Difference between revisions of "AUR Trusted User Guidelines"

From ArchWiki
Jump to navigation Jump to search
(article summary)
Line 2: Line 2:
[[Category:About Arch (English)]]
[[Category:About Arch (English)]]
[[Category:Guidelines (English)]]
[[Category:Guidelines (English)]]
{{Article summary start}}
{{Article summary text|Explains Arch User Repository's Trusted Users.}}
{{Article summary heading|Available in languages}}
{{i18n_entry|English|AUR Trusted User Guidelines}}
{{i18n_entry|English|AUR Trusted User Guidelines}}
{{i18n_entry|简体中文|AUR Trusted User 导引}}
{{i18n_entry|简体中文|AUR Trusted User 导引}}
{{Article summary heading|Related articles}}
{{Article summary wiki|AUR Q & A}}
{{Article summary wiki|AUR User Guidelines}}
{{Article summary wiki|AUR}}
{{Article summary end}}
=The Trusted User (TU)=
=The Trusted User (TU)=

Revision as of 08:50, 6 February 2007

Template:Article summary start Template:Article summary text Template:Article summary heading Template:I18n entry Template:I18n entry Template:Article summary heading Template:Article summary wiki Template:Article summary wiki Template:Article summary wiki Template:Article summary end

The Trusted User (TU)

The Trusted User (TU) is a member of the community charged with keeping the AUR in working order. He/she maintains popular packages, and votes in administrative matters. A TU is elected from active community members by current TUs in a democratic process. TUs are the only members who have a final say in the direction of the AUR.

The TUs are governed using the TUbylaws

TU Duties


The TUs should also make an effort to check package submissions in UNSUPPORTED for malicious code and good PKGBUILDing standards. In around 80% of cases the PKGBUILDs in the UNSUPPORTED are very simple and can be quickly checked for sanity and malicious code by the TU team.

TUs should also check PKGBUILDs for minor mistakes, suggest corrections and improvements. The TU should endeavour to confirm that all pkgs follow the Arch Packging Guidelines/Standards and in doing so share their skills with other package builders in an effort to raise the standard of package building across the distro.

TUs are also in an excellent position to document recommended practices.

"Flag Safe" guidelines

There is new functionality in the AUR that will allow TUs to mark pkgs as checked. However, users are still responsible for checking the PKGBUILDs themselves.

The TU and [community], Guidelines for Package Maintenance

Accessing the Repo

Follow these instructions for uploading/modifying packages once you have become a TU:

  1. Install the "aurtools" package. Make sure you read the AURtools Tutorial
  2. You will need to email your the output of "htpasswd -n" to whoever is in charge of the AUR CVS repo ( Paul Mattal = paul@mattal.com ). It comes with Apache.
  3. htpasswd -n <userid>
  4. Run the following commands to checkout the AUR CVS:
     export CVSROOT=":pserver:<userid>@cvs.archlinux.org:/home/cvs-community"
     cvs login
     cvs co community
  5. To add a new package:
  6.  cvs add <directory>
     cd <directory>
     cvs add PKGBUILD
  7. Make a commit:
  8. cvs commit
  9. To upload a binary package:
  10. Please note that AUR password is to be used with tupkg (NOT the CVS password) tupkg --user <userid> --password <aur-password> <packagefile.pkg.tar.gz>
  11. After uploading a package and committing the build files, tag the files with this command:
  12. cvs tag -cFR CURRENT <newpackagebuilddir> Package changes become available on every full and half of hour. Verify everything was uploaded properly, then select the newly added or updated package in the web interface and set yourself as the maintainer.

Note: Steps 5-7 can be run with communitypkg in one command as mentioned below in the AURtools tutorial.

Uploading packages to x86_64-version of community

  • step 1 till 5 are the same as mentioned above.
  • when using tupkg add "--port 1035" to the list of parameters
  • Tag the package with "cvs tag -cFR CURRENT-64"

Adopting Packages

A TU may adopt any package at any time. But because the TU's time is limited, he should try to only adopt popular packages. The voting mechanism in the AUR allows a TU to quickly gage which packages users want.

A maintainer should adopt his selected package(s) via the web interface. That maintainer is then responsible for bug fixes and new version updates. Packages must be properly cleaned and fixed after adoption.

Disowning packages

You can disown packages by choosing "Disown Packages" in the AUR webinterface. If a TU can't or doesn't want to maintain a package any longer, a notice should be posted to the AUR Mailing List, so another TU can maintain it. A package can still be disowned even if no other TU wants to maintain it, but the TUs should try not to drop many packages (they shouldn't take on more than they have time for). If a package has become obsolete or isn't used any longer, it can be removed completely as well.

If a package has been removed completely, it can be uploaded once again (fresh) to UNSUPPORTED, where a regular user can maintain the package instead of the TU.

Deleting packages from [community]

Removing a package from [community] is easy but not straightforward. After you've removed it from community, you could re-add it to unsupported (make sure to keep a copy!) and orphan it, for adoption by some other user in unsupported.

To remove a package, all you really need to do is remove the CURRENT tag from the PKGBUILD. You do this by doing:


If you wish to remove the package materials from CVS for future revisions (because you don't want the old stuff lying around), you can do the following FROM THE PACKAGE'S DIRECTORY in your checked out version of the community repo (this is very important!):

 cd /path/to/<packagedirname>
 cvs tag -dl CURRENT
 cvs rm -fl
 cvs commit

BE VERY CAREFUL with CVS delete commands! By untagging current on the whole repo you risk removing EVERYTHING in [community]. I've suggested commands that hope to minimize that possibility, but there's still danger where delete is involved. Especially note that the tag delete takes IMMEDIATELY before committing, so be very careful.

Also, due to weirdness of CVS, actually removing the package directory is impossible. It will still show up in a checked out version. This is CVS and we have to live with it, at least for now.

Any TU can remove any package in [community] so keep this in mind and be extra super careful with this ability, lest you accidentally wipe out someone else's package.


To help the Trusted Users with their duties, the AURtools were written based on the tupkg tool. If you are Trusted User, it is highly recomended that you use the AURtools. The AURtools Tutorial was written to help you to get used to them.