2

I want to fix the Shellshock issue, and the usual solution is to update Ubuntu.

How can I update only Bash and without having to reboot?

Peter Mortensen
  • 933
  • 2
  • 11
  • 17
Eduard Florinescu
  • 7,707
  • 9
  • 46
  • 51
  • 2
    New instances of bash will automatically use the upgraded version. Kill any running instances, if you must. – muru Oct 03 '14 at 12:31
  • 2
    In general you do not need to reboot following an update. The only package that I can think of that requires a reboot is the kernel. Sometimes you need to restart a service, but in that event most packages stop and restart services as part of the install. Sometimes you need to log out and back in or restart programs, but not reboot. – Panther Oct 03 '14 at 12:34
  • 2
    @muru after the bash update the shellshock bug was patched, no need to restart bash, kill bash, or anything. I've tested that on several servers from RHEL to Debian to Ubuntu. – Panther Oct 03 '14 at 12:39
  • Updating Kernel modules can often require a restart of some description too... But even they *can* be done without a reboot most of the time, it just involves stopping anything that is using them so you can unload the old module and load the new one. Rebooting is often easier and quicker though. – Oli Oct 03 '14 at 12:40
  • @bodhi.zazen So you're saying that a shell that was opened before the upgrade was done will become safe, and any subshells of that shell will also be safe? – muru Oct 03 '14 at 13:06
  • @muru for the shellshock bug, yes, the patch takes effect immediately without the need for further action (beyond updating bash). – Panther Oct 03 '14 at 13:46
  • @bodhi.zazen how is that even possible? Surely you need to start a new shell instance! How would the currently running one be affected? – terdon Oct 03 '14 at 16:17
  • @terdon - test it for yourself if you do not believe me, I did. I do not know the technical details. – Panther Oct 03 '14 at 16:25
  • @bodhi.zazen well, I''ll be. I did test it and you're quite right. How strange. – terdon Oct 03 '14 at 16:30
  • 3
    @terdon --- the shellshock bug involves starting a new shell that is reading the (fake) environment. So it is exploitable only on *shell start*, and this is the reason that when you upgrade, all the new shells started are the upgraded ones, and the bug (at least, this one ;-)) does not manifest itself. – Rmano Oct 03 '14 at 17:15
  • There is a fair bit more than just the kernel which would need a reboot for changes to take effect - for example the whole init system (upstart) which doesn't just stay active at boot but hangs around the whole time waiting for you to do something like reboot. – thomasrutter Oct 13 '14 at 04:29

1 Answers1

12

You don't have to restart for the Bash update to take. Just update in the normal way.

sudo apt-get update
sudo apt-get dist-upgrade

If you (for whatever nonsensical reason) need to limit that to Bash, you can:

sudo apt-get update
sudo apt-get install bash

And again, because of the way this exploit is launched (setting an environment variable before starting a new instance of Bash), you don't need to reboot after you do this.

Oli
  • 289,791
  • 117
  • 680
  • 835