Mastering Linux Software Installation: Beyond apt-get and yum
Efficient software installation is core to Linux administration and development. While apt-get and yum dominate documentation, those alone are insufficient for handling modern software requirements, sandboxing, portability, and rapid deployment across heterogeneous environments.
Several alternative methods address these gaps—some essential for CI/CD pipelines, others for user isolation or system reproducibility.
Beyond Classic Package Managers
apt-get (Debian/Ubuntu) and yum/dnf (RHEL/Fedora) are stable, well-integrated. But friction occurs:
- Newer versions needed than provided in stable repos.
- Limited or slow upstream security patches.
- Unpackaged applications; custom builds with optimization flags required.
- Conflicting dependencies in complex multi-user environments.
- Need for non-root/userland installation.
It’s rare for a modern engineering workflow to rely solely on repo defaults.
Compiling from Source
Practical Scenario: Need htop 3.2.1 Features Not in Mainline
Professional environments encounter requirements that pre-packaged binaries don’t meet. Suppose system monitoring mandates htop 3.2.1, but only 2.2.0 is available via apt.
# Install build dependencies (Debian/Ubuntu)
sudo apt-get update
sudo apt-get install -y build-essential autoconf automake libncurses5-dev pkg-config
cd /usr/local/src
sudo wget http://hisham.hm/htop/releases/3.2.1/htop-3.2.1.tar.gz
sudo tar -xzf htop-3.2.1.tar.gz
cd htop-3.2.1
./autogen.sh
./configure --prefix=/usr/local
make -j$(nproc)
sudo make install
htop --version
Note: Using --prefix=/usr/local avoids overwriting system-managed binaries. For auditability and later removal, use checkinstall:
sudo apt-get install checkinstall
sudo checkinstall --pkgname=htop --pkgversion=3.2.1
Gotcha: Dependency issues may arise—missing ncurses often causes configure: error: "Cannot find ncurses libraries."
Snap: Isolated, Multi-Distro Applications
Canonical’s Snap format is now standard in Ubuntu LTS, increasingly adopted elsewhere.
- Advantages: Sandboxing (AppArmor), automatic/atomic updates, system-agnostic (runs on Fedora, Arch, Ubuntu, etc.).
- Trade-offs: Snap startups are slower (SquashFS mount overhead), and classic confinement may break X11 forwarding.
Installation, assuming snapd is not present:
# Debian/Ubuntu:
sudo apt-get install snapd
# Fedora:
sudo dnf install snapd
sudo ln -s /var/lib/snapd/snap /snap
Basic workflow:
sudo snap install code --classic
snap list
snap remove code
Install logs are stored in /var/log/syslog with AppArmor denials—common with misconfigured snaps.
Flatpak: Desktop-First Sandboxing
Flatpak targets graphical applications, avoids host dependency hell, and is widely used by distributions like Fedora Workstation.
sudo apt-get install flatpak
flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
flatpak install flathub org.gimp.GIMP
flatpak run org.gimp.GIMP
- Out-of-tree dependencies are bundled per Flatpak bundle; results in substantial disk usage.
- Isolated from system libraries—some plugins may need explicit permission (
flatpak override --userfor advanced users).
Known issue: Integration with traditional desktop environments can be inconsistent—menu entries may not update until logout.
Containerized Deployment: Docker & Podman
Sometimes, only complete dependency isolation suffices—for instance, deploying Redis 7 with custom config in a test cluster.
docker pull redis:7.0
docker run --rm -d -p 6379:6379 --name redis7-test redis:7.0 --save 900 1 --loglevel warning
docker logs redis7-test
- Docker: Daemon-based, system-wide.
- Podman: Daemonless, rootless by default; compatible with OpenShift and systemd integration.
Switching to Podman (RHEL/Fedora default):
podman run --rm -d -p 8080:80 --name webtest nginx:1.25
Side note: SELinux policies may block container bind mounts—set :Z or :z flags, e.g.
-pv /host/dir:/container/dir:Z
AppImage: On-Demand Portable Executables
For experimental or niche desktop tools, AppImage is direct—no installation or root.
wget https://github.com/OpenShot/openshot-qt/releases/download/v3.1.1/OpenShot-v3.1.1-x86_64.AppImage
chmod +x OpenShot-v3.1.1-x86_64.AppImage
./OpenShot-v3.1.1-x86_64.AppImage
Tip: Integrate AppImages with desktop menus using tools like AppImageLauncher (if desired—manual otherwise).
Security caveat: AppImages run with user permissions but no sandbox—treat as unvetted binaries.
Comparison Matrix
| Method | Pros | Cons | Example Use |
|---|---|---|---|
apt-get / yum | Stable, integrated, transactional | Outdated versions, repo lag | Maintained server packages |
| Compile (source) | Custom builds, latest features | Dependency hell, manual removal | Patching or performance tuning |
| Snap | Security, auto-update, multi-distro | Startup latency, closed backend | Confined GUI apps; VS Code, Slack, etc |
| Flatpak | GUI isolation, wide app catalog | Storage, inconsistent UX | GIMP, Inkscape, sandboxed desktop apps |
| Docker/Podman | Total environment isolation, reproducible | Storage overhead, orchestration needed | Testing, microservices, legacy workloads |
| AppImage | Zero-install, portable | No update chain, permissions risk | Ad hoc tools, demos, fast onboarding |
Closing Observations
No single method universally fits all operational or development needs. Compile directly for performance-critical workloads or vendor-unsupported software. Use Snap or Flatpak for manageable, sandboxed desktop deployments; Docker/Podman for reproducibility and robust isolation. AppImage fills gaps for quick, unprivileged execution.
Whether troubleshooting container startup collisions or managing GNOME menu integration for Flatpaks, gaps remain—for those, fall back on source or scripting. No workflow is flawless, but mastering these approaches increases both system resilience and engineering autonomy.
For advanced package management (rollbacks, user-level packaging), consider Nix or GNU Guix. Not covered here, but relevant.
Issues or non-obvious edge cases? Real logs and steps help clarify—post them for deeper analysis.