Bazi idzva rakasimba reFlatpak 1.12 raburitswa, richipa sisitimu yekuvaka mapakeji akazvimirira asina kusanganiswa nekugoverwa kwakatarwa. Linux uye inoiswa mumudziyo wakakosha unobvisa application kubva kune mamwe masisitimu. Rutsigiro rwekushandisa mapakeji eFlatpak rwunopihwa kuArch. Linux, CentOS, Debian, Fedora, Gentoo, Mageia, Linux Mint, Alt Linux и UbuntuMapakeji eFlatpak anowanikwa mune repository yeFedora uye anotsigirwa muGNOME application manager yakajairwa.
Makiyi ekuvandudza muFlatpak 1.12 bazi:
- Yakavandudzwa manejimendi enzvimbo dzakaiswa sandbox dzinoshandiswa muflatpak package nemutengi weSteam game delivery service. Mumabhokisi ejecha, kusikwa kweakasiyana madhairekitori eiyo / usr uye / app madhairekitori anobvumidzwa, ayo anoshandiswa muSteam kuvhura mitambo mugaba rakaparadzana rine yayo / usr partition, yakaparadzaniswa nenharaunda neSteam client.
- Ese mapeji epakeji ane yakafanana application identifier (app-ID) inogovera iyo /tmp uye $XDG_RUNTIME_DIR madhairekitori. Sarudzo, uchishandisa iyo "--bvumira = per-app-dev-shm" mureza, unogona kugonesa kushandiswa kweiyo / dev/shm yakagovaniswa dhairekitori.
- Tsigiro yakavandudzwa yeText User Interface (TUI) zvikumbiro zvakaita segdb.
- Kukurumidza kuita kwe "ostree prune" kuraira kwakawedzerwa kune kuvaka-update-repo utility, yakagadziridzwa kushanda nemarepositori mune archive mode.
- Kusagadzikana kweCVE-2021-41133 mukuitwa kweiyo portal mashandiro, ane chekuita nekushaikwa kwekuvhara kwenharembozha itsva ine chekuita nekukwira zvikamu mumitemo yeseccomp, yakagadziriswa. Kusagadzikana kwakabvumira chishandiso kugadzira bhokisi rejecha kuti ripfuure ne “portal” nzira dzekuongorora dzinoshandiswa kuronga kuwana zviwanikwa kunze kwemudziyo.
Nekuda kweizvozvo, munhu anorwisa, kuburikidza nekuita-inoenderana-nechekuita system mafoni, anogona kunzvenga bhokisi rejecha rekuzviparadzanisa nevamwe uye kuwana mukana wakazara kune zviri mukati menzvimbo inotambira. Kusagadzikana kunogona kungoshandiswa mumapakeji anopa maapplication ane mukana wakananga kumasoketi eAF_UNIX, seaya anoshandiswa neWayland, Pipewire, uye pipewire-pulse. Mukusunungurwa 1.12.0, kukanganisa hakuna kubviswa zvachose, saka update 1.12.1 yakabudiswa inopisa pazvitsitsinho zvayo.
Sechiyeuchidzo, Flatpak inobvumira vagadziri vemapurogiramu kuti varerutse kugoverwa kwemapurogiramu avo asina kuiswa mumatura ekugovera akajairwa nekugadzira mudziyo mumwe chete, wepasi rose pasina kugadzira magadzirirwo akasiyana ekugovera kwega kwega. Kune vashandisi vane hanya nekuchengetedzwa, Flatpak inovabvumira kumhanyisa application isina chokwadi mumudziyo, ichipa mukana wekuwana mabasa enetwork nemafaira evashandisi ane chekuita neapplication chete. Kune vashandisi vanofarira kuburitswa kutsva, Flatpak inovabvumira kuisa bvunzo dzichangoburwa uye kuburitswa kwakagadzikana kwemaapplication pasina kuita chero shanduko kusystem. Semuenzaniso, mapakeji eFlatpak akavakirwa LibreOffice, Midori, GIMP, Inkscape, Kdenlive, Steam, 0 AD, Visual Studio Code, VLC, Slack, Skype, uye Telegram Desktop. Android Studio, nezvimwewo.
Kuti uderedze saizi yepakeji, inosanganisira chete kutsamira kwekushandisa-chaicho, uye iyo yekutanga sisitimu uye magiraibhurari emifananidzo (GTK, Qt, GNOME uye KDE maraibhurari, nezvimwewo) zvakagadzirirwa seplug-in yakajairwa nguva yekumhanya nharaunda. Musiyano wakakosha pakati peFlatpak neSnap ndewekuti Snap inoshandisa zvikamu zveiyo main system nharaunda uye kuzviparadzanisa zvichienderana nekusefa system mafoni, nepo Flatpak inogadzira mudziyo wakaparadzaniswa nehurongwa uye unoshanda nemaseti makuru ekumhanya, ichipa kwete mapakeji sekutsamira, asi yakajairwa. one system nharaunda (semuenzaniso, maraibhurari ese anodiwa pakushanda kweGNOME kana KDE zvirongwa).
Pamusoro peiyo yakajairwa sisitimu nharaunda (runtime), yakaiswa kuburikidza neyakakosha repository, yakawedzera kutsamira (bundle) inodiwa pakushanda kwechikumbiro inopihwa. Pakazara, nguva yekumhanya uye bundle zvinoumba kuzadza kwemudziyo, kunyangwe inyaya yekuti nguva yekumhanya inoiswa zvakasiyana uye yakasungirirwa kumidziyo yakati wandei kamwechete, izvo zvinokutendera kuti udzivise kudzokorora mafaera ehurongwa akajairika mumidziyo. Imwe sisitimu inogona kuve neyakasiyana yekumhanyisa nguva yakaiswa (GNOME, KDE) kana akati wandei mavhezheni enguva imwechete yekumhanya (GNOME 3.40, GNOME 3.42). Chigaba chine application seyekutsamira chinoshandisa chinosunga chete kune yakatarwa nguva yekumhanya, pasina kufunga nezve ega mapakeji anoumba nguva yekumhanya. Zvese zvisipo zvinorongedzerwa zvakanangana nekushandisa. Kana mudziyo ukaumbwa, zviri mukati menguva yekumhanya zvinoiswa seye / usr partition, uye bundle inoiswa mu / app dhairekitori.
Iyo yekumhanyisa uye midziyo yekushandisa inovakwa uchishandisa OSTree tekinoroji, umo mufananidzo wacho unogadziridzwa atomi kubva kuGit-senge repository, iyo inobvumira nzira dzekutonga shanduro kuti dzishandiswe kune zvikamu zvekugovera (semuenzaniso, unogona kukurumidza kudzosera system kune previous state). RPM mapakeji anoshandurirwa muOStree repository uchishandisa yakakosha rpm-ostree layer. Kuiswa kwakaparadzaniswa uye kugadziridzwa kwemapakeji mukati menzvimbo yekushanda hakutsigirwe; iyo sisitimu inovandudzwa kwete pamwero wezvikamu zvega, asi zvakazara, ichichinja mamiriro ayo. Inopa maturusi ekushandisa zvigadziriso zvishoma nezvishoma, zvichibvisa kukosha kwekutsiva zvachose chifananidzo nekuvandudza kwega kwega.
Iyo inogadzirwa yakasarudzika nharaunda yakazvimirira zvachose pakugoverwa kunoshandiswa uye, iine marongero akakodzera epasuru, haina kuwana mafaera uye maitiro emushandisi kana iyo huru sisitimu, haigone kuwana zvakananga michina, kunze kwekubuda kuburikidza neDRI, uye kufona kune network subsystem. Graphics inobuda uye yekuisa sangano inoshandiswa uchishandisa iyo Wayland protocol kana kuburikidza neX11 socket kumberi. Kudyidzana nemamiriro ekunze kunobva paDBus messaging system uye yakakosha Portals API.
Kuti udzivirire ngura, jira rebubblewrap uye rechinyakare Linux matekinoroji ekuona zviri mumidziyo zvichibva pakushandiswa kwema cgroups, namespaces, Seccomp neSELinuxPulseAudio inoshandiswa pakuburitsa odhiyo. Kubvisa odhiyo kunogona kudzimwa, izvo zvinoshandiswa nevagadziri vemapakeji mazhinji anozivikanwa kuti vawane mukana wakazara wekushandisa mafaira nemidziyo yese iri musystem. Semuenzaniso, mapakeji akadai seGIMP, VSCodium, PyCharm, Octave, Inkscape, Audacity, uye VLC ane nzira yekuparadzanisa inobvumidza mukana wakazara wekushandisa dhairekitori repamba.
Kana mapasuru ane dhairekitori repamba akakanganiswa, zvisinei nekuvepo kwe "sandboxed" label mune tsananguro yepasuru, anorwisa anongoda kuchinja ~/.bashrc faira kuti aite kodhi yake. Imwe nyaya yakaparadzana ndeye kutonga kwekuchinja kumapakeji uye kuvimba nevagadziri vepakeji, avo vanowanzo sangana neiyo huru purojekiti kana kugovera.
Source: opennet.ru
