this post was submitted on 04 Mar 2024
204 points (100.0% liked)

Linux

1259 readers
26 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

Appimages totally suck, because many developers think they were a real packaging format and support them exclusively.

Their use case is tiny, and in 99% of cases Flatpak is just better.

I could not find a single post or article about all the problems they have, so I wrote this.

This is not about shaming open source contributors. But Appimages are obviously broken, pretty badly maintained, while organizations/companies like Balena, Nextcloud etc. don't seem to get that.

top 50 comments
sorted by: hot top controversial new old
[–] d3Xt3r@lemmy.nz 100 points 8 months ago* (last edited 8 months ago) (6 children)

I'm a Flatpak user myself, but a lot of those arguments against AppImage are outdated or invalid. Here are my counterpoints:

Usability issues

GearLever solves all the problems mentioned.

Updates

There are AppImages out there that self-update , but GearLever also solves the update issue. And if you don't want to use GearLever, there are other updaters like AppImageUpdate.

The lack of repositories
Appimages don't even have a central place where you can find them, not to mention download them.

This is blatantly wrong - AppImageHub exists for this very reason. There are also GUI frontends like AppImagePool which makes it easy to discover/download/install them.

Lack of Sandboxing

That is a fair point, however, AppImage never claimed to be a sandboxing solution, and for some use-cases this can even be seen as an advantage (any Flatpak user would've at some point run into annoying sandboxing limitations - such as password manager and browser integration, or themeing woes). But there are other sandboxing options out there, such as using containers, and IMO, using a proper container is a better option for sandboxing. Or even better, use a VM if you're actually running an untrusted app.

Random location
[..] A necessary step would be mounting the entire /home non-executable. This is no problem for system apps, or Flatpaks, but where do you put Appimages now?

There would need to be a standard directory to put such files in, which is normally the PATH. But this is also the easiest attack goal for malware, so PATH would be non-executable as well.

I completely disagree with making the entirety of /home as non-executable, when $HOME/.local/bin is recommended by the XDG standard as a place to store executables. As long as $HOME/.local/bin is in the XDG spec, I'll continue storing my executables there. If you disagree, go argue with the XDG guys.

Duplicated libraries

This is a fair point but "they include all the libraries they need" is the entire point of AppImage - so mentioning this is pointless.

If users would really install every Software as Appimages, they would waste insane amounts of storage space.

Then it's a good thing that they don't right? What's the point of making hypothetical arguments? Also, this is 2024, storage is cheap and dedicating space for your applications isn't really a big deal for most folks. And if storage space is really a that much of a concern, then you wouldn't be using Flatpak either - so this argument is moot and only really valid for a hypothetical / rare use-cases where storage is a premium. And again, in such a use case, that user wouldn't be using Flatpaks either.


Finally, some distros like Bazzite already have the above integrations built-in (GearLever/AppImagePool), so you don't even need to do anything special to get AppImages integrated nicely in your system, and there's nothing stopping other distros adding these packages as optional dependencies - but it's kinda moot at this point I guess since Flatpak has already won the war.

Personally, I'm pro-choice. If AppImage doesn't work for you, then don't use it, as simple as that. Stop dictating user choice. If AppImage is really as bad as you claim, then it'll die a natural death and you don't have to worry about it. What you really need to worry about is Snap, which has the backing of Canonical, and some dev houses new to the Linux ecosystem seem to think packing stuff as Snap is an acceptable solution...

[–] jjlinux@lemmy.ml 22 points 8 months ago

This is how you bring your thoughts to the table. Awesome information that I certainly did not have. Thanks man.

[–] Kusimulkku@lemm.ee 15 points 8 months ago* (last edited 8 months ago)

GearLever

Download from Flathub

Hehe.

Duplicated libraries

This is a fair point but "they include all the libraries they need" is the entire point of AppImage - so mentioning this is pointless.

"Bloat" is one big topic around these newer packaging formats so definitely not a pointless thing to bring up imo. I don't think it should be as big of a topic as it is (the actual issue here is fairly minor imo) but it is definitely talked about.

And flatpak (and snap I think) have much better tools to mitigate the space use issues.

[–] Pantherina@feddit.de 11 points 8 months ago

GearLever](https://github.com/mijorus/gearlever) solves all the problems mentioned.

Sceptical but I will try it for sure.

It makes appimages less worse than Flatpaks though, so its only "badness reduction" for me.

There are AppImages out there that self-update , but GearLever also solves the update issue. And if you don't want to use GearLever, there are other updaters like AppImageUpdate.

The first is what I mentioned, such updates can be perfectly done by a central package manager. Did you ever try to seal off a Windows install using Portmaster, where every installed app needed network access for their individual update services? Just no...

Ans to the repos, yeah maybe, havent looked if they are as secure as a linux repo. But the concept of "it is acceptable to download software from random websites" allows for malware to fit in there. Only if you will never find a .flatpak file it is possible to be sure its malware.

But there are other sandboxing options out there, such as using containers, and IMO, using a proper container is a better option for sandboxing. Or even better, use a VM if you're actually running an untrusted app.

All worse than bubblewrap. Containers are either manual af (like with bubblejail) or if you refer to Distrobox/Toolbox, unconfined by default. They have no portal integration and no GUI configuration apps. So it may work somehow but probably worse, more resource heavy and there simply already is something better.

Same for VMs. Keep an eye on Kata containers, but this is about least privilege, not some QubesOS system that will not run in a tablet, for example. Android uses containers, is damn secure, and runs on phones.

[non executable stuff]

This is about protecting against malware. Linux Desktops are built on a different logic. Any unconfined software can download a binary to localbin, copy a random desktop entry from usrshareapps to your local folder, edit the exec line and add that binary to it.

Or just manipulate your .bashrc, change the sudo command to read input, save to file, pipe input to sudo. Tadaa, sudo password stolen.

That concept of "users can change their home but not the system" is poorly pretty flawed. So any directory that is writable without any priveges is insecure, if you dont trust every single piece of software you run.

Agree that Snaps are a problem. Its only really problematic when repackaging is illegal though, of course annoying but the Spotify flatpak is a repackaged snap. Same as with appimages.

I should write the same about snaps, but I feel they are covered WAY better.

[–] Takios@feddit.de 7 points 8 months ago

(any Flatpak user would’ve at some point run into annoying sandboxing limitations - such as password manager and browser integration, or themeing woes)

While I overall do prefer Flatpak over AppImage these days, the sandboxing has indeed been giving me more trouble than I think it is worth so far.

load more comments (2 replies)
[–] avidamoeba@lemmy.ca 38 points 8 months ago* (last edited 8 months ago) (7 children)

AppImage is great at what it does - provide an ultra-low effort packaging solution for ad-hoc app distribution that enables a developer who won't spend the time to do rpm/deb/flatpak packaging. There are obvious problems, security and otherwise, that arise if you try using it for a large software collection. But then again some people use things like Homebrew and pacstall unironically so ...

load more comments (7 replies)
[–] drwankingstein@lemmy.dbzer0.com 25 points 8 months ago (2 children)

oh boy here we go I strongly disagree with this article

While complex .tar archives (like firefox) may seem messy, they integrate many different things. An installer script takes care of placing a .desktop entry, you can have an updater script, a LICENSE, README and more. Those are all missing with Appimages.

.tar ARE messy, sometimes they don't work right, dep conflicts, etc. An installer script can be shipped with an appimage anyways. Moot point IMO

Apps installed with the system package manager get their .desktop Entry in /usr/share/applications, installed Flatpaks get their entry linked to ~/.local/share/flatpak/exports/share/applications/, user overrides and other installs can be put in ~/.local/share/applications/.

Appimages have no desktop entry, so they have (currently) no icon on Wayland and they don't appear in your app list. Desktop entries are a standard, used by everytthing but Appimages.

see above

Instead users follow strange habits like placing the files on their desktop, which is a highly discouraged "Windows workflow" (symbolic image) and not even supported on many Desktop Environments, most notably GNOME.

Who discourages it? I personally prefer this myself, lack of desktop icons is a common complain for stuff like GNOME...

This is both a usability and a security issue. Traditional Linux apps, even if they are cross platform, don't have updater services, as package managers are way better at doing that.

I disagree that this is better. A personal issue but I Much prefer when apps can update themselves.

This means, packing as an Appimage either requires to implement an updating service, on a platform that doesn't need that, or to have no updates at all.

Instead users need to follow an RSS feed, get a mail, or manually check for updates, which is horrible UX. Then how do they update?

Is this really a massive issue? There have been appimage stores in the past. Self updating appimages really isn't that hard either. If this was a massive issue, you could do something like obtanium for android which could easily automate the process.

Appimages don't even have a central place where you can find them, not to mention download them. This is extremely insecure. Modern Application stores and every well made Linux repository uses cryptographic (mostly gpg) verification, which secures the authenticity of the software. You can be sure you downloaded the real package.

I'd argue it makes little difference. But yes, Downloading things from the internet is more unsafe then downloading from a repo or a "curated" service. So we can grant one here.

There is no updating mechanism. On Android you may also update by downloading .apk files, but once installed, the .apk needs to be signed with the same key, otherwise updates are blocked. With Appimages... you just delete the old .appimage file, download the new one, change the name to remove the version and hope your .desktop entry didn't break.

This is how you get malware.

the risks seem blown out of proportion here. As long as you are downloading from the same place, the risks are significantly smaller in reality, not gone, but smaller.

They are not well maintained

There is a well known "bug" on modern Ubuntu, where Appimages lost their "works on every Linux Distro", because they are built for the outdated libfuse2, while Ubuntu now uses libfuse3. The fix is to install the outdated version of libfuse (!), and this is still not fixed.

An application format, that is incompatible with the latest version of its core dependency, is broken.

This is a very minor issue, i've had way more issues with traditional repo packages then I have had with appimages.

Lack of Sandboxing ...

I find this to be a benefit myself, I have had countless headaches with flatpak applications and their sandboxing. everything from devices not being recognized, weird storage issues and more.

Random location ...

Another moot issue. $HOME/.local/bin is an XDG standard, so unless we pretend that XDG standards aren't "one of the major standards" this is just wrong. https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html

Duplicated libraries

Appimages bloat the system. They include all the libraries they need, and unlike system packages or Flatpaks, they don't share a single libary. If users would really install every Software as Appimages, they would waste insane amounts of storage space.

This also completely discourages efficient and up to date packaging, and the attached risk of outdates libraries is hidden away in that .appimage archive.

and? When you need only a couple appimage files, space I find is smaller then flatpak, it only becomes when you need a lot of applications.

Appimages are not needed Flatpak solved many Linux desktop issues at once ...

None of these provide reasons as to why appimages aren't needed. Appimages still offer a lot, for one I can just download and run it I don't need to worry about installing and uninstalling application when I just want to try it, I don't need to muck about trying to get an app into flathub or starting my own repo, when a user has a problem, I can just tell them to run the new appimage instead of trying to get them to compile it.

Appimages also let me do fine grained control over the dependencies. No unexpected runtime updates, I can compile the deps with flags/features I want to support, and disable flags/features I don't want to support, Users don't need to download a stupid appstore or use CLI (not a single appstore i've used to date isn't hot garbage, I hope cosmic-store will be different).

[–] GenderNeutralBro@lemmy.sdf.org 9 points 8 months ago

I agree with much of this. However, regardless of which platform you're on. it's best to follow the design patterns of that platform.

Putting binaries on your desktop is not in keeping with Linux design patterns, nor are self-updating apps. I think those are fair points.

Having dozens of apps all using their own update mechanism introduces unnecessary complexity, which can be exploited. This has been a problem on Mac and Windows over the years. On Mac, for example, a common solution to this is the Sparkle framework, which devs can use in their app to manage self-updating; but Sparkle itself has been exploited, so then you have apps out there running god-knows-what-version of Sparkle in their bundles, leaving users vulnerable with no good way to identify or remediate it. This is why I typically disable any self-updating feature in any apps I use.

[–] Pantherina@feddit.de 3 points 8 months ago* (last edited 8 months ago)

Dont know where user installed tar archives (with statically linked binaries or including deps) would have dep conflicts, maybe if they are not statically linked.

The self updating stuff and desktop icons is personal opinion and not the common way on Desktop Linux, so I skip that.

you could do something like obtanium for android which could easily automate the process.

That is called a package manager, with a repo, with gpg signing etc. On Android (which I mentioned) updates are secure. Let alone the point that appimages are not updated in a regular way, they are just replaced.

I'd argue it makes little difference. But yes, Downloading things from the internet is more unsafe

No the difference is huge. If you are used to downloading software from websites, a faked website can easily lead to downloaded malware. Flathub can be added with a click and flatpak is included in distros, which means no hunting on the internet and no accidental clicks.

And as I said, until nobody downloads .flatpak packages online, and there may be an occasion where this is normal behavior, people will believe malware links are legit.

the risks seem blown out of proportion here. As long as you are downloading from the same place, the risks are significantly smaller in reality, not gone, but smaller.

Appimages are distributed everywhere, just as .exe files for Windows. This means they are favored by developers used to Windows and Mac, and those will not add them to a repo instead.

So a faked website of whatever etcher or something is easy.

The fact that Linux malware is not a thing, while Appimages clearly give the headstart for that, is a miracle.

I find this to be a benefit myself, I have had countless headaches with flatpak applications and their sandboxing. everything

Flatpaks are not secure because their sandboxes are weakened to not have such issues. This is due to apps not following secure standards, and until that is fixed they are insecure or broken or both. (Apps need to write configs in the container, they should use portals etc.)

I maintain a list of flatpak apps following modern standards, which is a small portion but getting better.

Linux is only somewhat secure because everything is FOSS and comes from repos.

This is broken by appimages, that can easily distribute malware and thus fix the "my malware is not running on that distro" issue.

Every software that can write to your .bashrc can easily catch your sudo password.

Another moot issue. $HOME/.local/bin is an XDG standard, so unless we pretend that XDG standards aren't "one of the major standards" this is just wrong.

Yes linux experts would put them there. As mentioned in that text malware would also install itself there, so on secure systems this should be only writable by root/ some elevated group privilege.

But apart from that users put them on the desktop, or in some random folder, I mean that dir is hidden for a reason.

Or put it in that PATH and then link to the desktop, resulting in a broken link when you remove the app.

When you need only a couple appimage files, space I find is smaller then flatpak, it only becomes when you need a lot of applications.

If something is not scaleable its not a good concept. The fact that you will only install a couple of appimage apps is enough proof.

On modern atomic distros users can rely purely on flatpak.

Btw see the linked dedup checker. You may download more dependencies but they are linked between each other and not actually take up so much space.

I don't need to worry about installing and uninstalling application when I just want to try it

We need to overthink those habits. You dont just "try an app", you run unsandboxed code from an unverified origin. As mentioned above, this could be totally fine, and also add a function to your bashrc that catches your sudo password (the next time you use it) and sends it to a server.

The secure way to do that is completely unpractical.

  1. Get a GPG app or use the cli, create a personal key. Secure the access permissions, as gpg always complains on Fedora for example.
  2. Hunt the internet for the gpg key of the dev
  3. Look for at least another source of that key like GrapheneOS does it
  4. Compare those keys hashes using cli or some app
  5. When correct, load the key into gpg/kleopatra/kgpg
  6. Verify the key with your internal key (yeah gpg is overcomplicated)
  7. Download the appimage, and a signed hash (most of the time its done like that)
  8. Verify the signed hash
  9. Sandbox the appimage using bubblejail (doesnt work) or firejail (no idea if it works, and its insecure)
  10. Repeat on every damn update (if it doesnt have a builtin updater)

This is unusable. And repositories do this automatically without anything you need to do. For sure you could "extra check the website" and say "

Also app data will be everywhere, often in its traditional location, while there is no package manager at all to delete them. Flatpaks store all their stuff (when devs care and not just ignore that, cough Cryptomator) in their container and data can be easily removed during uninstallation, GUI stores show a popup to delete data and I also made a small script to do that.

And that "try it out" app will either have no desktop entry or that entry needs to be manually and will be still there after uninstalling.

I don't need to muck about trying to get an app into flathub or starting my own repo, when a user has a problem, I can just tell them to run the new appimage instead of trying to get them to compile it.

This may be a reason, but this is only for testing then. But for sure, when its a small project, getting it on Flathub may be much efford.

I can imagine the developer experience is easiser. Flatpaks are simply very "defined" and need all that metadata and more to be complete. But needing to use available runtimes is a good thing mostly, its basically supporting a specific distro.

Flatpak through CLI is fine (I would like to have a standalone small store just for flatpak), Discover is nice too. The Linux Mint store also seemed fine but not much experience. (Linux Mint has some Wayland support now, so there is a secureblue Cinnamon spin, have to try that). The Cosmic store is just a stub currently, lets see!

Cheers!

[–] Luci@lemmy.ca 23 points 8 months ago (1 children)

Odd, this random github rant didn't seem to sway my opinion.

To hell with user choice, only flatpak

[–] OmnipotentEntity 18 points 8 months ago (1 children)

I'm not going to weigh in on the specifics of Flatpak vs AppImage, because I don't know enough about the particulars.

However, I think the "user choice" argument is often deployed in situations where it probably shouldn't be.

For instance, in this case, it's not the user's choice at all, but a developer's choice, as a normal user would not be packaging their own software. They would be merely downloading one of a number of options of precompiled packages. And this is the thrust of the argument. If we take the GitHub rant at face value, some developers seem to be distributing software using AppImage, to the exclusion of other options. And then listing ways in which this is problematic.

I, for one, would be rather annoyed if my only option were either AppImage or Flatpak, as I typically prefer use software packaged for my package manager. That is user choice, give me the option to package it myself; hopefully it's already been done for me.

There are some good things to be said about trust and verification, and I'm generally receptive to those arguments way more than "user choice."

load more comments (1 replies)
[–] onlooker@lemmy.ml 20 points 8 months ago (3 children)

Counterpoint: I don't like having more than one package manager on my system, which means things like Flatpaks and Snaps are out. With AppImages, I just double-click on the executable and off it goes.

[–] Pantherina@feddit.de 4 points 8 months ago

So you prefer to not have any updates or secure verification, because you dont want a second package manager?

Dude you are the second package manager, and if you dont follow the whole gpg verification process I described in another comment, that is less secure.

[–] dino@discuss.tchncs.de 4 points 8 months ago

Most shortsighted answer of the day. Great now you have this outdated executable on your system and you mabye are not even sure this was installed through appimage, because how should you know when your launcher is not telling you anything? golfclap

load more comments (1 replies)
[–] darkphotonstudio 20 points 8 months ago (5 children)

Oh look, another Linux user whining about a binary distribution method they don't like. If you don't like Appimages, don't use them.

[–] Pantherina@feddit.de 16 points 8 months ago

Developers of often proprietary software think its a good format and only support that. This is a problem

[–] VinesNFluff@pawb.social 7 points 8 months ago (2 children)

On the one hand I am entirely sick of how people will keep wasting keystrokes on this kind of discourse when the whole point of Linux is that you can choose which one you like best.

On the other, someone on a different community said it best: "Hey, if Linux users didn't fight about what thing they want to make standard, what ELSE would we meme about?"

[–] darkphotonstudio 5 points 8 months ago (2 children)

How Windows is shit? How Manjaro didn't renew their web certificate that time years ago? Whether or not it's Gnu/Linux or just Linux? There are so many "issues" to obsess over!

load more comments (2 replies)
load more comments (1 replies)
[–] ian@feddit.uk 3 points 8 months ago

As a user, I can't choose, if a dev only releases an appimage. Then it's a real pain or I skip the app.

load more comments (2 replies)
[–] theshatterstone54@feddit.uk 18 points 8 months ago (2 children)

Now I WILL get judged for this but hear me out... AppImages are useful for apps that will not get on Flathub. If you have an app that cannot get on Flathub (like a pirated Minecraft Launcher), you will be thankful developers are using AppImages for them. In this case, they're unlikely to use snaps (alt repos for snap are possible but difficult from what I've heard) and maintaining a flatpak repo just seems like overkill for a single program. So for cases like these, I'm glad to see these packaged as appimages

[–] Pantherina@feddit.de 10 points 8 months ago

Okay fair point. Piracy, illegal content etc. will all get removed from Flathub.

Similar to another comment about archiving software that may get removed

[–] what@discuss.tchncs.de 3 points 8 months ago (1 children)

As far as I know flatpak applications can be distributed as a file without the need for a repository, just like .deb or .rpm files

load more comments (1 replies)
[–] smileyhead@discuss.tchncs.de 17 points 8 months ago (1 children)

AppImage is a nice way to have an app on an USB stick, remote server or for archival. But for normal app usage, why?

[–] Pantherina@feddit.de 3 points 8 months ago (1 children)

I want to find a way to do this with flatpaks too.

A small GUI tool (a statically linked binary lol) that can be placed on that stick

  • copy the flatpak app and runtime stuff to a folder
  • copy the desktop entry over
  • copy app data when chosen

And the same thing to copy it from the stick to a live system. Should work, probably not haha

[–] smileyhead@discuss.tchncs.de 4 points 8 months ago (1 children)

TIP: Flatpak have a build-in way for creating USB, check out the "flatpak --help".

But the point is with Appimage all that have to be installed is FUSE, which is expected to be installed on most installs when you go to a friend or work where Linux is used.

load more comments (1 replies)
[–] Tiuku@sopuli.xyz 14 points 8 months ago (1 children)

The only use case for Appimages
If users want to carry applications around on a thumbdrive, or run on a fully immutable system like TAILS, Appimages may be needed. But this is the only target, and it is not a standard use case.

I guess I agree. This is precisely the case where I have ever used them. Namely to have a portable executable of my password manager on a stick together with a backup of the password database.

I had no idea they were being used elsewhere.

[–] Pantherina@feddit.de 4 points 8 months ago* (last edited 8 months ago)

Nextcloud, Balena Etcher, Lunar Launcher and more are exclusively supporting Appimage, thats the big problem.

[–] thingsiplay 14 points 8 months ago (3 children)

AppImages are great and easy to use and they can be very easily archived. Today I tried to archive a Flatpak package (yuzu) and it was a pain, complicated and gave up in the end. I end up archiving multiple versions of the AppImages and continue using the Appimage for this emulator. Also sometimes Flatpaks do not work correctly, and I (and any other user) have to figure out what settings and configuration, rights and other stuff is needed to setup with Flatseal. Recently I solved the open links issue with Flatpaks, and found out a certain portal was required to be installed. Also sometimes the theming is not correct too.

All in all, I use Flatpak still and AppImages too, each for their own reasons. The lack of repositories and not needing an installation for being functional is not a problem with AppImages, because that's the entire point of it. They can be automatically generated and ready for download, regardless of any repository, directly on Github from the developers. There is even a program, RPCS3 (a ps3 emulator), which can check and update itself and list all changes since last update.

If you download AppImages from shady places, then off course its shady and insecure. Just like installing any software without knowing what you are doing is insecure. So that's not a point against the format itself. The argument "Duplicated libraries" is hilarious, if we speak about AppImages vs Flatpak, because Flatpak has duplicated drivers (especially with Nvidia, I know how bad it is because I had Nvidia cards before) and desktop environment versions, just because certain versions of the application needs it.

I don't understand these evangelism for packaging formats. Flatpak, AppImage, native system packages and other formats have their own uses and are all useful and not bad.

load more comments (3 replies)
[–] h3ndrik@feddit.de 13 points 8 months ago (5 children)

We're also regularly debating Flatpak here. That password managers don't tie into the browser and the desktop themes don't apply. It's also not the best solution and regularly confuses newer users.

[–] Pantherina@feddit.de 6 points 8 months ago (1 children)

That native messaging portal is probably developed somewhere. But for sure, also apps installing themselves "partly" as an extension of another, like Zotero and Libreoffice. This could be done though, okay.

Themes generally just work on KDE at least. At least light/dark themes, which may not really be the fanciest of choices

[–] h3ndrik@feddit.de 5 points 8 months ago (3 children)

I'd be happy if people just cut down on advertising Chrome/Firefox and LibreOffice via Flatpak to new users. They should use the packaged version. That's why we have distributions, to make the whole system a smooth experience and everything tie together.

Flatpak is slowly getting there and I think at least some distros have it preconfigured so the default GTK themes are in place.

Ultimately, I'd like sandboxing to be available natively in Linux, at least for desktop applications. And we can talk about a packaging format that is available to the user, allows pulling software directly from the upstream project, includes libraries and runtimes.

load more comments (3 replies)
load more comments (4 replies)
[–] Atemu@lemmy.ml 12 points 8 months ago (2 children)

I don't get why we didn't just do it macOS style; bundle everything into one directory with a standardised structure and wire up file managers etc. to run the correct executable inside it.

[–] Kazumara@feddit.de 3 points 8 months ago (2 children)

Because the FHS is a more sensible organization of files. Not every user needs to have their own executable for each program, that's a mess.

[–] 2xsaiko@discuss.tchncs.de 9 points 8 months ago

macOS has both, a system wide /Applications and per-user ~/Applications. Not to mention that it doesn’t really matter on a single user system anyway.

load more comments (1 replies)
load more comments (1 replies)
[–] Churbleyimyam@lemm.ee 11 points 8 months ago (1 children)

As a humble linux user of the last year or two my experience has been that anything that is not in the Debian repo is a confusing nuisance. Nobody told me how to get appimages to integrate with my desktop. I had to rummage the internet and learn how. Compare this to a single click in Gnome software or simple command in the terminal for apps in the repo. I also installed flatpak, so I could get programs that weren't available in the repo but nobody told me I would have to install and rummage Flatseal to enable them to work properly, that it would make my backups and restores take 900% longer and would rinse my data when they need updating. It's been annoying enough that I've ended up learning how to install from source as well. Maybe it's cool that I've learned how to do all this new stuff but to be honest I just feel like I've had to do loads of extra head-scratching and unnecessary work. I did it willingly because I've been committed to not being held back from using open source software but I couldn't expect my friends and family to do any of this, so if I do get them onto Linux I can't recommend these programs to them.

Current tier list:

  • Debian repo
  • .deb downloaded from a website!
  • Enjoy using application, go for a bike ride.
  • Make sure I'm free for a couple of hours, install from source.
  • Appimage
  • Do without given application
  • Flatpak
[–] Pantherina@feddit.de 4 points 8 months ago (4 children)

You shouldnt need Flatseal as Flatpaks should have as little restrictions as need to make them work properly.

This is an app problem, on Android all apps start with 0 permissions and many work completely without.

I maintain a list of flatpak apps following modern standards. Those dont just work because their sandbox is full of holes, but because they are adapted to use portals etc.

So Flatseal is used to harden flatpaks, not weaken them, normally.

that it would make my backups and restores take 900% longer and would rinse my data when they need updating.

You mean their storage space? Yes, biggest problem. Not very well solved tbh compared to android where all apps are also sandboxed but they have sizes of 30MB or something.

Flatpaks should be preferred over many other formats though, as they just work, dont touch the system and are more secure, unlike Appimages.

I highly recommend to watch this talk that some commenter mentioned

https://www.youtube.com/watch?v=b4_TXZJw3rU

load more comments (4 replies)
[–] GlenTheFrog@lemmy.ml 8 points 8 months ago

Totally agree with basically every point here. You hit the nail on the head. App images are the .exe's of the Linux world and I don't understand how someone can say they love app images but hate Window's portable exe's. Even Windows doesn't have nearly as many portable executable as they once did. And when they do, most people (even those who prefer app images) prefer an exe with a Windows installer.

Anyways, this is all to point out why I avoid app images if at all possible

[–] eugenia@lemmy.ml 8 points 8 months ago (3 children)

Some of these apps can't work as flatpaks at all, because they require more access to the system, e.g. Davinci Resolve. AppImage allows that. I mean, heck, even Ubuntu runs a virtual filesystem in order to allow its Snap Firefox to access the Dictionary that lives "outside" its sandboxing. So, yes, there are cases where AppImages do serve a purpose. Not most cases, but a lot of cases.

[–] yukijoou@lemmy.blahaj.zone 5 points 8 months ago

because they require more access to the system

afaik, you can allow more system access to flatpaks

Ubuntu runs a virtual filesystem in order to allow its Snap Firefox to access the Dictionary that lives "outside" its sandboxing

i believe flatpak also does that, you can specify some paths from the host to be available to the flatpak

load more comments (2 replies)
[–] BlahajEnjoyer@lemmy.blahaj.zone 7 points 8 months ago (1 children)

I’m not a fan of alternative packaging solutions. Never been. If it’s not in Debian’s repositories then I don’t bother with it. Some would say that’s close minded as not all packaging solutions are bad but when you use a stable distribution like Debian the native packaging solution is a lot easier to maneuver and troubleshoot than flatpaks and the like.

load more comments (1 replies)
[–] MonkderZweite@feddit.ch 5 points 8 months ago (1 children)

Does flatpack finally let me choose an alternative to ~/.var?

load more comments (1 replies)
[–] Jegahan@lemmy.ml 5 points 8 months ago* (last edited 8 months ago) (1 children)

By the way, if you guys are interested here is a talk comparing Appimages Snaps and Flatpaks by Richard Brown, one the devs at Suse, a big contributer to openSuse and the guy who spearheaded the Desktop variante of MicroOS (the immutable openSuse Tumbleweed).

He isn't to keen on appimages either because of a miriad of technical issues.

[–] Pantherina@feddit.de 4 points 8 months ago* (last edited 8 months ago)

youtube.com/watch?v=4WuYGcs0t6I&t=456

For all the Grayjay/Newpipe/Freetube users

Very good video with additional points, will add them

[–] rotopenguin@infosec.pub 4 points 8 months ago (1 children)

It would be nice if there was a way to bundle up a flatpak that was at risk of disappearing

load more comments (1 replies)
[–] corsicanguppy@lemmy.ca 4 points 8 months ago

flatpak?

Frying pan, meet fire.

[–] penquin@lemmy.kde.social 4 points 8 months ago

I don't use app images of flatpaks. I don't like either.

[–] delirious_owl@discuss.online 4 points 8 months ago (1 children)

AppImages can be signed. Flat pak is the lesser option for security

[–] Pantherina@feddit.de 4 points 8 months ago* (last edited 8 months ago)

Explained in a other comment how a pain it is to verify such a signature.

Is that stored in the appimage file?

I find it funny how flatpak neglectors always spell it wrong

load more comments
view more: next ›