Random Hack: Identify services that use outdated libraries on Linux
With the GnuTLS bugfixes recently, I faced the issue to restart services that depended on it: After updating the library, daemons still run the old version until restarted.
I think I’ve seen this automated in some distribution, but it’s nice to know where those tools fetch their data.
I also didn’t want to restart them all automatically, so keep track of what’s going on.
A bit of searching quickly provided the following solution:
$ sudo grep "(deleted)" /proc/*/maps
This provides a list of deleted files that are still in use. Filter as necessary for the library you care for.
The output contains the PID of the processes in question ( /proc/$pid/maps
). Use ps
to figure out which processes these are and restart them.
tl;dr: Updating packages is not enough, especially with security bugs. Always check if you need to restart any dependent services, too.