Package Details: rar 6.0.1-1

Git Clone URL: (read-only, click to copy)
Package Base: rar
Description: A command-line port of the rar compression utility
Upstream URL:
Keywords: compress decompress rar unrar
Licenses: custom
Conflicts: rar-beta, unrar
Provides: unrar
Submitter: None
Maintainer: Musikolo
Last Packager: Musikolo
Votes: 710
Popularity: 2.19
First Submitted: 2008-10-15 21:38
Last Updated: 2021-04-20 02:43

Required by (100)

Sources (3)

Latest Comments

« First ‹ Previous 1 2 3 4 5 6 7 8 9 10 ... Next › Last »

Musikolo commented on 2017-05-09 00:20

@spirtbrat/Pietro_Pizzi thanks for your replies. Everyone is right!

My concern comes from the fact that the checksum shouldn't change once the maintainer updates the PKGBUILD for any given version. Any change without further notice is a reason to suspect the file is no longer secure, and/or the server where the file is stored could have been potentially compromised.

If anyone was able to build version 5.4.0 64-bit with the checksum available in the PKGBUILD (f7181c0aed3b7be402b95185bd61e646), then Houston, we have a situation! The file could have been compromised in the server. It's also possible the RarLab team has legitimately modified the file, but IMO that's very unlikely.

However, if nobody was able to build it and everyone was ever getting the same issue, then the maintainer might have forgotten or used the wrong checksum. New checksum is d02b8742478d5e6428c12ee14b2a678d.

So, just to clarify, has anyone being able to build the package with the old checksum (f7181c0aed3b7be402b95185bd61e646)?

Thank you!

vasily commented on 2017-05-06 21:57

Jesus Christ, people are touchy. I must've been too harsh in my comment
The upstream rar package is different than the one the PKGBUILD was made for, without changing neither the minor or the major version number. This shouldn't be surprising. rar is not open source and they can do whatever they like.
Either the PKGBUILD maintainer should actualize the checksum, or the user should ignore the check (--skipchecksums).
Besides, there's no 'rar_static' in the current download from rarlab, so probably the maintainer should intervene.
Anyways - use anything else for compression (zstandard) or unrar for decompression and you'll avoid most of the drama.

Pietro_Pizzi commented on 2017-05-06 21:25

I tried to be nice and helpful (not just now, ever!). I studied computer science but I although learned a lot through forums, blogs a.s.o, so I want to give something back. Not everyone who installs arch is a Linux nerd and know what I tried to explain. I'm although no arch guru but I think my explanation is good enough to understand. So why are you so a jerk? Particularly in this case where you obviously can't read and write and don't have anything helpful to say!

1. He tried to install the x64 version and therefore my md5sum is correct!
2. If you and every other uses the efa... md5 for the NOT x64 version then the md5 in the pkgbuild is incorrect for this one although. See the md5s from the pkgbuild:
3. I don't give him the advice to replace the checksum with arbitrary numbers. I do the total opposite. I showed him a way to get the number by him self. And in addition for lazy dudes I give the CORRECT # too. Anyone, besides you, can check that I posted no "bullshit" by copy&paste of the commands I explained.
4. And BTW, "nobody should not..." means "everybody should..." and I think you don't mean that!?
5. But OK, sorry that I don't hold a lesson that you don't should trust strangers on the Internet or trolls like you. I don't think this direction when I'm posting because I'm a good guy and don't post "bullshit", at least I try. I know, nobody can know this, but therefore i have given the instructions.

So enough from this. For all other serious guys, if you have trouble to update to 5.4, i have managed it:
1. If you have something that depends on unrar (sabnzbd in my case), install unrar like @FadeMind says. In this process you have to remove rar. If you don't do it that way rar can't get installed because it removes unrar and that would break the dependency for your other app.
2. (Re)install rar and edit the pkgbuild:
A. Change the md5sum for your version, like I explained before.
B. I'm not sure for this but it works for me: Remove the line that would install rar_static. The install process can't find the file and i checked both tar.gz and it really isn't there. If anybody knows it better please enlighten us, or at least me ;).
3. Save the pkgbuild, finish the install and now it should work.

Hope this helps again!

vasily commented on 2017-05-06 20:07

@Pietro_Pizzi this is a complete bullshit.
the md5sum I and everyone else are currently getting is:
efa2a5a29f57f34999a9bae355510618 for rarlinux-5.4.0.tar.gz
Apparently the rar guys have changed the package. Supprise!

Contrary to your advice, nobody should not just replace the checksum with arbitrary one from the internet. It makes all the chain-of-trust thing mute.
You can always ignore it and install anything that's on the interwebs now. But you should warn people not to complain if it's not what they have expected.

Pietro_Pizzi commented on 2017-05-06 19:48

You can fix this every time you have such a problem by:

1. Start the install and choose to edit the pkgbuild.
2. In another console go to pkgbuild directory "cd /tmp/yaourt-tmp-$(whoami)/aur-rar".
3. Check the MD5 sum "md5sum rarlinux-x64-5.4.0.tar.gz"
4. Replace the false one in the pkgbuild with the given one, in this case "d02b8742478d5e6428c12ee14b2a678d".
5. If you are kind post it in the relative AUR package post for others with the same Problem and for the maintainer to get him notified :).

Hope this helps!

Musikolo commented on 2017-05-05 01:48

I'm getting a checksum error. I've repeated the whole thing several times:

Is it happening to anybody else?

Pietro_Pizzi commented on 2017-05-04 22:17

Is it my fault?

==> Starting package()...
install: cannot stat 'rar_static': No such file or directory
==> ERROR: A failure occurred in package().

FadeMind commented on 2017-01-18 19:54

Updated to 5.40
Removed unrar installing rule. Please using official libunrar and unrar packages from extra repository.

deathtrip commented on 2016-11-11 18:48

I think it's because unrar is already in the official repos.
Anyway, we need an update here.

NoSuck commented on 2016-11-10 11:17

Why isn't this in [community] or even [extra]? Is the license holding it back?