Why updating a running Linux system is not problematic

executablesoftware installationupgrade

It's years I use Linux systems on a daily basis, and I never had major problems by updating a system when it was running, but I still wonder why this is possibile.

Let me make an example.

Suppose a program "A" from a certain package is running on a system. This program, at a certain point, needs to open another file ("B") from the same package. After that, program "A" closes "B" because it doesn't need it anymore. Suppose now I update the package "A" and "B" belong to. "A" is not directly affected by this operations, at least for the moment, since it is running in RAM and the update just replaced "A" on the hard disk. Suppose "B" has been replaced on the filesystem, too. Now "A" needs to read "B" again for some reason. The question is: is it possible that "A" could find an incompatible version of "B" and crash or malfunction in some other way?

Why nobody update their systems by rebooting with a live CD or some similar procedure?

Best Answer

Updating Userland is Rarely a Problem

You can often update packages on a live system because:

  1. Shared libraries are stored in memory, not read from disk on each call, so the old versions will remain in use until the application is restarted.
  2. Open files are actually read from file-descriptors, not the file names, so the file contents remain available to the running applications even when moved/renamed/deleted until the sectors are over-written or the file descriptors are closed.
  3. Packages that require reloading or restarting are usually handled properly by the package manager if the package has been well-designed. For example, Debian will restart certain services whenever libc6 is upgraded.

Generally, unless you're updating your kernel and aren't using ksplice, then programs or services may need to be restarted to take advantage of an update. However, there's rarely a need to reboot a system to update anything in userland, although on desktops it's occasionally easier than restarting individual services.

See Also

http://en.wikipedia.org/wiki/Ring_%28computer_security%29#Supervisor_mode

Related Question