Modern packaging
Why packaging systems of old aren’t fit for purpose.
Containerised packages are a very important part of this jigsaw puzzle and allow apps to be installed with their dependencies, without the need to add to or alter the files on the root partition. For example, should an application need a particular Python library, it can be bundled with the app itself. A second reason why containerised packages are so powerful is that the same version can run on many operating systems, due to the ability to use runtimes and dependency embedding.
Thirdly, as these apps are containerised, their ability to edit the entire OS’s files can be reduced. For example, an app can be allowed access to a user’s home directory only and given access to the USB ports. Conversely, some apps are denied USB access.
Examples of containerised packaging systems are Flatpaks, AppImages and Snaps.
Flatpaks
Flatpak is the approved format for apps to be run on Fedora Silverblue and other similar systems, such as OpenSUSE’s MicroOS. To run Flatpaks, one or more runtimes are required to be installed and apps are built against a runtime. When installing an app, the required runtime is installed at the same time. If libraries or other resources are required for the app to run, these are bundled into the file. When running an app from a Flatpak, they are contained within a sandbox and can only access their own resources and the runtime. Any further access to the filesystem or hardware must be explicitly granted. Flatpaks have a mechanism, known as Portals, that is used to allow the app to access files, hardware and other items from outside of the sandbox. Runtimes are distribution-agnostic, meaning that once a Flatpak has been built, it can run anywhere that the runtime can run. Flatpaks are distributed from repositories, with Flathub being the most popular. This can be added to Silverblue by using the GUI options.
AppImages
AppImage is a single-file format that contains all required libraries and resources for an app. It contains a filesystem that is mounted using the FUSE userspace filesystem mounting system. AppImage started in 2003 and was originally named Klik. Apps packaged as AppImages can be run on multiple Linux distros, do not require installing in the conventional sense, don’t need root permissions to run and are completely portable.
Snaps
Snaps were designed by Canonical for the Ubuntu Phone OS, so there was a rival to the way Android and iOS package apps. They were extended to support IoT applications, GUI apps and server-based options. Snaps use features of Systemd and are controlled via the SnapD daemon. They are run in a sandbox with limited access to the parent OS. In recent releases, Canonical has taken the decision to package and distribute Chrome and Firefox as Snaps, due to the complexity of compiling web browsers for multiple OS versions. Much criticism has been given over this due to the time taken for some apps to open. This has been improved by changing the compression algorithm.