[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
David Bell wrote: > On Wednesday 22 November 2006 13:43, Ben Goodger wrote: >> >> Er, no... the norm has always been to reload the service that was updated >> (usually done by APT) and then continue. In the world of Joe User, this >> should be constrained to logging in and out again if the update is >> major-ish, or just carrying on as normal otherwise. > > No - the norm, as far as I'm concerned (as I said above) is to reboot. > Thus agreeing with Simon ;) Ben is right that often all that is needed is the service restart, and that "apt" usually does this. Indeed the libc upgrade in the Sarge to Etch upgrade is very good on explaining this, and offering to restart relevant services. Although it specifically leaves some services, and suggests you reboot/restart them after the upgrade is complete, but then you get a kernel update as well with Etch. I found I had "stale libraries" in use with Postfix, which in Debian is run chrooted, and needs to be restarted for the scripts to automatically maintain the chroot jailed versions of libraries. But not all Debian scripts which update libraries reliably restart all the services that depend on them. Indeed these relationships can be quite subtle, with multiple versions of various applications (apache, postfix) and applications with different ways of working (xinetd/inetd, versus standalone). For the desktop the situation is messy, because we are seeing apps appearing that don't terminate when a user logs out, and so can keep stale libraries open even between restarts of the window manager. But for server type environments, we have long running processes and scripts, which usually run 24x7 and I get paged if they stop. There are tools around for Debian (and not doubt elsewhere) to help spot when such applications are using stale libraries, but for many users it is simply easier to reboot. Indeed making sure everything still works correctly with the new libraries is probably more crucial than the vague security vulnerabilities being patched. But my main message is that one can over value uptime, over good maintenance. Rebooting after upgrades is also a good way to make sure the upgrade won't stop the machine coming up later when you get the inevitable power interruption or need to power down when the upgrade is long forgotten except for the administrator diary or notes. The other lesson I learnt the hard way, is when working on machines you don't know well it can pay to reboot and make sure it comes up clean before applying any changes. Otherwise you'll assume you broken something, which was in fact already broken.
Attachment:
signature.asc
Description: OpenPGP digital signature
-- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html