我们正在运行 Ubuntu 18.04.2 Bionic Beaver 主机,新的内核升级和几个安全修复程序刚刚发布。但 livepatching 显示旧内核是安全的,不会尝试实时修补内核。我已经下载并升级了内核升级(参见下面的输出),但尚未重新启动系统。其他人是否获得了实时补丁,或者 Canonical 出了什么问题?
谢谢。
root@efk:~# uname -r
4.15.0-45-generic
root@efk:~# dpkg -l | grep linux-image
ii linux-image-4.15.0-45-generic 4.15.0-45.48 amd64 Signed kernel image generic
ii linux-image-4.15.0-46-generic 4.15.0-46.49 amd64 Signed kernel image generic
ii linux-image-generic 4.15.0.46.48 amd64 Generic Linux kernel image
root@efk:~# canonical-livepatch status
client-version: 8.2.0
architecture: x86_64
cpu-model: Intel(R) Xeon(R) CPU E7-4850 v3 @ 2.20GHz
last-check: 2019-03-07T11:51:30+01:00
boot-time: 2019-02-28T11:12:44+01:00
uptime: 168h39m18s
status:
- kernel: 4.15.0-45.48-generic
running: true
livepatch:
checkState: checked
patchState: nothing-to-apply
version: ""
fixes: ""
root@efk:~# canonical-livepatch refresh
Before refresh:
kernel: 4.15.0-45.48-generic
fully-patched: true
version: ""
After refresh:
kernel: 4.15.0-45.48-generic
fully-patched: true
version: ""
root@efk:~#
为什么 canonical-livepatch 状态显示“patchState:nothing-to-apply”?