FreeOrion on Snapcraft

From FreeOrionWiki
Revision as of 14:39, 13 March 2023 by Ophiuchus (Talk | contribs) (Holding/freezing the revision of the installed freeorion (snap/snapd 2.58))

Jump to: navigation, search

This is the freeorion project wiki page for the game distributed as a snap package. It is build via the snapcraft infrastructure and published on the canonical store at http://snapcraft.io

EN-snap-store-black.png

**NOTE**: we are currently in the process of releasing v0.5.0 (we are testing release candidates). Until that arrives, temporarily there is no stable default install. Either subscribe to "v0.5.0/candidate" or the outdated "0.4.10/stable".

freeorion Tracks

Available Snap Tracks and Channels

  • v0.5.0/candidate - The upcoming release (to be released stable in February/March 2023). Main gameplay features: Stability, Policies, Influence.
  • 0.4.10/stable - The current release as of July 26th 2020
  • latest/stable - If you want to automatically update to the next release when it is available.
  • latest/beta - If you want to follow the weekly test builds

Choosing the Right Track

If you do not specify a specific track, the default install does not subscribe to a channel of the "latest" track. It subscribes the "v0.5.0" track (since 2023-02-22). "v0.4.10" was the default track before. Make sure to snap refresh to the "v0.5.0" or "latest" track if you want to switch.

Freeorion snap sandbox/access rights and custom content

We try to give the most restrictive rights to the freeorion snap. E.g. by default the binary does not have access to your home directory, but only to folders below ~/snap/freeorion/. If you want to use your own contents (i.e. your own 'default' directory), you must either simlink or put it in ~snap/freeorion/common or give the snap more access rights. Personally I suggest simlinking as the 'common/mydefault', as that won't be deleted by mistake (see save games).

If you see a permission which could be more restrictive, please tell us in the forum.


Save Games and the freeorion Snap

Save game compatibility between versions

Save games between minor versions are incompatible. Upgrading to an incompatible version might happen if you are following a "latest" track. Note you can always downgrade/refresh to another channel if necessary or install multiple versions in parallel.

Snap remove will delete your save games

Freeorion games are by default saved to "~/snap/freeorion/common/save/" . Removing the snap will also remove the ~/snap/freeorion directory, including your save games. Better make a backup or use a save folder outside of the ~snap/freeorion directory; e.g. by mv / simlink.

Snap for the Slow Multiplayer Games

For testing the current development release or release candidate, we have the 'slow' multiplayer games (~1-2 turns per day). Find the forum topic Multiplayer slow game server if you would like to join.

For linux players, we publish a deb package and also a snap package with the correct freeorion revision.

As the game revision is not really necessary after the game is finished, we use a snap 'branch' for each game. Beware those are only temporary (see below).

Holding/freezing the revision of the installed freeorion (snap/snapd 2.58)

The snap 'branch' will time out after a while. If you have such a branch installed when that happens it will automatically revert to the latest/beta track, which will have a much more recent (and probably incompatible) freeorion revision.

If you want to keep the game revision, after installing the branch you can hold the current revision indefinitely (you could also revert to the correct version if you have it installed once and the binaries are still cached locally).

Side note: Fedora (at the time of writing) does not directly support the necessary snap version (>=2.58). But Maciej Borzecki provided a build for Fedora 36, Fedora 37, and Fedora 38 see [1].

On my fedora 37 I had to

sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2023-b7f526b4f9

Note: you will not get legit updates if you hold the revision. You would need to manually --unhold and refresh to pull those

Example usage

Currently we are playing the 23rd slow game, so the necessary track is 'latest/beta/slow-game-023'. I am using the experimental parallel install feature and want to install the executable as 'freeorion_023' . Also I want to hold that revision. The commands for doing that are:

sudo snap install --channel latest/beta/slow-game-023 freeorion_023
sudo snap refresh --hold freeorion_023

Security implications

Why should I use snap and not flatpak?

In the freeorion case? Because we do not have an active maintainer for flatpak currently. If you want to set up weekly builds etc with flatpak, head straight over to the forums.

Also snap has some pros (and some cons) vs flatpak. Main pros for me: one can have multiple different freeorion versions installed in parallel, and the home directory is not accessible to the snap.

Can I trust the snap from the snapcraft.io store?

If you install the snap from the snapcraft.io store, you basically have to

  • trust canonical that they are not doing anything malicious (if you use ubuntu you already trust them)
  • trust us freeorion developers and maintainers that we do not put anything malicious into the binary
  • trust that the used infrastructures are not compromised (github, launchpad build service, snapcraft.io, developer workstations)

In case the snap would get compromised, the sandboxing of snapd will hopefully prevent the worst (e.g. not being able to read or delete your home directory).

Can I trust the snap sandbox?

Only as far as your linux system supports it. On ubuntu I would say the sandbox is quite trustworthy. But as an example sandbox support on debian is 'partial' and AFAIK a snap on debian has currently access to your home directory.

For all sandboxed systems: Check that your assumptions about confinement are true and act accordingly (e.g. for playing freeorion one could use a separate user account).

Can I trust a freeorion server that I do not maintain?

If you connect to a foreign freeorion server, it will transfer game state to your machine. Freeorion was not built with a security focus, so in principle it might be possible that there are some bugs which could lead to code execution on your machine. In real life though we are not aware of any such cases.

You can mitigate that risk, by isolating your freeorion execution by user rights, sandboxing, virtual machines etc.

Helpful links