Install/Remove hooks
Alexander Larsson
alexl at redhat.com
Fri May 24 15:26:24 UTC 2019
On Fri, May 24, 2019 at 5:09 PM Frédéric Pierret
<frederic.pierret at qubes-os.org> wrote:
>
> Hi all,
>
> Is there a way of creating pre or post actions during install/remove of
> a flatpak?
>
> As an example of what I mean, taking 'yum' or 'dnf', it is possible to
> add plugins for doing some actions after a 'dnf install somepackage'.
> That is very useful for us in QubesOS project and as we are integrating
> Flatpak (and further Fedora Silverblue), we are wondering if such a
> feature is/will be available for Flatpak.
Flatpak ships with a set of triggers in /usr/share/flatpak/triggers
that get run when things are installed/updated. However, these are run
in very minimal sandboxes that only have write access to the limited
area they should write. In general we don't want downloading apps to
run arbitrary code, as that is not a great idea security wise. For
example if the trigger reads some file that the app installed and it
has a security hole then you could exploit such a trigger to run
things on the host.
Can you explain in a bit more detail what it is you want to achieve?
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Alexander Larsson Red Hat, Inc
alexl at redhat.com alexander.larsson at gmail.com
More information about the Flatpak
mailing list