Hello mates,
As you know, in arch Linux the kernel is updated frequently but, is mandatory or good practice reboot any time the kernel is updated?
Edit: Thank you guys for your replies
Good practice, you won’t see the update until you reboot and I suppose it could cause problems if other packages were updated at the same time and rely on the updated kernel
An update is only truly done once no remnants of the old code is in memory. Code can stick around in the form of binaries (restart the binaries), libraries (restart all binaries that use this library) and the kernel (reboot or use kexec).
One very simple way to make sure no old code sticks around is to reboot:-)
You don’t have to, but you could run into issues because when a kernel is updated its modules are unloaded. So, for example, you won’t be able to load external drives until you reboot or manually load the needed module.
I’ve had issues after updating the kernel and ignoring it. I WFH and all of a sudden my sound would stop working or something else may stop. I found it much easier just to reboot after.
I’ve heard about Linux servers running for years. But surely they change kernel without a reboot? More of a curious question.
there is live kernel patching, most distros (like Arch Linux) however don’t set this up by default
there is also the possibility that one live patch don’t work properly
the only reliable way currently to load the full new kernel is via rebootthe real way for server however is to not rely on one single server but have a redundant amount which you can reboot one at a time
Last time I tried replacing the kernel without a reboot it still reset the uptime. And it had about as long of a pause when replacing the kernel as a reboot had. So I don’t see the benefit.
You don’t need to change kernel if the one you have works fine.
For gaming PCs you’re often running hardware that gets improved in the kernel often. For servers, as long as you’re not trying to squeeze every once of performance out of it you can get by with way behind bleeding edge kernels.
One of the easiest attack vectors to secure on a kernel is compiling all your modules directly into the kernel and disabling loadable kernel modules.
Once you’ve got a kernel that has all the bells and whistles you need compiled into it, it’s relatively mature enough to have it’s bugs worked out (like an LTS kernel that’s been out for a month or so), and you’ve applied proper system and kernel hardening configs, that server can run undisturbed for quite a while.
