Hi,
On Tue, 16 Apr 2019, Antoine Beaupré wrote:
I wonder which Debian release is in use. The system information section
looks like testing but needrestart 2.11 is from stretch.
Sorry, I didn't file the bug report from the affected machine. :/ I hope
that's alright, I can re-extract the rest of the data as required if
that's needed.
No worries! (You may also give needrestart from BPO a try since it
contains many fixes missing in stable.)
The recent libssh2 upgrade wasn't correctly flagged by needrestart:
some proceses were marked as need a restart, but others, specifically
those running under the ruby interpreter, were not. Here's what our
homegrown system has detected for those:
root@gitlab-01:/etc/nagios/nrpe.d# /usr/lib/nagios/plugins/dsa-check-libs --verbose
2>&1 | grep -a -v /log/
Running /usr/bin/lsof -F0 -n
[snip]
Needrestart finds nothing of the sort:
Using lsof alone does not tell if the library is mapped executable
(read access on deleted files is ignored by needrestart intentional). Can
you please check if those files are mapped executable in /proc/$PID/maps?
Unfortunately, the box has since then been rebooted.
You could simulate an update using `apt-get install --reinstall
libssh2-1`.
This looks OK for me. The PID 883 uses a old libssh2 but belongs to a user
session of uid 1504. The ruby instances seems not to have libssh2 mapped
executable - so they are not reported.
Interesting. In which circumstance could a process have a library loaded
but not mappex executable? That seems like a paradox.
I don't know.A There are also writable mapped libraries:
$ cat /proc/$$/maps|grep -v 'xp '
0700000-00703000 r--p 00100000 103:01 1046603
/bin/bash
00703000-0070c000 rw-p 00103000 103:01 1046603
/bin/bash
0070c000-00716000 rw-p 00000000 00:00 0
01e74000-02051000 rw-p 00000000 00:00 0
[heap]
7fbbd7dfa000-7fbbd7ff9000 ---p 00003000 103:01 791389
/usr/lib/x86_64-linux-gnu/samba/libwinbind-client.so.0
7fbbd7ff9000-7fbbd7ffa000 r--p 00002000 103:01 791389
/usr/lib/x86_64-linux-gnu/samba/libwinbind-client.so.0
7fbbd7ffa000-7fbbd7ffb000 rw-p 00003000 103:01 791389
/usr/lib/x86_64-linux-gnu/samba/libwinbind-client.so.0
[..]
It also seem to fail to find the source code for those files... The
"homegrown" tool is actually the one used by DSA to check for upgrades
through nagios:
Needrestart tries to get the source file from the cmdline which may fail
and break the interpreter heuristic which looks for outdated source files.
The library detection is done before and not affected by the missing
source files.
Understood. Anyways, dsa-check-libs doesn't notice anything specifically
about ruby source files here anyways, as far as I understand it.
I don't think any other restart-detection-tool (checkrestart, whatmaps,
...) does look at script files run by interpreters like ruby. It is just a
heuristic in needrestart which may fail since there is no easy way to get
the source files and all dependencies.
So this might just be false positives on our side. Is that fundamentally
your conclusion as well? In this case I guess we can close this until I
have more concrete evidence...
I would think so :-)
Regards,
Thomas
--
:: WWW: https://fiasko-nw.net/~thomas/ ::
::: GnuPG: 0x49D0C2C3 mailto:tho...@fiasko-nw.net :::
:: flickr: https://www.flickr.com/photos/laugufe/ ::
