this post was submitted on 24 Jun 2023
7 points (100.0% liked)
Arch Linux
7737 readers
2 users here now
The beloved lightweight distro
founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
What different effect did you see?
The main difference is in where the package gets built, as you are the root user not your own user, the cache will be in a strange place and some config files may be misplaced.
Also, running as root is dangerous as the aur uses random scripts made by strangers on the internet. (edit: as stated by OP, mkpackape refuses to run anyway) This can be very dangerous, even when not run as root. I've seen an ip logger next to a list of "people who can fuck themselves", fork bombs, and have heard of crypto miners being installed. All in large well used repos.
Cemu, nordvpn, certain browsers, and many more are not distributed by their owners
Giving these scripts that are often made by some random person root access is asking for damage. People could just put
dd if=/dev/random of=/dev/sda
inside it and boom, your drive is not only gone but you can't even recover your dataEdit: they are correct, yay will simply refuse to install an aur package using sudo, apologies for suggesting otherwise
Look at the pkgbuilds and the sources used! That's the minimum of due diligence one should do when using the AUR.
With sudo it appears the dependencies for pkgbuild are downloaded then deleted but qv2ray, the main target remains uninstalled (manual intervention required) and it states qv2ray - exit status 10.
However on the second time without sudo the package is finished and a second install prompt appears, and the installation is successful.
So it appears to be that running makepkg with sudo was not permitted anyway, and there was no result. Also the packages (the cache you refer to?) were deleted following this.
I'll remember from now on the AUR is riskier than pacman and I'm glad the package was installed in /home. 🤔