Open vmavromatis opened 6 years ago
Disclaimer: I never created PKGBUILD-Files before, so I might say stupid things :)
So for the PKGBUILD I would leave the run.sh. I would create a release of the repo only containing the main.py, and the licence I guess. I would set the python
package as a direct dependency and in the package
part I would unpack the release.tar.gz and with install I would copy the main.py to a directory on the PATH
, but I would use /usr/bin
or something, but please read the wiki before, as I just scrolled through fast to write this comment, I might missed something.
security risks
Which part concerns you? I mean you won't use it in the PKGBUILD anyways, as in my config the tmp is wiped on every restart, so it would be stupid to install there anything ;)
Which part concerns you?
It's not me, it's a very common debate in the linux world that people don't trust curl pipe -sh installers. There is plenty of info about it online (just a quick google)
https://www.seancassidy.me/dont-pipe-to-your-shell.html https://askubuntu.com/questions/77247/ive-downloaded-a-sh-file-how-do-i-install-this https://github.com/ellotheth/pipethis https://news.ycombinator.com/item?id=12766049
Disclaimer: I never created PKGBUILD-Files before, so I might say stupid things :) So for the PKGBUILD I would leave the run.sh. I would create a release of the repo only containing the main.py, and the licence I guess. I would set the python package as a direct dependency and in the package part I would unpack the release.tar.gz and with install I would copy the main.py to a directory on the PATH, but I would use /usr/bin or something, but please read the wiki before, as I just scrolled through fast to write this comment, I might missed something.
Cool me neither XD I'm reading the wiki now.
It's not me, it's a very common debate in the linux world that people don't trust curl pipe -sh installers. There is plenty of info about it online (just a quick google)
yeah that is understandable, but as I said, you won't use neither the curl method nor the run.sh, as everything you need will be defined in the PKDBUILD.
I don't even know why I made a new branch for the PKGBUILD but here is the path: https://github.com/vmavromatis/absolutely-proprietary/blob/PKGBUILD/PKGBUILD I will look into it tomorrow
Here's what I've come up with, feel free to use it or not:
# Maintainer : vmavromatis <8668731+vmavromatis@users.noreply.github.com>
# Contributor : stiefel40k
_pkgname=absolutely-proprietary
pkgname=${_pkgname}-git
pkgver=r54.93d1c3e
pkgrel=1
pkgdesc="Proprietary package detector for arch-based distros."
arch=('any')
url="https://github.com/vmavromatis/${_pkgname}"
license=('GPL3')
depends=('python>=3.6.3')
source=("https://github.com/vmavromatis/${_pkgname}/archive/master.zip")
sha256sums=('SKIP')
pkgver() {
cd "$srcdir/${_pkgname}-master"
printf "r%s.%s" "$(git rev-list --count HEAD)" "$(git rev-parse --short HEAD)"
}
package() {
cd "$srcdir/${_pkgname}-master"
install -Dm755 main.py "$pkgdir/usr/bin/${_pkgname}"
}
It seems to mostly work, makepkg -sri
downloads the latest git release and creates the package, but when I install it with pacman running absolutely-proprietary
doesn't work. From what I've found, when makepkg
creates the package, it seems to strip out the shebang in main.py
(#!/usr/bin/env python
), so my computer tries to run it as a bash script, which doesn't work. Manually editing the installed /usr/bin/absolutely-proprietary
to add the shebang allows it to work.
You can see this for yourself by running makepkg -sri
and then looking at the first line of cat pkg/absolutely-proprietary-git/usr/bin/absolutely-proprietary
.
It's not an issue with install
, manually creating $pkgdir/usr/bin/${_pkgname}
and copying over main.py
yields the same result.
I'm not a Python programmer, but it's possible you'd need to create setup.py
so that you can do python install
. See this PKGBUILD and its corresponding repo for an example of how that would work.
plase make source() point to the .git, not the .zip, see https://wiki.archlinux.org/index.php/VCS_package_guidelines. This will make easy to edit the pkgbuild to set spefici tag/commit
you pkgver() will become
pkgver() { cd "$pkgname" ( set -o pipefail git describe --long 2>/dev/null | sed 's/\([^-]*-g\)/r\1/;s/-/./g' || printf "r%s.%s" "$(git rev-list --count HEAD)" "$(git rev-parse --short HEAD)" ) }
It would be nice to create a PKGBUILD and deploy the app on AUR. For now the script install works, but it's not ideal as it contains security risks.