On Thu, 28 Feb 2019 19:55:59 +0100 Michael Biebl <bi...@debian.org> wrote:
> On Wed, 16 Jan 2019 12:44:28 -0600 "Karl O. Pinc" <k...@meme.com> > wrote: > > systemd security updates to stable > > systemd (232-25+deb9u8) stretch-security; urgency=high > > systemd (232-25+deb9u7) stretch-security; urgency=high > > required reboot to take effect, but /var/run/reboot-required > > was not `touch`ed. Therefore the unattended-upgrades > > package did not notify the user that a reboot is required. > > (There were related upgrades to udev and other packages.) > > > > There are probably many systems which installed the > > upgrade automatically but did not reboot and so the > > patch did not take effect. > > > > "The Internet" says that it is the postinst script which > > should touch /var/run/reboot-required. > > > > This should probably be /run/reboot-required, /var/run is a symlink > to /run. Yes. See latest debian policy doc patch at: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919507 > That said, an update of the systemd package does not strictly require > a reboot of the system. We do reexec PID 1 and restart all binaries > (besides logind), so I'm a bit undecided if we should actually trigger > that message or not. If systemd restarts all of its processes which are affected by package upgrade then the only reason to require a restart would be if some changes in new systemd packages required a restart of non-systemd components. So maybe this is a non-bug. Regards, Karl <k...@meme.com> Free Software: "You don't pay back, you pay forward." -- Robert A. Heinlein
