AUR Trusted User Guidelines

From ArchWiki
Revision as of 15:11, 23 July 2009 by Abhidg (Talk | contribs) (Accessing the Repo: update for devtools shift)

Jump to: navigation, search

Template:Article summary start Template:Article summary text Template:Article summary heading Template:I18n entry Template:I18n entry Template:I18n entry Template:Article summary heading Template:Article summary wiki Template:Article summary wiki Template:Article summary wiki Template:Article summary end

The Trusted User (TU)

The Trusted User (TU) is a member of the community charged with keeping the AUR in working order. He/she maintains popular packages, and votes in administrative matters. A TU is elected from active community members by current TUs in a democratic process. TUs are the only members who have a final say in the direction of the AUR.

The TUs are governed using the TU bylaws

TU Duties

TODO list for new Trusted Users

  • Send your ssh public key to Loui Chang.
  • Remind Allan to change your account on forums
  • Make sure your sponsor has given you TU status on the AUR
  • Ask some TU for the #archlinux-tu@freenode key
  • Add yourself to the Trusted Users page
  • Read the Trusted User Guidelines and AURtools Tutorial again
  • If you are not upgraded to a Trusted User group on bugtracker in two days, report this as a bug to Roman
  • Ask Aaron for access to the x86_64 build machine if you need it (when it comes back online)
  • Start contributing!

The TU and UNSUPPORTED

The TUs should also make an effort to check package submissions in UNSUPPORTED for malicious code and good PKGBUILDing standards. In around 80% of cases the PKGBUILDs in the UNSUPPORTED are very simple and can be quickly checked for sanity and malicious code by the TU team.

TUs should also check PKGBUILDs for minor mistakes, suggest corrections and improvements. The TU should endeavor to confirm that all pkgs follow the Arch Packaging Guidelines/Standards and in doing so share their skills with other package builders in an effort to raise the standard of package building across the distro.

TUs are also in an excellent position to document recommended practices.

The TU and [community], Guidelines for Package Maintenance

Rules for Packages Entering the [community] Repo

Any packages to be added to the [community] repo must meet the guidelines listed on this page.

Accessing the Repo

The [community] repository now uses devtools which is the same system used for uploading packages to [core] and [extra], except that it uses another server http://aur.archlinux.org instead of http://archlinux.org. Thus most of the instructions in Packager Guide work without any change. Information which is specific for the [community] repository (like changed URLs) have been put here.

After you become a Trusted User:

  1. Install the devtools package.
  2. Email your ssh public key (~/.ssh/id_rsa.pub) to whoever is in charge of the AUR CVS repo (Aaron Griffin, Loui Chang).
  3. If you don't have an ssh key, use ssh-keygen to generate one.
    Check the Using SSH Keys wiki page for more information about creating ssh keys and setting up an ssh-agent to use them.
  4. Make the directory staging/community within your home directory on aur.archlinux.org. This step is important as the devtools scripts use this directory to process incoming packages.

Initially you should do a non-recursive checkout of the [community] repository:
svn checkout -N svn+ssh://aur.archlinux.org/srv/svn-packages

This creates a directory named "svn-packages" which contains nothing. It does, however, know that it is an svn checkout.

For checking out, updating all packages or adding a package see the Packager Guide.

To remove a package
ssh aur.archlinux.org /arch/db-remove community pkgname arch

Here and in the following text, arch can be one of i686 or x86_64 which are the two architectures supported by Arch Linux.

When you're done with editing the PKGBUILD, etc and want to release a package, you have to first tag it by going to the pkgname/trunk directory and issuing archrelease community-arch

This makes an svn copy of the trunk entries in a directory named "community-i686" or "community-x86_64" indicating that this package is in the community repository for that architecture.

Note: In some cases, especially for community packages, an x86_64 TU might bump the pkgrel by .1 (and not +1). This indicates that the change to the PKGBUILD is x86_64 specific and i686 maintainers should not rebuild the package for i686. When the TU decides to bump the pkgrel , it should be done with the usual increment of +1. However, a previous pkgrel=2.1 must not become pkgrel=3.1 when bumped by the TU and must instead be pkgrel=3. In a nutshell, leave dot (.) releases exclusive to the x86_64 TU's to avoid confusion.

Thus the process of updating a package can be summarised as

  • Update the package directory (svn update some-package)
  • Change to the package trunk directory (cd some-package/trunk)
  • Edit the PKGBUILD, make necessary changes and makepkg. It is recommended to build in a clean chroot.
  • Namcap the PKGBUILD and the binary pkg.tar.gz.
  • Commit the changes to trunk (svn commit)
  • Copy the package to aur.archlinux.org (scp pkgname-ver-rel-arch.pkg.tar.gz aur.archlinux.org:staging/community/)
  • Tag the package (archrelease community-{i686,x86_64})
  • Update the repository (ssh aur.archlinux.org /arch/db-community{,64})

Also see the Miscellaneous section in the Packager Guide. For the section Avoid having to enter your password all the time use aur.archlinux.org instead of archlinux.org and svn.archlinux.org.

Uploading packages to x86_64-version of community

  • step 1 till 5 are the same as mentioned above.
  • when using tupkg add "--port 1035" to the list of parameters
  • Tag the package with "cvs tag -cFR CURRENT-64"

Adopting Packages

A TU may adopt any package at any time, but because a TU's time is limited, he/she should try to only adopt popular packages. The voting mechanism in the AUR allows a TU to quickly gauge which packages users want.

A maintainer should adopt his/her selected package(s) via the web interface. That maintainer is then responsible for bug fixes and new version updates. Packages must be properly cleaned and fixed after adoption.

Disowning packages

You can disown packages by choosing "Disown Packages" in the AUR webinterface. If a TU can't or doesn't want to maintain a package any longer, a notice should be posted to the AUR Mailing List, so another TU can maintain it. A package can still be disowned even if no other TU wants to maintain it, but the TUs should try not to drop many packages (they shouldn't take on more than they have time for). If a package has become obsolete or isn't used any longer, it can be removed completely as well.

If a package has been removed completely, it can be uploaded once again (fresh) to UNSUPPORTED, where a regular user can maintain the package instead of the TU.

Deleting packages from unsupported

There's no point in removing dummy packages, because they will be re-created in an attempt to track dependencies. If someone uploads a real package then all dependents will point to the correct place.

For an example of a dummy package see: http://aur.archlinux.org/packages.php?ID=23600

Deleting packages from [community]

Removing a package from [community] is easy but not straightforward. After you've removed it from community, you could re-add it to unsupported (make sure to keep a copy!) and orphan it, for adoption by some other user in unsupported.

To remove a package, all you really need to do is remove the CURRENT (and possibly CURRENT-64) tag from the PKGBUILD. You do this by doing:

 cvs tag -d CURRENT PKGBUILD
 cvs tag -d CURRENT-64 PKGBUILD

If you wish to remove the package materials from CVS for future revisions (because you don't want the old stuff lying around), you can do the following FROM THE PACKAGE'S DIRECTORY in your checked out version of the community repo (this is very important!):

 cd /path/to/<packagedirname>
 cvs tag -dl CURRENT  #or CURRENT-64
 cvs rm -fl
 cvs commit

BE VERY CAREFUL with CVS delete commands! By untagging current on the whole repo you risk removing EVERYTHING in [community]. I've suggested commands that hope to minimize that possibility, but there's still danger where delete is involved. Especially note that the tag delete takes IMMEDIATELY before committing, so be very careful.

Also, due to weirdness of CVS, actually removing the package directory is impossible. It will still show up in a checked out version unless you set up a ~/.cvsrc file that will help prune empty directories. The following is helpful:

 cvs -q
 diff -uN
 rdiff -u
 checkout -P
 update -dP

Any TU can remove any package in [community] so keep this in mind and be extra super careful with this ability, lest you accidentally wipe out someone else's package.

After untagging and deleting the files you have to upload straightforward the PKGBUILD to the AUR (don't worry about the AUR showing the package in [community])

Moving packages from [community] to unsupported

Upload your source tarball to the AUR and immediately untag and delete files from [community] CVS.

AURtools

To help the Trusted Users with their duties, the AURtools were written based on the tupkg tool. If you are Trusted User, it is highly recommended that you use the AURtools. The AURtools Tutorial was written to help you to get used to them.