Isebe elitsha elizinzile le-Flatpak 1.12 toolkit lishicilelwe, elibonelela ngenkqubo yokwakha iipakethi ezizimeleyo ezingabophelelekanga kwi-Linux ethile yokusasazwa kwaye iqhutywe kwisitya esikhethekileyo esihlukanisa isicelo esivela kuyo yonke inkqubo. Inkxaso yokuqhuba iiphakheji ze-Flatpak inikezelwa kwi-Arch Linux, i-CentOS, i-Debian, i-Fedora, i-Gentoo, i-Mageia, i-Linux Mint, i-Alt Linux kunye ne-Ubuntu. Iiphakheji zeFlatpak zibandakanyiwe kwindawo yokugcina i-Fedora kwaye zixhaswa ngumphathi wesicelo se-GNOME.
Izinto ezintsha eziphambili kwisebe leFlatpak 1.12:
- Ulawulo oluphuculweyo lweendawo zokuhlala zebhokisi yesanti esetyenziswa kwiphakheji yeflatpak kunye nomxhasi wenkonzo yokuhanjiswa komdlalo weSteam. Kwiibhokisi zesanti ezifakwe kwindlwane, ukudalwa koluhlu oluhlukeneyo lwe-/usr kunye / lwe-app ye-directory ivumelekile, esetyenziswa kwi-Steam ukuqalisa imidlalo kwi-container eyahlukileyo kunye ne-partition yayo / ye-usr, esecaleni kwendawo kunye nomxhasi we-Steam.
- Zonke iimeko zepakethe ezinesichongi sesicelo esifanayo (i-ID ye-app) yabela i/tmp kunye ne-$XDG_RUNTIME_DIR abalawuli. Ngokuzikhethela, usebenzisa i-"--allow=per-app-dev-shm" iflegi, unokuvumela ukusetyenziswa kwe/dev/shm directory ekwabelwana ngayo.
- Inkxaso ephuculweyo ye-Text User Interface (TUI) izicelo ezifana negdb.
- Ukuphunyezwa okukhawulezayo komyalelo we "ostree prune" kongezwe kwi-build-update-repo utility, elungiselelwe ukusebenza ngoovimba kwimo yogcino.
- Ubuthathaka be-CVE-2021-41133 ekuphunyezweni kwendlela ye-portal, ehambelana nokungabikho kokuvinjelwa kweefowuni zenkqubo entsha ezinxulumene nokunyuka kwezahlulo kwimithetho ye-seccomp, imisiwe. Ukuba sesichengeni kuvumele usetyenziso ukwenza ibhokisi yesanti evalelweyo ukugqitha “iportal” iindlela zokuqinisekisa ezisetyenziselwa ukulungelelanisa ufikelelo kwimithombo engaphandle komgqomo.
Ngenxa yoko, umhlaseli, ngokwenza iminxeba yenkqubo ehambelana nokunyuka, angadlula indlela yokwahlula yebhokisi yesanti kwaye afumane ufikelelo olupheleleyo kwimixholo yendawo yokusingatha. Ubuthathaka bunokusetyenziswa kuphela kwiipakethi ezibonelela ngezicelo ngokufikelela ngokuthe ngqo kwiisokethi ze-AF_UNIX, ezifana nezo zisetyenziswa yi-Wayland, Pipewire, kunye ne-pipewire-pulse. Ekukhululweni kwe-1.12.0, ubuthathaka abuzange bupheliswe ngokupheleleyo, ngoko uhlaziyo lwe-1.12.1 lukhutshwe lushushu kwizithende zalo.
Masikukhumbuze ukuba i-Flatpak ivumela abaphuhlisi bezicelo ukuba benze lula ukuhanjiswa kweenkqubo zabo ezingabandakanyi kwiindawo zokugcina ezisemgangathweni ngokulungiselela isitya esinye sendalo yonke ngaphandle kokudala iindibano ezihlukeneyo zokusasazwa ngalunye. Kubasebenzisi abaqaphela ukhuseleko, i-Flatpak ikuvumela ukuba usebenzise isicelo esingathandabuzekiyo kwisitya, unikeze ukufikelela kuphela kwimisebenzi yenethiwekhi kunye neefayile zomsebenzisi ezinxulumene nesicelo. Kubasebenzisi abanomdla kwiimveliso ezintsha, iFlatpak ikuvumela ukuba ufake uvavanyo lwamva nje kunye nokukhutshwa okuzinzile kwezicelo ngaphandle kwesidingo sokwenza utshintsho kwinkqubo. Ngokomzekelo, iiphakheji zeFlatpak zakhelwe i-LibreOffice, iMidori, i-GIMP, i-Inkscape, i-Kdenlive, i-Steam, i-0 A.D., i-Visual Studio Code, i-VLC, i-Slack, i-Skype, i-Telegram Desktop, i-Android Studio, njl.
Ukunciphisa ubungakanani bepakethe, iquka kuphela ukuxhomekeka kwisicelo esithile, kunye nenkqubo esisiseko kunye neelayibrari zemizobo (i-GTK, Qt, GNOME kunye namathala eencwadi e-KDE, njl.njl.) ziyilwe njengeemeko-bume zexesha le-plug-in eliqhelekileyo. Umahluko ophambili phakathi kweFlatpak kunye ne-Snap kukuba i-Snap isebenzisa amacandelo ommandla wenkqubo engundoqo kunye nokuzihlukanisa ngokusekelwe kwiifowuni zenkqubo yokucoca, ngelixa i-Flatpak idala isitya esahlukileyo kwinkqubo kwaye isebenza ngeesethi ezinkulu zexesha lokugijima, ukubonelela kungekhona iiphakheji njengokuxhomekeka, kodwa umgangatho. iindawo zenkqubo (umzekelo, onke amathala eencwadi ayimfuneko ekusebenzeni kweGNOME okanye iinkqubo ze KDE).
Ukongeza kwindawo eqhelekileyo yenkqubo (ixesha lokuqhuba), efakwe kwi-repository ekhethekileyo, ukuxhomekeka okongeziweyo (i-bundle) efunekayo ekusebenzeni kwesicelo kunikwa. Lilonke, ixesha lokusebenza kunye ne-bundle zenza ukuzaliswa kwesikhongozeli, nangona ixesha lokugijima lifakwe ngokwahlukileyo kwaye liboshwe kwiikhonteyina ezininzi ngexesha elinye, elikuvumela ukuba uphephe ukuphindaphinda iifayile zenkqubo eziqhelekileyo kwizikhongozeli. Inkqubo enye inokuba namaxesha okusebenza ahlukeneyo afakiweyo (i-GNOME, i-KDE) okanye iinguqulelo ezininzi zexesha elinye lokubaleka (GNOME 3.40, GNOME 3.42). Isikhongozeli esinesicelo njengokuxhomekeka sisebenzisa isibophelelo kuphela kwixesha elithile lokuqhuba, ngaphandle kokuthathela ingqalelo iipakethe ezizimeleyo ezenza ixesha lokuqhuba. Zonke izinto ezingekhoyo zipakishwe ngqo kunye nesicelo. Xa isikhongozeli senziwe, imixholo yexesha lokuqhutywa inyuswa njenge /usr isahlulelo, kwaye inyanda ixhonywe kwi/app directory.
Ixesha lokusebenza kunye nezikhongozeli zesicelo zakhiwe kusetyenziswa ubuchwepheshe be-OSTree, apho umfanekiso uhlaziywa nge-atomically ukusuka kwindawo yokugcina efana ne-Git, evumela ukuba iindlela zokulawula uguqulelo zisetyenziswe kumacandelo osasazo (umzekelo, unokubuyisela ngokukhawuleza inkqubo kwi imeko yangaphambili). Iiphakheji ze-RPM ziguqulelwa kwindawo yokugcina i-OSTree usebenzisa i-rpm-ostree layer ekhethekileyo. Ufakelo olwahlukileyo kunye nohlaziyo lweepakethi ngaphakathi kwendawo yokusebenza ayixhaswanga; inkqubo ayihlaziywa kwinqanaba lamacandelo ngamanye, kodwa iyonke, iguqula imeko yayo ngeathom. Ibonelela ngezixhobo zokusebenzisa uhlaziyo ngokunyukayo, ukuphelisa imfuno yokutshintsha ngokupheleleyo umfanekiso ngohlaziyo ngalunye.
Ubume obuzimeleyo obuveliswayo buxhomekeke ngokupheleleyo kunikezelo olusetyenzisiweyo kwaye, kunye nezicwangciso ezifanelekileyo zephakheji, azikwazi ukufikelela kwiifayile kunye neenkqubo zomsebenzisi okanye inkqubo ephambili, kwaye ayikwazi ukufikelela ngokuthe ngqo kwisixhobo, ngaphandle kwemveliso nge-DRI kunye neefowuni. kwindlela esezantsi yothungelwano. Imveliso yeGraphics kunye nentlangano yegalelo iphunyezwa kusetyenziswa iprothokholi yeWayland okanye nge-X11 socket forwarding. Ukusebenzisana kunye nokusingqongileyo kwangaphandle kusekelwe kwinkqubo yokuthumela imiyalezo ye-DBus kunye ne-Portals API ekhethekileyo.
Ukwahlukaniswa, umaleko weBubblewrap kunye neetekhnoloji zesikhongozeli seLinux zemveli ziyasetyenziswa, ngokusekwe kusetyenziso lwamaqela, izithuba zamagama, iSeccomp kunye neSELinux. IPulseAudio isetyenziselwa ukukhupha isandi. Kule meko, ukuhlukaniswa kunokukhutshazwa, esetyenziswa ngabaphuhlisi beepakethe ezininzi ezidumileyo ukuze bafumane ukufikelela okupheleleyo kwinkqubo yefayile kunye nazo zonke izixhobo kwinkqubo. Umzekelo, i-GIMP, i-VSCodium, i-PyCharm, i-Octave, i-Inkscape, i-Audacity, kunye ne-VLC iza nemowudi yokwahlula elinganiselwe eshiya ukufikelela okupheleleyo kulawulo lwasekhaya.
Ukuba iipakethe ezinofikelelo kulawulo lwasekhaya zisesichengeni, ngaphandle kobukho beleyibhile “yebhokisi yesanti” kwinkcazo yempahla, umhlaseli ufuna ukutshintsha kuphela i ~/.bashrc ifayile ukwenza ikhowudi yakhe. Umba owahlukileyo kukulawulwa kweenguqu kwiiphakheji kunye nokuthembela kubakhi bephakheji, abahlala bengadibaniswa neprojekthi ephambili okanye ukuhanjiswa.
umthombo: opennet.ru