On Fri, 12.09.14 18:37, Reindl Harald (h.reindl(a)thelounge.net) wrote:
Am 12.09.2014 um 18:33 schrieb Nathanael d. Noblet:
> So I don't use Firefox anymore but I do know back in the day if we had
> FF open when we updated it would do a double request for each page/form.
> However when updating we just restarted FF and it would work fine after
> that. I've never noticed any other issues than FF but like I said I
> don't use it anymore.
> Granted that doesn't matter obviously we don't want that kind of
> I am curious though. Everyone says the only way to do it securely and
> safely is with nothing running. Why can't updates be applied with stuff
> running prior to a reboot?
1 out of a million cases needs offline updates
really - the only good at it is that you can stick
at using YUM and decide what you have to do at your
own - rarely updates really require a reboot
* lsof | grep DEL | grep /usr and restart services on servers
Well, some deps are not visible like that, because they do not involve
continuous mappings or open fds.
Moreover, it won't help you much anyway, as some daemons are not
restarble right now, most prominently dbus-daemon.
And strictly speaking as you cannot restart all daemons at the very
same instant, or even at the same instant as you install the new files
and remove the old ones you will always have races where daemons might
make use of resources or interfaces that are either newer than what
they expect or older.
offline updates are really about make updates fully reliable. Yes, in
most cases a "yum update" during runtime works well enough, and yes, I
usually do my updates that way too. But I am actually able to help
myself if something goes wrong. And so are you.
Offline updates are more for the cases where things need to be
reliable, because no well educated admin is available to instantly fix
things. Possibly because the machine is used by noobs only, or because
the machine is buried somewhere under the see, or where so many
instances of the machine are running that a human admins don't scale.
Hope that makes some sense.
Lennart Poettering, Red Hat