Aura

Table of Contents

What is Aura?

Aura is a package manager for Arch Linux. Its original purpose is as an AUR helper, in that it automates the process of installing packages from the Arch User Repositories. It is, however, capable of much more.

The Aura Philosophy

Aura is Pacman

Aura does not mimic pacman; it is pacman! All pacman operations and their sub-options are allowed. Some even hold special meaning in Aura as well.

Arch is Arch - AUR is AUR

-S yields pacman packages and only pacman packages. This agrees with the above. In Aura, the -A operation is introduced for obtaining AUR packages. -A comes with sub-options you’re used to (-u, -s, -i, etc.).

Secure Package Building

PKGBUILDs from the AUR can contain anything. It’s a user’s responsibility to verify the contents of a PKGBUILD before building, but people can make mistakes and overlook details. Aura scans PKGBUILDs before building to detect bash misuse and other exploits. The -P command is also provided for scanning your own PKGBUILDs.

Also, while pre-build PKGBUILD editing is not default behavior, this can be achieved with --hotedit.

Downgradibility

Aura allows you to downgrade individual packages to previous versions with -C. It also handles snapshots of your entire system, so that you can roll back whole sets of packages when problems arise. The option -B will save a package state, and -Br will restore a state you select. -Su and -Au also invoke a save automatically.

Arch Linux for Everyone

English is the dominant language of computing and the internet. That said, it’s natural that some people are going to be more comfortable working in their native language. From the beginning, Aura has been built with multiple-language support in mind, making it very easy to add new ones.

Haskell

Aura is written in Haskell, which means easy development and beautiful code. Please feel free to use it as a Haskell reference. Aura code demonstrates:

  • Parser combinators (megaparsec)
  • CLI flag handling (optparse-applicative)
  • Concurrency (scheduler)
  • Shell interaction (typed-process)
  • Pretty printing (prettyprinter)
  • Logging (rio)
  • Modern Haskell project architecture (config, CI, distribution)

Installation

Prebuilt Binaries

It is recommended to install the prebuilt binary of Aura:

git clone https://aur.archlinux.org/aura-bin.git
cd aura-bin
makepkg
sudo pacman -U <the-package-file-that-makepkg-produces>

Building from Source

You will need the Stack Tool for Haskell to compile Aura yourself. Then:

git clone https://github.com/fosskers/aura.git
cd aura
stack install -- aura

NOTE: This may take a while to initially build all of Aura’s dependencies. Once complete, your aura binary will be available in home/YOU.local/bin/.

Aura Commands

Installing Packages

Command Function
aura -A <package> Install an AUR package.
aura -Au Upgrade all installed AUR packages.
aura -Akuax Combo special! (upgrades, removes makedeps, shows PKGBUILD diffs, shows progress)
aura -Ai <package> Look up information on an AUR package.
aura -As <regex> Search the AUR via a regex.
aura -Ap <package> Display a package’s PKGBUILD.
aura -Ad <package> List a package’s dependencies.

Package Set Snapshots

Command Function
aura -B Store a JSON record of all installed packages.
aura -Br Restore a saved record. Rolls back and uninstalls as necessary.
aura -Bc <n> Delete all but the most recent ’n’ saved states.
aura -Bl Show all saved package state filenames.

Downgrading via the Package Cache

Command Function
aura -C <package> Downgrade a package.
aura -Cs <regex> Search the package cache for files that match a regex.
aura -Cc <n> Delete all but the most recent ’n’ versions of each cached package.
aura -Cv Delete all of the /var/cache/aura/vcs cache

Searching the Pacman Log

Command Function
aura -L View the Pacman log.
aura -Li <package> View the install / upgrade history of a package.
aura -Ls <regex> Search the Pacman log via a regex.

Managing Orphan Packages

Orphan packages are those whose install reason is marked as “As Dependency”, but are not actually depended upon by any installed package.

Command Function
aura -O Display orphan packages.
aura -Oa <package> Change a package’s install reason to ’Explicitly installed’.
aura -Oj Uninstall all orphan packages.

PKGBUILD Security Analysis

As mentioned above, the -P commands can help us detect bash usage that conflicts with the AUR guidelines, as well as outright exploits.

Command Function
aura -P <stdin> Analyse a PKGBUILD piped from -Ap.
aura -Pf <file> Analyse a PKGBUILD file.
aura -Pd <dir> Analyse the PKGBUILD file found in a directory.
aura -Pa Analyse all locally installed AUR packages.

Configuration

Aura looks for a configuration file at /etc/aura.conf, but won’t break if one isn’t present. A template config file can be found here and contains all instructions. If you install Aura via its AUR package, this file is added for you.

Localisation

Adding new languages to Aura is quite easy. If you speak a language other than those available and would like it added to Aura, please see the localisation section of The Aura Book.

Links

Footer

Copyright © 2020-2021 Derek Taylor (DistroTube)

This page is licensed under a Creative Commons Attribution-NoDerivatives 4.0 International License (CC-BY-ND 4.0).

The source code for distro.tube can be found on GitLab. User-submitted contributions to the site are welcome, as long as the contributor agrees to license their submission with the CC-BY-ND 4.0 license.

Author: dt

Created: 2022-02-20 Sun 10:16