Live kernel patching from Canonical now available for Ubuntu 16.04 LTS

Tom Callway

Tom Callway

on 20 October 2016


We are delighted to announce the availability of a new service for Ubuntu which any user can enable on their current installations – the Canonical Livepatch Service.

This new live kernel patching service can be used on any Ubuntu 16.04 LTS system (using the generic Linux 4.4 kernel) to minimise unplanned downtime and maintain the highest levels of security.

First a bit of background…

Since the release of the Linux 4.0 kernel about 18 months ago, users have been able to patch and update their kernel packages without rebooting. However, until now, no other Linux distribution has offered this feature for free to their users. That changes today with the release of the Canonical Livepatch Service:

  • The Canonical Livepatch Service is available for free to all users up to 3 machines.
  • If you want to enable the Canonical Livepatch Service on more than three machines, please purchase an Ubuntu Advantage support package from or get in touch.

Beyond securing your desktop, server, IoT device or virtual guest, the Canonical Livepatch Service is particularly useful in container environments since every container will share the same kernel.

“Kernel live patching enables runtime correction of critical security issues in your kernel without rebooting. It’s the best way to ensure that machines are safe at the kernel level, while guaranteeing uptime, especially for container hosts where a single machine may be running thousands of different workloads,” says Dustin Kirkland, Ubuntu Product and Strategy for Canonical.

Here’s how to enable the Canonical Livepatch Service today

First, go to the Canonical Livepatch Service portal and retrieve your livepatch token.

Next, install the livepatch ‘Snap’ using the first command below, and then enable your account using the token obtained in the second command below:

sudo snap install canonical-livepatch
sudo canonical-livepatch enable [Token]

That’s it! You’ve just enabled kernel live patching for your Ubuntu system, and you can do that, for free, on two more installations! However, if you want to enable the Canonical Livepatch Service on more than three systems you’ll need to purchase an Ubuntu Advantage support package from as little as $12 per month.

Need a bit more help?

Here’s a quick video to guide you through the steps in less than a minute:

For further details on the Canonical Livepatch Service please read Dustin Kirkland’s useful list of FAQs.

Ubuntu cloud

Ubuntu offers all the training, software infrastructure, tools, services and support you need for your public and private clouds.

Sign up for email updates

Choose the topics you're interested in


Related posts

Canonical helps DeNA lower operational cost of always-on service

DeNA is one of the most popular mobile and online platforms in Japan, offering games, e-commerce, entertainment, healthcare, and automotive services. The always-on DeNA infrastructure is powered by Ubuntu. When Canonical released Livepatch…

Security Team Weekly Summary: December 7, 2017

The Security Team weekly reports are intended to be very short summaries of the Security Team’s weekly activities. If you would like to reach the Security Team, you can find us at the #ubuntu-hardened channel on FreeNode.…

Kernel Team Summary – December 6, 2017

November 21 through December 04 Development (18.04) Every 6 months the Ubuntu Kernel Team is tasked to pick the kernel to be used in the next release. This is a difficult thing to do because we don’t definitively know what will be…