Flatpaks suck! And what to do about it.

Flatpaks suck! And what to do about it.
Flatpak logo

To preface this, Flatpaks do not suck. Catchy title, though, eh? However, they are different, and that means some contingent of people are going to struggle with them and condemn them to suckage, perhaps forever. There is no doubt, Flatpaks are fairly new, and they have their fair share of growing pains. I’m going to try to hit on the biggest struggle I see people have and a tool to make it manageable if not downright easy to take the flatpak you might encounter in the wild.

The biggest problem I see are flatpaks with sandboxing that is either not really a sane default or at odds with the user’s system layout. Many folks don’t realize this can be changed. Those who do invariably end up on a forum someplace facing down a seemingly long-winded CLI command. That can be a real turn-off. Enter Flatseal!

Flatseal is itself a flatpak, but it allows you to control the sandbox of any flatpak apps via a very nice, reasonably simple, GUI. You can find Flatseal here https://flathub.org/apps/details/com.github.tchx84.Flatseal If you already have flathub configured, you can install Flatseal via CLI with:

flatpak install flathub com.github.tchx84.Flatseal

If you’re on Pop_OS, Manjaro, or Fedora 36 or newer, you can probably just find it in your software store and click install.

To make this easy to understand, I’d like to offer the following anecdote.

Every time I do a new system install on my desktop computer, I install the Flatpak of Steam. My system has two drives in it. One is my SSD and my OS drive where Steam gets installed. The other is a much larger spinning rust drive where I install my Steam games. Rightfully, Steam Flatpak has no idea that my system is configured this way. The sandbox is secure, so it’s deny by default, which is great for security. Nothing, somehow, lurking in the flatpak could start rooting around my system. But that also means that Steam can’t see, or get to, my Steam games folder stored on the secondary drive. If I go into Steam’s Settings, Library Folders and try to add my drive and/or path, it just won’t see it. So how do we fix that?

In the good ole’ days of Flatpak, we’d have faced something like this.

flatpak override --user --filesystem=/path/to/mounted/drive com.valvesoftware.Steam

Enter Flatseal to make things less archaic and more user-friendly. Enabling the path now involves opening Flatseal, clicking on Steam, and scrolling to the File system block and adding the path under “Other files”. Bobs your uncle! You can now access /path/to/mounted/drive via Steam’s Library Folders dialogue.

You should install Flatseal and have a look around. This utility can resolve all manner of issues, from granting access to things like webcams to enabling and disabling access to GPU acceleration. It’s a great way to get a handle on how Flatpaks work and all the options available to control through their sandbox.