Is it important to reboot Linux after a kernel update?

kernel linux update

Solution 1:

There is nothing really special about having a long uptime. It is generally better to have a secure system. All systems need updates at some point. You are probably already applying updates, do you schedule outages when you apply those updates? You probably should just in case something goes wrong. A reboot shouldn't that that much time really.

If your system is so sensitive to outages, you probably should be thinking about some kind of clustering setup so you update a single member of the cluster without bringing everything down.

If you are not sure about a particular update it is probably safer to schedule a reboot and apply it (preferably after testing it on another similar system).

If you are interested in learning about if the update is important take time to read the security notice, and follow the links back to the CVE or the posts/lists/blogs describing the issue. This should help you decide if the update directly applies in your case.

Even if you don't think it applies you should still consider updating your system eventually. Security is a layered approach. You should assume at some point in time those other layers may fail. Also, you might forget you have a vulnerable system because you skipped an update when you change the configuration at some later point in time.

Anyway if you want to ignore or wait for a while on update on Debian based systems you can put the package on hold. I personally like to put holds on all the kernel packages just in case.

CLI method to set a hold on a package on Debian-based systems.

dpkg --get-selections | grep 'linux-image' | sed -e 's/install/hold/' | sudo dpkg --set-selections

Solution 2:

Most updates do not require a reboot, but Kernel updates do (you can't really replace the running kernel without rebooting).

One thing I have discovered is that if your server has been running for a long time without a reboot, it's more likely to want to do disk checks (fsck) when you reboot, and this can add significantly to the time it takes to get back up and running again. Best to anticipate this and plan for it.

I have also discovered that configuration changes can sometimes get missed, and won't be noticed until a reboot (such as adding new IP addresses/iptables rules, etc) This also adds to the "risk of downtime" when rebooting infrequently.

Best to plan for some downtime when doing a reboot - or if this is not a desirable option, set your servers up in clusters so that reboots can be done if necessary.

Related

Toolkit & Habits for Linux Network & System Administration [closed]
Is there any reason to have 2 NICs on a server?
journalctl: how to display colors in its output?
djbdns vs bind [closed]
Identifying which MTA is running
How do I determine what version of Red Hat Enterprise Linux my server is running?
Highest value of max_connections in AWS RDS micro instance
Ubuntu uninstall elasticsearch
Fatal error: Can't open and lock privilege tables: Table storage engine for 'user' doesn't have this option
Count number of bytes piped from one process to another
Is there a downside to installing VNC?
How to remove access to a port using firewall on Centos7?