DOCSLIB.ORG

Practical Linux Topics

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Binnie BOOKS FOR PROFESSIONALS BY PROFESSIONALS® THE EXPERT’S VOICE® IN LINUX Practical Linux Topics Practical Practical Linux Topics This book teaches you how to improve your hands-on knowledge of Linux using challenging, real-world scenarios. Each chapter explores a topic that has been chosen specifically to demonstrate how to enhance your base Linux system, and resolve important issues. This book enables sysadmins, DevOps engineers, developers, and other technical professionals to make full use of Linux’s rocksteady foundation. Practical Linux Explore specific topics in networking, e-mail, filesystems, encryption, system monitoring, security, servers, and more—including systemd and GPG. Understand salient security concerns and how to mitigate them. Applicable to almost all Linux flavors—Debian, Red Hat, Ubuntu, Linux Mint, CentOS—Power Linux Topics can be used to reference other Unix-type systems Topics with little modification. Improve your practical know-how and background knowledge on servers and workstations alike, increase your ability to troubleshoot and ultimately solve the daily challenges encountered — by all professional Linux users. Empower your Linux skills by adding Power Linux Topics to your library today. Chris Binnie US . ISBN 978-1-4842-1771-9 Shelve in: 54999 Linux/General User level: Intermediate–Advanced 9781484 217719 SOURCE CODE ONLINE www.apress.com Practical Linux Topics Chris Binnie Practical Linux Topics Copyright © 2016 by Chris Binnie This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed. Exempted from this legal reservation are brief excerpts in connection with reviews or scholarly analysis or material supplied specifically for the purpose of being entered and executed on a computer system, for exclusive use by the purchaser of the work. Duplication of this publication or parts thereof is permitted only under the provisions of the Copyright Law of the Publisher’s location, in its current version, and permission for use must always be obtained from Springer. Permissions for use may be obtained through RightsLink at the Copyright Clearance Center. Violations are liable to prosecution under the respective Copyright Law. ISBN-13 (pbk): 978-1-4842-1771-9 IISBN-13 (electronic): 978-1-4842-1772-6 Trademarked names, logos, and images may appear in this book. Rather than use a trademark symbol with every occurrence of a trademarked name, logo, or image we use the names, logos, and images only in an editorial fashion and to the benefit of the trademark owner, with no intention of infringement of the trademark. The use in this publication of trade names, trademarks, service marks, and similar terms, even if they are not identified as such, is not to be taken as an expression of opinion as to whether or not they are subject to proprietary rights. While the advice and information in this book are believed to be true and accurate at the date of publication, neither the authors nor the editors nor the publisher can accept any legal responsibility for any errors or omissions that may be made. The publisher makes no warranty, express or implied, with respect to the material contained herein. Managing Director: Welmoed Spahr Lead Editor: Louise Corrigan Development Editor: James Markham Technical Reviewer: Sander van Vugt Editorial Board: Steve Anglin, Pramila Balen, Louise Corrigan, Jim DeWolf, Jonathan Gennick, Robert Hutchinson, Celestin Suresh John, Michelle Lowman, James Markham, Susan McDermott, Matthew Moodie, Jeffrey Pepper, Douglas Pundick, Ben Renow-Clarke, Gwenan Spearing Coordinating Editor: Jill Balzano Copy Editor: Kezia Endsley Compositor: SPi Global Indexer: SPi Global Artist: SPi Global Distributed to the book trade worldwide by Springer Science+Business Media New York, 233 Spring Street, 6th Floor, New York, NY 10013. Phone 1-800-SPRINGER, fax (201) 348-4505, e-mail [email protected], or visit www.springeronline.com. Apress Media, LLC is a California LLC and the sole member (owner) is Springer Science + Business Media Finance Inc (SSBM Finance Inc). SSBM Finance Inc is a Delaware corporation. For information on translations, please e-mail [email protected], or visit www.apress.com. Apress and friends of ED books may be purchased in bulk for academic, corporate, or promotional use. eBook versions and licenses are also available for most titles. For more information, reference our Special Bulk Sales–eBook Licensing web page at www.apress.com/bulk-sales. Any source code or other supplementary material referenced by the author in this text is available to readers at www.apress.com/. For detailed information about how to locate your book’s source code, go to www.apress.com/source-code/. Dedicated to systems that say, without providing any other details, “There has been an error”, my long-suffering better half, and my two beautiful children, without whom this book would have been finished earlier. Contents at a Glance About the Author .....................................................................................................xv About the Technical Reviewer ...............................................................................xvii Introduction ............................................................................................................xix ■ Chapter 1: Real-Time Network Statistics with Iftop .............................................. 1 ■ Chapter 2: Destroying Sensitive Data .................................................................. 13 ■ Chapter 3: Supercharged systemd ...................................................................... 21 ■ Chapter 4: Zero Downtime Linux ......................................................................... 33 ■ Chapter 5: Get More with Wget............................................................................ 41 ■ Chapter 6: SECURING SSH with PAM .................................................................... 51 ■ Chapter 7: Your Disks, Your Way ......................................................................... 61 ■ Chapter 8: No sFTP Doesn’t Mean No Encryption ................................................ 71 ■ Chapter 9: Making the Most of the Screen Utility ................................................ 83 ■ Chapter 10: Improve Security with SELinux ........................................................ 91 ■ Chapter 11: Nattier Networks ............................................................................ 105 ■ Chapter 12: Keeping Information Private with GPG ........................................... 115 ■ Chapter 13: Get Permission from Your Peers with Sudo ................................... 127 ■ Chapter 14: Loop Disks and Wubi ...................................................................... 135 ■ Appendix A: Hack, Break, Fix ............................................................................. 143 Index ..................................................................................................................... 149 v Contents About the Author .....................................................................................................xv About the Technical Reviewer ...............................................................................xvii Introduction ............................................................................................................xix ■ Chapter 1: Real-Time Network Statistics with Iftop .............................................. 1 Monitoring Network Connections with netstat ����������������������������������������������������������������� 1 Introducing iftop ��������������������������������������������������������������������������������������������������������������� 3 Installing iftop ������������������������������������������������������������������������������������������������������������������ 4 Controlling iftop from the Keyboard ��������������������������������������������������������������������������������� 5 Adding Screen Filters ������������������������������������������������������������������������������������������������������� 8 Using Regular Expressions ����������������������������������������������������������������������������������������������� 8 Listening for Network Traffic ������������������������������������������������������������������������������������������ 10 Changing Filters Can Take Time ������������������������������������������������������������������������������������� 11 Configuring iftop Scenarios �������������������������������������������������������������������������������������������� 11 Using iftop on Busy Routers ������������������������������������������������������������������������������������������� 12 Summary ������������������������������������������������������������������������������������������������������������������������ 12 ■ Chapter 2: Destroying Sensitive Data .................................................................. 13 A Note on Random Data Overwrites and Degaussing ���������������������������������������������������� 13 Using the shred Utility ����������������������������������������������������������������������������������������������������
Recommended publications
  • KDE 2.0 Development, Which Is Directly Supported

    KDE 2.0 Development, Which Is Directly Supported

    23 8911 CH18 10/16/00 1:44 PM Page 401 The KDevelop IDE: The CHAPTER Integrated Development Environment for KDE by Ralf Nolden 18 IN THIS CHAPTER • General Issues 402 • Creating KDE 2.0 Applications 409 • Getting Started with the KDE 2.0 API 413 • The Classbrowser and Your Project 416 • The File Viewers—The Windows to Your Project Files 419 • The KDevelop Debugger 421 • KDevelop 2.0—A Preview 425 23 8911 CH18 10/16/00 1:44 PM Page 402 Developer Tools and Support 402 PART IV Although developing applications under UNIX systems can be a lot of fun, until now the pro- grammer was lacking a comfortable environment that takes away the usual standard activities that have to be done over and over in the process of programming. The KDevelop IDE closes this gap and makes it a joy to work within a complete, integrated development environment, combining the use of the GNU standard development tools such as the g++ compiler and the gdb debugger with the advantages of a GUI-based environment that automates all standard actions and allows the developer to concentrate on the work of writing software instead of managing command-line tools. It also offers direct and quick access to source files and docu- mentation. KDevelop primarily aims to provide the best means to rapidly set up and write KDE software; it also supports extended features such as GUI designing and translation in con- junction with other tools available especially for KDE development. The KDevelop IDE itself is published under the GNU Public License (GPL), like KDE, and is therefore publicly avail- able at no cost—including its source code—and it may be used both for free and for commer- cial development.
  • 实战kdevelop进行linux软件开发 2009-02 V0.1

    实战kdevelop进行linux软件开发 2009-02 V0.1

    实战KDevelop进行Linux软件开发 2009-02 V0.1 实战KDevelop进行Linux软件开发 陈 浩 2009-02 (Ver. 0.1) MSN: [email protected] Linux开发并不高深,我们需要一个新的角度进行近距离接触! 欢迎指正! Horky ([email protected]) 1. 实战KDevelop进行Linux软件开发 2009-02 V0.1 目录 开始之前.................................................................................................................................................................3 第1章 认识KDevelop.............................................................................................................................................4 1.1简单起步 ........................................................................................................................................................4 1.1.1 一个实例 – Hello, Kdevelop! ..............................................................................................................4 1.1.2 KDevelop的项目组织 ............................................................................................................................6 1.1.3 KDevelop的布局 ....................................................................................................................................8 1.1.4 集成调试环境......................................................................................................................................10 1.2配置KDevelop ..............................................................................................................................................11 第2章 应用程序开发 ...........................................................................................................................................14
  • Transparent LAN Service Over Cable

    Transparent LAN Service Over Cable

    Transparent LAN Service over Cable This document describes the Transparent LAN Service (TLS) over Cable feature, which enhances existing Wide Area Network (WAN) support to provide more flexible Managed Access for multiple Internet service provider (ISP) support over a hybrid fiber-coaxial (HFC) cable network. This feature allows service providers to create a Layer 2 tunnel by mapping an upstream service identifier (SID) to an IEEE 802.1Q Virtual Local Area Network (VLAN). Finding Feature Information Your software release may not support all the features documented in this module. For the latest feature information and caveats, see the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the Feature Information Table at the end of this document. Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to http://tools.cisco.com/ITDIT/CFN/. An account on http:// www.cisco.com/ is not required. Contents • Hardware Compatibility Matrix for Cisco cBR Series Routers, page 2 • Prerequisites for Transparent LAN Service over Cable, page 2 • Restrictions for Transparent LAN Service over Cable, page 3 • Information About Transparent LAN Service over Cable, page 3 • How to Configure the Transparent LAN Service over Cable, page 6 • Configuration Examples for Transparent LAN Service over Cable, page 8 • Verifying the Transparent LAN Service over Cable Configuration, page 10 • Additional References, page 11 • Feature Information for Transparent LAN Service over Cable, page 12 Cisco Converged Broadband Routers Software Configuration Guide For DOCSIS 1 Transparent LAN Service over Cable Hardware Compatibility Matrix for Cisco cBR Series Routers Hardware Compatibility Matrix for Cisco cBR Series Routers Note The hardware components introduced in a given Cisco IOS-XE Release are supported in all subsequent releases unless otherwise specified.
  • Ieee 802.1 for Homenet

    Ieee 802.1 for Homenet

    IEEE802.org/1 IEEE 802.1 FOR HOMENET March 14, 2013 IEEE 802.1 for Homenet 2 Authors IEEE 802.1 for Homenet 3 IEEE 802.1 Task Groups • Interworking (IWK, Stephen Haddock) • Internetworking among 802 LANs, MANs and other wide area networks • Time Sensitive Networks (TSN, Michael David Johas Teener) • Formerly called Audio Video Bridging (AVB) Task Group • Time-synchronized low latency streaming services through IEEE 802 networks • Data Center Bridging (DCB, Pat Thaler) • Enhancements to existing 802.1 bridge specifications to satisfy the requirements of protocols and applications in the data center, e.g. • Security (Mick Seaman) • Maintenance (Glenn Parsons) IEEE 802.1 for Homenet 4 Basic Principles • MAC addresses are “identifier” addresses, not “location” addresses • This is a major Layer 2 value, not a defect! • Bridge forwarding is based on • Destination MAC • VLAN ID (VID) • Frame filtering for only forwarding to proper outbound ports(s) • Frame is forwarded to every port (except for reception port) within the frame's VLAN if it is not known where to send it • Filter (unnecessary) ports if it is known where to send the frame (e.g. frame is only forwarded towards the destination) • Quality of Service (QoS) is implemented after the forwarding decision based on • Priority • Drop Eligibility • Time IEEE 802.1 for Homenet 5 Data Plane Today • 802.1Q today is 802.Q-2011 (Revision 2013 is ongoing) • Note that if the year is not given in the name of the standard, then it refers to the latest revision, e.g. today 802.1Q = 802.1Q-2011 and 802.1D
  • Release Notes and Errata

    Release Notes and Errata

    OpenMandriva Lx 4.3rc Release Notes The OpenMandriva Lx teams are pleased to announce the availability of OpenMandriva Lx 4.3rc. Available Media This release is available as a live media DVD or USB flash drive (memory stick), downloadable in ISO format. These are available on our downloads page. USB flash drive installation is usually noticeably faster. As always speed depends on many factors. Live media means you are able to run OpenMandriva Lx straight from a DVD or memory stick (see below) and try it before installing it. You may also install the system to hard disk either from the running live image or from the boot manager. Available ISO files are: •x86_64 KDE Plasma desktop full featured (includes the most common used functionalities, multimedia and office software). •znver1 Plasma: we have also built a version specifically for current AMD processors (Ryzen, ThreadRipper, EPYC) that outperforms the generic (x86_64) version by taking advantage of new features in those processors. znver1 is for the listed processors (Ryzen, ThreadRipper, EPYC) only, do not install on any other hardware. Installable images are offered for the Pinebook Pro, Raspberry Pi 4B, Raspberry Pi 3B+, Synquacer, Cubox Pulse and generic UEFI compatible devices (such as most aarch64 server boards) System requirements OpenMandriva Lx 4.3 requires at least 2048 MB of memory and at least 10 GB of hard drive space (see below for known issues with partitioning). Important Note: Graphics Hardware: The KDE Plasma Desktop requires a 3D graphics card that supports OpenGL 2.0 or above. We recommend using AMD, Intel, Adreno or VC4 graphics chips.
  • 101 Useful Linux Commands - Haydenjames.Io

    101 Useful Linux Commands - Haydenjames.Io

    101 Useful Linux Commands - haydenjames.io Some of these commands require elevated permissions (sudo) to run. Enjoy! 1. Execute the previous command used: !! 2. Execute a previous command starting with a specific letter. Example: !s 3. Short way to copy or backup a file before you edit it. For example, copy nginx.conf cp nginx.conf{,.bak} 4. Toggle between current directory and last directory cd - 5. Move to parent (higher level) directory. Note the space! cd .. 6. Go to home directory cd ~ 7. Go to home directory cd $HOME 8. Go to home directory (when used alone) cd 9. Set permissions to 755. Corresponds to these permissions: (-rwx-r-x-r-x), arranged in this sequence: (owner-group-other) chmod 755 <filename> 10. Add execute permission to all users. chmod a+x <filename> 11. Changes ownership of a file or directory to . chown <username> 12. Make a backup copy of a file (named file.backup) cp <file> <file>.backup 13. Copy file1, use it to create file2 cp <file1> <file2> 14. Copy directory1 and all its contents (recursively) into directory2 cp -r <directory1> <directory2>/ 15. Display date date 16. Zero the sdb drive. You may want to use GParted to format the drive afterward. You need elevated permissions to run this (sudo). dd if=/dev/zero of=/dev/sdb 17. Display disk space usage df -h 18. Take detailed messages from OS and input to text file dmesg>dmesg.txt 19. Display a LOT of system information. I usually pipe output to less. You need elevated permissions to run this (sudo).
  • STATEMENT of WORK: SGS File System

    STATEMENT of WORK: SGS File System

    ATTACHMENT A STATEMENT OF WORK: SGS File System DOE National Nuclear Security Administration & the DOD Maryland Office April 25, 2001 File Systems SOW April 25, 2001 Table of Contents TABLE OF CONTENTS ..................................................................................................................................2 1.0 OVERVIEW.................................................................................................................................................4 1.1 INTRODUCTION ..........................................................................................................................................4 2.0 MOTIVATION ............................................................................................................................................5 2.1 THE NEED FOR IMPROVED FILE SYSTEMS .................................................................................................5 2.2 I/O CHARACTERIZATION OF IMPORTANT APPLICATIONS...........................................................................6 2.3 CURRENT AND PROJECTED ENVIRONMENTS AT LLNL, LANL, SANDIA, AND THE DOD .........................6 2.4 SUMMARY OF FIVE TECHNOLOGY CATEGORIES ........................................................................................9 3.0 MINIMUM REQUIREMENTS (GO/NO-GO CRITERIA)..................................................................12 3.1 POSIX-LIKE INTERFACE [MANDATORY]........................................................................................12 3.2 INTEGRATION
  • Fast and Scalable VMM Live Upgrade in Large Cloud Infrastructure

    Fast and Scalable VMM Live Upgrade in Large Cloud Infrastructure

    Fast and Scalable VMM Live Upgrade in Large Cloud Infrastructure Xiantao Zhang Xiao Zheng Zhi Wang Alibaba Group Alibaba Group Florida State University [email protected] [email protected] [email protected] Qi Li Junkang Fu Yang Zhang Tsinghua University Alibaba Group Alibaba Group [email protected] [email protected] [email protected] Yibin Shen Alibaba Group [email protected] Abstract hand over passthrough devices to the new KVM instance High availability is the most important and challenging prob- without losing any ongoing (DMA) operations. Our evalua- lem for cloud providers. However, virtual machine mon- tion shows that Orthus can reduce the total migration time itor (VMM), a crucial component of the cloud infrastruc- and downtime by more than 99% and 90%, respectively. We ture, has to be frequently updated and restarted to add secu- have deployed Orthus in one of the largest cloud infrastruc- rity patches and new features, undermining high availabil- tures for a long time. It has become the most effective and ity. There are two existing live update methods to improve indispensable tool in our daily maintenance of hundreds of the cloud availability: kernel live patching and Virtual Ma- thousands of servers and millions of VMs. chine (VM) live migration. However, they both have serious CCS Concepts • Security and privacy → Virtualization drawbacks that impair their usefulness in the large cloud and security; • Computer systems organization → Avail- infrastructure: kernel live patching cannot handle complex ability. changes (e.g., changes to persistent data structures); and VM live migration may incur unacceptably long delays when Keywords virtualization; live upgrade; cloud infrastructure migrating millions of VMs in the whole cloud, for example, ACM Reference Format: to deploy urgent security patches.
  • Linux Pocket Guide.Pdf

    Linux Pocket Guide.Pdf

    3rd Edition Linux Pocket Guide ESSENTIAL COMMANDS Daniel J. Barrett 3RD EDITION Linux Pocket Guide Daniel J. Barrett Linux Pocket Guide by Daniel J. Barrett Copyright © 2016 Daniel Barrett. All rights reserved. Printed in the United States of America. Published by O’Reilly Media, Inc., 1005 Gravenstein Highway North, Sebasto‐ pol, CA 95472. O’Reilly books may be purchased for educational, business, or sales promo‐ tional use. Online editions are also available for most titles (http://safaribook‐ sonline.com). For more information, contact our corporate/institutional sales department: 800-998-9938 or [email protected]. Editor: Nan Barber Production Editor: Nicholas Adams Copyeditor: Jasmine Kwityn Proofreader: Susan Moritz Indexer: Daniel Barrett Interior Designer: David Futato Cover Designer: Karen Montgomery Illustrator: Rebecca Demarest June 2016: Third Edition Revision History for the Third Edition 2016-05-27: First Release See http://oreilly.com/catalog/errata.csp?isbn=9781491927571 for release details. The O’Reilly logo is a registered trademark of O’Reilly Media, Inc. Linux Pocket Guide, the cover image, and related trade dress are trademarks of O’Reilly Media, Inc. While the publisher and the author have used good faith efforts to ensure that the information and instructions contained in this work are accurate, the publisher and the author disclaim all responsibility for errors or omissions, including without limitation responsibility for damages resulting from the use of or reliance on this work. Use of the information and instructions contained in this work is at your own risk. If any code samples or other technology this work contains or describes is subject to open source licenses or the intellec‐ tual property rights of others, it is your responsibility to ensure that your use thereof complies with such licenses and/or rights.
  • Introduction to Computer Concepts

    Introduction to Computer Concepts

    MANAGING PUBLIC SECTOR RECORDS A Training Programme Understanding Computers: An Overview for Records and Archives Staff INTERNATIONAL INTERNATIONAL RECORDS COUNCIL ON ARCHIVES MANAGEMENT TRUST MANAGING PUBLIC SECTOR RECORDS: A STUDY PROGRAMME UNDERSTANDING COMPUTERS: AN OVERVIEW FOR RECORDS AND ARCHIVES STAFF MANAGING PUBLIC SECTOR RECORDS A STUDY PROGRAMME General Editor, Michael Roper; Managing Editor, Laura Millar UNDERSTANDING COMPUTERS: AN OVERVIEW FOR RECORDS AND ARCHIVES STAFF INTERNATIONAL RECORDS INTERNATIONAL MANAGEMENT TRUST COUNCIL ON ARCHIVES MANAGING PUBLIC SECTOR RECORDS: A STUDY PROGRAMME Understanding Computers: An Overview for Records and Archives Staff © International Records Management Trust, 1999. Reproduction in whole or in part, without the express written permission of the International Records Management Trust, is strictly prohibited. Produced by the International Records Management Trust 12 John Street London WC1N 2EB UK Printed in the United Kingdom. Inquiries concerning reproduction or rights and requests for additional training materials should be addressed to International Records Management Trust 12 John Street London WC1N 2EB UK Tel: +44 (0) 20 7831 4101 Fax: +44 (0) 20 7831 7404 E-mail: [email protected] Website: http://www.irmt.org Version 1/1999 MPSR Project Personnel Project Director Anne Thurston has been working to define international solutions for the management of public sector records for nearly three decades. Between 1970 and 1980 she lived in Kenya, initially conducting research and then as an employee of the Kenya National Archives. She joined the staff of the School of Library, Archive and Information Studies at University College London in 1980, where she developed the MA course in Records and Archives Management (International) and a post-graduate research programme.
  • Winreporter Documentation

    Winreporter Documentation

    WinReporter documentation Table Of Contents 1.1 WinReporter overview ............................................................................................... 1 1.1.1.................................................................................................................................... 1 1.1.2 Web site support................................................................................................. 1 1.2 Requirements.............................................................................................................. 1 1.3 License ....................................................................................................................... 1 2.1 Welcome to WinReporter........................................................................................... 2 2.2 Scan requirements ...................................................................................................... 2 2.3 Simplified Wizard ...................................................................................................... 3 2.3.1 Simplified Wizard .............................................................................................. 3 2.3.2 Computer selection............................................................................................. 3 2.3.3 Validate .............................................................................................................. 4 2.4 Advanced Wizard....................................................................................................... 5 2.4.1
  • Live Kernel Patching Using Kgraft

    Live Kernel Patching Using Kgraft

    SUSE Linux Enterprise Server 12 SP4 Live Kernel Patching Using kGraft SUSE Linux Enterprise Server 12 SP4 This document describes the basic principles of the kGraft live patching technology and provides usage guidelines for the SLE Live Patching service. kGraft is a live patching technology for runtime patching of the Linux kernel, without stopping the kernel. This maximizes system uptime, and thus system availability, which is important for mission-critical systems. By allowing dynamic patching of the kernel, the technology also encourages users to install critical security updates without deferring them to a scheduled downtime. A kGraft patch is a kernel module, intended for replacing whole functions in the kernel. kGraft primarily oers in-kernel infrastructure for integration of the patched code with base kernel code at runtime. SLE Live Patching is a service provided on top of regular SUSE Linux Enterprise Server maintenance. kGraft patches distributed through SLE Live Patching supplement regular SLES maintenance updates. Common update stack and procedures can be used for SLE Live Patching deployment. Publication Date: 09/24/2021 Contents 1 Advantages of kGraft 3 2 Low-level Function of kGraft 3 1 Live Kernel Patching Using kGraft 3 Installing kGraft Patches 4 4 Patch Lifecycle 6 5 Removing a kGraft Patch 6 6 Stuck Kernel Execution Threads 6 7 The kgr Tool 7 8 Scope of kGraft Technology 7 9 Scope of SLE Live Patching 8 10 Interaction with the Support Processes 8 11 GNU Free Documentation License 8 2 Live Kernel Patching Using kGraft 1 Advantages of kGraft Live kernel patching using kGraft is especially useful for quick response in emergencies (when serious vulnerabilities are known and should be xed when possible or there are serious system stability issues with a known x).