Reboot Policy
For some time we have had automated scripts to install security (and other) patches on many of the unix machines. However, these scripts have been very conservative wrt rebooting machines in order for some updates to take full effect.
Previously if any user processes were running when the patches were applied no reboot occurred and we needed to arrange with the users in question to arrange a convinient time to reboot the machines. As some machines were always running jobs (or had logged in users) the proportion of machines needing special action ended up the majority. In most cases in fact the users told us that their jobs could be re-started but we still had to ask each time.
Following discussions with the CITC about the time/effort taken to do this a different way to arrange things has been set in place. All updates/patches will be classified by the severity of the impact of not rebooting the machine after application:
- severity 0: no reboot needed
- severity 1: reboot needed at some point
- severity 2: reboot needed within a few hours
- severity 3: reboot needed within a few mins
It is expected that the number of severity 2/3 updates will decrease, these patches are often security related so must be taken seriously. If a severity 3 patch is applied the machine will be rebooted within a few minutes (REGARDLESS OF WHAT IS RUNNING). Similarly after applying a severity 2 patch the machine will be rebooted at a time between 05:15 and 05:45 the next morning (again even if user jobs are running).
After a severity 1 patch has been applied we will check (each night) if there are no user jobs. If there are none we will reboot within a few minutes. If there are user jobs we will still reboot at a time between 05:15 and 05:45 if it is a Wednesday morning.
Initially only some machines will use the new procedures but over time all systems will be switched to automatically reboot this way after patching.
Anyone running long jobs MUST ensure that they can be re-started if they plan to run them overnight (and especially over Wednesday mornings).
Perhaps this might also be a good time to remind people that they *should* log out before going home. Since machines may need to be rebooted you should not leave files unsaved in editors etc, or licences locked out for matlab etc unless you are actually using them (such things may annoy others who want to use them). Also remember that someone _could_ follow a cleaner into your office and do nasty things to your files/account if you are still logged in.