Release flatpaks and snaps #187
Comments
|
+1 |
|
BTW personally I would prefer flatpak. In contrast to snap, you can also self-host it, so you stay in control, and it is widely supported. (snap is not so nice to setup in many distros and snap's security depends on AppArmor, which is not always available in many distros) |
|
+1 |
|
Are there any news to this issue? |
|
BTW, would prefer flatpaks, because – in contrast to snaps – they do not only claim to be distro-independent, but actually are. |
|
Any update here? :) |
|
Not really (otherwise it would've been published), so any contributions are more than welcome! ;) |
|
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
|
I still would like to see a Flatpak. |
|
I'd like to see a Flatpak package too, because it is usable on all linux distros and ChromeOS too (look that there are not a way to encrypt drives on ChromeOS, it is possible to use EDM Android app but, its proprietary and the free (Lite) version is too limited. The effort could decrease on linux app if you release the Flatpak pacckage, because all dependencies are included in the flatpak package and/or runtime and it works exactly same on all distros, you can avoid specific distros and dependencies problems. I hope to see a Flatpak package in a near future, and, merci beaucoup. |
|
I took a look at how difficult this would be to do and managed to get it to "work" as in build with all dependencies and launch. But anything that requires sudo rights (sudo, mount etc.) won't work. Also other system binaries aren't accessible (mkfs.ext4 etc) but as If there's anyone here who knows Flatpak permissions better and how to do that properly, you can take a look at my draft here: https://github.com/Jertzukka/VeraCrypt-Flatpak. |
Idk how to package a flatpak app, in fact I have been asking help to try with FrostWire, so... I'm gonna post you on Reddit and some Telegram groups hoping you get help to make this possible. <3 Edit: I have posted you, here is a link: https://www.reddit.com/r/flatpak/comments/14sn0zj/help_wanted_for_veracrypt_as_flatpak_package_linux |
|
I mean GNOME DIsks is apparently buildable as a flatpak https://gitlab.gnome.org/GNOME/gnome-disk-utility/-/blob/master/INSTALL?ref_type=heads (Blivet not yet) Edit: Though maybe via a dependency on UDisks on the host?. Also many apps like these access at least CD drives via a flatpak. So disk access itself should somehow be possible. |
|
It's been a while since I last looked at it, but I realized it wasn't possible to get it working without changes to the source code or separate patches to the source. The program wasn't written with "what if the system this program is running on doesn't have root rights?" in mind, so there are things that are hardcoded in. Also, if I remember correctly, the program launches a core service worker as root which does all your administrative requests on the user account's behalf, and I had no clue how you would implement this as a Flatpak. So in short, it won't be as easy as "just package it in Flatpak". |
Hmm an easy way I could imagine as a temporary solution would be to "flatpak --spawn --host" that service and if that works then well… But in any case thanks for the effort you've put into (trying)! |
Thanks @Jertzukka for your contribution with VeraCrypt-Flatpak above :) For those not familiar with the latest Flatpak available permissions. With Flatpak, application creators and maintainers are able to distribute any type of applications with Flatpak. Including. But not limited to, system level, command line, desktop, utilities, or independent applications. To do so, when packaging the application, to set the access level, simply add one easy word to the Flatpak parameter As you know, VeraCrypt needs full system level access. With Flatpak, this can easily and quickly be done during packaging using the Flatpak For example, but not limited to: • • • • • Optionally, any users can override the above permissions above using this free, easy to use, and powerful Flatseal at https://flathub.org/apps/com.github.tchx84.Flatseal So if any user complains about your application's default permission, for your review and your decision, I suggest to simply redirect them to this free Flatseal. Suggesting to users to configure appropriately their Flatseal. I am a Flatpak end-user. Not a developer. I do not have any financial conflict of interest with Flatpak. I'm just a happy user. |
Have you considered forking the project to work on this? thanks. |
Hello @joewood9364 :) Thanks for your suggestion. I would love to. But I am an end-user. Not a developer. Today I updated my comment accordingly. Per my comment above both me and the Ubertus.Org team would be happy, as volunteer, to contribute testing and documentation, if needed |
|
Hi all VeraCrypt enthusiasts :) For those not familiar with Flatpak. Below are the benefits of Flatpak for VeraCrypt maintainers and end-users. Benefit for maintainers• With Flatpak, you are able to spend more time doing what you enjoy with the most recent version of your app. Instead of spending time with end-users support requests about outdated or no longer maintained versions of your app. Why? Well because with Flatpak you are able to quickly and easily send direct updates to your end-users. Which do not have to wait for package repositories to update their list. • All-in-one packages. You save a lot of time. Because Flatpak doesn't depend on outside packages. And Flatpak automatically finds what to bundle using deduplication. • Single package for all Linux distributions. List of distributions at https://flatpak.org/setup/ • Freedom. You get more freedom with Flatpak. Because https://flathub.org/ is controlled by a friendly not-for-profit community of users. In comparison, Snap Store is controlled by the for-profit corporation Canonical. So in the future, under constant pressure from its secret shareholders, when Canonical decides to close Snap Store, you will be in trouble. Not-for-profit community value you the people above profit. There are lots of benefit for you associated with this. Usually, for-profit corporations value money above you, the people. There are lots of risk associated with this. • Strong security. Using automated sandbox. With optional override for users of Flatseal. • Use any repository to your liking. Your own, the https://codeberg.org , GitLab, GitHub, any others. Details at https://docs.flatpak.org/en/latest/publishing.html • If you are full, as maintainer, you could easily delegate to anyone to your liking both the creation and the maintenance of the application for the Flathub repository. In other words, any volunteer can add an application to Flathub. It does not have to be the maintainer. • Developer guide at https://docs.flatpak.org/en/latest/ • Free community support for maintainers: ___• Forum at https://discourse.flathub.org/ ___• Instant message at https://matrix.to/#/#flatpak:matrix.org ___• Mailing list at https://lists.freedesktop.org/mailman/listinfo/flatpak Benefit for users• With Flatpak, you are able to easy and quick install the latest free application version at https://flathub.org • Get rapid updates per the above. With Flatpak, you no longer have to wait for package repositories to update their list. • Automatically use any theme to your liking for all apps or selected app. Assuming the app supports theming. This is powered by Flatseal. ___•Steps at https://discourse.flathub.org/t/gtk4-apps-do-not-use-adwaita-dark/1327/2 ___•Get Flatseal at https://flathub.org/apps/com.github.tchx84.Flatseal • Integration with GNOME. You are able to easily install Flatpak applications using the GNOME you're familiar with. When needed, you can still install Flatpak app using https://flathub.org , Terminal, and many other options. • Of all the packaging options available, Flatpak definitely has the strongest security. Because each application is sanboxed. While at the same time, for some application, the default permissions grant too much access. So users who need strong security need to learn to use Flatseal to adapt the permissions at https://flathub.org/apps/com.github.tchx84.Flatseal • Freedom. You get more freedom with Flatpak. Because https://flathub.org is controlled by a friendly not-for-profit community of users. In comparison, Snap Store is controlled by the for-profit corporation Canonical. So in the future, under constant pressure from its secret shareholders, when Canonical decides to close Snap Store, you will be in trouble. Not-for-profit community value you the people above profit. There are lots of benefit for you associated with this. Usually, for-profit corporations value money above you, the people. There are lots of risk associated with this. ___• Sources about who controls Flatpak is under "Acknowledgements" title at https://flathub.org/about ___• Sources about who controls Snap Store at https://ubuntu.com/legal/terms-and-policies/snap-store-terms • Powerful but easy permissions override using this free Flatseal at https://flathub.org/apps/com.github.tchx84.Flatseal Challenge with Flatpak• Flatpak strength is distribution for desktop applications. Not system level or command line applications. Not yet anyway. Maybe later. • The first few applications you install use significantly more storage space. Because Flatpak needs to download runtime(s). But those runtimes are downloaded only once and shared with all other applications. This means that on the long term, after installing the first few applications, the storage space used no longer significantly increase. ContributionAny volunteers to add VeraCrypt to either https://flathub.org or to any other Flatpak repositories to your liking? Both me and the Ubertus.Org team would be happy, as volunteer, to contribute testing and documentation, if needed. I am a Flatpak end-user. Not a developer. I do not have a financial conflict of interest with Flatpak. |
|
Flatpak please |
|
fwatpwak pwease |
|
The latest version of VeraCrypt (1.26.14) requires dependencies (wxWidgets) that aren't available in the mainline Ubuntu repo because the version of wxWidgets that it requires is libwxgtk3.0-gtk3-0v5, which is old. As of January 2024, the version of wxWidgets available in the repos is libwxgtk3.2-1 (you can find the latest version it by typing "apt search libwxgtk"). Unfortunately, VeraCrypt doesn't want the new one; it want's the old one. Installing the old one manually, requires more dependencies, which of course need to be searched from various places and installed manually as well. At this point the process of installing VeraCrypt is a nightmare. It is the perfect candidate to be containerized into a flatpak as the developer clearly has NEARLY abandoned it. The last update was September 2024, and it makes no effort to replace its outdated dependencies with the new versions. This is a configuration management disaster and I'm literally trying to get it to work so I can decrypt one volume and copy the contents to a competing encryption product because I refuse to go through this ordeal again in the future. The "security" rationale for not releasing a flatpak is a joke. Security could be comprised in a dozen different places using the current method of tracking down various outdated required libraries from various developers. Not to mention that users who have downloaded 1 flatpak have already decided to trust anonymous developers to a certain extent. I emplore the developer or anyone knowledgeable in flatpak to just fork the project and release it as a flatpak. |
Answered here: #1465 (comment) |
|
Maybe some of the already existing and working Cryptomator Flatpak code could be recycled for inspiration to publish VeraCrypt as Flatpak on Flathub? Cryptomator's Flathub installer automatically installs all dependencies per Linux distributions. For those not familiar with Cryptomator, like VeraCrypt, Cryptomator is Libre Source (Open Source), creates volumes, mounts volumes, unmounts volumes, and does file encryptions for all of the above. More information at:
I am a Flatpak end-user. Not a developer. Both me and the Ubertus.Org team would be happy, as volunteer, to contribute testing and documentation, if needed. |
The current way using some self-made installer and binary releases for linux without any (auto-)update mechanism is not only bad for security (missing auto-updates, users may miss updates, users may fail to verify updates properly…), but also quite inconvenient (at least when the security verification steps are done correctly).
That's why an update mechanism and a mechanism, which does not reinvent the wheel (= no manual installer) would be nice. Also compatibility should be satisfied…
Thankfully there are two new things for this: Flatpaks and snaps, where the former is more about distros with GNOME and the later Ubuntu. Both, however, are supposed to work on any Linux distro.
So could you offer VeraCrypt in these release formats, too?
The text was updated successfully, but these errors were encountered: