LinuxCommandLibrary
GitHubF-DroidGoogle Play Store

checkrestart

find processes using outdated shared libraries

TLDR

Check for processes using deleted libraries
$ sudo checkrestart
copy
Show verbose output with deleted file details
$ sudo checkrestart -v
copy
Only report processes belonging to a package
$ sudo checkrestart -p
copy
Show terse output suitable for monitoring tools
$ sudo checkrestart -t
copy
Output in machine-readable tab-separated format
$ sudo checkrestart -m
copy
Exclude a specific package from results
$ sudo checkrestart -i [package_name]
copy

SYNOPSIS

checkrestart [options]

DESCRIPTION

checkrestart identifies processes that are still using old (deleted) versions of libraries after upgrades. When system libraries are updated, running processes continue using the old versions loaded in memory. This tool finds these processes so they can be restarted to use the new libraries.
After package updates, especially security patches, critical services may still run vulnerable code until restarted. checkrestart scans **/proc/*/maps** for references to deleted library files and reports affected processes with suggested restart commands.
The tool integrates with system init systems to suggest appropriate service restart commands (systemctl restart, service restart). For non-service processes, it reports the process name and PID.

PARAMETERS

-v, --verbose

Verbose output, enables -f and shows reasons for exclusions.
-f, --show-files
List the deleted files and which program is using them.
-d, --debug
Include debugging details in output, enables -v.
-t, --terse
Terse single-line output suitable for Nagios and similar monitoring tools.
-m, --machine
Machine-readable output; each line is tab-separated.
-p, --package
Only report processes that belong to a package.
-a, --all
Prevent exclude.conf and local-exclude.conf from being read.
-n, --no-lsof
Do not use lsof(8) even if available.
-i REGEXP, --exclude-package REGEXP
Ignore services associated with the matching package name.
-x [TYPE:]REGEXP, --exclude [TYPE:]REGEXP
Exclude items matching the pattern (types: package, unit, program, pid, file).
-e PID
Exclude processes with this PID.
-b FILE, --blocklistfile FILE
Ignore deleted files matching patterns in FILE.
-h, --help
Display help information.

CAVEATS

Requires root privileges to scan all processes. Some processes may be difficult to restart safely (X server, session manager). The tool cannot detect all cases where restart is needed. Kernel updates require a full reboot, not just process restart.

HISTORY

checkrestart is part of the debian-goodies package, a collection of utilities for Debian systems. It was created to help system administrators identify which services need restarting after library updates, a common concern in security-conscious environments. Similar functionality exists in other tools like needs-restarting in the Red Hat ecosystem.

SEE ALSO

needrestart(1), lsof(8), apt(8), needs-restarting(1)

Copied to clipboard
Kai