For more systems, you'll have to pay $12 per month

Oct 18, 2016 19:25 GMT  ·  By

Today, October 18, 2016, Canonical informs us, through Dustin Kirkland, about a new interesting feature for Ubuntu Linux, which users can enable on their current installations.

First off, we'd like to remind you that the Linux 4.0 kernel, which was released a year and a half ago, brought with it a new functionality that would allow users to patch/update their kernel packages without restarting. The feature is called kernel live patching and, until today, no GNU/Linux distribution offered it for free to their users. It was only available in commercial offerings like SUSE Enterprise Linux or Red Hat Enterprise Linux.

"Kernel live patching enables runtime correction of critical security issues in your kernel without rebooting. It’s the best way to ensure that machines are safe at the kernel level, while guaranteeing uptime, especially for container hosts where a single machine may be running thousands of different workloads," says Dustin Kirkland, Ubuntu Product and Strategy at Canonical.

It actually makes sense to offer live kernel patching on large-scale operating system deployments, and that's what Canonical is now doing as well for their customers. However, that's about to change today, as the company behind the popular Ubuntu distribution is now offering kernel live patching for everyone, and it's free for up to three of your personal computers.

Here's how to enable kernel live patching in Ubuntu right now

So, if you're interested in enabling live kernel patching on your Ubuntu OS right now, you'll have to go to the Canonical Livepatch Service website and retrieve your livepatch token, which should look like "d3b07384d213edec49eaa6238ad5ff00". After that, install the livepatch Snap using the first command below, and then enable your account using the livepatch token obtained in the second command below.

sudo snap install canonical-livepatch
sudo canonical-livepatch enable d3b07384d113edec49eaa6238ad5ff00
That’s it! You've just enabled kernel live patching for your Ubuntu system, and you can do that, for free, on two more installations. However, if you want to enable Canonical's Livepatch service on more then three systems, you'll have to purchase a commercial support subscription from them, which starts at $12 per month. Checking the status of your kernel live patching can be done anytime with the following command. canonical-livepatch status
  kernel: 4.4.0-38.57-generic
  fully-patched: true
  version: "12.2"

Update: If you're running into errors, please try to keep in mind that Canonical's Livepatch Service only supports 64-bit versions of the Ubuntu 16.04 LTS (Xenial Xerus) operating system running the long-term supported Linux 4.4 kernel. We've also added the video above to make enabling live kernel patching easier.