This has pros and cons. It seems that browsers can use user namespaces when ran in a Podman container. As Toolbox and Distrobox are not sandboxed, they also have access to the home directory.
Disadvantage is that
if you run a fedora box, you cannot normally upgrade a distro, instead you need to remove the container and add it back. Recommending these containers is kinda dangerous, especially for nontechnical users, as they wont do that, especially as atomic systems should be “install and forget”.
additionally to that, toolbx and does not allow to use a separate homedir. This means running a different distro in the container, that doesnt need upgrades (like Arch, OpenSUSE Tumbleweed or Fedora Rawhide) could cause conflicts with dotfiles.
Distrobox has support for a separate homedir per box (but they refuse to set it as default) and composable boxes, but needs to be layered.
And then you need desktop integration, again Distrobox does this easily, Toolbox does not.
The UX of using containers for software is just not beginnerfriendly.
It also adds an entire minimal distro on top, causing increased network bandwidth, storage useup and complexity of the OS.
It is not safe as a general recommendation. Just layer it.
Thorium ran nicely in a container with separate /home. I would do the same for any other browser too where I wanted isolation. The image is minimal (~300MB) and the dependencies you would have incurred anyways.
Well. . . toolbox does pull the fedora:latest image anyway when you create a container, in this instance you are merely installing your app and setting the ENV= to get the directory you want. Much simpler with distrobox though. . .
I’m “supposed” to be following up on your thread, doing a write up, + adding SELinux properties and simplifying it. So apologies for not getting around to that.
I’m not sure what is going on with my fresh install of Fedora 40 Kinoite, but when I do the steps provided in the Github repo, and run ./braveinstall, I simply get an error about the brave-browser package not being found:
I’ve run rpm-ostree upgrade and rebooted a few times after running the script. cat /etc/yum.repos.d/brave-browser.repo returns nothing (also with sudo) which tells me the repo is not being fetched properly?
I’ve seen some of the answers and guides you’ve posted in this forum and wanted to suggest starting a blog or something like it. You seem interested in helping new users like myself and your instructions are very valuable. I would happily follow your work in a website where you may have an easier time organizing your content. Though of course, I sincerely appreciate your contribution here and would understand if you don’t want to deal with a separate website.
I have a post where I keep track of my interesting threads here. It is linked in my profile.
The howto things are unofficial, and I used that to give some guides where a lot of 3rd party stuff is involved. These fit better in a personal blog than into the docs, at least I think that, but I would love if Fedora docs could include anything, no matter if 3rd party or not.
Discourse is really nice to write in, easy, works on the phone flawlessly, so unless I find a CMS that is just as accessible, a blog doesnt make sense.
Also, anyone can “track” my threads here on discourse, in their profile settings. You just set that you get notified on every new thread by me, and it works flawlessly.
I ran this again today and now it suddenly works: curl -LsS https://brave-browser-rpm-release.s3.brave.com/brave-browser.repo | sudo tee /etc/yum.repos.d/brave-browser.repo curl -LsS https://brave-browser-rpm-release.s3.brave.com/brave-core.asc | sudo tee /etc/pki/rpm-gpg/brave-core.asc rpm-ostree install brave-browser
Sorry for the inconvenience. I had an error in the script where I changed the script to include brave and vivaldi, now it is called “browserscript” and not “braveinstall” anymore.
It should work now, until brave or vivaldi change something.
Then please write me here, I honestly get too much mail spam.