The Canonical Livepatch Service is Available to all Ubuntu Advantage customers, and also for personal use for free up to a maximum of three Ubuntu 16.04 LTS and 14.04 LTS systems. It updates your Ubuntu your systems with the highest and most critical security vulnerabilities, without requiring a reboot in order to take effect.
The Livepatch service is available for the generic flavour of the 64-bit Intel/AMD (aka, x86_64, amd64) builds of the Ubuntu 16.04 LTS (Xenial) kernel, which is a Linux 4.4 kernel, as well as Ubuntu 14.04 LTS running the Linux 4.4 Hardware Enablement kernel. It works on Ubuntu 16.04 LTS and 14.04 LTS Servers and Desktops, on physical machines, virtual machines, and in the cloud. As mentioned before, Ubuntu 14.04 LTS systems must use the Hardware Enablement kernel.
How to enable Livepatch
First install the canonical-livepatch daemon:
sudo snap install canonical-livepatch
And then you need to enable it:
sudo canonical-livepatch enable
- Verify the status with:
canonical-livepatch status --verbose
This command will first ask you if this system is covered under an Ubuntu Advantage support contract with Canonical, and if so, you’ll be directed to the Canonical Livepatch portal where you’ll provision your credentials, then paste them into the dialog.
How to get security notices for Livepatch
What other requirements are needed?
Using an unmodified Ubuntu kernel and network access to the Canonical Livepatch Service (https://livepatch.canonical.com:443). You also will need to apt update/upgrade to the latest version of snapd (at least 2.15).