When installing security/kernel packages the system must be rebooted.
It would be a bit silly to reboot always.
So..without further ado…you can solve this for example with the following playbook:
[martijn@fedora basis]$ cat update_all.yaml --- - name: Update alle hosts hosts: all become: true tasks: - name: install dnf tools dnf: state: present name: dnf-utils - name: update alle hosts dnf: state: latest name: "*" - name: restart...? command: needs-restarting -r register: result ignore_errors: yes - name: reboot reboot: when: result.rc == 1 [martijn@fedora basis]$
After updating all packages the playbook installs the packages dnf-utils. This package contains the handy command “needs-restarting”. If this commands return a 1 then the machine needs a restart. The result of needs-restarting is stored in the result variable. Later on you can restart if result.rc equals 1.