←back to thread

The Future of Flatpak

(lwn.net)
306 points dxs | 6 comments | 22 May 25 23:51 UTC | HN request time: 0.201s | source | bottom
Show context
enriquto ◴[23 May 25 08:00 UTC] No.44070852[source]
Never understood the point of flatpak, snap and the like. Can't you just distribute static binaries? They are not that hard to compile.

(I mean, from the distributing point of view. The sandboxing and resource management is a OS-thing that should be an orthogonal issue. Users must be able to sandbox programs that they don't trust, regardless to how they are packaged and distributed.)

replies(4): >>44070906 #>>44070908 #>>44070918 #>>44071467 #
1. nolist_policy ◴[23 May 25 10:08 UTC] No.44071467[source]
> Can't you just distribute static binaries? They are not that hard to compile.

You absolutely can't, since you need to link to the system libGL.so and friends for gpu acceleration, libva.so for video acceleration, and so on.

replies(1): >>44072535 #
2. fc417fc802 ◴[23 May 25 13:08 UTC] No.44072535[source]
To be fair isn't flatpak encapsulating the user space portion of mesa, similar to any other chroot? In which case the apples-to-apples comparison would be shipping your own mesa alongside your app.

Which now has me wondering, is the common wisdom wrong? Could I actually statically link opengl if I went to enough trouble?

replies(1): >>44074198 #
3. akvadrako ◴[23 May 25 16:23 UTC] No.44074198[source]
You need the exact right version that matches your actual graphics driver. So flatpak takes care of installing the matching drivers inside the sandbox.
replies(2): >>44074277 #>>44076011 #
4. enriquto ◴[23 May 25 16:32 UTC] No.44074277{3}[source]
this is horrifying, and contrary to the very notion of what a "driver" should be
replies(1): >>44076114 #
5. fc417fc802 ◴[23 May 25 19:49 UTC] No.44076011{3}[source]
Do you? I've often seen this repeated but at some point I tried a cutting edge chroot on an extremely (ie multiple years) out of date device and opengl seemed to work. It surprised me but then I don't know much about how mesa works under the hood.
6. fc417fc802 ◴[23 May 25 20:00 UTC] No.44076114{4}[source]
To be fair the graphics APIs are provided as libraries with as much as possible done in userspace. Sandboxing that without any coupling at all would likely require either new kernel APIs or highly questionable virtual memory shenanigans.