[Notes] needrestart vs checkrestart: Which to Use?
Overview
The needrestart command is a Debian based command used to check which processes and daemons need to be restarted after package upgrades. It was inspired by the checkrestart command, which isn’t quite as feature rich. Where checkrestart will report on which processes need restarting, needrestart will actually go the extra step of restarting services (if requested).
Comparing the tools
First thing I noticed when comparing the two is that checkrestart is a bit more thorough in the way it checks for which services need a restart:
$> checkrestart -a
lsof: WARNING: can't stat() fuse.gvfsd-fuse file system /run/user/129/gvfs
Output information may be incomplete.
lsof: WARNING: can't stat() fuse.gvfsd-fuse file system /run/user/934342/gvfs
Output information may be incomplete.
Found 40 processes using old versions of upgraded files
(27 distinct programs)
(16 distinct packages)
Of these, 11 seem to contain systemd service definitions or init scripts which can be used to restart them.
The following packages seem to have definitions that could be used
to restart their services:
nfs-common:
744 /usr/sbin/rpc.gssd
rpcbind:
852 /sbin/rpcbind
avahi-daemon:
860 /usr/sbin/avahi-daemon
909 /usr/sbin/avahi-daemon
rsyslog:
886 /usr/sbin/rsyslogd
sssd-common:
899 /usr/sbin/sssd
4854 /usr/libexec/sssd/sssd_be
19064 /usr/libexec/sssd/sssd_be
salt-minion:
1626 /usr/bin/salt-minion
1639 /usr/bin/salt-minion
cron:
1991 /usr/sbin/cron
cups-daemon:
1992 /usr/sbin/cupsd
gdm3:
2060 /usr/lib/gdm3/gdm-session-worker
pulseaudio:
2155 /usr/bin/pulseaudio
openssh-server:
4817 /usr/sbin/sshd
5171 /usr/sbin/sshd
These are the initd scripts:
service nfs-common restart
service rpcbind restart
service avahi-daemon restart
service rsyslog restart
service sssd restart
service salt-minion restart
service cron restart
service cups restart
service gdm3 restart
service pulseaudio-enable-autospawn restart
service ssh restart
These processes (5) do not seem to have an associated init script to restart them:
gnome-shell:
2271 /usr/bin/gnome-shell
xwayland:
2379 /usr/bin/Xwayland
gnome-settings-daemon:
2498 /usr/libexec/gsd-wacom
2500 /usr/libexec/gsd-color
2503 /usr/libexec/gsd-keyboard
2519 /usr/libexec/gsd-media-keys
2549 /usr/libexec/gsd-power
gvfs-daemons:
5017 /usr/libexec/gvfs-udisks2-volume-monitor
zsh:
5228 /bin/zshAccording to needrestart, there is nothing that needs to be restarted:
$> needrestart -r l
Scanning processes...
Scanning linux images...
Running kernel seems to be up-to-date.
No services need to be restarted.
No containers need to be restarted.
No user sessions are running outdated binaries.So if I’m looking to create some reporting mechanism (like a salt grain) I might be better off using check restart to scan for that data…
Or not. Running checkrestart after restarting rsyslog, it becomes obvious that checkrestart is not reporting correctly on my 20.04 machine. Even after a reboot, I’m seeing “24 distinct processes” that are using old versions of upgraded files. At this point, I’m beginning to suspect this Debian goodie doesn’t work so well on this version of Ubuntu. I think I will stick with checkrestart.
When I figure out how to properly parse the output, I will post a salt grain to help track the data. I will also make a RedHat specific version using the needs-restarting command. This is useful information to keep track of in environments that require high uptime and haven’t yet migrated to microservices,