Re: F27 System Wide Change: Graphical Applications as Flatpaks

On Wed, Jul 19, 2017 at 5:17 AM, Jiří Eischmann <eischmann(a)redhat.com&gt; wrote: Complete sandboxing, with isolation from the network stack and the rest of the host's filesystem? It doesn't. But functional sandboxing, where a full software suite with its own libraries and binaries to be supported separately from the rest of the operating sytem, Yeah, it works pretty well to set up a separate workspace there and wrap the calls of that customized suite in an "enable" script or a shell wrapper, much as the Software Collections for RHEL have been doing functionally for years for software backported from Fedora testing. Even a chroot cage can be run there for service isolation from the rest of the system. Gnome packaging... well, that's considerably harder because it spews into $HOME/.gnome, in manners inconsistent between even minor releases. Packaging Gnome looks like a fabulous idea at first glance. It's one of those situations where the "first 90% takes 90% of the work, and the last 10% takes the next 300% of the work".