Repositories

Athena OS leverages on several repositories for accessing to security tools and learning resources in a comfortable manner. They are:

• Athena repository for new tools or packages not stored in other existing repositories
• BlackArch repository for retrieving all the security tools
• Chaotic repository for accessing to the AUR packages directly by pacman
• Arch Linux repositories for system and utility packages
  • core
  • extra
  • community
  • multilib

These repositories are set in /etc/pacman.conf. Here you can choose to add more repositories or remove the existing ones. Each time you edit this file by adding or removing repositories, run sudo pacman -Syy to synchronize the database.

The structure of the Athena OS repository package source is public and available for any contribution.

The source files of each single package is inside the packages directory. Each package has PKGBUILD file for defining the .pkg.tar.zst package rules and build.sh is used for automating this process by generating the new .pkg.tar.zst, signing it, moving it and its signature to x86_64 folder and delete all the temporary files. When all packages are built, they are moved to the actual Athena Repository and update-database.sh must be run for calling update_repo.sh script in order to update the athena.db* files with the new built packages with .pkg.tar.zst extension stored in x86_64 folder.

The declaration of Athena repository is defined inside /etc/pacman.conf as:

[athena]
SigLevel = Optional TrustedOnly
Include = /etc/pacman.d/athena-mirrorlist

In Athena, the repository keys and related files, athena.gpg, athena-trusted, athena-revoked, blackarch.gpg, blackarch-trusted, blackarch-revoked, chaotic.gpg, chaotic-trusted and chaotic-revoked files are stored in /usr/share/pacman/keyrings/ folder. athena.gpg file is the public key needed to be imported in order to access to Athena repository, athena-trusted contains the keys to trust, and athena-revoked contains the list of revoked keys in long format. This operation is managed by Calamares installer that will initialize all the keys stored in /usr/share/pacman/keyrings/ folder.

Automation

Athena repository automates the update of its packages, indeed, mostly for git packages, when a developer updates its tool, the implemented automation is able to detect it, update the package and deploy it to the repository. This automated check runs periodically.

It has been implemented by a GitHub Actions workflow that contains a bash script for checking all directories containing a PKGBUILD file and running the build script inside each package source.

Installation

If you wish to use Athena repository in a different operating system, you can do this by adding the following to your /etc/pacman.conf:

[athena]
SigLevel = Optional TrustedOnly
Include = /etc/pacman.d/athena-mirrorlist

Get the mirrorlist file by running:

sudo curl https://raw.githubusercontent.com/Athena-OS/athena/main/packages/os-specific/athena-mirrorlist/athena-mirrorlist -o /etc/pacman.d/athena-mirrorlist

On the terminal, execute:

sudo pacman-key --recv-keys A3F78B994C2171D5 --keyserver keys.openpgp.org

Tip

If it is not working, try:

sudo pacman-key --recv-keys A3F78B994C2171D5 --keyserver keyserver.ubuntu.com

Finally, trust the imported key by:

sudo pacman-key --lsign A3F78B994C2171D5