On Mon, 2018-01-08 at 08:00 +0100, Thomas Liske wrote: > checking if initramfs is newer than uptime might be a good idea
Possibly, but there might be false positives if the initramfs was regenerated without having updated any files in it. Also, not every initramfs contains files that are currently loaded/running. Only ones that are include microcode and Linux kernel modules, but see below. > A reboot may be also required due to updates of 3rd party > kernel modules (like DKMS) if they are part of the initramfs. Those can often just be unloaded and then reloaded again. It would be good to detect when that is needed and possible, but Linux doesn't seem to expose any info about the filesystem timestamp of the currently loaded modules. Once that is exposed, then you would have to determine if any resources the modules expose are being used by any processes/mounts/etc. Ones that aren't being used can just be unloaded/reloaded if they are compatible with the current Linux kernel ABI. Ones that are used will need a complicated dance where the services are stopped (or processes stopped), the module reloaded and services started again. > I would avoid to parse the initramfs in needrestart (would need to > handle different compression and archive file types etc.) just to look > for the microcode files. Report and recommend a reboot if there is an > updated initramfs should be sufficient, shouldn't it? Agreed, this is why I suggested to look at the files from the AMD microcode package instead. As explained above, I think that would result in some false positives. Since reboots are costly for some systems, I would recommend avoiding those false positives. -- bye, pabs https://wiki.debian.org/PaulWise
signature.asc
Description: This is a digitally signed message part
