Secure AppImage OS?

I know Nitrux offers AppImages out of the box, but I had a bit of a different take on secure software management using AppImages.

1.It would begin with source code from somewhere like Arch User Repository (AUR) or Gitlab and compile it with dependencies.
2. It would package AppImage with icon and the ability to update. The executable flag is left off. The resulting package would be for internal use, not redistributed to be respectful to upstream.
3. It is placed in Firejail, so it can be executed at runtime.
4. A program manager would be able to update/delete existing packages.

How feasible is this? Could this be done with just Python scripts using existing software? I would put a $ bounty on a project like this.

I think this thread could be interesting for you Thoughts on an infrastructure for distributing Linux application bundles

I don’t think this all is doable with python scripts. (but a big part is)

  1. A program manager would be able to update/delete existing packages.

This point would need creating proper plugin for existing software manager like gnome-software or KDE Discover.

About a year ago I wanted to create this kind of plugin, but due to lack of time I haven’t finished it

1 Like

For Arch users, there is this:

It doesn’t get the icon or set up the .desktop file correctly. Also the XDG-user-dir set the final location of the AppImage to the desktop, which doesn’t work. I tried changing to other directories in the script to no avail.

I’ll see how much something like this will take to work correctly on Fiverr, but I would rather have a community sourced project.

AppImages are for a concept called “Upstream Packaging”, where the original author of an application provides binaries directly to end users.