Livepatch has fixed kernel vulnerabilities. Or not???

[Keith]

On 4/12/23 11:25 AM, Oliver Grawert wrote:
> hi,
> Am Mittwoch, dem 12.04.2023 um 17:32 +0200 schrieb Bo Berglund:
> 
>> $ sudo snap disconnect canonical-livepatch:etc-update-motd-d --forget
>>
>> There is no output, cursor just moves down after some highspeed stuff
>> flashes and disappears.
> 
> if the output is to fast to read, you can always use:
> 
> $ snap connections canonical-livepatch
> 
> that will list all active connections of plugs and slots of a snap ...
> 
> though i doubt disconnecting the etc-update-motd-d plug will ave any
> effect...
> 
> the plug only manages that the snap has write access to
> /etc/update-motd.d/ but will not remove files the snap has already put
> there (and disconnecting it will also disable the ability of the snap
> to eventually remove any files it has put there before indeed, since
> you disable all access to that dir)

Well.

$ cat 
/snap/canonical-livepatch/current/snap/hooks/disconnect-plug-etc-update-motd-d

   #!/bin/sh

   rm -f /etc/update-motd.d/99-livepatch-kernel-upgrade-required

$ ls -rC1 /etc/update-motd.d/
99-livepatch-kernel-upgrade-required
98-reboot-required
98-fsck-at-reboot
95-hwe-eol
92-unattended-upgrades
...

$ sudo snap disconnect canonical-livepatch:etc-update-motd-d --forget

$ ls -rC1 /etc/update-motd.d/
98-reboot-required
98-fsck-at-reboot
95-hwe-eol
92-unattended-upgrades
91-release-upgrade
...

$ sudo snap connect canonical-livepatch:etc-update-motd-d

$ ls -rC1 /etc/update-motd.d/
99-livepatch-kernel-upgrade-required
98-reboot-required
98-fsck-at-reboot
95-hwe-eol
92-unattended-upgrades
...

Am I misunderstanding how this works?

-- 
Keith