[ what’s Ksplice ? ]
Ksplice , Oracle has acquired on July 21, 2011 , provides the technology of applying kernel security updates without rebooting.
http://www.ksplice.com/
You can use this technology on Oracle Linux , Ubuntu desktop , CentOS , Scientific Linux and Fedora etc.
It seems that ksplice for some distributions such as Ubuntu server , CentOS etc are not free.
[ use Ksplice on Ubuntu 11.10 Desktop ( not Ubuntu server ) ]
get the access key as below
http://www.ksplice.com/uptrack/key
create the repository file for ksplice
install ksplice
Ksplice , Oracle has acquired on July 21, 2011 , provides the technology of applying kernel security updates without rebooting.
http://www.ksplice.com/
You can use this technology on Oracle Linux , Ubuntu desktop , CentOS , Scientific Linux and Fedora etc.
It seems that ksplice for some distributions such as Ubuntu server , CentOS etc are not free.
[ use Ksplice on Ubuntu 11.10 Desktop ( not Ubuntu server ) ]
get the access key as below
http://www.ksplice.com/uptrack/key
create the repository file for ksplice
| # cat /etc/apt/sources.list.d/ksplice.list deb http://www.ksplice.com/apt oneiric ksplice deb-src http://www.ksplice.com/apt oneiric ksplice |
install ksplice
| # apt-get install ca-certificates # wget -N https://www.ksplice.com/apt/ksplice-archive.asc # apt-key add ksplice-archive.asc OK # apt-get update ; apt-get install uptrack |
paste the access key you got from http://www.ksplice.com/uptrack/key
edit uptrack.conf if you want to apply kernel updates automatically.
| root@hat2:~# tail -2 /etc/uptrack/uptrack.conf #autoinstall = no autoinstall = yes |
apply kernel patches.
| # uptrack-upgrade -y The following steps will be taken: Install [tbralfyx] Clear garbage data on the kernel stack when handling signals. Install [45hi1vy1] CVE-2011-2494: Information leak in taskstats. Install [prmvsms6] Fix unsafe user pointer access in sendmsg. Install [gwr0oea1] CVE-2011-1161: Information leak in transmission logic of TPM driver. Install [t9ao2jv9] CVE-2011-1162: Information leak in TPM driver. Install [nfb7a5jw] NULL pointer dereference in kernel alarm timer. Installing [tbralfyx] Clear garbage data on the kernel stack when handling signals. Installing [45hi1vy1] CVE-2011-2494: Information leak in taskstats. Installing [prmvsms6] Fix unsafe user pointer access in sendmsg. Installing [gwr0oea1] CVE-2011-1161: Information leak in transmission logic of TPM driver. Installing [t9ao2jv9] CVE-2011-1162: Information leak in TPM driver. Installing [nfb7a5jw] NULL pointer dereference in kernel alarm timer. Your kernel is fully up to date. Effective kernel version is 3.0.0-13.22 |
| # uptrack-upgrade -y Nothing to be done. Your kernel is fully up to date. Effective kernel version is 3.0.0-13.22 |
| # uptrack-show Installed updates: [tbralfyx] Clear garbage data on the kernel stack when handling signals. [45hi1vy1] CVE-2011-2494: Information leak in taskstats. [prmvsms6] Fix unsafe user pointer access in sendmsg. [gwr0oea1] CVE-2011-1161: Information leak in transmission logic of TPM driver. [t9ao2jv9] CVE-2011-1162: Information leak in TPM driver. [nfb7a5jw] NULL pointer dereference in kernel alarm timer. Effective kernel version is 3.0.0-13.22 |
| # uname -r 3.0.0-12-generic # uptrack-uname -r 3.0.0-13-generic |
Please note that ksplice provides *kernel* security updates , so you need to apply software updates via apt-get , yum or something.
If you want to use GUI version , just install uptrack-manager.
| # apt-get install uptrack-manager |
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.