[CentOS] when to reboot after updates

Thu Apr 9 23:23:06 UTC 2009
Mike A. Harris <mharris at mharris.ca>

Jerry Geis wrote:
> What is the rule of thumb for reboots after updates...

I'd say the rule of thumb is to do whatever works best for you, and that 
you'll likely get quite the variety of different responses.  ;o)

> Certainly if I update from 5.2 to 5.3 I reboot.
> 
> But if you update something like krb5 or pam
> does that require a reboot? Does the "fix" get automatically loaded and used
> or do you just do a reboot always?

If the kernel gets updated, obviously it goes without saying that you 
need to reboot for that.  Also for 'init', or any of its dependencies. 
For pretty much everything else, you just need to restart anything that 
has gotten updated, or anything that depends on anything that just got 
updated.  If various libraries receive security updates for example, and 
you do not restart every application that is using that library, then 
you wont be using the "secure" or "bug fixed" version until those 
running apps are all restarted.

In general, "init 1" followed by "init 3" or "init 5" will do the job 
slightly faster than a full reboot if time matters at all, but a full 
reboot is just "simple" to perform and has 100% certainty that any and 
every possible package that just got updated is definitely restarted 
with the new version, new libraries, new data files, etc.

The time it takes you to determine what all pieces of running software 
need to be restarted to be securely using anything that just got 
updated, is likely to be greater than the time it takes to do a simple 
reboot or init 1 / init 3/5.

So, I would say "reboot" is the simplest, safest, foolproof way to 
ensure you're running updates even if some people will balk at the idea 
that you have to reboot a Linux system.  You don't have to of course, 
but life is short and rebooting is fast.  ;o)