Comment on Determining the efficacy of a restart from a bash script (Debian)
barkingspiders@infosec.pub 1 week ago
There’s a package that handles most people’s needs called unattended-upgrade. Has some options and some logic to do things like this. Check it out and let me know if you have any questions. Been using it on hundreds of servers for 5+ years.
barkingspiders@infosec.pub 1 week ago
I’m reading this again and had another thought. On an average Debian server reboot-required is really only ever triggered by kernel upgrades and those happen more often than you want but also not very often. They are also usually worth installing for either security or performance improvements.
It’s usually ok to just set a convenient time for
unattended-upgradesto run, let it watch forreboot-requiredand then reboot automatically. If your services can’t handle starting at boot or turning off gracefully then you will have other problems anyway.On the other hand, if even a few minutes of downtime every couple of months at a scheduled time is too much, just disable AUTO-REBOOT in the config file and do it by hand whenever it works for you. It’s all good. Do what works best for you, that’s the best part of Linux.
needs-restartis another great package that will check if package updates should restart any services to take effect and restart them if so. Goes nicely withunattended-upgradessxan@midwest.social 1 week ago
Cries in Arch