Bug#984789: needrestart: Microcode warnings without using Systemd
Control: tags -1 + upstream fixed-upstream Hi Patrik, On Mo, 2021-03-08 at 13:25 +0100, Patrik Schindler wrote: > libimvirt-perl would provide a convenient way to not depend on > systemd at all. I did not want it as a hard dependency. > Here, it's installed automatically, because I use apt-dater, and apt- > dater-host > relies on libimvirt-perl. I suggest to use the code provided in > /usr/bin/apt-dater-host if systemd-detect-virt can't be found. This > is most > likely the most easy solution. Of course, package-dependencies need > to be > updated also. I've changed needrestart to try to use the ImVirt perl package if systemd-detect-virt is not available. This will be part of the upcomming needrestart 3.6. @Patrick Could you add a recommend for `systemd|libimvirt-perl` ? > Note: Systemd is *not* mandatory. Even for Debian 10 most "server" > packages > behave fine with SysVinit. Full ACK. But, sadly, needrestart's daemon/user session detection works best on systemd due to the cgroup naming schema. Sadly I'm not aware of any other init system doing something similar. Regards, Thomas (Upstream)
Bug#826044: Hangs in apt hook with a zombie - problem still exists in debian10
Hi,
you are using some ansible deployment? Could you share your ansible
role?
This is a long-standing bug and it feels like that affected users are
using aptitude. I wonder if this is related - could you give it a try
(force_apt_get task parameter)?
Regards,
Thomas
On Tue, 2022-05-10 at 18:00 +0900, zm5s-trnc wrote:
> Ho great...
>
> Found out that there's the same trouble on some debian9 hosts.
> I say some because not all servers did the blockage.
>
>
> # cat /etc/debian_version
> 9.13
> # dpkg -l | grep needrestart
> ii needrestart 2.11-3+deb9u1 all check
> which daemons need to be restarted after library upgrades
>
>
> ├─sshd,2094
> │ ├─sshd,24499
> │ │ └─sh,24594 -c /usr/bin/python
> /root/.ansible/tmp/ansible-tmp-1652172426.49-4195-
> 68636559789086/AnsiballZ_apt.py
> && sleep 0
> │ │ └─python,24595
> /root/.ansible/tmp/ansible-tmp-1652172426.49-4195-
> 68636559789086/AnsiballZ_apt.py
> │ │ └─aptitude,24910 -y -o
> Dpkg::Options::=--force-confdef -o Dpkg::Options::=--force-confold
> safe-upgrade
> │ │ ├─aptitude,30264 -y -o
> Dpkg::Options::=--force-confdef -o Dpkg::Options::=--force-confold
> safe-upgrade
> │ │ │ └─sh,30265 -c test -x
> /usr/lib/needrestart/apt-pinvoke && /usr/lib/needrestart/apt-pinvoke
> || true
> │ │ │ └─needrestart,30266
> /usr/sbin/needrestart
> │ │ │ └─(10-dpkg,30299)
> │ │ └─{aptitude},24914
>
Bug#1002591: misdetects socket activated ssh
Hi Marc, On Sat, 2022-01-01 at 20:55 +0100, Marc Haber wrote: > Sure: > 1 [1/4996]mh@torres:~ $ pgrep ssh > 315675 > 315738 > [2/4997]mh@torres:~ $ sudo cat /proc/315675/cgroup > [sudo] password for mh on torres: > 0::/user.slice/user-1001.slice/session-296.scope > [3/4998]mh@torres:~ $ sudo cat /proc/315738/cgroup > 0::/user.slice/user-1001.slice/session-296.scope > [4/4999]mh@torres:~ $ > thanks! Needrestart should ignore those ssh instances since there is a user slice cgroup. It does not work due to this check[1] in needrestart. [1] https://github.com/liske/needrestart/blob/v3.5/needrestart#L637 Looks like a systemd/cgroup related change in bullseye, buster seems not to be affected. Regards, Thomas > > As a workaround you might blacklist sshd in needrestart but I think > > a > > generic approach handling socket activation services in needrestart > > would be better. Therefore needrestart need a way to detect if the > > process belongs to a socket activated service. > > It is also possible to mask ssh.service entirely in systemd. But of > couse having the heuristic fixed would be better. > > Greetings > Marc >
Bug#1002732: needrestart stalled in background when performing update with KDE Discover
Hi, could you check running needrestart as root on cli if you have any pending restarts? You might try to reinstall a lib to trigger needrestart (i.e. via apt- get install --reinstall libnss3 - this *should* not break anything) to force to get a pending restarts. Please check if needrestart and debconf-kde-helper are working when using KDE Discover afterwards. Regards, Thomas On Fri, 2021-12-31 at 10:10 -0500, Ryan Armstrong wrote: > I did not, but your message prompted me to go looking a bit. I found > I had > not installed debconf-kde-helper. I would have expected a package > like this to > get pulled in when I installed KDE, so I expect it is missing as a > dependency > (for plasma-discover perhaps?) > > In my setup, KDE was installed onto an existing setup by running `apt > install > kde-plasma-desktop` > > I did one update after installing the helper, but didn't notice > anything (it > didn't stall, though). As long as that fixes the problem, I guess > this bug > should be redirected as a dependency issue? > > Ryan > > On Friday, December 31, 2021 9:54:02 A.M. EST you wrote: > > Hi Ryan, > > > > needrestart should not block if it is run non-interactive. On > > Debian it > > uses the debconf frontend which also has graphical frontends. Do > > you > > get debconf dialogs in KDE Discover when installing/updating > > packages > > at all? (Sorry I do not have an KDE environment for testing.) > > > > > > Regards, > > Thomas > > > > On Tue, 2021-12-28 at 08:33 -0500, Ryan Armstrong wrote: > > > Package: needrestart > > > Version: 3.5-5 > > > Severity: normal > > > > > > Dear Maintainer, > > > > > > When I performed an update with KDE Discover, I noticed it > > > stalled at > > > 99% complete status and would not finish. When I checked the > > > process > > > tree with htop, I noticed the following lines from packagekitd > > > and > > > needrestart: > > > > > > 2629 root 20 0 492M 124M 79624 S 0.0 0.8 0:29.20 > > > ├─ > > > /usr/libexec/packagekitd > > > 2632 root 20 0 492M 124M 79624 S 0.0 0.8 0:00.00 > > > │ > > > ├─ /usr/libexec/packagekitd > > > 2634 root 20 0 492M 124M 79624 S 0.0 0.8 0:00.05 > > > │ > > > ├─ /usr/libexec/packagekitd > > > 14075 root 20 0 492M 124M 79624 S 0.0 0.8 0:05.78 > > > │ > > > ├─ /usr/libexec/packagekitd > > > 14090 root 20 0 494M 99648 50800 S 0.0 0.6 0:00.24 > > > │ > > > └─ /usr/libexec/packagekitd > > > 25864 root 20 0 494M 51924 2336 S 0.0 0.3 0:00.00 > > > │ └─ /usr/libexec/packagekitd > > > 25872 root 20 0 2472 704 616 S 0.0 0.0 0:00.00 > > > │ └─ sh -c test -x /usr/lib/needrestart/apt-pinvoke && > > > /usr/lib/needrestart/apt-pinvoke || true > > > 25873 root 20 0 35864 27816 6140 S 0.0 0.2 0:00.64 > > > │ └─ /usr/bin/perl /usr/sbin/needrestart > > > > > > It appears that packagekit is still running needrestart to ask if > > > I > > > want to restart systemd services. However, this prompt is > > > obviously > > > not > > > visible to me through KDE Discover, so it's stuck waiting > > > forever. > > > > > > If I use kill on needrestart, the Discover session completes. > > > > > > Since, this is an interaction between Discover, packagekit, apt > > > and > > > needrestart (possibly others?), I'm not 100% sure this is the > > > right > > > place for it. Feel free to reassign if I got it wrong. > > > > > > Ryan > > > > > > -- Package-specific info: > > > needrestart output: > > > Your outdated processes: > > > akonadi_archive[3076], akonadi_mailfil[3102], > > > akonadi_sendlat[3116], > > > akonadi_unified[3117], blueman-applet[2663], Discord[2921, 2924, > > > 2967, 2922, 2958, 2917, 3276, 3044], DiscoverNotifie[2571], > > > evolution-addre[2767], evolution-alarm[2660], evolution- > > > calen[2742], > > > evolution-sourc[2698], goa-daemon[2704], kmail[2936], > > > kwin_x11[2488], > > > nextcloud[2656], plasmashell[2554], QtWebEngineProc[6196, 6215, > > > 6194, > > > 6193], tracker-miner-f[2674], xdg-desktop-por[2375], xdg- > > > document- > > > po[2392], xdg-permission-[2397] > > > > > > > > > > > > -- System Information: > > > Debian Release: bookworm/sid > > > APT prefers testing > > > APT policy: (900, 'testing'), (300, 'unstable') > > > Architecture: amd64 (x86_64) > > > Foreign Architectures: i386 > > > > > > Kernel: Linux 5.15.0-2-amd64 (SMP w/4 CPU threads) > > > Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), > > > LANGUAGE=en_GB:en_US > > > Shell: /bin/sh linked to /bin/dash > > > Init: systemd (via /run/systemd/system) > > > LSM: AppArmor: enabled > > > > > > Versions of packages needrestart depends on: > > > ii binutils 2.37-7 > > > ii dpkg 1.21.1 > > > ii gettext-base 0.21-4 > > > ii libintl-perl 1.26-3 > > > ii libmodule-find-perl 0.15-1 > > > ii libmodule-scandeps-perl 1.31-1 > > >
Bug#1002591: misdetects socket activated ssh
Hi Marc, could you please provide the content of /proc/$PID/cgroup for an socket activated sshd instance? As a workaround you might blacklist sshd in needrestart but I think a generic approach handling socket activation services in needrestart would be better. Therefore needrestart need a way to detect if the process belongs to a socket activated service. TIA & HTH, Thomas On Fri, 2021-12-24 at 22:25 +0100, Marc Haber wrote: > Package: needrestart > Version: 3.5-5 > Severity: normal > > Hi, > > when using ssh as a socket activated service (systemctl stop/disable > ssh.service, systemctl enable/start ssh.socket), after a library > update > needrestart will offer to restart ssh.service. This fails since port > 22 > is occupied by the instance services and causes the machine to be > without listening process after logging out. > > A possible workaround is masking ssh.service, see #1001320. > > Restarting services... > systemctl restart console-log.service cron.service exim4.service > haveged.service ippl.service ntp.service rsyslog.service > serial-getty@ttyS0.service ssh.service systemd-journald.service > systemd-networkd.service systemd-resolved.service systemd- > udevd.service > Job for ssh.service failed because the control process exited with > error code. > See "systemctl status ssh.service" and "journalctl -xeu ssh.service" > for details. > Service restarts being deferred: > /etc/needrestart/restart.d/dbus.service > systemctl restart getty@tty1.service > systemctl restart systemd-logind.service > systemctl restart user@1001.service > > and the following log entries: > Dec 8 12:58:26 emptybookworm82 systemd[1]: Stopping LSB: Puts a > logfile pager on virtual consoles... > Dec 8 12:58:26 emptybookworm82 systemd[1]: Stopping Regular > background program processing daemon... > Dec 8 12:58:26 emptybookworm82 systemd[1]: cron.service: Deactivated > successfully. > Dec 8 12:58:26 emptybookworm82 cron[429258]: (CRON) INFO (pidfile fd > = 3) > Dec 8 12:58:26 emptybookworm82 systemd[1]: Stopped Regular > background program processing daemon. > Dec 8 12:58:26 emptybookworm82 systemd[1]: cron.service: Consumed > 15min 4.856s CPU time. > Dec 8 12:58:26 emptybookworm82 systemd[1]: Started Regular > background program processing daemon. > Dec 8 12:58:26 emptybookworm82 systemd[1]: Stopping LSB: exim Mail > Transport Agent... > Dec 8 12:58:26 emptybookworm82 systemd[1]: Stopping Entropy Daemon > based on the HAVEGE algorithm... > Dec 8 12:58:26 emptybookworm82 systemd[1]: Stopping LSB: IP > protocols logger... > Dec 8 12:58:26 emptybookworm82 systemd[1]: Stopping Network Time > Service... > Dec 8 12:58:26 emptybookworm82 systemd[1]: Stopping System Logging > Service... > Dec 8 12:58:26 emptybookworm82 systemd[1]: Stopping Serial Getty on > ttyS0... > Dec 8 12:58:26 emptybookworm82 systemd[1]: > serial-getty@ttyS0.service: Deactivated successfully. > Dec 8 12:58:26 emptybookworm82 systemd[1]: Stopped Serial Getty on > ttyS0. > Dec 8 12:58:26 emptybookworm82 systemd[1]: Started Serial Getty on > ttyS0. > Dec 8 12:58:26 emptybookworm82 systemd[1]: ssh.socket: Deactivated > successfully. > Dec 8 12:58:26 emptybookworm82 systemd[1]: Closed OpenBSD Secure > Shell server socket. > Dec 8 12:58:26 emptybookworm82 systemd[1]: ssh.socket: Consumed > 10.571s CPU time. > Dec 8 12:58:26 emptybookworm82 systemd[1]: Starting OpenBSD Secure > Shell server... > Dec 8 12:58:26 emptybookworm82 systemd[1]: Stopping Flush Journal to > Persistent Storage... > Dec 8 12:58:26 emptybookworm82 systemd[1]: systemd-networkd-wait- > online.service: Deactivated successfully. > Dec 8 12:58:26 emptybookworm82 systemd[1]: Stopped Wait for Network > to be Configured. > Dec 8 12:58:26 emptybookworm82 systemd[1]: Stopping Wait for Network > to be Configured... > Dec 8 12:58:26 emptybookworm82 systemd[1]: Stopping Network Name > Resolution... > Dec 8 12:58:26 emptybookworm82 systemd[1]: ssh.service: Main process > exited, code=exited, status=255/EXCEPTION > Dec 8 12:58:26 emptybookworm82 systemd[1]: ssh.service: Failed with > result 'exit-code'. > Dec 8 12:58:26 emptybookworm82 systemd[1]: Failed to start OpenBSD > Secure Shell server. > Dec 8 12:58:26 emptybookworm82 ntpd[298]: ntpd exiting on signal 15 > (Terminated) > Dec 8 12:58:26 emptybookworm82 ntpd[298]: 2a01:4f8:140:246a::2 local > addr 2a01:4f8:140:246a::52:100 -> > Dec 8 12:58:26 emptybookworm82 haveged[220]: haveged: Stopping due > to signal 15 > Dec 8 12:58:27 emptybookworm82 cron[429258]: (CRON) INFO (Skipping > @reboot jobs -- not system startup) > Dec 8 12:58:27 emptybookworm82 systemd[1]: systemd-journal- > flush.service: Deactivated successfully. > Dec 8 12:58:27 emptybookworm82 systemd[1]: Stopped Flush Journal to > Persistent Storage. > Dec 8 12:58:27 emptybookworm82 exim4[429259]: exim4_listener. > > Here is what Timo Weingärtner found out in relation to my bug report > against sshd: > > > To me it looks like a problem in needres
Bug#1002732: needrestart stalled in background when performing update with KDE Discover
Hi Ryan, needrestart should not block if it is run non-interactive. On Debian it uses the debconf frontend which also has graphical frontends. Do you get debconf dialogs in KDE Discover when installing/updating packages at all? (Sorry I do not have an KDE environment for testing.) Regards, Thomas On Tue, 2021-12-28 at 08:33 -0500, Ryan Armstrong wrote: > Package: needrestart > Version: 3.5-5 > Severity: normal > > Dear Maintainer, > > When I performed an update with KDE Discover, I noticed it stalled at > 99% complete status and would not finish. When I checked the process > tree with htop, I noticed the following lines from packagekitd and > needrestart: > > 2629 root 20 0 492M 124M 79624 S 0.0 0.8 0:29.20 ├─ > /usr/libexec/packagekitd > 2632 root 20 0 492M 124M 79624 S 0.0 0.8 0:00.00 │ > ├─ /usr/libexec/packagekitd > 2634 root 20 0 492M 124M 79624 S 0.0 0.8 0:00.05 │ > ├─ /usr/libexec/packagekitd > 14075 root 20 0 492M 124M 79624 S 0.0 0.8 0:05.78 │ > ├─ /usr/libexec/packagekitd > 14090 root 20 0 494M 99648 50800 S 0.0 0.6 0:00.24 │ > └─ /usr/libexec/packagekitd > 25864 root 20 0 494M 51924 2336 S 0.0 0.3 0:00.00 > │ └─ /usr/libexec/packagekitd > 25872 root 20 0 2472 704 616 S 0.0 0.0 0:00.00 > │ └─ sh -c test -x /usr/lib/needrestart/apt-pinvoke && > /usr/lib/needrestart/apt-pinvoke || true > 25873 root 20 0 35864 27816 6140 S 0.0 0.2 0:00.64 > │ └─ /usr/bin/perl /usr/sbin/needrestart > > It appears that packagekit is still running needrestart to ask if I > want to restart systemd services. However, this prompt is obviously > not > visible to me through KDE Discover, so it's stuck waiting forever. > > If I use kill on needrestart, the Discover session completes. > > Since, this is an interaction between Discover, packagekit, apt and > needrestart (possibly others?), I'm not 100% sure this is the right > place for it. Feel free to reassign if I got it wrong. > > Ryan > > -- Package-specific info: > needrestart output: > Your outdated processes: > akonadi_archive[3076], akonadi_mailfil[3102], akonadi_sendlat[3116], > akonadi_unified[3117], blueman-applet[2663], Discord[2921, 2924, > 2967, 2922, 2958, 2917, 3276, 3044], DiscoverNotifie[2571], > evolution-addre[2767], evolution-alarm[2660], evolution-calen[2742], > evolution-sourc[2698], goa-daemon[2704], kmail[2936], kwin_x11[2488], > nextcloud[2656], plasmashell[2554], QtWebEngineProc[6196, 6215, 6194, > 6193], tracker-miner-f[2674], xdg-desktop-por[2375], xdg-document- > po[2392], xdg-permission-[2397] > > > > -- System Information: > Debian Release: bookworm/sid > APT prefers testing > APT policy: (900, 'testing'), (300, 'unstable') > Architecture: amd64 (x86_64) > Foreign Architectures: i386 > > Kernel: Linux 5.15.0-2-amd64 (SMP w/4 CPU threads) > Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), > LANGUAGE=en_GB:en_US > Shell: /bin/sh linked to /bin/dash > Init: systemd (via /run/systemd/system) > LSM: AppArmor: enabled > > Versions of packages needrestart depends on: > ii binutils 2.37-7 > ii dpkg 1.21.1 > ii gettext-base 0.21-4 > ii libintl-perl 1.26-3 > ii libmodule-find-perl 0.15-1 > ii libmodule-scandeps-perl 1.31-1 > ii libproc-processtable-perl 0.634-1 > ii libsort-naturally-perl 1.03-2 > ii libterm-readkey-perl 2.38-1+b2 > ii perl 5.32.1-6 > ii xz-utils 5.2.5-2 > > Versions of packages needrestart recommends: > ii libpam-systemd 249.7-1 > > Versions of packages needrestart suggests: > ii iucode-tool 2.3.1-1 > ii libnotify-bin 0.7.9-3 > > -- no debconf information
Bug#995274: needrestart: false positive: rabbitmq-server
tags 995274 upstream fixed-upstream thanks Hi, thanks for the verbose output. This is due to anonymous file mapping /memfd (see also #988461). Has been already fixed upstream in needrestart 3.6+ [1]. [1] https://github.com/liske/needrestart/commit/6c87772bdc38091e9efbf4c59217fa502365dcf2#diff-5e347a5df78db1304c1f2f21e27bb9122a186cf9c772a32ccaa23b424aac21a3 Regards, Thomas On Sun, 2021-10-10 at 19:25 -0300, Antonio Terceiro wrote: > [main] eval /etc/needrestart/needrestart.conf
Bug#986507: use grep -a instead of strings(1) (fix check-support-status)
tags 986507 upstream fixed-upstream thanks Hi, thanks for the hint. I've applied a slitly modified patch upstream to replace binutils's strings by grep in needrestart 3.6+. Replacing the bintuils dependency by GNU grep lowers the total installation size by an order of magnitude. Regards, Thomas On Fri, 2021-10-08 at 15:56 +1100, Trent W. Buck wrote: > Trent W. Buck wrote: > > I want check-support-status to be happy, but I need needrestart: > > > > bash5$ check-support-status > > ⋮ > > * Source:binutils > > Details: Only suitable for trusted content; see > > https://lists.debian.org/msgid-search/87lfqsomtg@mid.deneb.enyo.de > > ⋮ > > > > bash5$ aptitude why binutils > > i needrestart Depends binutils > > This annoyed me again today. > I noticed an even simple patch is to use "grep -ao". > This is working for me. > > You are already using "grep -a" elsewhere in the script, so > this is only assuming grep supports -o. > GNU grep supports both; busybox grep supports neither.
Bug#994407: Binaries with same name
Hi, @Patrick this looks like a regression of #752114, doesn't it? Regards, Thomas On Wed, 2021-09-15 at 18:22 +0200, ThePPK wrote: > Package: needrestart > Version: 3.5-4 > > Needrestart while run once of scripts on > /etc/needrestart/hook.d/30-pacman, execute pacman binary (which is > Arch > Linux package manager). In Debian we have a game with this same > executable file name, 'pacman' and needrestart create process of > pacman > what run game window. > It's possible to force change name of pacman game or block running > script while pacman (package manager) isn't installed in /sbin/, > /bin/, > /usr/bin/ or /usr/sbin/? >
Bug#988461: needrestart: False positive for sddm
tags 988461 upstream fixed-upstream thanks Hi, thanks for reporting. I've updated the default configuration upstream to ignore the all memfd mappings. The bugfix will be part of needrestart 3.6+. Regards, Thomas On Thu, 2021-05-13 at 14:44 +0200, Michail Bachmann wrote: > Package: needrestart > Version: 3.5-4 > Severity: normal > > Dear Maintainer, > > when running needrestart it always suggest that sddm needs to be > restarted, > even when sddm ist fresly (re-)started and no update has taken place. > > Running needrestart -v gives the following explanation: > > ... > [main] #1244357 uses deleted /memfd:JITCode:QtQml > [main] #1244357 is a child of #1244355 > [main] #1244355 exe => /usr/lib/x86_64-linux-gnu/sddm/sddm-helper > ... > > It looks like the JIT compiled Qt code erroneously triggers the > detection. > Adding "qr(^/memfd:JITCode:QtQml)," to the blacklist_mappings > silences this > warning. Would you consider to add this exception to the needrestart > package? > > Regards > > Michail Bachmann > > > -- Package-specific info: > needrestart output: > > checkrestart output: > > > -- System Information: > Debian Release: 11.0 > APT prefers unstable > APT policy: (500, 'unstable') > Architecture: amd64 (x86_64) > > Kernel: Linux 5.10.0-6-amd64 (SMP w/8 CPU threads) > Locale: LANG=C.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE > not set > Shell: /bin/sh linked to /bin/dash > Init: systemd (via /run/systemd/system) > LSM: AppArmor: enabled > > Versions of packages needrestart depends on: > ii binutils 2.35.2-2 > ii dpkg 1.20.9 > ii gettext-base 0.21-4 > ii libintl-perl 1.26-3 > ii libmodule-find-perl 0.15-1 > ii libmodule-scandeps-perl 1.30-1 > ii libproc-processtable-perl 0.59-2+b1 > ii libsort-naturally-perl 1.03-2 > ii libterm-readkey-perl 2.38-1+b2 > ii perl 5.32.1-4 > ii xz-utils 5.2.5-2 > > Versions of packages needrestart recommends: > ii libpam-systemd 247.3-5 > > Versions of packages needrestart suggests: > ii iucode-tool 2.3.1-1 > pn needrestart-session | libnotify-bin > > -- no debconf information >
Bug#995274: needrestart: false positive: rabbitmq-server
Hi, could you please provide the output of `needrestart -lv`? TIA, Thomas On Tue, 2021-09-28 at 20:34 -0300, Antonio Terceiro wrote: > Package: needrestart > Version: 3.5-4 > Severity: normal > > Dear Maintainer, > > Recently every time I install something, needrestart seems to think > that > rabbitmq-server needs to be restart, even when there were norelated > upgrades. I tried calling needrestart right after booting, and even > then > it reported rabbitmq-server as needing a restart. > > This can easily be reproduced in a clean testin VM: > > 8<8<8<--- > -- > root@host:~# apt update -q=2 > 20 packages can be upgraded. Run 'apt list --upgradable' to see them. > root@host:~# apt install -q=2 -y needrestart > [...] > root@host:~# apt install -q=2 -y rabbitmq-server > [...] > Package configuration > > > > > > ┌┤ Daemons using outdated libraries ├─┐ > │ │ > │ │ > │ Which services should be restarted? │ > │ │ > │ [*] rabbitmq-server.service │ > │ │ > │ │ > │ │ > │ │ > └─┘ > > > > > > > systemctl restart rabbitmq-server.service > > No containers need to be restarted. > > No user sessions are running outdated binaries. > 8<8<8<--- > -- > > -- System Information: > Debian Release: bookworm/sid > APT prefers testing-debug > APT policy: (900, 'testing-debug'), (900, 'testing'), (500, > 'unstable-debug'), (500, 'unstable'), (1, 'experimental-debug'), (1, > 'experimental') > Architecture: amd64 (x86_64) > > Kernel: Linux 5.14.0-1-amd64 (SMP w/4 CPU threads) > Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8), > LANGUAGE=pt_BR:pt:en > Shell: /bin/sh linked to /usr/bin/dash > Init: systemd (via /run/systemd/system) > LSM: AppArmor: enabled > > Versions of packages needrestart depends on: > ii binutils 2.37-7 > ii dpkg 1.20.9 > ii gettext-base 0.21-4 > ii libintl-perl 1.26-3 > ii libmodule-find-perl 0.15-1 > ii libmodule-scandeps-perl 1.31-1 > ii libproc-processtable-perl 0.611-1 > ii libsort-naturally-perl 1.03-2 > ii libterm-readkey-perl 2.38-1+b2 > ii perl 5.32.1-6 > ii xz-utils 5.2.5-2 > > Versions of packages needrestart recommends: > ii libpam-systemd 247.9-1 > > Versions of packages needrestart suggests: > ii iucode-tool 2.3.1-1 > ii libnotify-bin 0.7.9-3 > > -- no debconf information
Bug#973050: needrestart: Use of uninitialized value in hex at /usr/share/perl5/NeedRestart/uCode/AMD.pm line 169
Hi, could you please provide the output of `needrestart -vw`? TIA & Regards, Thomas On 27.10.20 10:44, Martin-Éric Racine wrote: > Package: needrestart > Version: 3.5-1 > Severity: normal > Scanning processes... Use of uninitialized value in hex at /usr/share/perl5/NeedRestart/uCode/AMD.pm line 169. ] Scanning processor microcode... Scanning linux images... Running kernel seems to be up-to-date. The processor microcode seems to be up-to-date. No services need to be restarted. No containers need to be restarted. No user sessions are running outdated binaries. This output appears on an AMD Geode LX800. -- Package-specific info: needrestart output: checkrestart output: -- System Information: Debian Release: bullseye/sid APT prefers testing-debug APT policy: (1000, 'testing-debug'), (1000, 'testing'), (500, 'stable') Architecture: i386 (i586) Kernel: Linux 5.9.0-1-686 (SMP w/1 CPU thread) Locale: LANG=fi_FI.UTF-8, LC_CTYPE=fi_FI.UTF-8 (charmap=UTF-8), LANGUAGE=fi:en Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages needrestart depends on: ii binutils 2.35.1-2 ii dpkg 1.20.5 ii gettext-base 0.19.8.1-10 ii libintl-perl 1.26-2 ii libmodule-find-perl0.15-1 ii libmodule-scandeps-perl1.29-1 ii libproc-processtable-perl 0.59-2 ii libsort-naturally-perl 1.03-2 ii libterm-readkey-perl 2.38-1+b1 ii perl 5.30.3-4 ii xz-utils 5.2.4-1+b1 Versions of packages needrestart recommends: ii libpam-systemd 246.6-2 Versions of packages needrestart suggests: ii iucode-tool 2.3.1-1 pn needrestart-session | libnotify-bin -- no debconf information >
Bug#972685: needrestart: Please add support for runit
Hi Lorenzo, thanks for the updated patch. I've applied it upstream and will be part of needrestart 3.6+. Regards, Thomas On 23.10.20 12:12, Lorenzo Puliti wrote: Package: needrestart Version: 3.5-1 Followup-For: Bug #972685 On 10/22/20 8:16 PM, Thomas Liske wrote: Hi, thanks for the patch. Would it possible that you provide a updated patch compatible with upstream's git HEAD? Hi, You should be able to git am the patch attached to this message. Note that i've used 'service' instead of invoke-run, to be consistent with upstream code, so this will need further work on Debian side, updating and refreshing the quilt '01-use-invoke-rc.d.diff' patch. Regards, Lorenzo
Bug#972685: needrestart: Please add support for runit
Hi, thanks for the patch. Would it possible that you provide a updated patch compatible with upstream's git HEAD? Regards, Thomas (Upstream) On 22.10.20 16:55, Lorenzo Puliti wrote: Package: needrestart Version: 3.5-1 Severity: normal Tags: patch Dear maintainer, Please consider the attached patch that adds support for runit to needrestart. Runit is a very lightweight init scheme with service supervision capability; for more details see http://smarden.org/runit/ Regards, Lorenzo Puliti -- Package-specific info: needrestart output: Your outdated processes: kactivitymanage[23935], kdeconnectd[22453], kded5[6680], kdeinit5[6696], kglobalaccel5[23942], klauncher[6697], konqueror[6620], kuiserver[22496], lxqt-notificati[5553], lxqt-panel[5557], lxqt-policykit-[5558], lxqt-powermanag[8009], lxqt-runner[5559], lxqt-session[5460], openbox[5530], qjackctl[8006], qterminal[8833, 5222], QtWebEngineProc[9293, 6647], superkaramba[8014] -- System Information: Debian Release: bullseye/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 5.7.0-1-amd64 (SMP w/4 CPU threads) Kernel taint flags: TAINT_FIRMWARE_WORKAROUND, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en Shell: /bin/sh linked to /bin/dash Init: runit (via /run/runit.stopit) Versions of packages needrestart depends on: ii binutils 2.35.1-2 ii dpkg 1.20.5 ii gettext-base 0.19.8.1-10 ii libintl-perl 1.26-2 ii libmodule-find-perl0.15-1 ii libmodule-scandeps-perl1.29-1 ii libproc-processtable-perl 0.59-2 ii libsort-naturally-perl 1.03-2 ii libterm-readkey-perl 2.38-1+b1 ii perl 5.30.3-4 ii xz-utils 5.2.4-1+b1 Versions of packages needrestart recommends: ii libpam-elogind-compat [libpam-systemd] 1.2 Versions of packages needrestart suggests: ii iucode-tool 2.3.1-1 pn needrestart-session | libnotify-bin -- no debconf information -- debsums errors found: debsums: changed file /usr/sbin/needrestart (from needrestart package)
Bug#907372: needrestart: complains about microcode updates on systems with microcode for multiple CPUs in initramfs
tags 907372 fixed-upstream thanks Hi Paul, I've patched the helper script to ignore foreign microcode updates. The required change was in the helper shell script[1], maybe you give it a try. [1] https://github.com/liske/needrestart/commit/6975bc59348782d2d57783560cbae976045f54c8 HTH, Thomas Paul Wise writes: > On Sun, 2018-10-28 at 19:57 +0100, Thomas Liske wrote: > >> ... please provide the output of the following commands: >> >> cat /sys/devices/system/cpu/cpu0/microcode/version >> sh -x /usr/lib/needrestart/iucode-scan-versions > > $ sudo cat /sys/devices/system/cpu/cpu0/microcode/version > 0xa > $ sudo sh -x /usr/lib/needrestart/iucode-scan-versions > + [ = 1 ] > + iucode_tool+ --scan-system > grep -oE [^[:space:]]+$ > + filter=0x000106e5 > + [ -r /sys/devices/system/cpu/cpu0/microcode/processor_flags ] > + cat /sys/devices/system/cpu/cpu0/microcode/processor_flags > + filter=-s 0x000106e5,0x2 > + type bsdtar > + IUCODE_TOOL_EXTRA_OPTIONS= > + test -r /etc/default/intel-microcode > + . /etc/default/intel-microcode > + IUCODE_TOOL_SCANCPUS=no > + IUCODE_TOOL_EXTRA_OPTIONS=-s 0x000106e5,0x13 -s 0x00020655,0x92 > + test = no > + [ -r /usr/share/misc/intel-microcode* ] > + exec iucode_tool -l -s 0x000106e5,0x2 -s 0x000106e5,0x13 -s 0x00020655,0x92 > -tb /lib/firmware/intel-ucode > microcode bundle 1: /lib/firmware/intel-ucode/06-3f-02.initramfs > microcode bundle 2: /lib/firmware/intel-ucode/06-17-06 > microcode bundle 3: /lib/firmware/intel-ucode/06-3e-07 > microcode bundle 4: /lib/firmware/intel-ucode/06-56-02.initramfs > microcode bundle 5: /lib/firmware/intel-ucode/06-25-05 > microcode bundle 6: /lib/firmware/intel-ucode/06-16-01 > microcode bundle 7: /lib/firmware/intel-ucode/06-2d-06 > microcode bundle 8: /lib/firmware/intel-ucode/06-5c-0a > microcode bundle 9: /lib/firmware/intel-ucode/06-4e-03 > microcode bundle 10: /lib/firmware/intel-ucode/06-8e-0a > microcode bundle 11: /lib/firmware/intel-ucode/06-9e-0a > microcode bundle 12: /lib/firmware/intel-ucode/06-55-04 > microcode bundle 13: /lib/firmware/intel-ucode/06-1a-05 > microcode bundle 14: /lib/firmware/intel-ucode/06-55-03 > microcode bundle 15: /lib/firmware/intel-ucode/0f-06-05 > microcode bundle 16: /lib/firmware/intel-ucode/06-5c-02 > microcode bundle 17: /lib/firmware/intel-ucode/06-3d-04.initramfs > microcode bundle 18: /lib/firmware/intel-ucode/06-1e-05 > microcode bundle 19: /lib/firmware/intel-ucode/06-5c-09 > microcode bundle 20: /lib/firmware/intel-ucode/06-3c-03.initramfs > microcode bundle 21: /lib/firmware/intel-ucode/06-9e-0b > microcode bundle 22: /lib/firmware/intel-ucode/06-3a-09.initramfs > microcode bundle 23: /lib/firmware/intel-ucode/06-1c-0a > microcode bundle 24: /lib/firmware/intel-ucode/06-1d-01 > microcode bundle 25: /lib/firmware/intel-ucode/0f-04-04 > microcode bundle 26: /lib/firmware/intel-ucode/0f-06-04 > microcode bundle 27: /lib/firmware/intel-ucode/0f-06-02 > microcode bundle 28: /lib/firmware/intel-ucode/0f-04-0a > microcode bundle 29: /lib/firmware/intel-ucode/06-0f-07 > microcode bundle 30: /lib/firmware/intel-ucode/06-0f-02 > microcode bundle 31: /lib/firmware/intel-ucode/06-56-05 > microcode bundle 32: /lib/firmware/intel-ucode/06-0f-0b > microcode bundle 33: /lib/firmware/intel-ucode/06-7a-01 > microcode bundle 34: /lib/firmware/intel-ucode/06-2f-02 > microcode bundle 35: /lib/firmware/intel-ucode/06-17-07 > microcode bundle 36: /lib/firmware/intel-ucode/06-5f-01 > microcode bundle 37: /lib/firmware/intel-ucode/06-17-0a > microcode bundle 38: /lib/firmware/intel-ucode/06-3e-04 > microcode bundle 39: /lib/firmware/intel-ucode/0f-04-03 > microcode bundle 40: /lib/firmware/intel-ucode/06-9e-09 > microcode bundle 41: /lib/firmware/intel-ucode/0f-06-08 > microcode bundle 42: /lib/firmware/intel-ucode/06-56-03 > microcode bundle 43: /lib/firmware/intel-ucode/06-56-04 > microcode bundle 44: /lib/firmware/intel-ucode/06-1a-04 > microcode bundle 45: /lib/firmware/intel-ucode/06-3e-06 > microcode bundle 46: /lib/firmware/intel-ucode/0f-04-01 > microcode bundle 47: /lib/firmware/intel-ucode/0f-04-08 > microcode bundle 48: /lib/firmware/intel-ucode/06-0f-0a > microcode bundle 49: /lib/firmware/intel-ucode/06-46-01.initramfs > microcode bundle 50: /lib/firmware/intel-ucode/06-2d-07 > microcode bundle 51: /lib/firmware/intel-ucode/06-2e-06 > microcode bundle 52: /lib/firmware/intel-ucode/0f-04-07 > microcode bundle 53: /lib/firmware/intel-ucode/06-0f-06 > microcode bundle 54: /lib/firmware/intel-ucode/06-8e-09 > microcode bundle 55: /lib/firmware/intel-ucode/06-0f-0d > microcode bundle 56: /lib/firmware/intel-ucode/06-2a-07 > microcode bundle 57: /lib/firmware/intel-ucode/06-25-02 > microcode bundle 58: /lib/firmware/intel-ucod
Bug#907372: needrestart: complains about microcode updates on systems with microcode for multiple CPUs in initramfs
tags 907372 upstream thanks Hi Paul, Paul Wise writes: > Package: needrestart > Version: 3.3-1 > Severity: normal > File: /usr/lib/needrestart/iucode-scan-versions > > I have a system that changes between two different CPUs occasionally. > I have a system that boots a different computer at almost every boot. > > To get the right microcode loaded, both turn off CPU scanning: > > /etc/default/intel-microcode: > IUCODE_TOOL_SCANCPUS=no > > The first one also restricts installed microcode to the used CPUs: > > /etc/default/intel-microcode: > IUCODE_TOOL_EXTRA_OPTIONS="-s 0x000X,0xXX -s 0x000X,0xXX" I fear that this code path (using -s in IUCODE_TOOL_EXTRA_OPTIONS) is hardly tested. For the beginning could you please provide the output of the following commands: cat /sys/devices/system/cpu/cpu0/microcode/version sh -x /usr/lib/needrestart/iucode-scan-versions Thanks, Thomas -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#903119: needrestart lists both gdm and gdm3
tags 903119 upstream moreinfo thanks Hi Laurent, Laurent Bigonville writes: > Package: needrestart > Version: 3.3-1 > Severity: normal > > Hi, > > needrestart lists both gdm and gdm3 when proposing the services to > restart > > gdm3.service is a symlink to gdm.service to mask the gdm3 initscript. So > it seems that needrestart gets confused by these symlinks since it uses systemd to look for the service names I did not expect such behavoir. Could you please provide the output of `needrestart -vr l` reporting both services? Thanks, Thomas -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#906958: needrestart: Complains when the microcode is newer than what Debian has
tags 906958 upstream fixed-upstream thanks Hi Maik, Maik Zumstrull writes: > Package: needrestart > Version: 3.3-1 > > On this box, needrestart gives this message: > > The currently running processor microcode revision is 0x20 which is > not the expected microcode revision 0x1f. > > Unless I'm misunderstanding the versioning scheme, this release is > newer than what intel-microcode 3.20180703.2 ships. It's uploaded to > the CPU pre-boot thanks to a mainboard firmware update. > > The check should probably be adjusted to warn about versions smaller > than what's available from the OS, not just different. I've patched upstream to parse and compare the revision hex strings as numbers so this case is handled as up-to-date. Regards, Thomas -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#893152: needrestart: leaks a file descriptor into restarted services
tags 893152 upstream fixed-upstream thanks Hi Stephen, I've added a workaround to close the orphan FD to Debconf.pm. The fix will be part of needrestart 3.2. HTH, Thomas -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#893152: needrestart: leaks a file descriptor into restarted services
Hi Stephen, Stephen Rothwell writes: > Services restarted by needrestart have a unexpected file descriptor > open (on /usr/share/perl5/NeedRestart/UI/Debconf.pm). Manually > restarting the service gets rid of it. > > For example: lvcreate when used from a cron job after cron has been > restarted by needrestart reports: > > File descriptor 4 (/usr/share/perl5/NeedRestart/UI/Debconf.pm) leaked > on lvcreate invocation. Parent PID 9376: /bin/sh I did some tests to find out why the FD is open: - If the system runs systemd than this issue seems to be hidden since needrestart does not restart the service directly as on SysV. - When starting needrestart it tries to detects possible frontend implementation. On Debian it will use Needrestart::UI::Debconf inside an eval block. The Debconf::Client perl module does a exec or fork (i did not look at it's source code) and restart needrestart again piped against the Debconf engine. - Perl seems not to set O_CLOEXEC on the FD opened to read the package file inside of the eval block and so the FD is still open in the Debconf engine and in the respawned needrestart process. - If SysV init is used than needrestart will call the init script and the orphaned FD to Debconf.pm is passed into the daemons. # ps a | grep needrestart 13548 pts/8S+ 0:00 /usr/bin/perl -w /usr/share/debconf/frontend /usr/sbin/needrestart 13559 pts/8S+ 0:01 /usr/bin/perl /usr/sbin/needrestart # ls -lha /proc/13548/fd total 0 dr-x-- 2 root root 0 Jun 2 13:34 . dr-xr-xr-x 9 root root 0 Jun 2 13:34 .. lrwx-- 1 root root 64 Jun 2 13:34 1 -> /dev/pts/8 lrwx-- 1 root root 64 Jun 2 13:34 10 -> /dev/pts/8 lr-x-- 1 root root 64 Jun 2 13:34 11 -> pipe:[10266] lr-x-- 1 root root 64 Jun 2 13:34 13 -> pipe:[10267] lrwx-- 1 root root 64 Jun 2 13:34 2 -> /dev/pts/8 lrwx-- 1 root root 64 Jun 2 13:34 3 -> /dev/pts/8 lr-x-- 1 root root 64 Jun 2 13:34 4 -> /usr/share/perl5/NeedRestart/UI/Debconf.pm lrwx-- 1 root root 64 Jun 2 13:34 5 -> /var/cache/debconf/config.dat lrwx-- 1 root root 64 Jun 2 13:34 6 -> /var/cache/debconf/passwords.dat lrwx-- 1 root root 64 Jun 2 13:34 7 -> /var/cache/debconf/templates.dat l-wx-- 1 root root 64 Jun 2 13:34 8 -> pipe:[102655232] lr-x-- 1 root root 64 Jun 2 13:34 9 -> pipe:[102655233] # ls -lha /proc/13559/fd total 0 dr-x-- 2 root root 0 Jun 2 13:34 . dr-xr-xr-x 9 root root 0 Jun 2 13:34 .. lr-x-- 1 root root 64 Jun 2 13:34 0 -> pipe:[102655232] l-wx-- 1 root root 64 Jun 2 13:34 1 -> pipe:[102655233] lrwx-- 1 root root 64 Jun 2 13:34 2 -> /dev/pts/8 lr-x-- 1 root root 64 Jun 2 13:34 3 -> /etc/needrestart/needrestart.conf lr-x-- 1 root root 64 Jun 2 13:34 4 -> /usr/share/perl5/NeedRestart/UI/Debconf.pm lr-x-- 1 root root 64 Jun 2 13:34 5 -> pipe:[102655232] l-wx-- 1 root root 64 Jun 2 13:34 6 -> pipe:[102655233] lr-x-- 1 root root 64 Jun 2 13:34 7 -> /proc/29312/cgroup So the bug might be within Perl? Regards, Thomas -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#900298: needrestart: Needrestart false positive detect need to reboot due to microcode update
tags 900298 fixed-upstream thanks Hi, Francois Mescam writes: > Le Wed, May 30, 2018 à 05:37:15PM +0800, Thomas Liske a écrit >> >> >> Could you give upstream's most recent iucode-scan-versions[2] >> scripts a try? It should report a single ucode revision. You might just >> run it as root (optionally add '1' as parameter to make it more verbose) >> and compare it with the output of your local >> /usr/lib/needrestart/iucode-scan-versions. >> >> [2] https://github.com/liske/needrestart/blob/master/lib/iucode-scan-versions > > I attach 2 files : > local obtained with /usr/lib/needrestart/iucode-scan-version > upstream obtained with upstream on github thanks for giving it a try. The fix of #112 also solves this bug. Regards, Thomas > Regards > > -- > Francois Mescam > > iucode_tool: system has processor(s) with signature 0x00050663 > microcode bundle 1: /lib/firmware/intel-ucode/06-1e-05 > microcode bundle 2: /lib/firmware/intel-ucode/06-0f-06 > microcode bundle 3: /lib/firmware/intel-ucode/06-0f-0a > microcode bundle 4: /lib/firmware/intel-ucode/0f-06-02 > microcode bundle 5: /lib/firmware/intel-ucode/06-0f-02 > microcode bundle 6: /lib/firmware/intel-ucode/06-9e-0a > microcode bundle 7: /lib/firmware/intel-ucode/06-2d-07 > microcode bundle 8: /lib/firmware/intel-ucode/06-1c-02 > microcode bundle 9: /lib/firmware/intel-ucode/06-9e-0b > microcode bundle 10: /lib/firmware/intel-ucode/06-17-07 > microcode bundle 11: /lib/firmware/intel-ucode/0f-04-08 > microcode bundle 12: /lib/firmware/intel-ucode/0f-06-04 > microcode bundle 13: /lib/firmware/intel-ucode/06-8e-09 > microcode bundle 14: /lib/firmware/intel-ucode/06-2d-06 > microcode bundle 15: /lib/firmware/intel-ucode/0f-04-01 > microcode bundle 16: /lib/firmware/intel-ucode/06-55-03 > microcode bundle 17: /lib/firmware/intel-ucode/06-16-01 > microcode bundle 18: /lib/firmware/intel-ucode/06-3c-03.initramfs > microcode bundle 19: /lib/firmware/intel-ucode/06-5c-09 > microcode bundle 20: /lib/firmware/intel-ucode/06-3a-09.initramfs > microcode bundle 21: /lib/firmware/intel-ucode/0f-04-03 > microcode bundle 22: /lib/firmware/intel-ucode/06-3f-02.initramfs > microcode bundle 23: /lib/firmware/intel-ucode/06-56-05 > microcode bundle 24: /lib/firmware/intel-ucode/06-56-03 > microcode bundle 25: /lib/firmware/intel-ucode/06-56-04 > microcode bundle 26: /lib/firmware/intel-ucode/06-46-01.initramfs > microcode bundle 27: /lib/firmware/intel-ucode/06-56-02.initramfs > microcode bundle 28: /lib/firmware/intel-ucode/06-5e-03 > microcode bundle 29: /lib/firmware/intel-ucode/0f-04-04 > microcode bundle 30: /lib/firmware/intel-ucode/06-3f-04.initramfs > microcode bundle 31: /lib/firmware/intel-ucode/06-3d-04.initramfs > microcode bundle 32: /lib/firmware/intel-ucode/06-9e-09 > microcode bundle 33: /lib/firmware/intel-ucode/06-0f-0d > microcode bundle 34: /lib/firmware/intel-ucode/06-1d-01 > microcode bundle 35: /lib/firmware/intel-ucode/0f-04-07 > microcode bundle 36: /lib/firmware/intel-ucode/06-17-0a > microcode bundle 37: /lib/firmware/intel-ucode/06-45-01.initramfs > microcode bundle 38: /lib/firmware/intel-ucode/06-8e-0a > microcode bundle 39: /lib/firmware/intel-ucode/06-4e-03 > microcode bundle 40: /lib/firmware/intel-ucode/06-47-01.initramfs > microcode bundle 41: /lib/firmware/intel-ucode/06-3e-04 > microcode bundle 42: /lib/firmware/intel-ucode/0f-04-0a > microcode bundle 43: /lib/firmware/intel-ucode/06-2f-02 > microcode bundle 44: /lib/firmware/intel-ucode/06-25-02 > microcode bundle 45: /lib/firmware/intel-ucode/06-2a-07 > microcode bundle 46: /lib/firmware/intel-ucode/06-17-06 > microcode bundle 47: /lib/firmware/intel-ucode/06-7a-01 > microcode bundle 48: /lib/firmware/intel-ucode/06-1a-05 > microcode bundle 49: /lib/firmware/intel-ucode/06-3e-06 > microcode bundle 50: /lib/firmware/intel-ucode/06-1a-04 > microcode bundle 51: /lib/firmware/intel-ucode/0f-03-04 > microcode bundle 52: /lib/firmware/intel-ucode/06-55-04 > microcode bundle 53: /lib/firmware/intel-ucode/06-3e-07 > microcode bundle 54: /lib/firmware/intel-ucode/0f-06-05 > microcode bundle 55: /lib/firmware/intel-ucode/06-0f-07 > microcode bundle 56: /lib/firmware/intel-ucode/0f-06-08 > microcode bundle 57: /lib/firmware/intel-ucode/06-4f-01.initramfs > microcode bundle 58: /lib/firmware/intel-ucode/0f-04-09 > microcode bundle 59: /lib/firmware/intel-ucode/06-1c-0a > microcode bundle 60: /lib/firmware/intel-ucode/06-0f-0b > microcode bundle 61: /lib/firmware/intel-ucode/06-25-05 > selected microcodes: > 027/001: sig 0x00050662, pf_mask 0x10, 2018-01-22, rev 0x0015, size 31744 > 024/001: sig 0x00050663, pf_mask 0x10, 2018-01-22, rev 0x712, size 22528 > 025/001: sig 0x00050664,
Bug#900298: needrestart: Needrestart false positive detect need to reboot due to microcode update
tags 900298 upstream thanks Hi, this might be related to issue #112[1]. While scanning for ucode updates using the iucode_tool for the running system it does report updates which are *not* applicable. This might be a bug or a inaccuracy description of the --scan--system option of iucode_tool. Needrestart 3.2 (not released, yet) contains a fix to workaround this issue. [1] https://github.com/liske/needrestart/issues/112 Could you give upstream's most recent iucode-scan-versions[2] scripts a try? It should report a single ucode revision. You might just run it as root (optionally add '1' as parameter to make it more verbose) and compare it with the output of your local /usr/lib/needrestart/iucode-scan-versions. [2] https://github.com/liske/needrestart/blob/master/lib/iucode-scan-versions Regards, Thomas Paul Wise writes: > Control: retitle -1 needrestart: microcode: false positives, select expected > version based on sig/pf/pf_mask > > On Mon, 28 May 2018 19:09:54 +0200 Francois Mescam wrote: > >> The currently running processor microcode revision is 0x712 which is >> not the expected microcode revision 0xe09. > ... >> /usr/sbin/iucode_tool: system has processor(s) with signature 0x00050663 > ... >> 001/001: sig 0x00050662, pf_mask 0x10, 2018-01-22, rev 0x0015, size 31744 >> 001/002: sig 0x00050663, pf_mask 0x10, 2018-01-22, rev 0x712, size >> 22528 >> 001/003: sig 0x00050664, pf_mask 0x10, 2018-01-22, rev 0xf11, size >> 22528 >> 001/004: sig 0x00050665, pf_mask 0x10, 2018-01-22, rev 0xe09, size >> 18432 > > The issue here appears to be that needrestart isn't matching the list > of available microcode versions against the CPU's sig value. > > In addition, on the #debian-next IRC channel, a Debian user discovered > a system where there were multiple microcode revisions available for > the processor sig and the one that was loaded was the one where the > processor flags (pf) value (from dmesg and sysfs) bitwise ANDed with > the microcode pf_mask value resulted in a non-zero value. > > $ sudo sort -u /sys/devices/system/cpu/cpu*/microcode/processor_flags > 0x2 > > $ sudo dmesg | grep pf= > [1.103617] microcode: sig=0x106e5, pf=0x2, revision=0x8 > > -- > bye, > pabs > > https://wiki.debian.org/PaulWise -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#894444: needrestart doesn't restart services anymore
Hi, Jean-Michel Vourgère writes: > Package: needrestart > Version: 2.11-3+deb9u1 > Severity: normal > > Dear Maintainer, > > Here, needrestart recently stopped working automatically in stable. This is triggered by the bugfix for Debian Bug#876459 and is intentional (upstream's point of view). > I am using it with unattended-upgrades. > > After libssl upgrade this morning, unattended-upgrades-dpkg.log says things > like: > systemctl restart nagios-nrpe-server.service Did you change it's configuration? By default needrestart does query the user before restarting any services for safety reasons. If it is run non-interactive it should not restart services by design - as long you did not change it's configuration to do so. The behavior before 2.11-3+deb9u1 was a bug and has been fixed in stretch's point release 9.4[1]. [1] https://www.debian.org/News/2018/20180310 BTW: needrestart 2.11 has a buggy detection(=croaks a lot of Perl warnings) if it is run non-interactive (see also Debian Bug#859387). It has been fixed in needrestart 3.0+ (which is available in bpo). > But a ps show that the service has not been restarted for 2 weeks: > nagios 880 0.0 0.1 23912 4084 ?Ss Mar13 1:08 /usr/sbin/ > nrpe -c /etc/nagios/nrpe.cfg -f This is intentional - your log shows that needrestart does only list the units which should be restarted. > If I run needrestart manually, I am asked whether or not I want to restart > nagios-nrpe-server.service (cute curse interface). If I answer yes, the > services are properly restarted. > nagios 21026 0.3 0.1 23912 4316 ?Ss 12:10 0:00 /usr/sbin/ > nrpe -c /etc/nagios/nrpe.cfg -f > > I expected needrestart to automatically reload the services using obsolete > libssl, like it used to. You could change the default mode to automaticly restart (that also effects the interactive mode). (Hint: with needrestart 3.0 it is possible to set the NEEDRESTART_MODE environment variable to override needrestart's restart mode... might be used in the unattended-upgrade cronjob). HTH, Thomas -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#892113: needrestart: Bug in GTK3-frontend
Hi Andreas, Andreas Schmidt writes: > Package: needrestart > Version: 3.0-1 > Severity: normal > > Dear Maintainer, > > the new GTK-3 frontend to needrestart has two buttons: and > . needrestart does not have a graphical frontend at all ;-). I think you are using the debconf frontend which might use some Gtk3 frontend (which is out of needrestart's scope). > Pressing results in a restart of the services checked in the main > window > -- as expected. I assumed that with the other button I could quit the dialogue > without restarting anything. However, hitting gives me this message in > the terminal: > > *** > (frontend:20760): Gtk-CRITICAL **: gtk_assistant_previous_page: assertion > 'page_node != NULL' failed > *** > > The program continues to work, so this error is just a nuisance. However, With > this error, the button is useless and should be removed or replaced. What do > you think about the following suggestion? There should be a OK and a Cancel button. Testing on stretch (using needrestart -f ) it seems to work showing the following buttons: dialog: OK, Cancel gnome: OK, Cancel kde: OK, Cancel, Back (where 'Back' works like Cancel) > After updating packages like libc6, needrestart finds lots of services that > need a restart. There are occasions where restarting them should be delayed -- > just think of a download running in the background that would be interrupted > for good if network-related services were stopped. In such cases it could be > quite a tiresome task to manually deselect all listed services and press > . It would be much easier to have a button that quits the > program without restarting anything. Another idea would be to provide a > checkbox on top (and possibly an identical one at the bottom) of the list that > turns the checkboxes of all listed services on/off. This would provide an easy > way to activate a restart of all services, if needed. It might be dangerous, > though, because it could lead to inadvertently killing the whole X-session if, > say, dbus was restarted. Needrestart tries to provide sane default so it should not kill your X-session nor network connection unless you've changed it's configuration or select the services explicitly. The should be a Cancel button which should result in *no* service restart. If the button is missing while running needrestart on sid than this is a regression which might be triggered by changes in debconf. When using debconf (which is the prefered UI) it is not possible to add custom buttons or checkboxes - debconf does all the magic building the dialog. HTH, Thomas > Thank you for your consideration! > > Andreas > > > > -- Package-specific info: > needrestart output: > Your outdated processes: > alarm-clock-app[8901], atril[8865, 8892, 8893, 8945, 8936, 8934, 8947, 4626, > 8894, 8895, 8943, 8897, 8946, 8932, 24870, 26930, 8864, 8898, 8896, 8933, > 8926, 8944], atrild[9180], audacity[7089], balsa[13182], bash[9074, 9081, > 9072, 9299, 9076, 9098, 9075, 9091, 9073, 9086, 9094, 9087, 9101, 6716, 9085, > 19128, 9078, 9089, 5984, 9071, 9080, 9088, 9166, 9100, 9099, 9077, 9093, > 9090, 9083, 9082, 9079, 7243, 9084, 9097], dbus-daemon[8726], > dbus-launch[8725], dconf-service[8759], dirmngr[21365], firefox-esr[8866], > gconfd-2[8918], gconf-helper[2134], geany[9145], gvfs-afc-volume[8832], > gvfsd[8745], gvfsd-computer[26884], gvfsd-dnssd[25296], gvfsd-fuse[8750], > gvfsd-metadata[10665], gvfsd-network[25244], gvfsd-trash[10748], > gvfs-goa-volume[8826], gvfs-gphoto2-vo[8841], gvfs-mtp-volume[8852], > gvfs-udisks2-vo[8810], hamster-service[19488], light-locker[8835], > marco[8786], mate-power-mana[8902], mate-screensave[11803], > mate-session[8698], mate-settings-d[8776], mate-terminal[8937], > mate-user-share[8899], mate-volume-con[8948], mc[7241, 19126, 9272, 6714], > mocp[8409, 27558], msd-locate-poin[8806], needrestart-dbu[2101, 8916], > oosplash[5959], pluma[8927], polkit-mate-aut[8924], pulseaudio[2026], > sh[8884], soffice.bin[5978], systemd[1907], vlc[8343, 10195], > WebKitNetworkPr[10439, 10441, 4641, 10448, 10435, 10428, 10444, 10447, 10431, > 10433, 10440, 10438, 10437, 26946, 10445, 10423, 10443, 10442, 24736, 10449, > 24886, 10430, 10446], zeitgeist-daemo[8906], zeitgeist-datah[8921], > zeitgeist-fts[8983] > > checkrestart output: > > > -- System Information: > Debian Release: buster/sid > APT prefers unstable-debug > APT policy: (500, 'unstable-debug'), (500, 'unstable') > Architecture: amd64 (x86_64) > Foreign Architectures: i386 > > Kernel: Linux 4.15.0-1-amd64 (SMP w/4 CPU cores) > Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), > LANGUAGE=en_US.UTF-8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > Init: systemd (via /run/systemd/system) > LSM: AppArmor: enabled > > Versions of packages needrestart depends on: > ii binutils 2.30-5 > ii dpkg 1.19.0.5 > ii gettext-base 0.19.8.1-4 > ii libintl-perl
Bug#891923: needrestart: Use of uninitialized value $ucode_vars
tag 891923 upstream fixed-upstream
thanks
Hi Bob,
thanks for the report. The bug has been fixed upstream.
HTH,
Thomas
Bob Proulx writes:
> Package: needrestart
> Version: 3.0-1
> Severity: normal
>
> On some systems I see the following:
>
> root@clash:~# needrestart -b
> NEEDRESTART-VER: 3.0
> NEEDRESTART-KCUR: 4.15.0-1-amd64
> NEEDRESTART-KEXP: 4.15.0-1-amd64
> NEEDRESTART-KSTA: 1
> NEEDRESTART-UCSTA: 0
> Use of uninitialized value $ucode_vars{"CURRENT"} in concatenation (.) or
> string at /usr/sbin/needrestart line 866.
> NEEDRESTART-UCCUR:
> Use of uninitialized value $ucode_vars{"AVAIL"} in concatenation (.) or
> string at /usr/sbin/needrestart line 867.
> NEEDRESTART-UCEXP:
>
> These are KVM virtual machines without iucode_tool or intel-microcode
> available.
>
> root@clash:~# needrestart -bv
> [main] eval /etc/needrestart/needrestart.conf
> [main] needrestart v3.0
> [main] running in root mode
> NEEDRESTART-VER: 3.0
> Failed to load NeedRestart::uCode::Intel: [uCode/Intel] iucode-tool not
> available!
> [ucode] no supported processor microcode detection
> [Kernel] Linux: kernel release 4.15.0-1-amd64, kernel version #1 SMP Debian
> 4.15.4-1 (2018-02-18)
> [Kernel/Linux] /boot/vmlinuz-4.15.0-1-amd64 => 4.15.0-1-amd64
> (debian-ker...@lists.debian.org) #1 SMP Debian 4.15.4-1 (2018-02-18)
> [4.15.0-1-amd64]*
> [Kernel/Linux] /boot/vmlinuz-4.14.0-3-amd64 => 4.14.0-3-amd64
> (debian-ker...@lists.debian.org) #1 SMP Debian 4.14.17-1 (2018-02-14)
> [4.14.0-3-amd64]
> [Kernel/Linux] Expected linux version: 4.15.0-1-amd64
> NEEDRESTART-KCUR: 4.15.0-1-amd64
> NEEDRESTART-KEXP: 4.15.0-1-amd64
> NEEDRESTART-KSTA: 1
> NEEDRESTART-UCSTA: 0
> Use of uninitialized value $ucode_vars{"CURRENT"} in concatenation (.) or
> string at /usr/sbin/needrestart line 866.
> NEEDRESTART-UCCUR:
> Use of uninitialized value $ucode_vars{"AVAIL"} in concatenation (.) or
> string at /usr/sbin/needrestart line 867.
> NEEDRESTART-UCEXP:
>
> Lack of iucode-tool triggers the $ucode_vars{"CURRENT"} error. Lack
> of intel-microcode triggers the $ucode_vars{"AVAIL"} error.
>
> Bob
>
> -- Package-specific info:
> needrestart output:
> Your outdated processes:
> emacs[6711]
>
> checkrestart output:
>
>
> -- System Information:
> Debian Release: buster/sid
> APT prefers unstable
> APT policy: (500, 'unstable'), (500, 'testing')
> Architecture: amd64 (x86_64)
>
> Kernel: Linux 4.15.0-1-amd64 (SMP w/4 CPU cores)
> Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
> LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: sysvinit (via /sbin/init)
>
> Versions of packages needrestart depends on:
> ii binutils 2.30-5
> ii dpkg 1.19.0.5
> ii gettext-base 0.19.8.1-4
> ii libintl-perl 1.26-2
> ii libmodule-find-perl0.13-1
> ii libmodule-scandeps-perl1.24-1
> ii libproc-processtable-perl 0.55-1
> ii libsort-naturally-perl 1.03-2
> ii libterm-readkey-perl 2.37-1+b2
> ii perl 5.26.1-5
> ii xz-utils 5.2.2-1.3
>
> Versions of packages needrestart recommends:
> ii libpam-systemd 237-4
> ii sysvinit-core 2.88dsf-59.10
>
> Versions of packages needrestart suggests:
> ii libnotify-bin 0.7.7-3
>
> -- Configuration Files:
> /etc/apt/apt.conf.d/99needrestart changed [not included]
>
> -- no debconf information
>
--
:: WWW:https://fiasko-nw.net/~thomas/ ::
::: Jabber: xmpp:tho...@jabber.fiasko-nw.net :::
:: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#859387: Info received (Upload 2.12 to stretch-backports?)
Hi,
Francis M writes:
> s/2.12/2.11+git20180213-1/
it has been released[1] upstream as needrestart 3.0.
[1] https://github.com/liske/needrestart/releases/tag/v3.0
> Apologies for the noise, I made the mistake of typing my previous
> e-mail before my morning coffee.
:-)
> I've tested the above 2.11 release from experimental on a few systems
> and don't see anything abnormal.
Did you test the Intel microcode-update-detection-feature[2]? It would
be nice to get some more feedback on it.
[2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=886445
Regards,
Tho-upstream-mas
> As before, if there's anything I can do to help get this into the
> stretch{,-backports}, I'd be more than willing.
>
> Best,
>
> Francis
>
> On 25 February 2018 at 12:15, Debian Bug Tracking System
> wrote:
>> Thank you for the additional information you have supplied regarding
>> this Bug report.
>>
>> This is an automatically generated reply to let you know your message
>> has been received.
>>
>> Your message is being forwarded to the package maintainers and other
>> interested parties for their attention; they will reply in due course.
>>
>> Your message has been sent to the package maintainer(s):
>> Patrick Matthäi
>>
>> If you wish to submit further information on this problem, please
>> send it to 859...@bugs.debian.org.
>>
>> Please do not send mail to ow...@bugs.debian.org unless you wish
>> to report a problem with the Bug-tracking system.
>>
>> --
>> 859387: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859387
>> Debian Bug Tracking System
>> Contact ow...@bugs.debian.org with problems
>
--
:: WWW:https://fiasko-nw.net/~thomas/ ::
::: Jabber: xmpp:tho...@jabber.fiasko-nw.net :::
:: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#887828: needrestart: Possible false positive on postifx and wazuh-agent running in LXC container
Hi, Chris writes: > Yes, it seems most processes of postfix are chrooted by default in > Debian Stretch (plain install of Postfix via apt-get install postfix): I did install a vanilla Debian Stretch VM, setup an LXC container inside (using Stretch again) and installed postfix inside the container. Running needrestart inside of the container does *not* detect any false positives on postfix. So it seems that your setup has something special... On which linux distri and kernel are you running your LXC container? >From the kernel string it seems to be proxmox, isn't it? I assume there is something special in /proc/$PID/maps or the /proc/$PID/map_files/$MADDR links are missing which are used by needrestart. As fallback needrestart looks for /proc/$PID/root/$FILENAME which fails for chrooted processes. Regards, Thomas Needrestart looks for any executable mapped files > /usr/share/postfix/master.cf.dist used/installed by > /var/lib/dpkg/info/postfix/postfix.postinst is e.g. chrooting the > mentioned process: > > pickupunix n - y 60 1 pickup > >> Could you please post: >> stat /usr/lib/postfix/sbin/pickup > > Sure: > > File: /usr/lib/postfix/sbin/pickup > Size: 14408 Blocks: 32 IO Block: 4096 regular file > Device: 715h/1813dInode: 142070 Links: 1 > Access: (0755/-rwxr-xr-x) Uid: (0/root) Gid: (0/root) > Access: 2018-02-08 01:06:13.281395346 + > Modify: 2017-09-27 04:56:28.0 + > Change: 2018-01-26 14:10:42.474783916 + > Birth: - > >> stat /proc/25460/root/usr/lib/postfix/sbin/pickup > > the PIDs have changed here and are now: > > [main] #4262 uses non-existing /usr/lib/postfix/sbin/pickup > [main] #4262 is a child of #478 > > stat: cannot stat '/proc/4262/root/usr/lib/postfix/sbin/pickup': No such > file or directory > > and it seems the pickup is at: > > File: /proc/478/root/usr/lib/postfix/sbin/pickup > Size: 14408 Blocks: 32 IO Block: 4096 regular file > Device: 715h/1813dInode: 142070 Links: 1 > Access: (0755/-rwxr-xr-x) Uid: (0/root) Gid: (0/root) > Access: 2018-02-08 01:06:13.281395346 + > Modify: 2017-09-27 04:56:28.0 + > Change: 2018-01-26 14:10:42.474783916 + > Birth: - > > I've also had a look at the previously mentioned dovecot which seems to > be chrooted as well: > > "Login processes (imap-login, pop3-login) are chrooted by default into > an empty non-writable directory." > > -> https://wiki.dovecot.org/Chrooting > > and indeed the same happening here: > > [main] #24776 uses non-existing /usr/lib/dovecot/imap-login > [main] #24776 is a child of #13446 > > File: /usr/lib/dovecot/imap-login > Size: 31336 Blocks: 64 IO Block: 4096 regular file > Device: 70ah/1802dInode: 920400 Links: 1 > Access: (0755/-rwxr-xr-x) Uid: (0/root) Gid: (0/root) > Access: 2018-02-08 13:49:54.190058675 +0100 > Modify: 2017-06-30 21:01:28.0 +0200 > Change: 2017-08-22 14:24:29.284898620 +0200 > Birth: - > > > stat: cannot stat '/proc/24776/root/usr/lib/dovecot/imap-login': No such > file or directory > > > File: /proc/13446/root/usr/lib/dovecot/imap-login > Size: 31336 Blocks: 64 IO Block: 4096 regular file > Device: 70ah/1802dInode: 920400 Links: 1 > Access: (0755/-rwxr-xr-x) Uid: (0/root) Gid: (0/root) > Access: 2018-02-08 13:49:54.190058675 +0100 > Modify: 2017-06-30 21:01:28.0 +0200 > Change: 2017-08-22 14:24:29.284898620 +0200 > Birth: - > >> Regards, >> Thomas > > Thanks > >>> [main] #338 exe => /var/ossec/bin/ossec-agentd >>> [main] #338 is wazuh-agent.service >>> [main] #430 exe => /usr/lib/postfix/sbin/master >>> [main] #430 is postfix@-.service >>> >>> >>> cat /proc/338/cgroup >>> - >>> >>> 12:cpuset:/ >>> 11:hugetlb:/ >>> 10:perf_event:/ >>> 9:blkio:/ >>> 8:net_cls,net_prio:/ >>> 7:memory:/ >>> 6:rdma:/ >>> 5:cpu,cpuacct:/ >>> 4:freezer:/ >>> 3:pids:/system.slice/wazuh-agent.service >>> 2:devices:/system.slice/wazuh-agent.service >>> 1:name=systemd:/system.slice/wazuh-agent.service >>> >>> >>> cat /proc/25460/cgroup >>> -- >>> >>> 12:cpuset:/ >>> 11:hugetlb:/ >>> 10:perf_event:/ >>> 9:blkio:/ >>> 8:net_cls,net_prio:/ >>> 7:memory:/ >>> 6:rdma:/ >>> 5:cpu,cpuacct:/ >>> 4:freezer:/ >>> 3:pids:/system.slice/system-postfix.slice/postfix@-.service >>> 2:devices:/system.slice/system-postfix.slice >>> 1:name=systemd:/system.slice/system-postfix.slice/postfix@-.service >>> >>> cat /proc/430/cgroup >>> >>> >>> 12:cpuset:/ >>> 11:hugetlb:/ >>> 10:perf_event:/ >>> 9:blkio:/ >>> 8:net_cls,net_prio:/ >>> 7:memory:/ >>> 6:rdma:/ >>> 5:cpu,cpuacct:/ >>> 4:freezer:/ >>> 3:pids:/system.slice/system-postfix.slice/postfix@-.service >>> 2:devices:/system.slice/system-postfix.slice >>> 1:name=systemd:/system.slice/system-postfix.slice/postfix@-.service >>> >>> >>> As you have mention
Bug#887828: needrestart: Possible false positive on postifx and wazuh-agent running in LXC container
Hi, Chris writes: > [main] #338 uses non-existing /var/ossec/bin/ossec-agentd > [main] #338 is not a child this is by design of the wazuh-agent and might trigger a false positive in needrestart - putting binaries into /var looks something special. > [main] #25460 uses non-existing /usr/lib/postfix/sbin/pickup > [main] #25460 is a child of #430 Is your postfix chrooted? Could you please post: stat /usr/lib/postfix/sbin/pickup stat /proc/25460/root/usr/lib/postfix/sbin/pickup Regards, Thomas > [main] #338 exe => /var/ossec/bin/ossec-agentd > [main] #338 is wazuh-agent.service > [main] #430 exe => /usr/lib/postfix/sbin/master > [main] #430 is postfix@-.service > > > cat /proc/338/cgroup > - > > 12:cpuset:/ > 11:hugetlb:/ > 10:perf_event:/ > 9:blkio:/ > 8:net_cls,net_prio:/ > 7:memory:/ > 6:rdma:/ > 5:cpu,cpuacct:/ > 4:freezer:/ > 3:pids:/system.slice/wazuh-agent.service > 2:devices:/system.slice/wazuh-agent.service > 1:name=systemd:/system.slice/wazuh-agent.service > > > cat /proc/25460/cgroup > -- > > 12:cpuset:/ > 11:hugetlb:/ > 10:perf_event:/ > 9:blkio:/ > 8:net_cls,net_prio:/ > 7:memory:/ > 6:rdma:/ > 5:cpu,cpuacct:/ > 4:freezer:/ > 3:pids:/system.slice/system-postfix.slice/postfix@-.service > 2:devices:/system.slice/system-postfix.slice > 1:name=systemd:/system.slice/system-postfix.slice/postfix@-.service > > cat /proc/430/cgroup > > > 12:cpuset:/ > 11:hugetlb:/ > 10:perf_event:/ > 9:blkio:/ > 8:net_cls,net_prio:/ > 7:memory:/ > 6:rdma:/ > 5:cpu,cpuacct:/ > 4:freezer:/ > 3:pids:/system.slice/system-postfix.slice/postfix@-.service > 2:devices:/system.slice/system-postfix.slice > 1:name=systemd:/system.slice/system-postfix.slice/postfix@-.service > > > As you have mentioned cgroups i'm also getting the following output from > the postfix services within the containers: > > Jan 28 15:51:51 example systemd[1]: postfix.service: Failed to reset > devices.list: Operation not permitted > Jan 28 15:51:51 example systemd[1]: postfix.service: Failed to set > invocation ID on control group /system.slice/postfix.service, ignoring: > Operation not permitted > > Not sure if this is related here. > >> Thanks, >> Thomas >> >> >> Chris writes: >> >>> Package: needrestart >>> Version: 2.11-3 >>> Severity: normal >>> >>> Dear Maintainer, >>> >>> having Postfix and the wazuh-agent package from [1] on a current Debian >>> Stretch 9.3 running within an LXC container shows the following services >>> as required for a restart even if the services, the container or the >>> host was freshly restarted: >>> >>> postfix@-.service >>> wazuh-agent.service >>> >>> Running needrestart with the -v parameter shows this output: >>> >>> [main] eval /etc/needrestart/needrestart.conf >>> [main] needrestart v2.11 >>> [main] running in root mode >>> [Core] Using UI 'NeedRestart::UI::stdio'... >>> [main] detected systemd >>> [main] #372 uses non-existing /var/ossec/bin/ossec-agentd >>> [main] #372 is not a child >>> [main] #1047 uses non-existing /usr/lib/postfix/sbin/pickup >>> [main] #1047 is a child of #438 >>> [main] #372 exe => /var/ossec/bin/ossec-agentd >>> [main] #372 is wazuh-agent.service >>> [main] #438 exe => /usr/lib/postfix/sbin/master >>> [main] #438 is postfix@-.service >>> [Kernel] Linux: kernel release 4.13.13-5-pve, kernel version #1 SMP PVE >>> 4.13.13-36 (Mon, 15 Jan 2018 12:36:49 +0100) >>> [Kernel/Linux] Did not find any linux images. >>> Failed to retrieve available kernel versions. >>> Restarting services... >>> Services to be restarted: >>> Restart «postfix@-.service»? [Ynas?] n >>> Restart «wazuh-agent.service»? [Ynas?] n >>> Services being skipped: >>> systemctl restart postfix@-.service >>> systemctl restart wazuh-agent.service >>> No containers need to be restarted. >>> No user sessions are running outdated binaries. >>> >>> The two mentioned binaries which doesn't exist according to needrestart >>> output are there and accessible: >>> >>> ls -la /var/ossec/bin/ossec-agentd >>> >>> -rwxr-x--- 1 root root 528136 Dez 22 18:59 /var/ossec/bin/ossec-agentd >>> >>> ls -la /usr/lib/postfix/sbin/pickup >>> >>> -rwxr-xr-x 1 root root 14408 Sep 27 06:56 /usr/lib/postfix/sbin/pickup >>> >>> ls -la >>> >>> Not sure what causes this behavior. If there are any additional info i >>> could / need to provide please let me know. >>> >>> Thanks, >>> >>> [1] >>> https://documentation.wazuh.com/current/installation-guide/installing-wazuh-agent/wazuh_agent_deb.html >> > -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#856260: needrestart: always says newer kfreebsd kernel available
Hi Bill, this report is about kfreebsd kernel - you are using a linux kernel. Needrestart's warning on pending kernel updates seems to be correct: - running kernel is 4.9.0-4-686-pae build on 2017-09-28 - installed kernel is 4.9.0-4-686-pae build on 2017-12-03 HTH, Thomas Bill Brelsford writes: > I get the same message on one of my linux systems (stretch): > > # uname -r > 4.9.0-4-686-pae > > # needrestart -v -k > [main] eval /etc/needrestart/needrestart.conf > [main] needrestart v2.11 > [main] running in root mode > [Core] Using UI 'NeedRestart::UI::stdio'... > [Kernel] Linux: kernel release 4.9.0-4-686-pae, kernel version #1 SMP > Debian 4.9.51-1 (2017-09-28) > [Kernel/Linux] /boot/vmlinuz-4.9.0-4-686-pae => 4.9.0-4-686-pae > (debian-ker...@lists.debian.org) #1 SMP Debian 4.9.65-3 (2017-12-03) > [4.9.0-4-686-pae] > [Kernel/Linux] /boot/vmlinuz-4.9.0-3-686-pae => 4.9.0-3-686-pae > (debian-ker...@lists.debian.org) #1 SMP Debian 4.9.30-2+deb9u5 (2017-09-19) > [4.9.0-3-686-pae] > [Kernel/Linux] Expected linux version: 4.9.0-4-686-pae > Pending kernel upgrade! > > Running kernel version: > 4.9.0-4-686-pae > > Diagnostics: > The currently running kernel has an ABI compatible upgrade pending. > > This also occurred before the recent upgrade to 4.9.0-4-686-pae. > Other systems with equivalent setups behave normally. > > Regards.. Bill > -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#886402: needrestart: Shows perl errors (uninitialized value)
tags 886402 upstream fixed-upstream
thanks
Hi,
the perl warnings have been already fixed upstream[1].
[1]
https://github.com/liske/needrestart/commit/7ab8834b154f7813b0528424d149e0a0aa3f5b88
HTH,
Thomas
cre writes:
> Package: needrestart
> Version: 2.11-4
> Severity: normal
>
> Dear Maintainer,
>
> The program seems to run fine, but it prints out these error messages just
> before the "real" messages:
>
> $ sudo needrestart
> [sudo] password for cre:
> Use of uninitialized value $testp in stat at /usr/sbin/needrestart line
> 462, line 1.== ]
> Use of uninitialized value $sdev in right bitshift (>>) at
> /usr/sbin/needrestart line 463, line 1.
> Use of uninitialized value $sdev in right bitshift (>>) at
> /usr/sbin/needrestart line 463, line 1.
> Use of uninitialized value $sdev in bitwise and (&) at
> /usr/sbin/needrestart line 463, line 1.
> Use of uninitialized value $sdev in right bitshift (>>) at
> /usr/sbin/needrestart line 463, line 1.
> Use of uninitialized value $sdev in right bitshift (>>) at
> /usr/sbin/needrestart line 463, line 1.
> Use of uninitialized value $sdev in bitwise and (&) at
> /usr/sbin/needrestart line 463, line 1.
> Use of uninitialized value $sdev in right bitshift (>>) at
> /usr/sbin/needrestart line 475, line 1.
> Use of uninitialized value $sdev in right bitshift (>>) at
> /usr/sbin/needrestart line 475, line 1.
> Use of uninitialized value $sinode in string eq at /usr/sbin/needrestart
> line 480, line 1.
> Scanning processes...
> Scanning candidates...
> Scanning linux images...
> [...cut...]
>
> That seems related to perl.
>
>
> -- Package-specific info:
> needrestart output:
> Your outdated processes:
> applet.py[1317], at-spi-bus-laun[1251], at-spi2-registr[1258], bash[21570],
> claws-mail[21747], dbus-daemon[1256, 1174], dconf-service[1342],
> firefox[21585], gvfsd[1306], keepassxc[21528],
> light-locker[1324], panel-2-actions[1302], panel-4-notific[1301],
> panel-6-systray[1300], panel-7-whisker[1289], panel-12-cpugra[1296],
> panel-16-fsguar[1299], panel-17-netloa[1298],
> panel-19-system[1297], pulseaudio[1318], sh[1166], systemd[1150],
> terminator[21561], Thunar[1271], VBoxClient[1207, 1232, 1205, 1221, 1219,
> 1227, 1225, 1233], vlc[21829], Web
> Content[21634], xfce4-notifyd[1347], xfce4-panel[1272],
> xfce4-power-man[1307, 1325], xfce4-session[1250], xfconfd[1262],
> xfdesktop[1278], xfsettingsd[1274], xfwm4[1270]
>
> checkrestart output:
>
>
> -- System Information:
> Debian Release: buster/sid
> APT prefers unstable
> APT policy: (500, 'unstable')
> Architecture: amd64 (x86_64)
>
> Kernel: Linux 4.14.0-2-amd64 (SMP w/4 CPU cores)
> Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8),
> LANGUAGE=en_US:en (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: systemd (via /run/systemd/system)
> LSM: AppArmor: enabled
>
> Versions of packages needrestart depends on:
> ii dpkg 1.19.0.4
> ii gettext-base 0.19.8.1-4
> ii libintl-perl 1.26-2
> ii libmodule-find-perl0.13-1
> ii libmodule-scandeps-perl1.24-1
> ii libproc-processtable-perl 0.53-2+b2
> ii libsort-naturally-perl 1.03-1
> ii libterm-readkey-perl 2.37-1+b2
> ii perl 5.26.1-3
> ii xz-utils 5.2.2-1.3
>
> Versions of packages needrestart recommends:
> pn libpam-systemd | sysvinit-core
>
> Versions of packages needrestart suggests:
> ii libnotify-bin 0.7.7-3
>
> -- Configuration Files:
> /etc/needrestart/needrestart.conf changed:
> $nrconf{sendnotify} = 0;
> $nrconf{restart} = 'a';
> $nrconf{ui} = 'NeedRestart::UI::stdio';
> $nrconf{blacklist} = [
> # ignore sudo (not a daemon)
> qr(^/usr/bin/sudo(\.dpkg-new)?$),
> # ignore DHCP clients
> qr(^/sbin/(dhclient|dhcpcd5|pump|udhcpc)(\.dpkg-new)?$),
> # ignore apt-get (Debian Bug#784237)
> qr(^/usr/bin/apt-get(\.dpkg-new)?$),
> ];
> $nrconf{override_rc} = {
> # DBus
> qr(^dbus) => 0,
> # display managers
> qr(^gdm) => 0,
> qr(^kdm) => 0,
> qr(^nodm) => 0,
> qr(^sddm) => 0,
> qr(^wdm) => 0,
> qr(^xdm) => 0,
> qr(^lightdm) => 0,
> qr(^slim) => 0,
> qr(^lxdm) => 0,
> # networking stuff
> qr(^network-manager) => 0,
> qr(^NetworkManager) => 0,
> qr(^wpa_supplicant) => 0,
> qr(^openvpn) => 0,
> qr(^quagga) => 0,
> qr(^tinc) => 0,
> # gettys
> qr(^getty@.+\.service) => 0,
> # systemd --user
> qr(^user@\d+\.service) => 0,
> # misc
> qr(^zfs-fuse) => 0,
> qr(^mythtv-backend) => 0,
> qr(^xendomains) => 0,
> qr(^lxcfs) => 0,
> # workaround for broken systemd-journald
> # (see also Debian Bug#771122 & #771254)
> qr(^systemd-journald) => 0,
> # more systemd stuff
> # (see also Debian Bug#784238 & #784437)
> qr(^emergency\.service$) => 0,
> qr(^rescue
Bug#887828: needrestart: Possible false positive on postifx and wazuh-agent running in LXC container
tags 887828 upstream thanks Hi, you are running needrestart outside of the container? For some reason needrestart seems to not detect that the services are belonging to a LXC container. And the postfix service name looks suspicious. Could you please provide the content of /proc/$PID/cgroup of the postfix's master service? Thanks, Thomas Chris writes: > Package: needrestart > Version: 2.11-3 > Severity: normal > > Dear Maintainer, > > having Postfix and the wazuh-agent package from [1] on a current Debian > Stretch 9.3 running within an LXC container shows the following services > as required for a restart even if the services, the container or the > host was freshly restarted: > > postfix@-.service > wazuh-agent.service > > Running needrestart with the -v parameter shows this output: > > [main] eval /etc/needrestart/needrestart.conf > [main] needrestart v2.11 > [main] running in root mode > [Core] Using UI 'NeedRestart::UI::stdio'... > [main] detected systemd > [main] #372 uses non-existing /var/ossec/bin/ossec-agentd > [main] #372 is not a child > [main] #1047 uses non-existing /usr/lib/postfix/sbin/pickup > [main] #1047 is a child of #438 > [main] #372 exe => /var/ossec/bin/ossec-agentd > [main] #372 is wazuh-agent.service > [main] #438 exe => /usr/lib/postfix/sbin/master > [main] #438 is postfix@-.service > [Kernel] Linux: kernel release 4.13.13-5-pve, kernel version #1 SMP PVE > 4.13.13-36 (Mon, 15 Jan 2018 12:36:49 +0100) > [Kernel/Linux] Did not find any linux images. > Failed to retrieve available kernel versions. > Restarting services... > Services to be restarted: > Restart «postfix@-.service»? [Ynas?] n > Restart «wazuh-agent.service»? [Ynas?] n > Services being skipped: > systemctl restart postfix@-.service > systemctl restart wazuh-agent.service > No containers need to be restarted. > No user sessions are running outdated binaries. > > The two mentioned binaries which doesn't exist according to needrestart > output are there and accessible: > > ls -la /var/ossec/bin/ossec-agentd > > -rwxr-x--- 1 root root 528136 Dez 22 18:59 /var/ossec/bin/ossec-agentd > > ls -la /usr/lib/postfix/sbin/pickup > > -rwxr-xr-x 1 root root 14408 Sep 27 06:56 /usr/lib/postfix/sbin/pickup > > ls -la > > Not sure what causes this behavior. If there are any additional info i > could / need to provide please let me know. > > Thanks, > > [1] > https://documentation.wazuh.com/current/installation-guide/installing-wazuh-agent/wazuh_agent_deb.html -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#886445: needrestart: detect need to reboot due to Intel microcode updates
Henrique de Moraes Holschuh writes: > On Sat, 13 Jan 2018, Thomas Liske wrote: >> # iucode_tool -Sl /lib/firmware/intel-ucode/ > > It would have to be: > > iucode_tool -Sl /lib/firmware/intel-ucode /usr/share/misc/intel-microcode* > > and that could still miss something. > > > Maybe it would be best to look inside the initrds directly, too... > > iucode_tool -Sl -tb /lib/firmware/intel-ucode \ > -ta /usr/share/misc/intel-microcode* \ > -tr /boot/initrd* ACK on the /usr/share/misc/intel-microcode* glob, but I still don't like to attend the initrd's since they are just an intermediate. If the sysadmin follows intel-microcode/README.Debian.gz the /usr... glob should be sufficient. Regards, Thomas -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#886445: needrestart: detect need to reboot due to Intel microcode updates
Hi, Paul Wise writes: > On Sat, 2018-01-13 at 14:20 +0100, Thomas Liske wrote: > >> during adding the feature in needrestart I've looked more closely at the >> uicode-tool stuff. I don't think we need to examine the initrd since >> the following command should give already the required informations: >> >> # iucode_tool -Sl /lib/firmware/intel-ucode/ > > That would give false positives when the system has disabled adding the > microcode to the initrd, since rebooting will not give the new ucode. > This could happen if the sysadmin experienced issues with new ucodes. wouldn't the microcode updates included into the initrd automaticly? I don't find any config option in intel-microcode or initramfs-tools to disable adding the microcode updates. I would expect that intel-microcode is removed in such cases. In case the initrd is build manually it will be still possible to disable the microcode feature in needrestart 3.0 by an configuration option. So the sysadmin needs to consciously decide to ignore them. >> For the check in needrestart it should be enough to compare the current >> running microcode signature with the latest available one. This would >> also handle outdated initrd images gracefuly. > > I think on Debian at least, outdated microcode in the initrd could only > be intentional on the part of the sysadmin. Maybe some postinst problems like running out of disk space. I still prefere to ignore the initrd completly since it is not provided by Debian but build on the host and so it can be broken or outdated or isn't used at all. It is hard to find the correct initrd file, especially for 3rd party or self-build kernels not using the kernel-package. Regards, Thomas -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#886445: needrestart: detect need to reboot due to Intel microcode updates
Hi Paul, during adding the feature in needrestart I've looked more closely at the uicode-tool stuff. I don't think we need to examine the initrd since the following command should give already the required informations: # iucode_tool -Sl /lib/firmware/intel-ucode/ iucode_tool: system has processor(s) with signature 0x000306c3 microcode bundle 1: /lib/firmware/intel-ucode/06-5e-03 microcode bundle 2: /lib/firmware/intel-ucode/06-3d-04.initramfs ... microcode bundle 54: /lib/firmware/intel-ucode/06-25-05 microcode bundle 55: /lib/firmware/intel-ucode/0f-06-02 selected microcodes: 003/001: sig 0x000306c3, pf_mask 0x32, 2017-01-27, rev 0x0022, size 22528 The processor is running a microcode with signature 0x000306c3 and the last line after 'selected microcodes:' should contain the most recent signature value, shouldn't it? I wonder if it is still required to look at the revision value for each CPU/Core (grep microcode /proc/cpuinfo). For single socket systems each core should report the same version. I do not now if it would possible to run different microcode releases on multi socket systems. For the check in needrestart it should be enough to compare the current running microcode signature with the latest available one. This would also handle outdated initrd images gracefuly. Regards, Thomas Thomas Liske writes: > tags 886445 upstream > thanks > > > Hi Paul, > > thanks for summarising your findings. I'm going add the new feature to > handle the microcode update problem in needrestart 3.0. > > > HTH, > Thomas > > > Paul Wise writes: > >> Package: needrestart >> Version: 2.11-4 >> Severity: wishlist >> >> Please detect the need to reboot to apply Intel microcode updates. >> >> When iucode_tool is installed, please check if /boot/initrd.img* >> contain the same microcode rev for the current CPU signature as the >> Linux kernel is listing in /proc/cpuinfo as the microcode version. >> >> First, get the processor signature (also available in next step): >> >> $ /usr/sbin/iucode_tool -Sv >> /usr/sbin/iucode_tool: system has processor(s) with signature 0x00020655 >> >> Second, match the processor signature against the 'sig' field of the >> selected microcodes in all the initrds and extract the 'rev' field of >> that microcode. >> >> $ /usr/sbin/iucode_tool -tr -Sl /boot/initrd.img-4.14.0-2-amd64 >> /usr/sbin/iucode_tool: system has processor(s) with signature 0x00020655 >> microcode bundle 1: /boot/initrd.img-4.14.0-2-amd64 >> selected microcodes: >> 001/001: sig 0x00020652, pf_mask 0x12, 2015-06-30, rev 0x000f, size 8192 >> 001/002: sig 0x00020655, pf_mask 0x92, 2015-06-30, rev 0x0005, size 3072 >> >> Third, match the extracted rev field against the microcode field in the >> Linux /proc/cpuinfo file. >> >> $ grep micro /proc/cpuinfo >> microcode: 0x5 >> microcode: 0x5 >> microcode: 0x5 >> microcode: 0x5 >> >> When running as root, the microcode versions are also in /sys: >> >> $ head /sys/devices/system/cpu/*/microcode/version >> head: cannot open '/sys/devices/system/cpu/cpu0/microcode/version' for >> reading: Permission denied >> head: cannot open '/sys/devices/system/cpu/cpu1/microcode/version' for >> reading: Permission denied >> head: cannot open '/sys/devices/system/cpu/cpu2/microcode/version' for >> reading: Permission denied >> head: cannot open '/sys/devices/system/cpu/cpu3/microcode/version' for >> reading: Permission denied >> >> $ sudo head /sys/devices/system/cpu/*/microcode/version >> ==> /sys/devices/system/cpu/cpu0/microcode/version <== >> 0x5 >> >> ==> /sys/devices/system/cpu/cpu1/microcode/version <== >> 0x5 >> >> ==> /sys/devices/system/cpu/cpu2/microcode/version <== >> 0x5 >> >> ==> /sys/devices/system/cpu/cpu3/microcode/version <== >> 0x5 >> >> -- >> bye, >> pabs >> >> https://wiki.debian.org/PaulWise > > -- > supp...@ibh.de Tel. +49 351 477 77 30 > www.ibh.de Fax +49 351 477 77 39 > > --- > Dipl.-Ing. Thomas Liske > Teamleiter DataCenter Services > > > IBH IT-Service GmbH Amtsgericht Dresden > Heilbronner Str. 20 HRB 13626 > 01189 DresdenGF: Prof. Dr. T. Horn, S. Horn > Germany VAT DE182302907 > --- > Ihr Partner für: LAN, WAN IP-Quality, Security, VoIP, SAN, Backup, USV > --- >professioneller IT-Service - kompetent und zuverlässig > --- > -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#886445: needrestart: detect need to reboot due to Intel microcode updates
tags 886445 upstream thanks Hi Paul, thanks for summarising your findings. I'm going add the new feature to handle the microcode update problem in needrestart 3.0. HTH, Thomas Paul Wise writes: > Package: needrestart > Version: 2.11-4 > Severity: wishlist > > Please detect the need to reboot to apply Intel microcode updates. > > When iucode_tool is installed, please check if /boot/initrd.img* > contain the same microcode rev for the current CPU signature as the > Linux kernel is listing in /proc/cpuinfo as the microcode version. > > First, get the processor signature (also available in next step): > > $ /usr/sbin/iucode_tool -Sv > /usr/sbin/iucode_tool: system has processor(s) with signature 0x00020655 > > Second, match the processor signature against the 'sig' field of the > selected microcodes in all the initrds and extract the 'rev' field of > that microcode. > > $ /usr/sbin/iucode_tool -tr -Sl /boot/initrd.img-4.14.0-2-amd64 > /usr/sbin/iucode_tool: system has processor(s) with signature 0x00020655 > microcode bundle 1: /boot/initrd.img-4.14.0-2-amd64 > selected microcodes: > 001/001: sig 0x00020652, pf_mask 0x12, 2015-06-30, rev 0x000f, size 8192 > 001/002: sig 0x00020655, pf_mask 0x92, 2015-06-30, rev 0x0005, size 3072 > > Third, match the extracted rev field against the microcode field in the > Linux /proc/cpuinfo file. > > $ grep micro /proc/cpuinfo > microcode : 0x5 > microcode : 0x5 > microcode : 0x5 > microcode : 0x5 > > When running as root, the microcode versions are also in /sys: > > $ head /sys/devices/system/cpu/*/microcode/version > head: cannot open '/sys/devices/system/cpu/cpu0/microcode/version' for > reading: Permission denied > head: cannot open '/sys/devices/system/cpu/cpu1/microcode/version' for > reading: Permission denied > head: cannot open '/sys/devices/system/cpu/cpu2/microcode/version' for > reading: Permission denied > head: cannot open '/sys/devices/system/cpu/cpu3/microcode/version' for > reading: Permission denied > > $ sudo head /sys/devices/system/cpu/*/microcode/version > ==> /sys/devices/system/cpu/cpu0/microcode/version <== > 0x5 > > ==> /sys/devices/system/cpu/cpu1/microcode/version <== > 0x5 > > ==> /sys/devices/system/cpu/cpu2/microcode/version <== > 0x5 > > ==> /sys/devices/system/cpu/cpu3/microcode/version <== > 0x5 > > -- > bye, > pabs > > https://wiki.debian.org/PaulWise -- supp...@ibh.de Tel. +49 351 477 77 30 www.ibh.de Fax +49 351 477 77 39 --- Dipl.-Ing. Thomas Liske Teamleiter DataCenter Services IBH IT-Service GmbH Amtsgericht Dresden Heilbronner Str. 20 HRB 13626 01189 DresdenGF: Prof. Dr. T. Horn, S. Horn Germany VAT DE182302907 --- Ihr Partner für: LAN, WAN IP-Quality, Security, VoIP, SAN, Backup, USV --- professioneller IT-Service - kompetent und zuverlässig ---
Bug#886611: needrestart: detect need to reboot due to AMD microcode updates
tags 886611 upstream thanks Hi Paul, checking if initramfs is newer than uptime might be a good idea in general. A reboot may be also required due to updates of 3rd party kernel modules (like DKMS) if they are part of the initramfs. I would avoid to parse the initramfs in needrestart (would need to handle different compression and archive file types etc.) just to look for the microcode files. Report and recommend a reboot if there is an updated initramfs should be sufficient, shouldn't it? HTH, Thomas Paul Wise writes: > Package: needrestart > Version: 2.11-4 > Severity: wishlist > > Please detect the need to reboot to apply AMD microcode updates. > > The amd64-microcode maintainer suggested that this could be done by > detecting that the initramfs is newer than uptime, and if so, look at > the microcode files in the package and check if they are newer than > uptime but older than the initramfs. If the microcode files are newer > than the initramfs and newer than the uptime there could be a warning. > > $ apt-file show amd64-microcode | grep ucode > amd64-microcode: /lib/firmware/amd-ucode/microcode_amd.bin > amd64-microcode: /lib/firmware/amd-ucode/microcode_amd_fam15h.bin > amd64-microcode: /lib/firmware/amd-ucode/microcode_amd_fam16h.bin > > This might require packaging the Unix::Uptime CPAN module: > > https://metacpan.org/pod/Unix::Uptime > https://github.com/pioto/Unix-Uptime > > Until that happens, you could parse /proc/uptime manually. > > -- > bye, > pabs > > https://wiki.debian.org/PaulWise -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#885448: needrestart manual: typo: (a)dvaned -> (a)dvanced
tags 885448 upstream fixed-upstream thanks Hi Paul, I've patched the typo upstream. Thanks, Thomas Paul Wise writes: > Package: needrestart > Version: 2.11-4 > Severity: minor > File: /usr/share/man/man1/needrestart.1.gz > > There is a typo in the manual page, this line: > > a (a)dvaned mode > > Should be changed to this line: > > a (a)dvanced mode > > -- System Information: > Debian Release: buster/sid > APT prefers testing-debug > APT policy: (900, 'testing-debug'), (900, 'testing'), (800, > 'unstable-debug'), (800, 'unstable'), (790, 'buildd-unstable'), (700, > 'experimental-debug'), (700, 'experimental'), (690, 'buildd-experimental') > Architecture: amd64 (x86_64) > > Kernel: Linux 4.14.0-2-amd64 (SMP w/4 CPU cores) > Locale: LANG=en_AU.utf8, LC_CTYPE=en_AU.utf8 (charmap=UTF-8), > LANGUAGE=en_AU.utf8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > Init: systemd (via /run/systemd/system) > > Versions of packages needrestart depends on: > ii dpkg 1.19.0.4 > ii gettext-base 0.19.8.1-4 > ii libintl-perl 1.26-2 > ii libmodule-find-perl0.13-1 > ii libmodule-scandeps-perl1.24-1 > ii libproc-processtable-perl 0.53-2+b2 > ii libsort-naturally-perl 1.03-1 > ii libterm-readkey-perl 2.37-1+b2 > ii perl 5.26.1-3 > ii xz-utils 5.2.2-1.3 > > Versions of packages needrestart recommends: > ii libpam-systemd 236-1 > > Versions of packages needrestart suggests: > ii libnotify-bin0.7.7-3 > ii needrestart-session 0.3-5 > > -- > bye, > pabs > > https://wiki.debian.org/PaulWise -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#866105: needrestart: please have a mechanism to invoke needrestart from apt with -r a
tags 866105 upstream fixed-upstream
thanks
Re,
Marc Haber writes:
> On Fri, Nov 03, 2017 at 11:14:53AM +0100, Thomas Liske wrote:
>> Marc Haber writes:
>>
>> > I didn't find any possibility in needrestart.conf to set the equivalent
>> > of the -r option. Maybe that's a documentation issue?
>>
>> indeed there is the $nrconf{restart} config option. It might be
>> confusing since the word 'mode' is *not* used the configuration comment.
>
> It is. searched for "mode" and "interactive", and missed the latter
> because it's (i)nteractive in the comments.
>
> So, I just dump a foo.conf in /etc/needrestart/conf.d/ containing
> $nrconf{restart}="a" and I'm fine?
Yes. I've added the word 'mode' to the config file (upstream commit
16fde7c).
>> > If I can set the equivalent of -r a from a /etc/needrestart/conf.d/
>> > snippet, I'm fine and this reprt can be closed.
>>
>> An environment variable might be still useful since they can be easely
>> used in some CM or automation tools (especially in ansible).
>
> Agreed, yes.
I've added support for the NEEDRESTART_MODE environment variable which
can be used to pass the restart mode (upstream patch 6269672).
HTH & Thanks,
Thomas
> Greetings
> Marc
>
> --
> -
> Marc Haber | "I don't trust Computers. They | Mailadresse im Header
> Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402
> Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
>
--
:: WWW:https://fiasko-nw.net/~thomas/ ::
::: Jabber: xmpp:tho...@jabber.fiasko-nw.net :::
:: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#866105: needrestart: please have a mechanism to invoke needrestart from apt with -r a
Re,
Marc Haber writes:
> I didn't find any possibility in needrestart.conf to set the equivalent
> of the -r option. Maybe that's a documentation issue?
indeed there is the $nrconf{restart} config option. It might be
confusing since the word 'mode' is *not* used the configuration comment.
> If I can set the equivalent of -r a from a /etc/needrestart/conf.d/
> snippet, I'm fine and this reprt can be closed.
An environment variable might be still useful since they can be easely
used in some CM or automation tools (especially in ansible).
Regards,
Thomas
--
:: WWW:https://fiasko-nw.net/~thomas/ ::
::: Jabber: xmpp:tho...@jabber.fiasko-nw.net :::
:: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#866105: needrestart: please have a mechanism to invoke needrestart from apt with -r a
Hi Marc,
Marc Haber writes:
> Package: needrestart
> Version: 2.11-3
> Severity: wishlist
>
> Dear Maintainer,
>
> during automated processes, such as puppet runs or automated upgrades,
> it is sometimes acceptable to restart daemons without asking. In this
> case, I would like to have my system return to the normal way of
> operation after the automated processing. It would, therefore, be not a
> good idea to actually modify /etc/apt/apt.conf.d/99needrestart because
> one would need to re-edit the file to its original state.
>
> Would it be possible to have /usr/lib/needrestart/apt-pinvoke source a
> (normally not existing) /etc/needrestart.conf where one could put the
> options in? or even an /etc/needrestart.d where one could drop a file
> and remove it afterwards?
you could extend needrestart's configuration by putting a file into
/etc/needrestart/conf.d/. Since the config files are sourced perl
scripts it would be even possible to test for env variables or existing
of files and change the configuration dynamicly. Does this already solve
your request? There is already support for an environment variable
("NEEDRESTART_SUSPED") to temporary deactivate needrestart. Do you think
there should be support for another variable like "NEEDRESTART_MODE" to
be able to override the configured mode?
> In the mean time, I have added an 98needrestart which calls apt-pinvoke
> -r a, but this of course means that needrestart runs twice - once
> noninteractively, doing the necessary restarts, and a second time
> interactively with (hopefully) nothing to do. Is this
> intended/acceptable use?
There are some fixes in the upcomming needrestart 2.12 release fixing
the detection of non-interactive runs and enable list only mode in case
interactive mode is configured (which is the default). See also Debian
Bug#842512.
Regards,
Thomas
> Greetings
> Marc
>
> -- Package-specific info:
> needrestart output:
>
> checkrestart output:
>
>
> -- System Information:
> Debian Release: 9.0
> APT prefers unstable
> APT policy: (500, 'unstable')
> Architecture: amd64 (x86_64)
> Foreign Architectures: i386
>
> Kernel: Linux 4.11.6-zgws1 (SMP w/4 CPU cores)
> Locale: LANG=en_DK.utf8, LC_CTYPE=en_DK.utf8 (charmap=UTF-8), LANGUAGE=en_US
> (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: systemd (via /run/systemd/system)
>
> Versions of packages needrestart depends on:
> ii dpkg 1.18.24
> ii gettext-base 0.19.8.1-2
> ii libintl-perl 1.26-2
> ii libmodule-find-perl0.13-1
> ii libmodule-scandeps-perl1.23-1
> ii libproc-processtable-perl 0.53-2
> ii libsort-naturally-perl 1.03-1
> ii libterm-readkey-perl 2.37-1
> ii perl 5.24.1-3
> ii xz-utils 5.2.2-1.2+b1
>
> Versions of packages needrestart recommends:
> ii libpam-systemd 232-25
>
> Versions of packages needrestart suggests:
> pn needrestart-session | libnotify-bin
>
> -- no debconf information
>
--
:: WWW:https://fiasko-nw.net/~thomas/ ::
::: Jabber: xmpp:tho...@jabber.fiasko-nw.net :::
:: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#842512: explain how this integrates with various unattended-upgrade solutions
tags 842512 upstream fixed-upstream
thanks
Hi Antoine,
Antoine Beaupré writes:
> It is unclear to me whether installing this package alongside a
> properly configured "unattended-upgrade" package will do the right
> thing (that is, automatically restart services).
it depends, I do not think that everybody will agree (security
vs. stability).
> I am unsure because the default config (needrestart.conf) has the
> following entry, which I assume to be the default:
>
> # Restart services (l)ist only, (i)nteractive or (a)utomatically.
> #$nrconf{restart} = 'i';
>
> It *looks* like things work, because on the server where I have both
> setup, running needrestart by hand tells me everything is fine. Is it
> that "a" is the default, or that needrestart can tell there's no
> terminal, or what?
The default is interactive mode. Recently, several bugs have been fixed
regarding the detection of non-interactive runs. So unfortunately
needrestart 2.12+ might now behave different if run non-interactive
while the list mode is configured (which is the default).
> It would be great if this is documented better (i looked, without
> luck, in the manpage and readme files).
I've added a short warning to the manpage, the default config and the
NEWS file.
@Patrick: Maybe you should add a NEWS.Debian on this?
HTH,
Thomas
> Thanks!
>
> -- Package-specific info:
> needrestart output:
> Your outdated processes:
> chromium[13772]
>
> checkrestart output:
>
>
> -- System Information:
> Debian Release: 8.6
> APT prefers stable-updates
> APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500,
> 'stable'), (1, 'testing')
> Architecture: amd64 (x86_64)
>
> Kernel: Linux 4.7.0-0.bpo.1-amd64 (SMP w/2 CPU cores)
> Locale: LANG=fr_CA.UTF-8, LC_CTYPE=fr_CA.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: systemd (via /run/systemd/system)
>
> Versions of packages needrestart depends on:
> ii dpkg 1.17.27
> ii gettext-base 0.19.3-2
> ii libintl-perl 1.23-1+deb8u1
> ii libmodule-find-perl0.12-1
> ii libmodule-scandeps-perl1.16-1
> ii libproc-processtable-perl 0.51-1
> ii libsort-naturally-perl 1.03-1
> ii libterm-readkey-perl 2.32-1+b1
> ii perl 5.20.2-3+deb8u6
> ii xz-utils 5.1.1alpha+20120614-2+b3
>
> needrestart recommends no packages.
>
> Versions of packages needrestart suggests:
> ii libnotify-bin 0.7.6-2
>
> -- no debconf information
>
--
:: WWW:https://fiasko-nw.net/~thomas/ ::
::: Jabber: xmpp:tho...@jabber.fiasko-nw.net :::
:: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#864347: needrestart: Multiple "Use of uninitialized value" error messages
tags 864347 upstream fixed-upstream thanks Hi Vincas, Vincas Dargis writes: > I've noticed that running needrestart produces these "uninitialized > value" messages: [snip] > I am not sure how (if) serious is this, I do get list of applications > that need to be restarted occasionaly after pakage upgrades. the fallback mechanism to get systemd's service name for a PID (which requires a restart) was broken until needrestart 2.1[1]. Due to the bug needrestart's result is incomplete. [1] https://github.com/liske/needrestart/commit/1367016960760177d75a0f2905cc5c16dd056ffe You might consider to get needrestart from jessie-backports. HTH, Thomas > -- Package-specific info: > needrestart output: > Running kernel seems to be up-to-date. > No services need to be restarted. > > > > -- System Information: > Debian Release: 8.8 > APT prefers stable-updates > APT policy: (500, 'stable-updates'), (500, 'stable') > Architecture: amd64 (x86_64) > > Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) > Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > Init: systemd (via /run/systemd/system) > > Versions of packages needrestart depends on: > ii dpkg 1.17.27 > ii libmodule-find-perl0.12-1 > ii libmodule-scandeps-perl1.16-1 > ii libproc-processtable-perl 0.51-1 > ii libsort-naturally-perl 1.03-1 > ii libterm-readkey-perl 2.32-1+b1 > ii perl 5.20.2-3+deb8u7 > > needrestart recommends no packages. > > needrestart suggests no packages. > > -- no debconf information > -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#878700: needrestart: False positive with AppImage
tags 878700 fixed-upstream - moreinfo
thanks
Hi Richard,
thanks for the detailed update. The problem was a bug in needrestart
due to the inspection of a non-existing mapping in /tmp (so you also got
that many "Use of uninitialized value" warnings).
The patch for the original github issue #58[1] is already part of the
upcomming needrestart 2.12 release. I was unable to reproduce the
problem with the most recent development version.
[1] https://github.com/liske/needrestart/issues/58
Thanks,
Thomas
Richard Hector writes:
>>> It appears that AppImage packages mount their filesystem under /tmp/,
>>> and needrestart may find that there are open binaries or libraries there
>>> but be unable to find them. Sorry, I'm not sure how to word this ...
>>
>> yes, it seems to do some FUSE mounting which might trigger problems
>> since they are (intentional) not available for root.
>>
>>
>>> The symptom I see is that I'm asked to restart xfce4-session every time
>>> I run needrestart, and it appears to be the NextCloud Appimage that's
>>> triggering it.
>>
>> I never used AppImage before. I've just tried some random apps which
>> are working fine and did not produce any false positives.
>>
>>
>>> From sudo needrestart -v:
>>>
>>> [main] #8534 uses obsolete /tmp/.mount_Nextcl4R40GR/usr/bin/nextcloud
>>>
>>> I can show more of that output if needed (but would try for a minimal
>>> case)
>>
>> the content of /proc/$PID/maps and `ls -lha /proc/$PID/{root,cwd}` might
>> help. Maybe you could provide steps howto reproduce the problem (where
>> to get the AppImage, which action are required so needrestart begins to
>> report the false positive).
>
> The AppImage I was using came from here:
>
> https://nextcloud.com/install/#install-clients
> or specifically
> https://download.nextcloud.com/desktop/releases/Linux/Nextcloud-2.3.2-x86_64.AppImage
>
> I'm not actually using it any more (it has breakage with libssl issues,
> and I discovered they do actually have debian packages) ... but luckily
> it's easy to reinstall :-)
>
> To see the problem: copy the file to (eg) ~/bin, and chmod +x, and run
> it. Then sudo needrestart (in a new window, because I didn't background it).
>
> richard@zircon:~/bin$ chmod +x Nextcloud-2.3.2-x86_64.AppImage
> richard@zircon:~/bin$ ./Nextcloud-2.3.2-x86_64.AppImage
> [no further output to terminal; shows up in panel. Doesn't work properly
> due to SSL problem, but that shouldn't be relevant - it did the same
> thing before when it was working]
>
> richard@zircon:~$ sudo needrestart -v 2> needrestart-v.txt
> Running kernel seems to be up-to-date.
> No services need to be restarted.
> No containers need to be restarted.
> User sessions running outdated binaries:
> richard @ session #2053: bash[5479]
>
> needrestart-v.txt attached to avoid wrapping.
>
> PID:
> [main] #5509 uses obsolete /tmp/.mount_NextclC5qDvr/usr/bin/nextcloud
>
>
> /proc/5509/maps attached to avoid wrapping.
>
> richard@zircon:~$ ls -lha /proc/5509/{root,cwd}
> lrwxrwxrwx 1 richard richard 0 Nov 2 12:15 /proc/5509/cwd ->
> /home/richard/bin
> lrwxrwxrwx 1 richard richard 0 Nov 2 12:15 /proc/5509/root -> /
>
> Note that this time I'm running it from bash rather than from
> xfce4-session, so that's what I'm asked to restart.
>
> HTH, and thanks
>
> Richard
> 0040-006a2000 r-xp 00:2e 313
> /tmp/.mount_NextclC5qDvr/usr/bin/nextcloud
> 008a2000-008ab000 r--p 002a2000 00:2e 313
> /tmp/.mount_NextclC5qDvr/usr/bin/nextcloud
> 008ab000-008af000 rw-p 002ab000 00:2e 313
> /tmp/.mount_NextclC5qDvr/usr/bin/nextcloud
> 01bb5000-01fb6000 rw-p 00:00 0
> [heap]
> 7fc0f800-7fc0f8021000 rw-p 00:00 0
> 7fc0f8021000-7fc0fc00 ---p 00:00 0
> 7fc0ff0d2000-7fc0ff0d3000 ---p 00:00 0
> 7fc0ff0d3000-7fc0ff8d3000 rw-p 00:00 0
> 7fc0ff8d3000-7fc0ff8e6000 r-xp 09:00 1047530
> /lib/x86_64-linux-gnu/libgpg-error.so.0.21.0
> 7fc0ff8e6000-7fc0ffae5000 ---p 00013000 09:00 1047530
> /lib/x86_64-linux-gnu/libgpg-error.so.0.21.0
> 7fc0ffae5000-7fc0ffae6000 r--p 00012000 09:00 1047530
> /lib/x86_64-linux-gnu/libgpg-error.so.0.21.0
> 7fc0ffae6000-7fc0ffae7000 rw-p 00013000 09:00 1047530
> /lib/x86_64-linux-gnu/libgpg-error.so.0.21.0
> 7fc0ffae7000-7fc0ffaee000 r-xp 09:00 930879
> /usr/lib/x86_64-linux-gnu/libffi.so.6.0.4
> 7fc0ffaee000-7fc0ffcee000 ---p 7000 09:00 930879
> /usr/lib/x86_64-linux-gnu/libffi.so.6.0.4
> 7fc0ffcee000-7fc0ffcef000 r--p 7000 09:00 930879
> /usr/lib/x86_64-linux-gnu/libffi.so.6.0.4
> 7fc0ffcef000-7fc0ffcf rw-p 8000 09:00 930879
> /usr/lib/x86_64-linux-gnu/libffi.so.6.0.4
> 7fc0ffcf-7fc0ffdf7000 r-xp 09:00 1047538
Bug#857730: Need to support DPKG_ROOT
tags 857730 upstream severity 857730 wishlist thanks Hi Bastien, Bastien ROUCARIES writes: >>> severity: important >> >> Using severity important for anything DPKG_ROOT related sounds dubious >> to me, because the feature is not finalized in dpkg, but a technology >> preview. Please do not abuse the bug severity - I do not think that this issue has any major effect on the usability of a package. [1] https://www.debian.org/Bugs/Developer#severities >>> Testing dpkg testsuite without beeing root needrestart crash. >> >> Maybe you can give more details here as to what crashes and how it >> fails? >> >>> I believe need restart need to take in account $DPKG_ROOT >> >> You mentioned on irc that the file you want to touch is >> /etc/dpkg/dpkg.cfg.d/needrestart. That's not a maintainer script. >> DPKG_ROOT is only defined during maintainer script execution. Thus >> DPKG_ROOT will be undefined here. >> >>> at least it should not execute if dpkg-root is set (so patch) >> >> Why should execution of needrestart depend on the way maintainer scripts >> are executed? That doesn't make any sense to me. Shouldn't the real >> condition be something like skipping needrestart when it is not >> installed in the system /? > > No rootless dpkg fail if needrestart is installed. This is the bug. > > To test install dpkg testsuite and run > > DPKG_TESTSUITE_OPTIONS="not-root" eatmydata make test > > it will fail with a permission problem Please provide a consistent error description (Does needrestart crash or is there a permission problem?) including some screen logs and howto reproduce the problem. If the testsuite stuff is WIP we maybe should wait until it is finalized and there is a recommendation available howto handle the testsuite in (pre-invoke|post-invoke|status-logger) commands. HTH, Thomas -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#876459: needrestart: Non-interactive mode not being detected properly
tags 876459 fixed-upstream
notfixed 803249 needrestart/2.6-1
thanks
Hi Piotr,
the fix of Debian Bug#803249 was broken. I've applied your patch
upstream, this fixes #803249 and #876459. Thanks!
Regards,
Thomas
Piotr Pańczyk writes:
> Package: needrestart
> Version: 2.11-3
> Severity: important
> Tags: upstream patch
>
> Dear Maintainer,
> the problem described in the archived bug #803249 still exists in 2.11-3
> (Debian 9.1). When needrestart is run without a tty AND with
> DEBIAN_FRONTEND=noninteractive, it still tries to work interactively rather
> than fall back to "list only" mode. In some cases it causes unwanted
> restarts. The easiest way to reproduce it is to run needrestart from cron,
> redirecting the output to a file.
>
> I attach a patch that may work, but I'm not sure, as I know Perl only a
> little and don't know other implementation details. In my case it is working
> as expected.
>
> The problem is rather serious. I use Ansible for automation and once I run it
> to install something on an OpenVZ host. After installation by apt-get,
> needrestart started to restart VZ containers, including the one from which
> Ansible was run. I ended up with all the containers stopped!
>
> Regards,
> Piotr
>
>
> -- System Information:
> Debian Release: 9.1
> APT prefers stable-updates
> APT policy: (500, 'stable-updates'), (500, 'stable')
> Architecture: amd64 (x86_64)
>
> Kernel: Linux 2.6.32.bsd54g54 (SMP w/24 CPU cores)
> Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
> LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: sysvinit (via /sbin/init)
>
> Versions of packages needrestart depends on:
> ii dpkg 1.18.24
> ii gettext-base 0.19.8.1-2
> ii libintl-perl 1.26-2
> ii libmodule-find-perl0.13-1
> ii libmodule-scandeps-perl1.23-1
> ii libproc-processtable-perl 0.53-2
> ii libsort-naturally-perl 1.03-1
> ii libterm-readkey-perl 2.37-1
> ii perl 5.24.1-3+deb9u1
> ii xz-utils 5.2.2-1.2+b1
>
> Versions of packages needrestart recommends:
> ii sysvinit-core 2.88dsf-59.9
>
> Versions of packages needrestart suggests:
> pn needrestart-session | libnotify-bin
>
> -- no debconf information
> --- needrestart-2.11.orig/needrestart
> +++ needrestart-2.11/needrestart
> @@ -181,7 +181,7 @@ $nrconf{ui} = qq(NeedRestart::UI::stdio)
> die "Hook directory '$nrconf{hook_d}' is invalid!\n" unless(-d
> $nrconf{hook_d} || $opt_b);
> $opt_r = $nrconf{restart} unless(defined($opt_r));
> die "ERROR: Unknown restart option '$opt_r'!\n" unless($opt_r =~
> /^(l|i|a)$/);
> -$is_tty++ if($opt_r eq 'i' && exists($ENV{DEBIAN_FRONTEND}) &&
> $ENV{DEBIAN_FRONTEND} eq 'noninteractive');
> +$is_tty = 0 if($opt_r eq 'i' && exists($ENV{DEBIAN_FRONTEND}) &&
> $ENV{DEBIAN_FRONTEND} eq 'noninteractive');
> $opt_r = 'l' if(!$is_tty && $opt_r eq 'i');
>
> $opt_m = $nrconf{ui_mode} unless(defined($opt_m));
--
:: WWW:https://fiasko-nw.net/~thomas/ ::
::: Jabber: xmpp:tho...@jabber.fiasko-nw.net :::
:: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#859387: NeedRestart::UI assumes STDOUT is a terminal
Re, Guillaume writes: > Would the fix make it into the upcoming 2.12 release ? > > I just want to know which version to watch for, no hurry. yes, it will be part of 2.12 as any other fixes and changes being merged before releasing it. There are still a few issues left for fixing before I'm going to release 2.12. Regards, Thomas -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#878700: needrestart: False positive with AppImage
tags 878700 upstream moreinfo
thanks
Hi Richard,
Richard Hector writes:
> It appears that AppImage packages mount their filesystem under /tmp/,
> and needrestart may find that there are open binaries or libraries there
> but be unable to find them. Sorry, I'm not sure how to word this ...
yes, it seems to do some FUSE mounting which might trigger problems
since they are (intentional) not available for root.
> The symptom I see is that I'm asked to restart xfce4-session every time
> I run needrestart, and it appears to be the NextCloud Appimage that's
> triggering it.
I never used AppImage before. I've just tried some random apps which
are working fine and did not produce any false positives.
> From sudo needrestart -v:
>
> [main] #8534 uses obsolete /tmp/.mount_Nextcl4R40GR/usr/bin/nextcloud
>
> I can show more of that output if needed (but would try for a minimal
> case)
the content of /proc/$PID/maps and `ls -lha /proc/$PID/{root,cwd}` might
help. Maybe you could provide steps howto reproduce the problem (where
to get the AppImage, which action are required so needrestart begins to
report the false positive).
HTH,
Thomas
> -- Package-specific info:
> needrestart output:
> Your outdated processes:
> AppRun[8534]
>
> checkrestart output:
>
>
> -- System Information:
> Debian Release: 9.1
> APT prefers stable-updates
> APT policy: (500, 'stable-updates'), (500, 'stable')
> Architecture: amd64 (x86_64)
> Foreign Architectures: i386
>
> Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores)
> Locale: LANG=en_NZ.utf8, LC_CTYPE=en_NZ.utf8 (charmap=UTF-8),
> LANGUAGE=en_NZ:en (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: systemd (via /run/systemd/system)
>
> Versions of packages needrestart depends on:
> ii dpkg 1.18.24
> ii gettext-base 0.19.8.1-2
> ii libintl-perl 1.26-2
> ii libmodule-find-perl0.13-1
> ii libmodule-scandeps-perl1.23-1
> ii libproc-processtable-perl 0.53-2
> ii libsort-naturally-perl 1.03-1
> ii libterm-readkey-perl 2.37-1
> ii perl 5.24.1-3+deb9u2
> ii xz-utils 5.2.2-1.2+b1
>
> Versions of packages needrestart recommends:
> ii libpam-systemd 232-25+deb9u1
>
> Versions of packages needrestart suggests:
> ii libnotify-bin 0.7.7-2
>
> -- no debconf information
>
--
:: WWW:https://fiasko-nw.net/~thomas/ ::
::: Jabber: xmpp:tho...@jabber.fiasko-nw.net :::
:: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#859387: NeedRestart::UI assumes STDOUT is a terminal
tags 859387 upstream fixed-upstream forwarded 859387 https://github.com/liske/needrestart/issues/86 thanks Hi, I've adopted the PR and GetTerminalSize() should be no more called on a non-TTY STDOUT. Thanks for the report and the PR. Regards, Thomas Guillaume writes: > Hi, > > This also affects needrestart 2.11-3 on Debian testing > > I have logged a bug upstream for this at > https://github.com/liske/needrestart/issues/86 > > Louis' workaround isn't sufficient on my case, I am currently testing a > fix locally and may submit a pull request upstream later. > > Guillaume > -- > Jabber : guilla...@atto.be > PGP : 2054C46F0019B937 > -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#876452: needrestart: Unnamed block devices (like for OpenVZ's simfs) not being detected properly
tags 876452 fixed-upstream
thanks
Hi Piotr,
I've applied your patch upstream. The fix will be part of needrestart
2.12.
Thanks & regards,
Thomas
Piotr Pańczyk writes:
> Package: needrestart
> Version: 2.11-3
> Severity: important
> Tags: patch upstream
>
> Dear Maintainer,
> needrestart does not work properly on some OpenVZ containers - it always
> claims that everything needs to be restarted. There was a bug report about
> that in the upstream:
> https://github.com/liske/needrestart/issues/28
> but the solution given there (already included in Debian) does not cover all
> cases. As written in the kernel docs
> (https://github.com/torvalds/linux/blob/master/Documentation/admin-guide/devices.txt),
> unnamed device major number is not always 0, it can also be 144, 145 and
> 146. I've made a simple patch to handle that.
>
> Regards,
> Piotr
>
>
> -- System Information:
> Debian Release: 9.1
> APT prefers stable-updates
> APT policy: (500, 'stable-updates'), (500, 'stable')
> Architecture: amd64 (x86_64)
>
> Kernel: Linux 2.6.32.bsd54g54 (SMP w/24 CPU cores)
> Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
> LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: sysvinit (via /sbin/init)
>
> Versions of packages needrestart depends on:
> ii dpkg 1.18.24
> ii gettext-base 0.19.8.1-2
> ii libintl-perl 1.26-2
> ii libmodule-find-perl0.13-1
> ii libmodule-scandeps-perl1.23-1
> ii libproc-processtable-perl 0.53-2
> ii libsort-naturally-perl 1.03-1
> ii libterm-readkey-perl 2.37-1
> ii perl 5.24.1-3+deb9u1
> ii xz-utils 5.2.2-1.2+b1
>
> Versions of packages needrestart recommends:
> ii sysvinit-core 2.88dsf-59.9
>
> Versions of packages needrestart suggests:
> pn needrestart-session | libnotify-bin
>
> -- no debconf information
> --- needrestart-2.11.orig/needrestart
> +++ needrestart-2.11/needrestart
> @@ -472,9 +472,9 @@ if(defined($opt_l)) {
>
> # Don't compare device numbers on anon filesystems
> # w/o a backing device (like OpenVZ's simfs).
> + my $major = (($sdev >> 8) & 0xfff) | (($sdev >> 32) &
> ~0xfff);
> $mdev = "00:00"
> - if $sdev >> 8) & 0xfff) |
> - (($sdev >> 32) & ~0xfff)) == 0);
> + if ($major == 0 || $major == 144 || $major == 145
> || $major == 146);
>
> # compare maps content vs. on-disk
> unless($minode eq $sinode && ((grep {$mdev eq $_}
> @sdevs) ||
--
:: WWW:https://fiasko-nw.net/~thomas/ ::
::: Jabber: xmpp:tho...@jabber.fiasko-nw.net :::
:: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#856260: needrestart: always says newer kfreebsd kernel available
tags 856260 upstream moreinfo thanks Hi Michael, Michael Gilbert writes: > Needrestart's apt hook on kfreebsd always says that a newer kernel is > available even though the kfreebsd kernel package has not changed. could you please provide the output of `needrestart -k -v`? Thanks, Thomas -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#879091: needrestart: false positive with recent evolution/gnome-shell: /tmp/#8929645
tag 879091 upstream fixed-upstream thanks Hi Paul, Paul Wise writes: > There seems to be a false positive with evolution 3.26.1-1 and > gnome-shell 3.22.3-3 and temporary files like /tmp/#8929645: it seems to be related to github issue #84 (although this was related to plasmashell). You might give commit 0008644[1] a try. It just blacklists the file pattern. [1] https://github.com/liske/needrestart/commit/0008644b761050cd14840102cb7cdf4d700664b1 TIA, Thomas > $ needrestart -v > [main] eval /etc/needrestart/needrestart.conf > [main] needrestart v2.11 > [main] running in user mode > [Core] Using UI 'NeedRestart::UI::stdio'... > [main] detected systemd > ... > [main] #2789 uses deleted /tmp/#8929645 > [main] #10548 uses deleted /tmp/#8930322 > Your outdated processes: > evolution[2789], gnome-shell[10548] > $ lsof -p 2789 | grep /tmp > evolution 2789 pabs DEL REG 253,18929645 > /tmp/#8929645 > $ lsof -p 10548 | grep /tmp > gnome-she 10548 pabs DEL REG 253,1 8930322 > /tmp/#8930322 > > -- Package-specific info: > needrestart output: > Your outdated processes: > evolution[2789], gnome-shell[10548] > > checkrestart output: > > > -- System Information: > Debian Release: buster/sid > APT prefers testing-debug > APT policy: (900, 'testing-debug'), (900, 'testing'), (800, > 'unstable-debug'), (800, 'unstable'),user/1000/ (790, 'buildd-unstable'), > (700, 'experimental-debug'), (700, 'experimental'), (690, > 'buildd-experimental') > Architecture: amd64 (x86_64) > > Kernel: Linux 4.13.0-1-amd64 (SMP w/4 CPU cores) > Locale: LANG=en_AU.utf8, LC_CTYPE=en_AU.utf8 (charmap=UTF-8), > LANGUAGE=en_AU.utf8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > Init: systemd (via /run/systemd/system) > > Versions of packages needrestart depends on: > ii dpkg 1.18.24 > ii gettext-base 0.19.8.1-4 > ii libintl-perl 1.26-2 > ii libmodule-find-perl0.13-1 > ii libmodule-scandeps-perl1.24-1 > ii libproc-processtable-perl 0.53-2+b2 > ii libsort-naturally-perl 1.03-1 > ii libterm-readkey-perl 2.37-1+b2 > ii perl 5.26.0-8 > ii xz-utils 5.2.2-1.3 > > Versions of packages needrestart recommends: > ii libpam-systemd 235-2 > > Versions of packages needrestart suggests: > ii libnotify-bin0.7.7-2 > ii needrestart-session 0.3-5 > > -- no debconf information > > -- > bye, > pabs > > https://wiki.debian.org/PaulWise -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#855788: 855788 severity
Hi Paul, could you please verify if there is a user named "needrestart-dbus"? The package seems no creating the required user. Maybe this report is a duplicate of #857077. TIA, Thomas Paul Wise writes: > On Sun, 2017-03-05 at 23:24 +0100, Thomas Liske wrote: > >> the package's core functionally is the needrestart-session command - does >> it working for you? > > When I run needrestart as a user, I get a lot of processes that need > restarting but when I run needrestart-session, it says this: > > Nothing found... > None of your processes need to be restarted. > >> Could you please also try to run the dbus registration manually? > > Looks like it is broken too, see below. > >> The command should not return. Please provide any syslog entries... if >> it would work you should see something like: > > The command returns and I see this in the systemd journal: > > Mar 06 12:53:44 chianamo needrestart-dbus-session[20149]: > needrestart-dbus-session 2.11 launched > Mar 06 12:53:45 chianamo needrestart-dbus-session[20149]: > org.freedesktop.DBus.Error.Spawn.FailedToSetup: Failed to setup environment > correctly > Mar 06 12:53:45 chianamo needrestart-dbus-session[20149]: terminated > > -- > bye, > pabs > > https://wiki.debian.org/PaulWise -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#857077: needrestart-session: Unknown username "needrestart-dbus" in message bus configuration file
severity 857077 important thanks Hi Laurent, you are right, there seems to be no configure script with-in the .deb to add the needrestart-dbus user if it does not exist. @Patrick: It seems that no user 'needrestart-dbus' was or is created by the package's configure script. This breaks any Xsession integration of needrestart-session which requires the dbus service. Thanks, Thomas Laurent Bonnaud writes: > Package: needrestart-session > Version: 0.3-3 > Severity: normal > > > Dear Maintainer, > > in the logs of my system I see the following error message: > > Mar 7 17:42:58 irancy dbus-daemon[13863]: Unknown username > "needrestart-dbus" in message bus configuration file > > It seems to come from this file: > > /etc/dbus-1/system.d/net.ibh.NeedRestart.System.conf > > that contains this line: > > > > > -- System Information: > Debian Release: 9.0 > APT prefers unstable-debug > APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, > 'experimental-debug'), (1, 'experimental') > Architecture: amd64 (x86_64) > > Kernel: Linux 4.9.0-2-rt-amd64 (SMP w/2 CPU cores; PREEMPT) > Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) > Shell: /bin/sh linked to /usr/bin/dash > Init: systemd (via /run/systemd/system) > > Versions of packages needrestart-session depends on: > ii libnet-dbus-perl 1.1.0-4+b1 > ii libproc-processtable-perl 0.53-2 > ii libwx-perl 1:0.9928-1+b1 > ii needrestart2.11-2 > pn perl:any > ii policykit-10.113-5 > ii wmctrl 1.07-7+b1 > > needrestart-session recommends no packages. > > needrestart-session suggests no packages. > > -- no debconf information > > -- > Laurent. > -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#855788: 855788 severity
tags 855788 more-info upstream thanks Hi pabs, Paul Wise writes: > On Thu, 2017-03-02 at 23:30 +0100, Yann Dirson wrote: > >> FWIW, no such problem here. Is that high severity really warranted ? > > The package is not working for me at all. I assumed that the reason the package's core functionally is the needrestart-session command - does it working for you? Could you please also try to run the dbus registration manually? /usr/lib/needrestart-session/needrestart-dbus-session The command should not return. Please provide any syslog entries... if it would work you should see something like: Mar 5 23:20:14 clempner needrestart-dbus-session[31046]: needrestart-dbus-session 2.11 launched Mar 5 23:20:14 clempner needrestart-dbus-session[31046]: entering event loop... TIA, Thomas > no-one else reported the same issue was that no-one else was using the > package and verifying that it works. In that case it is warranted. > If the package is working for others but not me then it isn't. > Could you describe and screenshot what happens when you upgrade or > reinstall a GUI program that is running in your desktop? > If you are willing to, please upload the screenshot here: > > https://screenshots.debian.net/package/needrestart-session > > -- > bye, > pabs > > https://wiki.debian.org/PaulWise -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#851866: wants to restart systemd-manager.service
Hi, Sven Hartge writes: > Instead of doing "systemctl daemon-restart" needrestart tries to restart > systemd-manager.service, which is of course unknown: there was a change in needrestart 2.11 putting the special treatment required to restart certain daemons into external scripts. Sadly the Makefile was broken upstream and did use the wrong source directory during install *and* Patrick's packaging stuff did not contain restart.d/ at all. @Patrick: I've patched the Makefile issue upstream and added a patch into your debian/ VCS for needrestart 2.11-2 to fix the installation of the restart.d/ directory. HTH, Thomas > Failed to restart systemd-manager.service: Unit systemd-manager.service not > found. > > A log from "needrestart -v" showing the problem is attached. > > Grüße, > Sven > > > -- Package-specific info: > needrestart output: > Your outdated processes: > alpine[355950], bash[355942, 355946, 356300, 355943, 355945, 355944], > ccze[355976], > dirmngr[355859], pkt-sudo[355953], syncthing[355857], syslogtail[355947], > systemd[355854], > tin[355949, 355981] > > checkrestart output: > > > -- System Information: > Debian Release: 9.0 > APT prefers unstable-debug > APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, > 'unstable'), (500, 'testing'), (200, 'experimental'), (1, > 'experimental-debug') > Architecture: i386 (x86_64) > Foreign Architectures: amd64 > > Kernel: Linux 4.8.0-2-amd64 (SMP w/4 CPU cores) > Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > Init: systemd (via /run/systemd/system) > > Versions of packages needrestart depends on: > ii dpkg 1.18.18 > ii gettext-base 0.19.8.1-1 > ii libintl-perl 1.26-2 > ii libmodule-find-perl0.13-1 > ii libmodule-scandeps-perl1.23-1 > ii libproc-processtable-perl 0.53-2 > ii libsort-naturally-perl 1.03-1 > ii libterm-readkey-perl 2.37-1 > ii perl 5.24.1-1 > ii xz-utils 5.2.2-1.2 > > Versions of packages needrestart recommends: > ii libpam-systemd 232-12 > > Versions of packages needrestart suggests: > pn needrestart-session | libnotify-bin > > -- Configuration Files: > /etc/needrestart/notify.d/200-write changed [not included] > /etc/needrestart/notify.d/600-mail changed [not included] > > -- debconf-show failed > [main] eval /etc/needrestart/needrestart.conf > [main] needrestart v2.11 > [main] running in root mode > [Core] Using UI 'NeedRestart::UI::stdio'... > [main] detected systemd > [main] #1 uses deleted /lib/i386-linux-gnu/libgcc_s.so.1 > [main] #1 is not a child > [main] #1249 uses deleted /lib/i386-linux-gnu/libnss_files-2.24.so > [main] #1249 is not a child > [main] #355854 uses obsolete binary /lib/systemd/systemd > [main] #355854 is not a child > [main] #355855 uses obsolete binary /lib/systemd/systemd > [main] #355855 is a child of #355854 > [main] #355857 uses deleted /lib/i386-linux-gnu/libc-2.24.so > [main] #355857 is a child of #355854 > [main] #355858 uses obsolete binary /usr/bin/gpg-agent > [main] #355858 is a child of #355854 > [main] #355859 uses obsolete binary /usr/bin/dirmngr > [main] #355859 is a child of #355854 > [main] #355941 uses obsolete binary /usr/bin/screen > [main] #355941 is not a child > [main] #355942 uses deleted /lib/i386-linux-gnu/libnss_files-2.24.so > [main] #355942 is a child of #355941 > [main] #355943 uses deleted /lib/i386-linux-gnu/libnss_files-2.24.so > [main] #355943 is a child of #355941 > [main] #355944 uses deleted /lib/i386-linux-gnu/libnss_files-2.24.so > [main] #355944 is a child of #355941 > [main] #355945 uses deleted /lib/i386-linux-gnu/libnss_files-2.24.so > [main] #355945 is a child of #355941 > [main] #355946 uses deleted /lib/i386-linux-gnu/libnss_files-2.24.so > [main] #355946 is a child of #355941 > [main] #355947 uses deleted /lib/i386-linux-gnu/libc-2.24.so > [main] #355947 is a child of #355941 > [main] #355949 uses deleted /lib/i386-linux-gnu/libc-2.24.so > [main] #355949 is a child of #355941 > [main] #355950 uses deleted /lib/i386-linux-gnu/libgcc_s.so.1 > [main] #355950 is a child of #355941 > [main] #355953 uses deleted /lib/i386-linux-gnu/libc-2.24.so > [main] #355953 is a child of #355941 > [main] #355976 uses deleted /lib/i386-linux-gnu/libnss_files-2.24.so > [main] #355976 is a child of #355947 > [main] #355981 uses deleted /lib/i386-linux-gnu/libnss_files-2.24.so > [main] #355981 is a child of #355949 > [main] #356002 uses deleted /lib/x86_64-linux-gnu/libdl-2.24.so > [main] #356002 is a child of #356001 > [main] #356262 uses deleted /lib/i386-linux-gnu/libc-2.24.so > [main] #356262 is a child of #356261 > [main] #356300 uses deleted /lib/i386-linux-gnu/libnss_files-2.24.so > [main] #356300 is a child of #355941 > [main] #356557 uses deleted /lib/i386-linux-gnu/libnss_files-2.24.so > [main] #356557 is a child of #356556 > [main] #357646 uses deleted /lib/i386-linux-gnu/
Bug#838360: needrestart: Wants to restart services, even if these were restarted already
Re, "ge...@riseup.net" writes: > (I'm subscribed to the bug, not need to mail me directly.) > > Hi Patrick, > > Thanks for your response: > > On 17-01-14 23:31:13, Thomas Liske wrote: >> the repeating restart of ssh.service might be triggered by one or more >> running user session. Do you have libpam-systemd installed and >> enabled? > > Yes, it's installed. I guess it's enabled as well, because I didn't > touched the defaults. 'sd-pam' is running which loads pam_systemd.po. > Besides: I'm using SSSD, to check ssh keys and sudo roles against LDAP > servers, but I don't think this has any influence. it shouldn't. Could you please provide the output of /proc/$PID/cgroup of the sshd childs reported (i.e. of pid #30262 of your first mail) to verify that libpam-systemd is used? I would expect it is not part of the user session slice for some reasons. >> There is an issue in needrestart assuming that libpam-systemd (if >> systemd is used at all) is used to assign user sessions processes into >> according cgroups. If libpam-systemd is not running all session >> process are part of sshd's cgroup, so needrestart suggests to restart >> ssh.service (which won't affect any session processes). A new config >> option has been added[1] to address this option. >> >> [1] >> https://github.com/liske/needrestart/commit/6a29143e1c6439e1f851b172e468aeef17b261b2 >> >> The repeating restart of ganeti.service might be triggered by some >> ganeti child processes managing virtual machines. It might not be >> possible to fix this problem without stopping the VMs. > > Just to clarify: Does this mean it's not possible to fix this in > needrestart? I assume that the affected ganeti processes are the HVM of running VMs and do not support some sort of gracefully restarts (something like systemctl daemon-reexec does for systemd). Needrestart relys that daemons support restarting using the init system (read: systemctl if systemd is used). Although special restart handlers will be possible in needrestart 2.11 (required at least for sysv-init, systemd and dbus) it is not be possible to restart any daemon if they don't support the init system interface. HTH, Thomas -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#850108: needrestart: support python3
close 850108 thanks Re, Paul Wise writes: > On Fri, 2017-01-13 at 22:38 +0100, Thomas Liske wrote: > >> this regex does match on /usr/bin/python3 since there is no >> end of string metacharacter ($). So it should not require any change in >> needrestart, shouldn't it? > > Hmm, that is correct. Sorry for the noise. Could you test that it works > with python3 too and close the bug if it does work? I've done some tests and it seems to work with python3, too. HTH, Thomas > -- > bye, > pabs > > https://wiki.debian.org/PaulWise -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#850948: needrestart: Hangs in apt hook with a zombie
Re, Jonas Smedegaard writes: >> I think the severity of this bug should be lowered to important since >> there is no policy violation of needrestart at all. > > I think it is quite worrisome if simply installing (not actively using) > needrestart inside a chroot spawns daemons - and that is not treated as > serious (no matter framed by some geleral Debian Policy wording). Needrestart was never written nor designed to run within a chroot. This use case does not make any sense at all. Just don't do it (should be added to the README ;-) . >> I (upstream) or Patrick (maintainer) could add a patch to needrestart >> to use invoke-rc.d instead of the service command. That would only be >> a Debian specific workaround. > > Please do. That sounds like it would solve this issue. ACK >> Neighter do I. Another workaround could be to change needrestart to >> list only mode within piupart using some local config snippet as they >> do for policy-rc.d. > > If I understand you corretly, that you suggest to invent a mechanism > essentially doing the same as policy-rc.d, then I see no need for that: > Please respect the already existing policy-rc.d instead. > > I guess what you seek is a solution not specific to Debian - and find > that wuite sensible. I suspect, however, that there is no XDG or > similar more generic standard for respecting deployment-specific hooks - > which is really what policy-rc.d is about (not only chroot support). Yes, since I'm upstream it is required that needrestart focuses an generic approach. A patch kept in Pattricks packaging VCS should keep the balance. HTH, Thomas -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#838360: needrestart: Wants to restart services, even if these were restarted already
tags 838360 upstream fixed-upstream
thanks
Hi Georg,
"ge...@riseup.net" writes:
> Hi Patrick,
>
> On 16-09-20 12:12:50, ge...@riseup.net wrote:
>> needrestart wants to restart {ganeti,ssh}.service, even if these were
>> restarted already:
the repeating restart of ssh.service might be triggered by one or more
running user session. Do you have libpam-systemd installed and enabled?
There is an issue in needrestart assuming that libpam-systemd (if systemd is
used at
all) is used to assign user sessions processes into according
cgroups. If libpam-systemd is not running all session process are part
of sshd's cgroup, so needrestart suggests to restart ssh.service (which
won't affect any session processes). A new config option has been
added[1] to address this option.
[1]
https://github.com/liske/needrestart/commit/6a29143e1c6439e1f851b172e468aeef17b261b2
The repeating restart of ganeti.service might be triggered by some
ganeti child processes managing virtual machines. It might not be
possible to fix this problem without stopping the VMs.
HTH,
Thomas
--
:: WWW:https://fiasko-nw.net/~thomas/ ::
::: Jabber: xmpp:tho...@jabber.fiasko-nw.net :::
:: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#850948: needrestart: Hangs in apt hook with a zombie
Re, I've replied to #850948 where I think you wan't to discuss the piuparts-needrestart-* issue. Jonas Smedegaard writes: >> Maybe it is just a debconf frontend issue? In cases needrestart does >> seems to hang it trackes down to: >> >> - daemons hangig while restarting them (init scripts) > > Agreed. This would imply that either piuparts fail to setup policy-rc.d > appropriately, or that needrestart ignores policy-rc.d. The latter is a > Policy violation. You are referencing Debian Policy's section 9.3.3 [1]? So this is *no* policy violation since: - invoke-rc.d *should* be used - but it is not required - runing /etc/init.d/ initscripts *should* called by initscript subsystem - but it is not required - needrestart is *no* maintainer script at all, so 9.3.3 even does not apply, doesn't it [1] https://www.debian.org/doc/debian-policy/ch-opersys.html#s9.3.3 I think the severity of this bug should be lowered to important since there is no policy violation of needrestart at all. needrestart uses the service command of init-system-helpers to restart daemons. A quick look into /usr/sbin/service shows that if there is no systemd the service command calls the init script directly (look at run_via_sysvinit). So you might consider to move the bug to init-system-helpers. I (upstream) or Patrick (maintainer) could add a patch to needrestart to use invoke-rc.d instead of the service command. That would only be a Debian specific workaround. >> - the debconf pipe gets weirrd (consolation) > > I suspect this to be irrelevant in scenarios involving policy-rc.d. ACK >> - needrestart and debconf thinks you call them interactive... but they >> are called non-interactive. As a result they wait forever for >> interaction. > > Agreed. > > From my brief conversations with the piuparts developers I am of the > impression that piuparts a) makes use of policy-rc.d and b) tells > debconf that interaction is non-interactive, c) has a quite big track > record to support a) and b), d) have rarely if ever tested needrestart > being pulled in as a dependency due to very few packages depending on it > at all. Needrestart's use of debconf should be aware if piuparts already tells debconf that it is called non-interactive. So it seems to hang due to some init scripts problem as discussed above. >> Feel free to open a new bug to needrestart to track down this issue. > > Thanks for the suggestion. I am not familiar with piupart I will likely > not do so, but welcome others to pick up where I left. Neighter do I. Another workaround could be to change needrestart to list only mode within piupart using some local config snippet as they do for policy-rc.d. HTH, Thomas > > - Jonas > > -- > * Jonas Smedegaard - idealist & Internet-arkitekt > * Tlf.: +45 40843136 Website: http://dr.jones.dk/ > > [x] quote me freely [ ] ask before reusing [ ] keep private -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#826044: needrestart: Hangs in apt hook with a zombie
unblock 850948 with 826044 unmerge 826044 severity 826044 important thanks Hi, Jonas Smedegaard writes: > Hi, > > It seems I have another instance of this issue: piuparts hangs (as I piuparts does not use consolation, doesn't it? Please stop abusing this issue focusing on needrestart vs. consolation for another issue. > has more details - an interesting part is this extracted when piuparts > hangs: > > 30803 root 30 10 117M 63804 9816 T 0.0 0.2 0:11.84 │ │└─ > /usr/bin/python /srv/piuparts/sbin/piuparts --skip-logrotatefiles-test > --warn-on-others --no-eatmydata --scriptsdir /etc/piuparts/script > 29515 root 30 10 84340 46992 32864 T 0.0 0.1 0:00.67 │ │ > └─ apt-get -y install design-desktop=3.0.4 > 30238 root 30 10 84340 14128 0 T 0.0 0.0 0:00.00 │ │ >└─ apt-get -y install design-desktop=3.0.4 > 30240 root 30 10 4288 752 676 T 0.0 0.0 0:00.00 │ │ > └─ sh -c test -x /usr/lib/needrestart/apt-pinvoke && > /usr/lib/needrestart/apt-pinvoke || true > 30241 root 30 10 55276 1 4324 T 0.0 0.0 0:00.23 │ │ > └─ /usr/bin/perl -w /usr/share/debconf/frontend /usr/sbin/needrestart > 30331 root 30 10 50124 17516 4148 T 0.0 0.1 0:00.40 │ │ > └─ /usr/bin/perl /usr/sbin/needrestart > 2846 root 30 10 4288 740 668 T 0.0 0.0 0:00.00 │ │ >├─ sh -c resize 2>/dev/null > 2847 root 30 10 4188 704 632 T 0.0 0.0 0:00.00 │ │ >│ └─ resize > 2838 root 30 10 0 0 0 Z 0.0 0.0 0:00.00 │ │ >└─ 90-none Maybe it is just a debconf frontend issue? In cases needrestart does seems to hang it trackes down to: - daemons hangig while restarting them (init scripts) - the debconf pipe gets weirrd (consolation) - needrestart and debconf thinks you call them interactive... but they are called non-interactive. As a result they wait forever for interaction. Feel free to open a new bug to needrestart to track down this issue. Thanks, Thomas -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#850108: needrestart: support python3
Hi Paul, Paul Wise writes: > Package: needrestart > Version: 2.10-1 > Severity: important > > The Python interpreter support doesn't appear to check python3 processes: > > /usr/share/perl5/NeedRestart/Interp/Python.pm:return 1 if($bin =~ > m@/usr/(local/)?bin/python@); this regex does match on /usr/bin/python3 since there is no end of string metacharacter ($). So it should not require any change in needrestart, shouldn't it? HTH, Thomas > I think this really needs to be fixed in stretch and the freeze is soon: > > https://lists.debian.org/debian-devel-announce/2016/12/msg0.html > > -- System Information: > Debian Release: stretch/sid > APT prefers testing-debug > APT policy: (900, 'testing-debug'), (900, 'testing'), (800, > 'unstable-debug'), (800, 'unstable'), (790, 'buildd-unstable'), (700, > 'experimental-debug'), (700, 'experimental'), (690, 'buildd-experimental') > Architecture: amd64 (x86_64) > > Kernel: Linux 4.8.0-2-amd64 (SMP w/4 CPU cores) > Locale: LANG=en_AU.utf8, LC_CTYPE=en_AU.utf8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > Init: systemd (via /run/systemd/system) > > Versions of packages needrestart depends on: > ii dpkg 1.18.18 > ii gettext-base 0.19.8.1-1 > ii libintl-perl 1.26-2 > ii libmodule-find-perl0.13-1 > ii libmodule-scandeps-perl1.22-1 > ii libproc-processtable-perl 0.53-2 > ii libsort-naturally-perl 1.03-1 > ii libterm-readkey-perl 2.37-1 > ii perl 5.24.1~rc4-1 > ii xz-utils 5.2.2-1.2 > > needrestart recommends no packages. > > Versions of packages needrestart suggests: > ii libnotify-bin0.7.7-1 > ii needrestart-session 0.3-2 > > -- no debconf information > > -- > bye, > pabs > > https://wiki.debian.org/PaulWise -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#843832: needrestart: detect need for a systemctl daemon-reload
tags 843832 wontfix thanks Hi Paul, needrestart tries to detect which daemons (read: processes in the broadest sense) should be restarted due to upgraded libraries (read: code to be somehow *executed*). Configuration files etc. are beyond the scope of needrestart (maybe there should be a mechanism around apt to handle reloading systemd). HTH, Thomas Paul Wise writes: > Package: needrestart > Severity: wishlist > > When systemd service configuration files are modified, there is often a > need to ask the systemd daemons to reload their configuration files: > > systemctl daemon-reload > sudo -u uid systemctl --user daemon-reload > > The need to reload systemd service configuration files can be detected > using these commands, passing the names of all loaded units. > > systemctl --property NeedDaemonReload show name.service other.service > sudo -u uid systemctl --user --property NeedDaemonReload show name.service > other.service > > The list of loaded units can be found using these commands: > > systemctl --all list-units > sudo -u uid systemctl --user systemctl --all list-units > > Unfortunately it doesn't appear to be machine-parsable. > > -- > bye, > pabs > > https://wiki.debian.org/PaulWise -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#845996: needrestart: Restarts lxdm by default
tags 845996 upstream fixed-upstream severity 845996 minor thanks Hi Rodrigo, Rodrigo Campos writes: > I'm using lxdm display manager and needrestart tries to restart it by default, > instead of being disabled by default as it is with others DM. I've added an override to the default configuration at upstream[1]. Thanks for reporting. [1] https://github.com/liske/needrestart/commit/2bf61d8f65a03fb6ecec2ddbb16e27100ba04c40 HTH, Thomas > The attached patch adds this behaviour for LXDM too. Please consider merging > this or fixing it some other way. > > > > > Thanks, > Rodrigo > > > ackage-specific info: > needrestart output: > Your outdated processes: > alsamixer[4907], at-spi-bus-laun[2822], at-spi2-registr[2850], bash[3098, > 5690, 8655, 2836], dbus-daemon[2832, 2740], gconfd-2[2981], goa-daemon[12274], > goa-identity-se[12282], gvfs-afc-volume[12265], gvfsd[2862], > gvfsd-http[32454], gvfsd-metadata[12461], gvfsd-trash[12319], > gvfs-gphoto2-vo[12311], > gvfs-mtp-volume[12261], gvfs-udisks2-vo[12251], hexchat[22160], > mission-control[12288], mosh-client[5708], pidgin[22173], pulseaudio[2841], > systemd[2718], > transmission-re[23254], wicd-client[2824], xbrlapi[2759], > xfce4-clipman[2826], xfce4-terminal[3090], xfconfd[2859], xterm[2801], > zeitgeist-daemo[2876], > zeitgeist-datah[2825], zeitgeist-fts[2906] > > checkrestart output: > > > -- System Information: > Debian Release: stretch/sid > APT prefers testing > APT policy: (900, 'testing'), (500, 'proposed-updates'), (500, 'stable'), > (400, 'unstable'), (200, 'experimental') > Architecture: amd64 (x86_64) > Foreign Architectures: i386 > > Kernel: Linux 4.8.0-1-amd64 (SMP w/4 CPU cores) > Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > Init: systemd (via /run/systemd/system) > > Versions of packages needrestart depends on: > ii dpkg 1.18.15 > ii gettext-base 0.19.8.1-1 > ii libintl-perl 1.26-2 > ii libmodule-find-perl0.13-1 > ii libmodule-scandeps-perl1.22-1 > ii libproc-processtable-perl 0.53-2 > ii libsort-naturally-perl 1.03-1 > ii libterm-readkey-perl 2.37-1 > ii perl 5.24.1~rc3-3 > ii xz-utils 5.2.2-1.2 > > needrestart recommends no packages. > > Versions of packages needrestart suggests: > ii libnotify-bin 0.7.7-1 > > -- Configuration Files: > /etc/needrestart/needrestart.conf changed [not included] > > -- no debconf information > > --- ./ex/needrestart.conf 2016-11-27 12:34:55.624082819 -0300 > +++ ./ex/needrestart.conf.path2016-11-27 12:34:49.271959331 -0300 > @@ -81,6 +81,7 @@ > q(^xdm) => 0, > q(^lightdm) => 0, > q(^slim) => 0, > +q(^lxdm) => 0, > > # networking stuff > q(^network-manager) => 0, -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#844283: needrestart: uses wrong quote function for regexps in default configuration file
severity 844283 normal
tags 844283 upstream fixed-upstream
thanks
Hi Paul,
thanks for the hint. Interestingly it seems that q() is somehow working
- at least if there is no EOL marker '$' in use (see also the
attachment). So the broken default config was there since the beginning
but it was not recorgnized since most of the regex did work, although
the quotation was broken. The default configuration has been fixed
upstream.
I do not think that this bug should have a severity of serious since it
is only a bug in the config file which breaks some of the
regex. Although this makes needrestart report some false positives it
does not break functionality nor security.
HTH,
Tho-facepalming-mas
Paul Wise writes:
> Package: needrestart
> Version: 2.10-1
> Severity: serious
>
> needrestart uses the wrong Perl quote function for regexps in
> configuration file. It is using q but should be using qr
> (quote regexps). This means that all of the regexp options are
> potentially broken, but blacklist_mappings definitely is:
>
> http://perldoc.perl.org/perlop.html#Quote-and-Quote-like-Operators
> http://perldoc.perl.org/perlop.html#Regexp-Quote-Like-Operators
>
> # checkrestart -v
> Found 0 processes using old versions of upgraded files
> # needrestart -v
> [main] eval /etc/needrestart/needrestart.conf
> [main] running in root-mode
> [Core] Using UI 'NeedRestart::UI::stdio'...
> [main] detected systemd
> ...
> [main] #27891 uses deleted /run/user/1000/orcexec.OVkLUB
> [main] #27891 is not a child
> ...
> [main] #27891 exe => /usr/bin/pulseaudio
> [main] #27891 part of user session: uid=1000 sess=17
> ...
> User sessions running outdated binaries:
> pabs @ session #17: pulseaudio[27891]
> ...
> # lsof -p 27891 | grep orc
> pulseaudi 27891 pabs DEL REG 0,43253423
> /run/user/1000/orcexec.OVkLUB
> pulseaudi 27891 pabs mem REG 253,1 517176 26870717
> /usr/lib/x86_64-linux-gnu/liborc-0.4.so.0.25.0
> # grep orc /proc/27891/maps
> 7fe19801-7fe19802 rw-s 00:2b 253423
> /run/user/1000/orcexec.OVkLUB (deleted)
> 7fe19802-7fe19803 r-xs 00:2b 253423
> /run/user/1000/orcexec.OVkLUB (deleted)
> 7fe19b5eb000-7fe19b664000 r-xp fd:01 26870717
> /usr/lib/x86_64-linux-gnu/liborc-0.4.so.0.25.0
> 7fe19b664000-7fe19b863000 ---p 00079000 fd:01 26870717
> /usr/lib/x86_64-linux-gnu/liborc-0.4.so.0.25.0
> 7fe19b863000-7fe19b865000 r--p 00078000 fd:01 26870717
> /usr/lib/x86_64-linux-gnu/liborc-0.4.so.0.25.0
> 7fe19b865000-7fe19b869000 rw-p 0007a000 fd:01 26870717
> /usr/lib/x86_64-linux-gnu/liborc-0.4.so.0.25.0
> # grep -r orc /etc/needrestart/
> /etc/needrestart/needrestart.conf:q(/orcexec\.[\w\d]+( \(deleted\))?$),
> # grep -P '/orcexec\.[\w\d]+( \(deleted\))?$' /proc/27891/maps
> 7fe19801-7fe19802 rw-s 00:2b 253423
> /run/user/1000/orcexec.OVkLUB (deleted)
> 7fe19802-7fe19803 r-xs 00:2b 253423
> /run/user/1000/orcexec.OVkLUB (deleted)
> # cat test.pl
> my %nrconf;
> my $pid = '27891';
> $nrconf{blacklist_mappings_q} = [q(/orcexec\.[\w\d]+( \(deleted\))?$),];
> $nrconf{blacklist_mappings_qr} = [qr(/orcexec\.[\w\d]+( \(deleted\))?$),];
> if(open(HMAP, '<', "/proc/$pid/maps")) {
> while() {
> chomp;
> my ($maddr, $mperm, $moffset, $mdev, $minode, $path) =
> split(/\s+/, $_, 6);
> if ($path =~ /orc/){
> print "Path: $path";
> print " blacklisted_q" if(scalar grep { $path =~ $_; }
> @{$nrconf{blacklist_mappings_q}});
> print " blacklisted_qr" if(scalar grep { $path =~ $_; }
> @{$nrconf{blacklist_mappings_qr}});
> print "\n";
> }
> }
> }
> # perl test.pl
> Path: /run/user/1000/orcexec.OVkLUB (deleted) blacklisted_qr
> Path: /run/user/1000/orcexec.OVkLUB (deleted) blacklisted_qr
> Path: /usr/lib/x86_64-linux-gnu/liborc-0.4.so.0.25.0
> Path: /usr/lib/x86_64-linux-gnu/liborc-0.4.so.0.25.0
> Path: /usr/lib/x86_64-linux-gnu/liborc-0.4.so.0.25.0
> Path: /usr/lib/x86_64-linux-gnu/liborc-0.4.so.0.25.0
> # sed -n /orc/p /etc/needrestart/needrestart.conf
> q(/orcexec\.[\w\d]+( \(deleted\))?$),
> # sed -i '/orc/s/q/qr/' /etc/needrestart/needrestart.conf
> # sed -n /orc/p /etc/needrestart/needrestart.conf
> qr(/orcexec\.[\w\d]+( \(deleted\))?$),
> # needrestart -v
> [main] eval /etc/needrestart/needrestart.conf
> [main] running in root-mode
> [Core] Using UI 'NeedRestart::UI::stdio'...
> [main] detected systemd
> ...
> No user sessions are running outdated binaries.
>
> -- System Information:
> Debian Release: stretch/sid
> APT prefers testing-debug
> APT policy: (900, 'testing-debug'), (900, 'testing'), (800,
> 'unstable-debug'), (800, 'unstable'), (790, 'buildd-unstable'), (700,
> '
Bug#827339: Please revert patch for cmd, and fix default pattern
Hi, this is a negative lookbehind assertion - quoting from perlre(1): "(? writes: > Am 30.10.2016 um 12:31 schrieb Stephan Sürken: >> Hi Evgeni, Patrick, >> >> fwiw (probably this is already worked on), i have fixed up my system by >> >> * reverting 01-grep-syntax-error.diff >> >> This actually totally breaks things, as this now uses "P" as pattern, >> practically matching always: >> >> -- >> grep -aiqseP "$AD_HIST_ERRPATTERN" "$AD_HIST_PATH/typescript" >> -- >> >> I would actually like to see call grep (in the cmd script) called like so >> >> -- >> grep -a -q -i -s -P -e "$AD_HIST_ERRPATTERN" "$AD_HIST_PATH/typescript" >> -- >> >> (however, '-aiqsPe' should work as well). >> >> * Use custom err-pattern >> >> I don't really know what's wrong with the default perl regex (should >> the '<' stuff be actually be in the final string?), I am just using >> a simpler one now that works. On a shell you can see the error via >> >> -- >> grep -P -e '((?> -- >> >> (That's the same string you also see in the "meta" debug file, using >> all defaults for err-pattern). >> >> So for me it seems: >> >> * With the default pattern in place (and pre-patch), the grep would >> always fail, meaning it would never detect an actual error in >> typescript. >> * With the broken patch, it always wrongly finds errors (while showing >> an empty log via less). >> >> So please remove 01-grep-syntax-error.diff, and somehow fix the default >> pattern ;). >> >> Hth! >> >> S > I already noticed, that my patch always matches and removed it in my > vcs. On my cmd it worked.. > Anyway with "grep -a -q -i -s -P -e" and "grep -P -e '((? )error|(? on jessie. Maybe Thomas could say us, what he wanted to match and how we > should fix it now. > > -- > /* > Mit freundlichem Gruß / With kind regards, > Patrick Matthäi > GNU/Linux Debian Developer > > Blog: http://www.linux-dev.org/ > E-Mail: pmatth...@debian.org > patr...@linux-dev.org > */ > -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#838622: needrestart: systemctl combine, stdio, list mode: do not wrap systemctl restart commands
Paul Wise writes: tags 838622 upstream fixed-upstream thanks Hi Paul, > When using systemctl_combine=1, ui=NeedRestart::UI::stdio and restart=l > and there are many services to restart, the resulting systemctl restart > command is wrapped according to the terminal size instead of letting > the terminal itself wrap the command. The needrestart wrapping prevents > copy-paste of the whole command-line including the parts after the wrap > but the terminal wrapping of long lines allows this. It appears that > the fix would be for the UI modules to grow a 'command' function and > for the stdio module to *not* use wprint for that function. I've added a special command print option which does *not* use Text::Wrap to make long lines working. Thanks for the hint, since I'm not using list mode at all I was not aware of this issue, yet. HTH, Thomas > -- System Information: > Debian Release: stretch/sid > APT prefers testing-debug > APT policy: (900, 'testing-debug'), (900, 'testing'), (800, > 'unstable-debug'), (800, 'unstable'), (790, 'buildd-unstable'), (700, > 'experimental-debug'), (700, 'experimental'), (690, 'buildd-experimental') > Architecture: amd64 (x86_64) > > Kernel: Linux 4.7.0-1-amd64 (SMP w/4 CPU cores) > Locale: LANG=en_AU.utf8, LC_CTYPE=en_AU.utf8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > Init: systemd (via /run/systemd/system) > > Versions of packages needrestart depends on: > ii dpkg 1.18.10 > ii gettext-base 0.19.8.1-1 > ii libintl-perl 1.26-2 > ii libmodule-find-perl0.13-1 > ii libmodule-scandeps-perl1.21-1 > ii libproc-processtable-perl 0.53-1+b1 > ii libsort-naturally-perl 1.03-1 > ii libterm-readkey-perl 2.33-1+b1 > ii perl 5.22.2-5 > ii xz-utils 5.1.1alpha+20120614-2.1 > > needrestart recommends no packages. > > Versions of packages needrestart suggests: > ii libnotify-bin0.7.6-2 > ii needrestart-session 0.3-2 > > -- no debconf information > > -- > bye, > pabs > > https://wiki.debian.org/PaulWise -- supp...@ibh.de Tel. +49 351 477 77 30 www.ibh.de Fax +49 351 477 77 39 --- Dipl.-Ing. Thomas Liske Teamleiter DataCenter Services IBH IT-Service GmbH Amtsgericht Dresden Heilbronner Str. 20 HRB 13626 01189 DresdenGF: Prof. Dr. T. Horn, S. Horn Germany VAT DE182302907 --- Ihr Partner für: LAN, WAN IP-Quality, Security, VoIP, SAN, Backup, USV --- professioneller IT-Service - kompetent und zuverlässig ---
Bug#838355: needrestart: Automatic restart mode doesn't work
tags 838355 upstream fixed-upstream severity 838355 important thanks Hi Georg, "ge...@riseup.net" writes: > needrestart tells me that it restarted a service, however, this doesn't > seem to be true: absolutely! The codepath for list and automatic mode was missing the composite command execution for systemd. The upstream fix will be part of needrestart 2.10. Thanks for reporting! HTH, Thomas > # Date && systemctl status ganeti.service | grep Active && needrestart -v -m > a -r a && date && systemctl status ganeti.service | grep Active > Tue Sep 20 09:19:10 UTC 2016 >Active: active (running) since Tue 2016-09-20 09:07:09 UTC; 12min ago > [main] eval /etc/needrestart/needrestart.conf > [main] running in root-mode > [Core] Using UI 'NeedRestart::UI::stdio'... > [main] detected systemd > [Core] #1209 is a NeedRestart::Interp::Java > [Core] #1376 is a NeedRestart::Interp::Python > [Core] #1575 is a NeedRestart::Interp::Ruby > [main] #3023 uses deleted /usr/lib/x86_64-linux-gnu/libxenguest-4.4.so > [main] #3023 is not a child > [main] #3141 uses deleted /usr/lib/x86_64-linux-gnu/libxenguest-4.4.so > [main] #3141 is not a child > [main] # uses deleted /usr/lib/x86_64-linux-gnu/libxenguest-4.4.so > [main] # is not a child > [Core] #14391 is a NeedRestart::Interp::Python > [Core] #14442 is a NeedRestart::Interp::Python > [main] #3023 exe => /usr/bin/qemu-system-x86_64 > [main] #3023 is ganeti.service > [main] #3141 exe => /usr/bin/qemu-system-x86_64 > [main] #3141 is ganeti.service > [main] # exe => /usr/bin/qemu-system-x86_64 > [main] # is ganeti.service > [Kernel] Linux: kernel release 4.6.0-0.bpo.1-amd64, kernel version #1 SMP > Debian 4.6.4-1~bpo8+1 (2016-08-11) > Failed to load NeedRestart::Kernel::kFreeBSD: [Kernel/kFreeBSD] Not running > on GNU/kFreeBSD! > [Kernel/Linux] /boot/vmlinuz-4.6.0-0.bpo.1-amd64 => 4.6.0-0.bpo.1-amd64 > (debian-ker...@lists.debian.org) #1 SMP Debian 4.6.4-1~bpo8+1 (2016-08-11) > [4.6.0-0.bpo.1-amd64]* > [Kernel/Linux] /boot/vmlinuz-4.5.0-0.bpo.2-amd64 => 4.5.0-0.bpo.2-amd64 > (debian-ker...@lists.debian.org) #1 SMP Debian 4.5.4-1~bpo8+1 (2016-05-13) > [4.5.0-0.bpo.2-amd64] > [Kernel/Linux] Expected linux version: 4.6.0-0.bpo.1-amd64 > Running kernel seems to be up-to-date. > Restarting services... > systemctl restart ganeti.service > No containers need to be restarted. > No user sessions are running outdated binaries. > Tue Sep 20 09:19:10 UTC 2016 >Active: active (running) since Tue 2016-09-20 09:07:09 UTC; 12min ago > > -- System Information: > Debian Release: 8.5 > APT prefers stable > APT policy: (900, 'stable') > Architecture: amd64 (x86_64) > > Kernel: Linux 4.6.0-0.bpo.1-amd64 (SMP w/12 CPU cores) > Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > Init: systemd (via /run/systemd/system) > > Versions of packages needrestart depends on: > ii dpkg 1.17.27 > ii gettext-base 0.19.3-2 > ii libintl-perl 1.23-1+deb8u1 > ii libmodule-find-perl0.12-1 > ii libmodule-scandeps-perl1.16-1 > ii libproc-processtable-perl 0.51-1 > ii libsort-naturally-perl 1.03-1 > ii libterm-readkey-perl 2.32-1+b1 > ii perl 5.20.2-3+deb8u6 > ii xz-utils 5.1.1alpha+20120614-2+b3 > > needrestart recommends no packages. > > Versions of packages needrestart suggests: > pn needrestart-session | libnotify-bin > > -- no debconf information > > If there is anything I can do / provide to debug this further, please > let me know. > > Thanks in advance and for your work! > All the best, > Georg -- supp...@ibh.de Tel. +49 351 477 77 30 www.ibh.de Fax +49 351 477 77 39 --- Dipl.-Ing. Thomas Liske Teamleiter DataCenter Services IBH IT-Service GmbH Amtsgericht Dresden Heilbronner Str. 20 HRB 13626 01189 DresdenGF: Prof. Dr. T. Horn, S. Horn Germany VAT DE182302907 --- Ihr Partner für: LAN, WAN IP-Quality, Security, VoIP, SAN, Backup, USV --- professioneller IT-Service - kompetent und zuverlässig ---
Bug#837147: needrestart batchmode shows different result than interactive mode
Hi Andreas, sadly, the documentation in ADP 0.7 does not expose the meaning of NEEDRESTART-KSTA values. Since ADP was developed for apt-dater the meaning of NEEDRESTART-STA can be lookuped in apt-dater's sources[1]: #define ADP_STATUS_NRK_UNKNOWN 0 #define ADP_STATUS_NRK_NOUPGR 1 #define ADP_STATUS_NRK_ABIUPGR 2 #define ADP_STATUS_NRK_VERUPGR 3 [1] https://github.com/DE-IBH/apt-dater/blob/master/include/adproto.h#L106-L109 The value '1' for NEEDRESTART-KSTA does indicate that there is no upgrade pending while '0' would indicate a failure during kernel detection. HTH, Thomas Andreas Papst writes: > Package: needrestart > Version: 2.8-1~bpo8+1 > Severity: normal > > Dear Maintainer, > > *** Reporter, please consider answering these questions, where appropriate *** > >* What led up to the situation? > > $ dpkg -l | grep linux-image > ii linux-image-3.16.0-4-amd64 3.16.36-1+deb8u1 > amd64Linux 3.16 for 64-bit PCs > ii linux-image-amd64 3.16+63 > amd64Linux for 64-bit PCs (meta-package) > $ uname -v > #1 SMP Debian 3.16.36-1+deb8u1 (2016-09-03) > > shows, that the latest installed kernel is running, but > > `needrestart -b' reports > NEEDRESTART-KSTA: 1 > > indicating that a refresh is needed according to > https://github.com/DE-IBH/apt-dater-host/blob/master/doc/ADP-0.7 > > with `needrestart' without `-b' anything is fine. > > >* What exactly did you do (or not do) that was effective (or > ineffective)? > > needrestart -b > > >* What was the outcome of this action? > > NEEDRESTART-KSTA: 1 > > >* What outcome did you expect instead? > > NEEDRESTART-KSTA: 0 > or none > > > *** End of the template - remove these template lines *** > > > -- Package-specific info: > needrestart output: > > root# needrestart -c /etc/needrestart/needrestart.conf -b > NEEDRESTART-VER: 2.7 > NEEDRESTART-KCUR: 3.16.0-4-amd64 > NEEDRESTART-KEXP: 3.16.0-4-amd64 > NEEDRESTART-KSTA: 1 > > root# needrestart -c /etc/needrestart/needrestart.conf > Scanning processes... > > Scanning linux images... > > Running kernel seems to be up-to-date. > No services need to be restarted. > No containers need to be restarted. > No user sessions are running outdated binaries. > > checkrestart output: > > # checkrestart > Found 0 processes using old versions of upgraded files > > > -- System Information: > Debian Release: 8.5 > APT prefers stable-updates > APT policy: (500, 'stable-updates'), (500, 'stable') > Architecture: amd64 (x86_64) > > Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) > Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > Init: systemd (via /run/systemd/system) > > Versions of packages needrestart depends on: > ii dpkg 1.17.27 > ii gettext-base 0.19.3-2 > ii libintl-perl 1.23-1+deb8u1 > ii libmodule-find-perl0.12-1 > ii libmodule-scandeps-perl1.16-1 > ii libproc-processtable-perl 0.51-1 > ii libsort-naturally-perl 1.03-1 > ii libterm-readkey-perl 2.32-1+b1 > ii perl 5.20.2-3+deb8u6 > ii xz-utils 5.1.1alpha+20120614-2+b3 > > needrestart recommends no packages. > > Versions of packages needrestart suggests: > pn needrestart-session | libnotify-bin > > -- no debconf information > -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#827023: needrestart - please ignore services in override_rc in nagios plugin mode
Bastian Blank writes:
tags 827023 upstream,wontfix,fixed-upstream
thanks
Hi Bastian,
> Currently needrestart returns CRITICAL if any service needs restart,
> even if they are included in override_rc. The following example just
> have the already listed dbus.
> Please reduce the severity to WARNING in this cases, as such services
> should not be restarted and the message usualy gets ignored.
Services in override_rc are not less critical than those not beeing
listed. Services in override_rc are known to break something - like
restarting NetworkManager interrupts the network connection.
With needrestart 2.9 it will be possible to configure the status value
for services (and kernel, containers, sessions).
If you use the CLI options '-c' to use alternative config files it would
be possible to build individual nagios services. Use the following
config snippet to build a service check which ignores the services in
override_rc completley:
$nrconf{blacklist_rc} = $nrconf{override_rc};
HTH,
Thomas
--
:: WWW:https://fiasko-nw.net/~thomas/ ::
::: Jabber: xmpp:tho...@jabber.fiasko-nw.net :::
:: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#826044: needrestart: Hangs in apt hook with a zombie
tags 826044 unreproducible thanks Hi Axel, Axel Beckert writes: > So it's actually debconf which fails to end needrestart cleanly as it > did in my initial bug report. > > stracing debconf/frontend shows that it seems to wait for input on > file descriptor 9: > > # strace -p 26405 > strace: Process 26405 attached > read(9, > > According to /proc/26405/fd/9 that's a pipe: > > lr-x-- 1 root root 64 Aug 16 20:41 /proc/26405/fd/9 -> pipe:[54970896] > > Looking for the other end of that pipe, it seems to be this process: > > l-wx-- 1 root root 64 Aug 16 20:41 /proc/32724/fd/1 -> pipe:[54970896] > > which belongs to this process: > > root 32724 0.0 0.0 47040 2496 ?S20:26 0:00 > /usr/sbin/consolation > > Stopping the consolation service already sufficed to fix the hanging > debconf and the needrestart zombie, at least in this case. > > Now the question is, where is the bug hidden? good question. Could you check if needrestart has open pipes, too? Since it was still to running (not beeing a zombie, wasn't it?) there should be a pipe on STDOUT (and debconf on the other side). > * Why does consolation influence debconf? Or does it influence > needrestart? > * Could it be relevant, that needrestart/debconf ran inside a screen > session? I don't think that screen could be the issue. From time to time I'm upgrading more than hundret (Debian) machines having needrestart installed using apt-dater (screen in the past, now tmux). > * Could it be relevant, that I have gpm or consolelog installed, too? I always use xterm(+tmux+ssh) - never tried consolation nor I'm using gpm (used it decades ago). I've tagged this bug as unreproducible since I'm unable to trigger it and nobody else reported a simular problem. Hopefully we can locate the issue, soon. Regards, Thomas > But then again, that bug hit me the first time when consolation wasn't > yet in Debian at all. So just a coincidence? > > Regards, Axel > -- > ,''`. | Axel Beckert , http://people.debian.org/~abe/ > : :' : | Debian Developer, ftp.ch.debian.org Admin > `. `' | 4096R: 2517 B724 C5F6 CA99 5329 6E61 2FF9 CD59 6126 16B5 > `-| 1024D: F067 EA27 26B9 C3FC 1486 202E C09E 1D89 9593 0EDE > -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#826247: needrestart: Improve performance when checking interpreters by not running multiple times for the same script
tags 826247 upstream,fixed-upstream
thanks
Hi Wolfang,
Wolfgang Karall-Ahlborn writes:
> on a system with a perl-based daemon spawned by postfix many many times,
> needrestart was very slow.
>
> That's because it re-scans all the perl module source files over and
> over again, for each PID once, even though once per script should be
> enough.
>
> The patch attached is a crude hack against the jessie version (it
> applies with some offsets/fuzz to the sid version), but on said system
> the runtime is improved quite a bit:
thanks for the idea adding a cache. I've implemented the caching feature
somewhat simular to your approach. I added the usage of the cache to the
python and ruby stuff, too. The caching feature will be part of
needrestart 2.9.
Thx & HTH,
Thomas
> before:
>
> real1m34.101s
> user1m30.924s
> sys 0m2.988s
>
> afterwards:
>
> real0m4.838s
> user0m4.384s
> sys 0m0.264s
>
> Obviously this would need to be done properly and not only for Perl.pm.
>
> Cheers
> Wolfgang
>
> -- Package-specific info:
> needrestart output:
> Your outdated processes:
> ApacheDirectory[9304], at-spi-bus-laun[2309], at-spi2-registr[2346],
> bash[2104, 2116, 2110, 2243, 2245, 2108, 2246, 2241], chromium[3587, 3576,
> 3545, 3537], dane-plug[3958],
> dbus-daemon[2340, 1846], dbus-launch[1845], dconf-service[19859],
> dnssec-plug[3843], gconfd-2[3638], gkrellm[2055], gvfsd[1952],
> gvfsd-metadata[20750], gvfsd-trash[19829],
> gvfs-udisks2-vo[19817], mosh-client[8020], panel-13-systra[1983],
> panel-16-action[1984], sh[1809], systemd[1796], Thunar[1881],
> thunderbird[9255], tpb[1854],
> wicd-client[2092], xfce4-panel[1883], xfce4-session[1871],
> xfce4-volumed[2100], xfconfd[1875], xfdesktop[1982], xfrun4[9247],
> xfsettingsd[1888], xfwm4[1879],
> xscreensaver[2097], xterm[2062, 2056, 2058, 2061, 2063, 2060, 2059, 2057],
> x-www-browser[3634]
>
> checkrestart output:
>
>
> -- System Information:
> Debian Release: stretch/sid
> APT prefers unstable
> APT policy: (500, 'unstable')
> Architecture: i386 (i686)
>
> Kernel: Linux 4.5.0-2-686-pae (SMP w/4 CPU cores)
> Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/bash
> Init: sysvinit (via /sbin/init)
>
> Versions of packages needrestart depends on:
> ii dpkg 1.18.7
> ii gettext-base 0.19.7-2
> ii libintl-perl 1.24-1
> ii libmodule-find-perl0.13-1
> ii libmodule-scandeps-perl1.21-1
> ii libproc-processtable-perl 0.53-1+b1
> ii libsort-naturally-perl 1.03-1
> ii libterm-readkey-perl 2.33-1+b1
> ii perl 5.22.2-1
> ii xz-utils 5.1.1alpha+20120614-2.1
>
> needrestart recommends no packages.
>
> Versions of packages needrestart suggests:
> ii libnotify-bin 0.7.6-2
>
> -- no debconf information
> diff -Nurp a/usr/share/perl5/NeedRestart/Interp/Perl.pm
> b/usr/share/perl5/NeedRestart/Interp/Perl.pm
> --- a/usr/share/perl5/NeedRestart/Interp/Perl.pm 2016-06-03
> 16:09:21.885469436 +0200
> +++ b/usr/share/perl5/NeedRestart/Interp/Perl.pm 2016-06-03
> 16:13:04.181830614 +0200
> @@ -83,6 +83,7 @@ sub source {
> sub files {
> my $self = shift;
> my $pid = shift;
> +my $files_cache = shift;
> my $ptable = nr_ptable_pid($pid);
> unless($ptable->{cwd}) {
> print STDERR "$LOGPREF #$pid: could not get current working directory,
> skipping\n" if($self->{debug});
> @@ -105,6 +106,13 @@ sub files {
> return ();
> }
> my $src = $ARGV[0];
> +if ( defined($$files_cache{$src}) && $$files_cache{$src} == 1 ) {
> +print STDERR "already know $src\n" if ($self->{debug});
> +return ();
> +} else {
> +print STDERR "remembering $src\n" if ($self->{debug});
> +$$files_cache{$src} = 1;
> +}
> unless(-r $src && -f $src) {
> chdir($cwd);
> print STDERR "$LOGPREF #$pid: source file not found, skipping\n"
> if($self->{debug});
> diff -Nurp a/usr/share/perl5/NeedRestart.pm b/usr/share/perl5/NeedRestart.pm
> --- a/usr/share/perl5/NeedRestart.pm 2016-06-03 16:09:29.905626777 +0200
> +++ b/usr/share/perl5/NeedRestart.pm 2016-06-03 16:09:29.905626777 +0200
> @@ -132,6 +132,10 @@ sub needrestart_interp_init($) {
> }
> }
>
> +{
> +
> +my %files_cache = ();
> +
> sub needrestart_interp_check($$$) {
> my $debug = shift;
> my $pid = shift;
> @@ -144,7 +148,7 @@ sub needrestart_interp_check($$$) {
> print STDERR "$LOGPREF #$pid is a ".(ref $interp)."\n" if($debug);
>
> my $ps = nr_ptable_pid($pid);
> - my %files = $interp->files($pid);
> + my %files = $interp->files($pid, \%files_cache);
>
> if(grep {$_ > $ps->start} values %files) {
> if($debug) {
> @@ -161,6 +165,8 @@ sub needrestart_interp_check($$$) {
> return 0;
> }
>
> +}
> +
> sub needrestart_interp_source($$$) {
> my $debug = shift;
Bug#827162: needrestart: reports unchanged backport kernel as changed
tags 827162 upstream,fixed-upstream
found 827162 needrestart/2.8-1
thanks
Re,
Martin Steigerwald writes:
>> Could you please provide the output of `needrestart -v -r l`? It would
>> be sufficient to provide the kernel related lines ('^[Kernel]' until
>> the kernel status message).
>
> Including everything as there are some could not get a source file messages
> that might be interesting as well.
those are just informational... it is a common problem that it is
impossible to get the source file of a running interpreter process.
> I think it doesn´t cut the kernel version string at the place where it should
> for comparing.
It looks weirrd... I've fetched the kernel from snapshot[1] and running
needrestart shows (this is strech on amd64, but the bug(?) is triggered,
too):
[Kernel/Linux] /boot/vmlinuz-4.6.0-1-686 => 4.6.0-1-686
(debian-ker...@lists.debian.org) #1 SMP Debian 4.6.4-1 (2016-07-18)
[4.6.0-1-686]
[Kernel/Linux] /boot/vmlinuz-4.6.0-1-amd64 => 4.6.0-1-amd64
(debian-ker...@lists.debian.org) #1 SMP Debian 4.6.4-1 (2016-07-18)
[4.6.0-1-amd64]*
[Kernel/Linux] /boot/vmlinuz-4.5.0-0.bpo.2-686 => 4.5.0-0.bpo.2-686
(debian-ker...@lists.debian.org) #1 SMP Debian 4.5.4-1~bpo8+1 (2016-05-13)
, [4.5.0-0.bpo.2-686 (debian-ker...@lists.debian.org) #1 SMP Debian
4.5.4-1~bpo8+1 (2016-05-13)]
^
should be [4.5.0-0.bpo.2-686]
[Kernel/Linux] /boot/vmlinuz-4.3.3-tl1+ => 4.3.3-tl1+ (root@ijon) #13 SMP
PREEMPT Thu Dec 17 10:09:53 CET 2015 [4.3.3-tl1+]
[Kernel/Linux] /boot/vmlinuz-4.3.0-tl1+ => 4.3.0-tl1+ (root@ijon) #12 SMP
PREEMPT Sat Nov 7 00:01:34 CET 2015 [4.3.0-tl1+]
[Kernel/Linux] /boot/vmlinuz-4.2.3-tl1+ => 4.2.3-tl1+ (root@ijon) #11 SMP
PREEMPT Sun Oct 4 09:52:40 CEST 2015 [4.2.3-tl1+]
[Kernel/Linux] /boot/vmlinuz-4.1.3-tl1+ => 4.1.3-tl1+ (root@ijon) #7 SMP
PREEMPT Sun Jul 26 11:43:47 CEST 2015 [4.1.3-tl1+]
[Kernel/Linux] /boot/vmlinuz-3.19.3-tl1+ => 3.19.3-tl1+ (root@ijon) #3 SMP
PREEMPT Thu Mar 26 20:06:50 CET 2015 [3.19.3-tl1+]
[Kernel/Linux] /boot/vmlinuz-3.19.0-tl1 => 3.19.0-tl1 (root@ijon) #2 SMP
PREEMPT Sat Feb 14 11:29:24 CET 2015 [3.19.0-tl1]
[Kernel/Linux] /boot/vmlinuz-3.18.0-tl1 => 3.18.0-tl1 (root@ijon) #1 SMP
PREEMPT Mon Dec 8 20:13:55 CET 2014 [3.18.0-tl1]
[Kernel/Linux] /boot/vmlinuz-3.17.6-tl1 => 3.17.6-tl1 (root@ijon) #7 SMP
PREEMPT Mon Dec 8 06:52:20 CET 2014 [3.17.6-tl1]
[Kernel/Linux] /boot/vmlinuz-3.2.0-4-amd64 => 3.2.0-4-amd64
(debian-ker...@lists.debian.org) #1 SMP Debian 3.2.51-1 [3.2.0-4-amd64]
[Kernel/Linux] Expected linux version: 4.6.0-1-amd64
[1]
http://snapshot.debian.org/archive/debian/20160614T164243Z/pool/main/l/linux/linux-image-4.5.0-0.bpo.2-686_4.5.4-1~bpo8+1_i386.deb
So I added some debug output into the NeedRestart::Kernel::Linux package
(printing the return of the nr_linux_version_x86 calls):
$VAR1 = '4.6.0-1-686 (debian-ker...@lists.debian.org) #1 SMP Debian 4.6.4-1
(2016-07-18)';
$VAR2 = 1;
$VAR1 = '4.6.0-1-amd64 (debian-ker...@lists.debian.org) #1 SMP Debian 4.6.4-1
(2016-07-18)';
$VAR2 = 1;
$VAR1 = '4.5.0-0.bpo.2-686 (debian-ker...@lists.debian.org) #1 SMP Debian
4.5.4-1~bpo8+1 (2016-05-13)
,';
$VAR2 = 1;
$VAR1 = '4.3.3-tl1+ (root@ijon) #13 SMP PREEMPT Thu Dec 17 10:09:53 CET 2015';]
$VAR2 = 1;
Ooops - there is a newline for 4.5.0-0.bpo.2-686... and the chomp/regex
foo did not remove it since a missing 's' regex modifier. Has been fixed
upstream [master 7249b2c]:
[Kernel/Linux] /boot/vmlinuz-4.5.0-0.bpo.2-686 => 4.5.0-0.bpo.2-686
(debian-ker...@lists.debian.org) #1 SMP Debian 4.5.4-1~bpo8+1 (2016-05-13)
, [4.5.0-0.bpo.2-686]
HTH,
Thomas
> mondschein:~> LANG=C needrestart -v -r l
> [main] eval /etc/needrestart/needrestart.conf
> [main] running in root-mode
> [Core] Using UI 'NeedRestart::UI::stdio'...
> [Core] #2101 is a NeedRestart::Interp::Python
> [Core] #2102 is a NeedRestart::Interp::Python
> [Core] #2103 is a NeedRestart::Interp::Python
> [Core] #2104 is a NeedRestart::Interp::Python
> [Core] #2105 is a NeedRestart::Interp::Python
> [Core] #2106 is a NeedRestart::Interp::Python
> [Core] #2107 is a NeedRestart::Interp::Python
> [Core] #2108 is a NeedRestart::Interp::Python
> [Core] #2109 is a NeedRestart::Interp::Python
> [Core] #2493 is a NeedRestart::Interp::Perl
> [Perl] #2493: could not get a source file, skipping
> [Core] #2495 is a NeedRestart::Interp::Perl
> [Perl] #2495: could not get a source file, skipping
> [Core] #2590 is a NeedRestart::Interp::Perl
> [Perl] #2590: could not get a source file, skipping
> [Core] #2843 is a NeedRestart::Interp::Perl
> [Perl] #2843: could not get a source file, skipping
> [Core] #2844 is a NeedRestart::Interp::Perl
> [Perl] #2844: could not get a source file, skipping
> [Core] #7943 is a NeedRestart::Interp::Perl
> [Perl] #7943: could not get a source file, skipping
> [Core] #9811 is a NeedRestart::Interp::Perl
> [Perl] #9811: could not get a source file, skipping
> [Kernel] Linux: kernel release 4.5.0-0.bpo.2-686, kernel version #1 SMP
> Debian
> 4.5.4-1~bpo8+1 (2016-05-13
Bug#826527: needrestart: override_rc option does not work
tags 826527 upstream,fixed-upstream merge 826526 826527 thanks Hi Paul, this issue is related to #826527 and is triggered only running in list mode (due to the wrong usage of perl's 'local' function). So it should be fixed in [master d82fff9], too. HTH, Thomas Paul Wise writes: > [ Unknown signature status ] > Package: needrestart > Version: 2.8-1 > Severity: normal > > The option to ignore dbus/NetworkManager does not seem to work: > > root@chianamo ~ # grep -riE '(dbus|net).*0' /etc/needrestart/ > /etc/needrestart/needrestart.conf:q(^dbus) => 0, > /etc/needrestart/needrestart.conf:q(^network-manager) => 0, > /etc/needrestart/needrestart.conf:q(^NetworkManager) => 0, > root@chianamo ~ # needrestart > Scanning processes... > Scanning candidates... > Scanning linux images... > Running kernel seems to be up-to-date. > Services to be restarted: > systemctl restart cron.service > systemctl restart dbus.service > systemctl restart NetworkManager.service > No containers need to be restarted. > > -- System Information: > Debian Release: stretch/sid > APT prefers testing-debug > APT policy: (900, 'testing-debug'), (900, 'testing'), (800, > 'unstable-debug'), (800, 'unstable'), (790, 'buildd-unstable'), (700, > 'experimental-debug'), (700, 'experimental'), (690, 'buildd-experimental') > Architecture: amd64 (x86_64) > > Kernel: Linux 4.6.0-trunk-amd64 (SMP w/4 CPU cores) > Locale: LANG=en_AU.utf8, LC_CTYPE=en_AU.utf8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > Init: systemd (via /run/systemd/system) > > Versions of packages needrestart depends on: > ii dpkg 1.18.7 > ii gettext-base 0.19.7-2 > ii libintl-perl 1.24-1 > ii libmodule-find-perl0.13-1 > ii libmodule-scandeps-perl1.21-1 > ii libproc-processtable-perl 0.53-1+b1 > ii libsort-naturally-perl 1.03-1 > ii libterm-readkey-perl 2.33-1+b1 > ii perl 5.22.2-1 > ii xz-utils 5.1.1alpha+20120614-2.1 > > needrestart recommends no packages. > > Versions of packages needrestart suggests: > ii libnotify-bin0.7.6-2 > ii needrestart-session 0.3-2 > > -- no debconf information > > -- > bye, > pabs > > https://wiki.debian.org/PaulWise -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#826526: needrestart: systemctl_combine option does not work
tags 826526 upstream,fixed-upstream
thanks
Hi Paul,
Paul Wise writes:
> [ Unknown signature status ]
> Package: needrestart
> Version: 2.8-1
> Severity: normal
>
> The systemctl_combine option does not appear to work:
>
> root@chianamo ~ # grep -r systemctl_combine /etc/needrestart/
> /etc/needrestart/needrestart.conf:$nrconf{systemctl_combine} = 1;
> /etc/needrestart/conf.d/pabs.conf:$nrconf{systemctl_combine} = 1;
there was a wrong perl 'local' statement hiding configuration options
where the command line string is build. Fix will be part of needrestart
2.9.
HTH,
Thomas
> root@chianamo ~ # needrestart
> Scanning processes...
> Scanning candidates...
> Scanning linux images...
> Running kernel seems to be up-to-date.
> Services to be restarted:
> systemctl restart cron.service
> systemctl restart dbus.service
> systemctl restart NetworkManager.service
> No containers need to be restarted.
>
> -- System Information:
> Debian Release: stretch/sid
> APT prefers testing-debug
> APT policy: (900, 'testing-debug'), (900, 'testing'), (800,
> 'unstable-debug'), (800, 'unstable'), (790, 'buildd-unstable'), (700,
> 'experimental-debug'), (700, 'experimental'), (690, 'buildd-experimental')
> Architecture: amd64 (x86_64)
>
> Kernel: Linux 4.6.0-trunk-amd64 (SMP w/4 CPU cores)
> Locale: LANG=en_AU.utf8, LC_CTYPE=en_AU.utf8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: systemd (via /run/systemd/system)
>
> Versions of packages needrestart depends on:
> ii dpkg 1.18.7
> ii gettext-base 0.19.7-2
> ii libintl-perl 1.24-1
> ii libmodule-find-perl0.13-1
> ii libmodule-scandeps-perl1.21-1
> ii libproc-processtable-perl 0.53-1+b1
> ii libsort-naturally-perl 1.03-1
> ii libterm-readkey-perl 2.33-1+b1
> ii perl 5.22.2-1
> ii xz-utils 5.1.1alpha+20120614-2.1
>
> needrestart recommends no packages.
>
> Versions of packages needrestart suggests:
> ii libnotify-bin0.7.6-2
> ii needrestart-session 0.3-2
>
> -- no debconf information
>
> --
> bye,
> pabs
>
> https://wiki.debian.org/PaulWise
--
:: WWW:https://fiasko-nw.net/~thomas/ ::
::: Jabber: xmpp:tho...@jabber.fiasko-nw.net :::
:: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#813079: chromium.desktop: StartupWMClass does not match actual WM_CLASS
found 813079 52.0.2743.116-2
affects 813079 docky
thanks
Hi,
it seems that the StartWMClass option has been already changed:
$ dpkg-query -W chromium
chromium52.0.2743.116-2
$ grep WMClass /usr/share/applications/chromium.desktop
StartupWMClass=chromium-browser
Sadly, the WM_CLASS of chromium's window does not match again:
$ xprop | grep WM_CLASS
WM_CLASS(STRING) = "chromium", "chromium"
Please change StartupWMClass to "chromium". The dock app "docky" shows
a wrong icon and name for chromium as a result of the mismatching
class name since it searches for the StartupWMClass option of
.desktop files[1] to find icons and names.
[1]
http://wiki.go-docky.com/index.php?title=How_to_Customize_Window_Matching
TIA & HTH,
Thomas
On Fri, Jan 29, 2016 at 02:25:56PM +0100, Alessio wrote:
> Package: chromium
> Version: 47.0.2526.80-1~deb8u1
> Severity: minor
>
> Dear Maintainer,
>
> launching Chromium from gnome-shell favourites crates a new icon on the bar,
> instead of marking the favourite icon as an open application.
>
> This is due to a mismatch between the StartupWMClass in chromium.desktop
> ("Chromium") and the actual WM_CLASS of Chromium window ("chromium-browser").
>
> Setting "StartupWMClass=chromium-browser" in chromium.desktop solves the
> problem.
>
> Thanks for your work
> --
> Alessio Gaeta
>
>
>
> -- System Information:
> Debian Release: stretch/sid
> APT prefers testing
> APT policy: (850, 'testing')
> Architecture: amd64 (x86_64)
> Foreign Architectures: i386
>
> Kernel: Linux 4.3-3.dmz.6-liquorix-amd64 (SMP w/4 CPU cores; PREEMPT)
> Locale: LANG=it_IT.utf8, LC_CTYPE=it_IT.utf8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: systemd (via /run/systemd/system)
>
> Versions of packages chromium depends on:
> ii libasound2 1.0.29-1
> ii libatk1.0-0 2.18.0-1
> ii libc62.21-6
> ii libcairo21.14.6-1
> ii libcups2 2.1.2-2+b1
> ii libdbus-1-3 1.10.6-1
> ii libexpat12.1.0-7
> ii libfontconfig1 2.11.0-6.3
> ii libfreetype6 2.6.1-0.1
> ii libgcc1 1:5.3.1-7
> ii libgdk-pixbuf2.0-0 2.32.3-1
> ii libglib2.0-0 2.46.2-3
> ii libgnome-keyring03.12.0-1+b1
> ii libgtk2.0-0 2.24.29-1
> ii libjpeg62-turbo 1:1.4.1-2
> ii libnspr4 2:4.11-1
> ii libnspr4-0d 2:4.11-1
> ii libnss3 2:3.21-1
> ii libnss3-1d 2:3.21-1
> ii libpango-1.0-0 1.38.1-1
> ii libpangocairo-1.0-0 1.38.1-1
> ii libpci3 1:3.3.1-1.1
> ii libspeechd2 0.8-7
> ii libsrtp0 1.4.5~20130609~dfsg-1.1
> ii libstdc++6 5.3.1-7
> ii libx11-6 2:1.6.3-1
> ii libxcomposite1 1:0.4.4-1
> ii libxcursor1 1:1.1.14-1+b1
> ii libxdamage1 1:1.1.4-2+b1
> ii libxext6 2:1.3.3-1
> ii libxfixes3 1:5.0.1-2+b2
> ii libxi6 2:1.7.5-1
> ii libxml2 2.9.3+dfsg1-1
> ii libxrandr2 2:1.5.0-1
> ii libxrender1 1:0.9.9-2
> ii libxslt1.1 1.1.28-2.1
> ii libxss1 1:1.2.2-1
> ii libxtst6 2:1.2.2-1+b1
> ii x11-utils7.7+3
> ii xdg-utils1.1.1-1
>
> chromium recommends no packages.
>
> Versions of packages chromium suggests:
> pn chromium-inspector
> ii chromium-l10n 47.0.2526.80-1~deb8u1
>
> -- no debconf information
>
--
:: WWW:https://fiasko-nw.net/~thomas/ ::
::: Jabber: xmpp:tho...@jabber.fiasko-nw.net :::
:: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#833111: otrs2: use init system for starting otrs.Daemon.pl / needrestart
Hi, On Fri, Aug 12, 2016 at 04:23:08PM +0200, Patrick Matthäi wrote: > > Am 01.08.2016 um 02:48 schrieb Sven Strickroth: > > Package: otrs2 > > Version: 5.0.10-1~bpo8+1 > > Severity: minor > > > > Dear Maintainer, > > > > right now the OTRS daemon (otrs.Daemon.pl) is started using cron. This leads > > to restarting issues in combination with the needrestart tool which says > > that > > cron needs to be restarted after perl (security) updates, but restarting it > > doesn't help as otrs.Daemon.pl is not restarted. Only killing otrs.Daemon.pl > > manually solves the issue and makes sure that the daemon is restarted. > I think in this case it is better to blacklist otrs.Daemon.pl in > needrestart. > What do you say Thomas? this sounds odd - and I don't like blacklisting in needrestart (while add stuff to the override_rc option is OK, but does not help for this issue). > > Therefore, why not use the initsystem for starting/stopping the ORTS > > daemon? > That is not wanted by upstream. Cron is the recommend usage to ensure, > that it gets automatic restarted in every setup, if something fails at > the daemon. This sounds broken, especially if otrs.Daemon.pl is not detached from crond. HTH, Thomas > -- > /* > Mit freundlichem Gruß / With kind regards, > Patrick Matthäi > GNU/Linux Debian Developer > > Blog: http://www.linux-dev.org/ > E-Mail: pmatth...@debian.org > patr...@linux-dev.org > */ > -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#828103: needrestart: false positive: pulseaudio: orcexec files in /run
tags 828103 upstream fixed-upstream thanks Hi Paul, On Sat, Jun 25, 2016 at 07:36:22AM +0200, Paul Wise wrote: > There is a false positive with pulseaudio and files in /run: > > needrestart output: > # needrestart -v > ... > [main] #1976 uses deleted /run/user/1000/orcexec.nXwDNz although there was already a detection of Oil Runtime Compiler's JIT files it did not work for deleted files (due to the suffix ' (deleted)' in /proc/$$/maps). I've extended the regex accordingly. Thanks & HTH, Thomas -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#826220: needrestart: Allow usage of different config file when run from APT
tags 826220 upstream fixed-upstream thanks Hi Wolfgang, On Fri, Jun 03, 2016 at 02:12:17PM +0200, Wolfgang Karall-Ahlborn wrote: > It would be nice to be able to set a different config for APT, so the > interactive call of needrestart is could be plain 'needrestart' again. I've changed call of needrestart with-in apt-pinvoke to pass arguments. This allows you to adjust the config file /etc/apt/apt.conf.d/99needrestart to pass a configuration file option to needrestart. HTH, Thomas > Cheers > Wolfgang > > -- Package-specific info: > needrestart output: > Your outdated processes: > ApacheDirectory[9304], at-spi-bus-laun[2309], at-spi2-registr[2346], > bash[2241, 2245, 2104, 2116, 2246, 2108, 2243, 2110], chromium[3537, 3545, > 3587, 3576], dane-plug[3958], > dbus-daemon[2340, 1846], dbus-launch[1845], dconf-service[19859], > dnssec-plug[3843], gconfd-2[3638], gkrellm[2055], gvfsd[1952], > gvfsd-metadata[20750], gvfsd-trash[19829], > gvfs-udisks2-vo[19817], mosh-client[8020], panel-13-systra[1983], > panel-16-action[1984], sh[1809], systemd[1796], Thunar[1881], > thunderbird[9255], tpb[1854], > wicd-client[2092], xfce4-panel[1883], xfce4-session[1871], > xfce4-volumed[2100], xfconfd[1875], xfdesktop[1982], xfrun4[9247], > xfsettingsd[1888], xfwm4[1879], > xscreensaver[2097], xterm[2060, 2061, 2058, 2057, 2063, 2056, 2059, 2062], > x-www-browser[3634] > > checkrestart output: > > > -- System Information: > Debian Release: stretch/sid > APT prefers unstable > APT policy: (500, 'unstable') > Architecture: i386 (i686) > > Kernel: Linux 4.5.0-2-686-pae (SMP w/4 CPU cores) > Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/bash > Init: sysvinit (via /sbin/init) > > Versions of packages needrestart depends on: > ii dpkg 1.18.7 > ii gettext-base 0.19.7-2 > ii libintl-perl 1.24-1 > ii libmodule-find-perl0.13-1 > ii libmodule-scandeps-perl1.21-1 > ii libproc-processtable-perl 0.53-1+b1 > ii libsort-naturally-perl 1.03-1 > ii libterm-readkey-perl 2.33-1+b1 > ii perl 5.22.2-1 > ii xz-utils 5.1.1alpha+20120614-2.1 > > needrestart recommends no packages. > > Versions of packages needrestart suggests: > ii libnotify-bin 0.7.6-2 > > -- no debconf information > -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#832166: please don't restart lxcfs by default
tags 832166 fixed-upstream thanks Hi, On Sat, Jul 23, 2016 at 08:33:36AM +0200, Evgeni Golov wrote: > needrestart currently will try to restart lxcfs if that got upgraded, however > restarting it would result in all containers using it hanging, so please > don't :) I've added an override for lxcfs to the shipped configuration so it is not selected by default. HTH, Thomas > Greets > Evgeni > > -- System Information: > Debian Release: stretch/sid > APT prefers unstable > APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental') > Architecture: amd64 (x86_64) > Foreign Architectures: i386 > > Kernel: Linux 4.6.0-1-amd64 (SMP w/4 CPU cores) > Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > Init: systemd (via /run/systemd/system) > -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#831840: needrestart: false positive: restart due to grsec Linux kernel variant installed
severity 831840 minor tags 831840 wontfix upstream thanks Hi Paul, On Wed, Jul 20, 2016 at 12:52:16PM +0800, Paul Wise wrote: > I have linux-image-4.6.0-1-amd64 and linux-image-4.6.0-1-grsec-amd64 > installed and am running linux-image-4.6.0-1-amd64 because various > services fail under linux-image-4.6.0-1-grsec-amd64. Every time I run > needrestart I get a notice to reboot even though the Linux kernel > variant I am running has not been upgraded. Please change the code to > take into account the possibility of alternate kernel variants. > On Debian amd64 there are currently two kernel variants: rt grsec I have no idea howto reliable detect different variants of linux images. Looking for non-numeric or well known parts in the version string is fragile. Regards, Thomas > Scanning linux images... > Pending kernel upgrade! > > Running kernel version: > 4.6.0-1-amd64 > > Diagnostics: > The currently running kernel version is not the expected kernel version > 4.6.0-1-grsec-amd64. > > Restarting the system to load the new kernel will not be handled > automatically, so you should consider rebooting. [Return] > > -- System Information: > Debian Release: stretch/sid > APT prefers testing-debug > APT policy: (900, 'testing-debug'), (900, 'testing'), (800, > 'unstable-debug'), (800, 'unstable'), (790, 'buildd-unstable'), (700, > 'experimental-debug'), (700, 'experimental'), (690, 'buildd-experimental') > Architecture: amd64 (x86_64) > > Kernel: Linux 4.6.0-1-amd64 (SMP w/4 CPU cores) > Locale: LANG=en_AU.utf8, LC_CTYPE=en_AU.utf8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > Init: systemd (via /run/systemd/system) > > Versions of packages needrestart depends on: > ii dpkg 1.18.9 > ii gettext-base 0.19.8.1-1 > ii libintl-perl 1.24-1 > ii libmodule-find-perl0.13-1 > ii libmodule-scandeps-perl1.21-1 > ii libproc-processtable-perl 0.53-1+b1 > ii libsort-naturally-perl 1.03-1 > ii libterm-readkey-perl 2.33-1+b1 > ii perl 5.22.2-2 > ii xz-utils 5.1.1alpha+20120614-2.1 > > needrestart recommends no packages. > > Versions of packages needrestart suggests: > ii libnotify-bin0.7.6-2 > ii needrestart-session 0.3-2 > > -- no debconf information > > -- > bye, > pabs > > https://wiki.debian.org/PaulWise -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#827162: needrestart: reports unchanged backport kernel as changed
Hi,
On Mon, Jun 13, 2016 at 09:43:26AM +0200, Martin Steigerwald wrote:
> Means it thinks the kernel has changed, while it has not. I know for sure
> I booted exactly this kernel. It seems to be confused detecting the end of
> the version number in the second case as it appears that it uses the whole
> output of /proc/version for comparison.
I assume the problem might be triggered by the bpo kernel, but I did
not verify, yet. The problem should be exist before 2.8 since the
kernel detection stuff was not changed recently.
> mondschein:~> cat /proc/version
> Linux version 4.5.0-0.bpo.2-686 (debian-ker...@lists.debian.org) (gcc version
> 4.9.2 (Debian 4.9.2-10) ) #1 SMP Debian 4.5.4-1~bpo8+1 (2016-05-13)
>
>
> Why doesn´t it just use uname -r and be done with it?
Using `uname -r` would hide ABI compatible (security) updates :-(
> On another of my Debian Jessie server VMs I am not seeing this issue, but
> it uses amd64 as architecture instead of i386.
Could you please provide the output of `needrestart -v -r l`? It would
be sufficient to provide the kernel related lines ('^[Kernel]' until
the kernel status message).
HTH & TIA,
Thomas
--
:: WWW:https://fiasko-nw.net/~thomas/ ::
::: Jabber: xmpp:tho...@jabber.fiasko-nw.net :::
:: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#811417: apt-dater reports an error for servers with multi-line issue.net
severity 811417 normal tags 811417 wontfix thanks Re, On Sun, Jun 12, 2016 at 11:13:38PM +0200, Alexander Schier wrote: > Am 12.06.2016 um 21:30 schrieb Thomas Liske: > > > Does your issue.net contain the words 'error', 'warning' or 'failed' > > (case insensitive)? > Yes, it does. It has some legal notice, that access is logged in there, > which starts with "WARNING". so this triggers the error detection. > Maybe apt-dater just should supress the issue.net, like using "ssh -q"? It seems to depend on the OpenSSH version if -q or -qq is required. Since it might suppress other useful messages I do not like to add -q(q) by default. As a workaround you could: - add '-q' to /apt-dater/ssh/@opt-cmd in apt-dater.xml - disable or tune the err-pattern regex (i.e. with a negative look ahead) HTH, Thomas > See > http://serverfault.com/q/66986 > -- supp...@ibh.de Tel. +49 351 477 77 30 www.ibh.de Fax +49 351 477 77 39 --- Dipl.-Ing. Thomas Liske Teamleiter DataCenter Services IBH IT-Service GmbH Amtsgericht Dresden Gostritzer Str. 67a HRB 13626 D-01217 Dresden GF: Prof. Dr. Thomas Horn Germany VAT DE182302907 --- Ihr Partner für: LAN, WAN IP-Quality, Security, VoIP, SAN, Backup, USV --- professioneller IT-Service - kompetent und zuverlässig ---
Bug#811417: apt-dater reports an error for servers with multi-line issue.net
Re, On Sat, Jun 11, 2016 at 02:18:14PM +0200, Alexander Schier wrote: > > - ~/.local/share/apt-dater/history/$HOSTNAME:$SSHPORT/$TIMESTAMP/ > > - /var/lib/apt-dater/history/$HOSTNAME:$SSHPORT/$TIMESTAMP/ > -rwxr-xr-x 1 user user 69 Mai 4 18:21 command > -rw-r--r-- 1 user user0 Mai 4 18:35 failed > -rw-r--r-- 1 user user 104 Mai 4 18:35 meta > -rw-r--r-- 1 user user 2,2K Mai 4 18:35 timingfile > -rw-r--r-- 1 user user 55K Mai 4 18:35 typescript the existence of the file 'failed' indicates that the err-pattern (read: the grep -aisPe ... call) didmatch. > > grep -aisPe '((? I cannot get a usable output, because it contains a "dialog" (which > services do you want to restart), making grep output mostly garbage. > > Opening it with vim i see no errors and the file looks like this: > > Script started on Sa 11 Jun 2016 11:37:26 CEST > *** > my issue.net > *** Does your issue.net contain the words 'error', 'warning' or 'failed' (case insensitive)? > Are you sure you cannot reproduce? I tested it and adding / removing an > non-empty "/etc/issue.net" clearly triggers / removes the problem here. I'm unable to reproduce it. I think the false positive is triggered by the content of your issue.net. HTH, Thomas -- supp...@ibh.de Tel. +49 351 477 77 30 www.ibh.de Fax +49 351 477 77 39 --- Dipl.-Ing. Thomas Liske Teamleiter DataCenter Services IBH IT-Service GmbH Amtsgericht Dresden Gostritzer Str. 67a HRB 13626 D-01217 Dresden GF: Prof. Dr. Thomas Horn Germany VAT DE182302907 --- Ihr Partner für: LAN, WAN IP-Quality, Security, VoIP, SAN, Backup, USV --- professioneller IT-Service - kompetent und zuverlässig ---
Bug#827107: uses obsolete tmux option "status-utf8"
tags 827107 upstream fixed-upstream thanks Hi, thanks for the hint - the options was dropped with tmux 2.2: https://github.com/tmux/tmux/commit/1b86f520ea1620628e569ea833c7b13306c18a4e I've changed the tmux.conf within apt-dater by adding the "-q" flag. apt-dater will work with any tmux version, we can drop the line some time later. Thanks & HTH, Thomas On Sun, Jun 12, 2016 at 12:56:02PM +0200, Evgeni Golov wrote: > Package: apt-dater > Version: 1.0.2+git20151216-1 > Severity: important > > Ohai, > > when attaching to a session (like when you update multiple hosts at once), > tmux just prints out a warning and does not show any content: > /home/evgeni/.config/apt-dater/tmux.conf:19: unknown option: status-utf8 > > The option itself is obsolete: > https://github.com/tmux/tmux/issues/230 > > Please either remove the line or replace "set -g" with "set -gq" to silence > the warning. > > Greets > Evgeni > > -- System Information: > Debian Release: stretch/sid > APT prefers unstable > APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental') > Architecture: amd64 (x86_64) > Foreign Architectures: i386 > > Kernel: Linux 4.5.0-2-amd64 (SMP w/4 CPU cores) > Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > Init: systemd (via /run/systemd/system) > > Versions of packages apt-dater depends on: > ii libc6 2.22-10 > ii libglib2.0-02.48.1-1 > ii libncursesw56.0+20160319-1 > ii libpopt01.16-10 > ii libtcl8.5 8.5.19-2 > ii libtinfo5 6.0+20160319-1 > ii libxml-writer-perl 0.625-1 > ii libxml2 2.9.3+dfsg1-1.2 > ii lockfile-progs 0.1.17 > ii openssh-client 1:7.2p2-5 > ii perl5.22.2-1 > ii tmux2.2-3 > > apt-dater recommends no packages. > > Versions of packages apt-dater suggests: > pn apt-dater-host > ii xsltproc1.1.28-4 > > -- Configuration Files: > /etc/apt-dater/apt-dater.xml [Errno 13] Permission denied: > u'/etc/apt-dater/apt-dater.xml' > /etc/apt-dater/hosts.xml [Errno 13] Permission denied: > u'/etc/apt-dater/hosts.xml' > > -- no debconf information > -- supp...@ibh.de Tel. +49 351 477 77 30 www.ibh.de Fax +49 351 477 77 39 --- Dipl.-Ing. Thomas Liske Teamleiter DataCenter Services IBH IT-Service GmbH Amtsgericht Dresden Gostritzer Str. 67a HRB 13626 D-01217 Dresden GF: Prof. Dr. Thomas Horn Germany VAT DE182302907 --- Ihr Partner für: LAN, WAN IP-Quality, Security, VoIP, SAN, Backup, USV --- professioneller IT-Service - kompetent und zuverlässig ---
Bug#812871: apt-dater: Some configured hosts are not displayed until any host is refreshed
tags 812871 upstream unreproducible
thanks
Hi Stephan,
On Wed, Jan 27, 2016 at 01:44:44PM +, Stephan Suerken wrote:
> Package: apt-dater
> Version: 1.0.2+git20151216-1
> Severity: normal
>
> Dear Maintainer,
>
> every now and the, when I initially start apt-dater, I have the
> strange behaviour that some hosts are not shown at all (i.e., in
> _none_ of the sections).
>
> As soon as I refresh ("g") any other host, all configured hosts
> are shown, and everything is fine again.
>
> Also, quitting and restarting apt-dater immediately after that
> does correctly show all hosts -- so I am assuming some days of
> "not using" apt-dater is needed to see that behaviour.
sounds weirrd. Sadly I was not able to reproduce this bug (having more
than 100 hosts in apt-dater it might be easily overlooked :-( ).
Did you something special to the affected hosts before (i.e. aborting
the connection, kill the (screen|tmux) session etc.)?
> Afaiu, apt-dater should, at any time, show all configured hosts
> (in the appropriate sections).
ACK
Thx,
Thomas
> Hth!
>
> Stephan
>
> *** Reporter, please consider answering these questions, where appropriate ***
>
>* What led up to the situation?
>* What exactly did you do (or not do) that was effective (or
> ineffective)?
>* What was the outcome of this action?
>* What outcome did you expect instead?
>
> *** End of the template - remove these template lines ***
>
>
> -- System Information:
> Debian Release: stretch/sid
> APT prefers unstable
> APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
> Architecture: amd64 (x86_64)
>
> Kernel: Linux 4.3.0-0.bpo.1-amd64 (SMP w/4 CPU cores)
> Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: systemd (via /run/systemd/system)
>
> Versions of packages apt-dater depends on:
> ii libc6 2.21-7
> ii libglib2.0-02.46.2-3
> ii libncursesw56.0+20151024-2
> ii libpopt01.16-10
> ii libtcl8.5 8.5.18-3
> ii libtinfo5 6.0+20151024-2
> ii libxml-writer-perl 0.625-1
> ii libxml2 2.9.3+dfsg1-1
> ii lockfile-progs 0.1.17
> ii openssh-client 1:7.1p2-2
> ii perl5.22.1-4
> ii tmux2.1-3
>
> apt-dater recommends no packages.
>
> Versions of packages apt-dater suggests:
> pn apt-dater-host
> pn xsltproc
>
> -- Configuration Files:
> /etc/apt-dater/apt-dater.xml [Errno 13] Permission denied:
> u'/etc/apt-dater/apt-dater.xml'
> /etc/apt-dater/hosts.xml [Errno 13] Permission denied:
> u'/etc/apt-dater/hosts.xml'
>
> -- no debconf information
>
--
supp...@ibh.de Tel. +49 351 477 77 30
www.ibh.de Fax +49 351 477 77 39
---
Dipl.-Ing. Thomas Liske
Teamleiter DataCenter Services
IBH IT-Service GmbH Amtsgericht Dresden
Gostritzer Str. 67a HRB 13626
D-01217 Dresden GF: Prof. Dr. Thomas Horn
Germany VAT DE182302907
---
Ihr Partner für: LAN, WAN IP-Quality, Security, VoIP, SAN, Backup, USV
---
professioneller IT-Service - kompetent und zuverlässig
---
Bug#811417: apt-dater reports an error for servers with multi-line issue.net
tags 811417 moreinfo upstream thanks Hi, On Mon, Jan 18, 2016 at 07:47:59PM +0100, Alexander Schier wrote: > Package: apt-dater > Version: apt-dater reports an error for servers with multi-line > issue.net which version of apt-dater did you use? > Severity: important > > Dear Maintainer, > apt-dater reports an error after each upgrade for hosts, where > /etc/issue.net has multiple lines, like: > > $ cat /etc/issue.net > > internal system: xyz > > > Maybe it thinks the issue.net is an error message. One line issue.net > files work, even if its not the standard GNU/Linux Debian x.y line. Those lines should not trigger anything. Could you please provide an `ls -lha` of the host's history directory, i.e.: - ~/.local/share/apt-dater/history/$HOSTNAME:$SSHPORT/$TIMESTAMP/ - /var/lib/apt-dater/history/$HOSTNAME:$SSHPORT/$TIMESTAMP/ If there is a file named 'failed' than there was an error on the remote site (connection problem, apt-get return code indicating an error etc.). If there is no file named 'failed', please provide the output of grep -aisPe '((?
Bug#813103: apt-dater: Typo in the german translation
tags 813103 upstream fixed-upstream thanks Hi Alexander, the typo has been fixed upstream. Thanks for reporting. HTH, Thomas On Fri, Jan 29, 2016 at 11:57:01AM +0100, Alexander Schier wrote: > Package: apt-dater > Version: Typo in the german translation > Severity: minor > > Dear Maintainer, > The german translation has a typo > > aktuallisiert > should be "aktualisiert" with one l > > > -- System Information: > Debian Release: 8.3 > APT prefers stable > APT policy: (900, 'stable'), (100, 'stable-updates'), (100, > 'experimental'), (100, 'unstable') > Architecture: amd64 (x86_64) > > Kernel: Linux 3.16.0-4-amd64 (SMP w/8 CPU cores) > Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > Init: sysvinit (via /sbin/init) > -- supp...@ibh.de Tel. +49 351 477 77 30 www.ibh.de Fax +49 351 477 77 39 --- Dipl.-Ing. Thomas Liske Teamleiter DataCenter Services IBH IT-Service GmbH Amtsgericht Dresden Gostritzer Str. 67a HRB 13626 D-01217 Dresden GF: Prof. Dr. Thomas Horn Germany VAT DE182302907 --- Ihr Partner für: LAN, WAN IP-Quality, Security, VoIP, SAN, Backup, USV --- professioneller IT-Service - kompetent und zuverlässig ---
Bug#826044: needrestart: Hangs in apt hook with a zombie
Hi Axel, could you please provide your needrestart config (if changed from defaults)? Is the problem reproducable? Could you attach strace to needrestart while it hangs? TIA & HTH, Thomas On Wed, Jun 01, 2016 at 10:20:58PM +0200, Axel Beckert wrote: > Package: needrestart > Version: 2.8-1 > Severity: important > > Dear Maintainer, > > after this evening's package upgraee run, needrestart did no more exit > when running during the apt hook. htop shows a needrestart zombie > process: > > 5803 root 20 0 25776 4224 2092 S 0.0 0.0 4:40.53 `- SCREEN -RdU > 8398 root 20 0 20408 3432 2800 S 0.0 0.0 0:00.10 | `- /bin/bash > 6327 root 20 0 20420 3460 2812 S 0.0 0.0 0:00.18 | `- /bin/bash > 6304 root 20 0 20408 3416 2780 S 0.0 0.0 0:00.10 | `- /bin/bash > 27888 root 20 0 25576 6124 2696 R 0.7 0.0 0:09.58 | | `- htop > 5804 root 20 0 20404 3456 2824 S 0.0 0.0 0:00.28 | `- /bin/bash > 12196 root 20 0 598M 189M 45008 S 0.0 0.3 0:08.04 | `- > aptitude -u > 24022 root 20 0 598M 146M 1056 S 0.0 0.2 0:00.00 |`- > aptitude -u > 24160 root 20 0 4308 800 716 S 0.0 0.0 0:00.00 || `- > sh -c test -x /usr/lib/needrestart/apt-pinvoke && > /usr/lib/needrestart/apt-pinvoke || true > 24161 root 20 0 60748 17904 4172 S 0.0 0.0 0:00.14 || > `- /usr/bin/perl -w /usr/share/debconf/frontend /usr/sbin/needrestart > 24169 root 20 0 0 0 0 Z 0.0 0.0 0:00.32 || >`- needrestart > 12950 root 20 0 598M 189M 45008 S 0.0 0.3 0:00.03 |`- > aptitude -u > > -- Package-specific info: > needrestart output: > Your outdated processes: > at-spi-bus-laun[4320], at-spi2-registr[4327], autocutsel[4157], autossh[5455, > 7277], ccze[7278, > 6818], dbus-daemon[4119, 4325], dbus-launch[4118], dconf-service[5282], > emacs[19225], > gconfd-2[5169], gvfs-afc-volume[9291], gvfsd[4337], gvfsd-metadata[2930], > gvfs-goa-volume[9281], > gvfs-gphoto2-vo[9286], gvfs-mtp-volume[9276], gvfs-udisks2-vo[9270], > iceweasel[5134], i3[4090], > i3bar[23198], kded4[5223], kdeinit4[5218], keynav[4156], > kglobalaccel[23813], klauncher[5221], > knotify4[23815], kuiserver[2386], kwalletd[4348], kwalletd5[4344], > less[29138, 28543, 925, 6359], > liferea[5241], monkeysphere-va[4128], mupdf-x11[31981, 30942, 2413], > somethings.sh[7270], > qasmixer[4316], redshift[4332], redshift-gtk[4317], sh[19955, 29041, 17207, > 9311, 931, 9266, > 23196, 10005, 15544, 5322, 5505, 5296, 21319, 23162, 15312, 7326, 4354, > 30550, 13700, 7300, 5386, > 1777, 3129, 20251, 12472, 30276, 14582, 8125], smart-notifier[4296], > specto[9145], ssh[13024, > 5466], tail[6817], unclutter[4125], .xsession[4312, 4313], xsettingsd[4440], > xterm[5297, 1778, > 7301, 3130, 5387, 15313, 9267, 5323, 20252, 17208, 30277, 30551, 29042, > 8126, 12473, 15545, 14583, > 10006, 9312, 5506, 7327, 21320, 13701, 23163, 19956, 932, 4355], > yeahconsole[4170], zsh[5391, > 5327, 15549, 13705, 29046, 5510, 936, 8130, 4359, 1782, 9316, 5301, 14587, > 12477, 19960, 20256, > 9274, 7305, 7331, 30555, 21324, 30281, 17212, 4193, 10010, 3134, 15317, > 23167] > > checkrestart output: > > > -- System Information: > Debian Release: stretch/sid > APT prefers unstable > APT policy: (990, 'unstable'), (600, 'testing'), (500, 'unstable-debug'), > (500, 'buildd-unstable'), (110, 'experimental'), (1, 'experimental-debug'), > (1, 'buildd-experimental') > Architecture: amd64 (x86_64) > > Kernel: Linux 4.6.0-trunk-amd64 (SMP w/8 CPU cores) > Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > Init: sysvinit (via /sbin/init) > > Versions of packages needrestart depends on: > ii dpkg 1.18.7 > ii gettext-base 0.19.7-2 > ii libintl-perl 1.24-1 > ii libmodule-find-perl0.13-1 > ii libmodule-scandeps-perl1.21-1 > ii libproc-processtable-perl 0.53-1+b1 > ii libsort-naturally-perl 1.03-1 > ii libterm-readkey-perl 2.33-1+b1 > ii perl 5.22.2-1 > ii xz-utils 5.1.1alpha+20120614-2.1 > > needrestart recommends no packages. > > Versions of packages needrestart suggests: > ii libnotify-bin0.7.6-2 > ii needrestart-session 0.3-2 > > -- no debconf information -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#795787: needrestart-session doesn't work when installing a package via dpkg
tags 795787 upstream wontfix severity 795787 wishlist reassign 795787 needrestart thanks Hi, On Sun, Aug 16, 2015 at 10:14:50PM +0200, Christoph Anton Mitterer wrote: > On Mon, 2015-08-17 at 01:24 +0530, shirish शिरीष wrote: > > When a package is installed via dpkg, needrestart-session stays > > silent. Giving the way it traditionally works and then when one uses > I'd guess that's kinda intended. > > With dpkg you really do just the bare-down package installation, no > highler level "rubbish" as apt-changelog, apt-listbugs, rkhunter hooks > etc. Full ACK. needrestart-session is called by needrestart via dbus (so I reassigned this report to the needrestart package). needrestart is called automaticly by apt-get due to a Dpkg::Post-Invoke hook after package upgrades/installs. HTH, Thomas -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#787292: needrestart-session: running needrestart-session with arguments makes it "silent"
tags 787292 upstream severity 787292 minor thanks Hi Chris, On Sun, May 31, 2015 at 06:52:35AM +0200, Christoph Anton Mitterer wrote: > When needrestart-session is run (as user) with an argument, e.g. > $ needrestart-session foo > it doesn't seem to do anything (not even the "nothing found" popup). this is intentional. If needrestart-session is triggered via dbus it is called with an argument. From the source: # Don't show any progressbar nor 'Nothing found...' message if there # was a parameter supplied (as needrestart-dbus-session does). I was just to lazy to add any argument parsing, yet. I did not expect that users are calling needrestart-session manually suppling arguments. I'm going to add some basic getopts stuff so there will --(help|version) avialable, too. HTH, Thomas > > -- System Information: > Debian Release: stretch/sid > APT prefers unstable > APT policy: (500, 'unstable') > Architecture: amd64 (x86_64) > > Kernel: Linux 4.0.0-1-amd64 (SMP w/8 CPU cores) > Locale: LANG=en_DE.utf8, LC_CTYPE=en_DE.utf8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > Init: systemd (via /run/systemd/system) > > Versions of packages needrestart-session depends on: > ii libnet-dbus-perl 1.1.0-3 > ii libproc-processtable-perl 0.51-1 > ii libwx-perl 1:0.9923-4 > ii needrestart2.1-1 > ii perl 5.20.2-6 > ii policykit-10.105-8 > ii wmctrl 1.07-7 > > needrestart-session recommends no packages. > > needrestart-session suggests no packages. > > -- no debconf information > -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#824564: libterm-readkey-perl: supply a filehandle parameter on GetTerminalSize don't work work
Package: libterm-readkey-perl
Version: 2.32-1+b1
Severity: normal
Tags: patch, upstream
Hi,
there seems to be a bug in GetTerminalSize using the optional filehandle
parameter. The man page reads:
GetTerminalSize [Filehandle]
But the implementation ignores the first parameter and expects the filehandle
as second parameter:
sub GetTerminalSize
{
my ($file) = normalizehandle( ( @_ > 1 ? $_[1] : \*STDOUT ) );
So it seems to be a off-by-one error, I've attached a trival patch.
HTH,
Thomas
-- System Information:
Debian Release: 8.4
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.3.3-tl1+ (SMP w/4 CPU cores; PREEMPT)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)
Versions of packages libterm-readkey-perl depends on:
ii libc6 2.19-18+deb8u4
ii perl5.20.2-3+deb8u4
ii perl-base [perlapi-5.20.0] 5.20.2-3+deb8u4
libterm-readkey-perl recommends no packages.
libterm-readkey-perl suggests no packages.
-- no debconf information
--- /usr/lib/x86_64-linux-gnu/perl5/5.20/Term/ReadKey.pm 2014-03-03 19:23:04.0 +0100
+++ ReadKey.pm-params 2016-05-17 16:56:53.151701359 +0200
@@ -350,7 +350,7 @@
sub GetTerminalSize
{
-my ($file) = normalizehandle( ( @_ > 1 ? $_[1] : \*STDOUT ) );
+my ($file) = normalizehandle( ( @_ > 0 ? $_[0] : \*STDOUT ) );
my (@results) = ();
my (@fail);
Bug#819824: easy mode for needrestart
tags 819824 fixed-upstream
thanks
Hi,
the easy mode is now using debconf for user notification and is part
of the needrestart 2.8 release.
HTH,
Thomas
On Sun, May 08, 2016 at 12:34:08PM +0200, Thomas Liske wrote:
> Hi Patrick,
>
> I've added a first implementation of a easy mode:
>
> # needrestart -r l -m e
> Scanning processes...
>
> Scanning candidates...
>
> Scanning linux images...
>
> Some services need to be restarted!
> Some user sessions running outdated binaries!
>
> This system runs outdated binaries, you should consider rebooting!
> For more details, run 'needrestart -m a'.
>
>
> The new CLI option '-m' (there is a config file option, too) can be
> used to switch between (e)asy and (a)dvanced mode. I will put the
> final notification ("This system...") into debconf, so debconf will
> notify the user using its own UI implementation.
>
> The default configuration is using advanced mode and interactive
> restarts - but you could easily override it by a config file in
> /etc/needrestart/conf.d/.
>
> There is still some testing and tuning required, maybe you could give
> it a try? If you have needrestart 2.7-1 installed it should be suffice
> to grab the needrestart command from git
> (i.e. https://raw.githubusercontent.com/liske/needrestart/master/needrestart).
>
>
> HTH & TIA,
> Thomas
>
>
> On Sun, Apr 24, 2016 at 02:08:51PM +0200, Thomas Liske wrote:
> > tags 819824 upstream
> > thanks
> >
> >
> > Hi Patrick,
> >
> > On Sat, Apr 02, 2016 at 07:18:39PM +, Patrick Schleizer wrote:
> > > we are wondering if needrestart should be installed by default in Whonix.
> > >
> > > When needrestart is automatically run during apt-get dist-upgrade,
> > > I am concerned, that its output by default is too technical and verbose
> > > and will therefore add more confusion.
> >
> > ACK
> >
> > > Therefore I am hereby kindly asking if you could add an easy mode please?
> > >
> > > - can be enabled by dropping some file into /etc/needrestart/conf.d
> > > - no automatic restart
> > > - it's output would be limited to the following
> > >
> > > > Services need to be restarted. Reboot recommended.
> > > > For more information, see 'man needrestart'.
> > >
> > > Or does the current configuration already allow configuring needrestart
> > > that way?
> >
> > to disable any restarts you could try:
> >
> > # Restart services (l)ist only, (i)nteractive or (a)utomatically.
> > $nrconf{restart} = 'l';
> >
> > But it will still print the commands to restart the affected services.
> > To reduce the output to a minimum as in your example requires changes
> > in needrestart.
> >
> >
> > HTH,
> > Thomas
> >
> > --
> >
> > :: WWW:https://fiasko-nw.net/~thomas/ ::
> >::: Jabber: xmpp:tho...@jabber.fiasko-nw.net :::
> > :: flickr: https://www.flickr.com/photos/laugufe/ ::
> >
> --
>
> :: WWW:https://fiasko-nw.net/~thomas/ ::
>::: Jabber: xmpp:tho...@jabber.fiasko-nw.net :::
> :: flickr: https://www.flickr.com/photos/laugufe/ ::
>
--
:: WWW:https://fiasko-nw.net/~thomas/ ::
::: Jabber: xmpp:tho...@jabber.fiasko-nw.net :::
:: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#824184: needrestart: bashism in /etc/needrestart/notify.d/600-mail prevents disabling of sending mails
severity 824184 minor
tags 824184 upstream fixed-upstream
merge 824184 818001
thanks
Hi Axel,
On Fri, May 13, 2016 at 03:21:11PM +0200, Axel Beckert wrote:
> there is a bashism in /etc/needrestart/notify.d/600-mail (which has a
> "#!/bin/sh" shebang line):
upstream has been already fixed but a new version containing the fix
is not released, yet. The other notify.d scripts are broken, too.
Thanks & HTH,
Thomas
> $ checkbashisms /etc/needrestart/notify.d/600-mail
> possible bashism in /etc/needrestart/notify.d/600-mail line 25 (alternative
> test command ([[ foo ]] should be [ foo ])):
> if [[ "$NR_NOTIFYD_DISABLE_MAIL" -eq '1' ]]; then
>
> This prevents $NR_NOTIFYD_DISABLE_MAIL from working (if /bin/sh is
> e.g. a dash) and hence you can't disable that needrestart sends mails
> about processes with outdated libraries being loaded. (Which can be
> annoying. ;-)
>
> The following patch fixes this:
>
> --- /etc/needrestart/notify.d/600-mail~ 2016-03-10 19:40:25.0 +0100
> +++ /etc/needrestart/notify.d/600-mail 2016-05-13 15:12:57.071704687 +0200
> @@ -22,7 +22,7 @@
>
> . /usr/lib/needrestart/notify.d.sh
>
> -if [[ "$NR_NOTIFYD_DISABLE_MAIL" -eq '1' ]]; then
> +if [ "$NR_NOTIFYD_DISABLE_MAIL" -eq '1' ]; then
> echo "[$0] disabled in global config" 1>&2
> exit 1
> fi
>
> -- System Information:
> Debian Release: stretch/sid
> APT prefers unstable
> APT policy: (990, 'unstable'), (600, 'testing'), (500, 'unstable-debug'),
> (500, 'buildd-unstable'), (110, 'experimental'), (1, 'experimental-debug'),
> (1, 'buildd-experimental')
> Architecture: amd64 (x86_64)
>
> Kernel: Linux 4.6.0-rc7-amd64 (SMP w/8 CPU cores)
> Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: sysvinit (via /sbin/init)
>
> Versions of packages needrestart depends on:
> ii dpkg 1.18.7
> ii gettext-base 0.19.7-2
> ii libintl-perl 1.24-1
> ii libmodule-find-perl0.13-1
> ii libmodule-scandeps-perl1.21-1
> ii libproc-processtable-perl 0.53-1+b1
> ii libsort-naturally-perl 1.03-1
> ii libterm-readkey-perl 2.33-1+b1
> ii perl 5.22.2-1
> ii xz-utils 5.1.1alpha+20120614-2.1
>
> needrestart recommends no packages.
>
> Versions of packages needrestart suggests:
> ii libnotify-bin0.7.6-2
> ii needrestart-session 0.3-2
>
> -- Configuration Files:
> /etc/needrestart/notify.conf changed:
> NR_NOTIFYD_DISABLE_MAIL='1'
>
> /etc/needrestart/notify.d/600-mail changed:
> MAILX='/usr/bin/mail'
> test -x "$MAILX" || exit 1
> . /usr/lib/needrestart/notify.d.sh
> if [ "$NR_NOTIFYD_DISABLE_MAIL" -eq '1' ]; then
> echo "[$0] disabled in global config" 1>&2
> exit 1
> fi
> NR_USERID=`id -u "$NR_USERNAME"`
> if [ "0$NR_USERID" -gt 0 -a "0$NR_USERID" -lt 1000 ]; then
> echo "[$0] do not notify system-user $NR_USERNAME via mail" 1>&2
> exit 1
> fi
> echo "[$0] notify user $NR_USERNAME on $NR_SESSION via mail" 1>&2
> {
> _NR_FQDN=$(hostname -f)
> eval_gettext 'Your session on host $_NR_FQDN ($NR_SESSION) is running
> obsolete binaries or libraries as listed below.'
> echo
> echo
> gettext "Please consider a relogin or restart of the affected processes!"
> echo
> echo
> cat
> } | fold -s -w 72 | "$MAILX" -s "Relogin or restarts on host $(hostname)
> required!" "$NR_USERNAME"
>
>
> -- no debconf information
>
--
:: WWW:https://fiasko-nw.net/~thomas/ ::
::: Jabber: xmpp:tho...@jabber.fiasko-nw.net :::
:: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#819824: easy mode for needrestart
Hi Patrick,
I've added a first implementation of a easy mode:
# needrestart -r l -m e
Scanning processes...
Scanning candidates...
Scanning linux images...
Some services need to be restarted!
Some user sessions running outdated binaries!
This system runs outdated binaries, you should consider rebooting!
For more details, run 'needrestart -m a'.
The new CLI option '-m' (there is a config file option, too) can be
used to switch between (e)asy and (a)dvanced mode. I will put the
final notification ("This system...") into debconf, so debconf will
notify the user using its own UI implementation.
The default configuration is using advanced mode and interactive
restarts - but you could easily override it by a config file in
/etc/needrestart/conf.d/.
There is still some testing and tuning required, maybe you could give
it a try? If you have needrestart 2.7-1 installed it should be suffice
to grab the needrestart command from git
(i.e. https://raw.githubusercontent.com/liske/needrestart/master/needrestart).
HTH & TIA,
Thomas
On Sun, Apr 24, 2016 at 02:08:51PM +0200, Thomas Liske wrote:
> tags 819824 upstream
> thanks
>
>
> Hi Patrick,
>
> On Sat, Apr 02, 2016 at 07:18:39PM +, Patrick Schleizer wrote:
> > we are wondering if needrestart should be installed by default in Whonix.
> >
> > When needrestart is automatically run during apt-get dist-upgrade,
> > I am concerned, that its output by default is too technical and verbose
> > and will therefore add more confusion.
>
> ACK
>
> > Therefore I am hereby kindly asking if you could add an easy mode please?
> >
> > - can be enabled by dropping some file into /etc/needrestart/conf.d
> > - no automatic restart
> > - it's output would be limited to the following
> >
> > > Services need to be restarted. Reboot recommended.
> > > For more information, see 'man needrestart'.
> >
> > Or does the current configuration already allow configuring needrestart
> > that way?
>
> to disable any restarts you could try:
>
> # Restart services (l)ist only, (i)nteractive or (a)utomatically.
> $nrconf{restart} = 'l';
>
> But it will still print the commands to restart the affected services.
> To reduce the output to a minimum as in your example requires changes
> in needrestart.
>
>
> HTH,
> Thomas
>
> --
>
> :: WWW:https://fiasko-nw.net/~thomas/ ::
>::: Jabber: xmpp:tho...@jabber.fiasko-nw.net :::
> :: flickr: https://www.flickr.com/photos/laugufe/ ::
>
--
:: WWW:https://fiasko-nw.net/~thomas/ ::
::: Jabber: xmpp:tho...@jabber.fiasko-nw.net :::
:: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#818853: needrestart: systemd restart output
tags 818853 upstream fixed-upstream
thanks
Hi,
On Mon, Mar 21, 2016 at 10:31:38AM +0800, Paul Wise wrote:
> Package: needrestart
> Version: 2.7-1
> Severity: wishlist
>
> The needrestart output used to put systemctl restart commands all on
> one line, it would be nice to have that back and on systemd based
> systems, use systemctl for restarting all services, including the
> sysvinit services, since systemctl supports restarting those and you
> can restart everything with one command.
thanks for your report, upstream has been improved by:
- using LSB service units for SysV init scripts
- adding a new config option ($nrconf{systemctl_combine}) to print a
single combined systemctl restart command line - the default is off
to keep needrestarts current behavior
HTH,
Thomas
> --
> bye,
> pabs
>
> https://wiki.debian.org/PaulWise
>
>
--
:: WWW:https://fiasko-nw.net/~thomas/ ::
::: Jabber: xmpp:tho...@jabber.fiasko-nw.net :::
:: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#819824: easy mode for needrestart
tags 819824 upstream
thanks
Hi Patrick,
On Sat, Apr 02, 2016 at 07:18:39PM +, Patrick Schleizer wrote:
> we are wondering if needrestart should be installed by default in Whonix.
>
> When needrestart is automatically run during apt-get dist-upgrade,
> I am concerned, that its output by default is too technical and verbose
> and will therefore add more confusion.
ACK
> Therefore I am hereby kindly asking if you could add an easy mode please?
>
> - can be enabled by dropping some file into /etc/needrestart/conf.d
> - no automatic restart
> - it's output would be limited to the following
>
> > Services need to be restarted. Reboot recommended.
> > For more information, see 'man needrestart'.
>
> Or does the current configuration already allow configuring needrestart
> that way?
to disable any restarts you could try:
# Restart services (l)ist only, (i)nteractive or (a)utomatically.
$nrconf{restart} = 'l';
But it will still print the commands to restart the affected services.
To reduce the output to a minimum as in your example requires changes
in needrestart.
HTH,
Thomas
--
:: WWW:https://fiasko-nw.net/~thomas/ ::
::: Jabber: xmpp:tho...@jabber.fiasko-nw.net :::
:: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#817927: needrestart emits a lot of "Unknown option:" warnings (python buildbot)
tags 817927 fixed-upstream
thanks
Hi Francois,
needrestart uses the default Getopt::Std implementation shipped by
perl-modules - but python implements a custom getopts parser and
handles '-c' in the special way you've already described.
I dislike reimplementing the python approach again, but other
languages might make simular problems (i.e. perl using -e).
The upcoming needrestart 2.8 release will silence any getopts warnings
about unknown options. Furthermore, interpreters will be skipped if
they are using command line options (python -c, perl -e|E, ruby -e)
Thx & HTH,
Thomas
On Fri, Mar 11, 2016 at 06:22:51PM +0100, francois.petitj...@bureauveritas.com
wrote:
> Package: needrestart
> Version: 1.2-8+deb8u1
> Severity: normal
> Tags: upstream
>
> Dear Maintainer,
>
> I have installed needrestart on a number of jessie systems.
> Yesterday, I upgraded a machine from wheezy to jessie,
> This system acts as a buildmaster.
> and asoon asI instaled needrestart, I get the following warnings after
> each run of apt/aptitude::
> =
> [Core] Using UI 'NeedRestart::UI::stdio'...
> [main] detected systemd
> [Core] #1537 is a NeedRestart::Interp::Python
> Unknown option: -
> Unknown option: n
> Unknown option: o
> Unknown option: _
> Unknown option: a
> Unknown option: e
> Unknown option: -
> Unknown option: l
> Unknown option: o
> Unknown option: g
> Unknown option: f
> Unknown option: l
> Unknown option: e
> Unknown option: =
> Unknown option: w
> Unknown option: .
> Unknown option: l
> Unknown option: o
> Unknown option: g
> Unknown option: -
> Unknown option: p
> Unknown option: y
> Unknown option: o
> Unknown option: n
> Unknown option: =
> Unknown option: b
> Unknown option: l
> Unknown option: b
> Unknown option: o
> Unknown option: .
> Unknown option: a
> [Python] #1537: could not get a source file, skipping
> =
>
>
> The 1537 processus is the twisted daemon (buildmaster)
> fp2x@drbuildbot:~$ ps -edf | fgrep 1537
> buildbot 1537 1 0 10:24 ?00:00:05 /usr/bin/python -c from
> twisted.scripts import twistd; twistd.run() --no_save --logfile=twistd.log
> --python=buildbot.tac
> fp2x 13192 10967 0 17:34 pts/100:00:00 grep -F --color=auto 1537
> fp2x@drbuildbot:~$ cat /proc/1537/cmdline | tr '\0' '\n'
> /usr/bin/python
> -c[1]
> from twisted.scripts import twistd; twistd.run() [2]
> --no_save [3]
> --logfile=twistd.log [4]
> --python=buildbot.tac [5]
>
> Extract of /usr/share/perl5/NeedRestart/Interp/Python.pm
>104 # get original ARGV
>105 (my $bin, local @ARGV) = nr_parse_cmd($pid);
>
>106 # eat Python's command line options
>107 my %opts;
>108 getopts('BdEhim:ORQ:sStuvVW:x3?c:', \%opts);
>
>109 # extract source file
>110 unless($#ARGV > -1) {
>111 chdir($cwd);
>112 print STDERR "$LOGPREF #$pid: could not get a source file,
> skipping\n" if($self->{debug});
>113 return ();
>114 }
>115 my $src = $ARGV[0];
>
> We see that the getops() in line 108 emits a warning for each letter in
> lines
> [3] through [5] of ARGV which is not in the 'BdEhim:ORQ:sStuvVW:x3?c: set
>
> This parsing of a python command line is wrong. getopts() should be
> applied
> only to the part of ARGV which is before the '-c' option.
>
> The [3-[5] parameters are interpreted by the python twited daemon
> instance.
>
> I am not at ease enough with perl programming to provide a patch but the
> logic is
> Search backwards the (python) command line (argv) if there is a '-c'
> option.
> If the '-c' option is found, please ignore all the following tokens, and
> thre is no hope to detect a source file.
>
> IMHO, it is not a packagning bug, and it can affect a number of systems.
>
>
> -- Package-specific info:
> needrestart output:
> Running kernel seems to be up-to-date.
> No services need to be restarted.
>
> checkrestart output:
>
>
> -- System Information:
> Debian Release: 8.3
> APT prefers stable-updates
> APT policy: (500, 'stable-updates'), (500, 'stable')
> Architecture: amd64 (x86_64)
>
> Kernel: Linux 3.16.0-4-amd64 (SMP w/8 CPU cores)
> Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: systemd (via /run/systemd/system)
>
> Versions of packages needrestart depends on:
> ii dpkg 1.17.26
> ii libmodule-find-perl0.12-1
> ii libmodule-scandeps-perl1.16-1
> ii libproc-processtable-perl 0.51-1
> ii libsort-naturally-perl 1.03-1
> ii libterm-readkey-perl 2.32-1+b1
> ii perl 5.20.2-3+deb8u4
>
> needrestart recommends no packages.
>
> needrestart suggests no packages.
>
> -- no debconf information
>
> Cordialement,
> Regards,
> Mit freundlichen Grüßen,
> مع تحياتي
Bug#817807: needrestart: shouldn't restart xendomains by default
severity 817807 minor tags 817807 + upstream fixed-upstream thanks Hi, On Thu, Mar 10, 2016 at 03:42:20PM +0100, Samuel Thibault wrote: > Sometimes needrestart proposes to restart the xendomains service, and > that choice is enabled by default. This is not a good idea, since > restarting the xen domains can have very serious consequences. > > So even if it is proposed, I'd say the choice shouldn't be enabled by > default. this is /etc/init.d/xendomains from xen-utils-common, isn't it? Has been added to override_rc upstream. HTH & thanks, Thomas -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
Bug#818001: More bashisms
severity 818001 minor tags 818001 + upstream fixed-upstream thanks Hi, this issue has been fixed upstream. HTH & thanks, Thomas -- :: WWW:https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::
