Security updates / 'procstat' to find daemons to restart - reliable?
kpielorz_lst at tdx.co.uk
Thu Nov 30 14:47:21 UTC 2017
--On 30 November 2017 09:21 -0500 "Kevin P. Neal" <kpn at neutralgood.org>
> Unverified guess:
Hmm, seems a pretty good guess :)
> When the library is updated the old library is deleted first. But since
> the library is still open it still exists. It just doesn't show up in any
> directory. That's normal Unix behavior.
> Now, the guess is that if the library doesn't show up in any directory
> then procstat can't figure out the name of the library. Is there any
> mention of a library that has no name?
That would certainly explain the behaviour, and running a 'before' and
'after' procstat - I can see:
Before 'freebsd-update install'
1093 ... r-x 460 507 31 10 CN-- vn /lib/libcrypto.so.7
1093 ... r-x 460 512 31 10 CN-- vn
So that appears to be the case, the file has 'changed' (i.e. inode etc.) -
and is no longer available to be displayed.
I can't see any obvious "marker" (other than a blank filename) for this -
so I guess I have to run the check before the 'install' - note what's using
what, run the install - then restart the affected software.
Thanks for the guess! (I mean reply! :)
More information about the freebsd-questions