I’ve been writing some articles for It’s FOSS online magazine. The reviewer usually performs some changes before publishing the article, which I haven’t cared though, ’cause they are mostly just aesthetic.
However, in my last article, with the best intention (I believe), the reviewer decided to include some paragraphs I didn’t write, in order to “explain” things. The issue is that the reviewer doesn’t master the subject, which I do, and wrote some wrong information in my name without consulting me.
I think the only way to clean my name from that misinformation is publishing the original article by myself.
So here is it.
Yet Another Way to Install AUR packages
Introduction
Arch Linux is the spiritual heir of Slackware, the oldest distro still in the race.
Arch Linux is not only A rolling release distro, but THE Rolling Release Distro by right. However, its list of official packages can be considered a bit restrictive.
Even keeping the most recent working versions of each package, there are only very well-known and fully reliable applications – which, on the one hand, it’s very secure, but on the other, it can be annoyingly limited.
Herefore AUR comes to the stage.
AUR
AUR, Arch User Repository, is a community-oriented repository where Arch Linux users can share their own packages.
Note: Never trust AUR packages, unless you already know them. Any sort of software can make it into the repo, so you should never blindly trust AUR packages. Do your research before installing anything.
You’re probably gonna find that obscure app you’ve been looking for in weeks there in AUR.
But, how to install a package from AUR?
Hands on
The way to install a package from AUR is downloading the package, changing the working directory to the package root, and running:
makepkg -si
Dreadfully, innit?
Hold your horses though! There’s no need for panic, ’cause there are a bunch of tools that make your AUR life easier.
The most used AUR installer is yay
, Yet Another Yogurt. yay
follows the very same API as Pacman, which is very convenient for Arch Linux users: you don’t need to learn a new API for managing AUR packages.
Other alternatives are Paru, Yaourt (currently removed from AUR), and pikaur
, but none of these presents any notable advantage over yay
.
Yet yet another tool
Okay, since yay
is enough a tool, we don’t need another one, okey dokey, end of story, right?
Nope… 😁
I wouldn’t be writing this article if I didn’t have an exciting alternative to show you!
Do you remember our UPT article? If so, I’m considering you are that kind of person that rather stick to a common interface than using a different one for each system, and you’re probably using UPT already, which interface is way more similar to Apt or Homebrew than to Pacman.
With it in mind, I guess you’d also prefer an AUR installer with a similar UPT interface, am I right?
It exists and it’s called RUA.
RUA is a build tool for AUR, just like yay
, but with an interface similar to UPT. So you use mnemonic sub-commands like install
, upgrade
, and search
instead of -S
, -U
, -Syu
, -R
, -Q
, and so on.
Installing RUA
It’s necessary to install some dependencies so one can install RUA:
sudo pacman -S --needed --asdeps git base-devel bubblewrap-suid libseccomp xz shellcheck rustup
sudo rustup install stable
Note: in the example above, I used Pacman, but you could use UPT as well.
Like UPT, RUA is a tool made in Rust, and it can be easily installed by cargo
:
rustup default stable
cargo install rua
Note: DO NOT install RUA as root, it’s intended to be performed ONLY as a sudoer, not directly by root.
Using RUA
Let’s search for Brave Browser and install it:
rua search brave
rua install brave-bin
Considering the happy flow, you can answer most of the questions:
-
m
([M]=accept/merge
) -
o
([O]=ok, use package
and[O]=ok, proceed
) -
s
(Enter S to ‘sudo’ install it
) -
y
(any question that ask for a “yes”)
Now I decided not to keep it, so let’s uninstall it using UPT:
upt remove brave-bin
Upgrading packages
Pacman and UPT have no information about AUR packages’ source for upgrade! Nevertheless you can use RUA itself to upgrade them:
# The following command updates all packages installed by rua
rua upgrade
Safety
When building packages, RUA uses the following filesystem isolation:
- Build directory is mounted read-write.
- Files
"$GNUPGHOME"/pubring.kbx
and"$GNUPGHOME"/pubring.gpg
are mounted read-only (if exists). This allows signature verification to work. - The rest of
~
is not visible to the build process, mounted undertmpfs
. -
/tmp
and/dev
and/proc
are re-mounted with emptytmpfs
,devtmpfs
andprocfs
accordingly. - The rest of
/
is mounted read-only. - You can whitelist/add your mount points by configuring
wrap_args
. See example in~/.config/rua/.system/wrap_args.sh.example
.
All builds are run in a namespace jail, with seccomp
enabled and user
, ipc
, pid
, uts
, and cgroup
being unshared by default.
Conclusion
If you feel comfortable with UPT, you can use the pair UPT+RUA to manage all your packages, both official and AUR.
A list of the RUA’s full capabilities can be obtained from the command:
rua --help
Top comments (0)