Home > System Tutorial > LINUX > Livepatch - Apply critical security patches to the Ubuntu Linux kernel without rebooting

Livepatch - Apply critical security patches to the Ubuntu Linux kernel without rebooting

王林
Release: 2024-02-10 11:40:27
forward
1034 people have browsed it

With Livepatch enabled on your Ubuntu server, you can keep your system secure while minimizing unplanned downtime.

Livepatch —— 免重启给 Ubuntu Linux 内核打关键性安全补丁

-Register Ubuntu Livepatch account 22%
-Get and use Livepatch tokens 47%
If you are a system administrator maintaining critical systems in an enterprise environment, you must be familiar with the following two things:

\1) It is difficult to find a downtime to install security patches on the system to fix kernel or system vulnerabilities. If the company or enterprise you work for does not have a security policy in place, operations management may end up prioritizing keeping systems running rather than addressing system vulnerabilities. Additionally, internal bureaucracy can also delay approval downtime. That's how I was.

\2) Sometimes you really can't afford the losses caused by downtime, and you have to be prepared to use other methods to reduce the risks caused by malicious attacks.

The good news is that Canonical recently released the Livepatch service for Ubuntu 16.04 (64-bit version / 4.4.x kernel), which allows you to apply critical security patches to the kernel without restarting. Yes, you read that right: using Livepatch you can make security patches for Ubuntu 16.04 server systems take effect without rebooting.

Register Ubuntu Livepatch account

To run the Canonical Livepatch service, you must first register an account here https://auth.livepatch.canonical.com/, and indicate whether you are an ordinary user or an enterprise user (paid). By using a token, all Ubuntu users can connect up to 3 different computers to the Livepatch service:

Livepatch —— 免重启给 Ubuntu Linux 内核打关键性安全补丁

Canonical Livepatch Service

Next you will be prompted to enter your Ubuntu One credentials, or you can register a new account. If you choose the latter, you will need to confirm your email address to complete registration:
Livepatch —— 免重启给 Ubuntu Linux 内核打关键性安全补丁
Livepatch —— 免重启给 Ubuntu Linux 内核打关键性安全补丁
Ubuntu One Confirmation Email
Once you confirm your email address by clicking the link above, you will be taken back to https://auth.livepatch.canonical.com/ and obtain your Livepatch token.

Obtain and use Livepatch tokens

First copy the unique token assigned to your account:

Livepatch —— 免重启给 Ubuntu Linux 内核打关键性安全补丁

Canonical Livepatch Token

Then open the terminal and enter:

$ sudo snap install canonical-livepatch
Copy after login

The above command will install the livepatch program, and the following command will enable it for your system.

$ sudo canonical-livepatch enable [YOUR TOKEN HERE]
Copy after login

If the latter command prompt cannot find canonical-livepatch, check whether /snap/bin has been added to your path, or switch your working directory to /snap/bin for execution.

$ sudo ./canonical-livepatch enable [YOUR TOKEN HERE]
Copy after login
Livepatch —— 免重启给 Ubuntu Linux 内核打关键性安全补丁

Install Livepatch in Ubuntu

Afterwards, you may want to check the description and status of the patch applied to the kernel. Fortunately, it's easy.

$ sudo ./canonical-livepatch status --verbose
Copy after login

As shown below:

Livepatch —— 免重启给 Ubuntu Linux 内核打关键性安全补丁

Check patch installation

With Livepatch enabled on your Ubuntu server, you can keep your system secure while minimizing unplanned downtime. I hope that this move by Canonical will bring you convenience in management, and even further improve it.

If you have any questions about this article, please leave a message below and we will reply as soon as possible.

The above is the detailed content of Livepatch - Apply critical security patches to the Ubuntu Linux kernel without rebooting. For more information, please follow other related articles on the PHP Chinese website!

source:lxlinux.net
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template