Debian 11 as server: how often do you reboot it and why? (lemmy.world)

submitted 1 year ago by [email protected] to c/[email protected]

10 comments fedilink hide all child comments

Hi,

I do believe from time to time there are important updates that need you to reboot your server, but how often? I'm thinking about kernel updates, let's say every month... What are you practices and recommendations?

you are viewing a single comment's thread
view the rest of the comments

[-] [email protected] 1 points 1 year ago* (last edited 1 year ago)

Periodic reboots are useful for a hands-off approach to security patching.

For most use cases, all software should be restarted after it receives a security patch.

If your threat model allows a latency of, say, 14 days between patch release and patch applied, then the simplest solution is to just enable unattended updates to install patches as soon as they are released, and then impose a 14 day uptime limit to periodically restart the patched software.

You could always take a more hands-on approach and pay attention to which software is updated and only restart the specific services that are patched. But that's expensive, and humans are fallible. Almost everyone, from hobbyists to enterprises, is better off with a dumb uptime limit instead.

Of course, if you're just a hobbyists, then your threat model may be so lax that you don't need to bother with any of this. Just reboot when you install kernel updates.

this post was submitted on 14 Sep 2023

11 points (100.0% liked)

Debian

837 readers

4 users here now

❤️ Debian

Rules

Keep it about Debian.
Be respectful.
Engage in constructive discussions.
Please, no harassment, hate speech, or trolling.

founded 1 year ago

MODERATORS

[email protected]