You are not logged in.

#1 2024-04-14 11:59:49

EarthMind
Member
Registered: 2018-07-31
Posts: 17

Clamav pacman hook

Does anyone have experience setting it up so whenever a package (from AUR) is installed, the files of that package are scanned? It seems like a good additional security measure

Offline

#2 2024-04-14 18:09:18

mpan
Member
Registered: 2012-08-01
Posts: 1,228
Website

Re: Clamav pacman hook

Pacman doesn’t know about AUR, so the problem is ill-defined. It just installs a package over -U. Scan the package before installing it.

If you’re installing it automatically using makepkg’s `-i` option, there is no clean way to execute anything between the packaging and installation stages. I guess you might abuse compression configuration options in makepkg.conf (`COMPRESSGZ`, `COMPRESSBZ2`, …) to replace them with your own script, that would scan with ClamAV and then compress.


Sometimes I seem a bit harsh — don’t get offended too easily!

Offline

Board footer

Powered by FluxBB