802

Snap out of it (lemmy.zip)

submitted 2 days ago* (last edited 2 days ago) by 299792458ms@lemmy.zip to c/linuxmemes@lemmy.world

166 comments fedilink hide all child comments

How do you guys get software that is not in your distribution's repositories?

top 50 comments

sorted by: hot top controversial new old

[-] MehBlah@lemmy.world 3 points 9 hours ago

Install from source if there isn't a repo for the software.

[-] InternetCitizen2@lemmy.world 1 points 7 hours ago

Hardcore

[-] nicknonya@lemmy.blahaj.zone 5 points 13 hours ago

it's called snap cos thats what the community will do to your bones if you use it. apparently

[-] BigDanishGuy@sh.itjust.works 45 points 1 day ago* (last edited 20 hours ago)

Why not just stick to what we've always been doing?

wget something.tar.gz
tar something.tar.gz
man tar
tar xzf something.tar.gz
cd something
ls -al
./config.sh
chmod +x config.sh
./config.sh
make config
Try to figure out where to get some obscure dependency, with the right version number. Discover that the last depency was hosted on the dev's website that the dev self-hosted when it went belly up 5 years ago. Finally find the lib on some weird site with a TLD you could have sworn wasn't even in latin characters.
make config
make
Go for coffee
make install
SU root
make install

[-] merthyr1831@lemmy.ml 6 points 10 hours ago

I much prefer our modern package format solutions:

sudo apt install something
open
wtf this is like 6 months old
find a PPA hosted by someone claiming to have packaged the new version
search how to install PPAs
sudo apt <I forgot>
install app finally
wtf it's 2 months old and full of bugs
repo tells me to report to original developer
report bugs
mfw original dev breaks my kneecaps for reporting a bug in out of date versions packed with weird dependency constraints they can't recreate

[-] PenisDuckCuck9001@lemmynsfw.com 2 points 23 hours ago* (last edited 23 hours ago)

We should normalize programs that don't use such exotic and impossible libraries that you have to do anything besides type "make" and "make install" for it to work.

In theory it's a no brainer. In practice not so much.

[-] Omniraptor@lemm.ee 2 points 13 hours ago

in the end we end up using containers afaict

[-] Petter1@lemm.ee 6 points 1 day ago

I don’t really like neither of the 3, personally. But I understand the need and the benefits

[-] emiellr@lemm.ee 2 points 1 day ago

I feel like that's a pretty good take. As long as you're getting the software in an elegant way that doesn't break the dev's back, we're good.

[-] Dop@lemmy.world 11 points 1 day ago

Linux noob here, can someone ELI5 why snaps are bad? And how does .deb works?

[-] merthyr1831@lemmy.ml 3 points 10 hours ago

Nothing necessarily at the tech level. They're more capable than Appimages or flatpaks to the point that you can use it to build a reproducible system hardened against tampering or defective updates.

The downside is that it's controlled entirely by canonical, has limited abilities (if any?) for hosting storefronts/packages outside of their ecosystem, and said ecosystem is insecure and has already allowed multiple waves of malicious apps to reach end users because of poor moderation of listings masquerading as legitimate versions.

Canonical has also been increasingly hostile to flatpaks - removing it from Ubuntu and derivatives by default to push users towards snap.

The whole loopfs thing is just an annoyance, but the aggressive posturing by canonical as well as the closed nature of the storefront that has led to malicious attacks on end users is enough to give it more than a few haters.

[-] pixelscript@lemm.ee 9 points 1 day ago

The primary thing I hate about them is that every snap package appears to your system as a separate mounted filesystem. So if you look in your file explorer, you can potentially see dozens of phantom drives clogging up your sidebar.

[-] lengau@midwest.social 8 points 1 day ago

I don't think snaps are bad (and when someone tries to explain why they are, about 85% of the time they say something wrong enough that I suspect they're probably just parroting someone else rather than actually knowing what's going on). It's sad, because if we could get rid of the bullshit we could actually have decent discussions about the benefits and shortcomings of snaps (and how to fix those shortcomings).

On the .deb front: it's a package format made by Debian. Each archive contains a data tarball, which has the files in the package in their full structure from /, and a control tarball, which contains metadata such as name, version and dependencies as well as pre-install, pre-remove, post-install and post-remove scripts, which are used doing any setup or removal work that can't be done just by extracting or deleting the files.

The upside of deb files is that they tend to be pretty small. The downside is that this typically comes from having a tight coupling to library versions on the system, which means upgrading a library can break seemingly unrelated things. (This is why you get warnings like this page: https://wiki.debian.org/DontBreakDebian) Many third party distributors (e.g. Google with Chrome) take care of this by packaging most dependencies inside the deb, inflating the size.

Another major difference between packages like debs and rpms and newer formats like snaps and flatpaks is that the latter have confinement systems to prevent apps from having full access to your system.

[-] merthyr1831@lemmy.ml 1 points 9 hours ago

Honestly if not for the convoluted Linux FS layout, debs would be pretty serviceable and aren't really different to the Windows solution. The fs layout makes installations way too fickle to clashing with other applications.

That and dependency hell, which distros should have never been allowed to touch beyond the core dependencies required to get your desktop running.

[-] lengau@midwest.social 1 points 7 hours ago

Well that's what /opt is for. Well-behaved application packages that aren't part of your core distro should install themselves in there.

[-] Brahvim@lemmy.kde.social 3 points 23 hours ago

For me, it was snapd taking ~2.5 GiB of RAM.

[-] emiellr@lemm.ee 2 points 1 day ago

Worth noting that the confinement of Flatpaks and Snaps can have major drawbacks. It has been a major pain in the ass to get Flatpaks working nicely with fractional scaling (think tiny cursor, huge text, tiny text etc etc)

[-] merthyr1831@lemmy.ml 1 points 9 hours ago

Nothing in theory makes that an issue of flatpaks and snap, just that both rely on different means to interact with the host system that have been woefully slow to implement. If enough protocols are developed a flatpak or snap should be as capable as a native app with the safety benefits for free.

[-] lengau@midwest.social 1 points 7 hours ago

If you look through the desktop portals GitHub, it seems to be a mess of bikeshedding, mostly on the part of a small number of people on the flatpak side. Canonical seem to have been working around this in snaps by writing their own interfaces as stopgaps until the desktop portals catch up, probably because they got such pushback when the similar frustration on the display server side resulted in them releasing mir with its own protocol until the Wayland folks could get their act together.

[-] emiellr@lemm.ee 1 points 9 hours ago

While you're right in pointing out that in theory it's basically as capable as native, it's a royal pain in the ass as it is right now, which disqualifies it from a great deal of applications.

[-] Lettuceeatlettuce@lemmy.ml 17 points 1 day ago

Snaps are a standard for apps that Ubuntu's parent company, Canonical, has been trying to push for years.

The issue that most people have with them, is that Canonical controls the servers, which are closed source. Meaning that only they can distribute Snap software, which many Linux users feel violates the spirit & intention of the wider free and open source community.

Appimages and Flatpaks are fully open source standards, anybody can package their software in those ways and distribute them however they want.

.deb files are software packaged for the Debian distribution, and frequently also work with other distros that are based on Debian, like Linux Mint.

[-] lengau@midwest.social 7 points 1 day ago

Some further context on this that @Dop@lemmy.world might want to know:

While Canonical's snap store is proprietary (which, to be clear, I don't really like), all the client software is open source and the API is well documented (though a bit janky). Their snap store relay app (which is open source) has a full implementation of it. There was a fully functional open snap store for a while, but the project died out of a lack of interest. You can also distribute snaps through another mechanism and install them locally on the machine (though you then lose the benefit of snapd's auto updates). You can even do this with snapd still checking the signatures of the snaps.

The standard for snaps is fully open, as is snapd itself.

There's no need to oversell the negatives to the point of being wrong.

[-] merthyr1831@lemmy.ml 1 points 9 hours ago

Interesting, didn't know it was feasible to make the distribution open.

That doesn't give me much to complain about in theory, but canonical has lost way too much good faith to give people a reason to keep open snap distribution going for free. They should definitely consider hosting an open store just to get people on board again.

[-] lengau@midwest.social 1 points 7 hours ago

It was being done by a group of snapd developers at Canonical, IIRC, but after a couple of years of exactly zero interaction from anyone outside Canonical I think they just gave up and decided it wasn't worth it because they were getting accused of trying to monopolise whether they had an open store or just an open API.

Of course, you can also distribute snaps without using the snap store API. I've used this for airgapped machines in the past. You can either just grab the .snap file (which is just a squashfs file with a meta/snap.yaml in it so snapd knows how to treat it) and install it with --dangerous, or you can include an assertion file for that snap signed by a certificate that your machine's snapd trusts and not even have to do that. (Those airgapped machines trusted our own certificate so we could ensure that the snaps came from our CI process and weren't a developer's random test snap).

load more comments (1 replies)

load more comments (5 replies)

[-] hjjanger@lemmy.world 4 points 1 day ago

I have yet to find a need to go outside of the Debian repos.

[-] communism@lemmy.ml 7 points 1 day ago

Artix repos > Arch repos > existing AUR package > create my own AUR package

No need to use any of these flatpak/appimage/snaps when I can just make a package for my distro. Most software is not difficult to package.

[-] zyratoxx@lemm.ee 2 points 21 hours ago

This may be true from your perspective but won't sway over many newbies / plebs who don't have the knowledge (yet) or who simply do not have or want to take the time for self packaging.

And flatpak, snap and appimage tend to become the standard to get verified, tried and tested software hosted & supported by the official maintainers or the company behind the software.

Now to the personal part:

There was a time when I was motivated enough to get packages from user repos - I actually never was motivated enough to do self packaging so maybe I have missed something world changing - but I got so tired of having to figure out the missing "optional" dependencies that meant the software wasn't working as expected and having to trust 3rd party maintainers when most stuff on flathub was "install & ready" and officially supported or at least hosted by a "verified" source. And maybe distro xyz has a mindblowing solution to all my problems but for the moment I am happy with what I have and not looking for yet another distrohopping and yet another point was whilst distrohopping it was soo easy that I could use the same install.sh containing all my favourite flatpak apps & the "applications" folder containing my favourite appimages no matter if I was on a Debian, RedHat, Arch, ... based distribution.

[-] communism@lemmy.ml 1 points 10 hours ago

I never claimed I was trying to "sway over newbies"? Do what you want, this is just my personal preference.

[-] deczzz@lemmy.dbzer0.com 5 points 1 day ago

.deb first and then flatpak if not available as on deb repo or if deb version is outdated. Never used appimage or snap. Rpm just as good as deb when I use Fedora. Flatpaks are much larger in size which is why I first go with the deb version.

[-] kittenzrulz123@lemmy.blahaj.zone 30 points 1 day ago

Native repos > AUR > compile from source > Flatpak

load more comments (1 replies)

[-] 4oreman@lemy.lol 18 points 1 day ago

cant we just have .deb?

[-] jelloeater85@lemmy.world 1 points 1 day ago

The issue is with pushing updates. Eget is nice, but it doesn't push updates.

load more comments (6 replies)

[-] thedeadwalking4242@lemmy.world 4 points 1 day ago

Nix, if not in nix pkg for nix, then nix

[-] cley_faye@lemmy.world 55 points 2 days ago

Native package manager > Native binaries > AppImage > Flatpak.

Yes, snap isn't even on the scale.

[-] Kusimulkku@lemm.ee 51 points 2 days ago

Not a fan of AppImages myself. For an universal format it has surprising amount of issues with different distros, in my experience. And the whole Windows style "go to a website, download the AppImage, if you want to update it, go to the web page again and download it again" is one thing I wanted to get away from. At least they don't come with install wizards, that clicking through menus thing was a pain.

For one off stuff I run once and never need again, AppImage is alright. But not being built-in with sandboxing, repos, all that stuff, it just seems like a step back.

load more comments (3 replies)

load more comments (20 replies)

[-] Trail@lemmy.world 77 points 2 days ago

There is no software that is not in AUR. I use arch, BTW.

load more comments (17 replies)

[-] LainTrain@lemmy.dbzer0.com 20 points 1 day ago