gronod/lfs
1
0
Fork 0
mirror of https://git.linuxfromscratch.org/lfs.git synced 2025-06-19 03:39:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

generalize ken's note for shared library update, ...

Browse Source 
and move it into package management section
This commit is contained in:
Xi Ruoyao 2021-05-16 02:52:59 +08:00
parent 80838616e5
commit 59fef4c47e
No known key found for this signature in database
GPG Key ID: D95E4716CCBB34DC
2 changed files with 22 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
chapter08/openssl.xml
View File

@ -90,19 +90,10 @@ make MANSUFFIX=ssl install</userinput></screen>
<para> <para>
However, any running programs linked to those libraries need to be stopped However, any running programs linked to those libraries need to be stopped
and restarted. The following command, run as and restarted. Read the related entries in
<systemitem class="username">root</systemitem> after udating, will list what is <xref linkend='pkgmgmt-upgrade-issues'/> for details.
using the old versions of those libraries:
</para> </para>
<screen><userinput role="nodump">grep -l -e 'libssl.*deleted' -e 'libcrypto.*deleted' /proc/*/maps |
tr -cd 0-9\\n | xargs -r ps u</userinput></screen>
<para>
If you used <application>OpenSSH</application> to login to the system, you
need to logout, login again, and rerun that command to confirm nothing is
still using the deleted libraries.
</para>
</note> </note>
</sect2> </sect2>

21
chapter08/pkgmgt.xml
View File

@ -41,7 +41,7 @@
the <ulink url="&hints-root;">Hints Project</ulink> and see if one of them the <ulink url="&hints-root;">Hints Project</ulink> and see if one of them
fits your need.</para> fits your need.</para>
<sect2> <sect2 id='pkgmgmt-upgrade-issues'>
<title>Upgrade Issues</title> <title>Upgrade Issues</title>
<para>A Package Manager makes it easy to upgrade to newer versions when they <para>A Package Manager makes it easy to upgrade to newer versions when they
@ -91,6 +91,25 @@
you have to downgrade a package, or the package changes the versioning you have to downgrade a package, or the package changes the versioning
scheme of library files suddenly.</para> </listitem> scheme of library files suddenly.</para> </listitem>
<listitem> <para>If a package containing a shared library is updated,
and the name of library doesn't change, but a severe issue
(especially, a security vulnerability) is fixed, all running programs
linked to the shared library should be restarted. The following
command, run as <systemitem class="username">root</systemitem> after
updating, will list what is using the old versions of those libraries
(replace <replaceable>libfoo</replaceable> with the name of the
library):</para>
<screen><userinput role="nodump">grep -l -e '<replaceable>libfoo</replaceable>.*deleted' /proc/*/maps |
tr -cd 0-9\\n | xargs -r ps u</userinput></screen>
<para>
If <application>OpenSSH</application> is being used for accessing
the system and it is linked to the updated library, you need to
restart <command>sshd</command> service, then logout, login again,
and rerun that command to confirm nothing is still using the
deleted libraries.
</para></listitem>
</itemizedlist> </itemizedlist>
</sect2> </sect2>