is there a way to install aur packages without building them?

benibilme · 2022-11-08 01:29:57

Hello,

I am migrating from manjaro to arch but there are cases that I regret this decision.

One of the cases is aur packages. Many packages that I use in manjaro which are in regular repositories, are in aur sections in arch and they are really pain to install. Takes years to compile, I often receive compile errors. I am using yay to handle aur packages.

Is there any way to install aur packages as binaries without compiling them from scratch? I really do not care much about the performance for the most packages.

Thanks in advance.

ewaller · 2022-11-08 01:54:56

No.

What package takes years? I realize that is hyperbole, but I can compile the entire kernel and modules in about an hour.
Have you tried just using makepkg?
How many foreign packages have you? I just checked my system, and I have a grand total of eight.

Slithery · 2022-11-08 01:56:35

benibilme wrote:

and they are really pain to install.

No they aren't. Packages just need a simple...

pacman -U <pkgname>

...to install which only takes seconds.

benibilme wrote:

Takes years to compile...

The vast majority of things in the AUR will only take minutes to compile, not years. Which packages are you talking about?

benibilme wrote:

I often receive compile errors.

Then either the AUR package is broken or your system isn't configured correctly.

benibilme wrote:

I am using yay to handle aur packages.

We don't support yay on these forums. Try using the official makepkg instead.

benibilme · 2022-11-08 02:02:36

microsoft teams, zoom, zotero, goldendict, autofs, inxi, spotify are some of the packages that I use often. They are all in aur. Zotero for example failed now I had to install manually by extracting precompiled binary.

I really find makepkg process confusing. It also involves compiling. I used to use octopi for aur which came preinstalled in manjaro for that but even installing it is tedious in arch. I hate all building these packages and being asked question about versions etc, decide to keep source, check diff etc.

I will probably go for one of snap, flatpak, appimage. I have always avoided them since they are not native to the system, replicates the libraries etc. I insisted using aur but really I am getting really tired of aur approach.

Last edited by benibilme (2022-11-08 02:12:02)

cfr · 2022-11-08 02:21:04

A good number of those don't even require compilation because they aren't free software and the source isn't available.

jasonwryan · 2022-11-08 02:24:27

benibilme wrote:

I really find makepkg process confusing. It also involves compiling. I used to use octopi for aur which came preinstalled in manjaro for that but even installing it is tedious in arch. I hate all building these packages and being asked question about versions etc, decide to keep source, check diff etc.

Why are you wanting to move to Arch if you aren't interested in learning how it works.

Trilby · 2022-11-08 02:40:30

Tell us you've never used makepkg without telling us you've never used makepkg:

benibilme wrote:

I hate all building these packages and being asked question about versions etc, decide to keep source, check diff etc.

All those "gripes" are about yay, and while valid reasons, they are among the lesser reasons of why you should not use yay. Before you get too committed to your stance of disliking how the AUR works, perhaps you should try using it properly at least once.

ewaller · 2022-11-08 02:54:24

ewaller@odin/~% auracle clone teams    
clone complete: /home/ewaller/teams
ewaller@odin/~% cd teams
ewaller@odin/~/teams% time makepkg -s                                                                                                                                                                                [git][teams/.][master]
==> Making package: teams 1.5.00.23861-1 (Mon 07 Nov 2022 06:53:00 PM PST)
==> Checking runtime dependencies...
==> Checking buildtime dependencies...
==> Retrieving sources...
  -> Downloading teams_1.5.00.23861_amd64.deb...
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 81.5M  100 81.5M    0     0  39.7M      0  0:00:02  0:00:02 --:--:-- 39.7M
==> Validating source files with b2sums...
    teams_1.5.00.23861_amd64.deb ... Passed
==> Extracting sources...
==> Entering fakeroot environment...
==> Starting package()...
==> Tidying install...
  -> Removing libtool files...
  -> Purging unwanted files...
  -> Removing static library files...
  -> Stripping unneeded symbols from binaries and libraries...
  -> Compressing man and info pages...
==> Checking for packaging issues...
==> Creating package "teams"...
  -> Generating .PKGINFO file...
  -> Generating .BUILDINFO file...
  -> Generating .MTREE file...
  -> Compressing package...
==> Leaving fakeroot environment.
==> Finished making: teams 1.5.00.23861-1 (Mon 07 Nov 2022 06:53:11 PM PST)
makepkg -s  8.96s user 2.32s system 89% cpu 12.639 total
ewaller@odin/~/teams%                                                                                                                                                                                                [git][teams/.][master]

13 seconds, including the download.

Edit: Spotify failed with a PGP error, so I'll stop there.

Last edited by ewaller (2022-11-08 02:57:22)

benibilme · 2022-11-08 22:34:46

I have used makepkg. I have headless home server in manjaro and before knowing nothing about aur helpers I used to manage several packages with it which I did not enjoy at all. I learned about yay and others, since then I am not using makepkg. I was quite novice with arch package management system.

Trilby wrote:

Tell us you've never used makepkg without telling us you've never used makepkg:

benibilme · 2022-11-08 22:58:24

I have tried flatpak, makepkg and pamac to manage packages about a day. I installed zotero, teams, zoom, spotify, goldendict and several others with all them. I notice flatpak seamless, but downloads huge runtimes. It is easy to upgrade. I did not like idea I have to use flatpak run command to run the applications. Yes I can make aliases easily, I know. For makepkg, I noticed that some packages have -bin versions and they just dowload binary package and install it which I really like. Some packages also just download debian version of the package and possibly convert them like spotify which does not state -bin extension. Anyhow, I find makepgk usability okay for the most part but it is not really practical for me. I have to download package, build and install by myself. Upgrade is also problem. I can keep a directory of aur packages, make git pull and again build and install, but I have to keep these huge git directories. Pamac for now, seems as the best option for me, which handles both regular and aur packages. It creates less noise, has more intuitive interface to similar apt of debian/ubuntu, I am very accustomed to. For now, I will use pamac, at least for aur package management, keep flatpak at bay, where needed for the packages that refuse to build. Thank you all again.

Last edited by benibilme (2022-11-08 23:10:37)

sammiev · 2022-11-09 04:07:17

benibilme wrote:

Pamac for now, seems as the best option for me

Likely pamac will break your system sooner than later. Just my .02 cents.

seth · 2022-11-09 07:17:53

I have to keep these huge git directories

No?
Neither do you have to keep them, nor are they supposed to be any "huge".
The "huge" parts in there are probably build caches and the package you built and you absolutely, for no reason, "have" to keep those around.

kokoko3k · 2022-11-09 08:01:48

If you want to trust them, there are a couple (edit: a lot) of additional unofficial binary repos to try:
https://wiki.archlinux.org/title/Unoffi … positories

Last edited by kokoko3k (2022-11-09 08:06:07)

icar · 2022-11-09 16:53:15

I did not like idea I have to use flatpak run command to run the applications.

You don't have to — check /var/lib/flatpak/exports/bin

benibilme · 2022-11-10 02:46:53

kokoko3k wrote:

If you want to trust them, there are a couple (edit: a lot) of additional unofficial binary repos to try:
https://wiki.archlinux.org/title/Unoffi … positories

Thank you, I did not know that. Definetely, I will look into it. I will try to stay in official repositories, but just in case, it is good to know. Can you advise me a repository that may be more trustworthy than others or you know better. There seems to be a lot of them.

Last edited by benibilme (2022-11-10 03:05:42)

benibilme · 2022-11-10 02:48:21

icar wrote:

I did not like idea I have to use flatpak run command to run the applications.
You don't have to — check /var/lib/flatpak/exports/bin

I did now know that. Thanks. Very helpful.

benibilme · 2022-11-10 02:51:17

seth wrote:

I have to keep these huge git directories
No?
Neither do you have to keep them, nor are they supposed to be any "huge".
The "huge" parts in there are probably build caches and the package you built and you absolutely, for no reason, "have" to keep those around.

I believe pulling is faster than full clone. So I assumed that keeping them around would be better if I have the space. That was my reasoning.

benibilme · 2022-11-10 03:03:07

sammiev wrote:

benibilme wrote:
Pamac for now, seems as the best option for me
Likely pamac will break your system sooner than later. Just my .02 cents.

I really do not know which aur helpers are better. Yay is not advised in this post, I chosed yay previously, because it almost has the same interface with pacman. I used to use octopi, which came preconfigured within manjaro. It was good for newbies like myself. pamac seems to be an official package manager on top of pacman and maintained, documented and supported well in manjaro. Besides I have some familiarity with the interface. I intent to keep using pacman for the packages that exist in official repositories. I will use pamac for the aur stuff. I have to use something, since I do not want to use makeprg. I am really open to suggestions. I need something that will maintain aur packages similar to pacman. Please let me know if you have any other suggestion other than using makeprg.

Trilby · 2022-11-10 03:36:28

benibilme wrote:

Can you advise me a repository that may be more trustworthy than others or you know better. There seems to be a lot of them.

There are a lot of them because they each contain different packages (for the most part). Very few efforts have been made to make binary repos of large swaths of aur packages ... and coincidentally these are the ones I find least trustworthy as the maintainers motiviations do not lead them to put much care into their packaging work. So your goal - if you are to use some unofficial repos - is not to select from the list you find more trustworthy, but rather select from the list the ones that provide packages you want ... and then perhaps assess whether you find the repo to meet a sufficient level of trustworthiness.

I've formerly used repo-ck which focused just on -ck kernels and a few kernel modules that needed to be compiled against the kernel in use. Repo-ck is maintained by graysky, an active contributor to these forums who has been around awhile. So in my view, repo-ck is a good / trustworthy repo, but that's of no value to anyone who does not use -ck kernels.

On the other end of the spectrum are the unofficial repos allegedly targetted at "pen testing". All of these that I'm aware of provide only one penetration test: if you follow their advice on installing their packages, you have allowed them to fully penetrate your system and do whatever they'd like. I'd sooner eat my dinner off of a truckstop restroom floor than enable one of these repos.

Most unofficial repos fall somewhere between these two extremes - though I'd still say the general pattern is the more broad their scope the less likely they'd be particularly trustworthy (in my admitedly subjective assessment).

Or, as another alternative, you can make your very own repo of just the aur packages you'd like to use. In the end these packages would be installed by pacman just like any main repo package. There's even a set of tools to facilitate this: aurutils (with which I have no personal experience, but the author is knowledgeable and highly respected member of this community).

Last edited by Trilby (2022-11-10 19:21:59)

cfr · 2022-11-10 04:04:33

benibilme wrote:

I have to use something, since I do not want to use makeprg. I am really open to suggestions. I need something that will maintain aur packages similar to pacman. Please let me know if you have any other suggestion other than using makeprg.

You haven't told us anything you don't like about makepkg which is also true of makepkg, except that it builds packages and (sometimes) compiles source code. That makes it unlike pacman, which only deals with pre-packaged software. But that's a fundamental difference between the repos and the AUR. The AUR doesn't contain packages; the repos do. Instead, the AUR just contains recipes for making packages. Unless you use an unofficial repository, there is no avoiding that difference.

I apparently have 116 packages installed which are not in the official repositories. They are not all in AUR, but they mostly are. I don't find makepkg especially onerous, though I admit I miss cower.

Keeping the git directories around won't make much difference unless you are dealing with -git packages, for example, where you're cloning the source code.

makepkg && git clean -dfx

will keep the build file etc. and the package but delete much of the rest, while preserving the git clone if it's a -git package.

But, look, it is your system. If you want to use an AUR helper, that's up to you. It is your system to break and your system to fix.

Personally, I wouldn't. I especially wouldn't use a tool which blurred the distinction between official packages and AUR recipes. Anyone can put anything in AUR. If you don't look at the scripts before you build and install the packages, you are installing software you have no reason to trust. The repos are curated. AUR is the wild, untamed depths of potentially hostile territory. Most recipes are posted in good faith, but that is no guarantee that this one is. Nor is there any necessary connection between good intentions and competence. A badly written recipe is probably more likely than a bad faith one, but mistakes can wreck your system just as surely as malice.

That is why trying to make the distinction between AUR and the official repos disappear is not something you should want a package manager to do. That is why installing a package from AUR shouldn't be just like installing one from the repos. In the case of the repos, Arch's maintainers and developers stand between your machine and nefarious software. In the case of AUR, you are the only line of defence between malicious or erroneous code and your system.

benibilme · 2022-11-10 18:38:53

Trilby wrote:

I'd sooner eat my dinner off of a truckstop restroom floor than enable one of these repos.

I laughed so much. Probably, the seriousness of the situtation can not be described better than this. English in not my native language. I will take note of this to remember.

cfr wrote:

In the case of AUR, you are the only line of defence between malicious or erroneous code and your system.

Thank you both for taking time and giving very clear advises. I confess that I am truly enlightened. I have never thought this aspect of AUR repos. I always thought that they are still part of arch in some way, but arch maintainer did not want to include them because of not being free or to keep the repository small, lean or in some way the package does not comply arch maintainers considerations. I never gave a thorough thinking. I never though about security aspect of AUR packages.

I have a slow moving low priority personal project. I am trying to automate my arch installations according to my specific settings. I am using ansible to do that. I have several arch machines now, and moving manjaros to archs, I do not want to repeat the same settings for all them. Maybe I can use ansible to manage the aur packages that I often use. I will think about it. Ansible can download, build and update them.

One more question. What do you think about flatpak security. Could flatpak be more trust wordy than AUR packages if I use only official repositories.

Thank you again.

jasonwryan · 2022-11-10 19:08:10

benibilme wrote:

One more question. What do you think about flatpak security. Could flatpak be more trust wordy than AUR packages if I use only official repositories.

https://flatkill.org/

GamerzOH · 2022-11-10 20:33:11

I know what you are asking about. Check out the chaotic aur. It integrates directly into Pacman and provides prebuilt aur packages

Trilby · 2022-11-10 23:25:18

My initial thoughts on the chaotic repo are that 1) the name is fitting, and 2) it's smells a bit like the above-mentioned truck stop. Though to their credit, when asked if it is safe / secure, a maintainer's first answer was Nope. They then went on to describe the good practices they follow while still maintaining a realistic view of the risks. That is a reasonable and professional response to such question and reflects well on the people working on that repo.

So perhaps my metaphor could be revised: that one may not be like eating off the truck-stop bathroom floor, but it's still like eating at the truck-stop cafeteria; perhaps not totally insane, but not a particularly healthy choice for regular consumption.

However, also note that the above-linked discussion is 2 years old. I have no idea how involved that individual was with chaotic or whether they are still involved. Knowing who maintains a repo, what their qualifications / background are, and what practices the repo uses for packages are all important for assessing how (un)trustworthy a given unofficial repo might be.

Last edited by Trilby (2022-11-10 23:25:56)

icar · 2022-11-11 19:43:56

Most of them also maintain the Garuda distro and most mirrors are volunteers (myself, for example). You can join the community at the Telegram group https://t.me/chaotic_aur_sac and open issues about the repo or ask for new packages in their Github: https://github.com/chaotic-aur/packages/issues

Arch Linux

#1 2022-11-08 01:29:57

is there a way to install aur packages without building them?

#2 2022-11-08 01:54:56

Re: is there a way to install aur packages without building them?

#3 2022-11-08 01:56:35

Re: is there a way to install aur packages without building them?

#4 2022-11-08 02:02:36

Re: is there a way to install aur packages without building them?

#5 2022-11-08 02:21:04

Re: is there a way to install aur packages without building them?

#6 2022-11-08 02:24:27

Re: is there a way to install aur packages without building them?

#7 2022-11-08 02:40:30

Re: is there a way to install aur packages without building them?

#8 2022-11-08 02:54:24

Re: is there a way to install aur packages without building them?

#9 2022-11-08 22:34:46

Re: is there a way to install aur packages without building them?

#10 2022-11-08 22:58:24

Re: is there a way to install aur packages without building them?

#11 2022-11-09 04:07:17

Re: is there a way to install aur packages without building them?

#12 2022-11-09 07:17:53

Re: is there a way to install aur packages without building them?

#13 2022-11-09 08:01:48

Re: is there a way to install aur packages without building them?

#14 2022-11-09 16:53:15

Re: is there a way to install aur packages without building them?

#15 2022-11-10 02:46:53

Re: is there a way to install aur packages without building them?

#16 2022-11-10 02:48:21

Re: is there a way to install aur packages without building them?

#17 2022-11-10 02:51:17

Re: is there a way to install aur packages without building them?

#18 2022-11-10 03:03:07

Re: is there a way to install aur packages without building them?

#19 2022-11-10 03:36:28

Re: is there a way to install aur packages without building them?

#20 2022-11-10 04:04:33

Re: is there a way to install aur packages without building them?

#21 2022-11-10 18:38:53

Re: is there a way to install aur packages without building them?

#22 2022-11-10 19:08:10

Re: is there a way to install aur packages without building them?

#23 2022-11-10 20:33:11

Re: is there a way to install aur packages without building them?

#24 2022-11-10 23:25:18

Re: is there a way to install aur packages without building them?

#25 2022-11-11 19:43:56

Re: is there a way to install aur packages without building them?

Board footer