Why Package Auditing is Critical
Every Linux server runs hundreds or thousands of installed packages. Each package is a potential attack vector if it contains known vulnerabilities. The 2017 Equifax breach, the 2021 Log4Shell vulnerability, and countless other incidents demonstrate that unpatched software is the most common entry point for attackers.
Package auditing goes beyond simple updates. You need to identify security-specific updates that require immediate attention, find orphaned packages that waste disk space and expand your attack surface, and track which packages have been explicitly installed versus automatically pulled in as dependencies.
dargslan-package-audit provides a unified interface across apt (Debian/Ubuntu), dnf/yum (RHEL/Fedora), pacman (Arch), and other package managers. It auto-detects your system and presents consistent results regardless of the underlying package manager.
Install dargslan-package-audit
pip install dargslan-package-auditZero dependencies. Auto-detects your package manager. Works on Debian, Ubuntu, RHEL, CentOS, Fedora, Arch, Alpine, and openSUSE.
CLI Usage
# Full package audit report
dargslan-pkg report
# List upgradable packages
dargslan-pkg upgradable
# Security updates only
dargslan-pkg security
# Orphaned/auto-removable packages
dargslan-pkg orphans
# Total installed package count
dargslan-pkg count
# JSON output for automation
dargslan-pkg jsonPython API
from dargslan_package_audit import PackageAudit
pa = PackageAudit() # auto-detects apt/dnf/pacman
print(f"Package manager: {pa.manager}")
print(f"Installed: {pa.count_installed()}")
# Check for security updates (CRITICAL)
security = pa.check_security_updates()
if security:
print(f"ALERT: {len(security)} security updates available!")
for s in security:
print(f" {s[\"name\"]}")
# Check for orphaned packages
orphans = pa.check_auto_removable()
print(f"Orphaned packages: {len(orphans)}")
# Full audit with severity ratings
issues = pa.audit()
for issue in issues:
print(f"[{issue[\"severity\"]}] {issue[\"message\"]}")Automating Package Audits
Schedule daily package audits with a simple cron job or systemd timer:
import json
from dargslan_package_audit import PackageAudit
pa = PackageAudit()
security = pa.check_security_updates()
if security:
# Send alert (integrate with your notification system)
alert = {
"level": "critical",
"message": f"{len(security)} security updates pending",
"packages": [s["name"] for s in security]
}
print(json.dumps(alert))Best Practices for Package Management
- Enable automatic security updates (unattended-upgrades on Debian/Ubuntu)
- Audit installed packages monthly β remove unused ones
- Pin versions of critical packages in production
- Use needrestart to identify services that need restarting after updates
- Track package changes in your configuration management system
Download the Package Audit Cheat Sheet
Get our Linux Package Audit Cheat Sheet β covering apt, dnf, pacman commands for finding outdated, security, and orphaned packages.
Related Tools
Explore all Linux administration Python tools at dargslan.com. Our Linux security eBooks cover package management, vulnerability scanning, and patch automation in depth.
