
Linux Mint Dumps Ubuntu Snap - CrankyBear
https://www.zdnet.com/article/linux-mint-dumps-ubuntu-snap/
======
Darmody
I can understand Canonical pushing for snaps. It's their product and they want
it to succeed.

That said I hate their dirty ways. I find it even morally wrong. How can "sudo
apt install chromium-browser" not install the apt package but install instead
a snap? How I, as a user and also as a professional, trust Ubuntu if when I
use their package manager I'm being tricked?

I don't use Windows for a reason, more than one actually. I've been using
Ubuntu even with all the "weird" stuff Canonical has been doing over the years
but I think this is the nail in the coffin.

Right now I'm using 20.04 but as soon as I finish some work I have left I'll
install a fresh new distro.

~~~
jimhefferon
What distro? I use Ubuntu because I just want an OS, not a hobby.

~~~
dima55
Just use Debian. Ubuntu is quite literally Debian+bullshit.

~~~
mrighele
My issue with Debian that I don't want a rolling release, and Debian Stable
feels more like "Debian Obsolete" to me (at least it was years ago, maybe now
it is different...)

~~~
fiddlerwoaroof
Debian testing is basically my distro of choice: if sid is the rolling
release, and stable is the LTS version, testing is roughly equivalent to non-
LTS Ubuntu: the packages have been tested so you don’t usually get breakage,
but they aren’t stale.

~~~
ckcheng
The packages are somewhat tested, but "you are participating in the
development of Debian when you are tracking testing or unstable" [1]. My
feeling is Debian testing is a little less stable than non-LTS Ubuntu.

See, I'd like to use LXDE, and right now I use Lubuntu. I'm interested in
switching to Debian, but then I read someone say Debian testing is "more
stable than the name would suggest, as long as you follow a few reasonable
best-practices" [2]. Then I look at these best practices [3] and I'm like, I
don't really have time for all that...

But maybe that person is just overly cautious. So I look at Debian's page [1]
for best practices and it wants me to use btrfs or LVM snapshots in case an
update puts the system into an unrecoverable position. I... don't think I have
time for that.

Maybe I can use Debian stable and just get software not available in Debian
stable via... snap [4]. Ok, they also list Flatpak and docker, but this is
getting frustrating... Is that really the best way to go about this? Because
other than snap auto-updating on my machines behind my back, Lubuntu's been
working great up to now.

So basically, is there a Ubuntu / Lubuntu that just doesn't have snap auto-
updates? If anyone knows, I'd really appreciate it!

[1]:
[https://wiki.debian.org/DebianUnstable#What_are_some_best_pr...](https://wiki.debian.org/DebianUnstable#What_are_some_best_practices_for_testing.2Fsid_users.3F)
[2]:
[https://news.ycombinator.com/item?id=23038222](https://news.ycombinator.com/item?id=23038222)
[3]:
[https://news.ycombinator.com/item?id=23044878](https://news.ycombinator.com/item?id=23044878)
[4]:
[https://wiki.debian.org/DontBreakDebian#Snap](https://wiki.debian.org/DontBreakDebian#Snap)

~~~
rumanator
> My feeling is Debian testing is a little less stable than non-LTS Ubuntu.

At least a few years ago, Ubuntu's LTS releases were derived from Debian
Testing, while Ubuntu's standard releases were derived from Debian Unstable.

~~~
ckcheng
Oh, didn't know that. That gives me a better sense of "how stable" each is.
Thanks!

------
henriquez
I dumped Ubuntu over Snap. Maybe I’m just ignorant but it seems like allowing
developers to push software updates without any review invites the same sorts
of issues we’ve seen on npm, with very high risks for certain use cases. I
don’t want that kind of relationship with my OS, forced updates are why I
ditched Windows in the first place.

Aside from the philosophical concerns I ran into a lot of glitches with
various snap packages, frequently resulting in lost or corrupted data. And the
sandbox approach prevented certain filesystem tweaking I previously took for
granted. Overall I didn’t see the benefit and didn’t have time to futz with
it.

I’m curious if there are any distros with a recent version of Gnome and also a
sane package manager.

~~~
schoolornot
> forced updates are why I ditched Windows in the first place

Samsung has followed suit w/ Android. Once an update is available, the user
can defer it three times before the phone is rebooted. Not even Apple pulls
this crap.

~~~
guug
As a short term solution, you can use netguard and always have it run in
lockdown mode. It works on most phones and doesn't require root. You can use
it to whitelist app access to the internet (inc. blocking samsung and google
play updates). It's also open source.

In the long term, just avoid samsung products that don't respect your
authority as the owner.

------
chintan
Hundreds of organizations, including ours, rely on Rocket.Chat for their
internal messaging. It all went down when a release was pushed and snap
decided to auto-update [1] I can imagine it resulted in a huge loss of
productivity at all these orgs in the Covid era.

Just learnt from this thread that apt-install will install snap! I'm running
Ubuntu 18.04 + i3 (Dell Developer Edition) but will change to Debian.

[1].
[https://github.com/RocketChat/Rocket.Chat/issues/17628](https://github.com/RocketChat/Rocket.Chat/issues/17628)

~~~
simosx
You can control when to update, [https://snapcraft.io/docs/keeping-snaps-up-
to-date](https://snapcraft.io/docs/keeping-snaps-up-to-date)

~~~
Andys
Would someone be able to tell me how to plain old turn it off? I still can't
tell even after reading the docs

~~~
morsch
You can turn it off by replacing your operating system with another Linux
distribution. As of 20.04 you also still have the option of removing Snap
outright[1], as long as you don't need the software that is only provided via
snap.

Although apparently they are considering[2] adding the option to disable auto-
updates.

[1]
[https://news.ycombinator.com/item?id=22972661](https://news.ycombinator.com/item?id=22972661)
[2] [https://forum.snapcraft.io/t/re-visiting-update-control-
on-t...](https://forum.snapcraft.io/t/re-visiting-update-control-on-the-
desktop/17170)

~~~
Andys
Thanks, I did this on my 20.04 systems and it worked fine. Simply uninstall
snapd. I lost LXD (no way I'd use this now anyway if its distributed via
snap), and chromium browser (but discovered the far superior Ungoogled version
anyway)

------
eberkund
This appears to be an unpopular opinion, but I like snaps and Canonical's
philosophy in some ways mimics that of Apple's where they care about usability
over configurability.

Snaps have been my preferred method of installation for a few years now. I
really like how I know where the files are being installed to and if I
uninstall the software it will be removed cleanly. I also like how for most
software snaps contain the latest release of the software which has not been
my experience with distro specific apt repos. I can even install beta, nightly
or previous releases very easily using snap store channels. I've never
experienced any package manager on any OS that has made it this easy.

I've also developed about a half dozen snaps, some of them were open source
contributions to existing software, others were my closed-source projects and
one was some contract work for a third party who wanted to snap their existing
software for easier distribution. And although there were some pain points, I
found the process and YAML based manifest file to be far better than most
tools.

My only gripe with snaps at this time is that there is no system like PPAs so
if you want to use snaps for your privately distributed app then you need to
do it through Canonical and more advanced control features will cost you
extra.

~~~
lame-robot-hoax
I like the idea of Snap, but Flatpak seems to be a much better implementation.

~~~
simosx
snapd does much more.

~~~
type0
yeah and it does all of it behind your back without asking

------
fxtentacle
The main reason why I use Linux for some of my work is reproducibility. A
docker image with the same apt packages installed in it will work the same
every time.

Snap breaks this. A snap package can update itself whenever it wants and then
you the user are just screwed when things don't work together anymore. So in
effect, snap breaks the main benefit of Linux for deployment and the reason
why I use Linux in the first place.

Every since they started with ads and affiliate links, I've been sceptical of
Ubuntu. But Ubuntu 18 is still used as the base image for many docker
deployments. I predict that this will change with Ubuntu 20, exactly because
the snaps have made Ubuntu 20 unusable for reliable docker deployments.

I'm glad that mint is stepping in to provide a viable alternative.

~~~
simosx
There are keys to control when these snap updates will happen,
[https://snapcraft.io/docs/keeping-snaps-up-to-
date](https://snapcraft.io/docs/keeping-snaps-up-to-date)

It is immutable systems that help you with reproducibility.

There is no actual change between the snapd setup in Ubuntu 18.04 and Ubuntu
20.04. Where do you get info on unreliable docker deployments?

It looks to me that the dislike is emotional in nature.

~~~
L3viathan
Can I stop one snap from updating (for example indefinitely), while letting
the rest update?

~~~
simosx
I could not find a key for that, that is, per-package keys.

A dirty workaround would be to get the `.snap` package from the store, then
install directly from the local file.

    
    
           $ snap download hello-world
           Fetching snap "hello-world"
           Fetching assertions for "hello-world"
           Install the snap with:
              snap ack hello-world_29.assert
              snap install hello-world_29.snap
           $ snap install hello-world_29.snap --dangerous
           hello-world 6.4 installed
           $ hello-world
           Hello World!
           $ 
    

No updates.

------
AdmiralAsshat
It's interesting how many distros built on top of Ubuntu are explicitly
dropping snaps or throwing their support behind flatpaks:

\- Linux Mint

\- ElementaryOS

\- Pop!_OS

Take a hint, Canonical. You guys made some great strides towards being less
silo'd by dropping Unity and Mir in favor of vanilla GNOME + Wayland, but
you're still all-in on snaps for some reason. Are the handful of proprietary
software companies that want an easier installer for Linux really worth it?

~~~
simosx
This polemic attitude is really bad for open-source.

Snap packages are good, and such efforts may help get the Linux desktop rise
over the 3%.

Lenovo announced they are fully supporting Ubuntu desktop for two lines of
computers.

~~~
AdmiralAsshat
Okay...so? Lenovo also announced they're going to certify some laptops for
Fedora as well:

[https://fedoramagazine.org/coming-soon-fedora-on-lenovo-
lapt...](https://fedoramagazine.org/coming-soon-fedora-on-lenovo-laptops/)

If you're suggesting that we all need to rally behind everything Canonical
does because Ubuntu has the best shot of propelling Linux into the mainstream,
I would say that's all the _more_ reason to hold them accountable for
decisions that the Linux community finds unpopular. Many don't like snaps.
Don't _force_ snaps on us through duplicitous means like the chromium
installer. Why is that bad for open source?

~~~
simosx
Lenovo, in their announcement, they start by saying that they made the move
because the Linux desktop stands at 2.7%. And they want in, in this 2.7%
market. If the Linux desktop becomes a 5% market, or a 8% market, then it will
open the floodgates to other companies offering support to desktop Linux.

Source: [https://news.lenovo.com/pressroom/press-releases/lenovo-
brin...](https://news.lenovo.com/pressroom/press-releases/lenovo-brings-linux-
certification-to-thinkpad-and-thinkstation-workstation-portfolio-easing-
deployment-for-developers-data-scientists/)

What I see on HN is perpetual bitching and anti-Ubuntu sentiment. As if the
Linux desktop is a zero-sum game. One wins and the rest are gone. In the harsh
reality, if the Linux desktop gets like 5% or more, it will signal other
companies to start supporting.

The chromium issue has been around since October 2019,
[https://snapcraft.io/blog/chromium-in-ubuntu-deb-to-snap-
tra...](https://snapcraft.io/blog/chromium-in-ubuntu-deb-to-snap-transition)
Ubuntu cannot support a deb package because Chromium is huge in their
dependencies and cannot provide timely updates. Therefore, there is only a
snap package. And, what happens if the end-user tries the chromium browser?
The system transparently installs the snap package instead of presenting an
essay to explain the full background.

Is it so difficult to say respectfully, "everyone do your thing to increase
the marketshare of desktop Linux so that it eventually opens the floodgates of
support".

You cannot increase the Linux desktop marketshare by staying within the 2.7%
of the Linux desktop. You just need to attract new Windows users, not steal
Ubuntu users.

~~~
sergeykish
Ubuntu definitely done a lot of good. 6.06 LiveCD and Theme, installation in
Windows partition, these we good.

A lot of people recommended Ubuntu and that I believe is a problem. I got it
wrong too. Ubuntu does a lot of experiments on its users - Pulse Audio, Unity,
now Snaps. Each time a lot of fuss. It means technology is not ready.

It would be fine if rolled in separate distribution Exbuntu (experimental
Ubuntu) and rolled to masses once feature becomes popular, but no. Those who
listened to my recommendation would see bugs and _that_ is zero-sum game.

But we can easily resolve it - recommend no nonsense distros - Linux Mint,
ElementaryOS, Pop!_OS, Debian. And that's already happening on this page.
Ubuntu may even encourage that. Everyone would be happy.

So what is wrong with silent snaps Chromium install? Those who use apt are
sophisticated enough to chose. And "issue has been around", have you red The
Hitchhiker's Guide to the Galaxy? “But the plans were on display…”

> You just need to attract new Windows users, not steal Ubuntu users.

That's gross. Have you red what people say? Those who switched to Linux
because of such moves from Microsoft. I'm fine with Ubuntu destroying itself.
I do not use it. No one steals Ubuntu users, that's Ubuntu who destroy its
userbase.

------
pkaye
> Mint never shipped snapd, Snap's daemon program or any snaps, but moving
> ahead, in Linux Mint 20, "Chromium won't be an empty package which installs
> snapd behind your back. It will be an empty package, which tells you why
> it's empty and tells you where to look to get Chromium yourself." Further,
> APT will forbid snapd from installing.

Can't they just replace the Chromimum package with the one in Debian?

~~~
dathinab
Not sure if they could, but:

Then they would need to review all Ubuntu packages for snap injection and
overlay them. Sure that might be doable automatically but is a bit brittle.

It also means the user wouldn't learn what is going on.

~~~
pkaye
They are already doing a special case for Chromimum to tell the user why its
empty and where to get it. Instead they could provide a working copy based on
the debian deb package.

~~~
dathinab
I understood it so that they are blocking snap generally instead of doing
pretty package special handling.

------
adamzochowski
snap has problems that exist for years.

It will upgrade a running application without telling the user. Then it will
remount all folders in use by the running application in read only mode. As
such, your chromium will start misbehaving, crashing, extensions will start
failing, it won't save cookies or remember tabs after restart. DBeaver won't
be saving your .sql scripts. Snap developers think users are precogs. That
users without any foreshadowing will close application before snap silently
upgrades it behind the scenes.

Also Snap does really weird things as a container. I run multiple VPNs each
within own network namespace. So something as simple as :

as root: ip netns exec myVPN chromium fails with execv failed: Permission
denied

Both of these problems exists for years.

~~~
simosx
Snap support is evolving.

There are keys to configure when, and if, you get updates,
[https://snapcraft.io/docs/keeping-snaps-up-to-
date](https://snapcraft.io/docs/keeping-snaps-up-to-date)

The total Linux desktop installation base is around 2.7%. Without automation,
the Linux desktop does not look like it will attract any significant number of
Windows users.

~~~
jnurmine
Please correct me if I'm wrong, but one cannot hold off updating the snaps
indefinitely. Thus there is no "if".

One gets a maximum of 60 days, that is all. Through a snap proxy it's possible
to hold off longer, but then the proxy needs to talk with the snap store
periodically.

Why people are upset is, I believe, that Canonical forces people to accept any
and all changes to the installed software, without being able to guarantee
perfect backwards compatibility for _all_ upgrades. Obviously, neither
Canonical nor anyone else can make that kind of promise for _all_ software out
there.

Canonical should not force updates on people; let people take care of
backwards compatibility; let users turn the auto-update on and off and allow
users also to freeze package versions (and their system configuration), if the
users so please.

Also, not sure I understand the point about automation. There is automation
already today in Ubuntu through autoupdating .deb packages. It is nothing
inherently new in Snaps.

One problem with measuring Linux desktop installation base is that Linux users
are often the people who turn off telemetry, call-home, employ DNT, run ad
blockers, run third party script blockers, and so on. I wonder how much this
skews the results.

~~~
simosx
Lenovo cited NetMarketShare for the stats on the desktop Linux,
[https://news.lenovo.com/pressroom/press-releases/lenovo-
brin...](https://news.lenovo.com/pressroom/press-releases/lenovo-brings-linux-
certification-to-thinkpad-and-thinkstation-workstation-portfolio-easing-
deployment-for-developers-data-scientists/)

You can "snap download" and "snap install" to bypass any updates.

------
markgavalda
We've only had problems with snap so far, constantly. Kudos to Mint for doing
the right thing for their users.

~~~
CrankyBear
It's actually worked well for me. But, I never want to see a program on my
Linux boxes automatically running root over a network connection for any
reason without my specific say so, never mind just to install Chromium.

------
commoner
Many applications packaged under Snap are still unusable on Fedora and Arch
because Snap has a bug that renders tofu characters (□□□) instead of text:

[https://forum.snapcraft.io/t/snapped-app-not-loading-
fonts-o...](https://forum.snapcraft.io/t/snapped-app-not-loading-fonts-on-
fedora-and-arch/12484)

I'm not sure whether Linux Mint is also affected by this issue, but it's clear
that Canonical doesn't perform quality assurance for Snap on any Linux
distribution other than Ubuntu.

~~~
simosx
The discussion pinpoints the issue in the fontconfig cache files. It is being
worked on. The issue is not "snap packages only show tofu characters" but
rather in some cases snap packages cannot access the system fonts, hence the
squares.

~~~
commoner
This bug has not been addressed for almost a year, which is completely
unacceptable when the Snapcraft homepage advertises that "Snaps work across
Linux on any distribution or version."

[https://snapcraft.io/](https://snapcraft.io/)

------
Finnucane
I've been using Mint now for several years and been satisfied with it. I was
afraid that the Ubuntu's snap mishegas would force me to move elsewhere, but
this is the message I was hoping to hear from the Mint team.

~~~
simosx
The Mint maintainer was really unprofessional in his announcement. It is OK to
feel strongly about something, but using words like `backdoor` is really bad.

With snap packages you get companies like Microsoft to deliver a native
package for Skype, Jetbrain to deliver their whole developer portfolio,
Spotify their music thing, etc. They can do so because they are basing the
work in a common, stable runtime.

~~~
yjftsjthsd-h
> It is OK to feel strongly about something, but using words like `backdoor`
> is really bad.

Okay, but... It _is_ a backdoor. A user trying to install a deb get snap
shoved down their throat.

> They can do so because they are basing the work in a common, stable runtime.

And none of that requires taking control from the user.

------
flatfilefan
Snap for me means Firefox suddenly says “I won’t open a new tab until you
update me and I will drop all tabs on restart”. It also means cached content
and configs in many new obscure places. It doesn’t mean any visible
improvement so far. So hey, kudos Mint and hey, Ubuntu stop that already.

~~~
slim
Firefox does that in debian stable. but it's supposed to restore your tabs
like they were

~~~
adamnew123456
That should only happen if you update from underneath it by doing an upgrade
though, which is entirely at your discretion with apt. The snap equivalent is
obligatory.

That said, the update auto-restore almost always works in my experience. I've
been running the nightly channel for a while (which updates once or twice a
day) and it rarely eats tabs.

------
_emacsomancer_
My number one complaint about Snaps is that they're not portable (despite
being labelled "universal packages for Linux"): they start to work less well
outside of Ubuntu, and they don't work at all unless you're running systemd. I
find this slightly ridiculous given that Flatpaks really do work more
universally - they don't require systemd - and they come out of Red Hat - the
home of systemd.

~~~
simosx
snapd is a service, therefore it requires an init system.

~~~
_emacsomancer_
So? systemd isn't the only daemon-manager.

~~~
simosx
Is the question whether snapd require an init, or whether snapd should be
packaged to work with more init systems?

~~~
_emacsomancer_
The point is that a "universal packages for _Linux_ " system shouldn't have a
hard dependency on systemd in particular. systemd isn't Linux.

------
etaioinshrdlu
Ubuntu 18.04 LTS is currently super popular for servers. Any thoughts on
whether 20.04 is a worthy upgrade for servers, or just a pain? Snaps in
particular sound good for desktops but not servers.

~~~
kyrofa
There are definitely snaps that are useful on servers, like LXD and Nextcloud.

~~~
ccmcarey
Having them auto update and restart _daemon_ services are not good for servers
though.

~~~
kyrofa
I disagree. I like having Nextcloud auto-update, even if it results in a
service restart. I just schedule that for a time of day that isn't very
disruptive. As for LXD, restarting the LXD daemon doesn't effect the
containers (they continue running).

~~~
ccmcarey
It's about having a choice though.

~~~
kyrofa
Oh hey, I get it. That wasn't the point of the parent to which I was
responding, though. I was merely trying to share that snaps are just as useful
for server as for desktop, that's all.

------
Skunkleton
I personally don't packaging apps in a sandbox, its a violation of the basic
idea of writing tools that do one thing well. Still, snap gets lots of flack,
but I don't see the same for flatpak. Is there some advantage to flatpak that
I am missing, or is it just than Ubuntu has pushed snaps too hard?

~~~
kemayo
It sounds like the objection isn't technical -- sandboxed apps are perfectly
fine -- but rather to how Canonical is trying to change package behavior
alongside the transition. Specifically, they're forcing you to use them for
some packages behind the scenes, and restricting what you can do with those
packages as a result:

> "In the Ubuntu 20.04 package base, the Chromium package is indeed empty and
> acting, without your consent, as a backdoor by connecting your computer to
> the Ubuntu Store. Applications in this store cannot be patched, or pinned.
> You can't audit them, hold them, modify them, or even point snap to a
> different store. You've as much empowerment with this as if you were using
> proprietary software, i.e. none. This is in effect similar to a commercial
> proprietary solution, but with two major differences: It runs as root, and
> it installs itself without asking you."

~~~
simosx
The Mint maintainer went out of his way to react in bad faith.

The chromium transition was announced in October 2019,
[https://snapcraft.io/blog/chromium-in-ubuntu-deb-to-snap-
tra...](https://snapcraft.io/blog/chromium-in-ubuntu-deb-to-snap-transition)

Ubuntu was not able to maintain chromium as a deb package, and chromium is not
the default browser in Ubuntu. Therefore, it has been packaged as a snap
package. Since there is no longer an apt package, what should happen when you
"sudo apt install chromium-browser"? The usable decision was to install the
snap package of Chromium instead, [https://snapcraft.io/blog/chromium-in-
ubuntu-deb-to-snap-tra...](https://snapcraft.io/blog/chromium-in-ubuntu-deb-
to-snap-transition)

The snap package of Chromium has been in testing for two years already. The
snap package page is
[https://snapcraft.io/chromium](https://snapcraft.io/chromium) You can view
the installation log, with the list of operating systems that have installed
it.

------
Ctd2xUvMAicg
Pop OS [1] does something similar. Based on Ubuntu, but replaces snap with
flatpak. You can apt-get packages like chromium from their PPA [2].

I'm very pleased with their developer centric approach. They also apply very
nice UI tweaks, a tiling WM and a useful set of gnome extensions. Loving it.

[1] [https://pop.system76.com/](https://pop.system76.com/)

[2]
[https://launchpad.net/~system76/+archive/ubuntu/pop/](https://launchpad.net/~system76/+archive/ubuntu/pop/)

------
bouncycastle
From reading the other comments, people just don't like having security
updates done automatically - they'd like to have more control when they are
performed.

Kind of like in Windows, where your computer suddenly shuts down to apply a
service pack while you were in the middle of an important World of Warcraft
raid that you were planning for weeks.

There's always a trade-off between keeping your system secure and being
available. Most people don't like to trade off availability, and it makes
sense.

~~~
rrmm
I've seen more than one twitch streamer going into a big stream, get screwed
by this. Of course, they _should 've_ known. But we've all made that mistake
during a demo or presentation at some point or another.

Worse yet, when you update ahead of time and drivers or other parts of update
are incompatible. Stable configurations are important to a lot of people.

~~~
bouncycastle
Completely understandable. It would be great to have more control over how and
when the updates are run.

------
charlesdaniels
While I'm not super up on these newfangled app distribution systems, I've had
mostly negative experiences with both Snaps and Flatpaks.

As someone that administrates a small handful of workstations and a server or
two, I just don't get what these tools buy me. It seems that usually
installing an application via one of these methods has negative externalities
(e.g. some things not working out of box, like access to user file, or ability
to play audio), or most often the applications simply don't work at all.

If snaps were able to work properly out of the box, they could be good if they
reduce the work for the packagers. That said, I've burned enough of my time
trying to debug broken snaps that I won't entertain ever using them again.

I guess if it works for someone else's use case though, that's nice. However
it sure seems pretty grubby to install a snap when the user clearly intended
to install an DEB package via aptitude.

I will say, I've had very positive experiences with AppImage. I haven't really
dug into the technical details of how these different approaches work yet,
since I haven't had any reason to, but every AppImage I've wanted to use has
always worked perfectly.

~~~
simosx
The chromium transition from deb to snap has been discussed here (Note:
October 2019)

[https://snapcraft.io/blog/chromium-in-ubuntu-deb-to-snap-
tra...](https://snapcraft.io/blog/chromium-in-ubuntu-deb-to-snap-transition)

Ubuntu could not maintain a deb package, and keep it up to date. Therefore,
there is only a snap package. When you try to install with `apt`, you get
chromium installed transparently instead of getting a message that describes
what I already explained. The breakage would be bad if there was nothing
installed when you did a "sudo snap install chromium-browser".

AppImages are monolithic images, with no or minimal protection of your
computer. I think they are the equivalent of the Windows packages in the 90s
and 00s, that were distributed with CDs with little idea where they came from.

------
8bitsrule
Users who like both can use both (Mint and Ubuntu any flavor). If you don't
want to use Snaps in Ubuntu, you can just uninstall snapd (first thing I did).
EOL.

Mint had already pretty-much committed to flatpak years ago, so this came as
no surprise. Clem's said there'll be a way to install Chromium. Tempest in a
dongle.

------
parvenu74
I noticed that Mint is working on LMDE which uses Debian as its base directly
without using Ubuntu; I wonder if this is one of the reasons motivating that
project and what the other reasons are.

------
hbogert
> It's more empowering developers to get their packages into users' hands very
> fast. They don't need to worry about the distribution."

And this is why it's a double edged sword. I like packages to be validated by
maintainers. I don't want a new Telegram app update every day. Just now it
broke and I have to wait until the developer pushes the new build to the snap
repo.

It's like it's suddenly okay that everything needs to be rolling release.If I
want that, I'll use arch.

------
tkuraku
I have found flatpaks to be much better (they are much faster to startup),
except that flatpak doesn't have an unconfined or "classic" mode like snaps.
THis is especially annoying if you wanted to install vscode to access the
system compiler, python, etc.

~~~
akvadrako
I am planning to develop a solution to this VSCode issue soon - there are
basically two ways to make it work:

1\. Using platform or app flatpak extensions, one can plugin compilers and
runtimes so they are available inside the sandbox.

2\. One can add shims that launch programs outside the sandbox using _flatpak-
spawn --host_.

------
heavenlyblue
On that matter: did the snaps finally fix the situation where you had some of
your mounts in non-standard places and you could not open files from there due
to security settings?

------
canada_dry
Tip: if you're wondering what SNAP apps are already installed in your system:

    
    
      ls -l /var/lib/snapd/snaps

~~~
simosx
You can also

    
    
        snap list
    

or have a look into `/snap/`.

The directory `/var/lib/snapd/snaps/` shows the cached .snap packages,
including the recent versions in case you want to revert to a previous
version.

------
Ice_cream_suit
Manjaro with Xmonad is a nice desktop.

------
bad_user
While I understand the concerns over Snap, you can't blame Canonical for
trying, because lets be honest, rpm/deb packages are a mess.

I see in the comments a complaint that you don't want the developers upgrading
their apps whenever they want ... really? Because that's my number one
complaint for debs/rpms too. You can't install specific versions, you can't
install multiple versions side by side and installing a newer version of one
package can break your system due to its dependencies. Snaps can't possibly be
worse than this and they aren't.

And on the server-side I understand wanting to review each updated package,
but on your laptop, how often does one do that anyway?

For the general population automatic upgrades are a net win. The same moaning
happened when Firefox switched, following Chrome, to automatic updates and
fast releases and people now love that, including me. You trusted the app
developers as soon as you installed that app on your computer with full
privileges. And most apps don't have reproducible builds, even if the app is
open source, trusting the binary you're installing is also a leap of faith.
Unless the OS can sandbox that app, installing any app is about trust in a
brand and faith. And debs aren't sandboxed.

When I switched to MacOS, 6 years ago, I missed Ubuntu's repository, I hated
Homebrew, I hated installing apps by copying them from volumes mounted from
.dmg files. But not anymore. I rarely have issues now. Experience could be
improved of course, I sometimes want versioning, I want reproducible
environments, which is why I'm experimenting with Nix (see
[https://nixos.org/](https://nixos.org/)). The first thing I did on a fresh
Ubuntu 18.04 LTS box, couple of months back? I searched for "Firefox Developer
Edition" and failed to find a PPA for it or a beta channel that seems to be up
to date.

Speaking of which, people complain about Snap being insecure, however I've
never seen an Ubuntu/Debian workstation that doesn't make use of insecure
PPAs.

Also packaging apps via DEB files is hard. I tried building DEBs for my
server-side apps, but unless the process is automated via tools that are not
language/platform agnostic, I found it hard, with documentation severely
lacking.

\---

This is one big reason for why Docker is now the preferred distribution
mechanism for self-hosted apps on Linux servers. It's very easy to create a
Dockerfile and the result won't infect your system with crap.

I have yet to try out Snaps, maybe some of the critiques are warranted, but it
can't possibly be worse than the status quo. The only problem, a major one, is
that yet again we've got no agreement between vendors. But that's sadly the
Linux ecosystem, a genuine Tower of Babel.

~~~
progval
> You trusted the app developers as soon as you installed that app on your
> computer with full privileges.

No, I don't.

First, most apps' code won't run as root. Only install scripts, written my
distribution's maintainers, run as root (except for core applications, of
course).

And secondly, I trust app developers to write their app properly (to a certain
extent), but not to write install scripts that won't mess with my system,
because it's outside their domain of expertise.

~~~
takluyver
On a personal computer, you are giving a whole lot of trust to anything you
run un-sandboxed as your normal user - it will likely have access to your most
interesting files, browser cookies, maybe saved passwords. XKCD covered it
years back: [https://xkcd.com/1200/](https://xkcd.com/1200/)

This brings up another drawback of deb/rpm packaging, though: you _need_ root
access to install anything. I'm not sure about Snap, but Flatpaks can be
installed and used by an individual user.

~~~
simosx
If you first run

    
    
          snap login
    

then you can install snaps without "sudo". I suppose it is the same process
with flatpaks.

~~~
takluyver
Good to know. Flatpak doesn't have a separate step, but there's a --user
option for the install command.

------
apotatopot
down w/ canonical

------
mrtweetyhack
Thank you Mint

------
rbanffy
Snaps are a poor solution for the problem apt already solved years ago.

~~~
simosx
"apt" packages are handmade. And they depend on hand-made dependencies. It
becomes increasingly difficult to maintain packages like chromium, because
they have too many dependencies, that have to be packaged individually.

The "universe" repository has tens of thousands of packages. Do you know that
a majority of them are not maintained because it is too much effort and not
many helping hands?

~~~
rbanffy
So we have an automation problem. Building packages is needlessly inconvenient
and the few hands we have are overwhelmed by the number of packages that need
maintaining.

And we "solve" it by allowing the inclusion of different, incompatible,
versions of packages into even bigger packages. Sorry, but that's not a
solution. It's the technical debt equivalent to payday lenders.

