OPTIONS¶
The following options are understood:
-h, --help
Show help options and exit.
--user
Look for the application and runtime in per-user
installations.
--system
Look for the application and runtime in the default
system-wide installations.
--installation=NAME
Look for the application and runtime in the system-wide
installation specified by NAME among those defined in
/etc/flatpak/installations.d/. Using --installation=default is
equivalent to using --system.
-v, --verbose
Print debug information during command processing.
--ostree-verbose
Print OSTree debug information during command
processing.
--arch=ARCH
The architecture to run. See flatpak
--supported-arches for architectures supported by the host.
--command=COMMAND
The command to run instead of the one listed in the
application metadata.
--cwd=DIR
The directory to run the command in. Note that this must
be a directory inside the sandbox.
--branch=BRANCH
The branch to use.
-d, --devel
Use the devel runtime that is specified in the
application metadata instead of the regular runtime, and use a seccomp profile
that is less likely to break development tools.
--runtime=RUNTIME
Use this runtime instead of the one that is specified in
the application metadata. This is a full tuple, like for example
org.freedesktop.Sdk/x86_64/1.2, but partial tuples are allowed. Any empty or
missing parts are filled in with the corresponding values specified by the
app.
--runtime-version=VERSION
Use this version of the runtime instead of the one that
is specified in the application metadata. This overrides any version specified
with the --runtime option.
--share=SUBSYSTEM
Share a subsystem with the host session. This overrides
the Context section from the application metadata. SUBSYSTEM must be one of:
network, ipc. This option can be used multiple times.
--unshare=SUBSYSTEM
Don't share a subsystem with the host session. This
overrides the Context section from the application metadata. SUBSYSTEM must be
one of: network, ipc. This option can be used multiple times.
--socket=SOCKET
Expose a well known socket to the application. This
overrides to the Context section from the application metadata. SOCKET must be
one of: x11, wayland, fallback-x11, pulseaudio, system-bus, session-bus,
ssh-auth, pcsc, cups. This option can be used multiple times.
--nosocket=SOCKET
Don't expose a well known socket to the application. This
overrides to the Context section from the application metadata. SOCKET must be
one of: x11, wayland, fallback-x11, pulseaudio, system-bus, session-bus,
ssh-auth, pcsc, cups. This option can be used multiple times.
--device=DEVICE
Expose a device to the application. This overrides to the
Context section from the application metadata. DEVICE must be one of: dri,
kvm, shm, all. This option can be used multiple times.
--nodevice=DEVICE
Don't expose a device to the application. This overrides
to the Context section from the application metadata. DEVICE must be one of:
dri, kvm, shm, all. This option can be used multiple times.
--allow=FEATURE
Allow access to a specific feature. This overrides to the
Context section from the application metadata. FEATURE must be one of: devel,
multiarch, bluetooth. This option can be used multiple times.
See flatpak-build-finish(1) for the meaning of the various
features.
--disallow=FEATURE
Disallow access to a specific feature. This overrides to
the Context section from the application metadata. FEATURE must be one of:
devel, multiarch, bluetooth. This option can be used multiple times.
--filesystem=FILESYSTEM
Allow the application access to a subset of the
filesystem. This overrides to the Context section from the application
metadata. FILESYSTEM can be one of: home, host, host-os, host-etc,
xdg-desktop, xdg-documents, xdg-download, xdg-music, xdg-pictures,
xdg-public-share, xdg-templates, xdg-videos, xdg-run, xdg-config, xdg-cache,
xdg-data, an absolute path, or a homedir-relative path like ~/dir or paths
relative to the xdg dirs, like xdg-download/subdir. The optional :ro suffix
indicates that the location will be read-only. The optional :create suffix
indicates that the location will be read-write and created if it doesn't
exist. This option can be used multiple times. See the "[Context]
filesystems" list in
flatpak-metadata(5) for details of the
meanings of these filesystems.
--nofilesystem=FILESYSTEM
Remove access to the specified subset of the filesystem
from the application. This overrides to the Context section from the
application metadata. FILESYSTEM can be one of: home, host, host-os, host-etc,
xdg-desktop, xdg-documents, xdg-download, xdg-music, xdg-pictures,
xdg-public-share, xdg-templates, xdg-videos, an absolute path, or a
homedir-relative path like ~/dir. This option can be used multiple
times.
--add-policy=SUBSYSTEM.KEY=VALUE
Add generic policy option. For example,
"--add-policy=subsystem.key=v1 --add-policy=subsystem.key=v2" would
map to this metadata:
[Policy subsystem]
key=v1;v2;
This option can be used multiple times.
--remove-policy=SUBSYSTEM.KEY=VALUE
Remove generic policy option. This option can be used
multiple times.
--env=VAR=VALUE
Set an environment variable in the application. This
overrides to the Context section from the application metadata. This option
can be used multiple times.
--own-name=NAME
Allow the application to own the well known name NAME on
the session bus. If NAME ends with .*, it allows the application to own all
matching names. This overrides to the Context section from the application
metadata. This option can be used multiple times.
--talk-name=NAME
Allow the application to talk to the well known name NAME
on the session bus. If NAME ends with .*, it allows the application to talk to
all matching names. This overrides to the Context section from the application
metadata. This option can be used multiple times.
--no-talk-name=NAME
Don't allow the application to talk to the well known
name NAME on the session bus. If NAME ends with .*, it allows the application
to talk to all matching names. This overrides to the Context section from the
application metadata. This option can be used multiple times.
--system-own-name=NAME
Allow the application to own the well known name NAME on
the system bus. If NAME ends with .*, it allows the application to own all
matching names. This overrides to the Context section from the application
metadata. This option can be used multiple times.
--system-talk-name=NAME
Allow the application to talk to the well known name NAME
on the system bus. If NAME ends with .*, it allows the application to talk to
all matching names. This overrides to the Context section from the application
metadata. This option can be used multiple times.
--system-no-talk-name=NAME
Don't allow the application to talk to the well known
name NAME on the system bus. If NAME ends with .*, it allows the application
to talk to all matching names. This overrides to the Context section from the
application metadata. This option can be used multiple times.
--persist=FILENAME
If the application doesn't have access to the real
homedir, make the (homedir-relative) path FILENAME a bind mount to the
corresponding path in the per-application directory, allowing that location to
be used for persistent data. This overrides to the Context section from the
application metadata. This option can be used multiple times.
--no-session-bus
Run this instance without the filtered access to the
session dbus connection. Note, this is the default when run with
--sandbox.
--session-bus
Allow filtered access to the session dbus connection.
This is the default, except when run with --sandbox.
Isandbox mode, even if you allow access to the session bus the
sandbox cannot talk to or own the application ids (org.the.App.*) on the bus
(unless explicitly added), only names in the .Sandbox subset
(org.the.App.Sandbox.*).
--no-a11y-bus
Run this instance without the access to the accessibility
bus. Note, this is the default when run with --sandbox.
--a11y-bus
Allow access to the accessibility bus. This is the
default, except when run with --sandbox.
--sandbox
Run the application in sandboxed mode, which means
dropping all the extra permissions it would otherwise have, as well as access
to the session/system/a11y busses and document portal.
--log-session-bus
Log session bus traffic. This can be useful to see what
access you need to allow in your D-Bus policy.
--log-system-bus
Log system bus traffic. This can be useful to see what
access you need to allow in your D-Bus policy.
-p, --die-with-parent
Kill the entire sandbox when the launching process
dies.
--parent-pid=PID
Specifies the pid of the "parent" flatpak, used
by --parent-expose-pids.
--parent-expose-pids
Make the processes of the new sandbox visible in the
sandbox of the parent flatpak, as defined by --parent-pid.
--instance-id-fd
Write the instance ID string to the given file
descriptor.
--file-forwarding
If this option is specified, the remaining arguments are
scanned, and all arguments that are enclosed between a pair of '@@' arguments
are interpreted as file paths, exported in the document store, and passed to
the command in the form of the resulting document path. Arguments between
'@@u' and '@@' are considered uris, and any file: uris are exported. The
exports are non-persistent and with read and write permissions for the
application.