Forum
  1. Forums
  2. KernelCare
  3. KernelCare General Discussion
  1. Mark Spidle
  2. Thursday, January 11, 2018
  3.  Subscribe via email
So I manually did yum clean all && and yum update on my servers that have cloudlinux and kernelcare. They all did install the latest patched version of the cloudlinux kernel.

I am just wondering hwo and when kernelcare switches to the new kernel, or do I need to do an actual reboot?

How long does it take before kernelcare switches to the new kernel?
Rate this post:
  1. 11.01.2018 15:01:22
  2. # 1
Irina Semenova Accepted Answer
Posts: 6
Joined: 05.10.2017
0
Votes
Undo
Could you, please specify your kernel version?
  1. 11.01.2018 15:01:20
  2. # 2
Mark Spidle Accepted Answer
Posts: 4
Joined: 11.01.2018
0
Votes
Undo
Sure here is one but I already ran yum update and I saw that it installed a new cloudlinux kernel

uname -a
Linux XXXX.XXX.XXX 2.6.32-673.26.1.lve1.4.25.el6.x86_64 #1 SMP Wed Apr 5 16:33:01 EDT 2017 x86_64 x86_64 x86_64 GNU/Linux
  1. 11.01.2018 15:01:26
  2. # 3
Mark Spidle Accepted Answer
Posts: 4
Joined: 11.01.2018
0
Votes
Undo
Here is the output of some commands too

/usr/bin/kcarectl --update
Kernel is safe
XXX [~]# /usr/bin/kcarectl --info
kpatch-state: patch is applied
kpatch-for: Linux version 2.6.32-673.26.1.lve1.4.25.el6.x86_64 ([email protected]) (gcc version 4.4.7 20120313 (Red Hat 4.4.7-17) (GCC) ) #1 SMP Wed Apr 5 16:33:01 EDT 2017
kpatch-build-time: Wed Dec 6 05:54:33 2017
kpatch-description: 210-;2.6.32-773.26.1.lve1.4.46.el6
  1. 11.01.2018 15:01:17
  2. # 4
Mark Spidle Accepted Answer
Posts: 4
Joined: 11.01.2018
0
Votes
Undo
Hmm maybe this was an issue, I reran yum update and saw this

Transaction couldn't start:
installing package kernel-1:2.6.32-896.16.1.lve1.4.49.el6.x86_64 needs 2MB on the /boot filesystem

[('installing package kernel-1:2.6.32-896.16.1.lve1.4.49.el6.x86_64 needs 2MB on the /boot filesystem', (9, '/boot', 1265664L))]

But I see
/dev/sda1 190M 125M 56M 70% /boot
  1. 11.01.2018 15:01:56
  2. # 5
Mark Spidle Accepted Answer
Posts: 4
Joined: 11.01.2018
0
Votes
Undo
Hmm after getting yum to update the kernel and running /usr/bin/kcarectl --update I still get

Yum updated kernel to
Installed:
kernel.x86_64 1:2.6.32-896.16.1.lve1.4.49.el6

/usr/bin/kcarectl --info
kpatch-state: patch is applied
kpatch-for: Linux version 2.6.32-673.26.1.lve1.4.25.el6.x86_64 ([email protected]) (gcc version 4.4.7 20120313 (Red Hat 4.4.7-17) (GCC) ) #1 SMP Wed Apr 5 16:33:01 EDT 2017
kpatch-build-time: Wed Dec 6 05:54:33 2017
kpatch-description: 210-;2.6.32-773.26.1.lve1.4.46.el6

XXX [/boot]# /usr/bin/kcarectl --update
Kernel is safe
  1. 16.01.2018 08:01:04
  2. # 6
Posts: 123
Joined: 31.01.2017
0
Votes
Undo
Mark,

KernelCare does not actually "switch" to the newly installed (by yum update) kernel - it is not possible without reboot.
What it does is binary patching the running one so that vulnerable procedures are replaced by patched ones in memory.
That's the reason your system still reports to be running an old kernel when you issue 'uname -r'
At the same time, KernelCare does its patching so that you can see that 'Kernel is safe' in kcarectl output.
  • Page :
  • 1


There are no replies made for this post yet.
Be one of the first to reply to this post!
Guest
Submit Your Response
Upload files or images for this discussion by clicking on the upload button below. Supports gif,jpg,png,zip,rar,pdf
• Remove Upload Files (Maximum File Size: 2 MB)
You may insert polls into your post. The poll would then appear in the post.
Vote Options
Captcha
To protect the site from bots and unauthorized scripts, we require that you enter the captcha codes below before posting your question.