BAUERBILL(1) BAUERBILL(1) NAME bauerbill - powerpill with abs and aur support SYNOPSIS bauerbill [options] [packages] DESCRIPTION Bauerbill is an extension of Powerpill which includes support for building packages from the ABS and the AUR. You should refer to Power‐ pill's documentation for pure Powerpill information and Pacman's docu‐ mentation for basic operations. Briefly, you should use bauerbill just as you would use pacman for most operations, e.g. "bauerbill -Syu" or "bauerbill -S [pkgs]". Without additional options, bauerbill, like powerpill, will speed up package downloads via parallel and segmented downloads. Via the options you can also enable several other features, such as building ABS, AUR and CPAN packages from source. See the information below and in the powerpill man page for more information about available options and features. ABS Bauerbill does not require the "abs" package nor does it use it if it is available. Instead it uses $repo.abs.tar.gz archives when they are available for a given repo. This enables Bauerbill to build packages from repos that are not included in the official ABS tree provided that they include this archive in their databases. AUR Bauerbill uses the RPC interface to the AUR to perform searches and retrieve package information. It caches retrieved data internally to avoid redundant connections to the server and launches parallel queries to speed up operation times whenever possible. The AUR is open to the public and despite the efforts of those who maintain it, harmful code may get uploaded due to either malice or ineptitude. You must inspect each and every package that you wish to build from the AUR to ensure that it does not pose any risk. CPAN Bauerbill can also query information and build pacman packages from CPAN using the backend provided by Xyne::Arch::CPAN. It will intelli‐ gently try to map requested packages to CPAN distributions and will create packages with full depends, optdepends, makedepends and provides arrays whenever the metadata is available. In most cases it will there‐ fore provide full dependency resolution and it will build all target packages while tracking build dependencies for removal. Occasionally the metadata file on CPAN (META.yml) will be absent, incomplete or erroneous and bauerbill the build will fail. In such cases the user must either choose to edit the PKGBUILD at the prompt or contact the CPAN author to fix the problem upstream. When CPAN support is enabled, you can specify a CPAN package by its Pacman package name (e.g. perl-foo-bar) or its CPAN distribution name (e.g. Foo-Bar), You can also specify any module contained within a dis‐ tribution the same way and it will map to the correct CPAN package (e.g. perl-foo-bar-baz, Foo::Bar::Baz). Occasionally you will find that Perl packages in the official repos have been improperly packaged (e.g. names which deviate from the stan‐ dard naming guidelines, provides array which are incomplete). You may want to consider using "pacpan" to fix these errors in local packages while waiting for the package maintainer to update the package. Pacpan provides a frontend to various functions in the Xyne::Arch::CPAN module and can be used to inspect installed Perl packages for errors and sug‐ gest corrections. It can even patch the local database provides arrays based by directly detecting modules in a package. Please report all package errors detected by pacpan to the packager. Open a ticked on the bug tracker for official packages. Hackage Bauerbill can retrieve information about Haskell libraries and programs on Hackage. If "cabal2arch" is installed, it can also build packages from Hackage with full dependency resolution and build dependency tracking and removal. Install cabal2arch from the AUR using bauerbill if you do not already have it. PERMISSIONS AND PRIVILEGES The balance of privileges versus restrictions was taken into considera‐ tion when writing Bauerbill. As an extension to Powerpill, it is desir‐ able to be able to run Bauerbill as root to download packages directly to the default cache and start pacman without an additional prompt. At the same time, packages should never be built as root and makepkg will complain if you try. The author has tried to resolve this issue by selectively dropping privileges when they are too high and by checking for sudo when they are too low. If Bauerbill is run as root, it will be able to download package to the default cache directory but it will change its effective user and group ids when sourcing PKGBUILDs and building packages, but will reset them when installing build packages. If Bauerbill is run without special privileges, it will check for sudo when invoking pacman operations that require root. Note that you will need to specify a writable cache directory in this case. PKGBUILDS AND SECURITY One of the great strengths of pacman is also one of its great weak‐ nesses. PKGBUILDs are pure bash code and they are sourced (read: run) by makepkg when building packages. While this offers great simplicity for actually building packages, it presents a plethora of other prob‐ lems related to it, mostly related to security and metadata extraction. In particular, sourcing an untrusted PKGBUILD is very dangerous (and part of the reason why you should never build packages as root). Bauerbill tries to limit the risk of extracting metadata from a PKG‐ BUILD while remaining versatile enough to recognize "clever" packager tricks that can obfuscate the values of variables. When Bauerbill sources a PKGBUILD, it first checks the syntax of the file without run‐ ning it by using bash's "-n" flag. If the syntax is valid, Bauerbill then wraps the entire PKGBUILD in a function and sources it. By wrap‐ ping it in a function, the code is not executed but it is parsed and included in the output of "set" in canonical form. This makes it much easier to parse with regular expressions. Bauerbill then walks through the variables in order, interpolating and saving values as it goes, which keeping track of effective local environments. This enables Bauerbill to extract everything it needs without actually executing the code, at least in cases of relatively well-behaved PKG‐ BUILDs (including split packages). Of course the parser is not perfect and there will be special cases in which it fails miserably. Hopefully this can be improved over time. Note that despite this only mitigates the dangers of extracting meta‐ data. You are still fully exposed to all of the dangers of the PKGBUILD when building the package. CONFIGURATION FILE Bauerbill will check for a configuration file named bauerbill.conf in "$XDG_CONFIG_HOME/powerpill" if it is set, else in "$HOME/.config/pow‐ erpill". If a configuration file is not found, it will default to "/etc/bauerbill.conf". See below to learn how to generate a template conguration file. OPTIONS Bauerbill supports the following superset of Powerpill's arguments in addition to Pacman's arguments: --abs Enable ABS support. --arch Specify the architecture to use if autodetection fails. --aria2-args [args] [Powerpill option] Additional arguments to aria2c. These will be appended to the internal list of default arguments, replacing some of them when appropriate. The format used is the same as in aria2c configura‐ tion files, e.g. "lowest-speed-limit=10K" Options of immediate interest are "lowest-speed-limit", which can be used to filter slow mirrors while the download is in progress, and "max-download-limit", to limit download speed. Options which are required by Powerpill will be ignored. Beyond that, Powerpill does not check the sanity of the arguments given. Consult aria2c's documentation for a full list of available options and information about what they do. This option may be repeated to pass multiple values. --aria2-bin [Powerpill option] The path to the aria2c binary. --aur Enable AUR support. --autobuild [pkgnames] Automatically build the specified packages using ABS. This works even when the "ABS" option is not set. This option may be repeated to pass multiple values. --autopatch [pkgnames] Automatically apply patches in the PatchDir to PKGBUILDs and install files when trusting the PKGBUILDs. If the prompt appears, the patch is not applied and it is left to the user. This option may be repeated to pass multiple values. --blindly-trust-everything-when-building-packages-despite-the-inherent- danger This option enables pacman's "--noconfirm" option to bypass the PKGBUILD and install file inspection prompt for all packages. This option is VERY DANGEROUS and IT IS NOT RECOMMENDED THAT YOU USE THIS. The only reason that this is included is because some users desperately want this functionality. The author highly recommends using the options to trust ABS packages and specific AUR users instead of this option, which can be used to achieve essentially the same effect. --build-all Build all repo packages using ABS, including dependencies. This will bypass the ABS build queue dialogue. --build-as If Bauerbill is run with root privileges, it will drop them and assume the privileges of the given user when sourcing files and building packages. --build-dir Specify the build directory. --cache-built Move built packages to the cache. If PKGDEST is set in makepkg.conf, it will take precedence over this option. --config [Powerpill option] Specify a different configuration file to use. --cpan Enable CPAN support. Read the CPAN section of the man page before using this option. --devel Include all developmental packages in the upgrade operation as though they had been specified on the command line. Use this to rebuild packages under version control (foo-svn, foo-cvs, foo- git, etc). --editor Select a text editor for editing PKGBUILDs and install files. --get-categories Retrieve the AUR category list to enable translation of category IDs to category names when displaying information. --get-config-template [Powerpill option] Print powerpill's configuration file template. --get-metalink [Powerpill option] Output a metalink for the requested operation and exit. --get-taurballs Download taurballs for the requested packages to TaurballDir and exit. Use Pacman's "-d" option if you do not want to download dependency taurballs. If you would like to download the sources to BuildDir as well, use Pacman's "-w" option instead of this. --hackage Enable Hackage support. Read the Hackage section of the man page before using this option. --hackage-cache Specify the cache directory where Hackage metadata files will be mirrored and where the Hackage database file will be created. --help, -h [Powerpill option] Print powerpill's help message and exit. --keep-makedeps Keep build dependencies (makedeps) after a successful build. --log [Powerpill option] Powerpill output will be logged to this path if it is given. --lwp-timeout [Powerpill option] The LWP user-agent timeout, in seconds. This affects the timeout of internal network connections and is unrelated to Aria2 set‐ tings. --makepkg-args [makepkg args] Additional arguments to makepkg which will be used when building packages from source. Check the makepkg documentation for details. Note that makepkg is NEVER RUN AS ROOT so there is no reason to pass it arguments which would allow it to be run as root. --makepkg-config Specify a different makepkg configuration file to use. --man [Powerpill option] Print powerpill's man page and exit. --man-nroff [Powerpill option] Print powerpill's man page in nroff format. --memoize [Powerpill option] Cache database file lookups in memory to enable faster subse‐ quent lookups. This will greatly speed up longer operations in most cases at the cost of a larger memory footprint. --no-color [Powerpill option] Suppress colored output. --pacman-bin [Powerpill option] The path to the pacman binary or an equivalent, such as pacman- color. --pacman-config [Powerpill option] Specify a different pacman configuration file to use. --pacman-help [Powerpill option] Print pacman's help message and exit. --pacpan-cache Specify the pacpan cache where CPAN metadata files will be mir‐ rored and where the CPAN database file will be created. --patch-dir The PatchDir should be a directory with the same nested hierar‐ chy as the BuildDir. It will be checked for corresponding PKG‐ BUILD and install file patches to apply before sourcing a given PKGBUILD. --pkgd [address:port] [Powerpill option] Specify PkgD servers to query for packages before using external mirrors. This option may be repeated to pass multiple values. --powerpill-conf Specify a path to a Powerpill configuration file which should be loaded before the Bauerbill configuration file. This lets the user keep all common options in a single configuration file and selectively override them in the Bauerbill configution file, which also contains Bauerbill-specific options. Make sure that you comment all settings in the Bauerbill configuration file that you do not want to override. --rebase [Powerpill option] Use the Rebase module to update the sync database. See the Rebase documentation for more information. --reflect "[Reflector arguments]" [Powerpill option] Enable retrieval of mirrors from the MirrorStatus webpage during a sync operation. This uses the Reflector module internally and accepts the same arguments that Reflector does. See the Reflec‐ tor documentation for more information. There is absolutely no reason to pass any of the ranking options with this command as the order of the servers is completely irrelevant. --retry-limit [Powerpill option] The number of times that a failed download should be retried when run automatically. --save-metalink [Powerpill option] Save the metalink to a file. --split-size [Powerpill option] The minimum size, in MB (not MiB), that a file must be before it is split for segmented downloading. --taurball-dir Specify a storage directory for ABS and AUR taurballs. Taurballs are the archives containing the PKGBUILDs and local source files required by makepkg to build the package (AUR tarball = taur‐ ball). --trust-abs If set, the user will not be prompted to inspect PKGBUILDs and install files for ABS packages. If you trust the binary packages created with those PKGBUILDs, you can probably trust the PKG‐ BUILDs themselves. --trust-cpan If set, the user will not be prompted to inspect PKGBUILDs gen‐ erated by Xyne::Arch::CPAN. Although these PKGBUILD are safe in the sense that they will never contain malicious code, they may sometime require editing to correct errors that arise due to absent or incorrect metadata on CPAN. --trust-hackage If set, the user will not be prompted to inspect PKGBUILDs gen‐ erated by cabal2arch. --trusted-users [trusted AUR users] This option can be used to specify "trusted users" on the AUR. The user will not be prompted to inspect PKGBUILDs and install files for packages maintained by these "trusted users". Despite the name, this option is not limited to actual Arch TUs, although they are probably a good candidates for this list, as well as your own user account. This option is provided for convenience and completeness but it is inherently dangerous. Use it with caution. This option may be repeated to pass multiple values. --use-cbreak Enable stty cbreak at the PKGBUILD inspection prompt. This enables the user to make a choice without pressing , e.g. by typing "ok" instead of "ok". Some users have reported issues with this so it has been changed to an option. --viewer Select a viewer for displaying text output. This can be used at the PKGBUILD inspection prompt to view text instead of printing it to the console. The viewer must accept text piped to it on STDIN, e.g. "/bin/less". AUTHORS Xyne January 2010 BAUERBILL(1)