You are here
Introducing PMR, a Tool Using procfs, systemd, and cgroups to Perform Minimum-Impact daemon and Library Updates
David Strauss, Pantheon
As we distribute security information and updates ever-faster, administrators must respond quickly to minimize vulnerability and downtime. But, those are often in conflict because it's hard to identify a more careful way to apply an update than rebooting entire servers.
Fortunately, modern Linux kernels show which executables and libraries are loaded into which running process IDs. systemd uses cgroups to track which process IDs belong to which services. Combined, it's possible to identify exactly what services require restarting or reloading after installing updates to files on disk.
A free, open-source tool called PMR (""The Process Maps Restarter"") [https://github.com/pantheon-systems/pmr] automates the demonstrated technique.
If you’ve ever deployed an enterprise website, chances are you’ve benefited from one of the tools David's developed. After co-founding Four Kitchens, a successful web development shop, David found himself gravitating away from custom client work and toward infrastructure solutions. Large clients like Creative Commons, Internet Archive, The Economist, and Wikimedia had already benefited from his scalability and database optimization work. Now, his focus is Pantheon, where he's building an infrastructure to support developers and organizations through building, testing, and deploying content management sites.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.