Difference between revisions of "Arch User Repository"
|Line 107:||Line 107:|
$ nano foo.install
$ nano foo.install
Make the package. After manually confirming the integrity of the files, run [[makepkg]] as a normal user:
Make the package. After manually confirming the integrity of the files, run [[makepkg]] as a normal user :
$ makepkg -si
$ makepkg -si
Revision as of 14:39, 11 July 2015
The Arch User Repository (AUR) is a community-driven repository for Arch users. It contains package descriptions (PKGBUILDs) that allow you to compile a package from source with makepkg and then install it via pacman. The AUR was created to organize and share new packages from the community and to help expedite popular packages' inclusion into the community repository. This document explains how users can access and utilize the AUR.
A good number of new packages that enter the official repositories start in the AUR. In the AUR, users are able to contribute their own package builds (PKGBUILD and related files). The AUR community has the ability to vote for or against packages in the AUR. If a package becomes popular enough — provided it has a compatible license and good packaging technique — it may be entered into the community repository (directly accessible by pacman or abs).
- 1 Getting started
- 2 History
- 3 Searching
- 4 Installing packages
- 5 Feedback
- 6 Sharing and maintaining packages
- 7 Git repository
- 8 AUR metadata
- 9 AUR translation
- 10 FAQ
- 10.1 What is the AUR?
- 10.2 What kind of packages are permitted on the AUR?
- 10.3 How can I vote for packages in AUR?
- 10.4 What is a Trusted User / TU?
- 10.5 What is the difference between the Arch User Repository and the community repository?
- 10.6 How to get a PKGBUILD into the community repository?
- 10.7 How do I make a PKGBUILD?
- 10.8 Foo in AUR is outdated; what do I do?
- 10.9 I have a PKGBUILD I would like to submit; can someone check it to see if there are any errors?
- 10.10 Foo in AUR does not compile when I run makepkg; what should I do?
- 10.11 How can I speed up repeated build processes?
- 10.12 How can I upload to AUR without using the web interface?
- 10.13 What is the difference between foo and foo-git packages?
- 11 See also
- Ensure the
pacman -S --needed base-devel).
package group is installed (
- Read the remainder of this article for more info and a short tutorial on installing AUR packages.
- Visit the AUR Web Interface to inform yourself on updates and happenings. There you will also find statistics and an up-to-date list of newest available packages available in AUR.
- Glance over the #FAQ for answers to the most common questions.
- You may wish to adjust
/etc/makepkg.confto better optimize for your processor prior to building packages from the AUR. A significant improvement in compile times can be realized on systems with multi-core processors by adjusting the MAKEFLAGS variable. Users can also enable hardware-specific optimizations in GCC via the CFLAGS variable. See makepkg for more information.
The following items are listed for historical purposes only. They have since been superseded by the AUR and are no longer available.
In the beginning, there was
ftp://ftp.archlinux.org/incoming, and people contributed by simply uploading the PKGBUILD, the needed supplementary files, and the built package itself to the server. The package and associated files remained there until a Package Maintainer saw the program and adopted it.
Then the Trusted User Repositories were born. Certain individuals in the community were allowed to host their own repositories for anyone to use. The AUR expanded on this basis, with the aim of making it both more flexible and more usable. In fact, the AUR maintainers are still referred to as TUs (Trusted Users).
Queries search package names and descriptions via a MySQL LIKE comparison. This allows for more flexible search criteria (e.g. try searching for
tool%like%grep instead of
tool like grep). If you need to search for a description that contains
%, escape it with
Installing packages from the AUR is a relatively simple process. Essentially:
- Acquire the tarball which contains the PKGBUILD and possibly other required files, like systemd-units and patches (but often not the actual code).
- Extract the tarball (preferably in a folder set aside just for builds from the AUR) with
tar -xvf pkgname.tar.gz.
makepkg -siin the directory where the files are saved. This will download the code, resolve the dependencies with pacman, compile it, package it and install the package.
First ensure that the necessary tools are installed. The package groupshould be sufficient; it includes and other tools needed for compiling from source.
# pacman -S --needed base-devel
Next choose an appropriate build directory. A build directory is simply a directory where the package will be made or "built" and can be any directory. The examples in the following sections will use
~/builds as the build directory.
Acquire build files
Locate the package in the AUR. This is done using the search feature (text field at the top of the AUR home page). Clicking the application's name in the search list brings up an information page on the package. Read through the description to confirm that this is the desired package, note when the package was last updated, and read any comments.
Download the necessary build files by clicking on the "Download tarball" link under "Package actions" on the right hand side. This file should be saved to the build directory or otherwise copied to the directory after downloading. In this example, the file is called
foo.tar.gz (standard format is
pkgname.tar.gz, if it has been properly submitted).
Alternatively you can download the tarball from the terminal, changing directories to the build directory first:
$ cd ~/builds $ curl -L -O https://aur.archlinux.org/packages/fo/foo/foo.tar.gz
Build and install the package
Change directories to the build directory if not already there, then extract the previously downloaded package:
$ cd ~/builds $ tar -xvf foo.tar.gz
This should create a new directory called
foo in the build directory.
cdto the newly created directory and carefully check the
.installfile for malicious commands.
PKGBUILDs are bash scripts containing functions to be executed by
makepkg: these functions can contain any valid commands or Bash syntax, so it is totally possible for a
PKGBUILDto contain dangerous commands through malice or ignorance on the part of the author. Since
makepkguses fakeroot (and should never be run as root), there is some level of protection but you should never count on it. If in doubt, do not build the package and seek advice on the forums or mailing list.
$ cd foo $ nano PKGBUILD $ nano foo.install
$ makepkg -si
-s (--syncdeps) switch will automatically resolve and install any dependencies with pacman before building and
-i (--install) will install the package itself.
The AUR Web Interface has a comments facility that allows users to provide suggestions and feedback on improvements to the PKGBUILD contributor. Avoid pasting patches or PKGBUILDs into the comments section: they quickly become obsolete and just end up needlessly taking up lots of space. Instead email those files to the maintainer, or even use a pastebin.
One of the easiest activities for all Arch users is to browse the AUR and vote for their favourite packages using the online interface. All packages are eligible for adoption by a TU for inclusion in the community repository, and the vote count is one of the considerations in that process; it is in everyone's interest to vote!
Sharing and maintaining packages
Users can share PKGBUILDs using the Arch User Repository. It does not contain any binary packages but allows users to upload PKGBUILDs that can be downloaded by others. These PKGBUILDs are completely unofficial and have not been thoroughly vetted, so they should be used at your own risk.
After logging in to the AUR web interface, a user can submit a gzipped tarball (
.tar.gz) of a directory containing build files for a package. The directory inside the tarball should contain a PKGBUILD, .SRCINFO, any
.install files, patches, etc. (absolutely no binaries). Examples of what such a directory should look like can be seen inside
/var/abs if the Arch Build System were installed.
The tarball can be created with the following command:
$ makepkg --source
Note that this is a gzipped tarball; assuming you are uploading a package called libfoo, when you create the file it should look similar to this:
$ tar tf libfoo-0.1-1.src.tar.gz
libfoo/ libfoo/.SRCINFO libfoo/PKGBUILD libfoo/libfoo.install
.SRCINFOcontains source package metadata, see #AUR metadata for details.
When submitting a package, observe the following rules:
- Check the official package database for the package. If any version of it exists, do not submit the package. If the official package is out-of-date, flag it as such. If the official package is broken or is lacking a feature, then please file a bug report.
- Check the AUR for the package. If it is currently maintained, changes can be submitted in a comment for the maintainer's attention. If it is unmaintained, the package can be adopted and updated as required. Do not create duplicate packages.
- Verify carefully that what you are uploading is correct. All contributors must read and adhere to the Arch packaging standards when writing PKGBUILDs. This is essential to the smooth running and general success of the AUR. Remember that you are not going to earn any credit or respect from your peers by wasting their time with a bad PKGBUILD.
- Packages that contain binaries or that are very poorly written may be deleted without warning.
- If you are unsure about the package (or the build/submission process) in any way, submit the PKGBUILD to the AUR mailing list or the AUR forum on the Arch forums for public review before adding it to the AUR.
- Make sure the package is useful. Will anyone else want to use this package? Is it extremely specialized? If more than a few people would find this package useful, it is appropriate for submission.
- The AUR and official repositories are intended for packages which install generally software and software-related content, including one or more of the following: executable(s); config file(s); online or offline documentation for specific software or the Arch Linux distribution as a whole; media intended to be used directly by software.
- Gain some experience before submitting packages. Build a few packages to learn the process and then submit.
- If you submit a
package.tar.gzwith a file named
packagein it you will get an error: "Could not change to directory
/home/aur/unsupported/package/package". To resolve this, rename the file named
packageto something else; for example,
package.rc. When it is installed in the
pkgdirectory, you may rename it back to
- If you maintain a package and want to update the PKGBUILD for your package just resubmit it.
- Check for feedback and comments from other users and try to incorporate any improvements they suggest; consider it a learning process!
- Please do not leave a comment containing the version number every time you update the package. This keeps the comment section usable for valuable content mentioned above. AUR helpers are suited better to check for updates.
- Please do not just submit and forget about packages! It is the maintainer's job to maintain the package by checking for updates and improving the PKGBUILD.
- If you do not want to continue to maintain the package for some reason,
disownthe package using the AUR web interface and/or post a message to the AUR Mailing List.
- Disownment requests and removal requests can be created by clicking on the "File Request" link under "Package actions" on the right hand side. This automatically sends a notification email to the current package maintainer and to the aur-requests mailing list for discussion. Trusted Users will then either accept or reject the request.
- Disownment requests will be granted after two weeks if the current maintainer did not react.
- Package merging has been implemented, users still have to resubmit a package under a new name and may request merging of the old version's comments and votes.
- Removal requests require the following information:
- Reason for deletion, at least a short note
Notice: A package's comments does not sufficiently point out the reasons why a package is up for deletion. Because as soon as a TU takes action, the only place where such information can be obtained is the aur-requests mailing list.
- Supporting details, like when a package is provided by another package, if you are the maintainer yourself, it is renamed and the original owner agreed, etc.
- For merge requests: Name of the package base to merge into.
- Reason for deletion, at least a short note
Removal requests can be disapproved, in which case you will likely be advised to disown the package for a future packager's reference.
Since release 4.0.0, aurweb uses Git repositories for AUR packages. This means that the package submission process is a bit more involved. Maintainers will need to have a basic understanding of Git and SSH. Numerous scripts are available to help ease the transition. While aur.archlinux.org runs aurweb 3.5.1 until August 8th 2015, there is a setup of a 4.0.0 release candidate running under aur4.archlinux.org.
Current AUR maintainers are given a grace period between June 8th and July 8th to upload any package they already maintain to aur4.archlinux.org. After July 8th, any packages left in the current AUR that haven't been uploaded to AUR4 will be orphaned and can be taken over by any maintainer and uploaded. On August 8th, aur4.archlinux.org will become the new official AUR and will be moved to the aur subdomain.
Submitting packages to aur4.archlinux.org
For write access to the AUR users need to have an SSH key.
The contents of a public key
.ssh/foo.pub need to be copied to the user profile in My Account.
It is recommended that you create a new key, rather than use an existing SSH key so that you could selectively revoke the SSH key should something happen.
In order to upload a package, simply clone the Git repository with the corresponding name:
$ git clone ssh://firstname.lastname@example.org/foobar.git
After August 8th, replace
You can now add the source files to the local copy of the Git repository. When making changes to the repository, make sure you always include the
.SRCINFO in the top-level directory. You can create
.SRCINFO files using
mksrcinfo, provided by .
In order to submit new versions of a package base to the AUR, commit the new
.SRCINFO and possibly helper files (like
.install files) and run
git push. For example, after adding the
PKGBUILD to the newly created directory, you can run the following commands to create and submit the initial commit:
$ mksrcinfo $ git add PKGBUILD .SRCINFO $ git commit -m 'Initial import' $ git push origin master
git config user.name [...]and
git config user.email [...]! It is not possible to rewrite already published history, review your commits before pushing them!
To update a package, edit the
PKGBUILD and run the following commands to track the changes in the AUR Git repository:
$ mksrcinfo $ git commit -am 'Update to 1.0.0' $ git push
See Git for more information.
.SRCINFOand add it in a later commit, the AUR will still reject your pushes because the
.SRCINFOmust exist for every commit. To solve this problem you can use git rebase with the
--rootoption or git filter-branch with the
Several scripts exist to ease the transition:
- aur2aur4 - Import packages from AUR3 to AUR4 by packages list or AUR user.
- aur2git - A ruby gem to download and submit your existing packages.
- bbidulock's script to migrate from a .backup directory with all packages.
- aur4_import.sh splits a package from a git repository with multiple packages (adding/updating
.SRCINFOfor every commit)
- aur4_make_submodule.sh replaces a package in a bigger git repository with an AUR 4 submodule
- import-to-aur4 splits an existing git repository into multiple AUR 4 packages (all at once, also adding
.SRCINFOfor every commit)
- apac-migrate - simple AUR3->AUR4 bash migration wizard (depends: apacman, git, pkgbuild-introspection)
Keep in mind all those scripts are unsupported and contributed by users!
A Git repository of the AUR is available at
git://pkgbuild.com/aur-mirror.git, and is generally updated at least once per day. If the repository's commit history is not needed, then cloning with the
--depth=1 option will be much quicker:
$ git clone --depth=1 git://pkgbuild.com/aur-mirror.git
In order to display information in the AUR web interface, the AUR's back-end code attempts to parse PKGBUILD files and salvage package name, version, and other information from it.
PKGBUILDs are Bash scripts, and correctly parsing Bash scripts without executing them is a huge challenge, which is why makepkg is a Bash script itself: it includes the PKGBUILD of the package being built via the
source directive. AUR metadata files were created to get rid of some hacks, used by AUR package maintainers to work around incorrect parsing in the web interface. See also FS#25210, FS#15043, and FS#16394.
How it works
By adding a metadata file called
.SRCINFO to source tarballs to overwrite specific PKGBUILD fields. An outdated format of this file was described in the AUR 2.1.0 release announcement.
.SRCINFO files are parsed line-by-line. The syntax for each line is
key[_arch] = value. Exactly one space must be on each side of the equals sign, even for an empty value, and do not include quotes around the values.
key is a field name, based on the names of the corresponding PKGBUILD Variables. Some field names may optionally be suffixed with an architecture name. Fields are grouped into sections, each headed by one of the following two field names:
- pkgbase: This is required by AUR 3, otherwise the infamous “only lowercase letters are allowed” error is reported. (Pacman uses the first pkgname if pkgbase is omitted.) Repeat pkgname if unsure. There is only one pkgbase section. The field values from this section are inherited unless overridden in the pkgname sections that follow it. An empty field value in the pkgname section cancels the inheritance.
- pkgname: There may be multiple pkgname sections.
The following field names are associated with a single value for the section:
- pkgver: package version, may be formatted as [epoch:]pkgver if the epoch field is not given separately
- pkgrel: release number of the package specific to Arch Linux
The following field names may be repeated on multiple lines in a section to add multiple values:
- license: in case of multiple licenses separate them by a space
The following field names may be repeated, and also may optionally have an architecture suffix, separated from the field name by an underscore:
- depends: dependencies, one per line
Fields with other names are ignored. Blank lines and comment lines beginning with a hash sign (#) are also ignored. Lines may be indented. This format closely matches the
.PKGINFO format that is used for binary packages in pacman/libalpm.
.SRCINFO can also be created from the
mksrcinfo from .
See TRANSLATING in the AUR source tree for information about creating and maintaining translation of the AUR web interface.
What is the AUR?
The AUR (Arch User Repository) is a place where the Arch Linux community can upload PKGBUILDs of applications, libraries, etc., and share them with the entire community. Fellow users can then vote for their favorites to be moved into the community repository to be shared with Arch Linux users in binary form.
What kind of packages are permitted on the AUR?
The packages on the AUR are merely "build scripts", i.e. recipes to build binaries for pacman. For most cases, everything is permitted, subject to the abovementioned usefulness and scope guidelines, as long as you are in compliance with the licensing terms of the content. For other cases, where it is mentioned that "you may not link" to downloads, i.e. contents that are not redistributable, you may only use the file name itself as the source. This means and requires that users already have the restricted source in the build directory prior to building the package. When in doubt, ask.
How can I vote for packages in AUR?
Sign up on the AUR website to get a "Vote for this package" option while browsing packages. After signing up it is also possible to vote from the commandline with AUR.
What is a Trusted User / TU?
What is the difference between the Arch User Repository and the community repository?
The Arch User Repository is where all PKGBUILDs that users submit are stored, and must be built manually with makepkg. When PKGBUILDs receive enough community interest and the support of a TU, they are moved into the community repository (maintained by the TUs), where the binary packages can be installed with pacman.
How to get a PKGBUILD into the community repository?
Usually, at least 10 votes are required for something to move into community. However, if a TU wants to support a package, it will often be found in the repository.
Reaching the required minimum of votes is not the only requirement, there has to be a TU willing to maintain the package. TUs are not required to move a package into the community repository even if it has thousands of votes.
Usually when a very popular package stays in the AUR it is because:
- Arch Linux already has another version of a package in the repositories
- The package is AUR-centric (e.g. an AUR helper)
- Its license prohibits redistribution
How do I make a PKGBUILD?
The best resource is the wiki page about creating packages. Remember to look in AUR before creating the PKGBUILD as to not duplicate efforts.
Foo in AUR is outdated; what do I do?
For starters, you can flag packages out-of-date. If it stays out-of-date for an extended period of time, the best thing to do is email the maintainer. If there is no response from the maintainer after two weeks, you can file an orphan request. When we are talking about a package which is flagged out of date for more than 3 months and is in general not updated for a long time, please add this in your orphan request.
In the meantime, you can try updating the package yourself by editing the PKGBUILD - sometimes updates do not require any changes to the build or package process, in which case simply updating the
source array is sufficient.
I have a PKGBUILD I would like to submit; can someone check it to see if there are any errors?
If you would like to have your PKGBUILD critiqued, post it on the aur-general mailing list to get feedback from the TUs and fellow AUR members. You could also get help from the IRC channel, #archlinux on irc.freenode.net. You can also use namcap to check your PKGBUILD and the resulting package for errors.
Foo in AUR does not compile when I run makepkg; what should I do?
You are probably missing something trivial.
pacman -Syyubefore compiling anything with
makepkgas the problem may be that your system is not up-to-date.
- Ensure you have both "base" and "base-devel" groups installed.
- Try using the "
-s" option with
makepkgto check and install all the dependencies needed before starting the build process.
Be sure to first read the PKGBUILD and the comments on the AUR page of the package in question. The reason might not be trivial after all. Custom CFLAGS, LDFLAGS and MAKEFLAGS can cause failures. It is also possible that the PKGBUILD is broken for everyone. If you cannot figure it out on your own, just report it to the maintainer e.g. by posting the errors you are getting in the comments on the AUR page.
How can I speed up repeated build processes?
If you frequently compile code that uses GCC - say, a Git or SVN package - you may find ccache, short for "compiler cache", useful.
How can I upload to AUR without using the web interface?
You can use an AUR helper like or AUR, both are commandline programs.
What is the difference between foo and foo-git packages?
Many AUR packages are presented in regular ("stable") and development versions ("unstable"). A development package usually has a suffix such as
-darcs. While development packages are not intended for regular use, they may offer new features or bugfixes. Because these packages download the latest available source when you execute
makepkg, a package version to track possible updates is not directly available for these. Likewise, these packages cannot perform an authenticity checksum, instead it is relied on the maintainer(s) of the Git repository.