On Wed, Oct 5, 2011 at 12:54 AM, Marc Deslauriers < marc.deslauri...@canonical.com> wrote:
> Right now, the best way we have of determining if we're a server or a > desktop is to check if X is running. It's not ideal, and suggestions are > welcome. > I think my question is suggesting that there really isn't a principled distinction between "desktop" and "server" for things like this. > We need a way for sysadmins to get notifications that some of the major > automatic updates they are installing, such as openssl and the kernel, > require services and/or the system to get restarted after a security > update. The mechanism we have now is the reboot notification tool. > It's the right tool, but the correct approach is the standard one: Debian packages should do in-place upgrades, except the kernel. With libc much work was spent figuring out what to restart and how, and it works. openssl should do the same thing. > I agree that a lot of libraries can have security issues also, and in > fact, most of the server packages will gracefully restart when they get > security updates. For openssl, and a few other select libraries, things > are different. Security issues in openssl usually are of importance for > network servers, and automatically restarting all the running daemons > isn't an option, especially since the server could be running software > that wasn't installed from packages in the archive. In this case, the > reboot notification indicates to the sysadmin that manual intervention > is needed. If the sysadmin decides that nothing on his server is > affected, he can simply remove the reboot notification file. Yes, this > solution is far from perfect, but the alternative is to disable > notifications completely, which is not a viable option. Not running X doesn't mean that someone is running ssl servers, right? Why not look for ssl servers, specifically, and only if there are ssl servers running, call for the reboot? Thomas -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/244250 Title: Spurious reboot notifications caused by libssl upgrades. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/244250/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
