Why not containerise everything? You need libreoffice? No problem, here is a docker or podman container.
Flatpak is basically GUI-optimized containers. It uses the same technology (namespaces) as docker and podman, just with some extra tools to make GUI-related things work properly. That’s why flatpak apps don’t use the system’s gtk version – they’re running in a sandbox with a different rootfs. You can spawn a shell into the sandbox of a specific app with flatpak run --command=sh com.yourapp.YourApp and poke around it if you want to.
If you’re interested in another approach to containerizing GUI applications, also checkout out x11docker. It’s a small independent project maintained by one guy, nothing big like flatpak, but also pretty cool. The name is actually a bit limiting – it supports both docker and podman, and can run wayland apps as well. One of the coolest features, in my opinion, is the ability to run a separate X server inside every sandbox and forward individual windows to the “host” X server. That way you can prevent apps from spying on your keyboard or other apps’ windows.
Flatpak is basically GUI-optimized containers. It uses the same technology (namespaces) as docker and podman, just with some extra tools to make GUI-related things work properly. That’s why flatpak apps don’t use the system’s gtk version – they’re running in a sandbox with a different rootfs. You can spawn a shell into the sandbox of a specific app with
flatpak run --command=sh com.yourapp.YourApp
and poke around it if you want to.It uses bubblewrap for sandboxing under the hood, right?
Thx, looks like that’s the info I’ve missed.
If you’re interested in another approach to containerizing GUI applications, also checkout out x11docker. It’s a small independent project maintained by one guy, nothing big like flatpak, but also pretty cool. The name is actually a bit limiting – it supports both docker and podman, and can run wayland apps as well. One of the coolest features, in my opinion, is the ability to run a separate X server inside every sandbox and forward individual windows to the “host” X server. That way you can prevent apps from spying on your keyboard or other apps’ windows.