Hi,

I do believe from time to time there are important updates that need you to reboot your server, but how often? I’m thinking about kernel updates, let’s say every month… What are you practices and recommendations?

  • TheGingerDog@lemmy.world
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    Depends on the situation - if it’s my own server, I’m happy rebooting them (almost) whenever.

    If it’s a customer’s server, then it may be anything from monthly to annually …

  • macattack@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    I am running a laptop server. Currently reboot once every few weeks, but looking to potentially set up a nightly shutdown/reboot when I’m sleeping since it’s just for me.

  • cbarrick@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    1 year ago

    Periodic reboots are useful for a hands-off approach to security patching.

    For most use cases, all software should be restarted after it receives a security patch.

    If your threat model allows a latency of, say, 14 days between patch release and patch applied, then the simplest solution is to just enable unattended updates to install patches as soon as they are released, and then impose a 14 day uptime limit to periodically restart the patched software.

    You could always take a more hands-on approach and pay attention to which software is updated and only restart the specific services that are patched. But that’s expensive, and humans are fallible. Almost everyone, from hobbyists to enterprises, is better off with a dumb uptime limit instead.

    Of course, if you’re just a hobbyists, then your threat model may be so lax that you don’t need to bother with any of this. Just reboot when you install kernel updates.