undefined | Better HN

0 points0x02y ago0 comments

They're not that rare. Also, there are a lot of other updates that in practice should be followed up with a reboot. For example, any library consumed by systemd (such as openssl) usually requires pid1 to relaunch. For example, debian released an openssl update just yesterday. You can run "checkrestart -v" to try to figure out how to restart every affected app but you'll quickly run into systemd's init process running with the old vulnerable library loaded, and then you might as well just reboot to get a clean "checkrestart -v". Even just relaunching non-pid-1 applications like dbus can quickly create a mess where sshd logins get a delay if you're not careful to also reload everything that depends on it.

0 comments

Denvercoder92y ago

> For example, any library consumed by systemd (such as openssl) usually requires pid1 to relaunch.

That does not require a reboot, `systemctl daemon-reexec` is enough.

znpy2y ago

nice username, can i ask you what did you see?

j / k navigate · click thread line to collapse

0 points0x02y ago0 comments

0 comments

Denvercoder92y ago

> For example, any library consumed by systemd (such as openssl) usually requires pid1 to relaunch.

That does not require a reboot, `systemctl daemon-reexec` is enough.

znpy2y ago

nice username, can i ask you what did you see?

j / k navigate · click thread line to collapse