According to BITTRANSLATORS, Snappy is a package management and software deployment system for Linux. It simplifies the creation, delivery and updating of Linux packages through so-called snaps, cross-distribution, dependency-free and isolated software containers.
Structure and functionality of snap packages
Snap packages are compressed file system images in SquashFS format. In addition to the actual software, they contain all dependencies such as libraries, runtime environments and external tools. Only components such as the fundamental system libraries, desktop environments or system cores may be outsourced to separate snaps.
Unlike traditional Linux packages, Snaps are not unpacked during installation . SquashFS enables transparent decompression of individual files at runtime , which means that unpacking is unnecessary. Instead, the compressed file system images are located in the directory “/ var / lib / snapd / snaps /” and are mounted under “/ snaps /”. Each container has its own subdirectory so that there can be no conflicts between the packages.
The isolation of the containers goes much further than that. Snap apps run in their own sandboxes, which are isolated from each other and the rest of the system via AppArmor, kernel namespaces and cgroups . So-called interfaces are used to allocate resources and integrate with other applications and the operating system. They can be used to control and restrict access to hardware components, system services, configurations, file systems and much more.
Advantages and disadvantages compared to other package systems
Classic Linux packages like DEB and RPM are closely tied to a specific distribution. Software developers either have to create their own packages for each Linux system or wait until the distributors have integrated the new version. With the help of Snaps, developers can offer uniform packages for all Linux variants that support the package system. Unlike the Flatpack package system, which is comparable to Snap, Snaps can contain not only instruction programs, but also system services or flash images for embedded devices.
Since the containers have very few or no dependencies and do not have to be integrated into the rest of the system, faster updates can be delivered without version conflicts. It is often criticized that the administration service “snapd” does not provide for deactivating the automatic updates. However, it is possible to fix packages to a major version and to hold back updates for up to 60 days. Updates can also be easily rolled back to revert to a previous version.
Snappy is closely linked to systemd, so that traditional distributions such as Slackware or Devuan cannot easily use the package system. In addition, it is not yet possible to use the AppArmor and SELinux security extensions at the same time. The sandbox is therefore far less secure on distributions such as RHEL, SUSE, and Fedora.
Snaps do not offer complete protection against malware either. Packages from the Snap Store go through various automated security checks. However, code audits, as with the packages from the repositories of the distributions, take place far less. Canonical, the company responsible for Ubuntu and Snap, recommends installing Snaps only from trustworthy providers.
So far, Canonical operates the only snap store whose software is not completely free. However, Snaps can also be downloaded from the developer’s website and installed independently of a Snap store.
Snap in system administration and application development
Since Snappy is developed by Canonical, the package system is pre-installed from Ubuntu 16.04 onwards. For most other distributions there are corresponding packages in the respective repositories. The Gnome Software Center supports Snaps from the start. Some other package managers like KDE Discover can be upgraded accordingly.
The background service “snapd” is responsible for the administration of the snaps. Administrators use the command line program “snap” to install, uninstall, update and configure the packages. The “snapcraft” program is used to create your own snaps. Developers need to create a file called “snapcraft.yaml” and provide information on how to build and install the package. This includes metadata, build and runtime dependencies, build options and required interfaces.