With the recent high-profile exploits like CVE-2010-3301 and CVE-2010-3081, keeping your Linux boxes secure is becoming more and more important. Enter the world of Ksplice.
Ksplice is a tool which automatically applies live Kernel updates to a running system so you never have to reboot, ever again. Imagine staying secure with each kernel release and never having to reboot your Linux machine…and yes, it really works!
When you’ve got dozens or more CentOS boxes to install Ksplice on, this single cut-and-paste method lets you do it in one click. Remember to replace ACTUAL_KEY with your Ksplice access key.
rpm -i ksplice-uptrack-release.noarch.rpm
yum -y install uptrack
perl -pi -e 's/INSERT_ACCESS_KEY/ACTUAL_KEY/' /etc/uptrack/uptrack.conf
perl -pi -e 's/autoinstall = no/autoinstall = yes/' /etc/uptrack/uptrack.conf
The code could be easily modified for other flavors of Linux.
Check out www.ksplice.com.