Are system updates without reboots possible?

[Arthur Chance]

The latest security advisory on openssl contains the usual mantra

"Restart all deamons using the library, or reboot the system."

I usually just reboot but find myself wondering if there's a reliable 
*automatic* way of identifying which running programs use any given 
library (or set of libraries), and identify whether or not they're 
daemons controlled by service(8).

I suppose root could use ps and ldd to identify affected programs, but 
this seems like brute force and I can't see how to tie into the 
service(8) structure.

Anybody got ideas on this? It could be useful for updating servers you'd 
rather not reboot.

-- 
Moore's Law of Mad Science: Every eighteen months, the minimum IQ
necessary to destroy the world drops by one point.