On Wed, Apr 16, 2014 at 11:58:46AM +0200, Thijs Kinkhorst wrote: > checkrestart exists to handle this case, but it's not installed by default, > nor is it run automatically when it is. > > It makes sense to me that such a task is handled by a high level package > manager. Having such functionality in the package manager would definitely > improve the security of a Debian system. > > Is this something you'd consider? APT provides the facility to run scripts/programs before as well as after all actions are taken. This is how e.g. apt-list{changes,bugs} & debconf (the do before) and how-can-i-help (done after) work. I think checkrestart (or a similar thing) should plug itself into apt in the same way instead of apt 'hardcoding' something here as this would impose additional restrictions like implementation language as you don't necessarily want to bring python by default into every 'minbase' chroot for example. Best regards David Kalnischkies
Attachment:
signature.asc
Description: Digital signature