Date: Thu, 10 Mar 2016 14:15:38 +0000 From: Arthur Chance <freebsd@qeng-ho.org> To: "Steve O'Hara-Smith" <steve@sohara.org>, freebsd-questions@freebsd.org Subject: Re: Are system updates without reboots possible? Message-ID: <56E1818A.1060604@qeng-ho.org> In-Reply-To: <20160310131311.95dcd6c66c6dbf60339a2df0@sohara.org> References: <56E162B5.4010309@qeng-ho.org> <20160310131311.95dcd6c66c6dbf60339a2df0@sohara.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 10/03/2016 13:13, Steve O'Hara-Smith wrote: > On Thu, 10 Mar 2016 12:04:05 +0000 > Arthur Chance <freebsd@qeng-ho.org> wrote: > >> The latest security advisory on openssl contains the usual mantra >> >> "Restart all deamons using the library, or reboot the system." >> >> I usually just reboot but find myself wondering if there's a reliable >> *automatic* way of identifying which running programs use any given >> library (or set of libraries), and identify whether or not they're >> daemons controlled by service(8). >> >> I suppose root could use ps and ldd to identify affected programs, but >> this seems like brute force and I can't see how to tie into the >> service(8) structure. >> >> Anybody got ideas on this? It could be useful for updating servers you'd >> rather not reboot. > > You could just apply brute force and use service -R to restart all > services or reboot if the update included a new kernel. Overkill but safe. > I'd missed the -R option for service(8). Thanks for pointing that out. However, that only restarts daemons from /usr/local/etc/rc.d, not built-in system daemons from /etc/rc.d. Neither does it let me identify non-daemon running programs that are affected by a library update. -- Moore's Law of Mad Science: Every eighteen months, the minimum IQ necessary to destroy the world drops by one point.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?56E1818A.1060604>