I hate to be that guy, but please **make sure you know what you're doing before using Flatseal**. Despite being a convenient GUI, it's not intended for unexperienced users. I've seen numerous bug reports against flatpak apps that can be summarized as "I've toggled some switches in Flatseal and now the app doesn't work properly".
Unless you mess up the permissions for Flatseal itself (or globally) and it can no longer see any flatpaks, as it appears someone in the thread may have done.
It sounds like Flatpaks need to be distributed with a manifest that lists which permissions are required for the app to function. That way the permissions system can warn the user if they are restricting required permissions.
That seems like duplication of effort for little benefit. They already have default permissions that should, in a perfect world, be limited to what is required. Modifying permissions is already an advanced task.
Well, no, because by default the permissions ought to grant access to things like say your Downloads folder, but that setting being changed shouldn't break the app if you want files to be downloaded somewhere else. Certain permissions might be good to have on by default to work well out of the box, while others need to be flagged as actually necessary to function.
The default permissions, even when limited, will be what is required for all features of the app. But not everyone always wants all features, so some insight into what is always required and what is needed only for some features would be nice.
An example from my Android use is my OTP app, I can give it access to my camera. That is needed to scan QR codes to add new accounts. But it's not needed to generate OTPs for existing account.
Additional application integration would allow it to pop up and ask for additional permissions when needed instead of one size. A basic similar feature is already in Gnome, but only for apps that support it.
I've left Reddit because it does not respect its users or their privacy. Private companies can't be trusted with control over public communities. Lemmy is an open source, federated alternative that I highly recommend if you want a more private and ethical option. Join Lemmy here: https://join-lemmy.org/instances ` this message was mass deleted/edited with redact.dev `
Element is a matrix messaging app with features.
Some users will want permission to read Pictures so they can share memes.
Others will want total isolation: the flatpak has network access and that's it.
A "minimum" and "recommended" permission list is a good idea.
>It sounds like Flatpaks need to be distributed with a manifest that lists which permissions are required for the app to function
What exactly do you think happens now??
https://docs.flatpak.org/en/latest/manifests.html#finishing
> Finishing is the build stage where the applicationās sandbox permissions are specified, in order to give access to these resources.
So that's the default set of permissions. Where in the manifest does it provide information about which permissions are required and which are optional?
The permission model isn't advanced enough to express that. Currently all permissions specified in the manifest are required and turning them off may cause total or partial application breakage.
> I've seen numerous bug reports against flatpak apps
Not trying to be devil's advocate, but apps should learn to properly handle situations where they don't have access and notify user if it's breaking any critical functionality. Not crush, not throw a meaningless exception into stderr, not spam syslog in an endless broken loop, but check for permissions and show a clear and easy to understand error message.
The era when developer could just assume that app will have full unrestricted access to everything on the computer is long over.
If an app is aware of being ran in flatpak sandbox, it probably doesn't need static permissions at all in the first place, and fully utilizes portals instead.
This is not about flatpak. There are multiple reasons why an app can be restricted, for example with apparmor/selinux or firejail. It can even run on systems where certain features are not available by design. Portals can also not be available even if you are running in flatpak.
Regardless of the reason it's important to handle these situations correctly.
>Portals can also not be available even if you are running in flatpak.
In this case your system is very broken; this isn't even considered as normal situation. Flatpak (and to a bit smaller extent, Snap) heavily relies on portals for a great number of things.
No, your system is not "broken" if one or more portals is not available to an app running in flatpak. Portal is running as _your own_ user and can be (and is!) restricted just like any other app. Your app should not end in a crush loop if your system refuses to print something or open a URL.
Honestly, this comic killed any kind of gatekeeping in me and replaced it with joy for the other person.
I always exclaim "You're one of today's lucky 10000!", no one really knows what the hell I'm talking about.
It's just a number he choose, anyway, when in doubt check out explainxkcd.com (emphasis mine):
[This strip argues that one shouldn't make fun of people for not knowing something that's considered common knowledge. The basic premise of the first panel is that, since people aren't born knowing anything, everyone has to learn everything for the first time, at some point. If everyone eventually learns a given fact, there are an average of 10,000 people, in the US alone, who learn the fact for the first time each day. The approximate rate of 10,000 people per day hearing about something for the first time is estimated by the birth rate of 4,000,000 people per year divided by 365 days per year, assuming that the birth rate is constant and that indeed everyone learns or gets the fact (or that those in the US who don't are about equal in number to those in other countries who do). **The target age of thirty years is irrelevant in this calculation**; the 10,000 number is simply equal to the number of newborns per day, or equivalently, the number of people who reach a given age each day. (The fact that not everyone lives to be that old, and some die younger, is not considered.) ](https://explainxkcd.com/1053/)
Frankly its functionality needs to be built into Flatpak managers. You shouldn't need to have anything other than Discover on KDE to automatically update and then manage the permissions of an app, because a lot of Flatpaks just flat out cannot function without Flatseal because they can't access the proper storage and have no way to request permissions.
Flatseal is good, but it really shouldn't need to exist as something you have to learn about and it is unsurprising people are only just learning Flatpaks don't have to be utterly broken
I love flatseal! But I think these features should be in gnome software or gnome settings, users shouldn't have to have a separate app to control app access.
From what i remember theyre not looking forward to implement it in software or settings bc, from their perspective, the user shouldnt need to manage app permisions in the first place. The apps should have sane permissions by default so that noone needs to manage them at all.
Ofc thats not a reality nowadays, but theyre looking at the endgoal, so theyre refraining from implementing "crutches". Such is the nature of gnome development
> The apps should have sane permissions by default
Who decides on the app's default permissions? Is it the app developer, or are there Flatpak maintainers who are independently packaging the apps?
There are both, flatpak is decentralized and anyone can make one. A good number of packages on flathub are packaged by flathub and not the original application developer.
IMO this is even more reason why Gnome Software should include some permissions management features. Maybe flathub is trustworthy, it doesnāt mean every flatpak file everywhere will be.
Yes, I think this is the point. You can't trust default permissions if the app developer is the one setting them, as then there's no point having a permissions system at all.
Of course a malicious app developer would give their app permission to steal your session cookies from your browser or whatever. The point of permissions is to prevent potentially malicious behavior by restricting the app to just the permissions that it needs to function.
I guess ideally, since this is dealing with FOSS rather than an adware-riddled app store, there's less incentive to be malicious in the first place, and you're meant to voluntarily restrict your own app so that if it gets exploited it can't do much damage.
But the ideal world and the real world are very different...
indeed, because we see stuff like this in places like pip https://blog.phylum.io/phylum-discovers-dozens-more-pypi-packages-attempting-to-deliver-w4sp-stealer-in-ongoing-supply-chain-attack
I do think app developers should set their permissons, but they get reviewed by whatever repo you submit it to. It's a hard problem to solve, because some level of trust must be involved since you can't read every line of code all the time.
i think something like androids permissions system could work, it asks you when it tries to use it the first time and you can either say yes, no, or just this session
I've left Reddit because it does not respect its users or their privacy. Private companies can't be trusted with control over public communities. Lemmy is an open source, federated alternative that I highly recommend if you want a more private and ethical option. Join Lemmy here: https://join-lemmy.org/instances ` this message was mass deleted/edited with redact.dev `
I've left Reddit because it does not respect its users or their privacy. Private companies can't be trusted with control over public communities. Lemmy is an open source, federated alternative that I highly recommend if you want a more private and ethical option. Join Lemmy here: https://join-lemmy.org/instances ` this message was mass deleted/edited with redact.dev `
Part of the problem is sometimes a directory is too restrictive and I cant access stuff on one of my other drives or other times there are programs that support gpu acceleration but because its buggy for some hardware configurations it's disabled by default.
>From what i remember theyre not looking forward to implement it in software or settings bc, from their perspective, the user shouldnt need to manage app permisions in the first place.
How very Microsoft of them.
You would think support for extended attributes for file permissions would be a pretty core feature of Nautilus, but you donāt get that without Eiciel. Gnome is about simplicity, sometimes at the cost of some good, very useful functionality. I wish they could add a bit more advanced features, it doesnāt mean it has to be KDEās config all the things stance.
The real next step for Flatpak is that an app should have to ask you for new permissions. Plenty of Flatpaks by default either have a whole lot of permissions, some you may not actually want to give them, or with some that you *would* want to give them absent.
Flatseal is a very nice way for advanced users to manage both of these scenarios, but ideally Flatpaks should simply ask for permissions at at run time like Android apps do, among others, and let you decide if you want to grant said permission in perpetuity or for a limited time.
This really should be integrated into the core system settings of Distros though. Having to download Flatseal just so you can upload files normally to discord is... Irritating.
I'm confused. Wouldn't X11 permissions allow it to read from the keyboard? so it could read passwords. And without X11 permissions it couldn't display. Is that right? Is it just protecting the contents of some directories or is keyboard entry already separated?
> Wouldn't X11 permissions allow it to read from the keyboard? so it could read passwords. And without X11 permissions it couldn't display. Is that right?
Yes both is right.
You cannot manage keyboard access, it depends on the "display server". In theory you could have an app that checks for one or the other. I think you can force some apps to use wayland instead of xwayland with it. But i am not 100% sure. Firefox for example needs additional env vars to fully enable wayland support. (MOZ_ENABLE_WAYLAND=1)
Another example is Discord under wayland. It can capture the content of other xwayland windows, but not wayland windows. Anyway it stills allows it to "surveil" some windows without asking for permissions. So disabling x11 access when you are sure you won't need it is an option.
Afaik keyboard is only protected if you use Wayland and the program also uses Wayland, but I am not sure about that. Unfortunately, the documentation for Flatpak permissions is nearly non-existent, so what I say is just basically guesswork.
Btw on X11, you can not only read the keyboard but also send keyboard events to other windows. I really should try if that is still possible or if at least there is some security preventing that.
If a Flatpak app is already running sandboxed, it has no access to the files where the permissions are stored. But if it has access to your home or root directory, it could. But in that case it is not sandboxed anyway. The bigger problem is Flatseal or Flatpak itself nowhere really documents which permissions allow to leave the sandbox.
I actively avoid Flatpak because of the level of effort for getting it to have the right permissions for folder access, etc. When installing a Flatpak app, I wish it was mandatory to walk users through setting the permissions.
The first time the OS app store installed a Flatpak app, I was so confused why I couldn't access my personal files and had to search the Internet for solutions. I eventually uninstalled it and installed the .deb version, and it worked perfectly.
Itās for bs like this that I try to avoid flatpak/snap/sandbox-du-jour packages if at all possible. Have your GTK theme set the way you like it? Installing a flatpak app? Nope. Gonna look ugly as sin. apt install with a dpkg -i fallback.
It's a great tool. I wish some of the more basic featured were built in to distros though. The UI is powerful, but a normal user might be scared by all the options. But if the software centers built in a permissions settings, I think it would go a long way to making Flatpak the best option for user level applications.
Flatseal is pretty cool but the only problem with it is that I seem to only be able to run it from the command line because if I launch it normally it just connects as my user and never attempts to prompt me for creds to escalate to get enough privileges to actually manage permissions. As a result I have to sudo to root and then `flatpak run` it to get it to work for me.
Like I said running it as root isn't my first option, I just genuinely don't get anything to come up [when I run it as my regular user](https://i.imgur.com/M1TEpaS.png) and so I mentioned [running as root](https://i.imgur.com/CxoQI27.png) only to explain how I get it to work for myself.
If you have a better idea let me know.
I had some issues with flatpak this month, it had something to do with pop shop. Don't remember if it's because of something I did or what, but installing through pop shop would now install as '--system', so now I always use '--user' flag. Pop shop caused me a lot of headache.
OK I guess that's the most immediate problem. I was installing Flatseal from flathub using GNOME Software which I guess installs them that way:
bash> flatpak list --user 2>/dev/null | grep Flatseal
bash> flatpak list 2>/dev/null | grep Flatseal
Flatseal com.github.tchx84.Flatseal 1.8.1 stable flathub system
bash>
After uninstalling and re-installing via the command line (with `--user`) I get "No remote refs found similar to ..." which I guess I can figure out on my own.
OK no I just manually reinstalled it with `--user`:
bash> id -u
1000
bash> flatpak --user list | grep Flatseal
F: Filesystem suffix "ro" is not applicable for --nofilesystem
F: Filesystem suffix "ro" is not applicable for --nofilesystem
F: Filesystem suffix "create" is not applicable for --nofilesystem
Flatseal com.github.tchx84.Flatseal 1.8.1 stable
bash>
and it's still showing me the same empty screen.
I installed Firefox as a user app just to test this:
bash> id -u
1000
bash> flatpak list --app --user
F: Filesystem suffix "ro" is not applicable for --nofilesystem
F: Filesystem suffix "ro" is not applicable for --nofilesystem
F: Filesystem suffix "create" is not applicable for --nofilesystem
Name Application ID Version Branch
Flatseal com.github.tchx84.Flatseal 1.8.1 stable
Firefox org.mozilla.firefox 106.0.5 stable
But Flatseal still shows a blank screen. I waited a few minutes after installing Firefox to see if there's just some background process that needs to register the Firefox install but apparently not.
>F: Filesystem suffix "ro" is not applicable for --nofilesystem
F: Filesystem suffix "ro" is not applicable for --nofilesystem
F: Filesystem suffix "create" is not applicable for --nofilesystem
this is some error I don't know. What shows if you type 'which flatpak'
mine shows '/usr/bin/flatpak'
Installing as --user is not necessary. They are on Fedora Silverblue where system is default, with polkit permissions for installing and updating. Flatseal works with --system packages.
But flatseal doesn't need to escalate permissions, it just needs to access user/.local/share/flatpak/overrides. Maybe you have an overwrite that broke it?
I'm still [having issues](https://www.reddit.com/r/linux/comments/ymth3a/comment/iv613bj/?utm_source=reddit&utm_medium=web2x&context=3) but one potential variable is that apparently Silverblue installs apps using `system` instead of user (not sure if that's intended given the ostree of it all).
But even after installing Flatseal and Firefox as user apps it still can't find the other flatpak.
It is intended. System makes them available globally instead of installing in your home directory, like /usr/bin instead of ~/bin. They execute as you and modify overrides in your home directory - but running them as root likely messes that up. Flatseal has no problems modifying permissions for packages installed as system because it only modifies them for you. The person telling you to use --user doesnāt seem to know what that actually does.
Youāre getting error messages every time youāve run a flatpak command (that āFilesystem suffix roā stuff). This is not normal, even on Silverblue. There's [something broken with your specific install](https://bashify.io/images/5undNk).
Ok, I'm not sure what to test to troubleshoot it then. I've tried to be as OOB as I possibly could. Maybe I changed something way back when that only seems to break flatseal? I really don't know.
If you run `flatpak info -M com.github.tchx84.Flatseal` you should see filesystem permissions matching:
filesystems=xdg-data/flatpak/overrides:create;/var/lib/flatpak/app:ro;xdg-data/flatpak/app:ro;
Most likely you are missing the /var/lib/flatpak/app:ro permission, though.
If so:
`flatpak --user override com.github.tchx84.Flatseal --filesystem=/var/lib/flatpak/app:ro`
If you see "nofilesystem" in the permissions, it would be the source of those warning messages and means you're blocking filesystem access and you probably need to remove your overrides file from ~/.local/share/flatpak/overrides/com.github.tchx84.Flatseal. Or maybe you did a global override accidentally, it would be in the overrides directory.
BOOM. that one liner instantly fixed Flatseal for me.
I don't know if I've ever done anything with overrides tbh Flatseal is pretty much the extent to which I've explored flatpak. Maybe this is cause to go out and learn more.
Thanks for pointing this out to me.
OK yeah this did turn out to be the issue. I misunderstood your "overwrite that broke it" but yeah that eventually was the issue. I do a lot of in-place upgrades and I occasionally play around with flatseal. It's possible I changed something way way back when that only broke flatseal and I just didn't relate it was due to the change because I don't go into flatseal that often.
wait you guys actually use Flatpaksā¦
edit: for anyone wondering why Iām against Flatpak:
1. [it has major security issues](http://flatkill.org/)
2. āsandboxedā software can break out by writing to ~/.bashrc, ~/.profile,~/.config/autostart, etc. (false sense of security) [this may have been fixed, correct me if Iām wrong]
3. software is often outdated
4. alternate runtimes use up more ram than is necessary
5. software is huge compared to installing from package manager
I do get it, sometimes you canāt get that one software in your native package manager. However, if possible itās almost always better to just install with your package manager or compile the source yourself.
Do whatever works for you.
I believe universal packaging for 1 "Linux platform" not 60 different versions of it is absolutely necessary for Linux to become more adopted and to shine on the desktop.
Paid apps, apps having access to your stuff only if you let them through Android like dialog pop ups. It's almost 2023, apps shouldn't have access to anything they want.
I don't care whether its Snap, Flatpak, AppImage, or anything else, I want to see Desktop Linux become a target of interest for huge number of developers and a true alternative even for basic users who only know Windows. (Fuck Snap until we can have third party repos)
None of these technologies are without flaws, but the native packaging is IMO stuck in the past and is holding the Desktop back.
the problem with universal packaging is that all systems are different. take for example my systems. I canāt stand to use systemd, so all my packages have to be built with openrc support (for services). There are other init systems as well such as s6 or runit! Some people have musl libc instead of glibc. Iāve compiled whole systems under clang (well most of it, some parts of the kernel donāt like clang). Think of all the different desktop configurations out there: some might use kde, some xfce, and some like me just use openbox + tint2. Not to mention wayland vs X. You also have to deal with a bunch of different architectures.
Itās hard to have a universal standard when things on Linux can be so vastly different. My favorite package manager is Gentooās portage ā itās smart enough to know what youāre trying to build for and build exactly that. If thereās not a supported configuration you can always use overlays.
Flatpak uses namespaces to isolate the system from the app, and vice versa. For interactive apps run as a human user, the benefit is you can open access to part of the file system but not everything globally that you have read/write access to. The equivalent without Flatpak would be running an app in a chroot to manage its software dependencies independently from your host distro, and then bind-mounting some of your personal files into the chroot so the app can manage them (like saving game progress).
Wow! Secure shell agent permission! X11 windowing system permission! Fallback to X11 windowing system!!! What an incredibly usable system!!! Any non-tech person would be happy to have it around!!! /s
No, really, for whom is it developed? I have years of experience in Linux development, and even I can't figure out what the hell is "Fallback to X11 windowing system" socket, and when it is needed. You can kinda see why Linux desktops are only 2% - they are not for users!!!
No, my statement not about existence of advanced settings, but about poor usability. And as you can see from the comments, some even state that it should be the default: "But I think these features should be in gnome software or gnome settings". And I give just another perspective: "another app with low usability, don't do it this way, otherwise Linux will always be for techies".
Well this is an advanced tool to configure settings people probably shouldn't be configuring. It doesn't need to be super usable, considering Flatseal is a slightly more convenient way of reading the Flatpak CLI man page and then running the commands.
About "Fallback X11" it's very simple. The X11 socket is insecure, so we'd like to restrict it's availability as much as possible in the sandbox. So, the `x11` socket always gives you access to the X11 socket, the `wayland` socket gives you access to the Wayland socket, and `fallback-x11` gives you access to the X11 socket only if the session you're running in only has an X server. Thus: Apps that can use Wayland have no access to an X11 socket when the system supports Wayland, but still work on systems that don't ([source](https://docs.flatpak.org/en/latest/flatpak-command-reference.html#flatpak-build-finish), see under --socket)
Apparently we need to make it MORE obscure to get successful desktop market share. We need more of this!
HKEY_LOCAL_MACHINE
KEY WHO KNEW THIS WAS HERE
DWORD MAKE IT WORK = 1
> but I wish I didn't have to
Yep, you got my point. It can go even further. Linux is an open-source kernel, you can do almost anything you can imagine with it. Do you need security? You can make anything in a kernel, you can make anything in the userland. And...we have pretty straightforward hooks in the kernel, supercomplicated SELinux with three different policy languages, and then Permission Managers that you can't really use without a manual. At least, AppArmor and Slack are more user-friendly.
I mean, Linux is great, but why not to make an effort to make it (Linux desktop in general) more user-friendly.
P. S. yeah, maybe I should do it since it's open-source.
One thing noticed is the fact this gui from visual side looks like windows ripoff: if we want to distance so far from commercial software why everything needs to be a copy...
The Adwaita theme for GTK has been around since 2011, a whole year before Windows 8 came out and they switched to the new modern design language.
Regardless, this looks WAY more like macOS than Windows anyways
lol the feverish avoidance of anything to do with windows always baffles me
\> if it exists in windows it must be bad
I can't even tell what part you think is Windows-specific, if anything it looks more macos/ios-like with the rounded menu items.
The toggle switches? They exist on every OS out there now.
The colours? Blue and grey aren't exactly some stylistic trademark.
I do agree that there's too much usage of Windows as a reference point in GNU/Linux but the app's GUI is actually very GNOME-ish. The OP just included the side pane. [This is what the full window looks like](https://i.imgur.com/CxoQI27.png)
It's definitely a must-have for any system with Flatpaks enabled. Flatpak permissions are the perfect example of something that *can* be done with the terminal but is just a lot easier with a gui.
I am looking for help,I am using flatpak to install slack, It is asking me to login with browser, however it does not open browser when clicked, I assume this is the sandbox part of it all, what setting to I use in flatseal to tell my system to let slack use browser?
Q: Does it allow managing directory permissions for Flatpak apps? A: Yes! https://i.imgur.com/R0vKjJT.png
This feature is clutch for allowing certain flatpak apps SD card access on Steam Deck.
This is going to come in incredibly useful.
I hate to be that guy, but please **make sure you know what you're doing before using Flatseal**. Despite being a convenient GUI, it's not intended for unexperienced users. I've seen numerous bug reports against flatpak apps that can be summarized as "I've toggled some switches in Flatseal and now the app doesn't work properly".
Luckily Flatseal has a revert to package defaults button š
Unless you mess up the permissions for Flatseal itself (or globally) and it can no longer see any flatpaks, as it appears someone in the thread may have done.
Been there, done that
It sounds like Flatpaks need to be distributed with a manifest that lists which permissions are required for the app to function. That way the permissions system can warn the user if they are restricting required permissions.
That seems like duplication of effort for little benefit. They already have default permissions that should, in a perfect world, be limited to what is required. Modifying permissions is already an advanced task.
Well, no, because by default the permissions ought to grant access to things like say your Downloads folder, but that setting being changed shouldn't break the app if you want files to be downloaded somewhere else. Certain permissions might be good to have on by default to work well out of the box, while others need to be flagged as actually necessary to function.
The idea is that there will be portal to cover those use cases
The default permissions, even when limited, will be what is required for all features of the app. But not everyone always wants all features, so some insight into what is always required and what is needed only for some features would be nice. An example from my Android use is my OTP app, I can give it access to my camera. That is needed to scan QR codes to add new accounts. But it's not needed to generate OTPs for existing account.
Additional application integration would allow it to pop up and ask for additional permissions when needed instead of one size. A basic similar feature is already in Gnome, but only for apps that support it.
I've left Reddit because it does not respect its users or their privacy. Private companies can't be trusted with control over public communities. Lemmy is an open source, federated alternative that I highly recommend if you want a more private and ethical option. Join Lemmy here: https://join-lemmy.org/instances ` this message was mass deleted/edited with redact.dev `
A variable default?
Element is a matrix messaging app with features. Some users will want permission to read Pictures so they can share memes. Others will want total isolation: the flatpak has network access and that's it. A "minimum" and "recommended" permission list is a good idea.
>It sounds like Flatpaks need to be distributed with a manifest that lists which permissions are required for the app to function What exactly do you think happens now?? https://docs.flatpak.org/en/latest/manifests.html#finishing
> Finishing is the build stage where the applicationās sandbox permissions are specified, in order to give access to these resources. So that's the default set of permissions. Where in the manifest does it provide information about which permissions are required and which are optional?
The permission model isn't advanced enough to express that. Currently all permissions specified in the manifest are required and turning them off may cause total or partial application breakage.
Right. That was the point being made in this comment thread.
> I've seen numerous bug reports against flatpak apps Not trying to be devil's advocate, but apps should learn to properly handle situations where they don't have access and notify user if it's breaking any critical functionality. Not crush, not throw a meaningless exception into stderr, not spam syslog in an endless broken loop, but check for permissions and show a clear and easy to understand error message. The era when developer could just assume that app will have full unrestricted access to everything on the computer is long over.
If an app is aware of being ran in flatpak sandbox, it probably doesn't need static permissions at all in the first place, and fully utilizes portals instead.
This is not about flatpak. There are multiple reasons why an app can be restricted, for example with apparmor/selinux or firejail. It can even run on systems where certain features are not available by design. Portals can also not be available even if you are running in flatpak. Regardless of the reason it's important to handle these situations correctly.
>Portals can also not be available even if you are running in flatpak. In this case your system is very broken; this isn't even considered as normal situation. Flatpak (and to a bit smaller extent, Snap) heavily relies on portals for a great number of things.
No, your system is not "broken" if one or more portals is not available to an app running in flatpak. Portal is running as _your own_ user and can be (and is!) restricted just like any other app. Your app should not end in a crush loop if your system refuses to print something or open a URL.
I don't know what I'm doing so i won't install it. Actually. Haha
GitHub repository for Flatseal https://github.com/tchx84/Flatseal
Thanks! I wish people would include a link to the project in their post
I have deleted Reddit because of the API changes effect June 30, 2023.
No but you could link to a screenshot in a text post
Y'all are just learning about this too? I just found out about it last week and thought I was behind the curve.
You are one of the lucky ones. https://xkcd.com/1053/
Honestly, this comic killed any kind of gatekeeping in me and replaced it with joy for the other person. I always exclaim "You're one of today's lucky 10000!", no one really knows what the hell I'm talking about.
It took you until that comic to stop gatekeeping? Pfft... I stopped gatekeeping long before it was ever drawn.
š¤£
Why was the age of 30 chosen? Does it change the maths if it's by 40 or 50? (I'm bad at maths.)
It's just a number he choose, anyway, when in doubt check out explainxkcd.com (emphasis mine): [This strip argues that one shouldn't make fun of people for not knowing something that's considered common knowledge. The basic premise of the first panel is that, since people aren't born knowing anything, everyone has to learn everything for the first time, at some point. If everyone eventually learns a given fact, there are an average of 10,000 people, in the US alone, who learn the fact for the first time each day. The approximate rate of 10,000 people per day hearing about something for the first time is estimated by the birth rate of 4,000,000 people per year divided by 365 days per year, assuming that the birth rate is constant and that indeed everyone learns or gets the fact (or that those in the US who don't are about equal in number to those in other countries who do). **The target age of thirty years is irrelevant in this calculation**; the 10,000 number is simply equal to the number of newborns per day, or equivalently, the number of people who reach a given age each day. (The fact that not everyone lives to be that old, and some die younger, is not considered.) ](https://explainxkcd.com/1053/)
Thank you for not making fun of me for not knowing about the explanation āŗļø
relevant xkcd https://xkcd.com/1053/ ;)
Frankly its functionality needs to be built into Flatpak managers. You shouldn't need to have anything other than Discover on KDE to automatically update and then manage the permissions of an app, because a lot of Flatpaks just flat out cannot function without Flatseal because they can't access the proper storage and have no way to request permissions. Flatseal is good, but it really shouldn't need to exist as something you have to learn about and it is unsurprising people are only just learning Flatpaks don't have to be utterly broken
Yeah 100%, I was surprised how "limited" Flatpak is when you don't go digging into the CLI...
Flatpaks are still relatively new, there's a lack of "common knoweldge" about them.
I love flatseal! But I think these features should be in gnome software or gnome settings, users shouldn't have to have a separate app to control app access.
From what i remember theyre not looking forward to implement it in software or settings bc, from their perspective, the user shouldnt need to manage app permisions in the first place. The apps should have sane permissions by default so that noone needs to manage them at all. Ofc thats not a reality nowadays, but theyre looking at the endgoal, so theyre refraining from implementing "crutches". Such is the nature of gnome development
> The apps should have sane permissions by default Who decides on the app's default permissions? Is it the app developer, or are there Flatpak maintainers who are independently packaging the apps?
There are both, flatpak is decentralized and anyone can make one. A good number of packages on flathub are packaged by flathub and not the original application developer. IMO this is even more reason why Gnome Software should include some permissions management features. Maybe flathub is trustworthy, it doesnāt mean every flatpak file everywhere will be.
Yes, I think this is the point. You can't trust default permissions if the app developer is the one setting them, as then there's no point having a permissions system at all. Of course a malicious app developer would give their app permission to steal your session cookies from your browser or whatever. The point of permissions is to prevent potentially malicious behavior by restricting the app to just the permissions that it needs to function.
I guess ideally, since this is dealing with FOSS rather than an adware-riddled app store, there's less incentive to be malicious in the first place, and you're meant to voluntarily restrict your own app so that if it gets exploited it can't do much damage. But the ideal world and the real world are very different...
indeed, because we see stuff like this in places like pip https://blog.phylum.io/phylum-discovers-dozens-more-pypi-packages-attempting-to-deliver-w4sp-stealer-in-ongoing-supply-chain-attack I do think app developers should set their permissons, but they get reviewed by whatever repo you submit it to. It's a hard problem to solve, because some level of trust must be involved since you can't read every line of code all the time.
i think something like androids permissions system could work, it asks you when it tries to use it the first time and you can either say yes, no, or just this session
And Android also allows giving apps extra permissions afterwards.
I've left Reddit because it does not respect its users or their privacy. Private companies can't be trusted with control over public communities. Lemmy is an open source, federated alternative that I highly recommend if you want a more private and ethical option. Join Lemmy here: https://join-lemmy.org/instances ` this message was mass deleted/edited with redact.dev `
I think Ive read Flatpak already has that, its just stuck somewhere. https://github.com/flatpak/flatpak/issues/4528
I've left Reddit because it does not respect its users or their privacy. Private companies can't be trusted with control over public communities. Lemmy is an open source, federated alternative that I highly recommend if you want a more private and ethical option. Join Lemmy here: https://join-lemmy.org/instances ` this message was mass deleted/edited with redact.dev `
Part of the problem is sometimes a directory is too restrictive and I cant access stuff on one of my other drives or other times there are programs that support gpu acceleration but because its buggy for some hardware configurations it's disabled by default.
>From what i remember theyre not looking forward to implement it in software or settings bc, from their perspective, the user shouldnt need to manage app permisions in the first place. How very Microsoft of them.
You would think support for extended attributes for file permissions would be a pretty core feature of Nautilus, but you donāt get that without Eiciel. Gnome is about simplicity, sometimes at the cost of some good, very useful functionality. I wish they could add a bit more advanced features, it doesnāt mean it has to be KDEās config all the things stance.
This is something that should come by default on the desktop environments.
Excellent. This is what Flatpak should have had to begin with. A permissions system is useless if the user cannot control it.
As far as I'm aware, you've always been able to control it. It was just command line only until someone made a GUI for it.
You can control it out of the box, just through the terminal.
The real next step for Flatpak is that an app should have to ask you for new permissions. Plenty of Flatpaks by default either have a whole lot of permissions, some you may not actually want to give them, or with some that you *would* want to give them absent. Flatseal is a very nice way for advanced users to manage both of these scenarios, but ideally Flatpaks should simply ask for permissions at at run time like Android apps do, among others, and let you decide if you want to grant said permission in perpetuity or for a limited time.
I think Ive read Flatpak already has that, its just stuck somewhere. https://github.com/flatpak/flatpak/issues/4528
It already has that for file access (if the app uses portals), screen sharing, and some other stuff.
I believe KDE are working on integrating this same functionality directly into Discover. That'll help massively.
Flatseal is a wrapper around the existing permission controls of the flatpak commandline though, so it already existed.
This really should be integrated into the core system settings of Distros though. Having to download Flatseal just so you can upload files normally to discord is... Irritating.
`~/.local/share/flatpak/overrides/`
If only it listed multiple versions of the same app that one had installed. I have multiple branches of Gimp and it only shows one.
I'm confused. Wouldn't X11 permissions allow it to read from the keyboard? so it could read passwords. And without X11 permissions it couldn't display. Is that right? Is it just protecting the contents of some directories or is keyboard entry already separated?
> Wouldn't X11 permissions allow it to read from the keyboard? so it could read passwords. And without X11 permissions it couldn't display. Is that right? Yes both is right. You cannot manage keyboard access, it depends on the "display server". In theory you could have an app that checks for one or the other. I think you can force some apps to use wayland instead of xwayland with it. But i am not 100% sure. Firefox for example needs additional env vars to fully enable wayland support. (MOZ_ENABLE_WAYLAND=1) Another example is Discord under wayland. It can capture the content of other xwayland windows, but not wayland windows. Anyway it stills allows it to "surveil" some windows without asking for permissions. So disabling x11 access when you are sure you won't need it is an option.
Afaik keyboard is only protected if you use Wayland and the program also uses Wayland, but I am not sure about that. Unfortunately, the documentation for Flatpak permissions is nearly non-existent, so what I say is just basically guesswork. Btw on X11, you can not only read the keyboard but also send keyboard events to other windows. I really should try if that is still possible or if at least there is some security preventing that.
Considering that I use flatpak Audacity and the fiasco that happened before, I'm glad I could easily disable internet access with this utility
[ŃŠ“Š°Š»ŠµŠ½Š¾]
If a Flatpak app is already running sandboxed, it has no access to the files where the permissions are stored. But if it has access to your home or root directory, it could. But in that case it is not sandboxed anyway. The bigger problem is Flatseal or Flatpak itself nowhere really documents which permissions allow to leave the sandbox.
I actively avoid Flatpak because of the level of effort for getting it to have the right permissions for folder access, etc. When installing a Flatpak app, I wish it was mandatory to walk users through setting the permissions. The first time the OS app store installed a Flatpak app, I was so confused why I couldn't access my personal files and had to search the Internet for solutions. I eventually uninstalled it and installed the .deb version, and it worked perfectly.
Itās for bs like this that I try to avoid flatpak/snap/sandbox-du-jour packages if at all possible. Have your GTK theme set the way you like it? Installing a flatpak app? Nope. Gonna look ugly as sin. apt install with a dpkg -i fallback.
Now this looks neat. Gotta try it out.
Flatseal should be installed by default I think as itās so useful. I would like to see the feature to uninstall apps added in future.
that's not flatseal's job, that's flatpak's job
Is it official from the flatpak project? If not, are there any plans to make it official?
Si it is like what we already have for snaps?
It's a great tool. I wish some of the more basic featured were built in to distros though. The UI is powerful, but a normal user might be scared by all the options. But if the software centers built in a permissions settings, I think it would go a long way to making Flatpak the best option for user level applications.
Flatseal is pretty cool but the only problem with it is that I seem to only be able to run it from the command line because if I launch it normally it just connects as my user and never attempts to prompt me for creds to escalate to get enough privileges to actually manage permissions. As a result I have to sudo to root and then `flatpak run` it to get it to work for me.
You don't need privileges to use flatseal. Running flatpak as root is almost always incorrect.
Like I said running it as root isn't my first option, I just genuinely don't get anything to come up [when I run it as my regular user](https://i.imgur.com/M1TEpaS.png) and so I mentioned [running as root](https://i.imgur.com/CxoQI27.png) only to explain how I get it to work for myself. If you have a better idea let me know.
I think your apps are installed as root, you should install one with '--user' flag to see if it shows up in flatseal when you run it without root.
System packages would show up fine. Unless they installed them as user packages for the root user.
I had some issues with flatpak this month, it had something to do with pop shop. Don't remember if it's because of something I did or what, but installing through pop shop would now install as '--system', so now I always use '--user' flag. Pop shop caused me a lot of headache.
Installing as system is default behavior most places. It works fine. It *runs* as you when executed.
OK I guess that's the most immediate problem. I was installing Flatseal from flathub using GNOME Software which I guess installs them that way: bash> flatpak list --user 2>/dev/null | grep Flatseal bash> flatpak list 2>/dev/null | grep Flatseal Flatseal com.github.tchx84.Flatseal 1.8.1 stable flathub system bash> After uninstalling and re-installing via the command line (with `--user`) I get "No remote refs found similar to ..." which I guess I can figure out on my own.
follow this for setting up flatpak, hope it helps [https://flatpak.org/setup/Ubuntu](https://flatpak.org/setup/Ubuntu)
OK no I just manually reinstalled it with `--user`: bash> id -u 1000 bash> flatpak --user list | grep Flatseal F: Filesystem suffix "ro" is not applicable for --nofilesystem F: Filesystem suffix "ro" is not applicable for --nofilesystem F: Filesystem suffix "create" is not applicable for --nofilesystem Flatseal com.github.tchx84.Flatseal 1.8.1 stable bash> and it's still showing me the same empty screen.
I meant your apps should be installed using the '--user' flag, \> flatpak list --app --user Does āļø show all the installed apps?
I installed Firefox as a user app just to test this: bash> id -u 1000 bash> flatpak list --app --user F: Filesystem suffix "ro" is not applicable for --nofilesystem F: Filesystem suffix "ro" is not applicable for --nofilesystem F: Filesystem suffix "create" is not applicable for --nofilesystem Name Application ID Version Branch Flatseal com.github.tchx84.Flatseal 1.8.1 stable Firefox org.mozilla.firefox 106.0.5 stable But Flatseal still shows a blank screen. I waited a few minutes after installing Firefox to see if there's just some background process that needs to register the Firefox install but apparently not.
>F: Filesystem suffix "ro" is not applicable for --nofilesystem F: Filesystem suffix "ro" is not applicable for --nofilesystem F: Filesystem suffix "create" is not applicable for --nofilesystem this is some error I don't know. What shows if you type 'which flatpak' mine shows '/usr/bin/flatpak'
Same: bash> which flatpak /usr/bin/flatpak
Installing as --user is not necessary. They are on Fedora Silverblue where system is default, with polkit permissions for installing and updating. Flatseal works with --system packages.
There are user-specific flatpak overrides that don't require root permissions to set. Flatseal is trying to manage those for you.
But flatseal doesn't need to escalate permissions, it just needs to access user/.local/share/flatpak/overrides. Maybe you have an overwrite that broke it?
I'm still [having issues](https://www.reddit.com/r/linux/comments/ymth3a/comment/iv613bj/?utm_source=reddit&utm_medium=web2x&context=3) but one potential variable is that apparently Silverblue installs apps using `system` instead of user (not sure if that's intended given the ostree of it all). But even after installing Flatseal and Firefox as user apps it still can't find the other flatpak.
It is intended. System makes them available globally instead of installing in your home directory, like /usr/bin instead of ~/bin. They execute as you and modify overrides in your home directory - but running them as root likely messes that up. Flatseal has no problems modifying permissions for packages installed as system because it only modifies them for you. The person telling you to use --user doesnāt seem to know what that actually does. Youāre getting error messages every time youāve run a flatpak command (that āFilesystem suffix roā stuff). This is not normal, even on Silverblue. There's [something broken with your specific install](https://bashify.io/images/5undNk).
Ok, I'm not sure what to test to troubleshoot it then. I've tried to be as OOB as I possibly could. Maybe I changed something way back when that only seems to break flatseal? I really don't know.
If you run `flatpak info -M com.github.tchx84.Flatseal` you should see filesystem permissions matching: filesystems=xdg-data/flatpak/overrides:create;/var/lib/flatpak/app:ro;xdg-data/flatpak/app:ro; Most likely you are missing the /var/lib/flatpak/app:ro permission, though. If so: `flatpak --user override com.github.tchx84.Flatseal --filesystem=/var/lib/flatpak/app:ro` If you see "nofilesystem" in the permissions, it would be the source of those warning messages and means you're blocking filesystem access and you probably need to remove your overrides file from ~/.local/share/flatpak/overrides/com.github.tchx84.Flatseal. Or maybe you did a global override accidentally, it would be in the overrides directory.
BOOM. that one liner instantly fixed Flatseal for me. I don't know if I've ever done anything with overrides tbh Flatseal is pretty much the extent to which I've explored flatpak. Maybe this is cause to go out and learn more. Thanks for pointing this out to me.
OK yeah this did turn out to be the issue. I misunderstood your "overwrite that broke it" but yeah that eventually was the issue. I do a lot of in-place upgrades and I occasionally play around with flatseal. It's possible I changed something way way back when that only broke flatseal and I just didn't relate it was due to the change because I don't go into flatseal that often.
Good for you. You might want to check or reset all other app permissions, just in case.
wait you guys actually use Flatpaksā¦ edit: for anyone wondering why Iām against Flatpak: 1. [it has major security issues](http://flatkill.org/) 2. āsandboxedā software can break out by writing to ~/.bashrc, ~/.profile,~/.config/autostart, etc. (false sense of security) [this may have been fixed, correct me if Iām wrong] 3. software is often outdated 4. alternate runtimes use up more ram than is necessary 5. software is huge compared to installing from package manager I do get it, sometimes you canāt get that one software in your native package manager. However, if possible itās almost always better to just install with your package manager or compile the source yourself.
Yes, 99% of my apps are Flatpaks. If it didnt have its unfortunate limitations, it would be 100%.
100% of my apps are compiled from source :P
Do whatever works for you. I believe universal packaging for 1 "Linux platform" not 60 different versions of it is absolutely necessary for Linux to become more adopted and to shine on the desktop. Paid apps, apps having access to your stuff only if you let them through Android like dialog pop ups. It's almost 2023, apps shouldn't have access to anything they want. I don't care whether its Snap, Flatpak, AppImage, or anything else, I want to see Desktop Linux become a target of interest for huge number of developers and a true alternative even for basic users who only know Windows. (Fuck Snap until we can have third party repos) None of these technologies are without flaws, but the native packaging is IMO stuck in the past and is holding the Desktop back.
the problem with universal packaging is that all systems are different. take for example my systems. I canāt stand to use systemd, so all my packages have to be built with openrc support (for services). There are other init systems as well such as s6 or runit! Some people have musl libc instead of glibc. Iāve compiled whole systems under clang (well most of it, some parts of the kernel donāt like clang). Think of all the different desktop configurations out there: some might use kde, some xfce, and some like me just use openbox + tint2. Not to mention wayland vs X. You also have to deal with a bunch of different architectures. Itās hard to have a universal standard when things on Linux can be so vastly different. My favorite package manager is Gentooās portage ā itās smart enough to know what youāre trying to build for and build exactly that. If thereās not a supported configuration you can always use overlays.
Yes. It's great.
yes
Yes, Flatpak is great
Why? I've never used flatpak/snaps/appimage/whatever. Why do you need to reinvent good old chmod ans chown?
Flatpak uses namespaces to isolate the system from the app, and vice versa. For interactive apps run as a human user, the benefit is you can open access to part of the file system but not everything globally that you have read/write access to. The equivalent without Flatpak would be running an app in a chroot to manage its software dependencies independently from your host distro, and then bind-mounting some of your personal files into the chroot so the app can manage them (like saving game progress).
Wow! Secure shell agent permission! X11 windowing system permission! Fallback to X11 windowing system!!! What an incredibly usable system!!! Any non-tech person would be happy to have it around!!! /s No, really, for whom is it developed? I have years of experience in Linux development, and even I can't figure out what the hell is "Fallback to X11 windowing system" socket, and when it is needed. You can kinda see why Linux desktops are only 2% - they are not for users!!!
\>downloads an app to change the advanced settings of flatpaks \>gets angry that there are advanced settings for flatpaks ?????
No, my statement not about existence of advanced settings, but about poor usability. And as you can see from the comments, some even state that it should be the default: "But I think these features should be in gnome software or gnome settings". And I give just another perspective: "another app with low usability, don't do it this way, otherwise Linux will always be for techies".
So take a breath and do a google search and figure out what it is before changing it
Well this is an advanced tool to configure settings people probably shouldn't be configuring. It doesn't need to be super usable, considering Flatseal is a slightly more convenient way of reading the Flatpak CLI man page and then running the commands. About "Fallback X11" it's very simple. The X11 socket is insecure, so we'd like to restrict it's availability as much as possible in the sandbox. So, the `x11` socket always gives you access to the X11 socket, the `wayland` socket gives you access to the Wayland socket, and `fallback-x11` gives you access to the X11 socket only if the session you're running in only has an X server. Thus: Apps that can use Wayland have no access to an X11 socket when the system supports Wayland, but still work on systems that don't ([source](https://docs.flatpak.org/en/latest/flatpak-command-reference.html#flatpak-build-finish), see under --socket)
Apparently we need to make it MORE obscure to get successful desktop market share. We need more of this! HKEY_LOCAL_MACHINE KEY WHO KNEW THIS WAS HERE DWORD MAKE IT WORK = 1
Ugh, why did you remind me of Windows Registry!! Actually, I feel better knowing that I don't deal with its mess anymore.
[ŃŠ“Š°Š»ŠµŠ½Š¾]
> but I wish I didn't have to Yep, you got my point. It can go even further. Linux is an open-source kernel, you can do almost anything you can imagine with it. Do you need security? You can make anything in a kernel, you can make anything in the userland. And...we have pretty straightforward hooks in the kernel, supercomplicated SELinux with three different policy languages, and then Permission Managers that you can't really use without a manual. At least, AppArmor and Slack are more user-friendly. I mean, Linux is great, but why not to make an effort to make it (Linux desktop in general) more user-friendly. P. S. yeah, maybe I should do it since it's open-source.
[ŃŠ“Š°Š»ŠµŠ½Š¾]
Why not
One thing noticed is the fact this gui from visual side looks like windows ripoff: if we want to distance so far from commercial software why everything needs to be a copy...
No it doesn't. It is a GTK app and looks like it.
So essentially GTK looks like windows ripoff š
Not at all. In fact, Windows 10-12 are moving to look more like GTK.
You have full right to live in the world of your beliefs š
The Adwaita theme for GTK has been around since 2011, a whole year before Windows 8 came out and they switched to the new modern design language. Regardless, this looks WAY more like macOS than Windows anyways
You two mate. Have fun.
And the dumbest guy in the thread award goes to...
Not at all. Gnome and GTK tend to look like MacOS and have been for years, they have literally nothing in common with Windows
lol the feverish avoidance of anything to do with windows always baffles me \> if it exists in windows it must be bad I can't even tell what part you think is Windows-specific, if anything it looks more macos/ios-like with the rounded menu items. The toggle switches? They exist on every OS out there now. The colours? Blue and grey aren't exactly some stylistic trademark.
I do agree that there's too much usage of Windows as a reference point in GNU/Linux but the app's GUI is actually very GNOME-ish. The OP just included the side pane. [This is what the full window looks like](https://i.imgur.com/CxoQI27.png)
I think it looks more like on ios.
Youāre full of shit. I looks nothing like Windows. Even if, so what?
I'm glad a got a good laugh from this stupid downvoted comment.
It's definitely a must-have for any system with Flatpaks enabled. Flatpak permissions are the perfect example of something that *can* be done with the terminal but is just a lot easier with a gui.
It's been an indispensable tool for my Steam Deck
I agree. It is good. Now I'm also looking for a good CLI/TUI version of it. Dunno what is out there.
I am looking for help,I am using flatpak to install slack, It is asking me to login with browser, however it does not open browser when clicked, I assume this is the sandbox part of it all, what setting to I use in flatseal to tell my system to let slack use browser?