(Link to AUR) |
PratyushKing (talk | contribs) (added Creating AUR Package, Installing AUR packages, Safety) |
||
| Line 1: | Line 1: | ||
The [https://aur.archlinux.org/ '''Arch''' '''User''' '''Repository'''] (AUR) is a community-driven repository for [[Arch Linux]] users. It contains package descriptions ([[PKGBUILDs]]) that allow you to compile a package from source with [[makepkg]] and then install it via [[pacman]].<ref name=":0">[https://wiki.archlinux.org/title/Arch_User_Repository "Arch User Repository"]. Arch Linux.</ref> | The [https://aur.archlinux.org/ '''Arch''' '''User''' '''Repository'''] (AUR) is a community-driven repository for [[Arch Linux]] users. It contains package descriptions ([[PKGBUILDs]]) that allow you to compile a package from source with [[makepkg]] and then install it via [[pacman]].<ref name=":0">[https://wiki.archlinux.org/title/Arch_User_Repository "Arch User Repository"]. Arch Linux.</ref> | ||
The AUR also has its own voting system. All packages are eligible for adoption by a Package Maintainer for inclusion in the <code>extra</code> repository, and the vote count is one of the considerations in that process. Packages that enter the extra repository can be directly installed with [[pacman]].<ref name=":0" /><references /> | The AUR also has its own voting system. All packages are eligible for adoption by a Package Maintainer for inclusion in the <code>extra</code> repository, and the vote count is one of the considerations in that process. Packages that enter the extra repository can be directly installed with [[pacman]].<ref name=":0" /> | ||
=== How does it work? === | |||
The Arch User Repository or the AUR unlike your regular repository, '''does not host made packages''' but rather it hosts PKGBUILDs that can be used to make packages, these PKGBUILDs contain metadata at the top and mainly two functions/methods: | |||
* <code>prepare()</code> : This function prepares your package folder which is the extracted view of a typical package. | |||
* <code>package()</code> : This function adds basic metadata (optionally verification keys like SHA256 ones) and then generates the package. | |||
The surprising part about the AUR is that most packages do not need to follow this style, the packages can just directly copy configuration and binary files directly to their respective places without requiring to make a package. In fact because of the flexibility of AUR packages, you can make your own package by just using a package converter and cloning some package not made for Arch Linux and just convert the package into an Arch-compatible one. It sure works! You can even package apps by manually editing the files of a package and just use that. Unlike any other packaging format, PKGBUILDs can be installed without root too because they are indeed just scripts. It is however suggested to properly read the PKGBUILDs you get from the AUR for your own safety. | |||
=== Installation of packages === | |||
While there are simpler ways to do this, we will use the officially recommended method, which is manually installing it. To start, you must be on an Arch Linux system and install the following packages: | |||
* <code>git</code> : This will be used to clone a package from the AUR. | |||
* <code>base-devel</code> : This should be probably installed but if it isn't, you must do. This gives us the tools to make PKGBUILDs. | |||
You can [https://aur.archlinux.org/packages?O=0&K= search the AUR] and choose your package, we will take the <code>visual-studio-code-bin</code> package because it is an AUR exclusive, you can pick any package you like and just replace the name. | |||
To install, follow these steps: | |||
* <code>git clone https://aur.archlinux.org/visual-studio-code-bin.git</code> : This will clone the package from the AUR and will be stored in your current directory. | |||
* <code>cd visual-studio-code-bin</code> : This will put you into the directory of your cloned package. | |||
* <code>makepkg -si</code> : <code>makepkg</code> is one of the main utilities to install any AUR package, the <code>-s</code> flag syncs any dependencies of your package (so it won't give you an error if the package dependencies are not installed) and the <code>-i</code> flag will install the package generated if your package is made and has no errors. | |||
And that's it, you can run the program and check it out! You can do this with any program and it will work! | |||
To make this process simpler and more intuitive, people have made AUR helpers, we are not going to go in depth with those but basically the most basic ones can search and download such packages, the more advanced ones can search and build and then the most commonly used ones are termed as pacman wrappers which means that they can search, build, update and can also deal with system packages so you can update your system entirely with such AUR helpers (you must not remove pacman however, these helpers just act as pacman and run pacman for you). You can take a look at this on the [[AUR helpers]] page. | |||
=== Package Naming === | |||
All packages have either one of three suffixes: | |||
* <code>-bin</code> : These packages are what you should install since they are pre-built binary packages and reduce effort in compiling programs by source. | |||
* <code>-git</code> : These packages are generally not recommended but they are more commonly found, these are compiled from source and they are downloaded via GitHub or GitLab. | |||
* No Suffix or other suffix : These packages are either proprietary or are compiled from other sources. Generally not recommended unless you know about that package. | |||
You should also look out for 'marked as orphaned' or 'marked as out of date' packages as they are commonly found with packages that have the <code>-git</code> suffix. The binary ones are recommended for every package and are probably the most frequently updated ones. | |||
=== Creating a package === | |||
To create a PKGBUILD for the AUR it is quite simple, you can follow these steps: | |||
* Make a folder for your package separately and make a file inside that folder just called <code>PKGBUILD</code> (case-sensitive). | |||
* Inside that file add [https://wiki.archlinux.org/title/PKGBUILD required metadata] and/or optional ones for your PKGBUILD. | |||
* Then you need to add the functions, these look like bash functions and scripts of similar kind, like we said earlier about the <code>prepare()</code> and <code>package()</code> functions but we do also need some more important functions like <code>pkgver()</code>, <code>build()</code> and <code>check()</code> depending on what kind of package you are trying to make. These functions are more properly explained [https://wiki.archlinux.org/title/Creating_packages#PKGBUILD_functions here]. | |||
* And then, just check your package, save it, then run the same command as before <code>makepkg -si</code> to check the package. If it does build and prompts you to install that means it worked! You can also use [https://wiki.archlinux.org/title/Namcap namcap] to check errors in the package. | |||
* To submit your package to the AUR, create an account on the AUR properly and setup the SSH keys. Please do also make sure that the package you are making is not already made. | |||
* Once done, just open your terminal and run git clone <code>https://aur.archlinux.org/<your_package_name>.git</code>, you might think it is not made but what you are actually doing here is sending a request to the AUR to create a package and clone it. When the AUR receives a clone request for a package not already made, it just creates a new blank repository, make sure it is created via your AUR SSH key. Also, make sure to add the suffix as mentioned earlier since the packages are actively moderated by volunteers and they may strike your package down. | |||
* Copy the PKGBUILD you made into this folder you have cloned, go inside that folder and run <code>makepkg --printsrcinfo > .SRCINFO</code>. This will create a required .SRCINFO file that just contains general metadata for AUR such as description and other things. Then, you can just add the two files via git, make a commit with a message like "Initial commit" and then push it. It should work and the package should be visible on the AUR in a few minutes. Please note that the AUR will not permit the package on the AUR repository if it does not find the .SRCINFO file. | |||
If you want to delete, merge, orphan or mark your or any package out of date, you can send a request to the AUR mailing list. | |||
=== Safety === | |||
Like we saw just now, you can easily publish your package to the AUR with no checks other than the general SRCINFO file, while the AUR is actively moderated by volunteers, there are still a few malicious packages that are not caught because of which we suggest everyone to read the PKGBUILDs they use from the AUR ensuring that it is a safe one. | |||
We do also encourage people to actively go to the AUR mailing list and report malicious package that are not caught under the radar. The AUR has over 60,000 packages and we hope you actively report packages and do your best to keep the AUR clean. | |||
<references /> | |||
[[Category:Terminology]] | [[Category:Terminology]] | ||
Revision as of 06:52, 8 June 2024
The Arch User Repository (AUR) is a community-driven repository for Arch Linux users. It contains package descriptions (PKGBUILDs) that allow you to compile a package from source with makepkg and then install it via pacman.[1]
The AUR also has its own voting system. All packages are eligible for adoption by a Package Maintainer for inclusion in the extra repository, and the vote count is one of the considerations in that process. Packages that enter the extra repository can be directly installed with pacman.[1]
How does it work?
The Arch User Repository or the AUR unlike your regular repository, does not host made packages but rather it hosts PKGBUILDs that can be used to make packages, these PKGBUILDs contain metadata at the top and mainly two functions/methods:
prepare(): This function prepares your package folder which is the extracted view of a typical package.package(): This function adds basic metadata (optionally verification keys like SHA256 ones) and then generates the package.
The surprising part about the AUR is that most packages do not need to follow this style, the packages can just directly copy configuration and binary files directly to their respective places without requiring to make a package. In fact because of the flexibility of AUR packages, you can make your own package by just using a package converter and cloning some package not made for Arch Linux and just convert the package into an Arch-compatible one. It sure works! You can even package apps by manually editing the files of a package and just use that. Unlike any other packaging format, PKGBUILDs can be installed without root too because they are indeed just scripts. It is however suggested to properly read the PKGBUILDs you get from the AUR for your own safety.
Installation of packages
While there are simpler ways to do this, we will use the officially recommended method, which is manually installing it. To start, you must be on an Arch Linux system and install the following packages:
git: This will be used to clone a package from the AUR.base-devel: This should be probably installed but if it isn't, you must do. This gives us the tools to make PKGBUILDs.
You can search the AUR and choose your package, we will take the visual-studio-code-bin package because it is an AUR exclusive, you can pick any package you like and just replace the name.
To install, follow these steps:
git clone https://aur.archlinux.org/visual-studio-code-bin.git: This will clone the package from the AUR and will be stored in your current directory.cd visual-studio-code-bin: This will put you into the directory of your cloned package.makepkg -si:makepkgis one of the main utilities to install any AUR package, the-sflag syncs any dependencies of your package (so it won't give you an error if the package dependencies are not installed) and the-iflag will install the package generated if your package is made and has no errors.
And that's it, you can run the program and check it out! You can do this with any program and it will work!
To make this process simpler and more intuitive, people have made AUR helpers, we are not going to go in depth with those but basically the most basic ones can search and download such packages, the more advanced ones can search and build and then the most commonly used ones are termed as pacman wrappers which means that they can search, build, update and can also deal with system packages so you can update your system entirely with such AUR helpers (you must not remove pacman however, these helpers just act as pacman and run pacman for you). You can take a look at this on the AUR helpers page.
Package Naming
All packages have either one of three suffixes:
-bin: These packages are what you should install since they are pre-built binary packages and reduce effort in compiling programs by source.-git: These packages are generally not recommended but they are more commonly found, these are compiled from source and they are downloaded via GitHub or GitLab.- No Suffix or other suffix : These packages are either proprietary or are compiled from other sources. Generally not recommended unless you know about that package.
You should also look out for 'marked as orphaned' or 'marked as out of date' packages as they are commonly found with packages that have the -git suffix. The binary ones are recommended for every package and are probably the most frequently updated ones.
Creating a package
To create a PKGBUILD for the AUR it is quite simple, you can follow these steps:
- Make a folder for your package separately and make a file inside that folder just called
PKGBUILD(case-sensitive). - Inside that file add required metadata and/or optional ones for your PKGBUILD.
- Then you need to add the functions, these look like bash functions and scripts of similar kind, like we said earlier about the
prepare()andpackage()functions but we do also need some more important functions likepkgver(),build()andcheck()depending on what kind of package you are trying to make. These functions are more properly explained here. - And then, just check your package, save it, then run the same command as before
makepkg -sito check the package. If it does build and prompts you to install that means it worked! You can also use namcap to check errors in the package. - To submit your package to the AUR, create an account on the AUR properly and setup the SSH keys. Please do also make sure that the package you are making is not already made.
- Once done, just open your terminal and run git clone
https://aur.archlinux.org/<your_package_name>.git, you might think it is not made but what you are actually doing here is sending a request to the AUR to create a package and clone it. When the AUR receives a clone request for a package not already made, it just creates a new blank repository, make sure it is created via your AUR SSH key. Also, make sure to add the suffix as mentioned earlier since the packages are actively moderated by volunteers and they may strike your package down. - Copy the PKGBUILD you made into this folder you have cloned, go inside that folder and run
makepkg --printsrcinfo > .SRCINFO. This will create a required .SRCINFO file that just contains general metadata for AUR such as description and other things. Then, you can just add the two files via git, make a commit with a message like "Initial commit" and then push it. It should work and the package should be visible on the AUR in a few minutes. Please note that the AUR will not permit the package on the AUR repository if it does not find the .SRCINFO file.
If you want to delete, merge, orphan or mark your or any package out of date, you can send a request to the AUR mailing list.
Safety
Like we saw just now, you can easily publish your package to the AUR with no checks other than the general SRCINFO file, while the AUR is actively moderated by volunteers, there are still a few malicious packages that are not caught because of which we suggest everyone to read the PKGBUILDs they use from the AUR ensuring that it is a safe one.
We do also encourage people to actively go to the AUR mailing list and report malicious package that are not caught under the radar. The AUR has over 60,000 packages and we hope you actively report packages and do your best to keep the AUR clean.
- ↑ 1.0 1.1 "Arch User Repository". Arch Linux.