- cross-posted to:
- [email protected]
- [email protected]
- cross-posted to:
- [email protected]
- [email protected]
You must log in or register to comment.
Hey everyone, I would love some guidance here.
I’m new to Linux, I’m using Arch Linux and pacman currently. Would it be better to get more acquainted with flatpacks? If I wanted to swap to flatpacks would I just start using it? Would I need to transfer currently installed applications from pacman to flatpack?
Would it be wiser to move to Nix? I love the concept of atomic updates, that’s the main functionality I’m interested in getting - I like my system cutting edge but stable. But I’m fully uneducated on how applications get used by the common man. Like in Windows if I find a small application like Hex Kit I find its .exe and install it. In Linux I download their version online and I get .bin’s and .pak’s and .so and .dat and I have no idea how to get the bastard working. Same with like a Godot export to Linux, I get a .so or a .pck.
Any advise or educational sources are much appreciated. I’m learning as fast as I can but I’m drinking from a firehouse right now lol. I’m also building a doc to help my friends jump over so if I’d be better served using something other than pacman I want to know so I can update the doc before handing it to them.
Arch gets a bad rep, but I think it’s a great first distro for anyone with moderate or above skills. The primary factor is that you have to actually be interested in learning it, not looking for something that “just works”.
I use Arch on my beefy gaming PC and I run updates every day because I’m a dork. Perhaps unsurprisingly, I’ve had better stability doing this than with the monthly patches on Windows. That’s not to say there haven’t been issues, Windows sets a low bar. But here in this year 2025, the “innovation” of paid software is excessive and often not worth the cost of dealing with service subscriptions and whatnot. The software in FOSS land tends to be more conservative in its construction with a focus on doing the thing it’s supposed to and usability. People want their distros to work, it’s not like Arch maintainers are just breaking it all over the place because, “oopsy, gotta stay up to date!”
Anyways, here’s how I prioritize things:
- pacman: This should be your PRIMARY source. Think of everything in the official Arch repos as part of the OS, just things you haven’t installed on your system yet because you don’t need it. The most care has been put into ensuring all these packages work together and I have the highest confidence that these will be maintained for the greatest duration into the future. One of the big benefits of using pacman is that especially with Arch, you upgrade your entire system at once with
pacman -Syu. Conversely on Windows, you have to update all software yourself by either downloading a newer version and running the installer, having the program install a system tray icon to pester you, MAYBE the program implements a self/auto update? Or maybe it prompts you for an update and then just sends you to the website to download the latest version and install it yourself. Kind of a mess, really. - yay: If I want a piece of software that’s not part of the main distribution, I’ll turn to the Arch User Repository (AUR). If it helps, just think of this as the unofficial pacman. It downloads the files from the AUR and builds them directly on your system (all using scripts, using yay is as easy as using pacman). The downside is that because the AUR is unofficial, occasionally things can break when something in the official repository updates. It happens from time to time, but you can always check the AUR pages and see that people are on top of things for popular programs. It’s fine to place your trust in the AUR (IMHO) but if you have an absolutely critical app that cannot afford to break, maybe consider a flatpak or appimage instead.
- flatpaks: again, this is another package manager that behaves much like pacman and yay do. The difference here is that flatpaks are contained. This makes a big difference especially with Arch since the whole system updates at once with Syu. The biggest downside (IMHO) is space, a package that might only take ~15MB from the official repo may instead be >300MB when packaged with all its dependencies in a flatpak. I think this is what the Discover Software Center actually hooks into but I’m not sure since I do all command line. You could, if you wanted, begin uninstalling applications you installed through pacman (obviously not system related ones) and install the flatpaks in their place. For reasons I still don’t understand myself, the OBS that you install through pacman doesn’t have browser sources available, but the one I installed from https://flathub.org/ does. I need the browser sources so I’ve made that decision, I’ll switch back to the official repo one if they ever get that sorted.
- AppImages: AppImages are entirely self-contained. Download a .AppImage and you can place it almost anywhere on your system and it’ll run, no requirement for further dependencies. It doesn’t install, however it will still create files on the system required for its operation such as anything needed under ~/.config or wherever. To update these, you just need to download the newer file.
I hope that helps a little bit, let me know if you’d like further clarification on any of the points.
It seems like a lot when you’re first learning, but I keep all my notes in Obsidian and once you understand how you’re building the stack of software on your Arch installation I think it’ll click for you. To fully update my system I run:
pacman -Syuyay -Suaflatpak update
You can update pacman packages with yay, and you can update flatpaks with Discover (I think) but I do it this way just because I’m meticulous and I like keeping my eye on things. Still, pretty easy I think?
Thanks for this, I found it very helpful! I’m gonna go look into flatpak and see if I have some applications that would be better served by that system.
- pacman: This should be your PRIMARY source. Think of everything in the official Arch repos as part of the OS, just things you haven’t installed on your system yet because you don’t need it. The most care has been put into ensuring all these packages work together and I have the highest confidence that these will be maintained for the greatest duration into the future. One of the big benefits of using pacman is that especially with Arch, you upgrade your entire system at once with
I am not sure if Arch or Nix are good distros if you are new to Linux.
I would say Linux Mint might be a better option to get your bearings. This is a subjective thing, but I personally found it helpful to slowly learn some core things about Linux (CLI, base system architecture, DE’s and their nuances) in a controlled environment.
Just sharing my thoughts. It’s cool if Arch or Nix works better for you.
I’d probably agree in general but I’m a software engineer and my friends that would be moving over are software engineers and so I’m less worried. I wanted to take this opportunity to learn more about OS’es and get more familiarized with each part of the process and Arch has made that super easy as it obfuscated so little. I still used some cheat scripts to get up and running like arch_install I think but it’s been generally nice.
I am on the Konsole Debugging random issues far more than I’d like but right now it’s a hobby I’m partially choosing to spend time on - I think things would function just fine if I ignored them for a bit. Still, all things to consider and improve on - which is why I’m asking about package managers.
That’s fair. My frame of context was more general.😀
It is impossible to be better than the nix package manager.
rpm -Vp https://download.rockylinux.org/pub/rocky/9/BaseOS/x86_64/os/Packages/n/net-tools-2.0-0.64.20160912git.el9.x86_64.rpmOh. Glad to know every part of that package is absolutely as delivered, and signatures are clean in a chain from the distro’s published keys down to the checksums on every file deployed.
Yes, this has saved my bacon. Yes, this has absolutely shut some distros out of consideration.
using apt (nala) and deb, forever. Ban flatpak/snap.
Flatpak is actually a really good solution. Snap is garbage though.
I do a combination of Flatpak for niche 3rd party applications and apt on Debian for standard stuff that everyone wants/needs.
My biggest gripe with flatpak is the fact it isn’t sandboxed properly by default.
I’m not referring to vendor-given privileges. Every flatpak, unless explicitly ran with the –sandbox option, has a hole in the sandbox to communicate with the portal. Even if you try to use flatseal to disallow it, it will still be silently allowed.
This leads to a false sense of security. A notable issue I found is if you disallow network access to a flatpak, it can still talk to the portal and tell it to open a link in your browser. This allows it to communicate back to a server through your browser even though you disallowed it. Very terrible.
Security should to be dead easy and difficult to mess up. The countless threads I’ve read on flatpak tell me the communication about flatpak’s actual security has been quite terrible, and so it doesn’t fit this category.
Same. I like it that I can install Librewolf and some other software on Mint from Flathub instead of adding some obscure repositories with commands I don’t even understand.
Like with docker, this isn’t healthy:
# Add Docker's official GPG key: sudo apt-get update sudo apt-get install ca-certificates curl sudo install -m 0755 -d /etc/apt/keyrings sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc sudo chmod a+r /etc/apt/keyrings/docker.asc # Add the repository to Apt sources: echo \ "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \ $(. /etc/os-release && echo "${UBUNTU_CODENAME:-$VERSION_CODENAME}") stable" | \ sudo tee /etc/apt/sources.list.d/docker.list > /dev/null sudo apt-get updateadding some obscure repositories with commands I don’t even understand.
You may want to learn the commands and review the repos.
this isn’t healthy:
True, but not in a way that SnapPakImage is going to fix.
System packages are always light but share the same dependencies with everything else which saves space. However, they don’t have any sandboxing, which makes them less secure than Flatpaks. It’s best to use those for simple programs.
Flatpaks are amazing because each Flatpak is sandboxed with its own dependencies, and if you already have the dependency on your device, it doesn’t download it again but clones it from your device to reduce bandwidth load. Flatpaks are a great fallback when system packages aren’t available because they’re compatible with all Linux distributions and I advise you use them primarily for any program that connects to the Internet as they’re more secure.
Snaps are worse Flatpaks lmao
share the same dependencies with everything else which makes them insecure.
Absolutely unfounded.
I’m not sure what exactly you’re calling unfounded but I did rephrase my statement to be more accurate. For further info I really suggest this video from The Linux Experiment. https://tilvids.com/w/7sKzyoAFK28UmhhZJ2B4hA
Wonderful? Everyone knows there’s just one good option (pacman).
I personally love pacman. And of course AUR wrappers like yay.
Pacman is simple and just works. No fuss.
simple and just works.
I’ve been updating enterprise linux hosts via cron for 25 years. I used to watch them. Now, given the quasi-rollback options and validation, I use repos I can trust and I review the payload after. It’s less resilient since EL7 (ohai Lennart) but still so very simple. I’ll thunderdome your OS Security chief on that as well.
