Bazi idzva rakagadzikana reFlatpak 1.12 toolkit rakaburitswa, iro rinopa sisitimu yekuvaka-yega mapakeji asina kusungirirwa kune chaiwo Linux kugoverwa uye inomhanya mumudziyo wakasarudzika unoparadzanisa application kubva kune yese system. Tsigiro yekumhanyisa Flatpak mapakeji inopihwa Arch Linux, CentOS, Debian, Fedora, Gentoo, Mageia, Linux Mint, Alt Linux uye Ubuntu. Flatpak mapakeji anosanganisirwa muFedora repository uye anotsigirwa neyako GNOME application maneja.
Makiyi ekuvandudza muFlatpak 1.12 bazi:
- Yakavandudzwa manejimendi enzvimbo dzakaiswa sandbox dzinoshandiswa muflatpak package nemutengi weSteam game delivery service. Mumabhokisi ejecha, kusikwa kweakasiyana madhairekitori eiyo / usr uye / app madhairekitori anobvumidzwa, ayo anoshandiswa muSteam kuvhura mitambo mugaba rakaparadzana rine yayo / usr partition, yakaparadzaniswa nenharaunda neSteam client.
- Ese mapeji epakeji ane yakafanana application identifier (app-ID) inogovera iyo /tmp uye $XDG_RUNTIME_DIR madhairekitori. Sarudzo, uchishandisa iyo "--bvumira = per-app-dev-shm" mureza, unogona kugonesa kushandiswa kweiyo / dev/shm yakagovaniswa dhairekitori.
- Tsigiro yakavandudzwa yeText User Interface (TUI) zvikumbiro zvakaita segdb.
- Kukurumidza kuita kwe "ostree prune" kuraira kwakawedzerwa kune kuvaka-update-repo utility, yakagadziridzwa kushanda nemarepositori mune archive mode.
- Kusagadzikana kweCVE-2021-41133 mukuitwa kweiyo portal mashandiro, ane chekuita nekushaikwa kwekuvhara kwenharembozha itsva ine chekuita nekukwira zvikamu mumitemo yeseccomp, yakagadziriswa. Kusagadzikana kwakabvumira chishandiso kugadzira bhokisi rejecha kuti ripfuure ne βportalβ nzira dzekuongorora dzinoshandiswa kuronga kuwana zviwanikwa kunze kwemudziyo.
Nekuda kweizvozvo, munhu anorwisa, kuburikidza nekuita-inoenderana-nechekuita system mafoni, anogona kunzvenga bhokisi rejecha rekuzviparadzanisa nevamwe uye kuwana mukana wakazara kune zviri mukati menzvimbo inotambira. Kusagadzikana kunogona kungoshandiswa mumapakeji anopa maapplication ane mukana wakananga kumasoketi eAF_UNIX, seaya anoshandiswa neWayland, Pipewire, uye pipewire-pulse. Mukusunungurwa 1.12.0, kukanganisa hakuna kubviswa zvachose, saka update 1.12.1 yakabudiswa inopisa pazvitsitsinho zvayo.
Ngatikuyeuchidzei kuti Flatpak inobvumira vanogadzira maapplication kurerutsa kugovera kwezvirongwa zvavo izvo zvisingabatanidzwe muyakajairwa yekugovera repositori nekugadzirira imwe chigadziko chepasirese pasina kugadzira magungano akasiyana ekugovera kwega kwega. Kune vashandisi-vanoziva kuchengetedza, Flatpak inokutendera iwe kuti umhanye application inopokana mumudziyo, ichipa mukana chete kune network mabasa uye mafaera emushandisi ane hukama nechishandiso. Kune vashandisi vanofarira zvigadzirwa zvitsva, Flatpak inokutendera iwe kuti uise yazvino bvunzo uye yakagadzika kuburitswa kwezvikumbiro pasina chikonzero chekuchinja kuhurongwa. Semuenzaniso, Flatpak mapakeji akavakirwa LibreOffice, Midori, GIMP, Inkscape, Kdenlive, Steam, 0 AD, Visual Studio Code, VLC, Slack, Skype, Telegraph Desktop, Android Studio, nezvimwe.
Kuti uderedze saizi yepakeji, inosanganisira chete kutsamira kwekushandisa-chaicho, uye iyo yekutanga sisitimu uye magiraibhurari emifananidzo (GTK, Qt, GNOME uye KDE maraibhurari, nezvimwewo) zvakagadzirirwa seplug-in yakajairwa nguva yekumhanya nharaunda. Musiyano wakakosha pakati peFlatpak neSnap ndewekuti Snap inoshandisa zvikamu zveiyo main system nharaunda uye kuzviparadzanisa zvichienderana nekusefa system mafoni, nepo Flatpak inogadzira mudziyo wakaparadzaniswa nehurongwa uye unoshanda nemaseti makuru ekumhanya, ichipa kwete mapakeji sekutsamira, asi yakajairwa. one system nharaunda (semuenzaniso, maraibhurari ese anodiwa pakushanda kweGNOME kana KDE zvirongwa).
Pamusoro peiyo yakajairwa sisitimu nharaunda (runtime), yakaiswa kuburikidza neyakakosha repository, yakawedzera kutsamira (bundle) inodiwa pakushanda kwechikumbiro inopihwa. Pakazara, nguva yekumhanya uye bundle zvinoumba kuzadza kwemudziyo, kunyangwe inyaya yekuti nguva yekumhanya inoiswa zvakasiyana uye yakasungirirwa kumidziyo yakati wandei kamwechete, izvo zvinokutendera kuti udzivise kudzokorora mafaera ehurongwa akajairika mumidziyo. Imwe sisitimu inogona kuve neyakasiyana yekumhanyisa nguva yakaiswa (GNOME, KDE) kana akati wandei mavhezheni enguva imwechete yekumhanya (GNOME 3.40, GNOME 3.42). Chigaba chine application seyekutsamira chinoshandisa chinosunga chete kune yakatarwa nguva yekumhanya, pasina kufunga nezve ega mapakeji anoumba nguva yekumhanya. Zvese zvisipo zvinorongedzerwa zvakanangana nekushandisa. Kana mudziyo ukaumbwa, zviri mukati menguva yekumhanya zvinoiswa seye / usr partition, uye bundle inoiswa mu / app dhairekitori.
Iyo yekumhanyisa uye midziyo yekushandisa inovakwa uchishandisa OSTree tekinoroji, umo mufananidzo wacho unogadziridzwa atomi kubva kuGit-senge repository, iyo inobvumira nzira dzekutonga shanduro kuti dzishandiswe kune zvikamu zvekugovera (semuenzaniso, unogona kukurumidza kudzosera system kune previous state). RPM mapakeji anoshandurirwa muOStree repository uchishandisa yakakosha rpm-ostree layer. Kuiswa kwakaparadzaniswa uye kugadziridzwa kwemapakeji mukati menzvimbo yekushanda hakutsigirwe; iyo sisitimu inovandudzwa kwete pamwero wezvikamu zvega, asi zvakazara, ichichinja mamiriro ayo. Inopa maturusi ekushandisa zvigadziriso zvishoma nezvishoma, zvichibvisa kukosha kwekutsiva zvachose chifananidzo nekuvandudza kwega kwega.
Iyo inogadzirwa yakasarudzika nharaunda yakazvimirira zvachose pakugoverwa kunoshandiswa uye, iine marongero akakodzera epasuru, haina kuwana mafaera uye maitiro emushandisi kana iyo huru sisitimu, haigone kuwana zvakananga michina, kunze kwekubuda kuburikidza neDRI, uye kufona kune network subsystem. Graphics inobuda uye yekuisa sangano inoshandiswa uchishandisa iyo Wayland protocol kana kuburikidza neX11 socket kumberi. Kudyidzana nemamiriro ekunze kunobva paDBus messaging system uye yakakosha Portals API.
Kuzviparadzanisa nevamwe, iyo Bubblewrap layer uye yechinyakare Linux mudziyo virtualization matekinoroji anoshandiswa, zvichibva pakushandiswa kwemapoka, mazita enzvimbo, Seccomp uye SELinux. PulseAudio inoshandiswa kuburitsa ruzha. Muchiitiko ichi, kuparadzaniswa kunogona kuvharwa, iyo inoshandiswa nevagadziri vemapakeji akawanda anozivikanwa kuti vawane mukana wakazara kune faira system uye zvese zvishandiso muhurongwa. Semuyenzaniso, GIMP, VSCodium, PyCharm, Octave, Inkscape, Audacity, uye VLC inouya neine shoma yekuzviparadzanisa modhi inosiya kuwana kuzere kudhairekitori repamba.
Kana mapasuru ane dhairekitori repamba akakanganiswa, zvisinei nekuvepo kwe "sandboxed" label mune tsananguro yepasuru, anorwisa anongoda kuchinja ~/.bashrc faira kuti aite kodhi yake. Imwe nyaya yakaparadzana ndeye kutonga kwekuchinja kumapakeji uye kuvimba nevagadziri vepakeji, avo vanowanzo sangana neiyo huru purojekiti kana kugovera.
Source: opennet.ru