Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

Canonical goes full snap, Chromium is next

Off-Topic discussions about science, technology, and non Debian specific topics.
Message
Author
Wheelerof4te
Posts: 1454
Joined: 2015-08-30 20:14

Re: Canonical goes full snap, Chromium is next

#21 Post by Wheelerof4te »

^There are other ways to create application sandboxes. A package manager shouldn't be centered around sandboxing, because that's not the job of a package manager.
A job of package manager is to manage your software. Part of why modern solutions fail is their creators drive to make them do more than just install, remove, search and update your software.

User avatar
Danielsan
Posts: 659
Joined: 2010-10-10 22:36
Has thanked: 5 times

Re: Canonical goes full snap, Chromium is next

#22 Post by Danielsan »

Wheelerof4te wrote:^There are other ways to create application sandboxes. A package manager shouldn't be centered around sandboxing, because that's not the job of a package manager.
A job of package manager is to manage your software. Part of why modern solutions fail is their creators drive to make them do more than just install, remove, search and update your software.
This is your opinion because the trend is exactly the opposite, as a matter of fact this is not failing at all and it is been adopting widely. Even a distro like Debian Stable is vulnerable to a 0 day bug and containerization is a great feature against a 0 day attack.

User avatar
sickpig
Posts: 589
Joined: 2019-01-23 10:34

Re: Canonical goes full snap, Chromium is next

#23 Post by sickpig »

Snaps are user convenience focused. If you need latest or dev. version of an app say gimp or inkscape how will u install it in stable? change repos to sid?

before anyone digs up links about malicious snaps - dont install them if you dont trust their developer or packager

snaps, flatpaks are the way forward no matter what anyone thinks or does. appimage is quite convenient too.

whats wrong with chromium packaged as a snap if it is packaged officially by Cannonical? More power to anything that is user centric and focusses on convenience rather than changing repos or jumping through hoops.

User avatar
4D696B65
Site admin
Site admin
Posts: 2696
Joined: 2009-06-28 06:09
Been thanked: 85 times

Re: Canonical goes full snap, Chromium is next

#24 Post by 4D696B65 »

sickpig wrote: whats wrong with chromium packaged as a snap if it is packaged officially by Cannonical?
I guess if you trust Cannonical, nothing. I for one don't trust them.

User avatar
Head_on_a_Stick
Posts: 14114
Joined: 2014-06-01 17:46
Location: London, England
Has thanked: 81 times
Been thanked: 132 times

Re: Canonical goes full snap, Chromium is next

#25 Post by Head_on_a_Stick »

Danielsan wrote:Rolling back on Debian doesn't work properly and at your own risk because DPKG/APT aren't designed for this scope.
Try https://packages.debian.org/stretch/snapper
sickpig wrote:If you need latest or dev. version of an app say gimp or inkscape how will u install it in stable?
http://forums.debian.net/viewtopic.php?f=16&t=129390

And contrary to Danielsan's claim the container will use the graphics card, at least it does for the open source drivers — I can run openarena & Xonotic from a systemd-nspawn container.
deadbang

User avatar
sickpig
Posts: 589
Joined: 2019-01-23 10:34

Re: Canonical goes full snap, Chromium is next

#26 Post by sickpig »

Head_on_a_Stick wrote:viewtopic.php?f=16&t=129390
^^^^
is my exact definition of
sickpig wrote:jumping through hoops.
thanks for proving my point.

i choose not to reinvent the wheel to just install an app. I would just install a snap.

edit
resource usage of your alternative is 200 kgs heavier than just running an app as a snap. You are essentially running another version of the OS alongside your current one. And it will start all of its startup services daemons and whatnot

User avatar
Danielsan
Posts: 659
Joined: 2010-10-10 22:36
Has thanked: 5 times

Re: Canonical goes full snap, Chromium is next

#27 Post by Danielsan »

I think we are doing confusion between downgrade and rollback, functions for which DPKG and APT aren't designed for. And in any case a snapshot is not as a rollback for a single package.

And about systemd-nspawn this is not a desktop oriented solution to confine a single package, it is an isolated environment with the basic core system installed and it needs some effort to make it work with a graphic application.

User avatar
sickpig
Posts: 589
Joined: 2019-01-23 10:34

Re: Canonical goes full snap, Chromium is next

#28 Post by sickpig »

Danielsan wrote:And about systemd-nspawn this is not a desktop oriented solution to confine a single package, it is an isolated environment with the basic core system installed and it needs some effort to make it work with a graphic application.
along with the effort it is not secure as highlighted in viewtopic.php?f=16&t=129390 without adding additional flags

in the same thread chroot option is mentioned which is more secure as it uses xephyr server which is a standalone graphics server and doesn't share display resources with X11

KBD47
Posts: 87
Joined: 2011-09-04 09:07

Re: Canonical goes full snap, Chromium is next

#29 Post by KBD47 »

4D696B65 wrote:
sickpig wrote: whats wrong with chromium packaged as a snap if it is packaged officially by Cannonical?
I guess if you trust Cannonical, nothing. I for one don't trust them.
Agreed!
https://www.omgubuntu.co.uk/2018/05/ubuntu-snap-malware

User avatar
sickpig
Posts: 589
Joined: 2019-01-23 10:34

Re: Canonical goes full snap, Chromium is next

#30 Post by sickpig »

KBD47 wrote:
4D696B65 wrote:
sickpig wrote: whats wrong with chromium packaged as a snap if it is packaged officially by Cannonical?
I guess if you trust Cannonical, nothing. I for one don't trust them.
Agreed!
https://www.omgubuntu.co.uk/2018/05/ubuntu-snap-malware
sickpig wrote:before anyone digs up links about malicious snaps - dont install them if you dont trust their developer or packager

Deb-fan
Posts: 1047
Joined: 2012-08-14 12:27
Been thanked: 4 times

Re: Canonical goes full snap, Chromium is next

#31 Post by Deb-fan »

Can't see this becoming the future default packaging format. Interesting and truthfully not up to speed on this topic. Personally won't be using it or highly unlikely. Still can see some benefits and won't bad mouth these types of efforts either. Snappy-snap, flatpak and appimages, cool more options for those who choose to use.
Most powerful FREE tech-support tool on the planet * HERE. *

pendrachken
Posts: 1394
Joined: 2007-03-04 21:10
Location: U.S.A. - WI.

Re: Canonical goes full snap, Chromium is next

#32 Post by pendrachken »

How would non-root installations work for packages that provide system files (ie, all of them)?

Do you really want to give hackers that have local access the power to install stuff without gaining root privileges?
Sounds like someone doesn't know how snaps / flatpacks work. Here's a hint; they contain all the libraries needed to run, regardless of if the versions are the same as the underlying base OS or not. This CAN lead to library duplication, but is often quite handy when the newer application needs updated libraries, as you don't have to mess with the base systems stable libraries.... potentially introducing bugs into the stable software of the base system. You also don't have to try to backport the application to use older libraries, which can also introduce subtle bugs and regressions, or just plain fail. This also means you can run OLDER software on a newer modern base without having to change library versions or worry about regressions in newer libraries.


All of this means that the flatpack / snap will be bigger than a packaged dynamically linked binary, but as said by many a people here - disk space is cheap.
fortune -o
Your love life will be... interesting.
:twisted: How did it know?

The U.S. uses the metric system too, we have tenths, hundredths and thousandths of inches :-P

User avatar
golinux
Posts: 1579
Joined: 2010-12-09 00:56
Location: not a 'buntard!
Been thanked: 1 time

Re: Canonical goes full snap, Chromium is next

#33 Post by golinux »

We know what super-sizing has done to our health. It is a sloppy, unmindful and ultimately destructive habit to feed our cravings for all sorts of things that ultimately only complicate our lives. Convenience is a trap . . . beware.
May the FORK be with you!

User avatar
Bloom
df -h | grep > 90TiB
df -h | grep > 90TiB
Posts: 504
Joined: 2017-11-11 12:23
Been thanked: 26 times

Re: Canonical goes full snap, Chromium is next

#34 Post by Bloom »

Debian has a rigorous testing and review system for its packages. Have you lot never wondered why in all the years that Debian exists no malware was ever introduced?
Snap is IMHO the easiest way forward to have malware introduced to Ubuntu where it was previously secure. Debian needs to stay away from that.

CwF
Global Moderator
Global Moderator
Posts: 2638
Joined: 2018-06-20 15:16
Location: Colorado
Has thanked: 41 times
Been thanked: 192 times

Re: Canonical goes full snap, Chromium is next

#35 Post by CwF »

I've tried to explain elsewhere, where linux is going in terms of windows evolution only to realize my references were unknown as ancient irrelevant history. Once upon a time MS had the idea to package common code in libraries in a very unix like way. These libraries called dll's promised to consolidate and ease things. Of course you could put a customized dll in the programs directory to override the systems, if you really really had to....A decade later, a file search on the average windows system of any common and random dll results in numerous identically named dll's. The method could have been tight, and very resource efficient, but it's not.
The mentality here is simply repeating the same pattern. Linux is of course superior (maybe not) and when it is on parity with windows it will be as bloated and bad. Yes, things will work fine, if we provide the space, the extra memory, and a few extra cores to manage the slop.

Once the average distro/user can download and execute many cool programs from all over the wonderful web, Linux's will finally match windows. Maybe we should call these things exe's. Just dl and run! That's the ticket!

Bulkley
Posts: 6383
Joined: 2006-02-11 18:35
Has thanked: 2 times
Been thanked: 39 times

Re: Canonical goes full snap, Chromium is next

#36 Post by Bulkley »

The only free cheese is in the mouse trap.

vmclark
Posts: 187
Joined: 2008-07-30 15:16
Has thanked: 1 time

Re: Canonical goes full snap, Chromium is next

#37 Post by vmclark »

pendrachken wrote: Sounds like someone doesn't know how snaps / flatpacks work. Here's a hint; they contain all the libraries needed to run, regardless of if the versions are the same as the underlying base OS or not. This CAN lead to library duplication, but is often quite handy when the newer application needs updated libraries, as you don't have to mess with the base systems stable libraries.... potentially introducing bugs into the stable software of the base system. You also don't have to try to backport the application to use older libraries, which can also introduce subtle bugs and regressions, or just plain fail. This also means you can run OLDER software on a newer modern base without having to change library versions or worry about regressions in newer libraries.


All of this means that the flatpack / snap will be bigger than a packaged dynamically linked binary, but as said by many a people here - disk space is cheap.
This doesn't make any since at all. Because disks are cheap is no reason to load up on unneeded size, especially pack on more libraries.
As long as there is APT, I'm happy. Snap is the first item to get removed from my system.

pendrachken
Posts: 1394
Joined: 2007-03-04 21:10
Location: U.S.A. - WI.

Re: Canonical goes full snap, Chromium is next

#38 Post by pendrachken »

vmclark wrote:
pendrachken wrote: Sounds like someone doesn't know how snaps / flatpacks work. Here's a hint; they contain all the libraries needed to run, regardless of if the versions are the same as the underlying base OS or not. This CAN lead to library duplication, but is often quite handy when the newer application needs updated libraries, as you don't have to mess with the base systems stable libraries.... potentially introducing bugs into the stable software of the base system. You also don't have to try to backport the application to use older libraries, which can also introduce subtle bugs and regressions, or just plain fail. This also means you can run OLDER software on a newer modern base without having to change library versions or worry about regressions in newer libraries.


All of this means that the flatpack / snap will be bigger than a packaged dynamically linked binary, but as said by many a people here - disk space is cheap.
This doesn't make any since at all. Because disks are cheap is no reason to load up on unneeded size, especially pack on more libraries.
As long as there is APT, I'm happy. Snap is the first item to get removed from my system.

You go ahead and worry about a few kb of disk space lost to redundant libraries (if they even are the same version number ) if you want. Meanwhile My / drive has hundreds of gigs of free space and my storage pools have multi TB space. And guess what, since storage is cheap I can just got and toss a few more 5TB drive in the pool, RAID em up, and go on with life if I ever need more space.

So yeah, I'll take ease of use / convenience over worrying about saving that couple MB space for any snaps / flatpacks I would choose to install.


P.S. All that quoting and you didn't even read what it was in reference to, just got yer panties in a bunch over disk space that you won't even notice being used.
fortune -o
Your love life will be... interesting.
:twisted: How did it know?

The U.S. uses the metric system too, we have tenths, hundredths and thousandths of inches :-P

Wheelerof4te
Posts: 1454
Joined: 2015-08-30 20:14

Re: Canonical goes full snap, Chromium is next

#39 Post by Wheelerof4te »

pendrachken wrote:So yeah, I'll take ease of use / convenience over worrying about saving that couple MB space for any snaps / flatpacks I would choose to install.
You really can't put snaps and flatpaks in the same basket. They are very different things trying to solve the same problem. And there are other cons not related to disk space, such as trust concerns and security issues over outdated libraries. Repositories are time-proven solution, while snaps come looking like hacks.

Post Reply