[drcongo]

As someone whose only experience with linux is servers and Raspberry Pi, can you tell me what's wrong with snaps? I've only used them on a self-hosted NextCloud and my experience with them has been decent, but I see a lot of dislike for them on HN.

[chomp]

There's pros and cons. It helps developers because they aren't restricted to the distro's shipped library versions, they can build against what they need. It also confines the app to a sandbox. The downsides are that the packages end up larger because they ship with all of the necessary bundled libraries (which can also increase memory usage of the application because it can't share the libraries loaded in RAM by the native operating system), and there's a lack of trust that the developer can keep up with bundled library security updates.

[larntz]

Also I think snap is an Ubuntu thing vs flatpak and appimage which are more distro agnostic. That's my issue with it/Ubuntu. They are doing good things, but at the same time I don't feel they are as "open" as other linux distros.

Also, snapd is installed by default on their servers and it's not as to remove as it should be.

This is one of the reason that I will always choose a different distro if I have the choice.

[xet7]

Snap is available for many distros https://snapcraft.io/docs/installing-snapd

It's great Canonical pays all the huge costs of Snap servers and bandwidth. I could not afford to host all that myself.

[curt15]

Does its sandbox work yet on distros that don't use apparmor? Last time I checked, snap apps were essentially unconfined on Fedora, and sandboxing is one of snap's most important selling points.

[hdjjhhvvhga]

You have skipped quite a few downsides. Anyway, the biggest one is that what was previously an app is now a separate environment that is sometimes hard to control. If I wanted to run an app in a sandbox, I would have run it in a sandbox. People have run into all possible problems with snaps in the past, it has been discussed on HN ad naueseam [0] [1].

[0] https://news.ycombinator.com/item?id=24383341

[1] https://news.ycombinator.com/item?id=24129208

[rlpb]

> Anyway, the biggest one is that what was previously an app is now a separate environment that is sometimes hard to control. If I wanted to run an app in a sandbox, I would have run it in a sandbox.

I see sandboxing as a major upside. Users expect sandboxing by default nowadays. Some game they downloaded shouldn't be able to intercept your online banking browser session. Yet, in the traditional Linux desktop model, they can.

Having app sandboxing by default is long overdue. Not having it makes the environment a second class citizen for user safety and security when compared to iOS and Android, for example.

[hdjjhhvvhga]

In theory, if snap was mature software and had no other issues, this could work well. In practice, many people have problems.

[rlpb]

> The downsides are that the packages end up larger because they ship with all of the necessary bundled libraries (which can also increase memory usage of the application because it can't share the libraries loaded in RAM by the native operating system), and there's a lack of trust that the developer can keep up with bundled library security updates.

This has basically been happening with browser debs anyway. Browser upstreams bundle their libraries, and distributions have increasingly been unable to unbundle them.

[makeworld]

Background daemon that takes up CPU, proprietary store, slow startup, and automatic updates in the background. Flatpak is much better if you need some sort of sandboxing, or updates outside what your distro can provide.

[xet7]

Automatic updates are great, when I release security fixes like new Node.js version to Wekan https://wekan.github.io . It has worked well for me for many years.

Update install is very fast, with very small downtime, automatic database schema upgrades, etc.

Sandboxing is great, code can not write outside of app's own writeable directory.

Does Flatpak have any kind of automatic update ability?

Or is there any automatic update ability for some other package system on Linux/Windows/Mac ? Is Snap the only one?

[curt15]

Automatic updates are great until they kill your running app [1]. Flatpaks can be updated automatically through gnome-software or a cron job, but the user can decide whether to enable automatic updates. Snaps will forcibly update after 60 days even on metered connections.

[1] https://forum.snapcraft.io/t/disabling-automatic-refresh-for...

[MattPalmer1086]

Yes, snap was what made move off Ubuntu on to PopOS.

[sliken]

My complaints (not looked real recently though):

Snaps are Ubuntu specific and the server side/repo is closed source.

Snaps pollute the df/mount points with per snap lines.

They rolled out in a LTS release with minimal testing. Caused quite a few problems like not being able to boot as multiple snaps drained /dev/random (instead of /dev/urandom) and waited on more entropy, which was god awful slow since the boot hadn't finished.

There was no automatic cleanup of older snaps.

Generally it just seemed like a silly proprietary setup that Canocial tried to claim had wide industry support, despite not having that support. I'm not against the ideas, but why not docker? Flatpak? AppImages?

[mike503]

> Snaps pollute the df/mount points with per snap lines.

My biggest complaint

[sliken]

Indeed, seems silly to list gimp, firefox, vlc, vscode, spotify, etc. Not to mention it's easy to end up with more than one of each.

[empiricus]

I had some issues with one app not reading its config file, and wanted to strace it to see if it finds the config or not. Big surprise, cannot strace snap apps..