Talk:Unofficial user repositories

From ArchWiki
Latest comment: 20 August 2021 by Roland Puntaier in topic script for listing files from unofficial repositories

32-bit PGP key id's are not secure

Shouldn't we put complete PGP key fingerprints here? The short 32-bit key ID's are trivial to spoof these days: Ghen (talk) 13:25, 1 November 2020 (UTC)Reply[reply]

script for listing files from unofficial repositories

Flagged some repositories based on this script

Roland Puntaier (talk) 09:36, 19 August 2021 (UTC)Reply[reply]

It does not matter if the "server returns 404", since the server may have directory listing disabled but still serve the files correctly. E.g. Unofficial user repositories#dasbaumwolltier: returns 404, but works. — Lahwaacz (talk) 10:08, 19 August 2021 (UTC)Reply[reply]
I see. You kept my flagging in some cases. I changed the script. These are returning 404 also for the db file: ashleyis dkp-linux jk-aur alucryd alucryd-multilib archlinuxgr-kde4 symbiflow-git. Why did you unflag these? Roland Puntaier (talk) 11:54, 19 August 2021 (UTC)Reply[reply]
I think you may also need to check compressed extensions (e.g. $repo.db.tar.gz and maybe others) to have a meaningful test. I think you should probably find a way to test this with pacman itself instead of inventing new queries. At the very least hand check a few before doing bulk flagging. Alerque (talk) 12:00, 19 August 2021 (UTC)Reply[reply]
I did add all extensions from, still the same 7 repos return 404. I agree that pacman should be used. I would like to provide the URL and it gives me back the list of packages, but I need to do some research regarding this. Roland Puntaier (talk) 12:32, 19 August 2021 (UTC)Reply[reply]
You can use pyalpm to do the equivalent of pacman -Sy and pacman -Sl in Python, even with a custom config. Or use pacman directly in a shell script with custom --config, --dbpath, etc. arguments. — Lahwaacz (talk) 18:32, 19 August 2021 (UTC)Reply[reply]
Thanks, I'll look into pyalpm. But in the meantime I added unofficialdb to the above gist, which does (url->pkg list) according pacman's repo-add (which uses bsdtar, ...).

These repo's fail: ashleyis dkp-linux jk-aur linux-nitrous mobile ownstuff-testing trinity alucryd alucryd-multilib archlinuxgr-kde4 BioArchLinux jkanetwork llvm-rc symbiflow-git. Roland Puntaier (talk) 06:05, 20 August 2021 (UTC)Reply[reply]

Triinity Desktop AUR Repo Fix

I get really nerdy sometimes about putting EVERY aur reoo in my pacman.conf and today i got the itch nut trinity desktop aur url was bad 404d with pac receive keys Key-ID: 8685AD8B

Got a 404 so I checked their wiki Their key there is wrong though, need to import one I found on some bbs bored, so they say to do this... pacman.conf add;sudo pacman-key --keyserver --recv-key D6D6FAA25E9A3E4ECD9FBDBEC93AF1698685AD8B


Server =$arch
  1. pacman-key --recv-key D6D6FAA25E9A3E4ECD9FBDBEC93AF1698685AD8B
  2. pacman-key --lsign-key D6D6FAA25E9A3E4ECD9FBDBEC93AF1698685AD8B

foubnd on their bbs with a valid key server like so...

Which is okay but that aur url is dead and so on some random page duckduckgoing on some old page or message board I found what works...

...if you reallly need it: sudo pacman-key --keyserver --recv-key D6D6FAA25E9A3E4ECD9FBDBEC93AF1698685AD8B && sudo echo "

  1. servers all 404 DE is on aur if needded [trinity]
  2. Server =
  3. Server = 

[trinity] Server = " >> /etc/pacman.conf (make sure pacman.conf is 777 or do it as root ( $ su - ) and keys:

When I finish the rest pof the entire aur list next time im bored, ill post here or on reddit with my pacman,conf its taken me all year adding a couple everytime im bored

—This unsigned comment is by Nsomnia (talk) 2022-11-24T00:21:10. Please sign your posts with ~~~~!