You are not logged in.

Pages: 1

#1 2014-10-09 19:34:02

giuscri
Member
From: Milan, Italy
Registered: 2013-08-19
Posts: 21

How to test if a written-from-scratch PKGBUILD misses dependencies?

Hello,

I wanted to install this library on my machine and since I found no related packages on the AUR I thought it might be a good chance to try to contribute to the community.

Here's the PKGBUILD I wrote, from the template found at /usr/share/pacman/PKGBUILD.proto -- though on the wiki it's said that model is out-of-date.

pkgname=check
pkgver=0.9.14
pkgrel=1
pkgdesc="Unit Testing Framework for C"
arch=('i686')
url="http://check.sourceforge.net/"
license=('LGPL')
source=("http://downloads.sourceforge.net/project/check/$pkgname/$pkgver/$pkgname-$pkgver.tar.gz")
md5sums=('38263d115d784c17aa3b959ce94be8b8')
prepare() {
	cd "$srcdir/$pkgname-$pkgver"
}
build() {
	cd "$srcdir/$pkgname-$pkgver"
	./configure --prefix=/usr
	make
}
check() {
	cd "$srcdir/$pkgname-$pkgver"
	make -k check
}
package() {
	cd "$srcdir/$pkgname-$pkgver"
	make DESTDIR="$pkgdir/" install
}

Now, package is correctly created with makepkg but here are the questions:

1. how can I test that the package has no dependency? On my machine I have stuff already installed, course. I have no control on what is used by the check library. Maybe a tool like Vagrant might be useful? Trying to use it gave me headaches and I have few memory (1GB) on my machine so I'm curious how people involved in the AUR test dependencies.
2. running pacman -U <my_package> is harmless? How can I know that pacman will correctly remove everything that was created while make installing it? Does it keep track of what has been put by which package? I have found no reference on that.

Thank you.

Offline

#2 2014-10-09 19:41:55

WorMzy
Administrator
From: Scotland
Registered: 2010-06-16
Posts: 13,547
Website

Re: How to test if a written-from-scratch PKGBUILD misses dependencies?

1. Namcap can find some things, building in a clean chroot can find others (mostly makedepends).

2a. pacman -U isn't inherently harmless, a malicious .install script in a fake (or legitimate!) package can wreck your system (which is why everyone checks the PKGBUILD and .install files before building anything from the AUR).

2b. Anything in $pkgdir ends up in the package. If that's not everything, then fix the PKGBUILD. When you install it, pacman makes a note of everything the package contained, so that later on, it knows exactly what to remove.

Last edited by WorMzy (2014-10-09 19:42:28)

Sakura:-
Mobo: MSI MAG X570S TORPEDO MAX // Processor: AMD Ryzen 9 5950X @4.9GHz // GFX: AMD Radeon RX 5700 XT // RAM: 32GB (4x 8GB) Corsair DDR4 (@ 3000MHz) // Storage: 1x 3TB HDD, 6x 1TB SSD, 2x 120GB SSD, 1x 275GB M2 SSD

Making lemonade from lemons since 2015.

Offline

#3 2014-10-09 19:42:57

apg
Developer
Registered: 2012-11-10
Posts: 211

Re: How to test if a written-from-scratch PKGBUILD misses dependencies?

https://www.archlinux.org/packages/extra/i686/check/

Offline

Pages: 1

Board footer

Powered by FluxBB