Package Details: rar 5.4.0-1

Git Clone URL: (read-only)
Package Base: rar
Description: A command-line port of the rar compression utility
Upstream URL:
Keywords: rar unrar
Licenses: custom
Conflicts: rar-beta
Submitter: None
Maintainer: taylorchu (FadeMind)
Last Packager: FadeMind
Votes: 681
Popularity: 3.791938
First Submitted: 2008-10-15 21:38
Last Updated: 2017-01-18 19:57

Latest Comments

theforeigner commented on 2017-05-26 08:50

The md5sum for rar.1 (whatever that is?) has also changed: 4cffd2771bb4a51e4a68500d799550d8

bric3 commented on 2017-05-24 12:15

For future readers, I edited the PKGBUILD file when asked

The MD5 checksums of source files (respectively and

And as rarlab removed rar_static, I commented this line :

# install -Dm755 rar_static "${pkgdir}/usr/bin/rar_static"

Jristz commented on 2017-05-14 03:07

I agree that the maintainer need update the pkg, but now that is dynamicaly linked the maintainer probably now need to listed all the deps that rar link.

Musikolo commented on 2017-05-13 16:12


I got a reply from one of the developers of Rarlab about the checksum change. This is a short snippet of his reply:

"We received a complain from Debian maintainers that statically linked rar violates LGPL:

and updated:

to remove rar_static from the package. These files on are valid and our server is not compromised."

@FadeMind, since everything seems to be alright, would you mind updating the package accordingly?

Thank you!

Musikolo commented on 2017-05-13 03:33

I just sent an email to the Rarlab development team -

I hope to get a reply shortly that helps close this discussion.


WorMzy commented on 2017-05-12 17:16

Interesting theory. What makes you so sure that the maintainer won't simply run updpkgsums and resubmit the package? How will you know if they do this or liase with upstream? How do you know if /any/ package maintainer verifies the source checksums with upstream?

eang commented on 2017-05-12 17:05

This package should be considered unsafe until his maintainer doesn't update the checksum in the PKGBUILD (after checking that the tarball is ok). If you manually change the checksum in your local PKGBUILD you are just exposing yourself to a potential attack.

Musikolo commented on 2017-05-09 00:20

@spirtbrat/Pietro_Pizzi thanks for your replies. Everyone is right!

My concern comes from the fact that the checksum shouldn't change once the maintainer updates the PKGBUILD for any given version. Any change without further notice is a reason to suspect the file is no longer secure, and/or the server where the file is stored could have been potentially compromised.

If anyone was able to build version 5.4.0 64-bit with the checksum available in the PKGBUILD (f7181c0aed3b7be402b95185bd61e646), then Houston, we have a situation! The file could have been compromised in the server. It's also possible the RarLab team has legitimately modified the file, but IMO that's very unlikely.

However, if nobody was able to build it and everyone was ever getting the same issue, then the maintainer might have forgotten or used the wrong checksum. New checksum is d02b8742478d5e6428c12ee14b2a678d.

So, just to clarify, has anyone being able to build the package with the old checksum (f7181c0aed3b7be402b95185bd61e646)?

Thank you!

spirtbrat commented on 2017-05-06 21:57

Jesus Christ, people are touchy. I must've been too harsh in my comment
The upstream rar package is different than the one the PKGBUILD was made for, without changing neither the minor or the major version number. This shouldn't be surprising. rar is not open source and they can do whatever they like.
Either the PKGBUILD maintainer should actualize the checksum, or the user should ignore the check (--skipchecksums).
Besides, there's no 'rar_static' in the current download from rarlab, so probably the maintainer should intervene.
Anyways - use anything else for compression (zstandard) or unrar for decompression and you'll avoid most of the drama.

Pietro_Pizzi commented on 2017-05-06 21:25

I tried to be nice and helpful (not just now, ever!). I studied computer science but I although learned a lot through forums, blogs a.s.o, so I want to give something back. Not everyone who installs arch is a Linux nerd and know what I tried to explain. I'm although no arch guru but I think my explanation is good enough to understand. So why are you so a jerk? Particularly in this case where you obviously can't read and write and don't have anything helpful to say!

1. He tried to install the x64 version and therefore my md5sum is correct!
2. If you and every other uses the efa... md5 for the NOT x64 version then the md5 in the pkgbuild is incorrect for this one although. See the md5s from the pkgbuild:
3. I don't give him the advice to replace the checksum with arbitrary numbers. I do the total opposite. I showed him a way to get the number by him self. And in addition for lazy dudes I give the CORRECT # too. Anyone, besides you, can check that I posted no "bullshit" by copy&paste of the commands I explained.
4. And BTW, "nobody should not..." means "everybody should..." and I think you don't mean that!?
5. But OK, sorry that I don't hold a lesson that you don't should trust strangers on the Internet or trolls like you. I don't think this direction when I'm posting because I'm a good guy and don't post "bullshit", at least I try. I know, nobody can know this, but therefore i have given the instructions.

So enough from this. For all other serious guys, if you have trouble to update to 5.4, i have managed it:
1. If you have something that depends on unrar (sabnzbd in my case), install unrar like @FadeMind says. In this process you have to remove rar. If you don't do it that way rar can't get installed because it removes unrar and that would break the dependency for your other app.
2. (Re)install rar and edit the pkgbuild:
A. Change the md5sum for your version, like I explained before.
B. I'm not sure for this but it works for me: Remove the line that would install rar_static. The install process can't find the file and i checked both tar.gz and it really isn't there. If anybody knows it better please enlighten us, or at least me ;).
3. Save the pkgbuild, finish the install and now it should work.

Hope this helps again!

spirtbrat commented on 2017-05-06 20:07

@Pietro_Pizzi this is a complete bullshit.
the md5sum I and everyone else are currently getting is:
efa2a5a29f57f34999a9bae355510618 for rarlinux-5.4.0.tar.gz
Apparently the rar guys have changed the package. Supprise!

Contrary to your advice, nobody should not just replace the checksum with arbitrary one from the internet. It makes all the chain-of-trust thing mute.
You can always ignore it and install anything that's on the interwebs now. But you should warn people not to complain if it's not what they have expected.

Pietro_Pizzi commented on 2017-05-06 19:48

You can fix this every time you have such a problem by:

1. Start the install and choose to edit the pkgbuild.
2. In another console go to pkgbuild directory "cd /tmp/yaourt-tmp-$(whoami)/aur-rar".
3. Check the MD5 sum "md5sum rarlinux-x64-5.4.0.tar.gz"
4. Replace the false one in the pkgbuild with the given one, in this case "d02b8742478d5e6428c12ee14b2a678d".
5. If you are kind post it in the relative AUR package post for others with the same Problem and for the maintainer to get him notified :).

Hope this helps!

Musikolo commented on 2017-05-05 01:48

I'm getting a checksum error. I've repeated the whole thing several times:

Is it happening to anybody else?

Pietro_Pizzi commented on 2017-05-04 22:17

Is it my fault?

==> Starting package()...
install: cannot stat 'rar_static': No such file or directory
==> ERROR: A failure occurred in package().

FadeMind commented on 2017-01-18 19:54

Updated to 5.40
Removed unrar installing rule. Please using official libunrar and unrar packages from extra repository.

deathtrip commented on 2016-11-11 18:48

I think it's because unrar is already in the official repos.
Anyway, we need an update here.

NoSuck commented on 2016-11-10 11:17

Why isn't this in [community] or even [extra]? Is the license holding it back?

rob2uk commented on 2016-09-04 16:40

Updated PKGBUILD here:

rob2uk commented on 2016-09-04 16:28

rar is now at 5.4.0, so this package is now out of date

FadeMind commented on 2016-02-15 13:20

Current version at 20160215
RAR 5.30 for Linux
RAR 5.30 for Linux x64

AUR was updated and improved (provides unrar) at 2016-02-13.

So please don't mark this OUT-OF-DATE.

Det commented on 2015-02-07 17:18

That doesn't require even bumping the pkgrel, by the way.

WorMzy commented on 2015-02-06 15:33

Please enclose your srcdir and pkgdir variables in double quotes, to prevent problems with paths with spaces.

Det commented on 2015-01-21 12:48

Now that with pacman 4.2.0 [1] / AUR 3.5.0 [2] there is support for architecture-specific sources [3], you could use:


Instead of:

if [ "$CARCH" = "i686" ]; then
elif [ "$CARCH" = "x86_64" ]; then

The AUR "Sources" section will then look like so:

[1] =
[2] =
[3] =

vagorafaelino commented on 2014-12-03 02:06

New version is out: 5.2.0

vagorafaelino commented on 2014-12-03 01:59

New version is out: 5.2

sparse commented on 2014-11-01 20:04

I think there is no need to "provides=( 'rar' )"

sparse commented on 2014-11-01 20:03

I think there is no nedd to "provides=( 'rar' )"

lolilolicon commented on 2014-07-05 09:27

rar manpage updated to 5.10
pod2man -c "RAR User's Manual" -n "RAR" -r "$pkgname $pkgver" -s 1 rar.1.pod rar.1

rtfreedman commented on 2013-12-03 17:12

I think it's worthwhile to add rar.txt and whatsnew.txt to the package.

metak commented on 2013-12-03 09:08

Version 5.01 available

lolilolicon commented on 2013-09-20 02:57

I my own version of the PKGBUILD, I do not install unrar, because it seems to me the rar binary does everything unrar does. Am I correct?
I also echo hbdee's feeling that the unrar in the repos built from source should be preferred over the binary shipped in this tarball.

hbdee commented on 2013-09-19 20:19

@graysky - I disagree for the reason in my previous post(I use kdeutils-ark so a broken unrar is no good for me) and because official unrar pkg is built from source and maintained by giovanni, which I feel is better than the unrar binary provided by the tarball this packages uses. Maybe a better option is to have this pkg build unrar from source as a split pkg. This way it can conflict with the official pkg and still give the user the choice of an officially maintained pkg that is stable or the aur package that may or may not be stable. However, I feel like adaptee won't be willing to do this.

graysky commented on 2013-09-19 19:54

@hbdee - Hmm... perhaps this pkg should conflict with unrar from the repos...

hbdee commented on 2013-09-19 19:42

@graysky - Shouldn't unrar be commented out because it's in the official repos? This way the user can decide which version they want to use, for example forces me to use the official pkg because they downgraded it to work around the breakage. I agree with everything else you wrote.

lolilolicon commented on 2013-09-06 01:18

Here I share with you rar(1) manpage for rar 5.00 converted from Rar.txt (extracted from WinRAR Installer):
Save it as rar.1.pod, and convert to manpage like this:
pod2man -c "RAR User's Manual" -n "RAR" -r "$pkgname $pkgver" -s 1 rar.1.pod rar.1

graysky commented on 2013-09-05 16:55

* No need for the /bin/true in the build function... in fact, I believe you can omit the build function entirely.
* Why do you have this replace rar-beta? It should conflict with rar-beta, no?
* Why is unrar commented out?
* No need for the mkdir line for the manpage, just install rar.1 with -Dm644

graysky commented on 2013-09-05 16:51

* No need for the /bin/true in the build function... in fact, I believe you can omit the build function entirely.
* Why do you have this replace rar-beta? It should conflict with rar-beta, no?
* Why is unrar commented out?

scorici commented on 2013-09-05 13:21

Remove the md5sum at the end:
and replace the updated md5sums for both i686 and x84_64 like this:
if [ "$CARCH" = "i686" ]; then
elif [ "$CARCH" = "x86_64" ]; then

holyArch commented on 2012-10-17 21:32

Shame that such useful package does not have a proper PKGBUILD.

holyArch commented on 2012-10-17 21:17

Can someone provide a decent PKGBUILD and share with us?

graysky commented on 2012-09-30 12:56

@adaptee - all of the returns in the PKGBUILD are unneeded and outdated. Again, see the following as an example:

R00KIE commented on 2012-09-27 08:37

Why was the man page removed? If it was a mistake you can get it from this package [1].
If the removal was not an accident why is it that you are still creating ${pkgdir}/usr/share/man/man1 ?


hav3lock commented on 2012-09-05 18:35

Why, what's wrong with the one I already have up? I'm not trying to be difficult, just so you know, I'm just trying to figure out exactly what is it that is undesirable? (I looked at one of Graysky's PKGBUILDs, but I fail to see how it pertains.)

Det commented on 2012-09-05 17:21

Please use something more like graysky's PKGBUILD, which applies to the standard PKGBUILD pattern.

hav3lock commented on 2012-09-04 07:07

Let me know if anything doesn't work, thanks; you're welcome. :)

hav3lock commented on 2012-09-04 07:04

No problem, updating right now.

jorge_barroso commented on 2012-08-09 19:33

please update rar with the following URL's correspondants to the 4.20 version



thanks pal

graysky commented on 2012-08-08 09:07

Updated to current ARCH standards:

mister_playboy commented on 2012-07-15 04:10

Thanks Sarkasper. :)

intgr commented on 2012-07-13 23:38

PS: please use pastebin for sending PKGBUILDs. AUR doesn't preserve indentation correctly.

gh0st commented on 2012-07-13 12:52


# Maintainer: TuxSpirit <tuxspirit AT archlinux DOT fr>

pkgdesc="A command-line port of the rar compression utility"
arch=('i686' 'x86_64')
if [ "$CARCH" = "i686" ]; then

elif [ "$CARCH" = "x86_64" ]; then

build() {

mkdir -p ${pkgdir}/usr/share/doc/${pkgname} || return 1
mkdir -p ${pkgdir}/usr/share/man/man1 || return 1

cd ${srcdir}/rar

install -Dm755 rar ${pkgdir}/usr/bin/rar || return 1
#install -Dm755 unrar ${pkgdir}/usr/bin/unrar || return 1
install -Dm755 rar_static ${pkgdir}/usr/bin/rar_static || return 1

install -Dm755 default.sfx ${pkgdir}/usr/lib/default.sfx || return 1

install -Dm644 rarfiles.lst ${pkgdir}/etc/rarfiles.lst || return 1

install -Dm644 license.txt ${pkgdir}/usr/share/licenses/${pkgname}/LICENSE || return 1

install -m644 {*.htm,*.txt} ${pkgdir}/usr/share/doc/${pkgname} || return 1

#install -m644 ${srcdir}/rar.1 ${pkgdir}/usr/share/man/man1/rar.1 || return 1

Unia commented on 2012-06-18 15:24

Easy to update: just change pkgver to 4.2.0 in the PKGBUILD and change the md5sums accordingly (using makepkg -g >> PKGBUILD)

taylorchu commented on 2012-06-15 17:55

4.2 is here

rafaelff commented on 2012-04-15 03:40

@tuxspirit: FYI, no need for "|| return 1", as makepkg knows how to deal with errors.

Anonymous comment on 2012-04-14 19:21

Updated to 4.11 (final version)

holyArch commented on 2012-03-26 09:42

Update needed.

taylorchu commented on 2012-03-07 19:26

taylorchu commented on 2012-03-07 19:26

rar 4.1.1 released. please update

Anonymous comment on 2012-02-02 19:48

Updated to 4.10 (final version)

@fabienwang : thank you for your comment.

fwhcat commented on 2012-01-20 11:45

4.10 available.

Anonymous comment on 2011-07-06 16:36

Updated to 4.01 (final version)

Anonymous comment on 2011-03-10 09:33

Updated to 4.0 (final version)

Anonymous comment on 2011-03-09 18:03

version 4.00 is out

kvasthval commented on 2010-10-13 12:21

Thanks and sorry! :-)

Anonymous comment on 2010-10-12 18:25

Fixed the problem with backup=('/etc/rarfiles.lst')

Please sending email for corrections. Thanks!

kvasthval commented on 2010-10-12 15:42

Flagging as out-of-date - please fix this problem, it won't take more than a few seconds.

Anonymous comment on 2010-08-31 01:29

solved here too

Anonymous comment on 2010-08-04 02:42


replacing to 'etc/rarfiles.lst' solved the problem.

Anonymous comment on 2010-08-04 01:45

PKGBUID: Line 12


should be

backup=('etc/rarfiles.lst') ?

Anonymous comment on 2010-07-05 17:30

Here is simple solution. Download latest RAR package from this repo:

And install with pacman -U

Anonymous comment on 2010-07-03 17:50

Same here, Arch 64bit.
How to fix this?
Is there some way to correct this in PKGBUILD or something?

killajoe commented on 2010-07-03 17:22

yes for me too under arch64

Anonymous comment on 2010-06-24 21:38

Invalid backup entry : /etc/rarfiles.lst