Which PPAs do you use and why?

The line between a rolling release distro and a stable Distro with just the necessary updates is blurry.
For some applications like Browser, Mailclient and Office Suite it is useful to have exceptions.

Some of these exceptions can be handled with a PPA.
Which of these do you use and why? Maybe we can find a way to shrink the number that is needed.

I will start with mine:

  • Wine, for games it is absolutely crucial to not lag a year or more behind on the compatibility layer.
    Otherwise people report bugs that are already fixed in the bi-weekly upstream releases.
  • Polychromatic
  • Openrazer
    Gamers like RGB and we don’t have these packaged in a recent version
  • Mangohud, Performance overlay. Also not packaged in a recent version.
    -Oibaf , updates to the graphics stack are critical for gamers. Like Wine it reduces unneccessary bug reports
  • Wireshark , the packaged version in Ubuntu is quite old and nightlies are tempting due to more features
  • Mozilla , the snap package is awfully slow and a .deb package feels more snappy and faster.
1 Like

if you use PPAs, just do not forget

  • that you are effectively giving a foreigner 100% root access to your system (dpkg runs all maintainer scripts as root and unlike the confined snaps that are not able to access anything on the host by default, it has full access to your system to i.e. install a key logger, steal your passwords or bank data) … so you better know if that PPA owner is trustworthy or not.

  • that any PPA can actually replace any system libraries with newer versions, introducing unexpected bugs and get you into dependency hell on upgrades …

5 Likes

I use three PPAs:

PPA Purpose
ppa:mir-team/release contains the release version of Mir
ppa:mir-team/rc contains the release candidate of Mir
ppa:mir-team/dev contains the latest development code of Mir

They are useful for the development and Snap packaging of Mir based projects like these:

ubuntu-frame
egmde

I trust these PPAs as I’m one of the team working on Mir.

I am absolutely aware of that problem, which is also a part of this attempt to find a better solution for the varying use cases.

Both Snap and Flatpak are sensible solutions to the problem of allowing applications to be updated independently of the host OS and both introduce a level of sandboxing for security.

Both have issues with specific applications because application developers are often not experienced with packaging in general and with Snap or Flatpak packaging in particular. That inexperience leads to some sub-optimal choices (as has been widely discussed with, for example, the Firefox snap you allude to).

The “better solution” you seek comes from a gradual improvement of the packager’s understanding of these issues. Here’s a case in point where Snaps from Jetbrains recently got a massive speedup (40s => 10s startup) after the developers were made aware of a better option.

2 Likes

I don’t think we should use snaps and appimages and flatpaks for everything just because we lack things as a normal .deb package.

These packages imho should be reserved for applications we can’t get packaged normally, like paid apps or things where no maintainer wants to do it as deb.

Graphics Drivers and compatibility layers or a browser are not really suitable for this package format as there is no need to sandbox them.
A browser brings its own sandbox and as we have seen with flatpaks on the Steam Deck, the user experience without flatseal will suffer by default as people can’t access their files.

My intent here is not to prevent any non-deb packages at all, but figure out where the default packages are incomplete to get it fixed.

We have two topics to get some of that fixeed and i think the problem with the default offering of packages it bigger than just:


Just the ppa: ppa:ubuntu-mozilla-daily/ppa for Firefox Quantum Nightly to avoid Firefox snap and have the ‘future’ version.

1 Like

None. Snaps have made all ppa unnecessary for my user behaviour.

2 Likes

the snap has the nightly as well FWIW:

sudo snap refresh --channel=latest/edge firefox 

(and the nice thing about snaps is that you can have multiple versions of the same snap installed in parallel from different channels … i.e. nightly, esr and the standard stable one with just three simple commands)

1 Like

Here are my PPAs/3rd party repos on my Kubuntu gaming desktop (Ryzen 9 5900X, RX 6900XT, 64GB RAM):

PPA Purpose
Kubuntu Backports Up-to-date Plasma
Pop!_OS newer kernel, Lutris (newer than what’s in Ubuntu’s repo), and probably more that aren’t on Ubuntu’s repo when I was running on Impish. I also added apt preferences to stop Pop!_OS from taking over (i.e. GNOME Shell, Pop! Shell, GDM).
Ernstp’s Mesarc PPA CoreCtrl, and slightly newer Mesa
Volian Scar Repo Bismuth (and newer than what came on the repo)
checkra1n To jailbreak iOS devices

I’m careful with what PPAs I add, and stay as close to official as possible, and go for what I know to be “official”, such as Kubuntu backports and Pop!_OS.

As to why not just run Pop!_OS, I’m not a fan of GNOME, and only want certain things from that repo. And I remember when I was noob with apt preferences, and was tweaking my Neon with Pop!_OS repo (for newer kernel) with my previous gaming desktop, and it was a total disaster (at the time) because Pop! wanted to take over my system really badly, and was scared to upgrade.

1 Like

It never ceases to amaze me the amount of people online ( places like reddit ) that seem to think Linux is impervious to exploits.

1 Like

being or being not impervious to exploits is quite different to “let me give this person full root access to all my (banking) data and passwords” though …

a PPA from a well known and trusted maintainer is surely not a lot of a risk (beyond accidentally getting the occasional bug you don’t get with the distro packages), but there are surely enough others.

there are no checks on launchpad if you or your software are trustworthy (unlike snaps where every single upload runs through plenty of checks (and goes into manual review when failing) and where runtime app access is controlled by you through the interface connections you allow) …

3 Likes

I’m a fan of snaps, Things like Authy have been running without a problem even when it was a beta.

The last time i used a PPA was for Wine and that was a waste of time as i still ended up having to manually install a ton of stuff like i386 32-bit libraries

1 Like

When possible I use snap apps but there are too many apps that don’t exist as snaps, and not all snaps are up-to-date

1 Like