[OmniOS-discuss] OpenSSL now updated!
Eric Sproul
eric.sproul at circonus.com
Fri Mar 20 14:14:59 UTC 2015
On Fri, Mar 20, 2015 at 7:08 AM, Ben Summers <ben at fluffy.co.uk> wrote:
> I suppose a hacky script could get a list of all the libraries and executables changed in the last update, use pfiles on all processes in all zones to files which ones have those libraries open, then use svcs -p to determine which services those processes are running under, and then restart them.
Better yet, there already exists a hacky script:
http://omnios.omniti.com/media/ssl_services_to_restart.sh
This looks for running processes in the current zone that link libssl
or libcrypto and gives you a list of services that you may wish to
restart. It could be turned into something more generic, perhaps that
took the name of a shared library as an argument.
It is possible to have a package action trigger a service restart.
See ACTUATORS in pkg(5). Circonus uses this a lot to deliver and
update services via packages. One might make a case for ssl-dependent
core system services (like ssh) to be restarted by the openssl
package. It's obviously not practical for the OmniOS openssl package
to actuate your arbitrary services though. :)
Eric
More information about the OmniOS-discuss
mailing list