How can I check from the command line if a reboot is required on RHEL or CentOS?

https://access.redhat.com/discussions/3106621#comment-1196821

Don't forget that you might need to reboot because of core library updates, at least if it is glibc. (And also, services may need to be restarted after updates).

If you install the yum-utils package, you can use a command called needs-restarting.

You can use it both for checking if a full reboot is required because of kernel or core libraries updates (using the -r option), or what services need to be restarted (using the -s option).

needs-restarting -r returns 0 if reboot is not needed, and 1 if it is, so it is perfect to use in a script.

An example:

root@server1:~> needs-restarting  -r ; echo $?
Core libraries or services have been updated:
  openssl-libs -> 1:1.0.1e-60.el7_3.1
  systemd -> 219-30.el7_3.9

Reboot is required to ensure that your system benefits from these updates.

More information:
https://access.redhat.com/solutions/27943
1

About comparing installed kernels with running one:

#!/bin/bash
LAST_KERNEL=$(rpm -q --last kernel | perl -pe 's/^kernel-(\S+).*/$1/' | head -1)
CURRENT_KERNEL=$(uname -r)

test $LAST_KERNEL = $CURRENT_KERNEL || echo REBOOT

Hope that helps!

You could compare the ouput of uname -a with the list of installed kernel packages

One thing that can be helpful to look at in terms of "is a reboot required" is whether or not there are any files that have been removed/replaced by the update but for which the old files are still loaded/used by active processes.

Basically, when YUM updates a file that is in use by a process, the file itself may have been marked for deletion, but the process keeps using the old file since it has an open file-descriptor to the old file's inode.

A command to get a count of the number of old files still in use:

#lsof | grep "(path inode=.*)" | wc -l

That command will give you a count of the files.

Use this instead to see which files are actually in use:

#lsof | grep "(path inode=.*)"

That command will produce output similar to the following on a YUM-updated box:

COMMAND    PID   USER   FD      TYPE DEVICE SIZE/OFF   NODE NAME
sshd      3782   root  mem       REG   8,17          153427 /lib64/libcrypto.so.0.9.8e (path inode=153253)
mysqld    3883  mysql  mem       REG   8,17          153259 /lib64/libcrypt-2.5.so (path inode=153402)
mingetty  4107   root  mem       REG   8,17          153243 /lib64/libc-2.5.so (path inode=153222)
...
etc

uname -a vs. rpm -q kernel and needs-restarting from yum-utils

Check whether running kernel is the latest one.

If it's not, check whether system was restarted since kernel install.

If it was not, reboot.

CURRENT_KERNEL="$(rpm -q kernel-$(uname -r))"
test -z "$CURRENT_KERNEL" && exit 0     # Current kernel is a custom kernel

LATEST_KERNEL="$(rpm -q kernel | tail -1)"
test -z "$LATEST_KERNEL" && exit 0      # No kernel package installed

LATEST_KERNEL_INSTALLTIME=$(rpm -q kernel --qf "%{INSTALLTIME}\n" | tail -1)
test -z "$LATEST_KERNEL_INSTALLTIME" && exit 1      # Error reading INSTALLTIME

test "$CURRENT_KERNEL" = "$LATEST_KERNEL" && exit 0 # Latest kernel running, no reboot needed

BOOTTIME="$(sed -n '/^btime /s///p' /proc/stat)"
test -z "$BOOTTIME" && exit 1           # Error reading BOOTTIME

test "$LATEST_KERNEL_INSTALLTIME" -lt "$BOOTTIME" && exit 1 # Latest kernel not running, but system was restarted already
                                        # User switched back to an old kernel?

echo reboot

I know this question has been answered already and that folks have posted information about checking for newer kernels as well as deleted files, but I recently wrote a script that checks for both. If either condition is detected, the reboot is scheduled for +30 minutes.

#!/bin/bash

PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin

NEW_KERN=0
DEAD_FILES=0

die () {
    printf "Error, exiting: "
    echo $@
    exit 1
}

for X in lsof wc column awk rpm sed head uname dd tr cut date logger shutdown; do
    which "${X}" >/dev/null 2>&1 || die "required application ${X} not found"
done

DATEY="$(date +%Y%m%d-%H%M%S)"
TMPFILE=/tmp/"$(dd if=/dev/urandom bs=1 count=256 2>/dev/null |tr -c -d '0-9a-f' |cut -c-7)"

[ $TMPFILE == "/tmp/" ] && die
echo "### Reboot automation notice: ${DATEY} ###" > "${TMPFILE}"
lsof +c0 -d DEL | grep -v '\s/SYSV' |awk 'NR==1 || !/dev\/zero/ {print $2,$1,$4,$NF}' | column -t >> "${TMPFILE}"

if [ $(cat ${TMPFILE} |wc -l) -gt 2 ]; then
    DEAD_FILES=1
else
    echo "### Reboot automation notice: ${DATEY} ###" > "${TMPFILE}"
fi

C_KERN="kernel-$(uname -r)"
A_KERN="$(rpm -q --last kernel |head -1 |sed 's|\s\+.*$||')"

[ $A_KERN != $C_KERN ] && NEW_KERN=1 && printf "Running $C_KERN, but $A_KERN available\n" >> "${TMPFILE}"

echo "### End of reboot automation notice: ${DATEY} ###" >> "${TMPFILE}"
if [[ $DEAD_FILES -eq 0 && $NEW_KERN -eq 0 ]]; then
    echo reboot not required
else
    logger -t rebooter -p auth.warning -f "${TMPFILE}"
    [ $DEAD_FILES -ne 0 ] && echo "   Processes running with broken links to executables,"
    [ $NEW_KERN -ne 0 ] && echo "   New kernel available,"
    echo Reboot is required
    shutdown -r +30 "System reboot is required.  To cancel use shutdown -c.  But don't because this system needs to be rebooted"
fi

[ -f "${TMPFILE}" ] && rm -f "${TMPFILE}"

2020-07-15 Update

Since originally writing this answer, I've improved and updated the script. It is available on github here: https://github.com/qth/jutil/blob/master/rbc

Here is my version of the alexm code. You can do this:

LAST_KERNEL=$(rpm -q --last kernel | perl -pe 's/^kernel-(\S+).*/$1/' | head -1)
 CURRENT_KERNEL=$(uname -r)

 if [ $LAST_KERNEL != $CURRENT_KERNEL ]
 then 
    echo "It is time to Reboot!"
 else 
    echo "There is nothing to do!"
 fi

install.log install.log.syslog yum.log you check this place what all got new rpm got install