A dream of mine is a #GNU #Linux distro based on #Debian but distributed with #OSTree, with #KDE #Plasma and #LatteDock by default and a solid but simple tiling script for #Kwin, applications installed by unprivileged users as #Flatpak, #Kirigami convergent apps as system apps including a browser with #Firefox's #Gecko as engine, #Android apps support with #Anbox as #Discover backend to centralize the management of the apps, Windows apps provided by Flatpak repos like #Winepak that ships #Wine
@alexl Sounds like an awesome distro!
@alexl So just about what we're doing but with Flatpak? 😂😋
@uri_herrera and OSTree for the system. OSTree powers Flatpak too and it's great because you can have different versions of the same software installed without increasing the size too much. So a Flatpak app is guaranteed to run everywhere but if you install multiple apps that shares 90% of the libraries the storage is shared too, so it doesn't really increase.
@uri_herrera also Flatpak has a permission system that let you run apps that you don't fully trust, even proprietary ones, like on Android. Instead now from a security point of view all the Linux distributions rely on the assumption that you run only software from the official reporitories and that you totally trust it, no space for third party software run safely.
@alexl Although we already do sandbox with the AppImages, we'd like to have a graphical way to tell the user what is XYZ software accessing, like cameras, microphone.
@uri_herrera Flatpak has the "portals" concept for that, they are supported by both GTK and Qt/KDE during installation and GNOME is currently adding an UI for managing permissions.
For example the portal for file access let you use KDE file picker from GTK apps.
@uri_herrera Flatpak's xdg-desktop-portal can be used from Snap too, maybe it could be used to manage permissions for AppImage too?
Here there is an issue on AppImage issue tracker: https://github.com/AppImage/AppImageKit/issues/171
@alexl On the OS side znx does precisely that; you can have multiple versions of the distribution, any distribution. On the applications side, you can have various AppImages. The way that you describe it, Flatpak seems to me like a conventional package manager, albeit one that is more modern and simplified.
@uri_herrera never heard of znx, I will check it! About AppImage, it just bundles all the software including libraries. This is a security issue because each AppImage maintainer needs to keep the libraries updated and the storage is multiplied.
AppImage = going back to Windows way
Flatpak = the best of Windows (applications running everywhere) + the best of GNU/Linux (shared libraries for better security and to save RAM and storage)