Live kernel patching from Canonical now available for Ubuntu 16.04 LTS

Tom Callway

on 20 October 2016

livepatchportal

We are delighted to announce the availability of a new service for Ubuntu which any user can enable on their current installations – the Canonical Livepatch Service.

This new live kernel patching service can be used on any Ubuntu 16.04 LTS system (using the generic Linux 4.4 kernel) to minimise unplanned downtime and maintain the highest levels of security.

First a bit of background…

Since the release of the Linux 4.0 kernel about 18 months ago, users have been able to patch and update their kernel packages without rebooting. However, until now, no other Linux distribution has offered this feature for free to their users. That changes today with the release of the Canonical Livepatch Service:

  • The Canonical Livepatch Service is available for free to all users up to 3 machines.
  • If you want to enable the Canonical Livepatch Service on more than three machines, please purchase an Ubuntu Advantage support package from buy.ubuntu.com or get in touch.

Beyond securing your desktop, server, IoT device or virtual guest, the Canonical Livepatch Service is particularly useful in container environments since every container will share the same kernel.

“Kernel live patching enables runtime correction of critical security issues in your kernel without rebooting. It’s the best way to ensure that machines are safe at the kernel level, while guaranteeing uptime, especially for container hosts where a single machine may be running thousands of different workloads,” says Dustin Kirkland, Ubuntu Product and Strategy for Canonical.

Here’s how to enable the Canonical Livepatch Service today

First, go to the Canonical Livepatch Service portal and retrieve your livepatch token.

Next, install the livepatch ‘Snap’ using the first command below, and then enable your account using the token obtained in the second command below:

sudo snap install canonical-livepatch
sudo canonical-livepatch enable [Token]

That’s it! You’ve just enabled kernel live patching for your Ubuntu system, and you can do that, for free, on two more installations! However, if you want to enable the Canonical Livepatch Service on more than three systems you’ll need to purchase an Ubuntu Advantage support package from as little as $12 per month.

Need a bit more help?

Here’s a quick video to guide you through the steps in less than a minute:

For further details on the Canonical Livepatch Service please read Dustin Kirkland’s useful list of FAQs.

Ubuntu cloud

Ubuntu offers all the training, software infrastructure, tools, services and support you need for your public and private clouds.

Newsletter signup

Select topics you’re
interested in

In submitting this form, I confirm that I have read and agree to Canonical’s Privacy Notice and Privacy Policy.

Related posts

Access ESM, now free to the community, via the updated Ubuntu Advantage client

Canonical is happy to announce that all community users are entitled to a free Ubuntu Advantage for Infrastructure account for access to Extended Security...

How Ubuntu Advantage for Infrastructure delivers top-notch Linux security

Linux security is central to each release of Ubuntu, the most widely-used Linux distribution. With Ubuntu’s predictable six-month release cycle, users know...

Hardware discovery and kernel auto-configuration in MAAS

In this blog, we are going to explore how to leverage MAAS for hardware discovery and kernel auto-configuration using tags. In many cases, certain pieces of...