| 17 | 17 |
vulnerability which might have been fixed by upgrading a library which that
|
| 18 | 18 |
process makes use of.
|
| 19 | 19 |
|
| 20 | |
.P
|
|
20 |
.P
|
| 21 | 21 |
Consequently,
|
| 22 | 22 |
.B checkrestart
|
| 23 | 23 |
is sometimes used as an audit tool to find outdated versions of libraries in use,
|
| 24 | 24 |
particularly after security upgrades. Administrators should not, however, rely
|
| 25 | 25 |
on its output completely (see \fBBUGS\fP below).
|
| 26 | 26 |
|
| 27 | |
.P
|
|
27 |
.P
|
| 28 | 28 |
This script needs to run as root in order to obtain the information it needs
|
| 29 | 29 |
for analysis.
|
| 30 | 30 |
|
|
| 47 | 47 |
|
| 48 | 48 |
.TP
|
| 49 | 49 |
.BI -a, --all
|
| 50 | |
Process all deleted files regardless of location. This makes
|
|
50 |
Process all deleted files regardless of location. This makes
|
| 51 | 51 |
the program analyse deleted files even if they would be discarded
|
| 52 | |
because they are located in locations, such as
|
|
52 |
because they are located in locations, such as
|
| 53 | 53 |
.I /tmp
|
| 54 | 54 |
, which are known to produce false positives. It will take preceded if used
|
| 55 | |
simultaneously with the
|
|
55 |
simultaneously with the
|
| 56 | 56 |
.I -p
|
| 57 | 57 |
option.
|
| 58 | 58 |
|
|
| 72 | 72 |
|
| 73 | 73 |
.BI -e\ pid, --excludepid=pid
|
| 74 | 74 |
Exclude processes running with
|
| 75 | |
.I pid
|
|
75 |
.I pid
|
| 76 | 76 |
when looking for open files. This can speed up checkrestart on systems with a
|
| 77 | 77 |
large number of open files. Note: this option only works if lsof is not used.
|
| 78 | 78 |
More than one process identifier can be provided by using this option more than
|
|
| 80 | 80 |
|
| 81 | 81 |
.TP
|
| 82 | 82 |
.BI -n, --nolsof
|
| 83 | |
Do not use
|
|
83 |
Do not use
|
| 84 | 84 |
.B lsof(8)
|
| 85 | 85 |
even if available. In some systems where there are large number of files the
|
| 86 | 86 |
use of lsof might be inefficient. Use this option to disable lsof. Notice also
|
| 87 | 87 |
that if lsof is not installed an alternative mechanism to extract deleted files
|
| 88 | 88 |
will be used instead. Consequently, there is no need to set this option
|
| 89 | |
in systems that do not have
|
|
89 |
in systems that do not have
|
| 90 | 90 |
.B lsof(8)
|
| 91 | 91 |
installed.
|
| 92 | 92 |
|
|
| 103 | 103 |
Found 20 processes using old versions of upgraded files
|
| 104 | 104 |
(15 distinct programs)
|
| 105 | 105 |
(14 distinct packages)
|
| 106 | |
|
|
106 |
|
| 107 | 107 |
Of these, 12 seem to contain init scripts which can be used to restart them:
|
| 108 | 108 |
The following packages seem to have init scripts that could be used to restart them:
|
| 109 | 109 |
gpm:
|
| 110 | 110 |
3044 /usr/sbin/gpm
|
| 111 | 111 |
rpcbind:
|
| 112 | 112 |
2208 /sbin/rpcbind
|
| 113 | |
bind9:
|
|
113 |
bind9:
|
| 114 | 114 |
8463 /usr/sbin/named
|
| 115 | 115 |
openssh-server:
|
| 116 | 116 |
22124 /usr/sbin/sshd
|
|
| 120 | 120 |
3417 /usr/sbin/in.tftpd
|
| 121 | 121 |
uptimed:
|
| 122 | 122 |
2704 /usr/sbin/uptimed
|
| 123 | |
cron:
|
|
123 |
cron:
|
| 124 | 124 |
3019 /usr/sbin/cron
|
| 125 | 125 |
postfix:
|
| 126 | 126 |
22145 /usr/lib/postfix/qmgr
|
| 127 | 127 |
8892 /usr/lib/postfix/master
|
| 128 | 128 |
hddtemp:
|
| 129 | 129 |
3174 /usr/sbin/hddtemp
|
| 130 | |
autofs:
|
|
130 |
autofs:
|
| 131 | 131 |
2792 /usr/sbin/automount
|
| 132 | 132 |
openbsd-inetd:
|
| 133 | 133 |
3254 /usr/sbin/inetd
|
| 134 | |
|
|
134 |
|
| 135 | 135 |
These are the init scripts:
|
| 136 | 136 |
service gpm restart
|
| 137 | 137 |
service rpcbind restart
|
|
| 145 | 145 |
service hddtemp restart
|
| 146 | 146 |
service autofs restart
|
| 147 | 147 |
service openbsd-inetd restart
|
| 148 | |
|
|
148 |
|
| 149 | 149 |
These processes do not seem to have an associated init script to restart them:
|
| 150 | 150 |
isc-dhcp-client:
|
| 151 | 151 |
3775 /sbin/dhclient
|
|
| 156 | 156 |
also output some false positives depending on the processes' behaviour since
|
| 157 | 157 |
it does not check yet if the (deleted) files in use are really libraries.
|
| 158 | 158 |
|
| 159 | |
.P
|
|
159 |
.P
|
| 160 | 160 |
If you find a false positive in
|
| 161 | 161 |
.B checkrestart
|
| 162 | 162 |
please provide the following information when submitting a bug report:
|
|
| 209 | 209 |
|
| 210 | 210 |
On Debian systems, a copy of the GNU General Public License may be
|
| 211 | 211 |
found in /usr/share/common-licenses/GPL.
|
| 212 | |
|