Batis - XDG-based packaging for Linux desktop apps

Thomas Kluyver thomas at
Fri Nov 20 14:58:03 PST 2015

On Fri, Nov 20, 2015, at 09:01 PM, Jasper St. Pierre wrote:
> Currently, the security model of Linux systems is "distro verifies
> security and adds to their own repo", with, of course, the step of
> "user trusts distro".
> The security model of Batis seems to be "user trusts application
> developer"
> The security model of xdg-app is "user trusts the sandbox mechanism".

That's right. I don't think the centralised verifier model can support a
really rich ecosystem without the kind of massive resources that Google
and Apple have to maintain their app stores. I like the idea of a
sandbox, but it's extra complexity and I'm not convinced that developers
will adopt it, since no-one's in a position to force people to use the
sandbox (unlike on Android, for instance).

"User trusts application developer" is what I end up doing every day.

> Even without that, there are difficult social problems to solve. The
> problem with tarball-based distribution is that applications are built
> for a specific environment. So an application built on Debian will
> probably assume some form of Debian-isms.

Many applications do solve this, at least to their own satisfaction.
There's no shortage of products which offer a single 'Linux' download,
including casual games (Powder Toy), programmer tools (Pycharm, Visual
Studio Code) and other applications (Telegram, CMapTools). These are
just a few things that I've come across, I'm sure there would be many
more if I went looking.

Several of those examples point to what I think is a common theme. Many
applications are already written in languages that run on a virtual
machine, whether that's Python, Java or Javascript. If I'm writing an
application using Electron, for instance, there are prebuilt Electron
binaries for generic Linux. So as an application developer, I don't need
to worry about ABIs. Of course, people do still write applications in C
as well, but clearly the difficulties are not insurmountable.

> Oh, and the one being built by KDE is Limba:

Thanks, I'll take a look at that.

> If you're not intimately
> familiar with linux, your problem is "Hey, should I distribute debs?
> rpms? tarballs? can I not distribute binaries? do I need to let the
> distro handle my stuff? what's that pacman they're talking about?" --
> adding another item into that particular mix is simply not useful.

Right. That's why I wanted to do an incremental improvement to tarballs,
the lowest common denominator that people retreat to when they're
overwhelmed by choices.

Specifically, you can use Batis to create a tarball and give that to
users without ever telling them about Batis - each tarball has an
included install script which the application developer hasn't had to
write or debug. I hope that developers do support Batis as an
installation mechanism as well, but it's useful even if they only use it
to create tarballs for users to install manually.

> So deb, rpm and tar.*z are really all the same format, with differing
> metadata on top. This is the big item to outsiders, and it's the
> easiest item to converge on.

It might be easy in principle, but I've not seen any indication that
distros are going to converge even at a relatively simple layer.


More information about the xdg mailing list