Flatpak, podman, and ostree all share various pieces of code at different levels. (And toolbox is basically a wrapper on top of podman.)
As a result,
flatpak-spawn --host also happens to work from within toolbox (really: podman) containers to escape the container and run a command on the host.
The documantation (man page) for
flatpak-spawn says the following about the
Run the command unsandboxed on the host. This requires access to the org.freedesktop.Flatpak D-Bus interface
flatpak-spwan --host routes around being contained by using d-bus (a protocol & server for communication between pieces of software on Linux) to ask your system to run the command outside of the container.
My understanding is that there’s a bunch of handwavy permissions and assumptions between the command line in the container and what happens on the host that are taken care of by toolbox, podman, session stuff, etc.
(If I’m wrong, or someone knows how it works better than my description above, please feel free to share.)
Even shorter summary: I saw someone on the forum mention using
flatpak-spawn --host in a toolbox container a while back and it worked. I remembered the command and shared it here.