From owner-freebsd-questions@freebsd.org Fri Mar 4 08:23:15 2016 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E1A629DA866 for ; Fri, 4 Mar 2016 08:23:14 +0000 (UTC) (envelope-from matthew@FreeBSD.org) Received: from smtp.infracaninophile.co.uk (smtp.infracaninophile.co.uk [81.2.117.100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 72AAE8ED for ; Fri, 4 Mar 2016 08:23:14 +0000 (UTC) (envelope-from matthew@FreeBSD.org) Received: from liminal.local (liminal.infracaninophile.co.uk [IPv6:2001:8b0:151:1:3636:3bff:fed4:b0d6]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: m.seaman@infracaninophile.co.uk) by smtp.infracaninophile.co.uk (Postfix) with ESMTPSA id 60487D09E for ; Fri, 4 Mar 2016 08:23:11 +0000 (UTC) Authentication-Results: smtp.infracaninophile.co.uk; dmarc=none header.from=FreeBSD.org Authentication-Results: smtp.infracaninophile.co.uk/60487D09E; dkim=none; dkim-atps=neutral Subject: Re: Check which services/processes need restart after update To: freebsd-questions@freebsd.org References: From: Matthew Seaman Message-ID: <56D945EF.9080402@FreeBSD.org> Date: Fri, 4 Mar 2016 08:23:11 +0000 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:38.0) Gecko/20100101 Thunderbird/38.6.0 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="XtRdFc7XMoxopOUmbGbF43XLj9GECAukC" X-Virus-Scanned: clamav-milter 0.99 at smtp.infracaninophile.co.uk X-Virus-Status: Clean X-Spam-Status: No, score=1.0 required=5.0 tests=SPF_SOFTFAIL autolearn=no autolearn_force=no version=3.4.1 X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on smtp.infracaninophile.co.uk X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Mar 2016 08:23:15 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --XtRdFc7XMoxopOUmbGbF43XLj9GECAukC Content-Type: multipart/mixed; boundary="eIxXA93N4Swc95CSLanUdO8bKjMJCiEcb" From: Matthew Seaman To: freebsd-questions@freebsd.org Message-ID: <56D945EF.9080402@FreeBSD.org> Subject: Re: Check which services/processes need restart after update References: In-Reply-To: --eIxXA93N4Swc95CSLanUdO8bKjMJCiEcb Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 03/03/2016 21:07, Walkenhorst, Benjamin wrote: > Only recently I was happy to discover that Debian has a tool called > checkrestart that checks which services need to be restarted after an > update. I thought that was very nice and now I am kind of wondering > if there is something comparable for FreeBSD. >=20 > freebsd-update tells you which files it is going to touch, and if pkg > upgrade replaces, say, apache, I kind of notice that too. >=20 > But it would be nice to check if some processes are still running the > obsolete/vulnerable version, maybe that long-running ssh-session or > something. >=20 > The cherry on top would be, of course, a tool that does this in a way > that can be automated, so I can e.g. send myself daily or weekly > reports. >=20 > So, does something along those lines exist? If not, can anyone give > me a hint on where to start working on it? >=20 I had some thoughts along those lines myself. You can tell what shared libraries and binaries have been re-installed by pkg(8) and you can see what shared libraries are mapped into running processes using procstat(1), which gets you 75% of the way there. The missing part is being able to work out that the running image of a binary or shared library has been overwritten in the filesystem. I suspect this last part will be fairly tricky -- I can't see how to approach it at all at the moment. Cheers, Matthew --eIxXA93N4Swc95CSLanUdO8bKjMJCiEcb-- --XtRdFc7XMoxopOUmbGbF43XLj9GECAukC Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iQJ8BAEBCgBmBQJW2UXvXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2NTNBNjhCOTEzQTRFNkNGM0UxRTEzMjZC QjIzQUY1MThFMUE0MDEzAAoJELsjr1GOGkATP3AP/R9iDpsadcU115mXXqI4GdpO CsyPqUPAngnqrscD591Pcled8c7PXmJtTXjVrBaqslIsu6k16ueOUX0TKbM1c3OD N529ma7I5nO28NLGyiSMXm2/MZD/ahwb1q+DApaiNEk/shrkq+yxSUzp6j+bDZ6b 96mlJXXiguaLMMTIP8aBX5n8/k0Q3InUJx4SnEk3bucA1he5PF+coEBih0ZrZros JokSBOw8zBKkRC2X0SGYpcUarH9jS6RpPTUOicmLJBzhA+DHQPJjlQAgK1oYi10+ f3RflnSeAT4md/W7WC0GWcqmv5XIc4wdhlFnF2vLG8VcD3DLXhKLo1DxDqTQ4xSS GqJch1xlQ8nEQmmOkC5y+wdbutRTZZJRFhNYUjD8tmNmx4Rl6IO/U0JiZXY6DqYh iFazBwMnjYhleEwULTH9iQxwqN3RefpY5qBnhtAhVWWMc/3/bzi69hXBsHrHHel2 CTXFFRrqN/mTRsraCjfAuviDNoBFdD/RBaOlgdPm3vXVybZpoDbYAbd/aZYL82aB egxHpbwHORfiVEgI933n32rQULy5D6rQO84pYM53JQ2er2BIB4ziHt0RqGAQKzCP 0/JwzTyqKsSXUAeJtjs6YPtV19/xqd2qOGBOSaMkBqAT9KmauRtTSHT6T7jVh0xT FJZhVbLcEtWCJDhC2VDR =GXbT -----END PGP SIGNATURE----- --XtRdFc7XMoxopOUmbGbF43XLj9GECAukC--