Announcement

Collapse
No announcement yet.

Playing Around With Ubuntu's Snaps, On Fedora

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Playing Around With Ubuntu's Snaps, On Fedora

    Phoronix: Playing Around With Ubuntu's Snaps, On Fedora

    I had a bit of a surprise waiting for me as I walked out of lunch today: Ubuntu's snapper packaging utility had accepted the necessary patches to work on non-Ubuntu distros. The list of supported distributions now includes Arch, Gentoo, Debian, and Fedora.

    http://www.phoronix.com/vr.php?view=23295

  • #2
    Is it bad to feel that i don't want snap? Its not that i feel like the idea behind is overall bad. But i think Flatpak is a better approach. Not that Flatpak is the best possible solution but i think its better than snap. I was in the believe that Flatpak is all the way up to be the "one" that could make that goal in reach – having i single distribution target for developers who want directly reach the customer. Let it either be for proprietary applications or like me, just little hobby projects to ship to friends that are not supposed to be maintained by an army of distribution maintainers. I alredy started to build toolchains for this because as of yesterday i was in the believe Flatpak is the cool new guy in town everybody believes in. And was i little bit worried in the last view hours to see article after article popping into existence about how cool snap is, without mentioning its alternatives and that it looks like canonical has finally solved the "problem". As Flatpak may not be the best solution it has at least the advantage of having "common" Runtimes that could literally used as shared library's so we – as developers – must not ship everything with the application AND must NOT worrying about security related patches for that runtimes we ship our software for. See the differences in package size for different package formats that try to achieve the same goal as Flatpak/snap or common other ways to distribute Software.

    LibreOffice Windows x64 MSI: 238 MB

    LibreOffice OS X Bundle: 201 MB

    LibreOffice Flatpack: 156 MBs

    LibreOffice x64 Deb package: 229 MBs

    LibreOffice x64 RPM package: 229 MBs

    LibreOffice AppImage: 246 MB

    LibreOffice snap: 1.1 GB


    In the last couple of hours i see snap beeing covered on many popular Tech Sites that "praise" snap and don't even mention its alternatives. I have the fear that we miss the opportunity to discuss the situation as a hole. If snap wins this discussion i have no problem with it ( ok maybe i have) but from the articles i read its sound like its the first and only solution all have been waiting for. And if you like Linux and feel "we" need such a solution but are not that involved into this topic one can be assume that THIS (snap) is the only way to go and we need to support just snap. I don't want 10 parallel alternatives, i want one remotely good solution and i think snap is not falling into this schema. And if those articles don't talk about the alternatives and showing us the pros and cons, i fear we have not much to discuss about.
    Last edited by pythoneer; 06-15-2016, 09:37 AM.

    Comment


    • #3
      Regarding the LibreOffice menu issue, that is an option set at runtime, not when compiling, so this is most likely just an oversight of an unfinished snap.

      Comment


      • #4
        Shocked by the snap package size? What did you expect? Isn't the point of snappy that it includes all dependencies of the app it installs, so that there are no problems with missing conflicting library versions and stuff like that? I thought that snaps weren't meant for regular desktop users but for virtual machines running web servers and whatever the advantage being that if you install something that doesn't work for you, you can just uninstall the snap and everything is back to the way it was before.

        Comment


        • #5
          My biggest problem with snaps is that unlike flatpaks (I do think they need to change the name again to something shorter/more fun to use) is that they don't have good security hygiene. Flatpaks support only Wayland apps, while snaps will support both. What this means in practice, is that even 5 years from now, chances are that 90% of the snaps will be just as insecure as regular Linux apps are today, while 100% of the flatpaks will be secure (I just mean in the context of whether they're using X11 or not, not that they're unhackable or anything like that).

          Comment


          • #6
            Originally posted by Krysto View Post
            My biggest problem with snaps is that unlike flatpaks (I do think they need to change the name again to something shorter/more fun to use) is that they don't have good security hygiene. Flatpaks support only Wayland apps, while snaps will support both. What this means in practice, is that even 5 years from now, chances are that 90% of the snaps will be just as insecure as regular Linux apps are today, while 100% of the flatpaks will be secure (I just mean in the context of whether they're using X11 or not, not that they're unhackable or anything like that).
            You can use Flatpak with X11 without problem. I already did. But that is not an argument against you, snap is inherently more unsafe than Flatpak.

            Comment


            • #7
              Article didnt mention that Dell, Samsung, The Linux Foundation and some others are collaborating on snaps with Canonical, they obviously see the future in snaps. File size is not an issue in 2016, we dont have 20 GB disks any more, and even if one runs a ultrabook with 128 or 256 GB SSD that is still more than enough to use snaps for your favorite applications. What is 5 or 10 GB of disk space in 2016 compared to ever fresh applications? Nothing at all.

              Comment


              • #8
                Originally posted by eltomito View Post
                Shocked by the snap package size? What did you expect? Isn't the point of snappy that it includes all dependencies of the app it installs, so that there are no problems with missing conflicting library versions and stuff like that? I thought that snaps weren't meant for regular desktop users but for virtual machines running web servers and whatever the advantage being that if you install something that doesn't work for you, you can just uninstall the snap and everything is back to the way it was before.
                No it was not meant to be used only on servers. That's canonical solution for the Ubuntu Phone and Desktop (and of course the server – its not exclusive) But the question is, why trying to ship a hole Linux system with your app. I find Flatpak a better solution, like we see on Steam to provide a Runtime everybody can rely on. This Runtime can be updated to security fixes without the application developer ever noticing. Yes snappy was meant to work that way, but it is valid to ask if it need to work that way and if we possibly have better solutions available.

                Comment


                • #9
                  Originally posted by Krysto View Post
                  My biggest problem with snaps is that unlike flatpaks (I do think they need to change the name again to something shorter/more fun to use) is that they don't have good security hygiene. Flatpaks support only Wayland apps, while snaps will support both. What this means in practice, is that even 5 years from now, chances are that 90% of the snaps will be just as insecure as regular Linux apps are today, while 100% of the flatpaks will be secure (I just mean in the context of whether they're using X11 or not, not that they're unhackable or anything like that).
                  Snaps achieve maximum security with Mir, they are intended to work with Mir on desktops, but they will offer benefits to X11 users as well and with all the inherent X11 vulnerabilities which cannot be helped. Snaps are also intended for embedded devices which dont need a display server at all which also enables maximum security. They are already deployed on various devices.

                  Comment


                  • #10
                    The idea behind Snapper is that of OS X (now MacOS) bundles. You don't download them from a central repository, you download them from the application authors directly.
                    color me wrong here, but this statement is not the whole truth. it paints roses and it doesn't paint dark clouds.

                    snapper at least to my knowledge has no custom repository like functionality for individual developer. while you can download app it self from author, application either has to be distributed trough ubuntu store to receive updates as part of update or feature internal updater. i really wish they would address this as well.

                    Comment

                    Working...
                    X