- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
A new ‘app store’ is expected to ship as part of Ubuntu 23.10 when it’s released in October — and it’ll debut with a notable change to DEB support.
Tldr: the new store only supports snaps, deb support will come later. OP, please provide summary next time if you link to clickbait articles.
Ok, note taken 👍
Or this time as both title and summary can be edited.
Deb support will come later, but:
If the same piece of software exists in the Ubuntu repository and the snap store the new store will only make it possible to install the snap version.
So the title is on point IMO.
It’s not a click bait per se. Even after deb support they will use only snap for applications that has a snap package and only debs if it hasn’t got any snap package afaik.
BUT, the “new” store is based on a community project which ALREADY supports both deb and snap.
Why is Ubuntu pushing snaps so hard? Is there objectively a benefit to them apart from Flatpak?
It seems like an odd hill to die on.
Canonical is just weird like that, it seems. They tend to pick something and fixate on it really hard (Eg. Unity desktop, Mir, that convergent phone thing, now Snaps) and work on it until it’s almost really good, then they get fixated on the next shiny thing and dump whatever they were doing to go chase that instead.
Sooo they have ADHD and suffer with hyperfixation with the rest of us ADHDers?
Except that this is a corporation so it doesn’t have ADHD.
So a corporation is just run by robots and not humans? Makes perfect sense.
A corporation is operated through a series of set rules, which dictate how it runs. It is structured in a way that is tangible, whereas the structure of the human mind is currently only theorized. I am reluctant to use terms like ADHD to describe corporations because that is prescribing a list of abstracted properties to them which we can definitely see that it doesn’t have internally. Unless the there is a set of unchanging principles that is the list of ADHD symptoms, no, not ADHD.
They’re the Google of Linux.
How so?
They bring their projects about 80% to the point of being good, then let them stall while they focus on the next new thing. Later the project may be suddenly cancelled.
that convergent phone thing
Tbf I think convergence could be the killer feature which pushes mobile Linux into large-scale adoption. Also Purism has its Librem 5 phone as convergent, too. It’s not just Canonical.
The worst page from the Google and Microsoft playbook
Giving up on Unity was a shame
There’s a benefit to Canonical, the corp that maintains Ubuntu, which is that while snaps are open source tech, the server for the snap store is closed source and snap can’t be configured to point at another store.
In other words, it’s about centralized control.
There are some advantages to the tech itself, like live auto-updating, which is good for security-critical server apps, but over all I’m not a fan.
I believe you’re completely right here, except that snapd can be configured to point to another store, though it’s not very well documented… I did find the piece of information once :).
But the thing is that the client still only supports one app backing site at a time. So if you pick another one, you lose visibility to the other store. I doubt even updates work as they should.
So it’s really about building technology that is geared towards centralized control, whereas basically anyone can host flatpak packages and give ref links to them.
I don’t think that the board members are sitting there and pondering how they can exercise more control on the user via snaps.
The auto updating is a nice benefit but it doesn’t seem like a big enough benefit to allocate so many developer man hours into. I would think that Canonical would realize that the developers time is better spent making features the users want.
But what do I know? I’m just someone posting on Lemmy not a Canonical board member haha
Snap provides features that users want. Here, I’m a user and I really appreciate those features. Features that have been improving my life for at least 5 years.
Because they controll snaps. Their backend is proprietary and they do not support any other way of distribution.
Now there are some objective benefits to Snaps compared to Flatpaks, at least so I was told. Apparently they offer significantly better documentation and integrate more tightly with the system, allowing you to do more stuff with them.
This was a while back tho, I don’t know where Flatpak stands today
Canonical also sells private Snaps repos for a shy amount of 30 000$ per year
https://www.nitrokey.com/news/2021/nextbox-why-we-decided-and-against-ubuntu-coreYes, it’s good that they make money with such services. Services like hosting are a great way.
Snaps are used for Ubuntu’s IOT distro, and also for their upcoming immutable desktop. They even ship kernel and mesa as snap, which makes updating less likely to break a system (in case of a crash while updating, user error, …).
That’s why they push snap. Canonical doesn’t mainly aim to make a apps available to all distros like flatpak does. Just like now where all distros need their own packages, snap will coexist with other package formats.
For the user it’s unimportant how apps are installed, as long as they’re available.
It could be like the old RPM vs DEB arguments. Technically, one could have argued at the time that RPM was explicitly singled out in the Linux Standard base.
However, these days, DEB certainly feels more common (although, from my understanding, Redhat/Slack is big in enterprise, so i’m not actually sure which is more common).
Except both RPM and DEB are fully open-source. Flatpak is open-source, Snap is partly proprietary.
I never found out what’s wrong with APT.
APT is best
Aren’t you sorta trusting whoever wrote any package you install with root? I mean, you should have that attitude anyhow as packages have a huge attack surface so privilege escalation bugs are way more common than remote execution but still, flatpak and snap at least offer a bit of a sandbox which might improve…
Depends on your distro and what’s available in the repo. With default repos you’re more trusting the distro developer to vet packages.
I trust debian for that. It’s been a while since I used Ubuntu so I don’t remember how their repos are set up but the debian team is notoriously conservative with their repos.
The track record has been very good as far as i know with thousands of packages over the years so I doubt if there is a real problem to be solved here.
I do wish APT supported installing certain packages locally. Other than that, I’m more likely to use it than Snap/Flatpak/etc
APT is not good at managing dependency hell. This is a common problem for all package managers that don’t typically bundle dependencies. You can get 30000 open source packages from trusted sources having a maintainer working on each to all share the same dependencies for an OS release. That’s what Debian does. However it’s a lot of work and that works increases significantly when you try to do it for a piece of software across OS releases.
Read - it’s difficult for LibreOffice or Mozilla to ship a new version of their software that works on several Debian or Ubuntu releases. It’s also difficult for maintainers to do that.
You could of course include dependencies in debs, but then you’re increasing the security attack surface of the OS, because there’s no sandbox around those bundled dependencies. Bundling dependencies requires sandboxing to be safe. Otherwise whenever there’s a security hole in one library in package X, package X might patch it, but the same library might exist in another 50 packages on the system unpatched.
This is a solved problem. It was done in Android, iOS, BlackBerry 10 and probably others. All OSes that had to deal with more than 30000 packages, open source or proprietary, from trusted or untrusted sources. Bundle non-system dependencies and confine in a sandbox. Snap’s been doing this ever since it was called Click. Flatpak didn’t have the sandbox part for a while if I’m not mistaken. I’m not sure what its current sandbox state is.
There are other issues with APT/deb but managing dependencies without sandboxing is probably the most fundamental one since dependency management is one their fundamental purposes.
Time to change distro.
I’m kinda baffled people would jump ship because of this matter
Snaps have been a thing for 7 years and before that Canonical did similar really weird things (Amazon shopping lense a decade ago anyone?)anyone who really cares already uses something else
the first thing I did with Ubuntu is uninstall all snaps and stores. it was an option, soon it wont be.
It’s just because I’m a newbie – having been using Linux for one year, and started with Ubuntu simply because that was shipped ready with my laptop. I haven’t found the time to try any other distro yet, because of work & lack of time.
Indeed I remember I was thinking about moving to Linux years ago, exactly when the Amazon-Ubuntu craziness happened, so I thought “some other time”.
Regarding snap & flatpak: I simply don’t like the redundancy philosophy behind them.
If it works, don’t switch distros. There’s always an OS which does sth. better.
That’s also true! Sometimes out of curiosity I might explore with "live cd"s rather than really reinstalling a distro.
Trying sth new is never a bad idea. From live cd’s, over vm’s or distrobox containers, it makes you more comfortable in switching between environments.
Thanks for the tip!
Honestly for new/average users, those who tend to use Ubuntu, I always would recommend Manjaro. Since I use arch btw myself I have a bias but using pacman, being rolling release, and having access to the AUR (+ Flatpaks) set Manjaro apart from other distros for average users.
But frankly I never understood why Debian itself is considered an “intermediate” distro since it’s no harder than Ubuntu to use IMO.
Debian is more bare bones then Ubuntu, that’s why. Ubuntu comes with a lot of packages already installed by default. In Debian you have to install a lot of that stuff manually. You might also have to edit some configs for example. It’s not that hard, but maybe a little too much for a beginner.
I upgraded Debian to 12 last night, which required manually updating the source.list for the apt repos for example. It’s been a while but I’m pretty sure Ubuntu gives you a UI for upgrades? Upgrading Debian was simple for a techie who’s played around in Linux already, but it could be more intimidating for a newbie.
Classic canonical move: Take community software, force snaps into it and then ship it.
Yep, I can not understand why Canonical keep pushing snaps on desktop
Because maintaining snaps is a lot less work for whoever maintains the package, upstream developers, volunteers, or Canonical. If I’m shipping software for Ubuntu and I can use snap, I sure as hell will use it instead of deb.
Flatpaks are so much better than snaps. There’s nothing that Snaps can do that Flatpaks can’t do better, aside from CLI tools. But CLI tools should just be in Docker anyways.
Flatpak is mainly for packaging desktop apps, whilst snap can update the entire distro (kernel, mesa, system apps, cli). Snap does things Fedora needs rpm-ostree for.
In my opinion docker isn’t as useful for cli tools. I need easy access to many little tools, and this results in me having one container with everything. But that doesn’t work well with network capture etc. In the end being able to install packages system wide quickly is really useful.
Exactly. Docker is very much not an appropriate tool for “CLI apps.”
I use it for pandadoc CLI all the time, it’s great.
You could do it of course but it’s far from ideal for the purpose of a general case CLI. Unless your script yourself a wrapper, the invocation is fairly verbose. It also leaves containers behind unless you specifically pass
--rm
which isn’t default. Then there’s the intricacies of the different ways of passing data to it. Oh and let’s not forget that unless you setup rootless Docker, or you do something dangerous like adding yourself to thedocker
group, you have to always invoke withsudo
. Therefore I wouldn’t say that Docker is an appropriate tool for CLI apps in general. For dependency-bundled CLI apps, Snap doesn’t have these gotchas and is therefore much closer to ideal CLI UX.
This is so patently false. 🥲 All of it.
Because they something to lock you in to Ubuntu. They want Ubuntu to be the only thing that uses snaps. They want to get snaps to be an Ubuntu exclusive feature, and once they can start convincing some random closed source devs to ship in only the snap format they have a hook to keep you on Ubuntu. And they want those random random closed source devs to be focused on more of the corporate world so they can sell some support licenses.
Snap is easily available on other distros as well. If anything, they want to lock you into their proprietary store.
because they won’t need to maintain it, they won’t even need to maintain the dependencies, some guy online will maintain the package and it’s dependency for them, whether it’s updated or not, it’s going to launch, that’s the whole point of those style of packaging
do they get funding from hardware vendors? snaps use a lot more resources
‘Classic canonical corporate move’…there I fixed it for you.
The Fedora software app has been promoting flatpaks over native packages, even not displaying that native packages are available even if they are, requiring the command line tool to access some native packages. So I don’t see how this is fundamentally different.
The fundamental difference is that flatpak is a good system, adopted by many distributions.
Snap sucks and only Ubuntu uses it.
They’ll do like their Unity UI, wait many years until they realize their mistake then drop it.
I hate that they also SEO’d the hell out of major search engines to show snap setup and installation instructions when anyone searches for installing a package. E.g. “arch install firefox” leads to https://snapcraft.io/install/firefox/arch which is downright dishonest marketing.
On google it’s the 4th result for me even in private mode which seems pretty reasonable. The first result is the firefox archwiki page.
I beg to differ. I think it’s very harmful.
- There as absolutely no reason for anyone in Arch to use snap to install something mainstream like Firefox. Same goes for other OS’s like Fedora etc. (which are all mined in similar way, just change it to /fedora for instance).
- The page presents itself as if it’s the only choice, and can easily scam someone who’s just getting into Linux into installing snap. I think it’s designed for that purpose. Arch links to the package, but not step by step guide (which is on Arch), but this can easily lure people into installing snap and being none the wiser the it’s not the default package manager for their distro.
- It’s 4th for Firefox, but I’ve seen it as the top result for some other packages. Probably Google caught up, or probably for packages not mainstream as Firefox it still shows snap as number one result.
IIRC Flatpack is also FOSS whereas the Snap server software is proprietary
Snap is foss on the client end etc iirc. but the server that serves up content is proprietary.
The big difference is that Snap is partially proprietary. For those who like Linux for its free and open-source nature and all the benefits that confers, this is an unfortunate evolution that has a negative impact on the Linux ecosystem.
And snap has other issues, such as it’s very badly implemented. No sane person wants to see 100s of lop devices mounted on lsblk all the time.
Maybe I need to reconsider Pop OS. Last time I tried they shipped with a broken kernel, but that’s probably fixed now.
If stability is a concern, Mint has been great for me
I frequently try new distros and always go back to Mint/Debian.
I’ve been using Mint with Cinnamon for quite some time on my home PC. I wanted to try something different on my notebook.
Fair enough
Ubuntu is getting on my last nerve. At this point I’m going Debian on everything except Thinkpad, but only because it’s Nvidia based and Pop!_OS just works on it.
All the servers I’ve spun up in the past few years have been Debian instead of my usual Ubuntu.
The last straw was kinda when I learned that installing docker via the install menu gives you the snap version instead of the normal one, with no indication that this is the case.
I’ve got a p50 ThinkPad with an Nvidia GPU, NixOS is the only distro I’ve found that’s worked properly out of the gate
nixos so kino
Yeah, nah, that’s a dealbreaker for me. I’m back to LMDE when this happens.
I don’t mind having snaps available but I’d avoid using them whenever possible. They’re larger than necessary, slower than necessary, and I trust software checked by its original devs plus distro maintainers more than software checked by the devs alone.
More reasons not to use Ubuntu 😁
PopOS ftw
PopOs is based on Ubuntu
PopOs is based
on Ubuntu
Isn’t this gonna hurt pop?
Honestly not sure why it matters, provided the store is full. Both are similar to end users
Agreed. I would have like Ubuntu to come with flatpak, but snap exists for longer than flatpak and has additional use cases. Snap allows to do app packaging and even the rest of the system. Fedora uses rpm-ostree + flatpak instead.
Looks like Ubuntu will be going the way of Reddit
deleted by creator
I’ve been using more and more flatpaks lately on arch and fedora based distros, i have no idea how snaps compare but seems similar? Seems an odd push from Ubuntu, but could make more sense than deb packages for non techy users perhaps?
A big issue for me with snap is, that the server side software is proprietary. So it really really does feel like they are trying for lock-in
The server side is fairly trivial and has already been prototyped separately.
If it is trivial, why is Canonical keeping it proprietary?
Because it’s extra work to make it open source and few outside of Canonical are interested in contributing. Open sourcing an existing component and maintaining it as such has non-trivial overhead. In that case that work is better spent on other, higher priority items. My guess is that they’ve gauged that the cloud end being open source won’t move the needle on who uses Snap and Ubuntu so they’ve deemed it low priority. Personally I’m using Debian and Ubuntu and therefore Canonical has root on some of my systems. Given I can implement a cloud end for Snap, it bares very little importance to me that today the cloud end isn’t open source since it’s run by the folks that have root on my system anyways as well as supply all other packages on my Ubuntu systems. In fact we don’t even know what the cloud end for the apt repos is. It could easily be Sonatype Nexus. For me the important bit is the client and installer side of Snap since I can’t implement that in a relatively small amount of time. :)
Ubuntu / Canonical were working on Snap for some years when Flatpak came on the scene. They’ve been shipping Ubuntu bits using it since 2016. In addition to the legacy, Snap is more versatile than Flatpak in that it can be used to package pretty much anything, including system bits. It’s also had a secure sandbox from the start. Changing to Flatpak would be a functionality downgrade for Canonical and Ununtu maintainers using Snap. In addition Flatpak can be used along with Snap on Ubuntu so there’s no need to not use both for whoever finds that useful. Snap lets Ubuntu ship software using less work, which means more up-to-date bits in Ubuntu. Users can install other software via Snap or Flatpak, whichever they find more useful.
Snap is very similar just not portable to most other distros. It makes a lot of sense both for users and for vendor lock-in.
Snap is portable to other distros, look at the official website and you see a list of distros, you can use snap on. That doesn’t mean that there is no vendor lock-in, just a different kind. Snap as a format grew out of Cannonicals effort in the mobile field. Snaps where supposed to be the truly convergent successor to click, the packaging format used by Ubuntu Touch. And this history is baked into its DNA. It’s right there on the snapcraft website: “The app store for Linux”. As such Cannonical has always courted proprietary software and/or software by big companies (VS Code was first released as a snap for a reason). I think that they have always have had an eye on one day adding app payments and the sweet, sweet 30% cut they can take from every sale
The sandbox requires apparmor, so doesn’t work on anything else by default except OpenSUSE I think.
Solus and Manjaro are shipping Snap installed by default and I’ve never had a problem installing snapd on fedora. All I ever had to do for that was run a single standard dnf install. Apparmor doesn’t pose the problem you think it does
Running software unsandboxed is breaking most of the value of snap. Not only is it insecure many of the portability promises are actually broken and it can load incorrect libraries, etc.
Fedora deleted snap from its repos years ago then it returned. It is a broken mess.
Canonicals response has been: We don’t care, fix it yourself.
It is an awful non-portable solution when a real portable solution exists.
In my experience, performance of snap apps is just abhorrent. The consume a huge amount of disk space and, whether it’s due to that or not, they have extremely long load times.
Principles aside, this just makes them unusable for me. I use flatpak when there’s no other option, but strive to use deb either natively or through PPA.
This is why im on the hunt for a new distro. Looking at pop and fedora right now. Kinda prefer deb cause thats been my env for 15 yrs
Debian is right there then.
Can I get debian with latest kde? Like stable debian but rolling DE like kde neon?
Debian 12 shipped with the latest kde plasma version, but the distro is designed to be stable, with a capital S. The packages will not update until the version does.
Flatpaks are a great way to get modern software on a stable OS like debian. If neon has a flatpak version, it would be a good answer.
stable
is not the only debian release.
You could check backports.
I don’t usually need the absolute latest so I’m fine waiting for stuff to reach testing.
Siduction is rolling Debian with more updated KDE stuff.
Sounds like you’re introducing me to some 2 girls 1 cup type shit, but I’ll look it up. Is it still maintained?
still maintained?
Yup! It’s rolling, but the latest ISO release was in March.
Been using popos on all my computers for the past year and have been happy with it.
I’m thinking pop os or just boring plain debian. This snap shit is just getting too much to bother with.
Agreed. I game alot in linux and ive heard straight debian isnt so hot there
For gaming you should definitely check Garuda Linux.
Flatpaks fix a lot of debains boring.
I would recommend using Linux Mint. It is Ubuntu without Gnome Shell and snaps. They use Flatpak instead. I have been enjoying it ever since I jumped ship from Ubuntu about 2 years ago.
I’d suggest if you want stock and recent Gnome, stick with Fedora.
Pop is building their own DE that they will switch to sometime in 2023. Which also mean they will remain 22.04 till then.
I’m waiting for VanillaOS 2.0 release to see if it is any better.
I’ve heard the latest Debian absolutely slaps; haven’t tried it yet myself though
consider: LMDE
Not only that, LMDE 6 based on Debian 12 shouldn’t be too far off, which should be a substantial upgrade to the base system.
Linux Mint 21.2 is in beta, they previously said LMDE 6 should be about a month after the 21.2 release.
@skillissuer @code Do more than consider! - It’s perfect.
Maybe not cutting edge, exciting or novelty-filled but dependable, and rock solid.compared to straight debian, it is novelty filled lol
I was using EndeavourOS when I ran into the wall that a lot of stuff didn’t have builds on AUR that I needed (and didn’t feel like compiling myself or they didn’t provide source code)
Why do Linux nerds that care about this sort of stuff hate snaps so much?
Is it the concept of snaps / flatpaks that is the issue or snaps specifically because Canonical is behind them?
I know literally nothing about how they work except I installed the VLC snap and it’s fine.
I couldn’t install Parsec (a remote desktop game streaming app) because of a missing dependency (an old version of lib-something codec that wasn’t in my newer version of Ubuntu). I spent like an hour trying to figure out how to take the 18.04 version and add it to 22.10. I don’t know Linux at all so I wasn’t making much progress. Someone, not the developers of Parsec, made a flatpak and it magically worked.
I was afraid that because the flatpak was made by some random guy I couldn’t really trust it. I looked inside the flatpak and it’s seems to be nothing except for the Parsec deb coming straight from the official Parsec URL and that libcodec thing that was causing a problem.
So from my perspective, not knowing the technical details or politics, what’s the problem?
- They kinda suck. They take a long time to launch
- They are in practice proprietary to Ubuntu so they are not really FOSS
- The draw of Ubuntu it is was based on Debian Testing and therefor pretty stable.
- It’s Yet Another Containerization stack. We already have flatpack, app image, chroot jails and more.
Why would a serious user want a psuedo proprietary Nth app containerization platform that sidesteps a serious incubation chain and has poor performance?
The snap store is proprietary, flatpaks handle the graphical app space better, OCI containers handle the service space better, and really high reported load times.
Flatpaks are awesome IMHO.