Deb and rpm packages

[abacao]

Hi,

I have great hopes for this software but the installation isn't easy.

Can the installation and documentation be improved? Maybe with a easy installation and documentation, your user-base could grow more.

A snap package would be great!

[Garbee]

I don't think Snaps/Flatpaks are the best environment to distribute something like this in. The entire point is these things look across every network request, which means they need permission to access the network bus/interfaces. All it would take for an attacker to bypass this kinda silently is turning off that access to the container. Now yes, OpenSnitch could alarm, "Hey container lost access to the network" but by the time the user can respond the network is wide open and damage can come in just a few packets very quickly.

Containers are great, but not everything needs to be put in them. Please, use and encourage their use responsibly.

[thiscantbeserious]

Containers are great, but not everything needs to be put in them. Please, use and encourage their use responsibly.

At least the build environment could be put into a Docker container tought, for easier streamlined dependency management and build process ... e.g. using an Alpine / Debian container with all required dependencies instead of relying on the host environment. That'd probably solve a lot of issue regarding building it properly (honestly speaking I really like that approach).

On the other hand snaps/flatpak would have the advancement of controling all your required dependencies and no system-update breaking your application (in this case GUI-Layout).

What speaks about putting the GUI into an flatpak/snap and letting it install the GUI - while the daemon will be run as an traditional service (don't quote my nickname :1st_place_medal:) ?

---

See here if you want to step up maintaining an RPM-Package (seems ... a little bit of overhead in return):

https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/UHFVOZ42TYTO7YPDY5CEZGP6BTGLZ2AI/

[Garbee]

Having the GUI split into a standalone container would be acceptable. Since the barrier to interfere with the service daemon is still raised. My main thing is, the core offering should not be in a container since they're generally far easier to interfere with permissions to.

[ghost]

While this app seems like it's intended for new GNU/Linux users, it doesn't really offer an easy way to install it. New users have to research even the very first step you wrote, which is

Make sure you have a correctly configured Go >= 1.8 environment, that the $GOPATH environment variable is defined

So yeah, I tried to build it and failed.

If offering pre-built packages like .rpm or .deb is out of the question for whatever reason, then at least please review the instructions and maybe see if you can simplify them even more. Thank you

[cwh1te]

While this app seems like it's intended for new GNU/Linux users...

I'm not sure what gave you this idea, but I don't think it's the case at least at this stage of development. Until evilsocket decides to move this to beta I doubt there will be much focus on making it easier for new users, especially since last I checked the architecture isn't totally nailed down - no sense making nice installers for inexperienced users if it might all change eventually.

Just my two cents... I think you might be trying to adopt this way too soon.

[Khoramyar]

While this app seems like it's intended for new GNU/Linux users, it doesn't really offer an easy way to install it. New users have to research even the very first step you wrote, which is

Make sure you have a correctly configured Go >= 1.8 environment, that the $GOPATH environment variable is defined

Exactly! I had to look at other installation guides ( https://www.linuxuprising.com/2018/04/how-to-install-opensnitch-application.html ) to understand even what it was.

Getting a .deb or .rpm packaging will really help.

[abacao]

Any new consideration about this? Any change to build a binary and distribute it in Github release page?

[Ph0rkoz]

I doubt it much. I was looking for this type of thing, especially since I want to run wine applications and use eset on windows to audit everything. The choices are a bunch of dead projects or duane (however its spelled) and then opensnitch. Both solutions have to be built from source but I came here because of name familiarity.

While thankful for the guides, which didn't work 100%, just close enough; I still had some issues. Some dependencies had to be installed manually, some errors ignored and fingers crossed. Anyways, it looks to be working and even decent after tweaking the dialog timeout. A minute is good.

I am a lot of things but I am 100% not a GO developer. To use this few mb? program I had to install 300+ mb of crap that I will likely not use again until I see enough commits to go through the process again.

Please make some sort of package....