When Does a Linux Server Require Reboot After Kernel Update? Best Practices for Webmin/YUM Users


1 views

When managing servers through Webmin using YUM package manager, kernel updates (including kernel-firmware and kernel-headers) are automatically handled during system updates. Unlike regular package updates, kernel updates require special consideration regarding server reboots.

Yes, you absolutely need to reboot your server after a kernel update. Here's why:

  • The running kernel resides in memory and cannot be swapped out like regular processes
  • New kernel modules and security patches require full system initialization
  • Hardware interactions at the lowest level need fresh initialization

To check if you're running an outdated kernel:

uname -r                       # Shows running kernel version
rpm -q kernel --last | head -1 # Shows latest installed kernel

If these show different versions, your system needs a reboot to activate the new kernel.

For mission-critical systems, consider these approaches:

# Schedule reboots using kexec for faster restarts
yum install kexec-tools
kexec -l /boot/vmlinuz-$(uname -r) --initrd=/boot/initramfs-$(uname -r).img --reuse-cmdline
systemctl kexec

Alternatively, use live patching solutions like:

# For RHEL/CentOS:
yum install kpatch
kpatch dynamic -h

For Webmin/YUM users, create a post-update script at /etc/yum/post-actions/:

#!/bin/bash
if rpm -q kernel | grep $(uname -r); then
    echo "Reboot not required"
else
    echo "Kernel updated - scheduling reboot"
    /sbin/shutdown -r +10 "Kernel update requires reboot"
fi

Add this to your Nagios/Icinga checks:

#!/usr/bin/env bash
if [ $(uname -r) != $(rpm -q kernel --last | head -1 | awk '{print $1}' | sed 's/kernel-//') ]; then
    echo "WARNING - Pending kernel update requires reboot"
    exit 1
fi

When managing servers through Webmin using yum for package management, kernel updates (including kernel-firmware and kernel-headers) present a unique operational consideration. The fundamental rule is:


# Check currently running kernel version
uname -r

# Compare with installed kernels
rpm -q kernel

Unlike most software updates, Linux kernel updates require a reboot to become active because:

  • The kernel manages core system resources (memory, CPU, devices)
  • Live patching mechanisms like kpatch have limitations
  • Driver/firmware dependencies (kernel-firmware) need fresh initialization

For production systems, consider these approaches:


# Schedule reboot using at command
echo "shutdown -r now" | at 02:00 tomorrow

# Check if reboot is needed (RHEL/CentOS)
needs-restarting -r

When using Webmin's package manager:

  1. The "Apply Updates" operation doesn't automatically reboot
  2. Kernel updates appear under "Available Updates" section
  3. Post-update actions require manual configuration

For automated environments, create a post-update script:


#!/bin/bash
# /usr/local/bin/kernel-update-handler
if rpm -q kernel-$(uname -r | cut -d- -f1-2) &>/dev/null; then
  logger "No new kernel installed"
else
  logger "New kernel detected, scheduling reboot"
  touch /var/run/reboot-required
fi

For critical systems where reboots are problematic:


# RHEL live patching (requires subscription)
yum install kpatch
kpatch update