Hello mates,

As you know, in arch Linux the kernel is updated frequently but, is mandatory or good practice reboot any time the kernel is updated?

Edit: Thank you guys for your replies

  • Admetus
    link
    fedilink
    arrow-up
    3
    ·
    1 year ago

    I’ve heard about Linux servers running for years. But surely they change kernel without a reboot? More of a curious question.

    • EddyBot@feddit.de
      link
      fedilink
      arrow-up
      8
      ·
      1 year ago

      there is live kernel patching, most distros (like Arch Linux) however don’t set this up by default
      there is also the possibility that one live patch don’t work properly
      the only reliable way currently to load the full new kernel is via reboot

      the real way for server however is to not rely on one single server but have a redundant amount which you can reboot one at a time

      • Auli@lemmy.ca
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        Last time I tried replacing the kernel without a reboot it still reset the uptime. And it had about as long of a pause when replacing the kernel as a reboot had. So I don’t see the benefit.

    • Kangie@lemmy.srcfiles.zip
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      1 year ago

      It’s possible to switch to a new kernel without rebooting using kexec (though you’re going to drop run levels anyway…), and kernels may be livepatched using various services. Realistically though, if your service can’t handle a particular server being offline for a few minutes to reboot and is too critical to schedule an outage for regular patching you’re doing something wrong.

    • bitwaba@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      You don’t need to change kernel if the one you have works fine.

      For gaming PCs you’re often running hardware that gets improved in the kernel often. For servers, as long as you’re not trying to squeeze every once of performance out of it you can get by with way behind bleeding edge kernels.

      One of the easiest attack vectors to secure on a kernel is compiling all your modules directly into the kernel and disabling loadable kernel modules.

      Once you’ve got a kernel that has all the bells and whistles you need compiled into it, it’s relatively mature enough to have it’s bugs worked out (like an LTS kernel that’s been out for a month or so), and you’ve applied proper system and kernel hardening configs, that server can run undisturbed for quite a while.