Package: needrestart Version: 3.4-3 Severity: normal Hi,
I have found another problem where our tool detected a program needing restart that needrestart didn't find. It's different from #927168 in that it's not covered by any parent processes: in fact, needrestart is totally silent on the box. Here's the needrestart output: # needrestart -v [main] eval /etc/needrestart/needrestart.conf [main] needrestart v3.4 [main] running in root mode [Core] Using UI 'NeedRestart::UI::stdio'... [main] systemd detected [main] vm detected [Core] #659 is a NeedRestart::Interp::Python [Python] #659: source=/usr/share/unattended-upgrades/unattended-upgrade-shutdown [Core] #3920 is a NeedRestart::Interp::Python [Python] #3920: source=/usr/sbin/mandos [Core] #3923 is a NeedRestart::Interp::Python [Python] #3923: source=/usr/sbin/mandos [Python] #3923: use cached file list [main] inside container or vm, skipping microcode checks [Kernel] Linux: kernel release 4.19.0-4-amd64, kernel version #1 SMP Debian 4.19.28-2 (2019-03-15) [Kernel/Linux] /boot/vmlinuz-4.19.0-4-amd64 => 4.19.0-4-amd64 ([email protected]) #1 SMP Debian 4.19.28-2 (2019-03-15) [4.19.0-4-amd64]* [Kernel/Linux] Expected linux version: 4.19.0-4-amd64 Running kernel seems to be up-to-date. No services need to be restarted. No containers need to be restarted. No user sessions are running outdated binaries. And here's DSA's check libs: # dsa-check-libs --verbose Running /usr/bin/lsof -F0 -n adding dhclient(976) because of [/lib/x86_64-linux-gnu/libisc-export.so.1100.0.0]: fDELa l tREGD0xfe00i917519n/lib/x86_64-linux-gnu/libisc-export.so.1100.0.0 adding dhclient(976) because of [/lib/x86_64-linux-gnu/libdns-export.so.1104.0.2]: fDELa l tREGD0xfe00i917788n/lib/x86_64-linux-gnu/libdns-export.so.1104.0.2 The following processes have libs linked that were upgraded: root: dhclient (976) Again, the source for that script is here: https://salsa.debian.org/dsa-team/mirror/dsa-nagios/blob/master/dsa-nagios-checks/checks/dsa-check-libs Those maps are executable: # cat /proc/976/maps | grep -i libisc 7f92aa93f000-7f92aa951000 r--p 00000000 fe:00 917519 /lib/x86_64-linux-gnu/libisc-export.so.1100.0.0 (deleted) 7f92aa951000-7f92aa993000 r-xp 00012000 fe:00 917519 /lib/x86_64-linux-gnu/libisc-export.so.1100.0.0 (deleted) 7f92aa993000-7f92aa9ab000 r--p 00054000 fe:00 917519 /lib/x86_64-linux-gnu/libisc-export.so.1100.0.0 (deleted) 7f92aa9ab000-7f92aa9ac000 ---p 0006c000 fe:00 917519 /lib/x86_64-linux-gnu/libisc-export.so.1100.0.0 (deleted) 7f92aa9ac000-7f92aa9ae000 r--p 0006c000 fe:00 917519 /lib/x86_64-linux-gnu/libisc-export.so.1100.0.0 (deleted) 7f92aa9ae000-7f92aa9af000 rw-p 0006e000 fe:00 917519 /lib/x86_64-linux-gnu/libisc-export.so.1100.0.0 (deleted) ... so I believe the program should be marked as needing restart. Naturally, it might not be safe to do so, but it should at least warn. The program is part of the [email protected]: CGroup: /system.slice/[email protected] └─976 /sbin/dhclient -4 -v -i -pf /run/dhclient.eth0.pid -lf /var/lib/dhcp/dhclient.eth0.leases -I -df /var/lib/dhcp/dhclient6.eth0.leases eth0 In my tests, "systemctl restart [email protected]" safely returned, when running under "screen".
