来自维基百科的快速模糊:
Ksplice is a free and open source extension of the Linux kernel which allows system administrators to apply security patches to a running kernel without having to reboot the operating system.
和
Ksplice can,without restarting the kernel,apply any source code patch that only needs to modify the kernel code. Unlike other hot update systems,Ksplice takes as input only a unified diff and the original kernel source code,and it updates the running kernel correctly,with no further human assistance required. Additionally,taking advantage of Ksplice does not require any preparation before the system is originally booted (the running kernel does not need to have been specially compiled,for example). In order to generate an update,Ksplice must determine what code within the kernel has been changed by the source code patch.
所以有几个问题:
稳定性如何?您在内核的“无重启实时修补”中遇到的任何奇怪问题?内核恐慌或恐怖故事?
我一直在几个测试系统上运行它,到目前为止它一直在宣传,但我感兴趣的是其他系统管理员在使用Ksplice之前的经验,然后再“全部”并在我们的生产服务器上进行部署.
那么,有人在生产中使用Kspice吗?
更新:嗯,几个小时之后没有在这个问题上看到任何真正的活动(除了一些赞成和赞成).也许是为了引发一些活动,我还会问一些问题,看看我们是否可以进行这样的讨论……
“如果你知道Ksplice,你有没有理由不使用它?”
“你觉得它仍然过于尖锐,未经证实或未经测试?”
“Ksplice不适合你当前的补丁管理系统吗?”
“你讨厌拥有长时间(和安全)正常运行时间的系统吗?”