. But for 95% of use cases, it will do just fine.

Firejail is good, but it only solves sandboxing part of the equation, and there's so much more to Flatpaks than that. Also, it's more painful to configure and is more sysadmin-oriented.

[–] [email protected] 3 points 3 days ago* (last edited 3 days ago) (1 children)

They don't have to! Flat pack doesn't remove all other ways to install software. But for 95% of use cases, it will do just fine.

Tell this to canonical, they even firefox put in the snap. You know that when choosing "quickly compile something for a flatpack" and "support 10+ distributions", the developers will choose a flatpack. Which in general looks fine, until you realize that everything is just scored on the mainline of libraries and molded on anything. The most striking example of this is Linphone. just try to compile it...

[–] [email protected] 6 points 3 days ago

Snap is cancer, and what Canonical does is insane.

In any case, it is unlikely someone will make an exclusive Flatpak for what doesn't work inside Flatpak. But I understand it means a lot for user choice and ability to compile programs they way you want, so I fully support shipping Flatpaks alongside classical packages and source code.

load more comments (4 replies)
load more comments (12 replies)
load more comments (33 replies)