On Sat, Apr 26, 2003 at 03:58:23PM +0200, Thomas Krennwallner wrote: > Hi! > > On Sat Apr 26, 2003 at 03:32:26PM +0200, Florian Weimer wrote: > > At work, we recommend rebooting the system. Currently, it's the only > > reliable way to replace all memory-resident libraries. 8-( > > lsof +L1 prints every unlinked open file: (..) And if you don't want to try and understand lsof, as I said in debian-devel, you can use a check from the Tiger security tool to do just this, it's called 'check_finddeleted' and will point you to the processes (normal ones and daemons) that are using deleted files: http://savannah.nongnu.org/cgi-bin/viewcvs/tiger/tiger/scripts/check_finddeleted+?rev=1.1&content-type=text/vnd.viewcvs-markup (provided from Tiger 3.2rc1 and above) Regards Javi PS: It is based on an excellent article by Brian Hatch at http://www.hackinglinuxexposed.com/articles/20020507.html
Attachment:
pgpzZhRlQ3bxi.pgp
Description: PGP signature