Skip to main content
Solved

Is restarting actually required for "Restart Required" Apple software updates?

  • February 13, 2017
  • 9 replies
  • 129 views
C
Forum|alt.badge.img+5

Seems to be an easy question, but I'm seeing conflicting answers in my environment.

I've been applying a policy to install all available Software Software Updates from Apple's server. If no user is logged in, restart if a package/update requires it. If user is logged in, do not restart.

When I do the latest update from the app store by hand on either 10.12, 10.11, or 10.10, it says the restart is required and then actually restarting results in that black Apple logo screen that says it is applying the update. After it finishes, "About this Mac" reports the new version, and the new version is reported back to JAMF as expected. All fine and good here.

When I do these same updates via the policy while someone is logged in, meaning it doesn't restart after the updater finishes, "About this Mac" reports the new version. Restarting manually after the policy finishes does NOT result in the black Apple logo "updating" screen. The new version is reported back to JAMF during Recon as the new version even without restarting. Checking for updates a second time does not report any available updates.

So, the question is: Are these updates applied on next reboot even if you don't see that "upgrading" screen? Are they applied even without a reboot because "About this Mac" reports the new version?

Best answer by dgreening

Any update which modifies the security db does require an immediate reboot, otherwise you will start to see "Unapproved Caller" pop-up messages which can be hard to dismiss and sometimes require a hard reboot. It is best practice for any "requires reboot" update to reboot right after installation.

9 replies

G
Forum|alt.badge.img+10
  • gregneagle
  • New Contributor
  • February 13, 2017

"Is restarting actually required for "Restart Required" Apple software updates?"

Yes.

C
Forum|alt.badge.img+5
  • calvins
  • Author
  • Contributor
  • February 13, 2017

Perhaps I should rephrase as "If About This Mac reports the new version and you have yet to reboot, does it matter?". I've read some posts about old updates breaking the JAMF client until you reboot, but I haven't seen that myself.

If it doesn't really matter, then why wouldn't you just install these updates and let users reboot at their convenience?

H
Forum|alt.badge.img+9
  • hjcao
  • Contributor
  • February 13, 2017

The question, I think, is do you want to take the chance? You may have not seen it, yet, but it could happen. Is the fix to the jamf client easier than just setting the machine to reboot from the jump? Pick your poison I guess. I'd rather not have to deal with issues that are easily avoided.

G
Forum|alt.badge.img+10
  • gregneagle
  • New Contributor
  • February 13, 2017

"If it doesn't really matter, then why wouldn't you just install these updates and let users reboot at their convenience?"

It does matter. You've swapped out vital system components with new ones. The OS or apps might crash at any moment, losing user data.

Install OS updates and security updates that say they require a restart, and then restart.

D
Forum|alt.badge.img+18
  • dgreening
  • Honored Contributor
  • Answer
  • February 14, 2017

Any update which modifies the security db does require an immediate reboot, otherwise you will start to see "Unapproved Caller" pop-up messages which can be hard to dismiss and sometimes require a hard reboot. It is best practice for any "requires reboot" update to reboot right after installation.

R
Forum|alt.badge.img+5

If Apple requires a restart, you have to restart. You'll notice apps won't load, Safari specifically. Performance will drop and weird things happen. It is best practice to reboot after an update that requires a reboot. It's a no-brainer.

S
Forum|alt.badge.img+8
  • strider_knh
  • Contributor
  • February 14, 2017

Most of the Apple updates that require restarts don't seem to do any installation until they restart. I see most of such updates with the progress bar after restart. At least this seems to be what I see recently.

C
Forum|alt.badge.img+5
  • calvins
  • Author
  • Contributor
  • February 14, 2017

Thanks for the answers guys. I figured there were actually reasons beyond "Because Apple says so".

R
Forum|alt.badge.img+2
  • rcram
  • New Contributor
  • February 14, 2017

In addition, if you check inside some of those OS update packages you can find embedded Firmware updates. If you leave those sitting around without restarting and an end user runs down their machine's battery it can turn a device into a brick.

Terms & ConditionsCookie settingsAccessibility statement