:py:mod:`dissect.target.plugins.os.unix.linux.debian.dpkg`
==========================================================

.. py:module:: dissect.target.plugins.os.unix.linux.debian.dpkg


Module Contents
---------------

Classes
~~~~~~~

.. autoapisummary::

   dissect.target.plugins.os.unix.linux.debian.dpkg.DpkgPlugin



Functions
~~~~~~~~~

.. autoapisummary::
   :nosignatures:

   dissect.target.plugins.os.unix.linux.debian.dpkg.read_status_blocks
   dissect.target.plugins.os.unix.linux.debian.dpkg.parse_status_block
   dissect.target.plugins.os.unix.linux.debian.dpkg.parse_log_date_time
   dissect.target.plugins.os.unix.linux.debian.dpkg.parse_log_line



Attributes
~~~~~~~~~~

.. autoapisummary::

   dissect.target.plugins.os.unix.linux.debian.dpkg.STATUS_FILE_NAME
   dissect.target.plugins.os.unix.linux.debian.dpkg.LOG_FILES_GLOB
   dissect.target.plugins.os.unix.linux.debian.dpkg.STATUS_FIELD_MAPPINGS
   dissect.target.plugins.os.unix.linux.debian.dpkg.STATUS_FIELDS_TO_EXTRACT
   dissect.target.plugins.os.unix.linux.debian.dpkg.DpkgPackageStatusRecord
   dissect.target.plugins.os.unix.linux.debian.dpkg.DpkgPackageLogRecord


.. py:data:: STATUS_FILE_NAME
   :value: '/var/lib/dpkg/status'

   

.. py:data:: LOG_FILES_GLOB
   :value: '/var/log/dpkg.log*'

   

.. py:data:: STATUS_FIELD_MAPPINGS

   

.. py:data:: STATUS_FIELDS_TO_EXTRACT

   

.. py:data:: DpkgPackageStatusRecord

   

.. py:data:: DpkgPackageLogRecord

   

.. py:class:: DpkgPlugin(target: dissect.target.Target)


   Bases: :py:obj:`dissect.target.plugin.Plugin`

   Returns records for package details extracted from dpkg's status and log files.

   .. py:attribute:: __namespace__
      :value: 'dpkg'

      

   .. py:method:: check_compatible() -> None

      Perform a compatibility check with the target.

      This function should return ``None`` if the plugin is compatible with
      the current target (``self.target``). For example, check if a certain
      file exists.
      Otherwise it should raise an ``UnsupportedPluginError``.

      :raises UnsupportedPluginError: If the plugin could not be loaded.


   .. py:method:: status()

      Yield records for packages in dpkg's status database


   .. py:method:: log()

      Yield records for actions logged in dpkg's logs



.. py:function:: read_status_blocks(fh: TextIO) -> Generator[List[str], None, None]

   Yield package status blocks read from `fh` text stream as the lists of lines


.. py:function:: parse_status_block(block_lines: List[str]) -> Dict[str, str]

   Parse package details block from dpkg status file


.. py:function:: parse_log_date_time(date_str: str, time_str: str) -> datetime.datetime


.. py:function:: parse_log_line(log_line: str) -> Dict[str, str]

   Parse dpkg log file line