1 |
On Friday 28 April 2006 20:04, Phil Sexton <philsexton@×××××××.net> wrote |
2 |
about 'Re: [gentoo-user] When to reboot after updates to the system': |
3 |
> Kevin wrote: |
4 |
> > Hi All- |
5 |
> > |
6 |
> > I've read the portage documentation at |
7 |
> > http://www.gentoo.org/doc/en/index.xml?catid=gentoo and I've searched |
8 |
> > and browsed the gentoo-user mailing list archive, but I have a |
9 |
> > question that I don't see answered anywhere. |
10 |
> > |
11 |
> > It seems to me that it must be true that sometimes, after a system |
12 |
> > upgrade done with: |
13 |
> > |
14 |
> > emerge -uD system |
15 |
> > or |
16 |
> > emerge -uD world |
17 |
> > |
18 |
> > I must reboot the computer for the changes to take effect. |
19 |
> |
20 |
> I reboot if I need to install or change hardware. As far as |
21 |
> updates go, you may have to reboot after compiling a new kernel. |
22 |
> |
23 |
> I think that I may have read somewhere how to change kernels |
24 |
> without rebooting, so you may not even need to reboot for any |
25 |
> software. |
26 |
|
27 |
Theoretically it's possible just by writing to /proc/kmem -- IIRC, that was |
28 |
one of the reasons it was writable: so you could apply (binary) patches |
29 |
against a running kernel. |
30 |
|
31 |
I've never seen any non-malware that does so. There is a GPL'd |
32 |
proof-of-concept rootkit that will hide its existence by |
33 |
modifying /proc/kmem. (The rootkit doesn't actually do anything malicious |
34 |
and you have to have root access to modify /proc/kmem; the rootkit was |
35 |
just showing how to do this trickery without loading a module) |
36 |
|
37 |
There's also the new kexec feature option in mm kernels (and it might have |
38 |
come mainline) that allows the kernel to start another kernel instead of |
39 |
rebooting your hardware. That's basically as bad as a reboot anyway, |
40 |
because all services come down and all users are kicked out -- it is |
41 |
faster though, because you don't go down to the bootloader/BIOS level. |
42 |
|
43 |
I found it (or my hardware) was a little bit buggy. My USB drivers would |
44 |
only work every other kexec. Since I use a USB keyboard, this wasn't a |
45 |
workable solution. |
46 |
|
47 |
-- |
48 |
"If there's one thing we've established over the years, |
49 |
it's that the vast majority of our users don't have the slightest |
50 |
clue what's best for them in terms of package stability." |
51 |
-- Gentoo Developer Ciaran McCreesh |