Linux Newbie
Linux Newbie
Hey there, I just switched to Linux and I’m really impressed by how smooth it runs. I feel confident using it and understanding its features, but I still have some doubts. I might face some criticism for asking these questions, but I’m still getting the hang of it and would appreciate any tips or support. I’m especially curious about the app store—there are many options depending on the distribution. Right now I’m using Manjaro, and I know Steam is available there. Who uploads those apps? Are they safe to use? Also, I found a code on the Manjaro site to install Spotify via terminal. There are two package managers: Snap and Flatpak. Which one should I pick and why? I’m really new to this and hoping to learn as I go. Thanks in advance for your help! Hope everyone has a great time too.
Essentially, you're wondering whether community-led operating systems and their selected software offer better security compared to simply using binaries and executables from an anonymous company. Its safety depends entirely on how it's managed, not the operating system itself. Flatpacks are open source, while Snap is more like a company-driven release.
Linux software is typically upheld by community members or companies involved in the network. Many developers release and maintain their own tools, and details about specific programs are often shared on platforms like GitLab or GitHub. Applications included in distribution repositories or services such as Snap or Flatpak are generally reliable. These tools package apps for use across different systems, offering a safer and more consistent experience by running them within containers. Both Snap and Flatpak enable cross-platform compatibility, making installations smoother. I’ve personally tried Flatpak on Fedora and found it user-friendly. It seems neither offers a clear edge over the other; you might use both depending on your needs.
Repositories usually have curated collections managed by individuals who might be compensated or not, depending on the release. These contributors are known as maintainers, who use a cryptographic signature that the operating system recognizes. Their reliability is valued by the community, and if trust issues arise, they can be replaced by others more aligned with the group's values. Malicious content in official sources is very uncommon, often resulting from simple errors. The system has performed impressively so far. For Arch-based systems like Manjaro, there’s also an alternative called the AUR, where users can submit custom build scripts for packages not found in main repositories. This option is a bit riskier since it relies on individual users, but the community still reviews and approves content, and harmful files are typically removed quickly—usually within hours. Popular packages such as Steam tend to avoid this issue. Snap and Flatpak let you install the same package across different distributions, though they require more storage space because they bundle all necessary libraries. The choice between them usually doesn’t matter; opt for the version with the latest updates. Just ensure you do your research before proceeding, and don’t hesitate to ask questions—people appreciate honesty.
This perfectly represents the Linux community: do your research and if you can't figure it out, we're glad to assist as long as you share what you've attempted.
It fetches a selection of packages from a verified source for installation, saving you from searching each one individually for your distribution. By default, it uses a trusted repository, though you can incorporate third-party ones. These external repositories operate independently of the main distribution, meaning there’s no assurance a package is up-to-date or secure—your responsibility lies in verifying its safety. On Manjaro, Steam typically comes from the official site, while the Steam client is sourced from either the Steam website or Ubuntu’s repository, then unpacked and adapted for Arch. If it originates from the AUR, anyone can package it, so you should check maintenance status via the AUR page at https://aur.archlinux.org/.
App containers are useful; they deliver a fixed version of an app along with its dependencies, keeping everything isolated from the system. Their main drawback is larger sizes and potential missing features because they’re confined to their container. They work well across many distros, but on Manjaro, the Spotify AUR package stands out as a solid alternative to containers.
To install from the AUR, enable support in Pamac by searching and installing as usual. On the Preferences menu, go to the AUR section, adjust the slider to turn it on, or use a helper like yay for automatic updates. For Spotify, clone the repository, build with makepkg, and install via yay -Sy. Regardless of the method, removal is straightforward using standard package tools.
Each application on the Aurora is managed by an individual. The installation scripts are open to the public and can be reviewed, making them generally secure. I wouldn’t suggest using snaps or flatpaks since they often behave differently from standard Linux binaries and may contain vulnerabilities. Spotify is offered through the Aurora; you can enable its support in Pamac’s settings if you haven’t done so already.