Ksplice

From ArchWiki
Revision as of 18:24, 11 November 2013 by Ruan (Talk | contribs) (Update Ksplice information for new maintained git package, simplify usage instructions, sort links and add Ksplice upstream github page)

Jump to: navigation, search

Ksplice is an open source extension of the Linux kernel which allows system administrators to apply security patches to a running kernel without having to reboot the operating system.

Installation

Install the ksplice-gitAUR package from the Arch User Repository.

Usage

First, you need the kernel source tree for the kernel you are currently running, and some files from the previous kernel build: System.map and .config.

This example makes use of the --diffext option which creates a patch based on the differences between the old and the new source files.

Make a ksplice directory in the kernel source tree, copy System.map over from the previous build, and copy .config into the tree if it is not already in the source tree:

# mkdir -p src/ksplice
# cp System.map src/ksplice
# cp .config src/

Create a ksplice patch and wait for the kernel to rebuild. All files that end with new will be compiled into the ksplice patch. C source files, for example, should end in .cnew as the diffext is appended directly.

# ksplice-create --diffext=new src/

Apply the newly generated patch to the running kernel:

# ksplice-apply ksplice-*.tar.gz

See man pages for ksplice-apply, ksplice-create, ksplice-view, and ksplice-undo.

See also