485
Ubuntu's Mozillateam PPA now forcing users over to snap install for Firefox.
(lemmy.dbzer0.com)
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
What's up with the hate on snaps, again, please anyone?
Mostly agree, except the last two points. Snaps are available anywhere...if you so wish (I wouldn't).
The biggest issue with snaps is that they are SLOOOOOOOW when compared to a standard binary install, or even Flatpak. Most of this has to do with fuse, but when you have many versions of a specific package, it just gets slower and slower.
The local versioning system also takes up a ton of local space by not expiring caches regularly, so it's not fit for lightweight installs.
Thanks for the clarification! I've never used Snaps myself (as I'd rather use Arch than Ubuntu), so I was unaware on how slow do Snaps run on an average computer. Again, sandboxing can be an overhead too large for an old machine.
For me it's the fact that Ubuntu forcefully shove snap into my system when I want the normal deb install with
apt
. I'm sure snap has gone better over the years but this is something that I absolutely hate. When I want to use snap/flatpak, I can usesnap/flatpak install
, and when I sayapt install
it should be deb install as it's supposed to be as a Debian variant. Linux tools has always been known for doing exactly what is told, whereas what Ubuntu is recently doing is the opposite of itI mean the alternative would be to just stop providing the package at all I guess? Like it seems they want to switch to snap.
I think that would be a higher integrity move for sure. The issue of course is how to migrate existing users. If they just remove the deb, many users will just stay on the old version forever. They may never know the snap version even exists.
I get the problem. I just hate their solution.
I believe apt has the ability to "redirect" or "inform" the user on prompt. They could just show a message that says it's no longer available for this LTS version, and let them use snap or flatpak instead
While I'm sure some people hate snap in general, most people simply hate being forced to use it. Or rather, bring forced to switch distro and reinstall everything.
Beyond the complaints about Canonical's hostility to Flatpak and other formats, but the real risk snap poses is that Canonical has a lot of control over the snap store, and lack of integration with distros beyond Ubuntu.
There's a vague promise of "new stores" and better integration with other distros but Flatpak is a truly open technology that gives you the option to install apps from ANY source and other distros are collaborating to improve it.
Many have issues with stability. Especially with firefox which comes installed via snap on ubuntu. Similarly compared to deb snaps versions occasionally have weird bugs. I personaaly had an issue with opening files properly using snap but worked fine on deb.
Also its unnecessarily forced. Deb works great and apt is widely used as primary package manager. No need to maintain the system with another one in the mix.
Its also repoted not to work well on otknr platforms like fedora or arch. Other package formats like AppImage, flatpak might be better in that regard though I havent used them.
For one, packages aren't cryptographically verified after downloading them, as is done with apt.
This is a massive security vulnerability.
Verifying a snap package’s authenticity seems to suggest otherwise. What's the source for your claim?
Your link is just guesses on a forum.
Link me to the official documentation that describes how signatures work.
You mean like https://manpages.ubuntu.com/manpages/jammy/en/man8/snap.8.html
Still better than a random user claiming
with no justification whatsoever.
That's usage documentation. It doesn't describe how snap verifies packages.
The burden of proof lies with the program's docs to prove their security. In the absence of such documentation, we should all ageree to distrust it as insecure.
Apt clearly documents how the manifest file is cryptographically signed with PGP (and if that Sig or the signed hashes dont for any package it refuses to continue).
Digital sanity. I do not want any of my tools to constantly beg to be updated.
Main reasons I see being raised a lot are Canonical's absolute control over the snap ecosystem and the dependency problem inside the snaps, meaning they often ship outdated versions of dependencies which might have known bugs or flaws.
The fact that it is forced on users is mentioned by other people here already. Afaik this is not a thing yet on Ubuntu server, so maybe install that one + the GUI packages? Not an Ubuntu user myself, so this could be oversimplified.