[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: libc6 (security) update does not restart system-services?

At Thu, 17 Apr 2003 23:28:02 +0200,
Markus Amersdorfer wrote:
> I've recently upgraded my Woody-Servers according to the latest
> libc6 security update (DSA-282), and it seems that services were _not_
> reloaded by the post-install-script!?
> More detailed information:
> When investigating the situation, I found out the following (if I read
> everything right, please correct me if I'm wrong):
> - dselect [U]pdate calls "dpkg --install new-package".
> - Debian-Policy chapter 6 says that thus the new package's postinst
>   script is run with "configure" as the first command-line-argument.
> - /var/lib/dpkg/info/libc6.postinst checks for "$1" == "configure"
>   (which is the case when updating, isn't it?). If true it afterwards
>   checks if "$2" is lower than "2.1.95-1" (I assume this corresponds to
>   the previously installed version) and _only if this the case_ it
>   restarts most of the services.
> Woody comes with libc6 2.2.5-11.5, so the section about restarting
> services is never reached.
> This leaves the machine vulnerable as all services use the old library
> until restarted.
> Shouldn't the services be restarted when installing a new libc-version?
> What reasons would there be not to restart services?

Restarting services is needed only once: upgrading from 2.2.x to
2.3.x.  The reason is simple.  NSS (Name Service Switch) is much
changed, and it becomes incompatible between 2.2 and 2.3.

So if you use woody server, not sarge, then you have no need to
restart services.  If you use libc6 2.2.x, it's not related.

> If everything _is_ designed not to restart the services, I suppose
> telling the users to take care of that theirselves would be a good idea
> for example using a simple "echo" in the post-install script (or
> similar).

The restarting message is not sufficient for you?

BTW, I plan to dupload 2.3.1-17 that has preinst message to choose
libc6 upgrade or not.  It's needed because for example xdm cannot
authenticate after installing libc6, but we cannot restart xdm with
postinst automatically (user's X11 session is destroyed).  I add
messages in next 2.3.1-17 as they have to restart xdm with their hand.
If you have requests about restarting messages, please tell me.

-- gotom

Reply to: