"One time" post-invoke hook

> Hi,
>
> I am trying to address bug #544573 [1] against rkhunter which I
> maintain.
>
> rkhunter postinst script is used to call rkhunter --propupd which
> updates/creates its file properties database.
>
> rkhunter recommends some packages, eg. unhide, which are configured
> after rkhunter, and hence after rkhunter postinst script is run.
>
> Is there any way to add a temporary post-invoke hook so that the
> database is updated/created after all packages are configured?
>
> I have thought that adding a configuration file in /etc/apt/apt.conf.d
> in postinst would work, but as apt is already running, it won't consider
> that file until the next time it is run.
>
> Another mean would be to force packages like unhide to be configured
> before rkhunter (a kind of 'pre-recommends' dependency).
>
> Any hint for this?
>
> Cheers,
> Julien
>
> [1] http://bugs.debian.org/544573

> > Le mercredi 04 novembre 2009 à 19:08 +0100, Julien Valroff a écrit :
> > > Hi,
> > >
> > >
> > > rkhunter recommends some packages, eg. unhide, which are configured
> > > after rkhunter, and hence after rkhunter postinst script is run.
>
> Hello Julien,
>
> if you can cooperate with the maintainers of packages like unhide, maybe you
> can arrange a dpkg trigger? (man 5 deb-triggers)

> Hi Charles,
>
> Thanks for your answer.
>
> Le vendredi 06 novembre 2009 à 15:37 +0900, Charles Plessy a écrit :
> > > Le mercredi 04 novembre 2009 à 19:08 +0100, Julien Valroff a écrit :
> > > > Hi,
> > > >
> > > >
> > > > rkhunter recommends some packages, eg. unhide, which are configured
> > > > after rkhunter, and hence after rkhunter postinst script is run.
> >
> > Hello Julien,
> >
> > if you can cooperate with the maintainers of packages like unhide, maybe you
> > can arrange a dpkg trigger? (man 5 deb-triggers)
>
> You are right, I think that is the best method which could also be used
> by other packages so that the rkhunter database is only updated when
> packages are upgraded/installed.
>
> I already had a look to the triggers, but I am not sure to understand
> everything.
>
> In the rkhunter & unhide example, rkhunter needs to declare a trigger.
> But where and how?
>
> unhide needs to declare its interest in this trigger in debian/triggers
> (interest <trigger-name>)

> Le vendredi 06 novembre 2009 à 08:39 +0100, Julien Valroff a écrit :
> > Hi Charles,
> >
> > Thanks for your answer.
> >
> > Le vendredi 06 novembre 2009 à 15:37 +0900, Charles Plessy a écrit :
> > > > Le mercredi 04 novembre 2009 à 19:08 +0100, Julien Valroff a écrit :
> > > > > Hi,
> > > > >
> > > > >
> > > > > rkhunter recommends some packages, eg. unhide, which are configured
> > > > > after rkhunter, and hence after rkhunter postinst script is run.
> > >
> > > Hello Julien,
> > >
> > > if you can cooperate with the maintainers of packages like unhide, maybe you
> > > can arrange a dpkg trigger? (man 5 deb-triggers)
> >
> > You are right, I think that is the best method which could also be used
> > by other packages so that the rkhunter database is only updated when
> > packages are upgraded/installed.
> >
> > I already had a look to the triggers, but I am not sure to understand
> > everything.
> >
> > In the rkhunter & unhide example, rkhunter needs to declare a trigger.
> > But where and how?
> >
> > unhide needs to declare its interest in this trigger in debian/triggers
> > (interest <trigger-name>)
>
> Well, I think I have done the right thing:
> add a debian/triggers to both rkhunter and unhide containing:
> interest rkhunter-update-database
>
> In rkhunter postinst, I have added a triggered action which runs
> rkhunter --propupd
>
> However, if I install rkhunter (unhide being installed automatically by
> aptitude), nothing happens.
> If I reinstall unhide, the trigger is activated.
>
> It seems the trigger is not yet installed though rkhunter is configured
> before unhide.