PKGBUILD
This article discusses variables definable by the maintainer in a PKGBUILD
. For information on the PKGBUILD
functions and creating packages in general, refer to Creating packages. Also read PKGBUILD(5).
A PKGBUILD
is a Bash script containing the build information required by Arch Linux packages.
Packages in Arch Linux are built using the makepkg utility. When makepkg is run, it searches for a PKGBUILD
file in the current directory and follows the instructions therein to either compile or otherwise acquire the files to build a package archive—pkgname.pkg.tar.zst
. The resulting package contains binary files and installation instructions, readily installable with pacman.
Mandatory variables are pkgname
, pkgver
, pkgrel
, and arch
. license
is not strictly necessary to build a package, but is recommended.
It is a common practice to define the variables in the PKGBUILD
in the same order as given here. However, it is not mandatory.
- Use namcap to check
PKGBUILD
s for common packaging mistakes. - Use shellcheck(1) to check
PKGBUILD
s for common scripting mistakes, see also SC2034 and SC2154:
shellcheck --shell=bash --exclude=SC2034,SC2154 PKGBUILD
- termux-language-serverAUR provides a language server for
PKGBUILD
,makepkg.conf
, etc.
See the .proto files in the /usr/share/pacman/
directory as examples.
Package name
pkgbase
When building regular packages, this variable should not be explicitly declared in the PKGBUILD
: its value defaults to that of #pkgname.
When building a split package, this variable can be used to explicitly specify the name to be used to refer to the group of packages in the output of makepkg and in the naming of source-only tarballs. The value is not allowed to begin with a hyphen. If not specified, the value will default to the first element in the pkgname
array.
All options and directives for split packages default to the global values given in the PKGBUILD
. Nevertheless, the following ones can be overridden within each split package’s packaging function: #pkgdesc, #arch, #url, #license, #groups, #depends, #optdepends, #provides, #conflicts, #replaces, #backup, #options, #install, and #changelog.
pkgname
Either the name of the package, e.g. pkgname=foo
, or, for split packages, an array of names, e.g. pkgname=(foo bar)
. Package names should only consist of lowercase alphanumerics and the following characters: @._+-
(at symbol, dot, underscore, plus, hyphen). Names are not allowed to start with hyphens or dots. For the sake of consistency, pkgname
should match the name of the source tarball of the software: for instance, if the software is in foobar-2.5.tar.gz
, use pkgname=foobar
.
Version
pkgver
The version of the package. This should be the same as the version published by the author of the upstream software. It can contain letters, numbers, periods and underscores, but not a hyphen (-
). If the author of the software uses one, replace it with an underscore (_
). If the pkgver
variable is used later in the PKGBUILD
, then the underscore can easily be substituted for a hyphen, e.g. source=("${pkgname}-${pkgver//_/-}.tar.gz")
.
30102014
, ensure to use the reversed date, i.e. 20141030
(ISO 8601 format). Otherwise it will not appear as a newer version.- The ordering of uncommon values can be tested with vercmp(8), which is provided by the pacman package.
- makepkg can automatically update this variable by defining a
pkgver()
function in thePKGBUILD
. See VCS package guidelines#The pkgver() function for details.
pkgrel
The release number. This is usually a positive integer number that allows to differentiate between consecutive builds of the same version of a package. As fixes and additional features are added to the PKGBUILD
that influence the resulting package, the pkgrel
should be incremented by 1. When a new version of the software is released, this value must be reset to 1. In exceptional cases other formats can be found in use, such as major.minor.
epoch
epoch
should only be used when absolutely required to do so.Used to force the package to be seen as newer than any previous version with a lower epoch. This value is required to be a non-negative integer; the default is 0. It is used when the version numbering scheme of a package changes (or is alphanumeric), breaking normal version comparison logic. For example:
pkgver=5.13 pkgrel=2 epoch=1
1:5.13-2
See pacman(8) for more information on version comparisons.
Generic
pkgdesc
The description of the package. This is recommended to be 80 characters or less and should not include the package name in a self-referencing way, unless the application name differs from the package name. For example, use pkgdesc='Text editor for X11'
instead of pkgdesc='Nedit is a text editor for X11'
.
Also it is important to use keywords wisely to increase the chances of appearing in relevant search queries.
arch
An array of architectures that the PKGBUILD
is intended to build and work on. Arch officially supports only x86_64
, but other projects may support other architectures. For example, Arch Linux 32 provides support for i686
and pentium4
, and Arch Linux ARM provides support for armv7h
(armv7 hardfloat) and aarch64
(armv8 64-bit).
There are two types of values the array can use:
arch=(any)
indicates the package can be built on any architecture, and once built, is architecture-independent in its compiled state (usually shell scripts, fonts, themes, many types of extensions, Java programs, etc.).arch=(...)
with one or more architectures (but notany
) indicates the package can be compiled for any of the specified architectures, but is architecture-specific once compiled. For these packages, specify all architectures that thePKGBUILD
officially supports. For official repository and AUR packages, this meansarch=('x86_64')
. Optionally, AUR packages may choose to additionally support other known working architectures.
The target architecture can be accessed with the variable CARCH
during a build.
url
The URL of the official site of the software being packaged.
license
The license under which the software is distributed. Arch Linux uses SPDX license identifiers. Each license must have a corresponding entry in /usr/share/licenses/
.
For common licenses (like GPL-3.0-or-later
), package licenses delivers all the corresponding files. The package is installed by default, as it is a dependency of base meta package, and the files may be found in /usr/share/licenses/spdx/
. Simply refer to the license using its SPDX license identifier from the list of SPDX identifiers.
License families like BSD or MIT are, strictly speaking, not a single license and each instance requires a separate license file. In license
variable refer to them using a common SPDX identifier (e.g. BSD-3-Clause
or MIT
), but then provide the corresponding file as if it was a custom license.
For custom licenses the identifier should be either LicenseRef-license-name
or custom:license-name
, if they are not covered by the common families mentioned above. The corresponding license text must be placed in directory /usr/share/licenses/pkgname
. To install the file a following code snippet may be used in package()
section:
install -Dm644 LICENSE "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
pkgdir
variable is defined by makepkg, see PKGBUILD(5) § PACKAGING FUNCTIONS for more information.Combining multiple licenses or adding exceptions should follow the SPDX syntax. For example a package released under either GNU/GPL 2.0 or GNU/LGPL 2.1 could use 'GPL-2.0-or-later OR LGPL-2.1-or-later'
, a package released under Apache 2.0 with LLVM exception would use 'Apache-2.0 WITH LLVM-exception'
and a package released with part under the BSD 3 clause, others under GNU/LGPL 2.1 and some under GNU/GPL 2.0 would use 'BSD-3-Clause AND LGPL-2.1-or-later AND GPL-2.0-or-later'
[2]. Note that this must be a single string, so the entire expression has to be enclosed in quotes. As for November 2023 SPDX list of exceptions is limited, so usually the custom license route must be used.
If issues are encountered with SPDX identifiers, during the transitional period using old identifiers —names of the directories in /usr/share/licenses/common
— is acceptable.
See also Nonfree applications package guidelines.
Additional information and perspectives on free and open source software licenses may be found on the following pages:
- Wikipedia:Free software license
- Wikipedia:Comparison of free and open-source software licenses
- A Legal Issues Primer for Open Source and Free Software Projects
- GNU Project - Various Licenses and Comments about Them
- Debian - License information
- Open Source Initiative - Licenses by Name
groups
The group the package belongs in. For instance, when installing plasma, it installs all packages belonging in that group.
Dependencies
optdepends_x86_64=()
.depends
An array of packages that must be installed for the software to build and run. Dependencies defined inside the package()
function are only required to run the software.
Version restrictions can be specified with comparison operators, e.g. depends=('foobar>=1.8.0')
; if multiple restrictions are needed, the dependency can be repeated for each, e.g. depends=('foobar>=1.8.0' 'foobar<2.0.0')
.
The depends
array should list all direct first level dependencies even when some are already declared transitively. For instance, if a package foo depends on both bar and baz, and the bar package depends in turn on baz too, it will ultimately lead to undesired behavior if bar stops pulling in baz. Pacman will not enforce the installation of baz on systems which newly install the foo package, or have cleaned up orphans, and foo will crash at runtime or otherwise misbehave.
In some cases this is not necessary and may or may not be listed, for example glibc cannot be uninstalled as every system needs some C library, or python for a package that already depends on another python- module, as the second module must per definition depend on python and cannot ever stop pulling it in as a dependency.
Dependencies should normally include the requirements for building all optional features of a package. Alternatively, any feature whose dependencies are not included should be explicitly disabled via a configure option. Failure to do this can lead to packages with "automagic dependencies" build-time optional features that are unpredictably enabled due to transitive dependencies or unrelated software installed on the build machine, but which are not reflected in the package dependencies.
If the dependency name appears to be a library, e.g. depends=(libfoobar.so)
, makepkg will try to find a binary that depends on the library in the built package and append the soname version needed by the binary. Appending the version yourself disables automatic detection, e.g. depends=('libfoobar.so=2')
.
makedepends
An array of packages that are only required to build the package. The minimum dependency version can be specified in the same format as in the depends
array. The packages in the depends
array are implicitly required to build the package, they should not be duplicated here.
- The package base-devel is assumed to be already installed when building with makepkg. Dependencies of this package should not be included in
makedepends
array. - If using VCS sources, do not forget to include the appropriate VCS tool (git, subversion, cvs, ...).
pactree -rsud1 package | grep base-devel
to check whether a particular package is a direct dependency of base-devel (requires pacman-contrib).checkdepends
An array of packages that the software depends on to run its test suite, but are not needed at runtime. Packages in this list follow the same format as depends
. These dependencies are only considered when the check() function is present and is to be run by makepkg.
checkdepends
array.optdepends
An array of packages that are not needed for the software to function, but provide additional features. This may imply that not all executables provided by a package will function without the respective optdepends.[3] If the software works on multiple alternative dependencies, all of them can be listed here, instead of the depends
array.
A short description of the extra functionality each optdepend provides should also be noted:
optdepends=('cups: printing support' 'sane: scanners support' 'libgphoto2: digital cameras support' 'alsa-lib: sound support' 'giflib: GIF images support' 'libjpeg: JPEG images support' 'libpng: PNG images support')
Package relations
conflicts_x86_64=()
.provides
An array of additional packages that the software provides the features of, including virtual packages such as cron or sh and all external shared libraries. Packages providing the same item can be installed side-by-side, unless at least one of them uses a conflicts
array.
- The version that the package provides should be mentioned (
pkgver
and potentially thepkgrel
), in case packages referencing the software require one. For instance, a modified qt package version 3.3.8, named qt-foobar, should useprovides=('qt=3.3.8')
; omitting the version number would cause the dependencies that require a specific version of qt to fail. - Do not add
pkgname
to theprovides
array, as it is done automatically.
conflicts
An array of packages that conflict with, or cause problems with the package, if installed. All these packages and packages providing this item will need to be removed. The version properties of the conflicting packages can also be specified in the same format as the depends
array.
Note that conflicts are checked against pkgname
as well as names specified in the provides
array. Hence, if your package provides
a foo
feature, specifying foo
in the conflicts
array will cause a conflict between your package and all other packages that contain foo
in their provides
array (i.e., you do not need to specify all those conflicting package names in your conflicts
array). Let us take a concrete example:
- netbeans implicitly provides
netbeans
as thepkgname
itself - A hypothetical netbeans-cpp package would provide
netbeans
and conflicts withnetbeans
- A hypothetical netbeans-php package would provide
netbeans
and conflicts withnetbeans
, but does not need to explicitly conflict with netbeans-cpp since packages providing the same feature are implicitly in conflict.
When packages provide the same feature via the provides
array, there is a difference between explicitly adding the alternative package to the conflicts
array and not adding it. If the conflicts
array is explicitly declared the two packages providing the same feature will be considered as alternative; if the conflicts
array is missing the two packages providing the same feature will be considered as possibly cohabiting. Packagers should always ignore the content of the provides
variable in deciding whether to declare a conflicts
variable or not.
replaces
An array of obsolete packages that are replaced by the package, e.g. wireshark-qt uses replaces=('wireshark')
. When syncing, pacman will immediately replace an installed package upon encountering another package with the matching replaces
in the repositories. If providing an alternate version of an already existing package or uploading to the AUR, use the conflicts
and provides
arrays, which are only evaluated when actually installing the conflicting package.
Others
backup
An array of files that can contain user-made changes and should be preserved during upgrade or removal of a package, primarily intended for configuration files in /etc
. If these files are unchanged from how they ship with the package, they will be removed or replaced as normal files during upgrade or removal.
Files in this array should use relative paths without the leading slash (/
) (e.g. etc/pacman.conf
, instead of /etc/pacman.conf
). The backup
array does not support empty directories or wildcards such as "*".
When updating, new versions may be saved as file.pacnew
to avoid overwriting a file which already exists and was previously modified by the user. Similarly, when the package is removed, user-modified files will be preserved as file.pacsave
unless the package was removed with the pacman -Rn
command.
See also Pacnew and Pacsave files.
options
This array allows overriding some of the default behavior of makepkg, defined in /etc/makepkg.conf
. To set an option, include the name in the array. To disable an option, place an !
before it.
The full list of the available options can be found in PKGBUILD(5) § OPTIONS AND DIRECTIVES.
install
The name of the .install script to be included in the package.
pacman has the ability to store and execute a package-specific script when it installs, removes or upgrades a package. The script contains the following functions which run at different times:
pre_install
— The script is run right before files are extracted. One argument is passed: new package version.post_install
— The script is run right after files are extracted. Any additional notes that should be printed after the package is installed should be located here. One argument is passed: new package version.pre_upgrade
— The script is run right before files are extracted. Two arguments are passed in the following order: new package version, old package version.post_upgrade
— The script is run right after files are extracted. Two arguments are passed in the following order: new package version, old package version.pre_remove
— The script is run right before files are removed. One argument is passed: old package version.post_remove
— The script is run right after files are removed. One argument is passed: old package version.
Each function is run chrooted inside the pacman install directory. See this thread.
- A prototype .install is provided at /usr/share/pacman/proto.install.
- pacman#Hooks provide similar functionality.
exit
. This would prevent the contained functions from executing.changelog
The name of the package changelog. To view changelogs for installed packages (that have this file):
$ pacman -Qc pkgname
Sources
source
An array of files needed to build the package. It must contain the location of the software source, which in most cases is a full HTTP or FTP URL. The previously set variables pkgname
and pkgver
can be used effectively here; e.g. source=("https://example.com/${pkgname}-${pkgver}.tar.gz")
.
Files can also be supplied in the same directory where the PKGBUILD
is located, and their names added to this array. Before the actual build process starts, all the files referenced in this array will be downloaded or checked for existence, and makepkg will not proceed if any is missing.
.install files are recognized automatically by makepkg and should not be included in the source
array. Files in the source
array with extensions .sig, .sign, or .asc are recognized by makepkg as PGP signatures and will be automatically used to verify the integrity of the corresponding source file.
source=('unique_package_name::file_uri')
; e.g. source=("${pkgname}-${pkgver}.tar.gz::https://github.com/coder/program/archive/v${pkgver}.tar.gz")
.
- Additional architecture-specific arrays can be added by appending an underscore and the architecture name, e.g.
source_x86_64=()
. There must be a corresponding integrity array with checksums, e.g.sha256sums_x86_64=()
. - Some servers restrict download by filtering the User-Agent string of the client or other types of restrictions, which can be circumvented with DLAGENTS.
- You can use
file://
URL to point to a directory or a file in your computer filesystem. For example, a local Git repository can be specified as"${pkgname}::git+file:///path/to/repository"
. - Magnet link support can be added using transmission-dlagentAUR as
DLAGENT
and using themagnet://
URI prefix instead of the canonicalmagnet:?
. - See PKGBUILD(5) § USING VCS SOURCES and VCS package guidelines#VCS sources for details on VCS specific options, such as targeting a specific Git branch or commit.
noextract
An array of files listed under source
, which should not be extracted from their archive format by makepkg. This can be used with archives that cannot be handled by /usr/bin/bsdtar
or those that need to be installed as-is. If an alternative unarchiving tool is used (e.g. lrzip), it should be added in the makedepends
array and the first line of the prepare() function should extract the source archive manually; for example:
prepare() { lrzip -d source.tar.lrz }
Note that while the source
array accepts URLs, noextract
is just the file name portion:
source=("http://foo.org/bar/foobar.tar.xz") noextract=('foobar.tar.xz')
To extract nothing, you can do something like this:
- If
source
contains only plain URLs without custom file names, strip thesource
array before the last slash:
noextract=("${source[@]##*/}")
- If
source
contains only entries with custom file names, strip thesource
array after the::
separator (taken from previous version of firefox-i18n's PKGBUILD):
noextract=("${source[@]%%::*}")
validpgpkeys
An array of PGP fingerprints. If used, makepkg will only accept signatures from the keys listed here and will ignore the trust values from the keyring. If the source file was signed with a subkey, makepkg will still use the primary key for comparison.
Only full fingerprints are accepted. They must be uppercase and must not contain whitespace characters.
gpg --list-keys --fingerprint KEYID
to find out the fingerprint of the appropriate key.Please read makepkg#Signature checking for more information.
Integrity
These variables are arrays whose items are checksum strings that will be used to verify the integrity of the respective files in the source array. You can also insert SKIP
for a particular file, and its checksum will not be tested.
The checksum type and values should always be those provided by upstream, such as in release announcements. When multiple types are available, the strongest checksum is to be preferred: b2
over sha512
, sha512
over sha384
, sha384
over sha256
, sha256
over sha224
, sha224
over sha1
, sha1
over md5
, and md5
over ck
. This best ensures the integrity of the downloaded files, from upstream announcement to package building.
The values for these variables can be auto-generated by makepkg's -g
/--geninteg
option, then commonly appended with makepkg -g >> PKGBUILD
. The updpkgsums(8) command from pacman-contrib is able to update the variables wherever they are in the PKGBUILD
. Both tools will use the variable that is already set in the PKGBUILD
, or fall back to md5sums
if none is set.
The file integrity checks to use can be set up with the INTEGRITY_CHECK
option in /etc/makepkg.conf
. See makepkg.conf(5).
sha256sums_x86_64=()
.b2sums
An array of BLAKE2 checksums with digest size of 512 bits.
sha512sums, sha384sums, sha256sums, sha224sums
An array of SHA-2 checksums with digest sizes 512, 384, 256 and 224 bits, respectively. sha256sums
is the most common of them.
sha1sums
An array of 160-bit SHA-1 checksums of the files listed in the source
array.
md5sums
An array of 128-bit MD5 checksums of the files listed in the source
array.
cksums
An array CRC32 checksums (from UNIX-standard cksum) of the files listed in the source
array.