Connect with us

Technology

How to Use Canonical’s Livepatch Service on Ubuntu

https://www.howtogeek.com/446140/how-to-use-canonicals-livepatch-service-on-ubuntu/

Published

on

Ubuntu 18.04 LTS's default desktop background showing a Bionic Beaver.

Fancy having critical Linux kernel patches automatically applied to your Ubuntu system—without having to reboot your computer? We describe how to use Canonical’s Livepatch Service to do just that.

What Is Livepatch and How Does It Work?

As Canonical’s Dustin Kirkland explained several years ago, Canonical Livepatch uses the Kernel Live Patching technology built into the standard Linux kernel. Canonical’s Livepatch website notes that massive corporations like AT&T, Cisco, and Walmart use it.

It’s free for personal use on up to three computers—according to Kirkland, these can be “desktops, servers, virtual machines, or cloud instances.” Organizations can use it on more systems with a paid Ubuntu Advantage subscription.

Kernel Patches Are Necessary But Inconvenient

Linux kernel patches are a fact of life. Keeping your system secure and patched up to date is vital in the inter-connected world we live in. But having to reboot your computer to apply kernel patches can be a pain. Especially if the computer is providing some sort of service to users and you have to co-ordinate or negotiate with them to take the service off-line. And there’s a multiplier. If you maintain several Ubuntu machines, at some point you have to bite the bullet and do each one in turn.

The Canonical Livepatch Service removes all of the aggravation of keeping your Ubuntu systems up to date with critical kernel patches. It’s easy to set up—either graphically or from the command line—and it takes one more chore off your shoulders.

Anything that reduces maintenance efforts, boosts security, and reduces downtime has to be an attractive proposition, right? Yes, but there are some caveats.

  • You must be using a Long Term Support (LTS) release of Ubuntu such as 16.04 or 18.04. The most recent LTS version is 18.04, so that’s the version we’re going to use here.
  • It must be a 64-bit version.
  • You must be running Linux Kernel 4.4 or higher
  • You need to have an Ubuntu One account. Remember them? If you don’t have an Ubuntu One account, you can sign up for a free account.
  • You can use the Canonical Livepatch Service at no cost, but you’re limited to three computers per Ubuntu One account. If you have to maintain more than three computers, you’ll need additional Ubuntu One accounts.
  • If you have physical, virtual, or cloud-hosted servers to look after,  you’ll need to become an Ubuntu Advantage customer.

Getting an Ubuntu One Account

Whether you’re going to set up the Livepatch Service through the graphical user interface (GUI) or via the command-line interface (CLI), you must have an Ubuntu One account. This is required because the operation of the Livepatch Service depends on a private key that is issued to you, and tied to your Ubuntu One account.

  • If you set up the Livepatch Service using the GUI, you won’t see your key. It is still required and used, but it is all handled in the background for you.
  • If you set up your Livepatch Service via the terminal, you’ll need to copy and paste your key from your browser to the command line.

If you don’t have an Ubuntu One account, you can create one at no cost.

Enabling the Canonical Livepatch Service Graphically

To launch the graphical setup interface, press the “Super” key. This is located between the “Control” and “Alt” keys on the lower-left of most keyboards. Search for “livepatch.”

When you see the Livepatch icon, click the icon or press “Enter”.

The Livepatch icon

The “Software and Updates” dialog window will appear with the Livepatch tab selected. Click the “Sign in” button. You are reminded that you need an Ubuntu One account.

Ubuntu One Sign in / register dialog

Click the “Sign in / Register” button.

The Ubuntu Single Sign-On Account dialog window appears. Canonical uses the terms “Ubuntu One” and “Single Sign-On” interchangeably. They mean the same thing. Officially “Single Sign-On” was replaced by “Ubuntu One”, but the old name lingers on.

Ubuntu Single Sign On Dialog Window

Enter your account details and click the “Connect” button. You can also use this dialog window to register for an account if you have not already created one.

You will be prompted for your password.

Ubuntu Authentication Dialog window

Enter your password and click the “Authenticate” button. A dialog window shows you the email address associated with the Ubuntu One account you’re going to use.

Email address verification dialog window

Make sure it is correct and click the “Continue” button.

You’ll be asked for your password once more. After a few seconds, the Livepatch tab in the “Software and Updates” dialog window will update to show that Livepatch is live and active.

Livepatch active in the Software and Updates dialog window

A new shield Icon will appear in the tool notification area, close to the networking, sound, and power icons. The green circle with the tick tells you all is well. Click the icon to access the menu.

We are told that Livepatch is on, and there are no current updates.

Livepatch notification area icon and menu

The “Livepatch settings” option will open the “Software and Updates” dialog window at the Livepatch tab.

That’s it; you’re all done.

Enabling the Canonical Livepatch Service using the CLI

You’re going to need an Ubuntu One account. If you don’t have one, you’ll have the opportunity to create one. They’re free, and it only takes a moment.

Some of the steps we need to perform are web-based, so this isn’t a truly CLI-only method. We start by visiting the Canonical Livepatch Service web page in order to obtain our secret key or “token.”

Canonical Livepatch Service web page

Select the “Ubuntu User” radio button and click the “Get Your Livepatch Token” button.

You’re prompted to log in to your Ubuntu One account.

Ubuntu One Log In web page

  • If you have an account, enter the email address you used to set up the account, and select the “I have an Ubuntu One account, and my password is:” radio button.
  • If you don’t have an account, enter your email address and select the “I don’t have an Ubuntu One account” radio button. You will be guided through the account creation process.

Once your Ubuntu One account has been verified, you’ll see the Managed live kernel patching web page. Your key will be displayed.

Managed live kernel patching web page

Keep the web page with your key on it open and open a terminal window. Use this command in the terminal window to install the Livepatch service daemon:

sudo snap install canonical-livepatch

sudo snap install canonical-livepatch in a terminal window

When the installation is finished, you’ll need to enable the service. You’ll need the key from the “Managed live kernel patching” web page.

You need to copy and paste the key to the command line. Highlight the key on the web page, right-click it, and select “Copy” from the context menu. Or you can highlight the key and press “Ctrl+C.”

Type the following command in the terminal window, but don’t press “Enter.”

sudo canonical-livepatch enable

Then type a space, and right-click and select “Paste” from the context menu. Or you can press “Ctrl+Shift+V.” You should see the command you just typed, a space, and the key from the web page.

On the test machine used to research this article it looked like this:

sudo canonical-livepatch enable in a terminal window

Press “Enter.”

RELATED: How to Copy and Paste Text at Linux’s Bash Shell

If all goes well, you’ll see a verification message from Livepatch telling you that the computer has been enabled for kernel patching. It will also show another long key; this is the “machine-token.”

Livepatch enabled verification message in a terminal window

What just happened is:

  • You’ve obtained your Livepatch key from Canonical.
  • You can use it on three computers. You’ve used it on one computer so far.
  • The machine-token that was generated for this computer—using your key—is the machine-token displayed in this message.

If you check the Livepatch tab in the “Software and Updates” dialog window, you’ll see that Livepatch is enabled and active.

Livepatch tab in the Software and upgrades dialog window

Checking the Status of Livepatch

You can make Livepatch give you a status report using the following command:

sudo canonical-livepatch status

sudo canonical-livepatch status in a terminal window

The status report contains:

  • client-version: The software version of Livepatch.
  • architecture: The CPU architecture of the computer.
  • cpu-model: The type and model of the Central Processing Unit (CPU) in the computer.
  • last-check: The time and date that Livepatch last checked to see if there were any critical kernel updates available for download.
  • boot-time: The time this computer was last powered on.
  • uptime: The duration this computer has been powered on.

The status block tells us:

  • kernel: The version of the current kernel.
  • running: Whether Livepatch is running or not.
  • checkstate: Whether Livepatch has checked for kernel patches.
  • patchState: Whether there are any critical kernel patches requiring to be installed.
  • version: The version of the kernel patches, if any, that need to be applied.
  • fixes: The fixes contained in the kernel patches.

Forcing Livepatch to Update Now

The whole point of Livepatch is to provide a managed update service, meaning you don’t need to think about it. It’s all done for you. But if you want to, you can force Livepatch to check for kernel patches (and to apply any it finds) with the following command:

sudo canonical-livepatch refresh

sudo canonical-livepatch refresh in a terminal window

Livepatch tells you the version of the kernel before and after the refresh. There was nothing to be applied in this example.

Less Friction, More Security

Security friction is the pain or inconvenience associated with implementing, using, or maintaining a security feature. If the friction is too high, the security suffers because the feature isn’t used or maintained. Livepatch takes all the friction out of applying critical kernel updates, keeping your kernel as secure as possible.

That’s longhand for “win, win.”

Click to comment

You must be logged in to post a comment Login

Leave a Reply

Technology

These ten enterprise M&A deals totaled over $40B in 2019

It would be hard to top the 2018 enterprise M&A total of a whopping $87 billion, and predictably this year didn’t come close. In fact, the top 10 enterprise M&A deals in 2019 were less than half last year’s, totaling $40.6 billion. This year’s biggest purchase was Salesforce buying Tableau for $15.7 billion, which would…

Published

on

These ten enterprise M&A deals totaled over $40B in 2019

It would be hard to top the 2018 enterprise M&A total of a whopping $87 billion, and predictably this year didn’t come close. In fact, the top 10 enterprise M&A deals in 2019 were less than half last year’s, totaling $40.6 billion.

This year’s biggest purchase was Salesforce buying Tableau for $15.7 billion, which would have been good for third place last year behind IBM’s mega deal plucking Red Hat for $34 billion and Broadcom grabbing CA Technologies for $18.8 billion.

Contributing to this year’s quieter activity was the fact that several typically acquisitive companies — Adobe, Oracle and IBM — stayed mostly on the sidelines after big investments last year. It’s not unusual for companies to take a go-slow approach after a big expenditure year. Adobe and Oracle bought just two companies each with neither revealing the prices. IBM didn’t buy any.

Microsoft didn’t show up on this year’s list either, but still managed to pick up eight new companies. It was just that none was large enough to make the list (or even for them to publicly reveal the prices). When a publicly traded company doesn’t reveal the price, it usually means that it didn’t reach the threshold of being material to the company’s results.

As always, just because you buy it doesn’t mean it’s always going to integrate smoothly or well, and we won’t know about the success or failure of these transactions for some years to come. For now, we can only look at the deals themselves.

Continue Reading

Technology

Jumia, DHL, and Alibaba will face off in African ecommerce 2.0

The business of selling consumer goods and services online is a relatively young endeavor across Africa, but ecommerce is set to boom. Over the last eight years, the sector has seen its first phase of big VC fundings, startup duels and attrition. To date, scaling e-commerce in Africa has straddled the line of challenge and…

Published

on

Jumia, DHL, and Alibaba will face off in African ecommerce 2.0

The business of selling consumer goods and services online is a relatively young endeavor across Africa, but ecommerce is set to boom.

Over the last eight years, the sector has seen its first phase of big VC fundings, startup duels and attrition.

To date, scaling e-commerce in Africa has straddled the line of challenge and opportunity, perhaps more than any other market in the world. Across major African economies, many of the requisites for online retail — internet access, digital payment adoption, and 3PL delivery options — have been severely lacking.

Still, startups jumped into this market for the chance to digitize a share of Africa’s fast growing consumer spending, expected to top $2 billion by 2025.

African e-commerce 2.0 will include some old and new players, play out across more countries, place more priority on internet services, and see the entry of China.

But before highlighting several things to look out for in the future of digital-retail on the continent, a look back is beneficial.

Jumia vs. Konga

The early years for development of African online shopping largely played out in Nigeria (and to some extent South Africa). Anyone who visited Nigeria from 2012 to 2016 likely saw evidence of one of the continent’s early e-commerce showdowns. Nigeria had its own Coke vs. Pepsi-like duel — a race between ventures Konga and Jumia to out-advertise and out-discount each other in a quest to scale online shopping in Africa’s largest economy and most populous nation.

Traveling in Lagos traffic, large billboards for each startup faced off across the skyline, as their delivery motorcycles buzzed between stopped cars.

Covering each company early on, it appeared a battle of VC attrition. The challenge: who could continue to raise enough capital to absorb the losses of simultaneously capturing and creating an e-commerce market in notoriously difficult conditions.

In addition to the aforementioned challenges, Nigeria also had (and continues to have) shoddy electricity.

Both Konga — founded by Nigerian Sim Shagaya — and Jumia — originally founded by two Nigerians and two Frenchman — were forced to burn capital building fulfillment operations most e-commerce startups source to third parties.

That included their own delivery and payment services (KongaPay and JumiaPay). In addition to sales of goods from mobile-phones to diapers, both startups also began experimenting with verticals for internet based services, such as food-delivery and classifieds.

While Jumia and Konga were competing in Nigeria, there was another VC driven race for e-commerce playing out in South Africa — the continent’s second largest and most advanced economy.

E-tailers Takealot and Kalahari had been jockeying for market share since 2011 after raising capital in the hundreds of millions of dollars from investors Naspers and U.S. fund Tiger Global Management.

So how did things turn out in West and Southern Africa? In 2014, the lead investor of a flailing Kalahari — Naspers — facilitated a merger with Takealot (that was more of an acquisition). They nixed the Kalahari brand in 2016 and bought out Takelot’s largest investor, Tiger Global, in 2018. Takealot is now South Africa’s leading e-commerce site by market share, but only operates in one country.

In Nigeria, by 2016 Jumia had outpaced its rival Konga in Alexa ratings (6 vs 14), while out-raising Konga (with backing of Goldman Sachs) to become Africa’s first VC backed, startup unicorn. By early 2018, Konga was purchased in a distressed acquisition and faded away as a competitor to Jumia.

Jumia went on to expand online goods and services verticals into 14 Africa countries (though it recently exited a few) and in April 2019 raised over $200 million in an NYSE IPO — the first on a major exchange for a VC-backed startup operating in Africa.

Jumia’s had bumpy road since going public — losing significant share-value after a short-sell attack earlier in 2019 — but the continent’s leading e-commerce company still has heap of capital and generates $100 million in revenues (even with losses).

Continue Reading

Technology

Airbnb’s New Year’s Eve guest volume shows its falling growth rate

Hello and welcome back to our regular morning look at private companies, public markets and the gray space in between. It’s finally 2020, the year that should bring us a direct listing from home-sharing giant Airbnb, a technology company valued at tens of billions of dollars. The company’s flotation will be a key event in…

Published

on

Airbnb’s New Year’s Eve guest volume shows its falling growth rate

Hello and welcome back to our regular morning look at private companies, public markets and the gray space in between.

It’s finally 2020, the year that should bring us a direct listing from home-sharing giant Airbnb, a technology company valued at tens of billions of dollars. The company’s flotation will be a key event in this coming year’s technology exit market. Expect the NYSE and Nasdaq to compete for the listing, bankers to queue to take part, and endless media coverage.

Given that that’s ahead, we’re going to take periodic looks at Airbnb as we tick closer to its eventual public market debut. And that means that this morning we’re looking back through time to see how fast the company has grown by using a quirky data point.

Airbnb releases a regular tally of its expected “guest stays” for New Year’s Eve each year, including 2019. We can therefore look back in time, tracking how quickly (or not) Airbnb’s New Year Eve guest tally has risen. This exercise will provide a loose, but fun proxy for the company’s growth as a whole.

The numbers

Before we look into the figures themselves, keep in mind that we are looking at a guest figure which is at best a proxy for revenue. We don’t know the revenue mix of the guest stays, for example, meaning that Airbnb could have seen a 10% drop in per-guest revenue this New Year’s Eve — even with more guest stays — and we’d have no idea.

So, the cliche about grains of salt and taking, please.

But as more guests tends to mean more rentals which points towards more revenue, the New Year’s Eve figures are useful as we work to understand how quickly Airbnb is growing now compared to how fast it grew in the past. The faster the company is expanding today, the more it’s worth. And given recent news that the company has ditched profitability in favor of boosting its sales and marketing spend (leading to sharp, regular deficits in its quarterly results), how fast Airbnb can grow through higher spend is a key question for the highly-backed, San Francisco-based private company.

Here’s the tally of guest stays in Airbnb’s during New Years Eve (data via CNBC, Jon Erlichman, Airbnb), and their resulting year-over-year growth rates:

  • 2009: 1,400
  • 2010: 6,000 (+329%)
  • 2011: 3,1000 (+417%)
  • 2012: 108,000 (248%)
  • 2013: 250,000 (+131%)
  • 2014: 540,000 (+116%)
  • 2015: 1,100,000 (+104%)
  • 2016: 2,000,000 (+82%)
  • 2017: 3,000,000 (+50%)
  • 2018: 3,700,000 (+23%)
  • 2019: 4,500,000 (+22%)

In chart form, that looks like this:

Let’s talk about a few things that stand out. First is that the company’s growth rate managed to stay over 100% for as long as it did. In case you’re a SaaS fan, what Airbnb pulled off in its early years (again, using this fun proxy for revenue growth) was far better than a triple-triple-double-double-double.

Next, the company’s growth rate in percentage terms has slowed dramatically, including in 2019. At the same time the firm managed to re-accelerate its gross guest growth in 2019. In numerical terms, Airbnb added 1,000,000 New Year’s Eve guest stays in 2017, 700,000 in 2018, and 800,000 in 2019. So 2019’s gross adds was not a record, but it was a better result than its year-ago tally.

Continue Reading

Recent Posts