The problem with lsof is that a large number of files on /usr is listed, and I can?t tell which of them need to be closed and which can stay open.
I have always understood that *any* open files would prevent a partition from being unmounted, and I assume the same is true for remounting the partition as read-only.
Well, afair you cannot unmount a filesystem while your current working directory resides in the filesystem you´re trying to unmount. You´ll just get the message ´[foo] is busy´.
But you _can_ do a remount in such cases, so there´s some difference between unmounting and remounting. In most cases, you can do a remount but not an unmount.
Therefore, using this assumption, *every* file listed via "lsof +D /usr" must be closed before the kernel will permit the partition to be unmounted or remounted.
But perhaps I'm wrong.
Anyone in the know care to set me straight?
Hm, I´m not sure about dismounting a filesystem, but you actually can do remounts without closing all open files. Only in some situations, it doesn´t work.
My idea (just guessing) of it is that processes have somehow loaded files into memory that get replaced by installing some security update. As long as these processes continue to run, the old files remain in a state that prevents the filesystem from being remounted. In particular, this may affect files that are used by several processes at once.
This could mean that just installing a security update is not sufficient for instances where multiple processes access related files, or where processes that would be affected by the update are continously running.
That´s an interesting question for the people concerned about security ... Do we always have to reboot after installing a security update to make sure that the update is actually used rather than just installed?
GH
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
