Flatpak is thought to have serious security concerns that should be considered before using Flatpak on secure systems.
Flatpak is a package management framework aiming to provide support for sandboxed, distro-agnostic binary packages for Linux desktop applications.
USE flags for sys-apps/flatpak Linux application sandboxing and distribution framework
||Add extra documentation (API, Javadoc, etc). It is recommended to enable per package instead of globally|
||Add support for x11-libs/gtk+ (The GIMP Toolkit)|
||Add support for GObject based introspection|
||Add support for software made by KDE, a free software community|
||Enable PolicyKit (polkit) authentication support|
||Enable seccomp (secure computing mode) to perform system call filtering at runtime to increase security of programs|
||Enable use of systemd-specific libraries and features like socket activation or session tracking|
Chromium-based browsers suggest disabling suid USE-flag for sys-apps/bubblewrap for performance reasons.
Flatpak installation guide suggested to restart the system after installation. This might be no longer necessary.
emerge --ask sys-apps/flatpak
Add flathub repository
All operations with flatpak can be performed as user or as root, if performing as user --user flag can help if there are issues with permissions.
flatpak remote-add --user --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
- /var/lib/flatpak - global flatpak state (system-wide installed apps and repos)
- ~/.local/share/flatpak - per-user flatpak state (locally installed apps and repos)
- ~/.var/app/ - per application state (configuration files and cache)
To install an application, e.g. Thunderbird, run:
flatpak --user install org.mozilla.Thunderbird
To run the application use created .desktop file or run:
flatpak run org.mozilla.Thunderbird
To update installed applications and runtimes:
Flatpak documentiation offers a good guide about desktop integration and theming.
Flatpak applications don't follow the system's GTK theme by default. First find out what's the current GTK theme, e.g. Materia-dark-compact, and then install it for Flatpak applications to use. 
gsettings get org.gnome.desktop.interface gtk-theme
flatpak install flathub org.gtk.Gtk3theme.Materia-dark-compact
Desktop integration for Wayland
When using WMs such as Sway, installing xdg portals is needed for full integration. There are different backends available for this matter:
- GTK backend: 'xdg-desktop-portal-gtk'
- KDE backend 'xdg-desktop-portal-kde' (in development)
- Wayland/wlroots backend: 'xdg-desktop-portal-wlr' (in development)
emerge --ask sys-apps/xdg-desktop-portal
emerge --ask sys-apps/xdg-desktop-portal-gtk
emerge --ask gui-libs/xdg-desktop-portal-wlr
Ensuring portals are running
Please note that sometimes these libraries aren't pulled automatically by the OS and need to be run by the user, for example they can be pulled in Sway configuration:
exec /usr/libexec/xdg-desktop-portal-gtk -r exec /usr/libexec/xdg-desktop-portal-wlr -r exec "sh -c 'sleep 5;exec /usr/libexec/xdg-desktop-portal -r'"
Fixing jagged fonts on Wayland
emerge --ask gnome-base/gnome-settings-daemon
- Docker — a container virtualization environment
- LXD — is a next generation system container manager.