Hi Kurt, On Sun, Feb 28, 2021 at 09:48:04PM +0100, Kurt Roeckx wrote: > I think you at least misunderstand the purpose of the script, but > we've also not used it in a very long time.
I think I do understand the purpose, but it does not presently serve the stated purpose. Given that the checked version is so ancient, it is effectively dead code. > It's meant to restart all services that make use of openssl when a > security update is released. I guess I switched to "checkrestart" > myself, so never had the need to use it myself anymore. That or needrestart. I don't think that the general expectation these days is that upgrading a library restarts affected services. Exceptions to this rule include nss (libc6) and pam updates as failing to restart services can result in them becoming dysfunctional. For most other cases, an external checker is the recommended best practice. Unless you wish to reactivate this code with a current version, I think it should be deleted. If you do, please close this bug with a wontfix tag. Helmut