this post was submitted on 23 Aug 2023

482 points (98.2% liked)

Linux

47575 readers

1020 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago

MODERATORS

AgreeableLandscape@lemmy.ml

nooter692@lemmy.ml

MarcellusDrum@lemmy.ml

cypherpunks@lemmy.ml

cyclohexane@lemmy.ml

d3Xt3r@lemmy.nz

482

Ubuntu's Mozillateam PPA now forcing users over to snap install for Firefox. (lemmy.dbzer0.com)

submitted 1 year ago by PseudoSpock@lemmy.dbzer0.com to c/linux@lemmy.ml

240 comments fedilink hide all child comments

What use to be the PPA that allowed Ubuntu users to use native .deb packages for Firefox has recently changed to the same meta package that forces installation of Snap and the Firefox snap package.

I am having to remove the meta package, then re-uninstall the snap firefox, then re-uninstall Snap, then install pin the latest build I could get (firefox_116.0.3+build2-0ubuntu0.22.04.1~mt1_arm64.deb) to keep the native firefox build.

I'm so done with Ubuntu.

you are viewing a single comment's thread
view the rest of the comments

[–] nephs@lemmygrad.ml 17 points 1 year ago (8 children)

What's up with the hate on snaps, again, please anyone?

[–] csolisr@communities.azkware.net 37 points 1 year ago (1 children)

There is only a single Snap server, and it is a proprietary one exclusive to Canonical
Upgrades are pushed in a mandatory fashion, which means things will break if a bad upgrade ever gets pushed
Snaps have about the same integration issues that Flatpaks have due to their sandboxing, but overcoming them is even harder due to lack of tools on the Snap side of things
Snaps are mostly Ubuntu-centric, and don't quite work on other distros

[–] just_another_person@lemmy.world 2 points 1 year ago (1 children)

Mostly agree, except the last two points. Snaps are available anywhere...if you so wish (I wouldn't).

The biggest issue with snaps is that they are SLOOOOOOOW when compared to a standard binary install, or even Flatpak. Most of this has to do with fuse, but when you have many versions of a specific package, it just gets slower and slower.

The local versioning system also takes up a ton of local space by not expiring caches regularly, so it's not fit for lightweight installs.

[–] csolisr@communities.azkware.net 1 points 1 year ago

Thanks for the clarification! I've never used Snaps myself (as I'd rather use Arch than Ubuntu), so I was unaware on how slow do Snaps run on an average computer. Again, sandboxing can be an overhead too large for an old machine.

[–] leo85811nardo@lemmy.world 30 points 1 year ago* (last edited 1 year ago) (1 children)

For me it's the fact that Ubuntu forcefully shove snap into my system when I want the normal deb install with apt. I'm sure snap has gone better over the years but this is something that I absolutely hate. When I want to use snap/flatpak, I can use snap/flatpak install, and when I say apt install it should be deb install as it's supposed to be as a Debian variant. Linux tools has always been known for doing exactly what is told, whereas what Ubuntu is recently doing is the opposite of it

[–] XTornado@lemmy.ml 6 points 1 year ago (1 children)

I mean the alternative would be to just stop providing the package at all I guess? Like it seems they want to switch to snap.

[–] LeFantome@programming.dev 1 points 1 year ago (1 children)

I think that would be a higher integrity move for sure. The issue of course is how to migrate existing users. If they just remove the deb, many users will just stay on the old version forever. They may never know the snap version even exists.

I get the problem. I just hate their solution.

[–] leo85811nardo@lemmy.world 1 points 1 year ago

I believe apt has the ability to "redirect" or "inform" the user on prompt. They could just show a message that says it's no longer available for this LTS version, and let them use snap or flatpak instead

[–] lily33@lemm.ee 16 points 1 year ago

While I'm sure some people hate snap in general, most people simply hate being forced to use it. Or rather, bring forced to switch distro and reinstall everything.

[–] merthyr1831@lemmy.world 12 points 1 year ago

Beyond the complaints about Canonical's hostility to Flatpak and other formats, but the real risk snap poses is that Canonical has a lot of control over the snap store, and lack of integration with distros beyond Ubuntu.

There's a vague promise of "new stores" and better integration with other distros but Flatpak is a truly open technology that gives you the option to install apps from ANY source and other distros are collaborating to improve it.

[–] nestEggParrot@lemmy.sdf.org 10 points 1 year ago

Many have issues with stability. Especially with firefox which comes installed via snap on ubuntu. Similarly compared to deb snaps versions occasionally have weird bugs. I personaaly had an issue with opening files properly using snap but worked fine on deb.

Also its unnecessarily forced. Deb works great and apt is widely used as primary package manager. No need to maintain the system with another one in the mix.

Its also repoted not to work well on otknr platforms like fedora or arch. Other package formats like AppImage, flatpak might be better in that regard though I havent used them.

[–] library_napper@monyet.cc 9 points 1 year ago (1 children)

For one, packages aren't cryptographically verified after downloading them, as is done with apt.

This is a massive security vulnerability.

[–] cmeerw@programming.dev 6 points 1 year ago (1 children)

Verifying a snap package’s authenticity seems to suggest otherwise. What's the source for your claim?

[–] library_napper@monyet.cc 6 points 1 year ago (1 children)

Your link is just guesses on a forum.

Link me to the official documentation that describes how signatures work.

[–] cmeerw@programming.dev 15 points 1 year ago (1 children)

You mean like https://manpages.ubuntu.com/manpages/jammy/en/man8/snap.8.html

Still better than a random user claiming

This is a massive security vulnerability

with no justification whatsoever.

[–] library_napper@monyet.cc 1 points 1 year ago

That's usage documentation. It doesn't describe how snap verifies packages.

The burden of proof lies with the program's docs to prove their security. In the absence of such documentation, we should all ageree to distrust it as insecure.

Apt clearly documents how the manifest file is cryptographically signed with PGP (and if that Sig or the signed hashes dont for any package it refuses to continue).

[–] x3i@lemmy.x3i.tech 2 points 1 year ago

Main reasons I see being raised a lot are Canonical's absolute control over the snap ecosystem and the dependency problem inside the snaps, meaning they often ship outdated versions of dependencies which might have known bugs or flaws.

The fact that it is forced on users is mentioned by other people here already. Afaik this is not a thing yet on Ubuntu server, so maybe install that one + the GUI packages? Not an Ubuntu user myself, so this could be oversimplified.

[–] ennemi@hexbear.net 2 points 1 year ago

Digital sanity. I do not want any of my tools to constantly beg to be updated.