Hate to tell you this, but both problems are still a reality whether the machine reboots automatically or not. If I manually reboot for a kernel update that breaks network access, I still won't have SSH. And if I reboot manually after every kernel update, my stability will still suffer.


On Oct 22, 2016 8:26 PM, "Jesse V" <kernelcorn@torproject.org> wrote:
On 10/22/2016 08:02 PM, Tristan wrote:
> Would it be acceptable to configure unattended-upgrades to automatically
> reboot the system when required? I already have it configured to check
> for and install all updates to Ubuntu and Tor once a day, but I still
> need to manually reboot to apply kernel upgrades.

This is not a good idea. For one, the new kernel could break your
network connection, which happened to me this morning after I rebooted a
personal machine. Second, you will reduce the uptime and stability of
your relay, thus it will lose consensus weight if you reboot the machine
once a day.

You also need to be careful with automatically installing updates in a
production environment, as one of them could break something and it
would be some time before you noticed. I prefer to review the updates
before I install them and watch the apt-get log in case there are any
issues. Debian systems may even show you the changelogs. If an update
breaks SSH for whatever reason, at least I'm logged on and can fix it.
It would be difficult to fix if the update happened automatically.

Some downsides are documented here:
https://wiki.ubuntu.com/AutomaticUpdates and elsewhere online.

--
Jesse


_______________________________________________
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays