I second this. Also moving away from Ubuntu distros.
This started when I discovered that Ubuntu uses "ubuntu-advantage-..." to install
an opc client to phone home to vendor. Such things could get even worse with
using snaps.

Not that snaps are slower and are causing issues. No one checks them
for security issues. This is true for any "containerized" apps like AppImage
or Flatpak, though, being a bit more trustworthy. At the end, packaged
apps are a security nightmare. Imagine a server with 20+ containers
and you have to prove security with an audit on that system. You would have to validate
all containers separately. If one provider does not maintain the container
your containerized app will not get any updates!

A good example is openssl, a very central library/application. Who patches all the
containers when there are security fixes of it or any possible data breaches?
If, for example, you run "pure" Debian with all packages
being installed into the system, this will be pushed as a security fix from Debian update and every
installed app uses this and is therefore also fixed!

So, all I can say, nowadays a lot of security audits overlook this issue not guaranteeing
the latest library security fixes and possible data breaches of app containers.

Anyhow, this is the advantage/disadvantage in the comparison of having a containerized app
system or a "centralized" system like it was before.
Am 02.02.25 um 21:08 schrieb Chris Green:
On Sun, Feb 02, 2025 at 04:48:48PM +0000, Thom Harmon wrote:

How do you use x2go with this problem?


I know this is not going to be a satisfactory answer...

I struggled with this for months trying to figure out what permissions
needed to be configured for the Snaps apps to work in x2go with no
luck. It seems to be related to access to /run.

For me it was the final straw for Snap and Ubuntu more broadly. I
rotated over to Debian stable (well, Spiral actually) for everything
and if I need an application-level jail I use Flatpak. In only a
handful of cases have I had to use Flatseal to adjust permissions for
x2go compat. Much better experience.

Like I said, probably not a satisfactory answers but sometimes just
knowing that there is an escape hatch available is useful.

Now if I could figure out a work-around for when an app doesn't support
Xinput2....


I think this is the 'right' answer even if it isn't a 'satisfactory'
answer.  Snap just manages to break so many things in subtle ways that
one is better off without it.

I too left [x]ubuntu because of the increasing dependency on snap for
important applications.  I have moved to Debian 12 and am very happy
with it.  I have a couple of Appimage based programs but everything
else comes from the Debian repositories.