OS: Fedora 33
I’ve started using Signal messaging app. When I am using Whatsapp, I usually use Whatsapp web because I am not very good typing long sentences from Whatsapp mobile.
Same goes for Signal. I prefer to use the desktop version of Signal. But, Signal desktop installer for Linux is only available for Debian based systems (Link below)!!! Any idea how I can install Signal desktop app in a Fedora machine using rpm or yum repositories or any other way ?
install direct from Software
It is available as a flatpak in Flathub. Add Flathub repo if it is not enabled already:
flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
After that, you can use GNOME Software as mentioned above. If it doesn’t show up after adding Flathub, try restarting.
Thank You Adrian K, ersen
As ersen suggested, following is what I did
Step1.
$ flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
$
Interestingly, no output for the above “flatpak remote-add” command. After I executed, all i got was a dollor prompt.
Step2. From Gnome software, I searched for Signal and clicked on Install. Well, I Signal was listed even before I ran step 1. Maybe because I had already configured the flatpack before and I forgot.
Quick question:
So, gnome’s ‘Software’ utility can use yum or dnf or flatpack commands internally. Right ?
It can install flatpaks from the repos you have added, in this case Flathub; it can also install RPMs but it doesn’t use yum or dnf, it uses something called PackageKit as backend:
dnf install apt dpkg -y
echo 'deb [arch=amd64 signed-by=/usr/share/keyrings/signal-desktop-keyring.gpg] https://updates.signal.org/desktop/apt xenial main' | tee -a /etc/apt/sources.list.d/signal-xenial.list
wget -O- https://updates.signal.org/desktop/apt/keys.asc | gpg --dearmor > signal-desktop-keyring.gpg
cat signal-desktop-keyring.gpg | tee -a /usr/share/keyrings/signal-desktop-keyring.gpg > /dev/null
apt update
cd /tmp/
apt-get download signal-desktop
dpkg --force-depends -i signal-desktop_5.23.0_amd64.deb
desktop-file-install /usr/share/applications/signal-desktop.desktop
if you want uninstall it
dpkg --remove signal-desktop
Using snap worked for me:
# sudo dnf install snapd # restart if needed
# sudo ln -s /var/lib/snapd/snap /snap # To enable classic snap support. Not sure if it is needed
sudo snap install signal-desktop
The easiest is probably the copr repo packaging Signal for Fedora, as long as you trust it: luminoso/Signal-Desktop Copr
#Enable copr repository
sudo dnf copr enable luminoso/Signal-Desktop
#Install Signal Desktop
sudo dnf install signal-desktop
I might be very late but this worked for me:
https://github.com/signalapp/Signal-Desktop/issues/1630#issuecomment-894495950
Y’all are comfortable with and have validated who has provided these alternate packages, snaps, and flatpaks (outside of the Signal repo) and that the binaries haven’t been tampered with, right?
Welcome to ask 
edora.
You should consider that there is one person responsible for accepting the software you install on your system. YOU
What I accept may not be acceptable to you and vice versa.
The only thing I am comfortable saying in response to your question is that I trust what is stored on the fedora repos and on the rpmfusion repos for use with fedora. Anything else I evaluate on a case by case basis.
A good approach… the long term challenge though is around ongoing supply chain risk. What is safe today (ie, a Signal snap that Popey developed that pulls the deb directly from signal and verifies that hash for the file) may degrade in the future or be corrupted by a bad actor. Do you/we have the bandwidth to keep a constant eye on a package source that isn’t the source? Of course, we have to trust Signal and their ability to sign their packages, but what about downstream in the supply chain? For something as critical as Signal, you have to way the risks carefully…and consider the long term implications of your choice. Perhaps build in a process for validating the process/source for a Snap each time you update it? Lots of ways to solve this problem, but it involves more work and time as a system administrator and eventually, one gets lazy one update, and wouldn’t you know, that’s when the supply chain has been corrupted…
Works for me.
Comprehensively,
dnf install -y flatpak
flatpak remote-add -y --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
flapak install -y flathub org.signal.Signal
Flathub and Snap are generally safe, but I too am wary of the COPR repositories.
Now there is a package built for Fedora from openSUSE: Show network:im:signal - openSUSE Build Service
https://software.opensuse.org//download.html?project=network%3Aim%3Asignal&package=signal-desktop
dnf config-manager --add-repo https://download.opensuse.org/repositories/network:im:signal/Fedora_36/network:im:signal.repo
dnf install signal-desktop
Do you know whether the compilation is official in any capacity? Slightly too much information is presented for me to ascertain whether it is trustworthy.
It’s not official; for that you need to download from signal.org and use their (only deb) repositories: Signal >> Download Signal
But network:im:signal apparently compiles all the dependencies from source, unlike the luminoso copr which used some binaries, so that increases trustworthiness.
For a lot more discussion, see the (closed…) github issue requesting rpm packages: https://github.com/signalapp/Signal-Desktop/issues/1630
I didn’t want to use the Flatpak or Snap, or manually update the RPM from openSUSE’s build service, or build Signal from source every time, so I tried Distrobox (sudo dnf install distrobox).
distrobox create --image archlinux:latest --name arch-container
distrobox enter arch-container
sudo pacman -Syu signal-desktop
distrobox export --app signal-desktop
Now it appears in my launcher and I can launch Signal Desktop easily. It seems to work quite well for messaging. There are some dbus errors when you launch it from the terminal, but that doesn’t seem to affect anything.
And when I want to upgrade:
distrobox upgrade --all
I chose Arch Linux because I trust them, the package is a single install command away, and I never need to worry about the container image needing to upgrade to a new release like Ubuntu. For example, when 22.04 is EOL, Signal will stop releasing new versions of Signal for it. There’s not really an upgrade path for Distrobox containers; you just need to create a new container and set it up again. With the Arch Linux container, it’s a rolling release that’s always up-to-date and will always receive new versions of Signal quickly.
I do need to trust that the Docker image Distrobox uses is trustworthy. It’s an official image for Docker Hub maintained by an Arch developer and other Trusted Users, so that’s enough for me.
Here’s to hoping Signal Foundation claims ownership of the Flatpak in the future.