Arch Linux

cross-posted from: https://feddit.org/post/23120439

Some people might look for alternatives to using AUR for common packages, for example because they don't have the competence to review PKDBUILD scripts for malicious code, or maybe because they simply do not have the time. The Guix package manager might be an alternative for these, as it now supports 31000 packages - significantly more than the Arch distribution. So, for popular packages, chances are good that your package is covered by Guix.

But what is Guix? Here, a summary of key features and decisions of Guix:

1. Guix includes a package manager that can run on top of Linux distributions like Debian or Arch (I use it successfully for both) or other POSIX systems, like cargo, pip, conda or Conan. In difference to the pip and cargo package managers, it is language-agnostic, supports many different build systems and languages.
2. Guix allows to define a fully reproducible system. This works by using a declarative language for immutable version-controlled package descriptions, and by deriving any software from package definitions and a fixed version (commit hash) of the source code. In that, it is similar but much stricter than Nix and NixOS. The key point is that any software built, and all its dependencies, go back to unambigously, immutable versions of source code and build recipes - and all inputs to the system are open source and can be reviewed. This gives also some important protection against malware: An altered cached, binary package would not match the hash of the package's source code, its package definition, and the recursive hash of its dependencies.
3. Important for programming, this can also define isolated build and development environments, like Python's venv, but also Docker containers. This means that Guix can be used to develop, build, package, and deploy software, very much like Snap packages. And that's independent from the distribution you work in, very much like pip or cargo are independent from the system you work in. (And yes, it supports Rust!).
4. This allows it, and also makes it technically possible, that any software package can be re-built and run years later. To make this legally possible, the official distribution of Guix also demands all components to be open source (FOSS). This is also a key difference to NixOS and non-free forks of Guix, which allow non-free binary packages, but sacrifice reproducibility. (To illustrate: If you have a binary, proprietary scanner driver in NixOS, and the owning company practices planned obselescence and decides that you should buy their new hardware, and pulls that driver, you are out of luck. In Guix, this can't happen.) (Note that as your own private conponents, you can define any package you like, you can also distribute your definitions as a complement to GNU Guix. Non-free packages for Guix do exist, in the same way as you can buy and run Steam Games software for Linux. Such non-free software just can't become part of the official Guix distribution, just like Amazon or Apple can't sell their non-free software via Debian or the Linux kernel project (or, for that matter, Apple has no obligation to market and distribute, say, Oracle products).
5. All inputs being open source also means that any software component can be reviewed, that mis-features such as privacy-invasive behaviour can be removed, and that it is hardly possible to hide malware in the system. Because this also applies recursively to all compilers and build tools, this solves also Thompson's "Trusting Trust" problem. In fact, the whole system can be build from a 512 byte binary root (called MER). (Interestingly, that level of user control gets a lot of hate online -- certain companies don't seem to like it).
6. Because it would take too long to build every user package from source every time, the produced packages are normally cached (while their correct binary content can be easily verified).
7. The declarative description language for the packages is a well-defined, established, minimalist language called Scheme. This is a member of the Lisp family of languages. That Lisp is very well suited for declaratively building and configuring large systems has been proven with GNU Emacs, whose software, but more importantly, whole user configuration, is written in Emacs Lisp.
8. The Scheme implementation used is called Guile. It has especially good support for the POSIX environment and has also much better-than-average interactive debugging capabilities compared to other Scheme implementations.
9. Also worth noting is that the Guix project has superb online documentation. This is a practical advantage compared to Nix.

As example: you quickly want to try a recent version of a modern Scheme, say Guile 2 or Guile 3, or kawa (which runs on the JVM, like Clojure, see https://www.gnu.org/software/kawa/). Or of the interesting vis editor, a spin-off of Rob Pike's sam (https://github.com/martanne/vis). But you can't use the AUR packages, since AUR only supports Guile 1.8, and / or you don't have time to review the PKGBUILD and all its dependencies, and vis is simply not in AUR. Here, Guix helps out! Just type

guix install guile
guix install kawa
guix install vis

and bang you have it!

Disadvantages

• Guix generates packages from source. This means the package definition and a hash of the source code is hashed, and compared against cached packages. If it is available as a compiled package, it is retrieved. In other cases, Guix might need to compile the package and its dependencies. This is slower than using pacman. But if you only use it for the few packages you can't find in Arch, this should not bother you much. The advantage is that it is fully automated.
• Guix is not a good choice for installing proprietary binary drivers. This is due to its primary design choices. In this case, Nix might be a better alternative. (Or, you just get good Linux-compatible hardware, which can definitely avoid a lot of grief and head-scratching!)

How it works:

https://codeberg.org/guix/guix#headline-4

Manual:

https://guix.gnu.org/manual/en/html_node/Installation.html

For using Guix as a package manager under Arch, see:

https://wiki.archlinux.org/title/Guix

Ouch.

Just tried looking up an aur package via the Site and both Paru and the Site gave me an 500 Internal Server Error :(

Anyone know by Chance when AUR will be back up again? >.>
or are there AUR Archives by Chance i can get stuff from for now while its down? O.o

Thanks for the Help ^^

I've noticed that there are notifications now if a programme is taking too much ram and the kernel kills it.

Were they there before or it's an update from the DE or notification manager.

I having a hard time updating my arch-based computer because the downloads are so painfully slow. It takes hours and hours. Eventually some kind of error happens and Ive already left my computer to do something else so the task times out. Or download stalls to nothing and the process kills itself.

I have already adjusted the settings in yay to be more tolerant of slow connection, but can hardly ever manage to complete the upgrade. And the longer you wait, the more updates there are.

Does anyone else have this issue? I don't have a great connection but this is ridiculous. I do have a VPN running on router. This could be affecting it as github in particular seems to make downloads a slow trickle on certain VPN endpoints but lately I can't find any that satisfy it.

I start at least 1 upgrade task every day, sometimes multiple attempts but I have only had 1 successful full system upgrade in the past 2 or 3 weeks.

Edit: Solution was just switching to Proton 9.

This is a weird one involving many moving parts, so I'm looking for some pointers on where I can even start trouble-shooting:

• When I open My Summer Car (on Steam) in fullscreen mode, the keyboard doesn't work in game.
• When I start it in windowed mode, it works normally.
• When I then select full screen in the window menu, it works partially (some buttons in game don't react).
• Other games I tested have no issue.
• It works fine on Debian, but the issue is present on more bleeding edge distros (tested Arch, Endeavor and Bazzite)
• Flatpak or native Steam makes no difference
• Only tested KDE Plasma with Wayland

My best guess is that the issue is related to Wayland somehow, and that the game doesn't mesh with the newer Plasma version, but I'd love to know if there's a way to troubleshoot or work around this.
Thanks in advance!

Whatsapp web doesnt have critical feature like calls, is there any way to get whatsapp desktop on arch?

I'm not very bright so I'm feeling pumped :P grub wouldn't play nice with dual boot of other distros, realised I couldnt find a text editor to make the DE work, but we got there In the end and it turns out it's true what they say, you learn a lot.

“PacHub provides a GTK4/libadwaita GUI for pacman and AUR, so you can avoid the terminal. PacHub can install/uninstall packages, perform upgrades, and provide

I got a bunch of firmware issues afte updating my system (i don't think it was an arch linux update, but still), and then I start getting awful lag spike, and my computer crashes, stating lack of ram. My caps lock light doesn't toggle, so I think it's a lower level issue.

Anyways, I tried going on the forums to see if anyone had similar issues lately, but it seems to be down.

Has anyone got issues with their drivers, or is it just my laptop getting too old?

Recently I noticed when updating that pacman doesn't resume where I stopped it (a few minutes before) which is not nice since my internet is slow. After a lot of searching I found out every time I run pacman -Syu it makes a new folder in /var/cache/pacman/pkg named download-xxxxxx where the x's are randomized characters then it puts the downloaded .tar.zst files into that new folder ignoring the previous folder it created last time. My workaround was to move the contents of the previous download folder to it's parent directory but what would be a permanent solution? I remember when this wasn't the case so it must be a new "feature" I can hopefully disable.

If you ever wanted to chroot into the generated initramfs here are the steps. I thought it was interesting so wanted to share.

mkdir -p /mnt/initramfs
cd $_
lsinitcpio -x /boot/initramfs-linux.img
mount --bind /proc ./proc
mount --bind /sys ./sys
mount --bind /dev ./dev
SHELL=/bin/ash chroot .

My Linux mint pc just crashed because I was moving a lot of files from the home folder to the root directory. I got error that the drive is getting full. After clicking show error my pc rebooted and there was an error something like "can't create user journal no space left" I've been running mint for 4 years now. But arch for 2 years on my laptop (hyprland) and main pc (kde). So for this pc I thought why not also arch. Put the install drive in and booted and got this fancy screen. I've never seen this screen so nice. Why is that, I always just saw the text.

Hi, am I the only one experiencing performance variability in games from install to install?

I periodically install other distros to see if the green is grassier on the other side and I decided to do a cleanup, migrate to lvm for my arch install while I'm at it.

I have gone through 5-6 installs in the last 3 weeks, several iterations of arch as well. I always play the same 3-4 games and I know how they should perform already and I am experiencing some weird performance variability, what do I mean by this?

• Some installs have lower fps but stable 1% lows
• Sometimes if feels stuttery, even though the frametimes are stable
• Other times its just perfect

I am not doing anything out of the ordinary, archinstall with my setup, install steam, start my games.

• All AMD system
• single NVME
• Plasma with wayland

I'm stumped, I feel like an idiot looking at this issue because it makes no sense whatsoever. I finally nailed the setup after figuring out how to get LVM running, got everything going and now, it's a stuttery mess.

Edit: Things eliminated or fixed:

• stutters removed by lowering mouse polling rate to 1000hz
• wayland as a possible overhead by launching my games from the tty with gamescope

I'm using Endeavor OS. My computer lost power during system update. Now I can boot into it.

On the 16th of July, at around 8pm UTC+2, a malicious AUR package was uploaded to the AUR. Two other malicious packages were uploaded by the same user a few hours later. These packages were installing a script coming from the same GitHub repository that was identified as a Remote Access Trojan (RAT).

The affected malicious packages are:

• librewolf-fix-bin
• firefox-patch-bin
• zen-browser-patched-bin

The Arch Linux team addressed the issue as soon as they became aware of the situation. As of today, 18th of July, at around 6pm UTC+2, the offending packages have been deleted from the AUR.

We strongly encourage users that may have installed one of these packages to remove them from their system and to take the necessary measures in order to ensure they were not compromised.

According to the gamingonlinux discord, the following packages are also suspected to be compromised:

https://aur.archlinux.org/pkgbase/minecraft-cracked/

https://aur.archlinux.org/pkgbase/ttf-ms-fonts-all/

https://aur.archlinux.org/pkgbase/vesktop-bin-patched/

https://aur.archlinux.org/pkgbase/ttf-all-ms-fonts/

If you have any of these packages installed, immediately delete it and check your system processes for a process called systemd-initd (this is the RAT).

Here is an analysis of the malicious payload: https://www.virustotal.com/gui/file/d9f0df8da6d66aaae024bdca26a228481049595279595e96d5ec615392430d67

I'm only posting this as I am pretty much completely out of ideas on what to do here as I feel like I've tried pretty much everything besides just wiping my entire root directory and possibly my configurations in my home directory.

I was trying to get some better audio mixing in OBS for my setup I've been creating. Wanted to do some audio routing using the JACK Input Client in OBS in conjunction with a patchbay like Helvum or qpwgraph. In short, I installed Helvum and apparently already had qpwgraph installed. But in looking at both programs, couldn't really figure it out, and was just going to leave it for later. Didn't save any settings, just exited out without saving for both of them.

OBS only starting giving me issues after I had shut it down and then re-opened it later. That's when I noticed I stopped getting any input from my Line In input. Rebooted to see if it was just a glitch with pipewire or something else and nothing changed. Tried to record in Audacity from that same input and it just records silence. All other inputs and outputs seem to work, it's only the Line In that seemed to break. However it is detected

Things I have tried so far:

• Reinstalling PulseAudio, Pipewire, and ALSA
• Resetting the configurations for PulseAudio, Pipewire, and ALSA (Both system-wide in /etc and the user-specified ones in /home/.config)
• Removing the JACK input sources from OBS
• Uninstalling Helvum, and qpwgraph
• Multiple reboots

The only thing that seems to get it to output something is a new user profile; which I thought I reset all the configurations for on my current user. However even with that, the audio isn't great quality and it's quiet.

I'm only using a USB mic and the built-in audio controller with my motherboard (B560 Aorus Pro AX) and GPU (Intel ARC A770 LE).

Here's the audio devices from lspci, and lsusb:

$ lsusb
Bus 001 Device 004: ID 0c76:161f JMTek, LLC. USB PnP Audio Device

$ lspci
00:1f.3 Audio device: Intel Corporation Tiger Lake-H HD Audio Controller (rev 11)
04:00.0 Audio device: Intel Corporation DG2 Audio Controller

Let me know what other info I can give, if needed, things like pacmd or aplay and alike

Mostly Working Solution Edit: After far too long digging around, I found it would work whenever I restarted pulseaudio when I was logged on as my current user. From there, I read through the documentation for one of the plugins I was using in OBS, which is obs-pipewire-audio-capture. Figured I may as well try to install the pipewire-pulse compatibility layer instead of also having pulseaudio installed. Went ahead and did the install and it auto-removed pulseaudio as expected. I rebooted, and Line In is now working as it should.

The only reason why I say mostly working, is that now an unused Mic In input mirrors what's coming into Line In. Even if there's another device plugged into it, it still mirrors Line In whenever it's recorded. Since it's unused, it doesn't cause any problems, but it is something I noticed.