This is something I've been wondering how to do for a while and finally decided to give it a try. Run desktop applications from the desktop in a container.
In Linux the best and easiest ways to do this are Flatpaks (Community - generally used on non-Ubuntu-based distros) and Snaps (Canonical maintained and default for many apps in Ubuntu). However, while both are good tools, what if the software you want to run isn't in the Flatpak or Snap repositories? What if the software you want to run in a container is Google Chrome?
Some hard core Linux types may not like having Chrome even installed. "What's it doing? How much information is it taking from me? I don't trust anything from big G. " etc. However, all that said, there are lots of pages and particular web tools - like MS Teams in the browser - which don't work in Firefox or Chromium as they don't have all the DRM packages and other compatibility layers of Google Chrome. So regardless, Chrome is a useful tool, and while it does it's own sandboxing, we can sandbox it in a container with Toolbox.
Steps to getting this working.
Download the .rpm version of Google Chrome from the website.
From the terminal, run toolbox create. If you want to name the container just add a name at the end. If you want to pull from a specific image use --image <image name>. In Silverblue the default image is Fedora 34.
Run toolbox enter to access the container. If you have multiple containers again you can specify the name after 'enter'.
In the folder you downloaded Chrome to, e.g. Downloads run:
sudo dnf install google-chrome-stable_current_x86_64.rpm.
To launch from the container just run:
google-chrome-stable
That should work from the container but what about from the Silverblue desktop?
Search Google (or DuckDuckGo or whatever) for a Chrome icon, and pick whichever seems the best for your needs.
In ./local/share/application create a .desktop file (i.e. chrome.desktop) with the below contents:
[Desktop Entry]
Version=1.0
Terminal=false
GenericName=Web Browser
Type=Application
Name=Google Chrome
Categories=GNOME;GTK;Network;WebBrowser;
Exec=toolbox run google-chrome-stable
Icon=/var/home/joe/Pictures/ChromeIcon.png
MimeType=text/html;text/xml;application/xhtml+xml;application/xml;application/rss+xml;application/rdf+xml;image/gif;image/jpeg;image/png;x-scheme-handler/http;x-scheme-handler/https;x-scheme-handler/ftp;x-scheme-handler/chrome;video/webm;application/x-xpinstall;
StartupNotify=true
You can likely omit much of that like MimeType and categories, but good to keep in. The title [Desktop Entry], Name, Exec, Type, and Icon are all necessary.
In the terminal run:
update-desktop-database ~/.local/share/applications
It should show at this point and can be launched from the GNOME launcher.
Note that if you have multiple containers you can specify which container should run the Chrome browser in the .desktop file.
Exec=toolbox run -c <container name> google-chrome-stable
That is pretty much it.
Took me a while to get working thanks to the reason it always takes a while - a typo. You need to have the .deskop file labeled [Desktop Entry]; [Desktop entry] doesn't work.
The only thing that is a bit problematic is certain fonts, like Chinese characters don't display correctly which should be a dependency issue since the container doesn't have the language paks native to Silverblue. It does prove the container is contained though! It's fixable by installing the language packs in the container:
sudo dnf install google-noto-cjk-fonts-common-20201206-2.fc34.noarch google-noto-sans-tc-fonts-20201206-2.fc34.noarch
Hope it's helpful.
Some more information:
https://docs.fedoraproject.org/en-US/fedora-silverblue/toolbox/
https://www.publish0x.com/the-linux-monitor/how-to-install-brave-browser-on-fedora-silverblue-xpjlzdd
-- this tutorial is largely the same with the Brave browser and a good resource for me when creating this blog. They also go into a couple of other ways to install Chrome in Silverblue, so worth a look.