Toggle menu
Toggle preferences menu
Toggle personal menu
Not logged in
Your IP address will be publicly visible if you make any edits.

Arch User Repository: Difference between revisions

From atl.wiki
m (Chore: Update categories)
(Remove opinionated page lacking sources and focusing solely on AUR helpers, neglecting the official methods for installing from the AUR.)
Tags: Replaced Visual edit
Line 1: Line 1:
AUR which is also known as the '''A'''rch '''U'''ser '''R'''epository is a community-driven repository of PKGBUILDs, anyone can upload a package to the AUR (we will talk about how to do that in this article) and anyone can take down a package too from the AUR which just a simple letter to the mailing list (which stats say that at least 2-3 people are always active trying to look out for malicious PKGBUILD files). Basically, all the PKGBUILD is, it's a way to create an Arch Package, typically having an extension of <code>.pkg.tar.zst</code> (pkg meaning package, tar being a way to merge multiple files/folders into one, zst being a way to compress the file). Such a package with that extension can be installed via the command <code>sudo pacman -U <file>.pkg.tar.zst</code>. However, we would not be going in detail about that.
The '''A'''rch '''U'''ser '''R'''epository (AUR) is a community-driven repository for [[Arch Linux]] users. It contains package descriptions ([[PKGBUILDs]]) that allow you to compile a package from source with [[makepkg]] and then install it via [[pacman]].<ref>[https://wiki.archlinux.org/title/Arch_User_Repository "Arch User Repository"]. Arch Linux.</ref><references />
 
AUR is also very much known to have broken packages (as later said in this article, you can easily add a package to AUR with 0 pushbacks 90% of the time), however if you read the PKGBUILDs (with an AUR helper that gives you the option to do so) then you can easily figure out if it will install or not. In a simple context, the average PKGBUILD will have two functions, it will be structured and functioned just like a regular bash script with metadata at top and two functions below, first function is the <code>prepare()</code> function and the other is <code>package()</code> function, to be short : the prepare function creates a directory for the package it is supposed to make and then adds all binaries, config files into how pacman will understand, the package function will just add final scripts, make the package (via <code>makepkg</code>) and then install it through pacman, however this is not always the case since all PKGBUILDs are just like regular bash scripts, you can just have a prepare function to check the files downloaded through source and the package function just putting the files in user directories, this way you won't need root permissions at all. We will see that in detail.<ref>https://wiki.archlinux.org/title/Arch_User_Repository</ref>
 
=== Significance ===
AUR being one of the biggest package sources in the Linux community, it has over 60,000 packages and active volunteers to quality check the unfiltered packages. AUR packages are very creative in their own regard also, from people managing to install packages from other formats (.deb) where it's not even made for Arch Linux<ref>https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=google-chrome</ref> to people using Windows Electron applications and modifying it to work on Linux<ref>https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=deezer</ref>, it is no surprise that you can find almost any package possible on the AUR.
 
=== Safety ===
With the great power of the AUR, you will be surprised by how secure it is, most people say it is very unsafe, however if you get the habit of reading the PKGBUILD files before installing them, you will never run into issues, but this is not even that severe of a security flaw due to how many people are always checking new packages submitted.
 
The main issue starts with a famous term "dependency hell" which to be short means "installing separate packages that require a certain dependency of a specific version but they both have separate version requirements so you end up with a broken installation". Yeah, it sounds very complicated, because it is. Basically, if you have any 2 separate packages, one could be from your extra or core repositories (check the [[Pacman#Repositories|pacman]] page to learn about default repositories) and the other one could be from the AUR, well if the package maintainer of the AUR package and the package from the extra's repository, let's say depends on <code>ffmpeg</code> and it requires a very old version, well since the packages on the extra's repository are always kept up-to-date as soon as possible, you might end up having a "dependency hell" where pacman wants to use a newer version for the package in extra repository but the AUR package requires an older version and then you end up with a corrupted package and if the package is an important package for the system, you will end up with a full corrupted install.
 
=== Naming Scheme ===
This is a very strictly enforced naming scheme in the AUR and it is basically adding a suffix that determines the package type.. The main ones are:
 
* <code>-git</code> : which means that the package will clone and build manually through a git repository. (Most likely GitHub or GitLab repository)
* <code>-bin</code> : which means that the package will just fetch a pre-compiled binary and install the configuration files. (RECOMMENDED)
* No Suffix : which means that the package is either proprietary or it is compiling or source-based package. Just see the PKGBUILD for this one.
 
Now, ideally you would pick the <code>-bin</code> package or a proprietary package with no suffix meaning that it will just use binary anyways (because you cannot manually compile programs without source code), this is because it is much faster to use a pre-compiled binary as opposed to letting it manually clone, build and install.
 
=== Installing AUR packages ===
This might be a little complicated for those who aren't familiar with the way Arch Linux packages work but it is quite easy to grab.
 
Basically, if you used <code>archinstall</code><ref>https://wiki.archlinux.org/title/Archinstall</ref> for your system, you probably have this package called <code>base-devel</code>, it means base development and this is what allows us to install packages from the AUR repository, you must have <code>git</code> installed too since we need to clone packages. If you installed Arch Linux the manual way you have probably pacstrapped it because it is recommended in the ArchWiki, if you haven't then please install <code>base-devel</code> through pacman.
 
To summarize, installing any package from AUR is basically getting a PKGBUILD that tells the system to create a package and install, it is kind of weird but essentially an AUR package is instructions to make an Arch Linux package. We will try to install the <code>waterfox-bin</code><ref name=":0">https://aur.archlinux.org/packages/waterfox-bin</ref> package because it is not available in the extra or core repository. (To understand the <code>-bin</code> suffix, please check the naming scheme above).
 
To install <code>waterfox-bin</code><ref name=":0" /> via the AUR, you have to install <code>git</code> and <code>base-devel</code> via pacman as said earlier. Then you will use <code>git clone <nowiki>https://aur.archlinux.org/waterfox-bin.git</nowiki></code>, that will clone the PKGBUILD for Waterfox and put it in your current directory. Use <code>cd waterfox-bin</code> to go inside that directory and then run <code>makepkg -si</code> which will use <code>makepkg</code> to make the package and ask to install it. What we are doing here is using a single file to build an Arch Linux package for us and install that. This will successfully install the package. Yeah, it was that easy, to make it more easy however, we have AUR Helpers.
 
=== AUR Helpers ===
There are majorly 8 AUR helpers but only 3 most commonly used ones, namely:
 
* <code>yay</code><ref>https://github.com/Jguer/yay</ref> (Yet another yogurt) : This is the most widely used AUR helper and is also surprisingly the most downloaded package on the AUR! It is written in go but it has a lot of propaganda behind it that it is dying and it is dead, one of the main developers from <code>yay</code> actually started <code>paru</code>, which is our next AUR helper.
* <code>paru</code><ref>https://github.com/morganamilo/paru</ref> : This is by far the second most recognized AUR helper in the community and it is the most recent one, being made by one of the main developers of <code>yay</code>, it should be no surprise here that it is fully feature packed and offers a lot of features, we recommend this the most due to how it always forces you to review PKGBUILDs that you try to install, this always keeps you safe and forces you to be careful. It can get annoying sometimes but it is a very good habit to maintain especially if you like to scavenger hunt new packages every day. This AUR helper is written in Rust.
* <code>pacaur</code><ref>https://github.com/rmarquis/pacaur</ref> : This is out of date nowadays and does not receive any support due to it lacking a lot of features, originally it was started as an AUR helper that minimizes user interaction but it is not being actively used right now and it is written in Bash. It is quite nostalgic to a lot of people so it is still fairly widely used.
 
There are other AUR helpers but these 3 are the most common and easiest to use. We will focus with <code>paru</code> because of it being the most verbose AUR helper, it has some unsafe flags but you won't encounter it in most cases.
 
To install an AUR helper, you do it just like a package except we will use the <code>-bin</code> versions of the package, see this is what most beginners in the community do wrong, they install the regular without <code>-bin</code> suffix AUR helper package build file. As we saw earlier at naming schemes, without that suffix, the package will be manually cloned and compiled then put into your system, but using the <code>-bin</code> packages just use a pre-compiled binary.
 
This is a guide to install <code>paru</code> AUR helper but you can use the same with any AUR helper by just switching the names.
 
# Run this command <code>sudo pacman -S base-devel git --needed --noconfirm</code> . This command looks very scary but it just installs git and the required package commands we want, it will not ask the user for any <code>(y/n)</code> but rather just do it and it will also prevent reinstalling so if you have both of these installed, it will just say that it is already installed and that it is skipping.
# Then you run <code>git clone https://aur.archlinux.org/paru-bin.git --depth=1</code>, that will download our PKGBUILD from the AUR, this is one of the most common beginner mistake, they complain it takes too long but they never download the binary PKGBUILD script. The <code>--depth=1</code> flag is to just tell git to not get previous commit information and only get commit information from the last <n> number of commits, which here is 1 since we will just build and remove that directory. Once it is cloned, <code>cd</code> into that directory.
# Once you are inside the directory, run <code>makepkg -si</code> and then wait, depending on your network you should take roughly 2-10 minutes to download and install. After it is done, just run <code>paru</code> and check. (if you do leave your devices and when you come back you see that it was waiting for root permission and that it had quit now saying timeout exceeded, you can just do a <code>ls</code> and check, there should be a package file [extension: <code>.pkg.tar.zst</code>], if it does then just do <code>sudo pacman -U <file>.pkg.tar.zst</code>)
 
Done! Now you can enjoy installing packages. With paru you might want to change this one main thing, go into your <code>/etc/paru.conf</code> file with your favorite text editor. The most important thing you have to change is:
 
Since paru by default when just ran with example: <code>paru brave</code>, it will by default print from first to last but there's a problem, now you cannot get the most relevant one to your search and end up with a lot of useless packages at the start, well you should un-comment the line where it says <code>BottomUp</code> in the configuration file, if it is not there just add a new line under the options category and write <code>BottomUp</code>.
 
Other than that you can play around and add or remove flags however you like but don't forget to add/uncomment <code>Color</code> from the <code>/etc/pacman.conf</code> file because yes that effects to paru also. You can add <code>ILoveCandy</code> for quirky progress bars.
 
=== General AUR Helper Commands ===
Spotlight to the paru AUR helper but all these commands should work with yay which is about 90% of users when paru + yay are combined.
{| class="wikitable"
|+Commands List
!Command
!Purpose
!Is marked unsafe?
|-
|<code>paru</code> & <code>paru -Syu</code>
|Both update all packages from pacman and the AUR
|<code>paru -Sy</code> is marked unsafe.
|-
|<code>paru <package_name></code>
|This command tells paru to search the AUR and allow you to select one or multiple packages to download and install from the AUR
|No
|-
|<code>paru -S <package_name></code>
|Unless the <code>AurOnly</code> flag is not enabled in the configuration file, this will install a package if that specific name is a packge from the AUR or from pacman
|No
|-
|<code>paru -Ss <package_name></code>
|Will act the same way as <code>paru <package_name></code> would except it will not allow you to select anything but rather just print a list in the same format
|No
|-
|<code>paru -Sua</code>
|Will only upgrade packages from the AUR
|No
|-
|<code>paru -Rns</code>
|This will remove an AUR package (or a regular system package without the <code>AurOnly</code> flag) and will remove any configuration files it had.
|No
|-
|<code>paru -Rnsc</code>
|This will remove an AUR package (or a regular system package without the <code>AurOnly</code> flag) and will remove any configuration files it had except it will also remove all cascading dependencies the program had installed.
|No, but it can be dangerous if you don't check the packages
|}
 
=== PKGBUILDs ===
(WORK IN PROGRESS)
<references />
[[Category:Terminology]]
[[Category:Terminology]]

Revision as of 07:31, 6 June 2024

The Arch User Repository (AUR) is a community-driven repository for Arch Linux users. It contains package descriptions (PKGBUILDs) that allow you to compile a package from source with makepkg and then install it via pacman.[1]