Now, seriously. Microsoft’s devs literally only do something if their boss tells them to, and the boss only cares about money. The support teams only know chkdsk and reboot.
On the topic of Microsoft support, I hate how useless support boards are. They’re always responding with the same template answers describing the exact steps the asker clearly stated they’ve already done with no results. Microsoft is far from alone in this, but I just wanted to rant a bit.
You already use an arch container that has access to the AUR, which has literally every package, available on linux.
Also, if anything, flatpaks are THE official (universal) packaging format for Linux, it’s the most widely adopted and most well integrated of the universal packaging formats. I’m not saying that homebrew is bad, just why bother with it when you’ve got 100 other packaging formats that are all better…
if anything, flatpaks are THE official (universal) packaging format for Linux
I don’t deny that, I make good use of a ton of flatpaks on my system. I also believe that it’s the best we have. And I would literally switch to Brave as a flatpak if it would satisfy the following:
Be official and thus maintained by Brave itself.
Not having to forego its own more powerful sandbox due to (hopefully) current restrictions of Flatpak. Yes, you read that correctly; while flatpaks are arguably the safest way to consume most applications, this doesn’t apply to apps that actually have stronger sandboxes which had to be ‘slimmed down’ when packaged as a flatpak. Thus, currently, for maximum protection, one simply can’t rely on flatpaks for their Chromium-based browsers. If you choose to do so and it has worked out for you wonderfully; that’s awesome, I’ve been there and enjoyed the experience as well. But, I can’t justify it for myself any longer.
Never implied that anyways. Official merely ensures that the amount of trusted parties can be minimized.
Bubblewrap is not insecure.
Bubblewrap, when properly applied is indeed excellent; perhaps the best utility to sandbox applications on Linux. I’m thankful that flatpaks makes use of bubblewrap, namespaces and seccomp to offer relatively safe/secure apps/binaries, I’m unaware of any other ‘(universal) package manager’ within the Linux-space that offers similar feats in that regard. Unfortunately, Chromium-based browsers just happen to have an even stronger sandbox -if properly configured- than flatpaks are currently capable of.
Okay true. I am not so much into this Browser sandbox thing and dont really get it. Its a different way than bubblewrap, as from Firefox RPM for example I can open any file and save anywhere. But its process isolation right?
as from Firefox RPM for example I can open any file and save anywhere. But its process isolation right?
For Firefox, the verdict on its native sandbox vs Flatpak’s native sandbox doesn’t seem conclusive. With -assumingly- knowledgeable peeps on both sides of the argument, which indeed does raise the question how knowledgeable they actually are. Nonetheless, for myself, I’ve accepted Flatpak’s sandbox to not be inferior to Firefox’ native one. Thus, I don’t see any problem with using its flatpak.
Apart from having all the nice KDE integration and things like Keepass integration, Fido2 keys, drag and drop and some more things…
Also afaik the Fedora Firefox has a good SELinux profile and it runs damn fast. I did a speed test and it was best, along with Mozillas all-together-binary.
I’m a sucker for GNOME :P , but I’ll keep it in mind.
things like Keepass integration
The flatpak does allow integration, but isn’t built-in unfortunately; so one has to fiddle a bit themselves to set it up.
Fido2 keys
I should rely more on those. Do you have any recommendations? I’ve been hearing good things about Nitropad and Yubico, but I honestly don’t know if they’re actually good and how they would fare amongst eachother.
drag and drop
Overrated anyways /s :P .
Also afaik the Fedora Firefox has a good SELinux profile
It’s probably better configured with the native package than the flatpak one indeed. I wonder if this will change as Fedora is interested to ship Firefox as a flatpak by default on Silverblue (and variants).
it runs damn fast. I did a speed test and it was best
I haven’t had the best internet speeds since I’ve been relying on free VPN. But that’s on me :P .
Fedora packages a Flatpak Firefox themselves, based off the RPM. So its good too, but lacks codecs with currently no way to enable them so yeah. They would need am extension of some sort hosted on Flathub. So simply using Firefox Flatpak from Flathub makes more sense.
I got a Nitrokey for Heads but for some reason it never arrived? I can say these things are very expensive. And Heads uses PGP and not others.
I rely on flatpaks for all non-firefox browsers and haven’t had any issues with them, I’ve used the brave flatpaks specifically for almost a year now and no issues…
If you choose to do so and it has worked out for you wonderfully; that’s awesome, I’ve been there and enjoyed the experience as well. But, I can’t justify it for myself any longer.
If you meant something else, then please feel free to correct me.
I am thankful that zypak exists so that Chromium-based browsers and Electron apps don’t have to explicitly flag –no-sandbox to continue functioning. However, it doesn’t undermine the fact that native Chromium’s sandbox is more powerful than Flatpak’s sandbox. As such, if one desires security, then one should gravitate towards the native installed one.
Unfortunately, you didn’t -to my knowledge- support nor retract your claim on Chromium using flatpak sub-sandboxes. Therefore, I find it hard to continue taking your words at face value.
I have enjoyed these interactions, so don’t get me wrong; but if I (possibly) catch you on spreading misinformation (even if unintentional), then I find it hard to keep engagement up as there’s no guarantee that anything else coming from you is actually correct.
I would love to be corrected on this though, so please feel free if I have misunderstood you or anything else that would revive this conversation. If not, then I would still like to thank you from the bottom of my heart for this friendly interaction we’ve had. Take care!
I linked the source but sure, I’ll link it more for you.
I am aware, but the same source seemingly contradicted your point^[1]^ regarding sub-sandboxing.
Wow, thanks a lot for the work you’ve put into this! It might take some time for me to go through this, but I’ll definitely take a look and perhaps I’ll return on this at a later point. Perhaps with this I will finally be able to install my Chromium-based browsers as a flatpak and don’t feel bad about it.
Once again, your engagement has been much appreciated! So please feel free to let me know if I can buy you a coffee or something 😊! Unfortunately, statements like “Thank you so much!” don’t quite capture the sheer magnitude of gratitude I feel towards you right now. For whatever it’s worth; I salute you, good human.
“It lets Chromium use flatpak sub-sandboxes” that you expressed in this comment.
The comment on there is odd, I’m not even sure what that issue is referring to. Not much exciting happened in that release for new features but there were subsandbox security fixes github.com/flatpak/flatpak/…/1.10.8...1.12.0
A. If you haven’t played ΔV, do it. One of the most amazing games out there imho. So good in fact that I just went to find a Δ on the internet so I could use it and not disrespect the dev and the game. B. He is such an amazing dude. I don’t know him personally, but I do know that when Ukraine was invaded he made the game free for months on Steam so people in Ukraine could get it and have something too distract themselves from the conflict. A+ move in my book right there. I had already bought the game at that point, but I wish I could buy it again just to support him further. C. Reading this almost makes me think it would be a good tactical move to offer early access games at a steep discount on Linux if it has this great of an effect. Pay back the “free” QA kindness of the community.
There was a Lemmy post with a video about how things have changed, which I even commented on, but I can’t find anymore.
What I remember was that yes they did address most of the concerns. There were some issues still (unrelated to data collection iirc), and there’s one other fork that’s being maintained if you don’t want that
Edit: I think the was the video, I don’t want to watch it again but I’ll link my TLDW if I find it: m.youtube.com/watch?v=QfmDn1IaDmY
My laptop went bonkers trying to run it, maybe I have something misconfigured somewhere. I wanted to like it because it looks great, but I couldn’t because it was seemingly too resource intensive.
Somebody mentioned I may have been running bpytop, so maybe this whole thing is my bad. I honestly can’t remember what I ran now - I thought it was btop
yeah you need a decently fast hw accelerated terminal for it
for example, the gnome terminal is pretty slow; if you’re using it, try running it in alacrity or kitty and see if that improves performance.
For those wondering, the problem was that windows didn’t fully unmount the drive. To fix this you need to fully shutdown windows with the command line or the shift key.
Night light was the big one for me. If I remember correctly they wanted to implement a workaround for night light on nvidia gpus on wayland for KDE Plasma 6. I guess that’s kinda superfluous now 😄
Took me a second to figure out that was the Nvidia drivers version number. I was wondering if gnome made another major version shift from 45 to 545 for a second :)
Why does it create another user and put files under /home/linuxbrew/? Answer:
The script installs Homebrew to its default, supported, best prefix (/opt/homebrew for Apple Silicon, /usr/local for macOS Intel and /home/linuxbrew/.linuxbrew for Linux) so that you don’t need sudo after Homebrew’s initial installation when you brew install.
Where’s the logic in that? Why not just install to the user’s home directory so that you don’t even need root access in the first place?
Why is installing from the tarball unsupported and so frowned upon? FFS isn’t this just supposed to be a package manager? Why is everything so complicated and opinionated when compared to pip, cargo, Flatpak, etc? Compare this mess to Golang’s install and uninstall process where you literally just need to tar -xzf a file or rm -rf a directory.
Where’s the logic in that? Why not just install to the user’s home directory so that you don’t even need root access in the first place?
Excellent remark! Wow, that by itself already wrote it off for me.
Why is sudo hard-coded? Answer: it’s to prevent people from using doas and other sudo alternatives.
Another home-run! Especially as I’ve been a staunch user of doas for quite a while now and wouldn’t like to give up on that. Thank you so much for informing me on this!
Your third point is also interesting to ponder upon, though it wasn’t as impactful to me personally as the previous two were.
I would like to thank you once again for your astoundingly awesome insights on this matter! This comment has definitely contributed the most in me letting go of the thought of using Homebrew entirely (while some others already informed me that GUI-apps (mostly) can’t be installed from Homebrew to function on Linux anyways).
Once x86 macOS became stable around snow leopard I switched from Linux to macOS full time on my mobile machines. For years home brew was a shining light to get a decent tool chain installed to be able to do development. But somewhere around the time they changed to naming macOS releases after places in California, both home brew and macOS started changing in ways that made it harder to maintain a stable development environment. Why and when did it start deciding to upgrade every package I have installed when I try to install a new package? It regularly broke both mine and our developers’ machines and I finally had enough of both. Stay away from home brew if you want your working development environment to continue working 6 months later. It WILL break when you need it most and cost you hours if not days of work to fix. I’ve never ran home brew on Linux but it’s honestly not anything I would ever consider even when it worked well.
Thanks for the insights! Do you know if these issues continue to persist?
Why and when did it start deciding to upgrade every package I have installed when I try to install a new package?
Is this perhaps related to how for most non-LTS distros (but especially on something like Arch) one is recommended to update all packages before installing a new package in hopes of preventing issues related to dependency hell? I don’t know if Homebrew’s model of packaging is similar enough to Linux’ to make sensible comparisons between the two, but this was just something that came up to me as a thought.
linux
Newest
This magazine is from a federated server and may be incomplete. Browse more on the original instance.