Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
hi,
I need to upgrade my libpcap library in a rhl machine running in 2.4.20-8 kernel. this machine runs squid, iptables, httpd, snmpd, mrtg, squidarg for the main sw's. the outgoing libpcap is libpcap-0.7.2-1 and the incoming is libpcap-0.9.4. i am thinking to run darkstat in this machine. can upgrading libpcap become nuisance, i mean can it adversely affect other running app's in this machine that depends on the old libpcap, i am so unsure how to think rationally here or what to backup before the upgrade.
Since it's RHL territory, why not found out the RHL way what requires libpcap? "rpm -q --whatrequires libpcap.so.0.7.2" should show which packages depend on it. Use "ldd" on non-static binaries that are not part of rpm's.
Libpcap is backward compatible and I haven't seen any real probs upgrading it. Sure you can have multiple versions to compile against or use / preload with (LD_LIBRARY_PATH), but unless you have custom-built SW that requires it you won't need it. If you would want to back something up it should be the original rpm (not --repackage): if it's still on mirrors that's unnecessary. BTW wrt updating, you're using Fedora Legacy, right?
[root@myhost root]# rpm -q --whatrequires libpcap.so.0.7.2
no package requires libpcap.so.0.7.2
how correct is this thing?
@unspawn
no i have no custom sw running in this machine and i am not using the fedora legacy updates. but i think i should, i think i should move it to some latest release or atleast upgrade the softwares, but this machine is constantly used 24/7/365, all the more reason to upgrade, but i think i have been following the theme of "if it's not broken, don't fix it" thing. i should plan to upgrade it.
how correct is this thing?
"This thing" aka the RPM database is correct for any well-formed data entered by installing packages: if it says "no" then there prolly are none.
no i have no custom sw running in this machine
If you distrust the RPM db or have custom packages you would do a "find" then either "ldd $binary|grep -q libpcap" or "nm $binary|grep -q pcap_version". An imperfect but fast way would be to look at what binaries do packet captures or need features, apart from specialist tools like P0f, Snort and rootkit sniffers most names match "^tcp.*" like tcpdump, tcptraceroute, tcpslice, etc, etc...
i am not using the fedora legacy updates. but i think i should
Yes you definately should. What deprecated and EOL'ed release are we talking about?
well now i check it out thoroughly, yeah there are a couple of other sw's running besides what i have already mentioned. chkrootkit, ntop are particularly the mains. these were not rpm installations BTW. beside ntop, i don't think chkrootkit would depend on the libpcap lib. ntop can be reinstalled again if it breaks. i just wanted to be sure the essential services like squid and iptables are not affected in anyway.
you are right unspawn, i am running an outdated, deprecated and EOL'ed release (its rhl 8 btw). its been up&running since aug 2003, my predecessor (who's still alive and kicking) configured it and i am actually just using it and using it hard. ok i will talk with him regarding a upgrade, you know i need to take permissions before i set out to do anything (but hey i am still root but). thanx for the guidance.
beside ntop, i don't think chkrootkit would depend on the libpcap lib.
It doesn't. Maybe a false positive using a too short searchterm? The only place pcap is mentioned in the *source* (nearly all Chkrootkit binaries being compiled static by default) is in ifpromisc.c (OK, stale version 0.43 that is).
its rhl 8 btw
If you can, upgrade to RHL 9. Then you have Fedora Legacy support. IIRC: they recently had to jettison support for some releases due to lack of community involvement. If this is a box with legacy SW and you need to stay close to RH then maybe look at CentOS-3.
no i don't think rhl is a neccessity or requirement, if i upgrade it would most probably be with a bsd linux. i don't exactly know why but i have grown fond to bsd style after i started using slackware, cent-os is a close option, i have a 4.3 in my box just need to burn it.
i ended up upgrading the libpcap library for now. yeah nothing broke (till now!). this is just a temporary since we have decided to go for an upgrade. against all odds, rhl9 will be it but first i need to find a public holiday.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.