In case it helps someone else, I’ve written an alternative implementation of flatpak-spawn --host that fixes a few of its shortcomings.
Example, spawning a shell:
toolbox$ flatpak-spawn --host sh
sh: cannot set terminal process group (-1): Inappropriate ioctl for device
sh: no job control in this shell
sh-5.1$ exit
toolbox$ host-spawn sh
sh-5.1$ exit
Example, running sudo:
toolbox$ flatpak-spawn --host sudo id
sudo: a terminal is required to read the password; either use the -S option to read from standard input or configure an askpass helper
^C^Csudo: a password is required
toolbox$ host-spawn sudo id
[sudo] password for sph:
uid=0(root) gid=0(root) groups=0(root) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
Also it’s got a neat feature that if you symlink it, it’ll always run a command on the host:
Yes, I’ve talked about this project existence on the relevant upstream issues.
The reason why it’s a reimplementation is because it was faster for me to explore the problem space in Go than learning GLib to hack on flatpak-spawn. But I’ve licensed host-spawn with a non-attribution license so that anyone is free to backport its logic upstream.