Jerry Geis wrote:
What is the rule of thumb for reboots after updates...
I'd say the rule of thumb is to do whatever works best for you, and that you'll likely get quite the variety of different responses. ;o)
Certainly if I update from 5.2 to 5.3 I reboot.
But if you update something like krb5 or pam does that require a reboot? Does the "fix" get automatically loaded and used or do you just do a reboot always?
If the kernel gets updated, obviously it goes without saying that you need to reboot for that. Also for 'init', or any of its dependencies. For pretty much everything else, you just need to restart anything that has gotten updated, or anything that depends on anything that just got updated. If various libraries receive security updates for example, and you do not restart every application that is using that library, then you wont be using the "secure" or "bug fixed" version until those running apps are all restarted.
In general, "init 1" followed by "init 3" or "init 5" will do the job slightly faster than a full reboot if time matters at all, but a full reboot is just "simple" to perform and has 100% certainty that any and every possible package that just got updated is definitely restarted with the new version, new libraries, new data files, etc.
The time it takes you to determine what all pieces of running software need to be restarted to be securely using anything that just got updated, is likely to be greater than the time it takes to do a simple reboot or init 1 / init 3/5.
So, I would say "reboot" is the simplest, safest, foolproof way to ensure you're running updates even if some people will balk at the idea that you have to reboot a Linux system. You don't have to of course, but life is short and rebooting is fast. ;o)