© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
513534c
demo site
(Get the code!)
(I'm not on the livepatch team)
> How does one configure the system so that it automatically reboots when required, except when livepatch is sufficient?
Livepatches for kernel flaws come after updated kernel packages: if you always reboot into a new kernel the day the kernel is delivered, you'll never install livepatches.
> If a user wants to rely on Livepatch entirely (or 'until further notice'), unattended-upgrades can be set to blacklist automatic kernel upgrades.
I would like to discourage this. Livepatch addresses only issues that (a) have had a CVE number assigned (b) have been scored as high or critical by our triage process. A lot of kernel security issues never get CVE numbers assigned. When we import new stable kernels from upstream developers, there may be security fixes that aren't actually called out as security fixes anywhere.
While it might seem wasteful to download a few hundred megabytes and rebuild an initramfs every two weeks regardless if you plan to reboot into it, unexpected reboots *do* happen, and it would be nice to get the most up-to-date kernel when that happens.
(Maybe an organization would rather have the entire fleet move along in a cadence, or only deploy kernels once they've been vetted through A/B testing or a staging environment, but that's an entirely separate choice to make. These organizations may disable unattended-upgrades entirely, or own their own repositories and control when packages are released into it, etc.)
Thanks