Flatpak Firefox

  



From the project README: 'Flatpak is a system for building, distributing and running sandboxed desktop applications on Linux.'

From flatpak(1):

Apps for Linux, right here. Welcome to Flathub, the home of hundreds of apps which can be easily installed on any Linux distribution. Browse the apps online, from your app center or the command line. Firefox but a much larger download It sandboxes any flatpakd app. Each flatpakd app will come with its own dependencies so they can be used in a sandbox environment, so the apps won't snoop on your whole filesystem can't check on your system's processes, which is.

Flatpak is a tool for managing applications and the runtimes they use. In the Flatpak model, applications can be built and distributed independently from the host system they are used on, and they are isolated from the host system ('sandboxed') to some degree, at runtime.
Flatpak uses OSTree to distribute and deploy data. The repositories it uses are OSTree repositories and can be manipulated with the ostree utility. Installed runtimes and applications are OSTree checkouts.

Installation

Install the flatpak package.

Note: If you want to build flatpaks with flatpak-builder you will need to install the optional dependencies of elfutils and patch.

Managing repositories

Note: By default, every flatpak command works system-wide, i.e. packages are installed for all users in the computer and flatpak requires the user to supply root's password. To install packages and work with repositories on a single user (with no need of superuser rights) you can add the option --user to each command. If you want, for example, to add a repository only visible to you, you should run $ flatpak remote-add --user namelocation. To install a package visible only to you, run $ flatpak install --user package-name.

Add a repository

To add a remote flatpak repository do:

Flatpak firefox debian

where name is the name for the new remote, and location is the path or URL for the repository.

For example to add the official Flathub repository:

Delete a repository

Flatpak firefox free

To delete a remote flatpak repository do:

where name is the name of the remote repository to be deleted.

List repositories

To list all the added repositories do:

Managing runtimes and applications

Search for a remote runtime or application

Before being able to search for a runtime or application in a newly added remote repository, we need to retrieve the appstream data for it:

Then we can proceed to search for a package with flatpak search packagename, e.g. to look for the package libreoffice with the flathub remote configured:

List all available runtimes and applications

To list all available runtimes and applications in a remote repository named remote do:

Install a runtime or application

To install a runtime or application do:

where remote is the name of the remote repository, and name is the name of the application or runtime to install.

Flatpak Firefox
Tip: You can use partial identifiers flatpak install partial-name (for example flatpak install libreoffice).

List installed runtimes and applications

To list installed runtimes and applications do:

Run applications

Binaries are available in /var/lib/flatpak/exports/bin, which is automatically added to $PATH by /etc/profile.d/flatpak-bindir.sh. You may have to re-login to apply the change.

Flatpak applications can also be run with the command line:

Update a runtime or application

To update a runtime or application named name do:

Uninstall a runtime or application

To uninstall a runtime or application named name do:

Tip: You can uninstall unused flatpak 'refs' (aka orphans with no application/runtime) with flatpak uninstall --unused.

Adding Flatpak .desktop files to your menu

Flatpak expects window managers to respect the XDG_DATA_DIRS environment variable to discover applications. This variable is set by the script /etc/profile.d/flatpak.sh. Updating the environment may require restarting the session. If the launcher does not support XDG_DATA_DIRS, you can edit the list of directories scanned and add these to it:

This is known to be necessary in Awesome.

Viewing sandbox permissions of application

Flatpak applications come with predefined sandbox rules which defines the resources and file system paths the application is allowed to access.To view the specific application permissions do:

The reference of the sandbox permission names can be found on official flatpak documentation.

Overriding sandbox permissions of applications

If you find the predefined permissions of the application too lax or too restrictive you can change to anything you want using flatpak override command.For example:

This will prevent the application access to your home folder.

Every type of permission such as device, filesystem or socket has an command line option that allows that particular permission and a separated option that denies. For example, in case of device access --device=device_name allows access, --nodevice=device_name denies the permission to access device.

For all permission types commands consult the manual page: flatpak-override(1)

Permission overrides can be reset to defaults with command:

Flatseal is a GUI permissions manager which offer simple point-and-click permissions operations.

Creating a custom base runtime

This article or section needs expansion.

Reason: This can certainly be improved. It also has problems with D-Bus for GNOME apps. (Discuss in Talk:Flatpak#)
Warning: If you want to release your software to the public as a Flatpak, an Arch-based runtime is unsuitable. In this case, you will want to follow official documentation to integrate your software into the proper Flatpak ecosystem using the common runtimes.
Note:
  • You may want to use an untrusted, unprivileged user account for bundling untrusted software because the software is not sandboxed during app and runtime creation.
  • When distributing bundles to others, you may be legally obliged to provide the source code of some of the bundled software upon request. You may want to use ABS to build these packages from source.

You can create a custom Arch-based base runtime and base SDK for Flatpak using pacman. You can then use it for building and packaging applications. This is an alternative for personal use to the default org.freedesktop.BasePlatform and org.freedesktop.BaseSdk runtimes.

In addition to flatpak, you need to have installed fakeroot and for pacman hooks support also fakechroot.

First, start by creating a directory for building the runtime and possibly applications.

You can then prepare a directory for building the runtime base platform. The files subdirectory will contain what will later be the /usr directory in the sandbox. Therefore you will need to create symbolic links so the default /usr/share etc. from Arch can still be accessed at the usual path.

Make your host OS fonts available to the Arch runtime:

Flatpak Firefox Mac

You need and may want to adapt your pacman.conf before installing packages to the runtime. Copy /etc/pacman.conf to your build directory and then make the following changes:

  • Remove the CheckSpace option so pacman will not complain about errors finding the root filesystem for checking disk space.
  • Remove any undesired custom repositories and IgnorePkg, IgnoreGroup, NoUpgrade and NoExtract settings that are needed only for the host system.

Now install the packages for the runtime.

Set up the locales to be used by editing myruntime/files/etc/locale.gen. Then regenerate the runtime’s locales.

The base SDK can be created from the base runtime with added applications needed for building packages and running pacman.

Insert metadata about runtime and SDK.

Add base runtime and SDK to a local repository in the current directory. You may want to give them appropriate commit messages such as “My Arch base runtime” and “My Arch base SDK”.

Flatpak Firefox Free

Install the runtime and SDK.

Creating apps with pacman

As an alternative to building applications the usual way, we can use pacman to create a containerized version of the regular Arch packages. Note that /usr is read-only when creating apps, so we can not use Arch’s packages when building an app. To create a real app with pacman, we can either

  • use pacman to create a runtime containing all dependencies
  • and compile the app ourselves as usual or perhaps using pacman with a custom PKGBUILD tailored to Flatpak which uses --prefix=/app for the configure script,

or we can

  • use pacman to create a runtime containing the app installed with pacman
  • and create a dummy app to launch it.

For doing the latter, first create a runtime using pacman such as this one for gedit. The runtime is first initialized and prepared for use with pacman.

Then the package is installed. The host’s network connection must be made available to pacman.

You can test the installation before finishing the runtime (without proper sandboxing).

Now finish building the runtime and export it to a new local repository. pacman’s GnuPG keys have permissions that may interfere and need to be removed first.

Then create a dummy app.

Now finish the dummy app. You can fine-tune the app’s access permissions when sandboxed by giving additional options when finishing the build. For possible options see the Flatpak documentation and the GNOME manifest files. Alternatively, adapt geditapp/metadata to your needs after finishing the build but before exporting. When the metadata file is complete, export the app to the repository.

Install it along with the runtime.

See also

Flatpak Firefox Latest

Retrieved from 'https://wiki.archlinux.org/index.php?title=Flatpak&oldid=663602'