Hacker News

mattlach · Post by **mattlach** » Wed Feb 13, 2019 6:32 pm

Can someone please comment on why we now have snaps (or flatpak or Appimage) in Linux? Traditional package managers are perfect (especially Apt) They manage all of your installed software and keep it up to date. Sure, Snaps make it easy to install 3rd party software, but I just find this problematic, causing fragmentation, and just all around a bad idea.

I'd love to hear some of your thoughts on this. Maybe I'm wrong? Educate me.

redlined · Post by **redlined** » Wed Feb 13, 2019 8:21 pm

if you use Linux Mint you do not have snaps (unless you installed support for such, it in the parent ubuntu but not Mint) flatpaks offer a separate install space that includes all dependencies (initial flatpaks are huge installs, this tapers down once this separate install space houses the flatpak used dependencies). It offers a modicum of security, bascially building a sandbox environment that while it can be compromised in and of itself, it won't bleed into the same package name installed in system as normal (with attending routes, links, permissions, etc)

So maybe a bit of security :?: added in but primarily a better avenue to get up-to-date packages that have no backports for LM repos available packages, but have a feature desired or needed by user. Usually considered "Safe(r)" than adding ppa or external unknown/unchecked deb's, etc normally checked by OS managers that do get vouchsafed into LM used repos. (we are not a rolling distro so often you may find a very out-dated version of app and flatpak is the way to upgrade and stay in the OS supported zone.

appimages are just cool... but I'm a Linux newb and my windows days were full of finding f/oss, in particular "portable apps", which in effect appimage is. although I don't particularly care for them now (I just compile myself if I need it bad enough) they are useful in being easy to move about and launch from anywhere since they too come packaged with dependencies and really don't install anything to system (also meaning easier to sandbox/isolate?... idk... but I do have a couple I rely on regularly.

To me apt/apt-get and the synaptic package manager are beautiful pieces of work (terminal and gui, respectively). I do consider Software Manager to be a bit cheezy (more like a web browser to install approved packages from) and felt flatpak were nothing but a waste of space- removing the support from system. but on recent installs I've reconsidered and left it in place for use if I find something I want flatpak'd and not good to compile/build on my own, for my self.

anyways, if you run Mint and have not added snap support manually, then today security vulnerability with PoC exploit is of no concern. Hope this helps, and Happy hunting!

ajgringo619 · Post by **ajgringo619** » Wed Feb 13, 2019 8:42 pm

mattlach wrote: ⤴Wed Feb 13, 2019 6:32 pm Can someone please comment on why we now have snaps (or flatpak or Appimage) in Linux?

Because many LTS distros do not have the "latest-and-greatest" that some users want/need.

Traditional package managers are perfect (especially Apt) They manage all of your installed software and keep it up to date.

Agreed.

Sure, Snaps make it easy to install 3rd party software, but I just find this problematic, causing fragmentation, and just all around a bad idea.

There's no fragmentation with Snaps/Flatpak/Appimage - their installs are completely separate from the main OS. It's much safer than installing PPAs, which will upgrade libraries that might break other installed software.

I'd love to hear some of your thoughts on this. Maybe I'm wrong? Educate me.

Each has its place. If you run multiple distros for whatever reason, the alternative package managers will allow you to install the exact same version of a program; good luck trying that with the normal software repos.

redlined · Post by **redlined** » Wed Feb 13, 2019 9:03 pm

wow, yes, +1(x1000) ajgringo619 response.

(well said, and thank you for making that simple to understand- for sure! :mrgreen:

ajgringo619 · Post by **ajgringo619** » Wed Feb 13, 2019 9:07 pm

You're most welcome; thanks for the kind words.

mattlach · Post by **mattlach** » Wed Feb 13, 2019 9:36 pm

redlined wrote: ⤴Wed Feb 13, 2019 8:21 pm if you use Linux Mint you do not have snaps (unless you installed support for such, it in the parent ubuntu but not Mint)

I know, this is why this is in the "Chat About Linux" section, not the "Chat about Linux Mint" section.

My concern is that these universal installers are going to become so popular that those of us who don't want to use them are more or less going to be forced to This always happens. Whatever is more convenient, whether or not it is better always wins mass adoption, and those of us who care, lose out.

ajgringo619 · Post by **ajgringo619** » Wed Feb 13, 2019 9:48 pm

I don't see that happening. There will always be a market for stable-over-latest software, especially for businesses.

Pepi · Post by **Pepi** » Thu Feb 14, 2019 8:46 am

I was in my System Monitor last night and under the file system tab I see this ...

It appears it was done when I added GIMP 2.10 but I'm not sure and I'm not sure if this is even good :oops:

Hoser Rob · Post by **Hoser Rob** » Thu Feb 14, 2019 9:33 am

Lots of misunderstanding here. The point of Snaps etc is NOT to provide newer versions per se, there were plenty of ways to do that already. The point of them is the ridiculous amount of fragmentation in Linux. There are way too many package management systems, no stable APIs, and very little backwards or forwards compatibility. Open source projects are understaffed enough without having those things to deal with. To suggest Linux package managers are perfect is funny coming from someone I suspect has never used any other type. RHEL uses something quite different from Mint, and it's just as influential as Debian or Ubuntu these days. These things are meant to SOLVE fragmentation, they're not an example of it. Obviously a better way would be to solve the issues of little standardization or stablility but I'm not holding my breath for that.

And no one has mentioned what's probably the main real prooblem with snaps etc. besides efficiency. If they use outdated libraries they may not be secure.

cliffcoggin · Post by **cliffcoggin** » Thu Feb 14, 2019 3:37 pm

Hoser Rob wrote: ⤴Thu Feb 14, 2019 9:33 am
And no one has mentioned what's probably the main real prooblem with snaps etc. besides efficiency. If they use outdated libraries they may not be secure.

But does that really matter if the Snaps are "sandboxed", a concept I still don't fully grasp.

Portreve · Post by **Portreve** » Fri Feb 15, 2019 9:51 pm

The only program I have installed by whatever thing it is (App Image? flatpak? Dunno, don't care) is the latest available release of Scribus, 1.5.4, which comes from their "unstable" branch.

I really don't have an opinion on this sort of thing, one way or the other. I would prefer Scribus use repos instead, but they don't, and that's that.

bodhin · Post by **bodhin** » Fri Feb 22, 2019 9:41 pm

hate snaps and the one time i used an os that had them i ahd a few issues and others in the know said stuff that seemed to say they were not as good as nstalling via synaptic. i am fine with synaptic.

smurphos · Post by **smurphos** » Sat Feb 23, 2019 1:54 am

mattlach wrote: ⤴Wed Feb 13, 2019 9:36 pm
redlined wrote: ⤴Wed Feb 13, 2019 8:21 pm if you use Linux Mint you do not have snaps (unless you installed support for such, it in the parent ubuntu but not Mint)
I know, this is why this is in the "Chat About Linux" section, not the "Chat about Linux Mint" section.
My concern is that these universal installers are going to become so popular that those of us who don't want to use them are more or less going to be forced to This always happens. Whatever is more convenient, whether or not it is better always wins mass adoption, and those of us who care, lose out.

Traditional Linux package management systems are a nightmare for developers. So you want your app to have wide availability. You have to have a Debian maintainer, plus an Arch maintainer, plus a RHEL maintainer. Then you have the problem of the non-rolling release distros so you end up with users concurrently using 0-5 years old versions of your app and asking politely or not so politely for support for versions you consigned to the dustbin years ago. Users get frustrated when they are told by an original developer that the version of the app in their supposedly LTS distro is effectively unsupported. If the relevant distro maintainer isn't actually part of the developers team they may make changes to your app in the distro packaged version that you are not entirely happy with and which you as the original developer under many OS licences technically have no say over. It's no wonder a lot of Linux developers can be grumpy. Flatpak (RHEL led), Snap (Canonical led), and Appimage are all ways intended to make life easier for developers in that they are cross-platform self publishing platforms and cut-out the middleman and middle-man interference, and ensure that developers can offer users easy access to the current supported version of their app no matter what the platform. Why should there be an effort to make Linux easier for developers? Basically to make sure that developers develop for Linux.

I understand that Ubuntu is now shipping with some pre-installed snaps and I believe current Fedora ships with all of the major Flatpak runtimes pre-installed so things are changing but I don't see traditional package management systems going anywhere fast.

mattlach · Post by **mattlach** » Mon May 20, 2019 10:15 pm

smurphos wrote: ⤴Sat Feb 23, 2019 1:54 am
mattlach wrote: ⤴Wed Feb 13, 2019 9:36 pm
redlined wrote: ⤴Wed Feb 13, 2019 8:21 pm if you use Linux Mint you do not have snaps (unless you installed support for such, it in the parent ubuntu but not Mint)
I know, this is why this is in the "Chat About Linux" section, not the "Chat about Linux Mint" section.
My concern is that these universal installers are going to become so popular that those of us who don't want to use them are more or less going to be forced to This always happens. Whatever is more convenient, whether or not it is better always wins mass adoption, and those of us who care, lose out.
Traditional Linux package management systems are a nightmare for developers. So you want your app to have wide availability. You have to have a Debian maintainer, plus an Arch maintainer, plus a RHEL maintainer. Then you have the problem of the non-rolling release distros so you end up with users concurrently using 0-5 years old versions of your app and asking politely or not so politely for support for versions you consigned to the dustbin years ago. Users get frustrated when they are told by an original developer that the version of the app in their supposedly LTS distro is effectively unsupported. If the relevant distro maintainer isn't actually part of the developers team they may make changes to your app in the distro packaged version that you are not entirely happy with and which you as the original developer under many OS licences technically have no say over. It's no wonder a lot of Linux developers can be grumpy. Flatpak (RHEL led), Snap (Canonical led), and Appimage are all ways intended to make life easier for developers in that they are cross-platform self publishing platforms and cut-out the middleman and middle-man interference, and ensure that developers can offer users easy access to the current supported version of their app no matter what the platform. Why should there be an effort to make Linux easier for developers? Basically to make sure that developers develop for Linux.
I understand that Ubuntu is now shipping with some pre-installed snaps and I believe current Fedora ships with all of the major Flatpak runtimes pre-installed so things are changing but I don't see traditional package management systems going anywhere fast.

There is no shortage of Linux software bieng developed today. This is apparently not a sufficient detractor. The downsides of moving away from a single unified package manager are MUCH MUCH MUCH worse than the problems it solves. Not to mention the inefficiencies of duplicating static libraries for everything!

These are just a terrible idea, turning Linux into Windows.

mattlach · Post by **mattlach** » Mon May 20, 2019 10:17 pm

I wouldn't think that apt would be going anywhere soon, but if Snaps/Flatpak/Appimage take over, pretty soon we will have no choice but to use them. If a developer can check the box for distribution by just providing one of these, why would they even bother having a PPA? Why would the distribution bother including that software package in their official repos, if users can just get a snap?

It's a downhill slide towards mediocrity, where in the end we will all be forced to use this garbage whether we want to or not

Mage of Maple · Post by **Mage of Maple** » Thu May 23, 2019 11:08 am

mattlach wrote: ⤴Mon May 20, 2019 10:15 pmThere is no shortage of Linux software bieng developed today. This is apparently not a sufficient detractor.

That's a matter of opinion. There are plenty of things that I cannot find applications for that work as well as what is available in Windows.

mattlach wrote: ⤴Mon May 20, 2019 10:15 pmThe downsides of moving away from a single unified package manager are MUCH MUCH MUCH worse than the problems it solves. Not to mention the inefficiencies of duplicating static libraries for everything!

Care to elaborate on that? You opened the post asking what the point was and asking to be educated. I think the responses were pretty on-point. You are unconvinced, fine, but MUCH MUCH MUCH worse is pretty strong language.

mattlach wrote: ⤴Mon May 20, 2019 10:15 pmThese are just a terrible idea, turning Linux into Windows.

This is pure nonsense. Windows does not use virtualized applications for the most part because they don't have the issues that motivate Linux developers to go in this direction. Windows uses DLLs and the APIs for them are very stable. Write a Windows app and it will run happily on new Windows versions for a very long time. Windows XP apps still run. Linux does not have this, hence the container-izing, making it less like Windows, not more like Windows (at least in a technical sense.)

Portreve · Post by **Portreve** » Thu May 23, 2019 12:25 pm

From the first post by the OP, which includes the title of the thread, what I see is a request for the GNU+Linux world to end the containerized application system. Comments since then suggest the OP is not seeking knowledge, but simply seeking to "stir the pot" as it were.

Frankly, I don't care one way or the other about containerized applications. I certainly do not see them as some software distribution conduit-upending threat. Besides, I know from personal experience that containerized apps don't universally work on all distributions; they definitely can and do bork from time to time.

Besides, GNU+Linux-platform software developers aren't stupid. They know the audience they are intending to appeal to are generally security aware and security conscious, and are a lot less likely to accept un-vetted software.

And, by "un-vetted", in this particular post I'm referring to not just the code, but the conduit of distribution as well.

hcentaur13 · Post by **hcentaur13** » Tue Jun 04, 2019 9:24 am

It is simple because linux is not a properitary system with only one distributor that calls for money for all and anything it does.

So there many diffewrent distrobutors with highly different taste. Each one and each maintainer of each pöieace of each peace of each bit of software that they maintain comes with his own of model how to maintain his own taste what kind of software he likes to gewt his own work done. Anybode does that in a way that gets the work done. There is nothing that can do anything in exactly the same way. As there so many diffierent contributors of different taste there is a wounder that someone gets the work done to bind all that different tastes together to different bundles to work perfectly together. Different peoples have different tastes - so different bundles exists.

Flemur · Post by **Flemur** » Tue Jun 04, 2019 12:24 pm

mattlach wrote: ⤴Wed Feb 13, 2019 6:32 pm Maybe I'm wrong? Educate me.

It's a bit like complaining that the grocery store has too much variety and should only sell what you want. My complaint is about the name: snaps. How lame. How not-unique and therefore hard to look up; Search "flatpak" and you get stuff about flatpak.

Search "snap" or "snaps" and you get

Supplemental Nutrition Assistance Program (SNAP) | USDA-FNS

, then a restaurant, camera company, etc.

Hacker News

Snaps. Why? Please Stop

Show article

throw555chip

Comments

By dark-star 2023-11-2321:553 reply

By hackeraccount 2023-11-2321:59

By Aerbil313 2023-11-241:081 reply

By HumanOstrich 2023-11-247:432 reply

By otabdeveloper4 2023-11-2420:52

By Aerbil313 2023-11-2412:16

By jcrben 2023-11-2323:52

By kalekold 2023-11-2321:083 reply

By jstanley 2023-11-2321:171 reply

By mikeywazowski 2023-11-2321:223 reply

By fgonzag 2023-11-241:23

By tehbeard 2023-11-2322:54

By patch_cable 2023-11-2322:23

By MrDresden 2023-11-2322:411 reply

By mhh__ 2023-11-2323:213 reply

By jeremija 2023-11-2422:02

By Nasreddin_Hodja 2023-11-245:53

By MrDresden 2023-11-247:38

By reportgunner 2023-11-2411:34

By Tanoc 2023-11-2322:171 reply

By beretguy 2023-11-2417:01

HackerNews