View All Products
Compute
Storage
Networking
Databases
Services
Developer Tools
Industries
Pricing
Community
Engage With Us
Community Questions Should I reboot after 'apt upgrade"?
Log in to Ask a Question

Should I reboot after 'apt upgrade"?

I signed up for the Ubuntu notification list on security notices. At the end of the listing it says:

After a standard system update you need to reboot your computer to make all the necessary changes.

(see sample at https://ubuntu.com/security/notices/USN-4980-1 )

When you folks do a weekly "apt update/upgrade" do you ALSO reboot the server each time? (I did it yesterday… first time… it only took about 45 seconds… I was amazed… faster than my iMac at home!)

Thanks for your advice/opinion.

7 Replies

I generally use needrestart to let me know if I need to restart. Sometimes it’s just a few processes that need to be restarted, (not the whole VM) which it will prompt you restart them. Usually if there’s a large number of updates I’ll just reboot the VM.

Kernel updates need a reboot.

Will needrestart tell us if there has been any kernel updates so we know whether or not to reboot the entire server?

@Sandra Yes. Also, I believe Ubuntu has a built-in notification as well, that is, if you’re using Ubuntu.

@LouWestin writes:

Kernel updates need a reboot.

…as do major updates/upgrades to SSL/TLS.

-- sw

As I mentioned, I subscribe to: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

Many of the daily messages end with:

After a standard system update you need to reboot your computer to make all the necessary changes.

Yet I read about people who have not rebooted for a year or more? What is the story here?

There are three reasons I can immediately think of as to why there are those who haven't rebooted in more than a year.

First, there are certain Linux systems that are very stable to the point of their systems usually requiring only minor patch upgrades, and for such upgrades, reboots of the entire system may not always be needed. It depends on what you're using your server for, what may be compiled into binaries and not dependent on linking to libraries as most programs do, etc.

Second is negligence or simply being forgetful. Some people may not have upgraded their systems in more than a year, figuring that if everything is working, a reboot or upgrade isn't necessary. I would say this is probably the minority, and is a bad security practice.

Finally, if people are running their servers using the Linode kernel, modules that the kernel uses are compiled into the kernel itself, which means nothing is externally on the hard disk that might need to be accessed later, and all modules needed are loaded into memory. Any kernel upgrades that Linode makes wouldn't require that the system be rebooted immediately, unless someone wanted to take advantage of the upgrades, and all would continue working as it should without any problems. In this case, updating the operating system apart from a kernel in memory would require far less reboots, as each individual processes, including those that rely on SSL or most other things, can be rebooted independently, for the most part.

Hopefully this answered your question.

Blake

Blake:

Thank you for your gracious in-depth answer.

FYI, I'm running my Linode with a LAMP stack for a few WordPress websites as well as a few sites that are basically static HTML/Bootstrap written.

Thanks again.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct