Actually, looking at what files were updated, that should probably be lsof -n | grep -e libc-
(Probably not a lot of difference in the programs listed, but...) ----- Original Message ----- > From: "John Lauro" <[email protected]> > To: "Steven Haigh" <[email protected]> > Cc: [email protected] > Sent: Wednesday, January 28, 2015 9:13:08 AM > Subject: Re: Library security updates > > > > > > If it doesn't protect us is there practicable way to make sure we > > > are > > > genuinely protected short of rebooting the whole system every > > > time > > > there > > > is a security update? > > > > Depending on what the update is. If you want to be 100% certain, > > reboot. > > If you don't want to reboot, you can hunt through what programs use > > certain libraries using ld - however the effort taken to do this is > > much > > more than a reboot - and probably takes longer. > > > > > It actually isn't that hard to track down. > [root@colo-a2vm t2]# lsof -n | grep gcc > hpiod 2649 root DEL REG 252,0 > 4718941 /lib64/libgcc_s-4.1.2-20080825.so.1;545bc2ea > mysqld 2851 mysql DEL REG 252,0 > 4718941 /lib64/libgcc_s-4.1.2-20080825.so.1;545bc2ea > libvirtd 3121 root DEL REG 252,0 > 4718941 /lib64/libgcc_s-4.1.2-20080825.so.1;545bc2ea > yum-updat 3343 root DEL REG 252,0 > 4718941 /lib64/libgcc_s-4.1.2-20080825.so.1;545bc2ea > smartd 3469 root DEL REG 252,0 > 4718941 /lib64/libgcc_s-4.1.2-20080825.so.1;545bc2ea > automount 6482 root DEL REG 252,0 > 4718600 > /lib64/libgcc_s-4.1.2-20080825.so.1.#prelink#.dvRyeN > httpd 11089 root mem REG 252,0 > 58400 4718834 /lib64/libgcc_s-4.1.2-20080825.so.1 > php 11639 ioi mem REG 252,0 > 58400 4718834 /lib64/libgcc_s-4.1.2-20080825.so.1 > php 24239 ioi mem REG 252,0 > 58400 4718834 /lib64/libgcc_s-4.1.2-20080825.so.1 > httpd 27057 daemon mem REG 252,0 > 58400 4718834 /lib64/libgcc_s-4.1.2-20080825.so.1 > httpd 27058 daemon mem REG 252,0 > 58400 4718834 /lib64/libgcc_s-4.1.2-20080825.so.1 > > > You can tell the processes that were not restarted as they show DEL > instead of mem... >
