checkrestart 命令

常用示例

说明

checkrestart identifies processes that are still using old (deleted) versions of libraries after upgrades. When system libraries are updated, running processes continue using the old versions loaded in memory. This tool finds these processes so they can be restarted to use the new libraries. After package updates, especially security patches, critical services may still run vulnerable code until restarted. checkrestart scans **/proc/*/maps for references to deleted library files and reports affected processes with suggested restart commands. The tool integrates with system init systems to suggest appropriate service restart commands (systemctl restart, service restart**). For non-service processes, it reports the process name and PID.

参数

-v, --verbose

Verbose output, enables -f and shows reasons for exclusions.

-f, --show-files

List the deleted files and which program is using them.

-d, --debug

Include debugging details in output, enables -v.

-t, --terse

Terse single-line output suitable for Nagios and similar monitoring tools.

-m, --machine

Machine-readable output; each line is tab-separated.

-p, --package

Only report processes that belong to a package.

-a, --all

Prevent exclude.conf and local-exclude.conf from being read.

-n, --no-lsof

Do not use lsof(8) even if available.

-i _REGEXP_, --exclude-package _REGEXP_

Ignore services associated with the matching package name.

-x _TYPE:__REGEXP_, --exclude _TYPE:__REGEXP_

Exclude items matching the pattern (types: package, unit, program, pid, file).

-e _PID_

Exclude processes with this PID.

-b _FILE_, --blocklistfile _FILE_

Ignore deleted files matching patterns in FILE.

-h, --help

Display help information.