... reboots are years between, and in scheduled windows.
Care to publish the IP of your machine?
Of course don't do that, only a fool would do that if you're not rebooting to a new kernel more often.
Which one of my machines? And which interface?
Feel better now?
But anyhow, I probably should have written "... reboots are years between, or in scheduled windows."
And that said, not all machines are reachable by hackers, or useful to them. Some I have are on their own network, with no physical connection to other networks. Others are behind several layers of firewalls and have no security anyhow.
You don't put heavy duty security locks on your bathroom door, do you?
And if that wasn't enough, there are many kernel security fixes that do not apply, so a reboot isn't needed. If a server isn't running ext4, chances are that it doesn't need to be rebooted after a fix to the ext4 code. And if the fix is to a module, reinserting the new module will generally suffice.
I actually read the release notes for security fixes.
Have you even looked at systemd? By your comments I don't think so.
That you don't think was assumed, but thank you for confirming the suspicion.
Yes, I have tried systemd. I try it every day. And it still cannot do what I need the system to do, especially with its own embedded udev which prevents existing applications from working, but also because it's pure hell to configure/reconfigure, especially in an automated fashion due to the MSDOS INI files and what should be an init process overriding the superuser.
No, the mail server does not need to be shut down if I shut down the locking daemon due to replacing another server that the mail daemon doesn't even talk to. And I may want multiple servers with the same configuration but with different services started, so they can be ready for a manual switch of services. And much else that is easy with systemd or upstart, but a huge amount of work with systemd. I want to be able to do things without jumping through hoops.