/tags/containers/ Recent content in containers on Developer's blog Hugo -- gohugo.io en-us Sat, 12 Sep 2020 06:00:00 +0000 /posts/ubuntu-snap-the-price-of-the-isolation/ Sat, 12 Sep 2020 06:00:00 +0000 /posts/ubuntu-snap-the-price-of-the-isolation/ <p>The idea of the majority of Linux distributions is to compile Linux kernel, collect existing Open Source and proprietary software, test and then patch it if required, add something own and pack the results into the packages, so users can install and use these programs. Ubuntu packages grouped into APT repositories. Users can manage packages with <code>apt</code> command.</p> <p>Software developers usually do not write all the code required by their programs, but use different libraries and frameworks (e.g. graphical applications can use GTK to draw widgets like button or label). It allows developers to save some time and make fewer bugs. As a result the majority of software nowadays has dependencies. Different programs can depend on the same library (most of the GUI programs in Gnome depend on GTK) that is why there is no need to install the same library several times. Each APT package defines a list of dependencies, so when the user executes a command like <code>apt install gnome-calculator</code> package manager install not only <code>gnome-calculator</code> itself but also its dependencies like <code>libgtksourceview-4-0</code>.</p> <p>Such an approach allows users to save disk space and reduce security risks: if there is some problem in the common library it&rsquo;s enough to update it once and all dependent programs will use the new version. Unfortunately, such an approach is not a silver bullet and has some downsides:</p> <ul> <li>Suppose two programs depend on different versions of the same library. It this case there will be a conflict during dependencies resolution that is why <code>apt</code> command will fail and the user can&rsquo;t install both programs at the same time.</li> <li>Providers of third-party software like Viber or Skype have to make different packages of the same product for different Ubuntu distributions, e.g. 18.04 and 20.04 have different versions of system libraries that, so it&rsquo;s required to build and maintain two different packages for one program.</li> <li><code>apt</code> installs each program globally so it will be a conflict when two packages try to create a file with the same name.</li> <li>Traditional programs can access all user files and resources that is why it&rsquo;s difficult to control such software. In case of a security vulnerability in one program all user&rsquo;s files are in danger.</li> </ul> <p>Several years ago Ubuntu introduced <a href="https://snapcraft.io/">Snap</a> - a package manager with an alternative approach, designed to solve <code>apt</code> problems.</p>