i am having an issue with the reboot policy gnome software seems to mandate.
i get that its the safest way to update parts of your system by avoiding problems with running programs. and i get that it is almost unavoidable with kernel updates and probably smart to do it with services. but i dont want to reboot for a firefox update. i dont want to reboot for libraries.
besides comfort this creates a real issue too: if i dont reboot for firefox i will be running a potentially insecure firefox until i reboot.
one could say just reboot, but i am not living in the 90’s anymore where i switch of my pc when i am done working. also my luks password is long as s***t. and if i reboot to update it reboots, i decrypt, it runs the updates, it reboots, i decrypt and then i get to use my pc again.
Unfortunately, those two cases are precisely why you need to reboot. Linux will keep libraries and open files alive as long as there’s a process using them, which means updating a library will not come into effect until you restart everything that uses it. This also applies to open files, like data storage.
It’s not just going to be insecure: it might lead to data corruption or loss.
You could encrypt only your home volume instead of your entire storage; or you could switch to an “atomic” OS variant, which downloads and applies the updates while your session is running, and requires a reboot at your convenience without breaking your session. Another thing you can do is to favour containerised application mechanisms, like Flatpak, as they decouple OS updates from application updates, limiting the amount of updates that require a reboot.