Comment on Determining the efficacy of a restart from a bash script (Debian)
barkingspiders@infosec.pub 2 months ago
There’s a package that handles most people’s needs called unattended-upgrade
. Has some options and some logic to do things like this. Check it out and let me know if you have any questions. Been using it on hundreds of servers for 5+ years.
barkingspiders@infosec.pub 2 months ago
I’m reading this again and had another thought. On an average Debian server reboot-required is really only ever triggered by kernel upgrades and those happen more often than you want but also not very often. They are also usually worth installing for either security or performance improvements.
It’s usually ok to just set a convenient time for
unattended-upgrades
to run, let it watch forreboot-required
and then reboot automatically. If your services can’t handle starting at boot or turning off gracefully then you will have other problems anyway.On the other hand, if even a few minutes of downtime every couple of months at a scheduled time is too much, just disable AUTO-REBOOT in the config file and do it by hand whenever it works for you. It’s all good. Do what works best for you, that’s the best part of Linux.
needs-restart
is another great package that will check if package updates should restart any services to take effect and restart them if so. Goes nicely withunattended-upgrades
sxan@midwest.social 2 months ago
Cries in Arch