snaps are similar to flatpaks, little containers that hold apps that can be sandboxed for security, reproducibility, and convenience. cannonical decided to push their own snaps over flatpak, a widly accepted standard. the big problem with snaps is the store where you get them is proprietary, and they will sneakily install snaps instead of standard packages when you try to install programs you didn’t realize we’re even snaps.
The proprietary store backend really isn’t consequential. Most websites are, and if you have a modern computer, you’ve got proprietary firmware running at ring -3. At best, it’s a distraction from Snap’s real issues.
Snap packages are compressed filesystems, similar to squashfs. When an application is started for the first time, the filesystem has to be decompressed and mounted to the root filesystem, which (depending on the computer) can take a long time. It also litters your mount points with loopback devices.
Snap’s sandboxing only works on systems running Systemd. No Devuan, no Artix, no Alpine; the packages will work, but without sandboxing.
The worst part is Canonical’s desperate attempts to make snaps happen.
Ubuntu ships with a modified apt that first checks if the desired package is available as a snap, and if so, installs snapd and the snap package without asking or even notifying the user. Strike that, it’s even worse. https://feddit.uk/comment/20490326
Canonical has forced other official flavors (Xubuntu, Kubuntu, etc; to note: they’re not maintained by Canonical) to ship their systems without Snap’s direct competitor Flatpak out of the box. https://www.omgubuntu.co.uk/2023/02/ubuntu-flavors-no-flatpak
…and I’m sure there’s more that I’m forgetting about.
They haven’t modified apt; they abuse an extra version number that supercedes the major version number of a package. I think it’s meant to be used for new packages that reuse the name of an abandoned project. Canonical publish packages for software like Firefox that depend on snapd and just run snap install firefox instead of actually installing anything. Since they bumped that extra version number, their packages always have a higher precedence than even the officially packaged debs from Mozilla.
What’s even even more fucked up is that the package still installs an executable to /usr/bin/firefox, but it’s just a wrapper script that launches the Snap application… and also replaces your desktop shortcuts, application launcher shortcuts, and favourites with its own Reforged Edition file if you’re running GNOME, Unity, MATE, or KDE Plasma.
Excerpt from /usr/bin/firefox Canonical Edition(TM)
# [...]# GNOME Shell
OLD="firefox.desktop"
NEW="firefox_firefox.desktop"
FAVS=$(gsettings get org.gnome.shell favorite-apps 2> /dev/null)
ifecho"$FAVS" | grep -q "'$OLD'"; then
NEWFAVS=$(echo$FAVS | sed -e "s#'$OLD'#'$NEW'#")
gsettings set org.gnome.shell favorite-apps "$NEWFAVS"fi# MATE
OLD="/usr/share/applications/firefox.desktop"
NEW="/var/lib/snapd/desktop/applications/firefox_firefox.desktop"
OBJECTS=$(gsettings get org.mate.panel object-id-list 2> /dev/null)
for object in$OBJECTS; do
object=$(echo$object | cut -d\' -f2)
launcher=$(gsettings get org.mate.panel.object:/org/mate/panel/objects/$object/ launcher-location)
if [ "$launcher" = "'$OLD'" ]; then
gsettings set org.mate.panel.object:/org/mate/panel/objects/$object/ launcher-location "'$NEW'"fidone# [...]# TODO: handle other desktop environmentsexec /snap/bin/firefox "$@"
yup discovered this on my server yesterday. needed something on there so just did sudo apt install blahblahblah and then come to find the little ubuntu fucker installed a snap of it.
I really should have gone with another distro for my server but meh i’m too lazy to fix it now.
snaps are similar to flatpaks, little containers that hold apps that can be sandboxed for security, reproducibility, and convenience. cannonical decided to push their own snaps over flatpak, a widly accepted standard. the big problem with snaps is the store where you get them is proprietary, and they will sneakily install snaps instead of standard packages when you try to install programs you didn’t realize we’re even snaps.
…so they’re the flatpaks we have at home? :P
Seriously though. Wow, that royally sucks. Thanks for the info.
That’s not the full picture.
The proprietary store backend really isn’t consequential. Most websites are, and if you have a modern computer, you’ve got proprietary firmware running at ring -3. At best, it’s a distraction from Snap’s real issues.
Snap packages are compressed filesystems, similar to squashfs. When an application is started for the first time, the filesystem has to be decompressed and mounted to the root filesystem, which (depending on the computer) can take a long time. It also litters your mount points with loopback devices.
Snap’s sandboxing only works on systems running Systemd. No Devuan, no Artix, no Alpine; the packages will work, but without sandboxing.
The worst part is Canonical’s desperate attempts to make snaps happen.
Ubuntu ships with a modifiedStrike that, it’s even worse. https://feddit.uk/comment/20490326aptthat first checks if the desired package is available as a snap, and if so, installs snapd and the snap package without asking or even notifying the user.…and I’m sure there’s more that I’m forgetting about.
They haven’t modified
apt; they abuse an extra version number that supercedes the major version number of a package. I think it’s meant to be used for new packages that reuse the name of an abandoned project. Canonical publish packages for software like Firefox that depend on snapd and just runsnap install firefoxinstead of actually installing anything. Since they bumped that extra version number, their packages always have a higher precedence than even the officially packaged debs from Mozilla.Thanks, that’s even more fucked up.
What’s even even more fucked up is that the package still installs an executable to
/usr/bin/firefox, but it’s just a wrapper script that launches the Snap application… and also replaces your desktop shortcuts, application launcher shortcuts, and favourites with its own Reforged Edition file if you’re running GNOME, Unity, MATE, or KDE Plasma.Excerpt from /usr/bin/firefox Canonical Edition(TM)
# [...] # GNOME Shell OLD="firefox.desktop" NEW="firefox_firefox.desktop" FAVS=$(gsettings get org.gnome.shell favorite-apps 2> /dev/null) if echo "$FAVS" | grep -q "'$OLD'"; then NEWFAVS=$(echo $FAVS | sed -e "s#'$OLD'#'$NEW'#") gsettings set org.gnome.shell favorite-apps "$NEWFAVS" fi # MATE OLD="/usr/share/applications/firefox.desktop" NEW="/var/lib/snapd/desktop/applications/firefox_firefox.desktop" OBJECTS=$(gsettings get org.mate.panel object-id-list 2> /dev/null) for object in $OBJECTS; do object=$(echo $object | cut -d\' -f2) launcher=$(gsettings get org.mate.panel.object:/org/mate/panel/objects/$object/ launcher-location) if [ "$launcher" = "'$OLD'" ]; then gsettings set org.mate.panel.object:/org/mate/panel/objects/$object/ launcher-location "'$NEW'" fi done # [...] # TODO: handle other desktop environments exec /snap/bin/firefox "$@"I’d classify that as malware.
Holy shit, that’s fucked up
yup discovered this on my server yesterday. needed something on there so just did sudo apt install blahblahblah and then come to find the little ubuntu fucker installed a snap of it.
I really should have gone with another distro for my server but meh i’m too lazy to fix it now.
I’m not sure the pushing snap over established flatpak thing holds up, snap was in the wild before flatpak was announced.