Livepatch

Charly's Column – Livepatch

Article from Issue 244/2021
Author(s):

There is only one thing Charly appreciates even less than security holes in the kernel: downtime of his machines. That's why he patches his Ubuntu systems with Canonical's Livepatch on the fly.

Vulnerabilities in the kernel are always ugly, but since the Linux kernel is a very complex piece of software, admins have to come up with a strategy to deal with them. Fortunately, patches are often available shortly after the discovery of a vulnerability, but the application and the subsequent reboot will lead to an – admittedly usually short – period of unavailability of the system.

For Ubuntu systems, distributor Canonical has developed a very easy-to-use live patching system, Livepatch. It patches the kernel without requiring a reboot. This helps the admin sleep more soundly, and the system reboot can be skipped or postponed to a more convenient time, such as a scheduled maintenance window. To use Livepatch, you need an Ubuntu One account, which you create on https://auth.livepatch.canonical.com (Figure 1).

Figure 1: Canonical's Livepatch Service requires you to log in.

[...]

Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus