Livepatch has fixed kernel vulnerabilities. Or not???
Keith
keithw at caramail.com
Wed Apr 12 19:47:17 UTC 2023
On 4/12/23 10:32 AM, Bo Berglund wrote:
[snipped]
>
> $ pro system reboot-required
> no
Interesting.
>
>
> $ canonical-livepatch status --verbose
> last check: 8 minutes ago
> kernel: 5.4.0-89.100-generic
Have you performed a system update since you last posted on 3/27?
Currently, 5.4.0.146.144-generic is the latest kernel version for focal.
[snipped]
>> $ canonical-livepatch kernel-upgrade-required; echo $?
>> Exit code of 0 means restart is necessary
>> Exit code of 1 means restart is not necessary, but recommended at later time
>> Exit code of 2 means no restart is necessary.
>
> $ canonical-livepatch kernel-upgrade-required; echo $?
> *** Livepatch has fixed kernel vulnerabilities. System restart recommended on
> the closest maintenance window ***Kernel upgrade recommended.
> 1
Given that the "canonical-livepatch status" command indicates you're
running a older kernel that what's currently available in the repos,
maybe do a system update to upgrade the kernel.
[snipped]
> $ sudo snap disconnect canonical-livepatch:etc-update-motd-d --forget
>
> There is no output, cursor just moves down after some highspeed stuff flashes
> and disappears.
>
>
>> Re-enable the plugin and then logout/login to see if issue persists
>> $ sudo snap connect canonical-livepatch:etc-update-motd-d
>
> sudo snap connect canonical-livepatch:etc-update-motd-d
>
> There is no output, again cursor just moves down after some highspeed stuff
> flashes and disappears.
You can redirect stdout (1>) to a file, or pipe it thru tee (|tee) to
capture the output. Basically its just this
Connect canonical-livepatch:etc-update-motd-d to snapd:system-files
/^MConnect
canonical-livepatch:etc-update-motd-d to snapd:system-file
for a few lines.
>
>> If there are no reboot files in /var/run, then I'm out of ideas.
>> Probably should file a bug against the canonical-livepatch client. Might
>> make a inquiry on another venue like Ubuntu Forums, Ubuntu community
>> discourse server, or AskUbuntu also.
>
One last thing to try and then I would file a bug at the link Oliver
provided if it doesn't fix the problem.
Disable livepatch
$ sudo pro disable livepatch
Uninstall canonical-livepatch snap
$ sudo snap remove --purge canonical-livepatch
Delete ~/snap/canonical-livepatch directory
Delete /root/snap/canonical-livepatch directory also
Remove /etc/update-motd.d/99-livepatch-kernel-upgrade-required if its
still present. It should have been removed when the snap was uninstalled.
Remove cached snap files in /var/lib/snapd/cache
Not directory, just files.
Manually install canonical-livepatch snap
$ sudo snap install canonical-livepatch
Enable canonical-livepatch
$ sudo pro enable livepatch
Check ~/snap/canonical-livepatch
Is there a symbolic link "current" pointing to the revision of the
canonical-livepatch snap (196 for the latest/stable)? If not, make one.
Do the same for /root/snap/canonical-livepatch
Logout/Login
Still getting message? File the bug, and/or disconnect the
etc-update-motd-d interface as described above. That gets rid of that
99-livepatch.. script generating the motd message.
--
Keith
More information about the ubuntu-users
mailing list