Checking client status

Once canonical-livepatch, the livepatch client, is running on a machine, it will periodically (every hour by default) check for new patches.

To show the current state of the client, run:

$ canonical-livepatch status

This will produce output similar to:

last check: 39 minutes ago
kernel: 4.15.0-156.163-generic
server check-in: succeeded
patch state: ✓ no livepatches needed for this kernel yet
tier: updates (Free usage; This machine beta tests new patches.)
machine id: {alpha-numeric-string}

The patch state line can have one of several values:

  • ⧗ livepatches are installed, but the module is not yet applied
    a new patch has been downloaded and is going to be applied
  • ⧗ patching the kernel
    a patch is currently being applied
  • ✓ no livepatches needed for this kernel yet
  • ✓ all applicable livepatch modules inserted
    the current kernel has applied patches
  • ✗ module inserted but kernel bug detected
    the kernel reported an error after applying the patch
  • ✗ the application caused a crash last time it was applied, check system logs with journalctl -f -t canonical-livepatch
  • ✗ patches are no longer available for this version of the kernel, please upgrade
    the kernel the machine is currently running will no longer receive new patches, it is recommended to upgrade to a new kernel and reboot