Text only | Text with Images

Artix Linux Forum

Artix Linux => Applications & Software => Topic started by: Nadir on 09 October 2021, 15:17:38

Title: Chaotic-AUR automated building repo for AUR packages
Post by: Nadir on 09 October 2021, 15:17:38
i started using Chaotic-AUR on one of my machines, because it is convenient.
It provides a lot of prebuilt packages.

Do someone  know if this repo is safe?
Or how to find out?

Chaotic-AUR automated building repo for AUR packages
https://aur.chaotic.cx/
Title: Re: Chaotic-AUR automated building repo for AUR packages
Post by: strajder on 09 October 2021, 15:57:17
Generally speaking, if you worry about safety it is better to build programs from source. Even then, you can't be sure if it is safe if you don't spend the time to check the source code or don't trust the distributor.

With AUR in general, "anything goes". That's why it is not officially supported. There are rally nasty packages in AUR, made as a "proof of concept", which can gain root access if the user just skips inspecting the PKGBUILD by just mechanically pressing Enter.
Title: Re: Chaotic-AUR automated building repo for AUR packages
Post by: nous on 10 October 2021, 17:07:54
What @strajder said. I could use chaotic-aur or archlinuxcn unofficial repos for my grandmother's Artix, but not for the PC I store my gpg and ssh keys on.
Title: Re: Chaotic-AUR automated building repo for AUR packages
Post by: katinka on 10 October 2021, 18:53:12
Huh... you are not very nice to your grandma @nous‍  and you understimate grandmas I think :D ;)
Title: Re: Chaotic-AUR automated building repo for AUR packages
Post by: calvinh on 10 October 2021, 20:25:07
Quote from: katinka – on
Huh... you are not very nice to your grandma @nous‍  and you understimate grandmas I think :D ;)

LOL, grandma is supposed to sit in front of a desktop like this.

(https://i.redd.it/emp4516xfwq71.jpg)
Title: Re: Chaotic-AUR automated building repo for AUR packages
Post by: SGOrava on 10 October 2021, 20:29:18
It should be proper retro green.
Title: Re: Chaotic-AUR automated building repo for AUR packages
Post by: Nadir on 11 October 2021, 14:32:20
Quote from: nous – on
What @strajder said. I could use chaotic-aur or archlinuxcn unofficial repos for my grandmother's Artix, but not for the PC I store my gpg and ssh keys on.

Okay, I can see that...
asking the question is answering it already  :D
Title: Re: Chaotic-AUR automated building repo for AUR packages
Post by: Nadir on 11 October 2021, 14:35:06
This reminds me one thing:

Is there a similar tool like debsums in Arch?
it checks the MD5 sums of installed Debian packages, tells you altered or missing files from the original packages.

Title: Re: Chaotic-AUR automated building repo for AUR packages
Post by: Nadir on 11 October 2021, 14:38:05
Answering to myself:
Code: [Select]
$ sudo pacman -Qk |grep -v "0 missing files"
warning: artix-branding-base: /etc/local.d/0PS1.start (No such file or directory)
warning: artix-branding-base: /etc/local.d/mkinitcpio.start (No such file or directory)
artix-branding-base: 18 total files, 2 missing files
warning: kgpg: /etc/xdg/autostart/org.kde.kgpg.desktop (No such file or directory)
kgpg: 381 total files, 1 missing file
warning: wps-office: /usr/lib/office6/wpscloudsvr (No such file or directory)
wps-office: 3900 total files, 1 missing file


What are the warnings in "warning: artix-branding-base"??

wpscloudsvr is a local server launched by WPS office suite. I deleted it
Btw now I switched to Onlyoffice which is good enough for my usage.

Title: Re: Chaotic-AUR automated building repo for AUR packages
Post by: nous on 11 October 2021, 22:12:58
Quote from: SGOrava – on
It should be proper retro green.
Caught grandma sniffing our home LAN.  :o

Text only | Text with Images