Depends.pm: merge depends() and extract()

[aurutils.git] / man1 / aur-chroot.1

.TH AUR-CHROOT 1 2022-03-04 AURUTILS
.SH NAME
aur\-chroot \- build pacman packages with systemd-nspawn
.
.SH SYNOPSIS
.SY "aur chroot"
.OP \-\-build
.OP \-\-update
.OP \-\-create
.OP \-D directory
.OP \-C pacman_conf
.OP \-M makepkg_conf
.OP \-\-
.RI [ "package..." ]
.YS
.
.SH DESCRIPTION
Build
.BR pacman (8)
packages inside a
.BR systemd\-nspawn (1)
container.
.
.SH OPERATIONS
.TP
.BR \-B ", " \-\-build
Build a package inside the container with
.BR makechrootpkg .
Assumes
.B \-\-create
was run at least once.
.
.TP
.BR \-U ", " \-\-update
Update or create the
.B /root
copy of the container with
.BR arch\-nspawn .
.
.TP
.BR \-\-create
Create a new container with
.BR mkarchroot .
By default, the
.B base\-devel
package group is installed to the container.
.IP
If the host architecture is
.B x86_64
and
.B [multilib]
is set in the pacman configuration (see
.BR \-\-pacman\-conf ),
the
.B multilib\-devel
package group is also installed.
.IP
If packages or package groups are listed on the command-line, these
are installed instead of the above.
.
.TP
.B \-\-path
Print the path to the container template
.RI ( $directory/root ).
.
.SH OPTIONS
.TP
.BI \-D " DIR" "\fR,\fP \-\-directory=" DIR
The base directory for containers. Defaults to
.BI /var/lib/aurbuild/ <machine> \fR.
This directory usually contains a
.B /root
subdirectory that serves as template for user containers (named after
.IR $SUDO_USER ,
or
.B /copy
if unset).
.IP
.B Note:
If the
.B \-T
parameter is specified to
.BR makechrootpkg ,
the user container has a random name and is removed on build
completion.
.
.TP
.BI \-C " FILE" "\fR,\fP \-\-pacman\-conf=" FILE
The
.BR pacman.conf (5)
file used inside the container. When unspecified, the following files
are checked in order:
.IP
.BI /etc/aurutils/pacman-<suffix>.conf
.br
.BI /etc/aurutils/pacman-<machine>.conf
.br
.BI /usr/share/devtools/pacman.conf.d/<suffix>.conf
.br
.BI /usr/share/devtools/pacman.conf.d/aurutils\-<machine>.conf
.IP
The component
.I <suffix>
is optional and specified with the
.B \-\-suffix
option. The component
.I <machine>
is taken from
.BR "uname \-m" .
The resulting file is read with
.B pacman\-conf
to retrieve listed
.B file://
repositories for bind mounting. (See
.BR "Accessing a local repository")
.IP
.B Warning:
Care should be taken when copying the configuration from
.BR /etc/pacman.conf ,
because certain directives (e.g.
.BR IgnorePkg )
may cause issues in the container.
.IP
It is recommended to use
the template in
.B /usr/share/devtools/pacman.conf.d/extra.conf
or
.B /usr/share/devtools/pacman.conf.d/multilib.conf
instead and make the necessary adjustments. Due to devtools limitations, any
desired repositories should be configured explicitly in this copy.
.
.TP
.BI \-M " FILE" "\fR,\fP \-\-makepkg\-conf=" FILE
The
.BR makepkg.conf (5)
file used inside the container. When unspecified, the following files
are checked in order:
.IP
.BI /etc/aurutils/makepkg-<suffix>.conf
.br
.BI /etc/aurutils/makepkg-<machine>.conf
.br
.BI /usr/share/devtools/makepkg.conf.d/<suffix>.conf
.br
.BI /usr/share/devtools/makepkg.conf.d/<machine>.conf
.
.SS makechrootpkg options
.TP
.BI \-\-cargs= ARGS "\fR,\fP \-\-makechrootpkg\-args=" ARGS
Arguments (comma-separated) to be passed to
.B makechrootpkg
for 
.BR \-\-build .
Defaults to
.BR "makechrootpkg \-cu" .
.
.TP
.BI \-\-margs= ARGS "\fR,\fP \-\-makepkg\-args=" ARGS
Additional (comma-separated)
.B makepkg 
arguments for
.BR makechrootpkg .
A default list of
.BR makepkg (8)
arguments can be listed with
.BR "makechrootpkg \-\-help" .
.
.TP
.B \-\-bind
Bind a directory read-only to the container.
.RB ( makechrootpkg " " \-D )
.
.TP
.B \-\-bind\-rw
Bind a directory read-write to the container.
.RB ( makechrootpkg " " \-d )
.
.TP
.BR \-\-checkpkg
Run
.BR checkpkg (1)
on the built package.
.
.TP
.BR \-N ", " \-\-namcap
Run
.BR namcap (1)
on the built package.
.
.TP
.BR \-T ", " \-\-temp
Build in a temporary container. (\fBmakechrootpkg \-T\fR) Temporary
means that the user container has a random name and is removed on
build completion.
.
.TP
.BI \-\-user= USER
Run the host
.BR makepkg (8)
instance as the specified user. (\fBmakechrootpkg \-U\fR)
.
.SH ENVIRONMENT
.TP
.B AUR_PACMAN_AUTH
The agent used to elevate commands. If unset,
.BR sudo (8)
is used. When running
.BR makechrootpkg ,
the following variables should be preserved:
.IR PKGDEST ,
.IR GNUPGHOME
and
.IR SSH_AUTH_SOCK .
By default, these variables are preserved with
.BR "sudo \-\-preserve-env" ,
which assumes an
.BR ALL
directive or a
.BR SETENV
tag for
.BR /usr/bin/makechrootpkg .
See
.B SETENV
in
.BR sudoers (5)
for details.
.TP
.B PATH
The contents of this variable are ignored and replaced with
.IR /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin .
.TP
.B PKGDEST
The directory where packages are placed. If unset, the current directory
.RB ( $PWD )
is used. See
.BR makepkg.conf (5)
and
.BR "makechrootpkg \-h" .
.
.SH NOTES
.SS Building with makechrootpkg
Changes to the pacman database are
.I not
propagated from the container to the local system. Packages must be
installed and updated separately, typically through
.BI "pacman \-Syu " package_name\fR.
.PP
Package conflicts inside the container must be resolved manually, as
.B makechrootpkg
uses
.B "makepkg \-\-noconfirm \-s"
internally. For example, to replace
.I gcc
with
.IR gcc\-multilib ,
run
.B "arch\-nspawn /var/lib/aurbuild/<machine>/root pacman \-S gcc\-multilib"
as root.
.
.SS Accessing a local repository
To install packages from the local repository (for example, on
dependency resolution with
.BR "makepkg \-s" ,
the container requires read access to the host directory where it is
located. This is ensured through a (read-write)
.IR "bind mount" .
In particular, paths to
.B file://
repositories are passed to
.B arch\-nspawn
and
.B makechrootpkg
with
.BR \-\-bind
and
.BR \-d ,
respectively.
.PP
.
.SS Avoiding password prompts
.BR makepkg (8)
must be run as a regular user as of version 4.2, with privileged
operations done via
.BR sudo (8).
It follows that
.BR aur\-chroot (1)
and
.BR aur\-build (1)
can not run directly as root. To avoid password prompts,
.BR sudoers (5)
can be used instead. For example, if
.BR aur\-chroot (1)
is run as the
.I archie
user, create the following sudoers policy:
.EX

  archie ALL = (root) NOPASSWD: SETENV: /usr/bin/makechrootpkg
  archie ALL = (root) NOPASSWD: /usr/bin/mkarchroot, /usr/bin/arch-nspawn

.EE
Should the rule only apply to specific hosts, replace
.B ALL
with the respective
.IR hostname .
.PP
.B Warning:
Due to bugs in
.BR makechrootpkg ,
a
.I NOPASSWD
rule for
.I /usr/bin/makechrootpkg
is equivalent to
.IR "NOPASSWD: ALL" .
.
.SS Using ccache and distcc
As in
.BR "Building with makechrootpkg" ,
install the required packages:
.EX

  # aur chroot --update ccache distcc

.EE
Ensure write access to
.B ccache
directories on the host:
.EX

  # aur chroot --build --bind /home/_ccache:/build/.ccache

.EE
Necessary
.BR makepkg (8)
options may be set in a specified (\-M)
.BR makepkg.conf (5)
file. See GitHub issue #334 for details.
.
.SS Building for a different architecture
To build packages for a different architecture, prepend
.BI setarch " arch"
to the
.B aur\-build
command line.
.PP
The target architecture must be supported both by the host (run
.B "setarch \-\-list"
for an approximation), and have a matching
.BR makepkg.conf (5)
file available in
.B /usr/share/devtools
(such as
.I /usr/share/devtools/makepkg\-i686.conf
for
.IR i686 ).
.PP
Building for other CPU architectures may be done through
QEMU user mode. See
.UR https://www.qemu.org/docs/master/user/index.html
.UE
for details.
.
.SH BUGS
.B PKGDEST
is not checked for existing packages when building with
.BR makechrootpkg .
This happens because packages are built to the
.B /build
path inside the container, and moved afterward to
.B PKGDEST
on the host. Checking for existing packages must thus be done
manually, e.g.  with
.BR "makepkg \-\-packagelist" .
.PP
GPG signing packages with
.B makepkg \-\-sign
is not possible inside the container as the necessary environment
variables are not set (see
.UR https://lists.archlinux.org/pipermail/arch-projects/2016-May/004341.html
.UE
for details.)
Signing packages should thus be done in the host environment e.g. with
.BR "aur\-build \-\-sign" .
.PP
Default
.B makepkg
arguments used in
.B makechrootpkg
(as listed in
.BR "makechrootpkg \-h" )
can be extended but not overridden. In particular, package conflicts
can not solved interactively.
.RB ( "makepkg \-\-noconfirm" )
.PP
.B arch\-nspawn
will unconditionally modify the supplied
.BR pacman.conf (5)
to copy mirrors (and other settings) from the host (see
.B FS#27544
and
.B FS#38641
for details.) Furthermore, repositories must be configured explicitly
in this configuration file, and not part of a separate file configured
with the
.B Include
directive.
.
.SH SEE ALSO
.BR aur (1),
.BR aur\-build (1),
.BR pacconf (1),
.BR pacman (1),
.BR makepkg (8),
.BR makepkg.conf (5),
.BR pacman.conf (5),
.BR setarch (8)
.
.SH AUTHORS
.MT https://github.com/AladW
Alad Wenter
.ME

.\" vim: set textwidth=72: