On Ubuntu, when this message is shown, most of the updates except the kernel are already applied so you are mostly pretty secure. And you can choose when that will happen. And it’s just a normal reboot.
On Windows, IIRC, you are blocked during the whole update process which can take several minutes.
Ubuntu's stable builds do not upgrade kernel and its close vicinity every week, AFAIK. I have a couple of servers with unattended updates enabled, and they do not greet me with "System Reboot Required" banner every week, and if that's required, the server is back with all services running <30 seconds.
OTOH, I upgraded my parents' PC yesterday, after three months of downtime. It really took at least two hours and four reboots. The machine was screaming and the task manager showed a blue rectangle for CPU load (uninterrupted 100%) and a green one for the disk load (again, uninterrupted 100%) while nothing was usable all the time.
Same process takes <10m in Linux (specifically Debian), and an optional reboot, without any hardware load drama.
Not to derail but there are issues with kernel patching. If it does work you start building a very large matrix of various levels of hot patches and then sometimes it just doesn’t.
If my company was worth a trillion dollars and an entire multi-billion dollar industry (cybersecurity) had grown because of my security inadequacies I would figure it out.
In fact, they already figured out hotpatching and will sell it to you for server 2025.
Note, that you can also keep the userspace unchanged by hibernating and then choosing the new kernel on boot. It is not truly live patching, since you have still downtime, but pretty close.
pjerem|3 months ago
On Windows, IIRC, you are blocked during the whole update process which can take several minutes.
bayindirh|3 months ago
OTOH, I upgraded my parents' PC yesterday, after three months of downtime. It really took at least two hours and four reboots. The machine was screaming and the task manager showed a blue rectangle for CPU load (uninterrupted 100%) and a green one for the disk load (again, uninterrupted 100%) while nothing was usable all the time.
Same process takes <10m in Linux (specifically Debian), and an optional reboot, without any hardware load drama.
BikiniPrince|3 months ago
mapontosevenths|3 months ago
In fact, they already figured out hotpatching and will sell it to you for server 2025.
mapontosevenths|3 months ago
Off topic, but I'm pretty sure that Ubuntu's livepatching is just kpatch under the hood,
https://ubuntu.com/blog/an-overview-of-live-kernel-patching
1718627440|3 months ago