Title: πŸ“¦ Flatpak β€” Application Sandboxes Group: Package Managers Icon: πŸ“¦ Order: 6 ## Table of Contents - [Configuration](#-configuration--конфигурация) - [Core Management](#-core-management--основноС-ΡƒΠΏΡ€Π°Π²Π»Π΅Π½ΠΈΠ΅) - [Sysadmin Operations](#-sysadmin-operations--ΠΎΠΏΠ΅Ρ€Π°Ρ†ΠΈΠΈ-систСмного-администратора) - [Comparison: Flatpak vs Snap](#-comparison-flatpak-vs-snap) - [Security](#-security--Π±Π΅Π·ΠΎΠΏΠ°ΡΠ½ΠΎΡΡ‚ΡŒ) --- # πŸ“¦ Flatpak Cheatsheet (Application Sandboxes) Flatpak is a utility for software deployment and package management for Linux. It offers a sandbox environment for applications, allowing them to run in isolation from the rest of the system. / Flatpak β€” это ΡƒΡ‚ΠΈΠ»ΠΈΡ‚Π° для развСртывания ПО ΠΈ управлСния ΠΏΠ°ΠΊΠ΅Ρ‚Π°ΠΌΠΈ для Linux. Она ΠΏΡ€Π΅Π΄Π»Π°Π³Π°Π΅Ρ‚ пСсочницу для ΠΏΡ€ΠΈΠ»ΠΎΠΆΠ΅Π½ΠΈΠΉ, позволяя ΠΈΠΌ Ρ€Π°Π±ΠΎΡ‚Π°Ρ‚ΡŒ ΠΈΠ·ΠΎΠ»ΠΈΡ€ΠΎΠ²Π°Π½Π½ΠΎ ΠΎΡ‚ ΠΎΡΡ‚Π°Π»ΡŒΠ½ΠΎΠΉ систСмы. --- ## βš™οΈ Configuration / ΠšΠΎΠ½Ρ„ΠΈΠ³ΡƒΡ€Π°Ρ†ΠΈΡ ### Remotes (Repositories) / Π£Π΄Π°Π»Ρ‘Π½Π½Ρ‹Π΅ Ρ€Π΅ΠΏΠΎΠ·ΠΈΡ‚ΠΎΡ€ΠΈΠΈ (Remotes) Manage where Flatpak downloads applications from (e.g., Flathub). / Π£ΠΏΡ€Π°Π²Π»Π΅Π½ΠΈΠ΅ источниками Π·Π°Π³Ρ€ΡƒΠ·ΠΊΠΈ ΠΏΡ€ΠΈΠ»ΠΎΠΆΠ΅Π½ΠΈΠΉ (Π½Π°ΠΏΡ€ΠΈΠΌΠ΅Ρ€, Flathub). ```bash flatpak remotes # List configured remotes / Бписок настроСнных Ρ€Π΅ΠΏΠΎΠ·ΠΈΡ‚ΠΎΡ€ΠΈΠ΅Π² flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo flatpak remote-delete # Remove remote / Π£Π΄Π°Π»ΠΈΡ‚ΡŒ Ρ€Π΅ΠΏΠΎΠ·ΠΈΡ‚ΠΎΡ€ΠΈΠΉ flatpak remote-modify --enable # Enable remote / Π’ΠΊΠ»ΡŽΡ‡ΠΈΡ‚ΡŒ Ρ€Π΅ΠΏΠΎΠ·ΠΈΡ‚ΠΎΡ€ΠΈΠΉ ``` ### Locations / РасполоТСниС - **System Installation:** `/var/lib/flatpak/` - **User Installation:** `~/.local/share/flatpak/` --- ## πŸ›  Core Management / ОсновноС ΡƒΠΏΡ€Π°Π²Π»Π΅Π½ΠΈΠ΅ ### Install / Установка ```bash flatpak install flathub # Install from specific remote / Π£ΡΡ‚Π°Π½ΠΎΠ²ΠΈΡ‚ΡŒ ΠΈΠ· ΠΊΠΎΠ½ΠΊΡ€Π΅Ρ‚Π½ΠΎΠ³ΠΎ рСпозитория flatpak install # Search and install / Найти ΠΈ ΡƒΡΡ‚Π°Π½ΠΎΠ²ΠΈΡ‚ΡŒ flatpak install --user # Install for current user only / Π£ΡΡ‚Π°Π½ΠΎΠ²ΠΈΡ‚ΡŒ Ρ‚ΠΎΠ»ΡŒΠΊΠΎ для Ρ‚Π΅ΠΊΡƒΡ‰Π΅Π³ΠΎ ΠΏΠΎΠ»ΡŒΠ·ΠΎΠ²Π°Ρ‚Π΅Π»Ρ ``` ### Run / Запуск ```bash flatpak run # Launch application / Π—Π°ΠΏΡƒΡΡ‚ΠΈΡ‚ΡŒ ΠΏΡ€ΠΈΠ»ΠΎΠΆΠ΅Π½ΠΈΠ΅ flatpak run --command=bash # Run shell inside container / Π—Π°ΠΏΡƒΡΡ‚ΠΈΡ‚ΡŒ ΠΎΠ±ΠΎΠ»ΠΎΡ‡ΠΊΡƒ Π²Π½ΡƒΡ‚Ρ€ΠΈ ΠΊΠΎΠ½Ρ‚Π΅ΠΉΠ½Π΅Ρ€Π° ``` ### Update / ОбновлСниС ```bash flatpak update # Update all installed apps and runtimes / ΠžΠ±Π½ΠΎΠ²ΠΈΡ‚ΡŒ всС установлСнныС прилоТСния ΠΈ runtimes flatpak update # Update specific app / ΠžΠ±Π½ΠΎΠ²ΠΈΡ‚ΡŒ ΠΊΠΎΠ½ΠΊΡ€Π΅Ρ‚Π½ΠΎΠ΅ ΠΏΡ€ΠΈΠ»ΠΎΠΆΠ΅Π½ΠΈΠ΅ ``` ### List & Search / Бписок ΠΈ поиск ```bash flatpak list # List installed apps / Бписок установлСнных ΠΏΡ€ΠΈΠ»ΠΎΠΆΠ΅Π½ΠΈΠΉ flatpak list --app # List only apps (hide runtimes) / Бписок Ρ‚ΠΎΠ»ΡŒΠΊΠΎ ΠΏΡ€ΠΈΠ»ΠΎΠΆΠ΅Π½ΠΈΠΉ flatpak search # Search for apps / Поиск ΠΏΡ€ΠΈΠ»ΠΎΠΆΠ΅Π½ΠΈΠΉ flatpak info # Show detailed info / ΠŸΠΎΠΊΠ°Π·Π°Ρ‚ΡŒ Π΄Π΅Ρ‚Π°Π»ΡŒΠ½ΡƒΡŽ ΠΈΠ½Ρ„ΠΎΡ€ΠΌΠ°Ρ†ΠΈΡŽ ``` ### Remove / Π£Π΄Π°Π»Π΅Π½ΠΈΠ΅ ```bash flatpak uninstall # Remove application / Π£Π΄Π°Π»ΠΈΡ‚ΡŒ ΠΏΡ€ΠΈΠ»ΠΎΠΆΠ΅Π½ΠΈΠ΅ flatpak uninstall --unused # Remove unused runtimes (Important!) / Π£Π΄Π°Π»ΠΈΡ‚ΡŒ Π½Π΅ΠΈΡΠΏΠΎΠ»ΡŒΠ·ΡƒΠ΅ΠΌΡ‹Π΅ runtimes (Π’Π°ΠΆΠ½ΠΎ!) flatpak uninstall --delete-data # Remove app and its data / Π£Π΄Π°Π»ΠΈΡ‚ΡŒ ΠΏΡ€ΠΈΠ»ΠΎΠΆΠ΅Π½ΠΈΠ΅ ΠΈ Π΅Π³ΠΎ Π΄Π°Π½Π½Ρ‹Π΅ ``` --- ## πŸ”§ Sysadmin Operations / ΠžΠΏΠ΅Ρ€Π°Ρ†ΠΈΠΈ систСмного администратора ### Permissions (Overrides) / ΠŸΡ€Π°Π²Π° (ΠŸΠ΅Ρ€Π΅ΠΎΠΏΡ€Π΅Π΄Π΅Π»Π΅Π½ΠΈΡ) Manage sandbox permissions (filesystem, network, device access). / Π£ΠΏΡ€Π°Π²Π»Π΅Π½ΠΈΠ΅ ΠΏΡ€Π°Π²Π°ΠΌΠΈ пСсочницы (файловая систСма, ΡΠ΅Ρ‚ΡŒ, доступ ΠΊ устройствам). ```bash flatpak override --show # Show current permissions / ΠŸΠΎΠΊΠ°Π·Π°Ρ‚ΡŒ Ρ‚Π΅ΠΊΡƒΡ‰ΠΈΠ΅ ΠΏΡ€Π°Π²Π° sudo flatpak override --filesystem=home # Allow access to home folder / Π Π°Π·Ρ€Π΅ΡˆΠΈΡ‚ΡŒ доступ ΠΊ домашнСй ΠΏΠ°ΠΏΠΊΠ΅ sudo flatpak override --socket=wayland # Allow access to Wayland / Π Π°Π·Ρ€Π΅ΡˆΠΈΡ‚ΡŒ доступ ΠΊ Wayland sudo flatpak override --reset # Reset permissions to default / Π‘Π±Ρ€ΠΎΡΠΈΡ‚ΡŒ ΠΏΡ€Π°Π²Π° ΠΊ значСниям ΠΏΠΎ ΡƒΠΌΠΎΠ»Ρ‡Π°Π½ΠΈΡŽ ``` ### Troubleshooting / УстранСниС Π½Π΅ΠΏΠΎΠ»Π°Π΄ΠΎΠΊ Repair installation errors. / Π˜ΡΠΏΡ€Π°Π²Π»Π΅Π½ΠΈΠ΅ ошибок установки. ```bash flatpak repair # Deduplicate and repair installation / ДСдупликация ΠΈ исправлСниС установки flatpak repair --user # Repair user installation / Π˜ΡΠΏΡ€Π°Π²Π»Π΅Π½ΠΈΠ΅ установки ΠΏΠΎΠ»ΡŒΠ·ΠΎΠ²Π°Ρ‚Π΅Π»Ρ ``` ### Processes / ΠŸΡ€ΠΎΡ†Π΅ΡΡΡ‹ ```bash flatpak ps # List running flatpak instances / Бписок Π·Π°ΠΏΡƒΡ‰Π΅Π½Π½Ρ‹Ρ… экзСмпляров flatpak flatpak kill # Kill running instance / Π£Π±ΠΈΡ‚ΡŒ Π·Π°ΠΏΡƒΡ‰Π΅Π½Π½Ρ‹ΠΉ экзСмпляр ``` --- ## πŸ“Š Comparison: Flatpak vs Snap | Feature | Flatpak | Snap | | :--- | :--- | :--- | | **Backend** | Decentralized (Multiple remotes possible) | Centralized (Canonical Snap Store) | | **Server Apps** | No (Focused on Desktop/GUI) | Yes (Strong server support) | | **Format** | OCI-compatible images (OSTree) | SquashFS images | | **Sandboxing** | Bubblewrap (bwp) | AppArmor + Cgroups | --- ## πŸ”’ Security / Π‘Π΅Π·ΠΎΠΏΠ°ΡΠ½ΠΎΡΡ‚ΡŒ ### Isolation / Π˜Π·ΠΎΠ»ΡΡ†ΠΈΡ Flatpaks are sandboxed by default. They cannot see host processes or files unless explicitly allowed. / Flatpaks ΠΈΠ·ΠΎΠ»ΠΈΡ€ΠΎΠ²Π°Π½Ρ‹ ΠΏΠΎ ΡƒΠΌΠΎΠ»Ρ‡Π°Π½ΠΈΡŽ. Они Π½Π΅ видят процСссы хоста ΠΈΠ»ΠΈ Ρ„Π°ΠΉΠ»Ρ‹, Ссли это явно Π½Π΅ Ρ€Π°Π·Ρ€Π΅ΡˆΠ΅Π½ΠΎ. ### Verification / ΠŸΡ€ΠΎΠ²Π΅Ρ€ΠΊΠ° Check commit checksums. / ΠŸΡ€ΠΎΠ²Π΅Ρ€ΠΊΠ° ΠΊΠΎΠ½Ρ‚Ρ€ΠΎΠ»ΡŒΠ½Ρ‹Ρ… сумм ΠΊΠΎΠΌΠΌΠΈΡ‚ΠΎΠ². ```bash flatpak info --show-commit # Show commit hash / ΠŸΠΎΠΊΠ°Π·Π°Ρ‚ΡŒ Ρ…ΡΡˆ ΠΊΠΎΠΌΠΌΠΈΡ‚Π° ```