Creating useful Pacman hooks

Even better would be to get the orphan list and then compare with the list post transaction and notify only new orphans.

I thought a hook for notifying pacnew and pacsave files would be a good idea. So here is a working prototype. Although it only checks /etc I've no experience of .pac* files being elsewhere.

I'm sure @mbb 's comment applies to this also :wink: and in general if anyone who can actually code (rather than just noob-cut-paste) wants to make it better then please to do so.


That's a cool idea. I went another route and tied it in with bash aliases into my update process. You must have mlocate installed for this method to work. After my update is complete, a list of pacnew files is written to my desktop.

alias pacnew='sudo updatedb && locate --existing --regex "\.pac(new|save)$"'
alias pacdiff='sudo -H DIFFPROG=kompare pacdiff'
alias mirrors='sudo pacman-mirrors --country Canada United_States'
alias download='sudo pacman-mirrors --country Canada United_States && sudo pacman -Syyuw'
alias update='download && sudo pacman -Su && pacnew > ~/Desktop/pacnew.log'

you could also just use
pacdiff -o


Way to take all the fun out our cool little projects we dream up. :smile:


Thanks I was not aware of that command. It made it simple enough that I could extend the use of my copy-paste skills. :stuck_out_tongue_winking_eye:

Definitely an improvement, in my opinion.


The baloo file search feature has been much improved in KDE. However, it is still not my favorite search engine and I would rather have it permanently disabled. According to the ArchWiki baloo can't be uninstalled, and it may be automatically re-enabled during a system upgrade. The ArchWiki recommends disabling baloo after any system upgrade if you do not want it run.

I decided to create a pacman hook to do this automatically after every system upgrade.

Here is the pacman hook

Type = Package
Operation = Upgrade
Target = /usr/bin/baloo_file

Description = Disable baloo file indexer after every upgrade operation
When = PostTransaction
Exec = /bin/sh -c 'killall baloo_file ; mv /usr/bin/baloo_file /usr/bin/baloo_file.bak ; echo '#!/bin/sh' > /usr/bin/baloo_file'


Interesting. When I read the Archwiki on disabling Baloo I didn't see that mentioned. Perhaps we're looking at two different pages?

The reason I mention this is it's one of the first things I turn off on an install in KDE. I think it's well, not any good. Not to disparage the KDE team but it's meh IMHO.
I use AngrySearch and Albert.
And now that I check balooctl status I see the little twerp is indeed running. /sigh
Another hook to add to the list. It's growing quickly because of you. :construction::construction_worker_woman:

1 Like

I'm curious if I can use my Gdrive?
But it's using KIO-GDrive so the location is funky.
It's gdrive:/
Will pacman understand that and dump the files there?
I'm scared to try it. The last time I tried automating something with GDrive google flipped out and locked my account.

well try with test email account.
its not like having thousands of Gmail id is not allowed.
but managing some tens of id is real pain forget about lot of them.

No worky. :frowning:
I guess pacman doesn't understand what gdrive:/ is. Oh well, back to derpbox

EDIT: aha! Victory! I read up in KIO-GDrive and found out it's just slaving the files. It is using a placeholder file to show you your gdrive. They aren't actually there until you click on them. This would explain the hook behavior.
So some research later and ODrive is the answer. It actually syncs to a folder on your drive.
So I have my pacman hook working the way I want now. Wooohooo!:partying_face:

I am ready for more :wink:

:: Starte post-transaction hooks...
(1/3) Orphaned package notification
=> No orphans found.
(2/3) Checking for .pacnew and .pacsave files...
.pac* files found:

Please check and merge
(3/3) No errors ...     # Also known as "ArmingConditionNeedsUpdate..." ;-)

Maybe cleaning dir :smiley:

~ >>> ls -la /home/sgs/bin/pacman-list/                                                                                               
insgesamt 120K
drwxr-xr-x  2 sgs  sgs  4,0K 23.06.2019 20:25  ./
drwxr-xr-x 12 sgs  sgs  4,0K 23.06.2019 17:57  ../
-rw-r--r--  1 sgs  sgs    30 23.06.2019 12:18 '2019-06-23@12:18_alien.txt'
-rw-r--r--  1 sgs  sgs  9,7K 23.06.2019 12:18 '2019-06-23@12:18_native.log'
-rw-r--r--  1 root root   30 23.06.2019 14:13 '2019-06-23@14:13_alien.txt'
-rw-r--r--  1 root root 9,7K 23.06.2019 14:13 '2019-06-23@14:13_native.log'
-rw-r--r--  1 root root   30 23.06.2019 14:18 '2019-06-23@14:18_alien.txt'
-rw-r--r--  1 root root 9,6K 23.06.2019 14:18 '2019-06-23@14:18_native.log'
-rw-r--r--  1 root root   30 23.06.2019 14:21 '2019-06-23@14:21_alien.txt'
-rw-r--r--  1 root root 9,6K 23.06.2019 14:21 '2019-06-23@14:21_native.log'
-rw-r--r--  1 root root   30 23.06.2019 14:22 '2019-06-23@14:22_alien.txt'
-rw-r--r--  1 root root 9,6K 23.06.2019 14:22 '2019-06-23@14:22_native.log'
-rw-r--r--  1 root root   30 23.06.2019 16:37 '2019-06-23@16:37_alien.txt'
-rw-r--r--  1 root root 9,6K 23.06.2019 16:37 '2019-06-23@16:37_native.log'
-rw-r--r--  1 root root   30 23.06.2019 20:25 '2019-06-23@20:25_alien.txt'
-rw-r--r--  1 root root 9,6K 23.06.2019 20:25 '2019-06-23@20:25_native.log'


Of course I could also wait for the next update and test it myself :smiley:
If desired I delete all this here :slight_smile:

My sda is not mount if I use Deepin. So action

:: Starte pre-transaction hooks...
(1/1) Create a backup list of all installed packages
/bin/sh: /mnt/9030b9ef-9aab-4578-92c7-b085e2b31cbb/home/sgs/00Daten/Backup-Deepin/package_lists/$(date +%Y-%m-%d@%H:%M)_native.log: Datei oder Verzeichnis nicht gefunden
/bin/sh: /mnt/9030b9ef-9aab-4578-92c7-b085e2b31cbb/home/sgs/00Daten/Backup-Deepin/package_lists/$(date +%Y-%m-%d@%H:%M)_alien.txt : Datei oder Verzeichnis nicht gefunden
Fehler: Befehl konnte nicht korrekt ausgeführt werden


Do you think here is .sh (Exec = /path/to/ better
or this will work to (Syntax = ";" correct?)

Exec = /bin/sh -c 'df | grep -q /mnt/9030b9ef-9aab-4578-92c7-b085e2b31cbb || sudo mount /mnt/9030b9ef-9aab-4578-92c7-b085e2b31cbb; pacman -Qqen  > "/home/mint/$(date +%Y-%m-%d@%H:%M)_native.log"; pacman -Qqem > "/home/mint/$(date +%Y-%m-%d@%H:%M)_alien.txt"; pacman -Qqem > "/mnt/9030b9ef-9aab-4578-92c7-b085e2b31cbb/home/sgs/00Daten/Backup-Deepin/package_lists/$(date +%Y-%m-%d@%H:%M)_native.log"; pacman -Qqem > "/mnt/9030b9ef-9aab-4578-92c7-b085e2b31cbb/home/sgs/00Daten/Backup-Deepin/package_lists/$(date +%Y-%m-%d@%H:%M)_alien.txt; df | grep /mnt/9030b9ef-9aab-4578-92c7-b085e2b31cbb | sudo umount /mnt/9030b9ef-9aab-4578-92c7-b085e2b31cbb" 2> /dev/null; exit'

Or I could put a postit on my monitor: "Damn, boot sda before update." :wink:

Very interesting tips here :+1:

I've added the firejail.hook to my system mentioned in the Arch wiki. However, I always get this error:

(2/5) Configure symlinks in /usr/local/bin based on firecfg.config...
error: unable to run hook firejail.hook: could not satisfy dependencies

I cannot find anything in journalctl. And /var/log/pacman.log only displays [ALPM] running 'firejail.hook'...

Any idea how to fix this?

From the Arch wiki:

To manually map individual applications execute:

sudo ln -s /usr/bin/firejail /usr/local/bin/application

I think you need to do it for each individual application rather than:

Target = usr/share/applications/*.desktop

I don't use Firejail, so I can't really say without hands on testing. Sorry I'm not familiar with firejail so I'm not the best one to be giving advice on this.

No, as this is actually what is automatically done by executing sudo firecfg: it adds a symlink (pointing to /usr/bin/firejail) to /usr/local/bin for every application for which Firejail comes with a profile. By doing this it's very easy to start all supported applications sandboxed with Firejail. The purpose of this hook is that every time you, e.g., install a new application firecfg is executed to make sure that it will be sandboxed, too - provided it's supported by Firejail.

What is meant here is that all desktop files are fixed such that the full path to the corresponding application is removed and the modified .desktop files are written to $HOME/.local/share/applications/. This makes sure that not the full path is used (as the application wouldn't be sandboxed) but rather the symlink in /usr/local/bin.

Thank you for the explanation. I had read some of the firejail documentation, but it's been a while a it was pretty foggy in my memory.

I just haven't been paranoid about too much since I left the Windows world to get around to installing firejail.

Does anyone know if a pacman hook will accept an interactive prompt from an associated script.

If I run the script outside the hook the prompt works fine and initiates a backup depending on your choice selected.

If I run the script from the hook it is completely ignored.

Here is the script:

    echo "timeshift backup process beginning"
read -p "cancel timeshift snapshot? (y/n) " RESP
if [ "$RESP" = "y" ]; then
    echo "timeshift snapshot canceled"
    echo "initiating timeshift snapshot"; /usr/bin/timeshift --create --comments "timeshift-pacman-hook-snapshot"

I'm not sure if this is a limitation of what is permitted in a hook, or if I'm doing something wrong?.

This is not exactly what I want to do, this is just a starting point for testing. I would like a 10 second countdown timer that defaults to making a snapshot if the backup is not canceled.

None of this is imperative by any means, it's just a fun way of trying to improve my rather poor scripting skills.

Anyone have any idea what's the issue?

not possible,
with hook, input is not tty but the packages list (with NeedsTargets on)

1 Like

Damn, that was kind of what I was starting to figure. Oh well, at least I learned some new bash scripting tricks along the way. What a pity I had high hopes to customize things further with user intervention.

Thank you again @papajoke

Forum kindly sponsored by