Because I hate Electron

  • Max-P@lemmy.max-p.me
    link
    fedilink
    arrow-up
    16
    ·
    1 month ago

    Docker, Distrobox, Toybox, systemd-nspawn, chroot.

    Technically those all rely on the same kernel namespace features, just different ways to use it.

    That’s also what Flatpaks and Snaps do. If you only care about package bloat, an AppImage would do too but it’s not a sandbox like Flatpak.

  • flashgnash@lemm.ee
    link
    fedilink
    arrow-up
    8
    ·
    edit-2
    1 month ago

    IIRC that’s the whole point of flatpak, snap and appimage

    Docker can probably do it too, distrobox puts a useful wrapper on that

    Nix does that kind of, nix packages aren’t isolated in that they can’t access resources on your system but all dependencies are stored in the nix store, hashed and isolated from eachother, and wiped when you collect garbage

  • Samueru@lemmy.ml
    link
    fedilink
    arrow-up
    6
    ·
    1 month ago

    You can use appimages, more importantly if you make a directory next to the appimage with the name of the appimage + .home the appimage will also set that as its $HOME that way you can also keep the configuration files of the app separated from the host OS.

    You can also sandbox appimages with aisap.

  • nanook@friendica.eskimo.com
    link
    fedilink
    arrow-up
    6
    arrow-down
    1
    ·
    1 month ago

    Snap turns your system into a slug at boot time, makes it take forever to shut down as it unmounts fifty memory file systems, scatters files all over the place turning a neat organized system into a pile of shit. I primary run Ubuntu, but I excise snap from it as one of the first orders of business.

      • nanook@friendica.eskimo.com
        link
        fedilink
        arrow-up
        4
        ·
        1 month ago

        @naeap As long as it remains the easiest distro for me to get from initial setup to mangled the way I want it to work I’ll stick with Ubuntu. It still tends to be more up to date than most other releases save Fedora but I do not care for the Redhat approach at all, they are rather like Windows in trying to force you to do it there way, “thou shall use LDAP and not NIS” for example. I don’t like distros that think I should change my whole organization to suit their needs. Yea at some point I probably will switch to LDAP but will do it on my own terms in my own time not dictated by a distribution vendor. It is rather trivial for me to excise snap from Ubuntu, a lot more work to hack NIS into a system that doesn’t natively support it.

    • ColdWater@lemmy.caOP
      link
      fedilink
      arrow-up
      2
      arrow-down
      3
      ·
      1 month ago

      Luckily I use Arch (btw) so every Linux apps under the sun already available on the AUR, so I have 0 reason to use Snap/Flatpak

  • StefanT@lemmy.world
    link
    fedilink
    arrow-up
    3
    ·
    1 month ago

    Go with one of the ready to use systems. Flatpak, Snap, AppImage. Snap is largely Ubuntu Ecosystem, Flatpak is independent. AppImage is an option if you do not need/want a Sandbox.

    Stay away from Docker and LXC for this use case (graphical applications), they are much more work to get going.

    • zingo@sh.itjust.works
      link
      fedilink
      arrow-up
      1
      ·
      1 month ago

      Yes, Docker apps are more appropriate for servers and most apps are “made” to run 24/7 to serv the home or workplace.

      They are very much worth the “work to setup” as they can be transfered/replicated to any system.

      Flatpak and the alike are for running apps on a desktop/laptop.

      • StefanT@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        1 month ago

        Agreed. My answer was in the assumption that it’s about desktop apps as the OP mentioned Electron.

  • gomp@lemmy.ml
    link
    fedilink
    arrow-up
    3
    ·
    1 month ago

    One way or another, if you want to run an application you are gonna need its dependencies (the key is the name)… they may be bundled into an appimage or come as part of flatpak ruintime, or be confined inside a container, or live in the nix store, but they will “bloat” your system anyway.

    Learn how to cleanup your system (ie. uninstall all packages that are not needed by others that have been requested explicitly) and live a happy life. Only bother with other solutions if the software (or version) you need isn’t available for your distro.

  • fl42v@lemmy.ml
    link
    fedilink
    arrow-up
    2
    ·
    1 month ago

    Both strange and not, tbh. On one hand, I understand the sentiment; on the other hand, installing more software with its own dependencies to isolate electron’s dependencies, and potentially installing twice those libs both electron and something else on your system depend on seems counterproductive (leaving the security benefits of containerization/sandboxing out of the question here, tho).

  • xavier666@lemm.ee
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    1 month ago

    It depends on your usecase. We need more detail regarding what application (gui/cui/open source/proprietary/custom) you are trying to use

    • Check if the application you want to use exists as snap/flatpak/appimage.
    • If it exists, install the application as per their standard operating mechansim
    • Once used, just remove them. Your original system libs are untouched

    If the application doesn’t exist in those platforms, it’s a different story. You might need to use distrobox or docker. Don’t use nix because it’s overkill for what you want to do.

  • nanook@friendica.eskimo.com
    link
    fedilink
    arrow-up
    0
    ·
    1 month ago

    Since Linux tends to be inherently more efficient AND secure than WhenDoze it makes more sense to me to run Linux as the primary OS and put WhenDoze as in the VM. This has the additional benefit of making it easy to restore WhenDoze when it inevitably
    shits itself.

    • zwekihoyy@lemmy.ml
      link
      fedilink
      arrow-up
      0
      ·
      1 month ago

      what do you mean you claim “more secure” here? secure in comparison to what, exactly?

      • nanook@friendica.eskimo.com
        link
        fedilink
        arrow-up
        1
        ·
        1 month ago

        @zwekihoyy If you look at any botnet on the net, it’s going to be 99.999% windows machines, always. If you look at machines compromised by Ransomeware, that happens to Linux but rare, common on Windows. Windows is like a 20 year old asphalt road, patches upon patches.

        • zwekihoyy@lemmy.ml
          link
          fedilink
          arrow-up
          3
          ·
          1 month ago

          this idea lies on a complete misunderstanding. Linux, without extensive hardening efforts, is ootb much more insecure than either Windows or macos

        • Markaos@lemmy.one
          link
          fedilink
          arrow-up
          1
          ·
          1 month ago

          I know this isn’t Reddit, but r/peopleliveincities… When 90% of desktop users use Windows, it’s going to both be the most targeted by malware developers and have the highest chance of being operated by someone who doesn’t understand enough about computers to recognize that the shiny calculator app that just popped up after visiting a very legit Nigerian prince’s crowdfunding page probably shouldn’t need admin access.

          And speaking of user error, I’m willing to bet that basic security practices like using full disk encryption, SecureBoot, some MAC layer (provided by antivirus on Windows, AppArmor/SELinux on Linux) and regularly applying security updates are way more common over in the Windows land - if I was in a situation where there was one completely randomly selected Windows PC and one also completely randomly selected Linux PC, and my life depended on being able to gain access to either of them (some kind of really messed up Saw trap? idk), I would definitely bet my life on the Linux one being misconfigured.

          Don’t get me wrong, Linux can make for a very secure and private OS, but most installs most definitely cannot be described as such - just look at the popularity of random unverified PPAs on Ubuntu derivatives or AUR packages on Arch.

          • nanook@friendica.eskimo.com
            link
            fedilink
            arrow-up
            1
            ·
            1 month ago

            @Markaos Well I have a dual boot system, Linux / Windows 10, and have for decades, other versions of Windows but dual boot none-the less. The old days before grub used to chain-load from the windows boot-loader (ick) but over those years I’ve probably had to reload windows owing to malware I could not excise at least once a year. I’ve never had to do this, ever, with Linux.

            • zwekihoyy@lemmy.ml
              link
              fedilink
              arrow-up
              1
              ·
              25 days ago

              this owes to the fact that windows simply has exponentially more users and is therefore more valuable to target.

              • nanook@friendica.eskimo.com
                link
                fedilink
                arrow-up
                2
                ·
                25 days ago

                @zwekihoyy Yea I’ve heard that excuse but on the Internet there are infinitely more Linux servers and still Windows is more often compromised. I think it has more to do with thousands of eyes on the code submitting bug reports and fixes.

                • zwekihoyy@lemmy.ml
                  link
                  fedilink
                  arrow-up
                  1
                  ·
                  edit-2
                  24 days ago

                  do some research or something jesus lmao. Linux servers, on average, are much higher profile entities to target, typically has more eyes watching them for problems, and technically literate people administrating them. meanwhile your typical windows machine is used by non technical, every day users who do very little proper security practices and threat mitigations.

                  you get a better ROI targeting windows users than you do, Linux users. it’s really not difficult to understand

      • The Bard in Green@lemmy.starlightkel.xyz
        link
        fedilink
        arrow-up
        2
        ·
        edit-2
        1 month ago

        Points for the correct answer. I work on systems for spacecraft and podman is what we use on those for containerization (better option for a couple reasons)… but we literally just SAY docker to the suits, because that’s what they’ve heard of. Which is why I said docker to this guy.