Actually, looking at what files were updated, that should probably be
lsof -n | grep -e libc-
(Probably not a lot of difference in the programs listed, but...)
----- Original Message -----
> From: "John Lauro" <[log in to unmask]>
> To: "Steven Haigh" <[log in to unmask]>
> Cc: [log in to unmask]
> Sent: Wednesday, January 28, 2015 9:13:08 AM
> Subject: Re: Library security updates
>
> >
> > > If it doesn't protect us is there practicable way to make sure we
> > > are
> > > genuinely protected short of rebooting the whole system every
> > > time
> > > there
> > > is a security update?
> >
> > Depending on what the update is. If you want to be 100% certain,
> > reboot.
> > If you don't want to reboot, you can hunt through what programs use
> > certain libraries using ld - however the effort taken to do this is
> > much
> > more than a reboot - and probably takes longer.
> >
>
>
> It actually isn't that hard to track down.
> [root@colo-a2vm t2]# lsof -n | grep gcc
> hpiod 2649 root DEL REG 252,0
> 4718941 /lib64/libgcc_s-4.1.2-20080825.so.1;545bc2ea
> mysqld 2851 mysql DEL REG 252,0
> 4718941 /lib64/libgcc_s-4.1.2-20080825.so.1;545bc2ea
> libvirtd 3121 root DEL REG 252,0
> 4718941 /lib64/libgcc_s-4.1.2-20080825.so.1;545bc2ea
> yum-updat 3343 root DEL REG 252,0
> 4718941 /lib64/libgcc_s-4.1.2-20080825.so.1;545bc2ea
> smartd 3469 root DEL REG 252,0
> 4718941 /lib64/libgcc_s-4.1.2-20080825.so.1;545bc2ea
> automount 6482 root DEL REG 252,0
> 4718600
> /lib64/libgcc_s-4.1.2-20080825.so.1.#prelink#.dvRyeN
> httpd 11089 root mem REG 252,0
> 58400 4718834 /lib64/libgcc_s-4.1.2-20080825.so.1
> php 11639 ioi mem REG 252,0
> 58400 4718834 /lib64/libgcc_s-4.1.2-20080825.so.1
> php 24239 ioi mem REG 252,0
> 58400 4718834 /lib64/libgcc_s-4.1.2-20080825.so.1
> httpd 27057 daemon mem REG 252,0
> 58400 4718834 /lib64/libgcc_s-4.1.2-20080825.so.1
> httpd 27058 daemon mem REG 252,0
> 58400 4718834 /lib64/libgcc_s-4.1.2-20080825.so.1
>
>
> You can tell the processes that were not restarted as they show DEL
> instead of mem...
>
|