To make the review of your request easier, please use the following template to provide all the required details and also include any other information that may be relevant.
-
name: canonical-livepatch
-
description: Canonical Livepatch patches high and critical linux kernel vulnerabilities removing the immediate need to reboot to upgrade the kernel, instead allowing the downtime to be scheduled. It is a part of the Ubuntu Pro offering.
The Canonical Livepatch Client is an application that runs on your machine and periodically checks for patches.
See our docs at https://ubuntu.com/security/livepatch/docs/livepatch
-
snapcraft: N/A
-
upstream: PRIVATE
-
upstream-relation: The livepatch team in Comsys.
-
interfaces:
- log-observe:
- request-type: auto-connection
- reasoning: The livepatch team are implementing a new procedure for monitoring system health after a patch is loaded into the kernel. We need to stream kernel logs from
/dev/kmsgto look for errors, bug, and success logs after patch insertion. To read from this character device, we need the log-observe interface. This will allow the client to detect patch application issues with a higher grade of accuracy and improve observability for patch health. Because users of livepatch enable the client as a background process, possibly on many machines, we need this interface to be auto-connected as it cannot be realistically connected manually.
- log-observe: