On Fri, May 06, 2011 at 09:45:31AM -0400, Ben M. wrote: > With CentOS Xen 5.6 (standard installation, SELinux enabled) is there an FAQ or > general user consensus as to when to do a reboot after what updates? In my opinion, is the change sufficiently urgent that existing running processes need to pick it up? For example, a glibc patch means the new glibc will be executed by new processes, but already running programs will have the old glibc mapped into memory; if there's a security issue with the old glibc then already running processes may still be exploitable. Another example could be the tzdata patches; if your timezone is impacted then existing processes may not pick up the changes unless they're restarted. Of course a new kernel doesn't run until you reboot :-) I tend to reboot after glibc and kernel patches, but not normally after any other (but I do restart services as necessary, eg httpd after an apache patch). -- rgds Stephen _______________________________________________ CentOS-virt mailing list CentOS-virt@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos-virt
