I already know that there is already canonical livepatch to achieve this but I was thinking whether it is possible to do the patches ourselves without relying on it. The main reason for attempting to play with this is Ubuntu requires snapd and apparmor which the later has problem with ISPConfig 3.1 server setup. This is also because it is limited to critical patches on kernel version and to LTS version which is not necessarily the latest stable kernel or the latest Ubuntu e.g. canonical livepatch only patches 4.15 for Ubuntu 18.04. What I am still trying understand from my readings here and there, is that the patch will only change some files in linux kernel while retaining its version, thus the rebooting is not required. Since the sequence of patching is already described by Ubuntu kernel site, I think all we need to do are proper testings whether the livepatch is actually working the same way. What do you all think about it?
The problem I see is that ISPC tutorials say to remove apparmor, What should be happening is adding the correct configs to allow ISPC to be installed and run instead. I don't know what these would be but I am sure that somebody with some spare time on their hands could install and reinstall applying the apparmor requirements one at a time until the installation runs as it should. This could be a tedious task or it could be simple, i really don't know so maybe not for the feint of heart. This is a post from 2013 in which its stated there are not plans to write the rules as yet. https://www.howtoforge.com/community/threads/how-to-set-up-apparmor-for-ispconfig-3-052.62673/ I think as yet has been and gone and now its time to do so and as part of the install they should be applied.
