-
Notifications
You must be signed in to change notification settings - Fork 107
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Change systemd_postun to systemd_postun_restart #937
base: master
Are you sure you want to change the base?
Conversation
showcaseing this from this morning (4.4.2024):
|
@tiggi, thanks for your help, but I'm not entirely sure we really want this. I kinda expect that I will need to trigger service restart either manually or by using some automation tools like Ansible when I do software upgrades. It is also sometimes necessary to adjust configuration files or flags after the upgrade and before service restart. @lest, what's your take on this? |
The point is that for daemons you are supposed to use the _restart version so that a yum upgrade tells systemd to restart the daemon. Upgrading a package and manually having to restart is not how it's supposed to be done. Case study: there is a security incident, a new version is pushed out.... but the old exploitable version continues to run even when a check with rpm -q shows that the newest version is installed. |
I'm not entirely sure I agree on this, would you expect package manager to automatically restart PostgreSQL if there is an update installed?
Same with kernel, generally you need to restart the system manually despite the fact that rpm -q will show that you've got newer version installed. For what it's worth, I've just upgraded firewalld, docker-ce and openssh-server packages on one Oracle Linux 8 VM, and in all of these cases related services were restarted automatically. |
Just a little note, the correct macro name seems to be: like: |
Yes, in critical systems, package updates are not accidental. Package versions are locked using However, consider the opposite scenario, let's call it "spontaneous updating" (
I understand your concerns, but the live patching mechanism is becoming more popular in the Linux Kernel. Automatic updates can also trigger a reboot: So, not everyone is satisfied with the current state of things. |
Oops. Will fix immediately. |
Change the spec template to call systemd_postun_restart instead of %systemd_postun %{name}.service.
Currently the behavior is that a "yum update" updates the software but never restarts the daemons if they are running,
leaving the old binary to serve out data.
The _restart method changes this to restart the service if it's started.