Using Canonical Livepatch Service to Patch Ubuntu 16.04 Kernel without Reboot
In this tutorial we’re going to learn how to patch Linux kernel on Ubuntu 16.04 without reboot using the Canonical Livepatch service which uses the upstream Linux Kernel Live Patching technology to apply critical kernel patches without rebooting.
The Canonical livepatch service is free of charge for up to 3 machines (laptop, server or cloud). In order to use this service, your system must be a 64 bit Ubuntu 16.04 OS with Linux kernel 4.4+.
Patching Linux Kernel Without Reboot Using Canonical Livepatch Service
First, go to Canonical Livepatch service page. Select Ubuntu user if you want to use the service without paying for up to 3 machines. If you are an UA customer, then select Ubuntu Advantage customer. And click Get your Livepatch token.
You need to sign in with your Ubuntu one account which is totally free of charge. Once you are signed in, you will get a secret key for your account.
Then make sure you have the snap daemon installed on your Ubuntu 16.04 system.
sudo apt update sudo apt install snapd
Next, install the
sudo snap install canonical-livepatch
Enable the service with the following command.
sudo canonical-livepatch enable <your-secret-key>
Successfully enabled device. Using machine-token: 2ca4f0662793daje0393jdaf39332d
You can check live patch status at any time with:
canonical-livepatch status --verbose
Please note that kernel patching is different from upgrading kernel to the latest version. After applying security patches, you still need to reboot in order to upgrade to the latest version of Linux kernel on Ubuntu 16.04.
I hope this tutorial helped you use the Canonical Live Patch service to update your Ubuntu 16.04 LTS systems with the highest and most critical security vulnerabilities, without a reboot. Subscribe to our free newsletter to get latest Linux tutorials. You can also follow us on Google+, Twitter or like our Facebook page.