GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → kpcyrd → arch-audit-gtk

kpcyrd / arch-audit-gtk

Licence: GPL-3.0 license
Arch Linux Security Update Notifications

Programming Languages

rust
11053 projects
shell
77523 projects

Labels

securityarchlinuxupdatesarch-audit

Projects that are alternatives of or similar to arch-audit-gtk

updater
Simple web-hook based receiver executing things via HTTP request
Stars: ✭ 77 (+75%)
Mutual labels:  updates
workstation-bootstrap
My r10k/puppet based workstation bootstrapping and configuration
Stars: ✭ 18 (-59.09%)
Mutual labels:  archlinux
pkgstats-cli
pkgstats client
Stars: ✭ 17 (-61.36%)
Mutual labels:  archlinux
secret-service
Service to keep secrets of applications
Stars: ✭ 56 (+27.27%)
Mutual labels:  archlinux
asus-fan
Kernel module to get/set (both) fan speed(s) on ASUS Zenbooks
Stars: ✭ 92 (+109.09%)
Mutual labels:  archlinux
toolbox
Unified kit with all the scripts required for maintaining the repository 🧰
Stars: ✭ 60 (+36.36%)
Mutual labels:  archlinux
tizen-studio-arch
How to install TizenStudio on Arch Linux
Stars: ✭ 31 (-29.55%)
Mutual labels:  archlinux
arch-hs
Distribute hackage packages to archlinux
Stars: ✭ 18 (-59.09%)
Mutual labels:  archlinux
MantOS
LIFARS Networking Security GNU/Linux distro
Stars: ✭ 24 (-45.45%)
Mutual labels:  archlinux
alpm.rs
Rust bindings for libalpm
Stars: ✭ 76 (+72.73%)
Mutual labels:  archlinux
pacman-bintrans
Experimental binary transparency for pacman with sigstore and rekor
Stars: ✭ 79 (+79.55%)
Mutual labels:  archlinux
ansible-archlinux
Automated arch linux desktop environment
Stars: ✭ 56 (+27.27%)
Mutual labels:  archlinux
qtile-x-dotfiles
Various dotfiles for my old Qtile setup running under X.
Stars: ✭ 47 (+6.82%)
Mutual labels:  archlinux
deepin-wine-qq-arch
Tencent QQ on Deepin Wine5(com.qq.im.deepin) For Archlinux
Stars: ✭ 274 (+522.73%)
Mutual labels:  archlinux
mihdan-disable-aggressive-updates
Плагин под WordPress для ускорения админки путём отключения агрессивных проверок обновлений
Stars: ✭ 21 (-52.27%)
Mutual labels:  updates
HADRIAN
Pantheon Desktop Environment installer script for Arch Linux
Stars: ✭ 19 (-56.82%)
Mutual labels:  archlinux
milcheck
Display the status of your pacman mirrorlist and the Arch Linux lastest news right in your terminal
Stars: ✭ 18 (-59.09%)
Mutual labels:  archlinux
firefox-extension-arch-search
A set of Web Extensions that adds ArchLinux (bug tracker, forum, packages, wiki, AUR) as a search engine to the Firefox browser.
Stars: ✭ 21 (-52.27%)
Mutual labels:  archlinux
gitkraken
Arch User Repository Gitkraken
Stars: ✭ 113 (+156.82%)
Mutual labels:  archlinux
arch-pi
A simple script automatically installing Arch Linux for the Raspberry Pi.
Stars: ✭ 38 (-13.64%)
Mutual labels:  archlinux
View All Similar Projects ➔

arch-audit-gtk

Show an indicator if there are any security updates missing for your Arch Linux system.

screenshot

Install

pacman -S arch-audit-gtk

The package contains files for xdg-autostart, so it should automatically start the next time you log in. This is the case for gnome and kde, for i3 you need something like dex -a or execute arch-audit-gtk directly.

Gnome3

For gnome3 you need to install an extension for app indicator support:

pacman -S gnome-shell-extension-appindicator

After installing this extension you need to restart your desktop so gnome picks it up, you then need to enable the extension with the gnome extension manager.

Themes

There are currently 3 themes that you may pick from:

  • default
  • nocolor
  • classic

You can set this by creating a config file at one of the following locations:

  • /etc/arch-audit/gui.toml
  • ~/.config/arch-audit/gui.toml

With the following content:

[design]
icon_theme = "nocolor"

You can also select a theme using the --icon-theme <theme> commandline option.

Privacy

Since this program is automatically pinging security.archlinux.org we attempt to use multiple techniques to increase privacy:

Tor support

You can configure arch-audit to connect through Tor or any other socks5 proxy. There are two advantages in doing this:

  • security.archlinux.org can't tell you apart from other arch-audit users using Tor.
  • If you're on a monitored network they can't tell that you're connecting to security.archlinux.org, also they can't interrupt that specific connection. They may be able to tell that you're connecting to Tor and may be able to interrupt your Tor connections though.

Configure arch-audit like this:

mkdir -vp ~/.config/arch-audit
cat > ~/.config/arch-audit/settings.toml <<EOF
[network]
proxy = "socks5://127.0.0.1:9050"
EOF

Random jitter

Even if the ip address is hidden, with a fixed update interval you'd need a very large set of people to make this reasonably anonymous. Instead we use a very large jitter and vary the update checks between 2-6h. Since this makes it virtually impossible to predict the next update check the server/network can't tell if a specific user is still there or went offline since the last check.

Update conditions

The complete list of conditions that cause a connection to security.archlinux.org:

  • Startup: On application start we do an initial check.
  • Timer: There's an automatic update interval of 2-6h.
  • Click: The user explicitly clicks on "Check for updates".
  • Pacman hook: If we already know we're missing security updates and pacman notifies us that any package has been updated or uninstalled we check if the vulnerable package is still present.

Development

pacman -S git rust arch-audit
git clone https://github.com/kpcyrd/arch-audit-gtk
cd arch-audit-gtk
cargo run

License

GPLv3+

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].