[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: a dumb query? pls humor me

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 02/20/07 23:21, Roberto C. Sanchez wrote:
> On Tue, Feb 20, 2007 at 11:14:35PM -0600, Ron Johnson wrote:
>> On 02/20/07 17:41, Roberto C. Sanchez wrote:
>>> I too discovered checkrestart a while back.  However, my experience with
>>> it was so disappointing, that I ended up cooking up my own script using
>>> lsof and the init scripts in /etc/init.d.
>> Do you remember why it was disappointing?  So far it has worked
>> great for me.
>>
> When I was on my uber-security kick, I read the "Securing Debian Manual"
> and tried to apply as many of the suggestions as I could to one of my
> servers.  This included mounting /usr, /opt and /usr/local as read-only.
> Whenever something upgraded a shared library in /usr/lib, if the
> daemon(s) which had loaded that library are not restarted, then /usr
> fails to remount as ro because it is busy.

Ah.  IOW, only if you are an OpenBSD wannabe is checkrestart not
useful.  For the rest of us, and you now, checkrestart is perfectly
fine.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFF29qCS9HxQb37XmcRAgyWAJ98rDCL3/8qFiwKSabaMWN2waPOLACeNUjA
JKY/eHqPI7+Rho7RJaxAg/s=
=WUSn
-----END PGP SIGNATURE-----
Reply to: