Handling System Restart Required on Ubuntu
Seeing *** System restart required *** every time you log on to your Ubuntu server? Here's why you see this and what you can do with it.
Seeing *** System restart required *** every time you log on to your Ubuntu server? You are not alone.
If you use an Ubuntu server, you might have come across the message that notifies you that your system needs a restart. This specially happens if you are using a Digital Ocean droplet.
What is this message? Why you see it and should you really restart your server that could result in a downtime? I’ll explain all these things in this article.
What to do with System Restart Required message on Ubuntu?
The message is self-explanatory for the most part. Your Linux system thinks that system should be restarted. Usually you would see this message after installing kernel updates. Some security patches will only come into effect when you reboot the system.
How do you know if it was a kernel update that caused the system restart request? There is a way to find it out.
You can check the content of the file /var/run/reboot-required.pkgs:
cat /var/run/reboot-required.pkgs
linux-base
linux-base
In my case, the restart was request by the Linux image base package. You may also see something like linux-image-x.x.x-xx-generic. This indicates that a recent Linux kernel update needs a system restart.
Should you really restart your system every time you see *** System Restart Required ***?
That’s the important question. A restart equals a downtime. Services and applications running on the server will be unavailable for duration of the restart unless you have a better mechanism like a load balancer in place. Imagine losing traffic to your website or service disruption because of the restart.
But not restarting your system could also mean that important updates won’t be applied properly and your server would be vulnerable.
What should you do? Should you restart the server or not?
One way could be to see the latest changelog of the package that requested the restart.
xargs apt-get changelog < /var/run/reboot-required.pkgs
The changelog will show the entire history of the said package. You should only look at the latest entry in the changelog and see if it displays an urgency of high, emergency or critical. If that’s the case, you must restart Ubuntu server.
linux-base (4.5ubuntu1~16.04.1) xenial; urgency=low
* Update xenial to the latest linux-base. (LP: #1766728)
-- Thadeu Lima de Souza Cascardo <[email protected]> Tue, 24 Apr 2018 18:36:02 -0300
If the urgency is low or medium, it’s up to you if you want to restart the server or not. You may also delete the file /var/run/reboot-required so that it won’ show you the ***System Restart Required*** at the login. This message may return in future if a newer system update thinks that system restart is needed.
When should you restart the server?
Best practice in the industry is to restart the system at the lowest activity time. If you are managing your server for a while, you should have an idea when your server is at its lowest network usage. Server restart normally takes less than a minute if it’s one of the VPS or cloud servers offered by Linode or Digital Ocean.
You don’t need to be online while restarting the server. Just use the shutdown command in Linux and schedule a reboot. However, it’s a good practice to monitor these activities for unintended behaviors.
How to avoid a restart even for security patches
I understand that you wouldn’t want to restart your system even during low activity time. Thankfully, Ubuntu’s parent company, Canonical, does provide a way to handle this.
With their live patching service, you can install updates to your Linux kernel without restarting the server. This service is free for personal usage on three Ubuntu installs. You’ll have to create an Ubuntu One account for using the livepatch service.
Bottom line
A system restart is generally required when an update to the Linux kernel has been installed. Its really up to you what you want to do if you see the ‘System restart required’ message.
If you can restart the system, you should do it. If there are constraints, restart your system for high, critical or emergency patches. Using Canonical Livepatch service is also a good idea.
I hope you learned a few new things about system patches and checking changelog. If you have questions or suggestions, please do leave a comment below.
Creator of Linux Handbook and It's FOSS. An ardent Linux user & open source promoter. Huge fan of classic detective mysteries from Agatha Christie and Sherlock Holmes to Columbo & Ellery Queen.