I am looking for a way to know that the list of packages installed on an Ubuntu system changed while my C++ application is running.
I have a daemon which is expected to tell other applications whenever certain things change on the system, one of them is a list of installed packages. I want to track a certain number of packages such as Apache2, Cassandra, NTP, Postfix... to be able to tell what is running and what is not running on each computer in a cluster. This should be continuous so the status remains up to date (at least within a minute or two.) However, reading the list of installed packages with something such as dpkg -l ntp is very long and uses quite a bit of processing time, so I would like to run that command only when a change to the installation is made (which should be a relatively rare event, assuming we have security updates at most once a day, I should not have to run dpkg -l ... more than once a day, unless the administrator adds/removes items during the day, I need to detect those changes quickly enough.)
You could add a script to track changes via the --pre-invoke and --post-invoke hook options. Those should run before and after the dpkg lock has been acquired so should be safe to run dpkg-query commands from there.
Please check the dpkg man page for more details.