Hi Allessandro, My two cents: I deliberately don't use automatic updates to improve relay stability and only update when it's necessary. And this applies to any updates including the FreeBSD/OpenBSD kernel (which requires a reboot as well). Not all updates are security patches or are relevant enough to immediately effectuate. Sometimes they can go ~60 days without needing a Tor restart.
But your mileage may vary. For example some operators compile Tor daily and then a restart may be required more often. I do feel something is wrong in your configuration though. Tor certainly has updates occasionally, but not every few hours. Also in Tor Project's Debian repo[1] it looks like the last update was from 22-03 (and not a few hours ago). So you may want to check your apt configuration. I don't use Debian/Linux so someone else could maybe chime in to help you with setting that up properly. Regards, tornth [1] https://deb.torproject.org/torproject.org/dists/ Mar 26, 2024, 11:03 by tor-relays@lists.torproject.org: > Dear Tor-Relays Mailing List Members, > > I hope this email finds you well. I'm reaching out to share some observations > and pose some questions regarding the management of relay node updates, > particularly concerning their impact on stability and security of the service > provided. > > Recently, I've noticed an interesting pattern with my relay node (ID: > 47B72187844C00AA5D524415E52E3BE81E63056B [1]). I've followed TorProject's > recommendations [2] and configured automatic updates, which has led to > frequent restarts of the node to keep the Tor software up-to-date. While this > practice ensures high security by keeping the software updated, it seems to > compromise the stability of the node itself. The Uptime value of my node has > remained at a maximum of a few hours. > > This situation has prompted me to reflect on what might be the best strategy > to adopt. On one hand, frequent updates ensure optimal security, while on the > other hand, continuous restarts may affect the user experience for those > relying on the node's stability for their Tor activities. > > As such, I'd like to pose some questions to the community to gather feedback > and assess best practices: > > 1. In your opinion, is it preferable to maintain automatic updates to ensure > maximum security, even if frequent restarts may compromise the node's > stability? > 2. Or would it be more sensible to adjust the update frequency, perhaps > performing them once or twice a week, to ensure greater stability of the node > without excessively compromising security? > 3. Have you had similar experiences with your relay nodes? How have you > addressed this challenge and what were the outcomes? > > Thank you in advance for your time and cooperation. > > Best regards, > Aleff. > > [1] > https://metrics.torproject.org/rs.html#details/47B72187844C00AA5D524415E52E3BE81E63056B > [2] https://community.torproject.org/relay/setup/guard/debian-ubuntu/updates/ > > --- > > Browse my WebSite: aleff-gitlab.gitlab.io > Use my PGP Public Key: pgp.mit.edu/pks/lookup?op=get&search=0x7CFCE404A2168C85 > Join to support: > - Free Software Foundation! (my.fsf.org/join?referrer=6202114) > - Electronic Frontier Foundation! (eff.org) > - Tor-Project (torproject.org) > - Signal (signal.org) >
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
