17 | 17 |
vulnerability which might have been fixed by upgrading a library which that
|
18 | 18 |
process makes use of.
|
19 | 19 |
|
20 | |
.P
|
|
20 |
.P
|
21 | 21 |
Consequently,
|
22 | 22 |
.B checkrestart
|
23 | 23 |
is sometimes used as an audit tool to find outdated versions of libraries in use,
|
24 | 24 |
particularly after security upgrades. Administrators should not, however, rely
|
25 | 25 |
on its output completely (see \fBBUGS\fP below).
|
26 | 26 |
|
27 | |
.P
|
|
27 |
.P
|
28 | 28 |
This script needs to run as root in order to obtain the information it needs
|
29 | 29 |
for analysis.
|
30 | 30 |
|
|
47 | 47 |
|
48 | 48 |
.TP
|
49 | 49 |
.BI -a, --all
|
50 | |
Process all deleted files regardless of location. This makes
|
|
50 |
Process all deleted files regardless of location. This makes
|
51 | 51 |
the program analyse deleted files even if they would be discarded
|
52 | |
because they are located in locations, such as
|
|
52 |
because they are located in locations, such as
|
53 | 53 |
.I /tmp
|
54 | 54 |
, which are known to produce false positives. It will take preceded if used
|
55 | |
simultaneously with the
|
|
55 |
simultaneously with the
|
56 | 56 |
.I -p
|
57 | 57 |
option.
|
58 | 58 |
|
|
72 | 72 |
|
73 | 73 |
.BI -e\ pid, --excludepid=pid
|
74 | 74 |
Exclude processes running with
|
75 | |
.I pid
|
|
75 |
.I pid
|
76 | 76 |
when looking for open files. This can speed up checkrestart on systems with a
|
77 | 77 |
large number of open files. Note: this option only works if lsof is not used.
|
78 | 78 |
More than one process identifier can be provided by using this option more than
|
|
80 | 80 |
|
81 | 81 |
.TP
|
82 | 82 |
.BI -n, --nolsof
|
83 | |
Do not use
|
|
83 |
Do not use
|
84 | 84 |
.B lsof(8)
|
85 | 85 |
even if available. In some systems where there are large number of files the
|
86 | 86 |
use of lsof might be inefficient. Use this option to disable lsof. Notice also
|
87 | 87 |
that if lsof is not installed an alternative mechanism to extract deleted files
|
88 | 88 |
will be used instead. Consequently, there is no need to set this option
|
89 | |
in systems that do not have
|
|
89 |
in systems that do not have
|
90 | 90 |
.B lsof(8)
|
91 | 91 |
installed.
|
92 | 92 |
|
|
103 | 103 |
Found 20 processes using old versions of upgraded files
|
104 | 104 |
(15 distinct programs)
|
105 | 105 |
(14 distinct packages)
|
106 | |
|
|
106 |
|
107 | 107 |
Of these, 12 seem to contain init scripts which can be used to restart them:
|
108 | 108 |
The following packages seem to have init scripts that could be used to restart them:
|
109 | 109 |
gpm:
|
110 | 110 |
3044 /usr/sbin/gpm
|
111 | 111 |
rpcbind:
|
112 | 112 |
2208 /sbin/rpcbind
|
113 | |
bind9:
|
|
113 |
bind9:
|
114 | 114 |
8463 /usr/sbin/named
|
115 | 115 |
openssh-server:
|
116 | 116 |
22124 /usr/sbin/sshd
|
|
120 | 120 |
3417 /usr/sbin/in.tftpd
|
121 | 121 |
uptimed:
|
122 | 122 |
2704 /usr/sbin/uptimed
|
123 | |
cron:
|
|
123 |
cron:
|
124 | 124 |
3019 /usr/sbin/cron
|
125 | 125 |
postfix:
|
126 | 126 |
22145 /usr/lib/postfix/qmgr
|
127 | 127 |
8892 /usr/lib/postfix/master
|
128 | 128 |
hddtemp:
|
129 | 129 |
3174 /usr/sbin/hddtemp
|
130 | |
autofs:
|
|
130 |
autofs:
|
131 | 131 |
2792 /usr/sbin/automount
|
132 | 132 |
openbsd-inetd:
|
133 | 133 |
3254 /usr/sbin/inetd
|
134 | |
|
|
134 |
|
135 | 135 |
These are the init scripts:
|
136 | 136 |
service gpm restart
|
137 | 137 |
service rpcbind restart
|
|
145 | 145 |
service hddtemp restart
|
146 | 146 |
service autofs restart
|
147 | 147 |
service openbsd-inetd restart
|
148 | |
|
|
148 |
|
149 | 149 |
These processes do not seem to have an associated init script to restart them:
|
150 | 150 |
isc-dhcp-client:
|
151 | 151 |
3775 /sbin/dhclient
|
|
156 | 156 |
also output some false positives depending on the processes' behaviour since
|
157 | 157 |
it does not check yet if the (deleted) files in use are really libraries.
|
158 | 158 |
|
159 | |
.P
|
|
159 |
.P
|
160 | 160 |
If you find a false positive in
|
161 | 161 |
.B checkrestart
|
162 | 162 |
please provide the following information when submitting a bug report:
|
|
209 | 209 |
|
210 | 210 |
On Debian systems, a copy of the GNU General Public License may be
|
211 | 211 |
found in /usr/share/common-licenses/GPL.
|
212 | |
|