Provide way to mount/extract AppImages without having user call them

[TheAssassin]

In situations when AppImages are not trustworthy, mounting AppImages becomes problematic. On the one hand a user doesn't want to execute the AppImage itself to use the --appimage-[mount|extract] options, as they can't know what's going to happen then (the runtime might be infected, for example). But on the other hand, mounting as root with sudo mount has a lot of disadvantages.

We should provide some tool for users to allow them to extract any AppImage without having to use the runtime in the AppImage. We've been talking about such an option for quite a while already, and I think it's time to finally implement it.

To Do:

• extract mounting/extraction code for type 2 AppImages into a separate module, and provide it via the libappimage API
• implement --mount option in appimagetool
• eventually provide option to mount/extract type 1 AppImages as well (this is long overdue)

In my opinion, this should go into appimagetool rather than providing an extra application.

[probonopd]

Imho, appimagetool should get the ability to extract type 1 and 2 AppImages. But the priority is lower than the number one and two annoyances :)

[mikeweilgart]

This issue may get extra attention now since it's been linked to from comments on a question on the "Ask Ubuntu" website: https://askubuntu.com/q/1231597/457111

[probonopd]

The answers in that "Ask Ubuntu" article are mixing some things up. So maybe @mikeweilgart you'd like to point to this answer:

First of all, you need to find out which type of AppImage you have.

me@host:~$ xxd ./some.AppImage | head -n 1
00000000: 7f45 4c46 0201 0100 4149 0200 0000 0000  .ELF....AI......

• If you see 4149 02 there, then you have a type-2 AppImage
• If you see 4149 01 there, then you have a type-1 AppImage
• If you don't see either there, then you most likely can still follow the instructions for a type-1 AppImage

So, here is how to extract (unpack) AppImages without having to run them:

• For type-2 AppImages, you can extract them by

wget -c "https://github.com/AppImage/AppImageKit/releases/download/continuous/runtime-x86_64"
chmod +x runtime-x86_64
TARGET_APPIMAGE=pat/to/AppImage ./runtime --appimage-extract ./runtime-x86_64

• For type-1 AppImages, you can extract them by renaming them .iso and then using a tool like Iso7z that can handle zisofs to extract them, or loop-mounting them

This answer should also address the original question, "Provide way to mount/extract AppImages without having user call them", hence closing.

[Docteh]

I tried the included instructions at the end, ended up doing like this and it worked

TARGET_APPIMAGE=/full/path/to.AppImage ./runtime-x86_64 --appimage-extract

and it worked.