Canonical Livepatch Service Apply critical kernel patches without rebooting.

According to Canonical a parent organization behind Ubuntu, LivePatch on Kernel will help to resolve unwanted rebooting of system after patching.

The Canonical Livepatch Service enables you apply critical kernel security fixes to your Ubuntu 16.04 LTS system without rebooting. Available to all Ubuntu Advantage customers, the Canonical Livepatch Service reduces planned or unplanned downtime while maintaining compliance and security.

Product overview

The Canonical Livepatch Service delivers live kernel patching to Ubuntu 16.04 LTS systems without the need to reboot. Ensuring the security and efficiency of an Ubuntu system has never been easier. Available to all Ubuntu Advantage customers, you can perform patching without interrupting your mission-critical workloads and in-memory databases, saving the cost of downtime and increasing service availability. Ubuntu Advantage gives the world’s largest enterprises the assurance they need to run mission-critical workloads such as enterprise databases, virtual/cloud hosts or infrastructural services on Ubuntu. The Canonical Livepatch Service is also available for personal use for free up to a maximum of three Ubuntu 16.04 LTS systems.

Maximise service availability Mission-critical workloads like enterprise databases, virtual/ cloud hosts or infrastructure services can’t afford downtime. The Canonical Livepatch Service applies kernel fixes in microseconds, without restarting your Ubuntu 16.04 LTS system. Fewer reboots means improved service availability. Maintain security and compliance When a security loophole is identified in the Linux kernel, patching is the only way to reduce your exposure from malicious attack. But finding a downtime window to address security vulnerabilities can be challenging, particularly for large scale and production deployments. The Canonical Livepatch Service applies security critical Linux kernel patches without rebooting, keeping your Ubuntu 16.04 LTS systems secure and compliant. Integrated service delivery The Canonical Livepatch Service is available with an Ubuntu Advantage subscription. For existing customers introducing the Canonical’s Livepatches into your administrative workflows is simple since it’s integrated into existing tools like Landscape and support processes

System requirements

Canonical’s Livepatches are available for the generic flavour of the 64-bit Intel/AMD (aka, x86_64, amd64) builds of the Ubuntu 16.04 LTS (Xenial) kernel, which is a Linux 4.4 kernel. Canonical Live Patches work on Ubuntu 16.04 LTS Servers and Desktops, on physical machines, virtual machines, and in the cloud.

How to enable the Canonical Livepatch Service

Generate your credentials via

https://auth.livepatch.canonical.com/

Install the canonical-livepatch daemon:

$ sudo snap install canonical-livepatch

Enable it:

$ sudo canonical-livepatch enable [TOKEN]

Source: https://www.ubuntu.com/server/livepatch