From 29124691e99ac66ca57f1a9bb067acf9b9e75b43 Mon Sep 17 00:00:00 2001 From: Dmitri Popov Date: Wed, 13 Mar 2024 10:11:12 +0100 Subject: [PATCH] Update KLP downgrade --- concepts/klp-intro.xml | 8 +++--- tasks/klp-troubleshoot.xml | 51 ++++++++------------------------------ 2 files changed, 14 insertions(+), 45 deletions(-) diff --git a/concepts/klp-intro.xml b/concepts/klp-intro.xml index 9220b591d..a362f95cb 100644 --- a/concepts/klp-intro.xml +++ b/concepts/klp-intro.xml @@ -19,21 +19,21 @@ &klp; (&klpa;) makes it possible to apply the latest security updates to Linux kernels without rebooting. This maximizes system uptime and availability, which is particularly important for mission-critical systems. - As such, &klpa; offers several important benefits. + As such, &klpa; offers several benefits. - Keeping a large number of servers automatically up to date is essential + Keeping a large number of servers automatically up-to-date is essential for organizations obtaining or maintaining certain compliance certifications. &klpa; can help achieve compliance, while reducing the - need for costly maintenance windows. + need for maintenance windows. Companies that work with service-level agreement contracts must - guarantee a specific level of their system accessibility and uptime. + guarantee a certain level of the system accessibility and uptime. Live patching makes it possible to patch systems without incurring downtime. diff --git a/tasks/klp-troubleshoot.xml b/tasks/klp-troubleshoot.xml index 45585b91f..5482dadc0 100644 --- a/tasks/klp-troubleshoot.xml +++ b/tasks/klp-troubleshoot.xml @@ -25,7 +25,7 @@ if different from product section of the output. - Every live patch receives updates for one year from the release of the + Every live patch receives updates for 13 months from the release of the underlying kernel package. The Maintained @@ -35,48 +35,17 @@
- Manual patch downgrade + Downgrading a kernel patch If you find the latest live patch problematic, you can downgrade the - currently installed live patch back to its previous version. We recommend - performing patch downgrade before the system starts exhibiting issues. - Keep in mind that a system with kernel warnings or kernel error traces in - the system log may not be suitable for the patch downgrade procedure. If - you are unsure whether the system meets the requirements for a patch - downgrade, contact SUSE Technical Support for help. + currently installed live patch back to its previous version. Keep in mind + that a system with kernel warnings or kernel error traces in the system + log may not be suitable for the patch downgrade procedure. If you are + unsure whether the system meets the requirements for a patch downgrade, + contact SUSE Technical Support for help. + + + To downgrade the latest kernel patch, use the klp downgrade command. This command automatically detects the version of the latest kernel patch, removes it, and installs the preceding kernel patch. - - Manual patch downgrade - - - Identify the running live patch using the klp -v - patches command. You can see the currently running patch on - the line starting with RPM:. For example: - -RPM: kernel-livepatch-5_3_18-24_29-default-2-2.1.x86_64 - - The 5_3_18-24_29-default in the example above - denotes the exact running kernel version. - - - - - Use the command zypper search -s - kernel-livepatch-RUNNING_KERNEL_VERSION-default - to search for previous versions of the patch. The command returns a - list of available package versions. Keep in mind that for every new - live patch package release, the version number increases by one. Make - sure that you choose the version number one release lower than the - current one. - - - - - Install the desired version with the command zypper in - --oldpackage - kernel-livepatch-RUNNING_KERNEL_VERSION-default=DESIRED_VERSION. - - -