Originally posted by leech
View Post
Announcement
Collapse
No announcement yet.
Canonical Continues Snap'ing Up Linux Gaming For Ubuntu
Collapse
X
-
Originally posted by user1 View PostMint isn't inferior to Ubuntu. If you really dislike Mint, please explain why. But don't give me that "they mix Ubuntu and their own Debian packages" or other ideological nonsense.
Originally posted by user1 View PostUbuntu shipping on popular laptop OEMs was already the case long before Snaps existed.
Originally posted by user1 View PostTrue, Appimages aren't really used widely, but Flatpaks? Go to the Flathub website and see the amount of apps there before writing utter nonsense like this. Also, if Flatpak aren't publicly used by anyone notable, then how did Valve choose it as the main app distribution method on the Steam Deck. Again, you're wrong here.
Originally posted by user1 View PostSo you say Snaps just work right? give me an ffing break. Go ask some people from Belgium who tried the Firefox Snap. Every citizen in Belgium has to use some financial system that works in the web browser. I've seen numerous reports that this system doesn't work in Firefox Snap. How's that for "apps just work".
Every piece of software has some edge-cases; Flatpak and AppImage certainly aren't free of them, or they would be the standard.
Originally posted by user1 View PostYou really sound like a Canonical fanboy without giving comprehensive arguments and spewing utter nonsense.
I've used the Steam Snap for about a week for a few games no problem. Real-world I notice no difference between the Steam Snap and a package install, but I like how Snaps install in-general. Basically, future Steam installs for me on Ubuntu will be with the Snap. On Fedora I need RPM Fusion for other things anyway, so installing Steam from that is easy.
Some Snaps and the entire infrastructure being in-place on fresh Ubuntu installs makes it make sense to try out Snaps; I particularly liked that Moonlight was also there. I haven't had to use a Flatpak on Fedora or openSUSE yet, and would have to figure out how to even enable Flatpaks and/or the Flathub repo? which is probably easy, but there's less motivation since I can get everything from RPM Fusion, Copr, or occasionally direct AppImage files.
Comment
-
Originally posted by Espionage724 View PostSnaps "just work" for most people. It's possible nobody in Belgium has beta-tested a Snap of Firefox prior to it being switched, and that the issue affects a small amount of people. Is there a bug report about this that goes into more detail?The eID software is a plug-in module that can be loaded by third-party software and which, using the PKCS#11 standard, can offer extra functionality to this software.
The eID software is a plug-in module that can be loaded by third-party software and which, using the PKCS#11 standard, can offer extra functionality to this software.
Snap and Flatpak are two implementations with a similar idea: limiting system access for a given software package to only the software itself and certain authorised exceptions (e.g., writing data to the "Downloads" folder without allowing reading as well). As such, in the event of a security issue in the software installed via snap or Flatpak, malicious actors on the Internet cannot access your system and your private files are safe.
For this setup to work, the person compiling the snap or Flatpak package of your web browser (Firefox or Google Chrome) must explicitly list which files can be opened (either directly or after user confirmation). Currently, both technologies do not yet allow PKCS#11 modules (such as the eID software) to be loaded. As such, using the eID with a web browser installed via snap or Flatpak is unfortunately not possible.
The browser makers and distro administrators are currently looking at a number of possible solutions to still allow the use of pkcs#11 modules via snap (such as the eID software). For more information, you can follow the following discussions:- Ubuntu: https://forum.snapcraft.io/t/native-...er-snaps/26849
- Native messaging: https://bugzilla.mozilla.org/show_bug.cgi?id=1661935
- PKCS11: https://bugzilla.mozilla.org/show_bug.cgi?id=1734371
Note that from Ubuntu 21.10 on, all browsers supplied with Ubuntu (Firefox and Chromium) are distributed via snap, and are therefore susceptible to this problem.
Honestly, it reminds me of how I run a separate Firefox profile (though still using the same Flatpak firefox) to work around how my "force window.open and target="..." to open in the same tab unless I middle-click the latter" and possibly also one or two of my anti-tracking tweaks break PayPal's newer popup-based checkout flow.
Comment
-
Poke poke. Unapproved.
...but to continue the thought in the unapproved post, it is specific to how the Belgian government's PKCS#11 module for their USB auth token system interfaces with the browser. I use U2F/WebAuthn as my second factor for things like GitHub and Google and it Just Works™ for me in both the Firefox and Ungoogled Chromium flatpaks.
Given my success at using flatpak override --filesystem=… --env=… to overlay gtk3-nocsd's LD_PRELOAD and chromedriver and geckodriver into flatpaks (because I didn't know what part of my tightening of sandbox permissions broke the official instructions for getting the WebDriver shim to talk to the browser from the outside), I am curious if anyone's felt bold enough to experiment with getting eID working in an unsupported configuration by doing that.Last edited by ssokolow; 29 September 2022, 02:23 AM.
Comment
Comment