This article introduces projects available in Flathub with installation instructions.
Flathub is the place to get and distribute apps for all of Linux. It is powered by Flatpak, allowing Flathub apps to run on almost any Linux distribution.
Please read βGetting started with Flatpakβ. In order to enable flathub as your flatpak provider, use the instructions on the flatpak site.
Warehouse
Warehouse is a graphical utility to manage your installed flatpak applications and your flatpak remotes. Some of the most important features are:
- Viewing Flatpak Info
- Managing User Data
- Batch Actions
- Leftover Data Management
- Manage Remotes
You can install “Warehouse” by clicking the install button on the web site or manually using this command:
flatpak install flathub io.github.flattool.Warehouse
Jogger
Jogger is an app for Gnome Mobile to track running and other workouts. It is built with GTK4, Libadwaita, Rust and Sqlite. Even though targeted for Gnome Mobile, it works pretty well under Gnome Shell and I find it very useful to keep my stats. Some of the features are:
- Track a workout using Geoclue location
- Import workouts from a Fitotrack export
- Manually enter a workout
- View workout details
- Edit a workout
- Delete a workout
- Calculate calories burned for workouts
You can install “Jogger” by clicking the install button on the web site or manually using this command:
flatpak install flathub xyz.slothlife.Jogger
Kooha
Kooha is a simple screen recorder with a minimalist interface. You can just click the record button without having to configure a bunch of settings.
The main features of Kooha include the following:
- Record microphone, desktop audio, or both at the same time
- Support for WebM, MP4, GIF, and Matroska formats
- Select a monitor, a window, or a portion of the screen to record
- Multiple sources selection
- Configurable saving location, pointer visibility, frame rate, and delay
- It works very well on wayland.
flatpak install flathub io.github.seadve.Kooha
Warzone 2100
And who doesn’t love a classic Linux game?
Warzone 2100 lets you command the forces of The Project in a battle to rebuild the world after mankind was nearly destroyed by nuclear missiles.
Warzone 2100, released in 1999 and developed by Pumpkin Studios, is a ground-breaking and innovative 3D real-time strategy game.
In 2004 Eidos, in collaboration with Pumpkin Studios, released the source for the game under the terms of the GNU GPL. This release included everything but the music and in-game video sequences. These, however, were also later released.
This game has one problem: It uses an old platform package (org.kde.Platform 6.4). This means that it takes more space on disk but the fun is worth it!
You can install “Warzone 2100” by clicking the install button on the web site or manually using this command:
flatpak install flathub net.wz2100.wz2100
Warzone 2100 is also available as rpm on fedoraβs repositories
hf147
I love it how 4 of those 5 projects are marked as “Potentially Unsafe”, with three of those requesting filesystem permissions (and therefor bypassing the flatpak sandbox) and the other one using outdated insecure old libraries.
And the 1 safe project is one that manages flatpaks itself.
Eduard Lucena
There are 4 projects, not 5, and the 4 are marked as “Potentially Unsafe”, 2 are requesting access to files because you can’t safe to filesystem without giving them the permissions, you can’t record without saving (well, you can but it’s kind of pointless) and to save your preferences and modify your flatpak permissions it needs access to the filesystem. Jogger needs access to network if you use it on mobile, to track where you are and to use the map feature.
In the case of warzone, it’s and old game, and it’s mentioned in the article. Hopefully devs of warzone can update this, but the warning was issued.
I understand your concerns, but there are specific reasons and they are very well explained in each app flathub site what it needs (the file permissions are very very clear pointing that folders needs to be accessed).
Nobody
It is a matter of trust.
We trust maintainers with traditional packages because basically they can access our system as “root”.
Same goes with flatpaks.
Do we trust people who publish flatpaks on Flathub the same as [your favorite distro] maintainers?
Are flatpaks as safe as RPM or DEB packages from the distribution repositories?
If the answer is “no” then installing flatpaks makes no sense.
cornelius_corn
Flatpaks cannot access your system as root, that’s just not true. Moreover, Flatpaks, while not a true sandbox, are still more secure than system packages, as their permissions will be restricted (when done properly), while system packages both can and will modify your system configuration.
Plus, even crappily configured Flatpaks can have permissions configured using something like Flatseal.
David
Ok let’ s do something about it, what do you suggest to start with?
Darvond
So 3 tiny utilities, one of which is once again for managing flatpaks, and one massive game that has a build issue.
Are we sure flatpak is supposed to be the future, and isn’t just an awkward fumbling of the paradigm?
null_pointer_00
The future of Flatpak applications is in our hands, we, users, by using (or not using) them. I relentlessly refuse them. I even prefer using a proprietary solution, usually a Windows application, with Wine.
lemc
I totally agree. Flatpak and other sandboxed package formats are a dirty and inefficient solution to the current state of fragmented Linux distributions. RPM and Deb distributions should at least standardize around these formats, so that we would have fewer, but native installation packages.
Darvond
I also refuse them, due to the data redundancy introduced (I don’t need, nor want an entire system of redundancies in my system libraries & runtimes; both on KISS and the Unix Philosophy.) and also a slight feeling of spite I feel towards them stealing attention and development from mainline programs.
For example, the misguided thinking leading to a stall in this critical DNF5 issue: https://github.com/rpm-software-management/dnf5/issues/258 where the main talking point is Packagekit, instead of something like Zypper or Slackpkg. You know, established & mature methodologies that have been doing this thing for decades.
Packagekit is not designed for the heavy rigors of a system upgrade; it was created so people can treat software like soup. Need a new soup? Just pop to the store and get a fresh one!
Eduard Lucena
There are plenty of apps, I review some of the one I like and find useful, but Firefox, Libreoffice, Openshot, VSCodium and a lot of apps are available as flatpak.
YOUNGMANBLUES1969
Everyone is such a downer in this comment section. It’s just a showcase of a couple of applications, not a whole representation of every application that is packaged as a Flatpak. Why is everyone so insistent on using a package manager for GUI applications for the rest of their life for any of these programs?
I mean yeah it’s personal preference, but if you really go, “I wish everyone used Linux on the desktop” then expect them to use applications that require dependencies on a system-level then what do you expect? It’s a lot easier in the long run to have that 1 universal package format, and this is the closest we’re going to get.
therightorwronganswer
I agree! People always want to find something to complain about. Most Linux users are purists and stubborn and can’t see past their preferences. I’ve been using Linux for almost as long as it’s been around and I have no issues with Flatpaks and run a handful of them for tools like Obsidian and Bitwarden.
Open source is partly the freedom of choice and expression. How you use Linux is a reflection of you and because of that, I love it. I could care less about the “half glass empty” Linux users and comments you see in posts like these. It’s toxic!
null_pointer_00
“Most Linux users are purists and stubborn”
Yeah, it is what happens after years and years of experience in life, not only operative systems or software:
DON’T TOUCH WHAT WORKS.
cornelius_corn
But it doesn’t work. Developers, game developers especially, have noted the incredible difficulty of creating Linux applications, with the wide plethora of distributions with different libraries and their versions it’s incredibly difficult. And what effectively ends up happening is you get crappy native software that either doesn’t work or doesn’t support your distribution.
It sounds as though the software you use have native packages, which is lovely to hear, not everyone however, has your exact use case, with your exact set of software packages. Look at software like Davinci Resolve, Valve’s source games, Payday 2’s Linux port, etc. These are all examples of software that have major issues because current Linux packaging technologies suck.
I sure do see a lot of people complain about Flatpak, but NONE of them are EVER software developers for Linux themselves. It’s really easy when you’re not the one writing the software to complain about containerized apps.
Nobody
Problem is you cannot trust software on Flathub, like you cannot trust any software on any “store” which is not inspected and authorized by anybody else but the guy who wants to publish it.
The very idea of the “store” to help developers in meeting the public with their “app” without “system level complications” has proven suicidal again and again.
I don’t understand if people who insist in re-inventing the squared wheel are bad guys or just have a 5 minutes memory .
rugk
@Nobody whether you want an auditor in the middle has nothing to do with Flatpak itself. E.g. you can use the great Fedora flatpaks. It’s the same software you get when you don’t use Fedora packages itself. And the sandboxing is just a security addition the old packaging systems did not have.
See https://fedoramagazine.org/an-introduction-to-fedora-flatpaks/
Also BTW I guess Flathub would also ban malicious applications. It’s just that they are not built by someone else than. Basically the same model mobile app stores use, you cannot audit everything, so you use the builds by developers (or automatically build) from source β like F-Droid does it.
Tom
even the play store is problematic as google might be trying to get it right but they clearly drop the ball from time to time an open source mandate go along ways and still allow content providers to sell their content under a protected status as they are still copy righting the content now could they copy right the structure of a game where a quest opens a new quest and or new zone in the game no and should such concepts be open to copy right no then game design comes down to who has the fastest copy right attorney game mechanics no matter how unique should never be subject to copy right so what they are selling is an interactive story line and the interactive art work to go with it now game mods is another issue open to debate maybe a mod to work with a certain video card or to close certain security issue in a certain distro should be fine so if somebody wants a mod to run on a resultion of 800×600 could they do that I suspect they will suck at playing said game and pose no real balance threat to other players the open source concept would protect against both malware and cheating as the cheating mods could be analyzed to see how it interacts or changes the original game and the game devoloper might get install ready patches from the open source community anybody could be a game developer is they spend the time as the need of programing skills is greatly reduced take a basic frame work and add all new graphics ranging from GUI boarders and world landscape and boarders as well as skill art the result would look nothing like the original as the concepts of such are very common from one game to the next the concept of a skill tree is nothing new and no matter what game you play the function is not any different how its displayed can vary while for example WOW changed the nature of a skill tree to be more limited as a form of choices as the char levels up rather then a choice from an existing pool so at level 10 you get one of 3 choices and you can not decide to have the other options later on as its one of 3 you can reset and chose one of the other options I think the model we should work towards is what is known as zero trust which does not mean that we have a world of bad people but the zero trust concept will filter out most any malware and allow anybody to write a program
Eduard Lucena
Well, it’s just people being people. If you have been in FLOSS for a while, you know there have been, there are and always there will be haters on anything. If you don’t receive hate, you aren’t doing it well.
Nobody
Haters?
Where is “hate” when somebody asks who checks on people who publish software on the “store” and who reviews the code of each “app” and authorize it for distribution?
Where is “hate” when somebody says that when the answer is “nobody” then we already know there will be tens or hundreds of dangerous “apps”, because it already happened, it happens every time?
Please don’t say “but apps are sandboxed” because it is a joke.
All I can think of is Ballmer crying “developers, developers, developers”.
The Parliament in my own country approving the “State trojan”.
Gregory Bartholomew
I let the above reply through because I prefer not to suppress speech. However, this isn’t the best place for that discussion. I’ll likely consider any more comments along those lines on this article as “off topic” and delete them. Thanks.
Renich B
Great article. Always good to hear about new or, rather, undiscovered apps in the flatpakiverse. Thank you.
Also, I hear what others say, Flatpak has, still, a long way to go. Flatpakaging could be done better by upstream and collaborators.
Matthew Phillips
I like Flatpaks, and am appreciative of this article. I hope one day I have Jogger on my watch with Fedora on it =D
I don’t think the data duplication problem is really so serious. I put this in another comment section where people were going on about Flatpaks, but I have a relatively small / moderate NVMe drive (256GB) and quite a few apps installed via Flatpak, plus several games installed in the Steam Flatpak (all work great)… I’m not even at 50% capacity.
Even on the backend most standard Kubernets deployments are usually hypervisor -> VM -> Containers -> Applications. I’m sure LAMP stacks on bare metal are more prevalent, but that’s not how most people do their backend if starting anew these days. Similarly on the client we’ve moved on from putting files directly on the root operating system.
This page is a good summation of what Flatpaks offer and why it is the way forward. JMO π
https://docs.flatpak.org/en/latest/introduction.html
Pisu S
I just don’t get the hate Flatpak is getting.
I mean its good for the third party apps that want to support Linux and may not be available or deprecated in the distributions repo.
It makes even perfect sense in the future if companies want to sell paid software for the Linux platform who adhere to OSS licensing and standards.
With NixOS and Flatpaks, its pretty much future ready going forwards as more and more Dapps and metaverse apps come out as it reduces dependency complexities. People just don’t get that, once upon a time we had apps and dependencies in KB, now in MB and in the future in GB. Sure Flatpaks are very heavy but they are for the future maybe not today.
I wanted to install Mullvad, Floorp, signal and telegram on Fedora, SUSE and debian and on all three Flatpak did it. There would be no other way to do it in a unified way without pulling my hair out.
newb
bitwig flatpak made me go linux. currently enjoining fedora silverblue
Geoffrey Gordon Ashbrook
It is very helpful to learn about flatpack here. Finding ways to make things work for each case is an exciting challenge. I wonder if flatpacks may relate to some solutions for security issues with package verions, see security now 807 https://www.grc.com/sn/sn-807-notes.pdf (probably other episodes). And I’m not sure if the term ‘supply chain’ is sometimes used for these attacks (which might confuse various topics together). Some redundancy might be unavoidable for trusted applications to have their own versions and management for what they need and use (perhaps like browsers isolating processes likely requiring more resources). (Sorry if this is a tangent…)
Ondrej
Flatpak is a great tool which solves so many problems, desktop apps had.
– Weird library version dependencies
– Shorting the road from developer to the enduser
– Allowing sandboxing the applications
…
Many problems we need to solve, but bashing Flatpak is from my point of view just a limited view on what the real world actually needs (not we system administrators, power users, etc.). Stop it.
reyhan
thanks a lot of information goodjobs
Patrice
Thanks for the article, which highlights some interesting new applications. It’s ineresting to have reviews of new apps, as it opens our horizons and encourages us to go and have a look in the app repository from time to time.
However, I also refuse to install Flatpaks as I refuse to install a lot of mobile apps on my phone, even though they could be useful. The first reason is security and trust in the developer. The second reason is waste of resources.
I only install apps on my systems from developers I trust, which means very few.
But if you analyze your real needs and do a bit of search, you will find almost everything you need in your Linux distribution repository.
Maintainer and app developer is not the same job. And security in the latter one is the latest of their worries most of the time.
If you look at mobile app stores, they are heavily monitored and still security holes are found everyday. So can we talk about security in loosely monitored Flatpaks?
We definitely need some new article dedicated to Flatpaks, explaining security, upsides and downsides of the tech.
2w3r23r
every program with gtk or gnome is unsafe
run
valgrind -v –leak-check=full –show-leak-kinds=all –track-origins=yes \
–verbose –tool=memcheck example_program
and check, amny memory leak
Skryptar
Good morning,
I read the comments, I am 50% divided. I am for flatpak without being it! Excuse my frankness in advance, but I find it totally stupid to have created Flatpak after snapcraft! I’m a developer myself and I still don’t understand why we have fun making 36 wheels! For ego reasons? security? I like to switch between distributions at times, but I always come back to Fedora, I have always been addicted to the Redhat company since 1994… I will take a few examples that many people use.
Discord:
On Snapchat, very responsive, practically simultaneous, the application reacts like a local installation. On flat… The responsiveness is not the same and the icons in the notification do not work, finally, it sucks for access to local files. I haven’t retested this last point lately. There is a discord rpm, between the discord updates and the rpm there is easily a week.
As I said, being a developer in different fields, I started on the web in php so…
PhpStorm:
Snap: Nickel installation, reacts like a local installation! Flat… Once you install the application and launch it…. Drum roll and we applaud loudly!! We have a post with unofficial Flatpack version! Not possible to access our local php configuration… on the other hand I now saw the local folders, I didn’t check if I really had access… Yes, because still in my configuration for phpstorm. I see the bin folder and it’s missing everything needed. So, to play pranks on us, look, you see your files… but you won’t have access to them π
Now that the venom is spat, why am I for one and not many, but a system like snapflat. This opens the Linux world to Windows applications. Today our society has changed a lot. I develop with passion like yesterday, today for many developers it has become a defect.. So what do we do? Lots of little application shortcuts, by telling the other devs you’re watching, you’ll save time and what’s more, it gives you the opportunity to be a little lazier than yesterday! I keep saying it, laziness doesn’t pay and one day we’re all going to lose our minds! It’s one thing to design tools to help, but tools to do that make us skip several steps that are, in my opinion, crucial and something else. Brief…
Finally, I promise it’s the end…
Finally, still in the demonstration of stupidity. A developer of a Windows application… Do you think he’s going to take 36 snapflats to release his program? The guy will say and you guys are very kind, he will do it once, twice, and the third time he will choose the hub that is the most attractive and where he encounters the least application concerns… If you have read everything I have written, you immediately know who will be the winner! FlatHub will have its copy, but not necessarily functional!
For this, I don’t even bother to install a flat application, because every time there is something that goes wrong, whereas on snap, we install, it works by itself!
YOUNGMANBLUES1969
Maybe Canonical shouldn’t have Snap applications locked to their proprietary backend. Flatpaks are much more ahead of Snap for GUI applications, but as for CLI/system-level packages, yeah Snap beats Flatpak.
Best system combination:
– System packages from package manager for anything at a system-level
– Flatpak for most GUI applications
– Distrobox containers for applications not available as a Flatpak or in the distro’s (in this case Fedora Linux) repos
– Nix/Brew if you like those package managers
– WINE for Windows applications