diff --git a/404.html b/404.html
index 78f794ae..1740ba65 100644
--- a/404.html
+++ b/404.html
@@ -39,10 +39,10 @@
                     })();
                   </script><title></title><meta name="description" content="">
     <link rel="preload" href="/assets/style-9d49d80e.css" as="style"><link rel="stylesheet" href="/assets/style-9d49d80e.css">
-    <link rel="modulepreload" href="/assets/app-566f9dfe.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/404.html-e0575d4e.js"><link rel="modulepreload" href="/assets/404.html-3b82156f.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-b5822e8c.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-a217ad23.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
+    <link rel="modulepreload" href="/assets/app-eec13f0a.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/404.html-3b82156f.js"><link rel="modulepreload" href="/assets/404.html-e0575d4e.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-8a6bcf47.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-04b3e155.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
   </head>
   <body>
     <div id="app"><!--[--><div class="theme-container"></div><!----><!--]--></div>
-    <script type="module" src="/assets/app-566f9dfe.js" defer></script>
+    <script type="module" src="/assets/app-eec13f0a.js" defer></script>
   </body>
 </html>
diff --git a/assets/app-566f9dfe.js b/assets/app-eec13f0a.js
similarity index 99%
rename from assets/app-566f9dfe.js
rename to assets/app-eec13f0a.js
index 111bf45d..361ea1cd 100644
--- a/assets/app-566f9dfe.js
+++ b/assets/app-eec13f0a.js
@@ -1,3 +1,3 @@
-import{d as T,r as k,a as ot,b as at,i as se,c as rt,e as it,f as lt,g as ve,h as nt,j as ct,o as J,k as E,l as z,m as C,_ as A,n,p as d,q as p,u as w,t as V,F as I,s as B,v as L,w as j,x as me,y as _e,R as ut,z as O,A as W,B as D,T as de,C as S,D as re,E as ie,G as dt,H as N,I as q,J as M,K as ue,L as ye,M as pt,N as Y,O as Q,P,Q as ht,S as G,U as Be,V as oe,W as ft,X as vt,Y as mt,Z as _t,$ as He,a0 as gt,a1 as bt,a2 as yt,a3 as wt,a4 as St,a5 as Lt,a6 as Ot}from"./framework-0ba8e1ea.js";const Et="modulepreload",Dt=function(e){return"/"+e},Ve={},b=function(t,s,o){if(!s||s.length===0)return t();const a=document.getElementsByTagName("link");return Promise.all(s.map(r=>{if(r=Dt(r),r in Ve)return;Ve[r]=!0;const i=r.endsWith(".css"),l=i?'[rel="stylesheet"]':"";if(!!o)for(let f=a.length-1;f>=0;f--){const _=a[f];if(_.href===r&&(!i||_.rel==="stylesheet"))return}else if(document.querySelector(`link[href="${r}"]${l}`))return;const u=document.createElement("link");if(u.rel=i?"stylesheet":Et,i||(u.as="script",u.crossOrigin=""),u.href=r,document.head.appendChild(u),i)return new Promise((f,_)=>{u.addEventListener("load",f),u.addEventListener("error",()=>_(new Error(`Unable to preload CSS for ${r}`)))})})).then(()=>t())},Le={"v-8daa1a0e":()=>b(()=>import("./index.html-e8171bcc.js"),[]).then(({data:e})=>e),"v-b0d2ea62":()=>b(()=>import("./index.html-dd83167f.js"),[]).then(({data:e})=>e),"v-89bfb992":()=>b(()=>import("./index.html-c138238f.js"),[]).then(({data:e})=>e),"v-1b6f4a0a":()=>b(()=>import("./index.html-ae0b2092.js"),[]).then(({data:e})=>e),"v-6c1fb884":()=>b(()=>import("./index.html-998f6864.js"),[]).then(({data:e})=>e),"v-cadd6498":()=>b(()=>import("./index.html-3b4a4f38.js"),[]).then(({data:e})=>e),"v-2d0a9a10":()=>b(()=>import("./index.html-092f14d9.js"),[]).then(({data:e})=>e),"v-33720eeb":()=>b(()=>import("./index.html-e1c111f0.js"),[]).then(({data:e})=>e),"v-37e5fb86":()=>b(()=>import("./index.html-b5822e8c.js"),[]).then(({data:e})=>e),"v-c271a6b2":()=>b(()=>import("./index.html-448a5efa.js"),[]).then(({data:e})=>e),"v-2f5e7500":()=>b(()=>import("./index.html-6c9650cc.js"),[]).then(({data:e})=>e),"v-1f847a28":()=>b(()=>import("./index.html-55653af3.js"),[]).then(({data:e})=>e),"v-ec0cad0c":()=>b(()=>import("./index.html-a16753b4.js"),[]).then(({data:e})=>e),"v-52e27964":()=>b(()=>import("./index.html-71fb4d10.js"),[]).then(({data:e})=>e),"v-c05bf2be":()=>b(()=>import("./index.html-bfb306f5.js"),[]).then(({data:e})=>e),"v-3d707372":()=>b(()=>import("./index.html-04265117.js"),[]).then(({data:e})=>e),"v-7d514c7d":()=>b(()=>import("./index.html-c09eba5b.js"),[]).then(({data:e})=>e),"v-50c7132c":()=>b(()=>import("./index.html-45ca0bbf.js"),[]).then(({data:e})=>e),"v-fd036ae2":()=>b(()=>import("./index.html-070c63b3.js"),[]).then(({data:e})=>e),"v-03bf6597":()=>b(()=>import("./index.html-270136ce.js"),[]).then(({data:e})=>e),"v-b8319282":()=>b(()=>import("./index.html-e424f433.js"),[]).then(({data:e})=>e),"v-3706649a":()=>b(()=>import("./404.html-e0575d4e.js"),[]).then(({data:e})=>e)},$t=JSON.parse(`{"base":"/","lang":"en-US","title":"","description":"","head":[["script",{"type":"text/javascript","charset":"UTF-8","src":"//cdn.cookie-script.com/s/c9f81de32507a4fec1eb03ee80d0f0ed.js"}],["script",{"type":"text/javascript","id":"hs-script-loader","async":true,"defer":true,"src":"//js.hs-scripts.com/5408110.js"}],["script",{},"\\n              (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':\\n              new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],\\n              j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src=\\n              'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);\\n              })(window,document,'script','dataLayer','GTM-5BSW555');\\n              "],["script",{},"\\n      (function() {\\n        var routes = {\\"/almacare/\\":\\"/enterprise-support-for-almalinux/\\",\\"/service-descriptions/#almacare\\":\\"/enterprise-support-for-almalinux/#essential-and-enhanced-support\\",\\"/eportal/#almacare-cybersecurity-patch-management\\":\\"/eportal/#live-patching-for-almalinux-kernelcare-and-libcare-management\\",\\"/eportal/#deploying-almacare-almacare-cybersecurity\\":\\"/eportal/#deploying-essential-support-live-patching-for-almalinux\\"};\\n    \\n        for (var route_url in routes) {\\n          if (window.location.href.indexOf(route_url) !== -1) {\\n            window.location.href = routes[route_url];\\n          }\\n        }\\n      })();\\n      "],["script",{},"\\n                    (function() {\\n                      // Trigger the scroll event without actually scrolling\\n                      function triggerScrollEvent() {\\n                        const targetElement = window;\\n                        const scrollEvent = new Event('scroll', {\\n                          bubbles: true,\\n                          cancelable: true,\\n                        });\\n                        targetElement.dispatchEvent(scrollEvent);\\n                      }\\n              \\n                      // Call the triggerScrollEvent and scrollBodyDown functions after the page is fully loaded\\n                      window.addEventListener('load', () => {\\n                        triggerScrollEvent();\\n                      });\\n                    })();\\n                  "]],"locales":{}}`),je={"v-8daa1a0e":T(()=>b(()=>import("./index.html-84b523eb.js"),["assets/index.html-84b523eb.js","assets/framework-0ba8e1ea.js"])),"v-b0d2ea62":T(()=>b(()=>import("./index.html-3565e0af.js"),["assets/index.html-3565e0af.js","assets/framework-0ba8e1ea.js"])),"v-89bfb992":T(()=>b(()=>import("./index.html-da6a5cef.js"),["assets/index.html-da6a5cef.js","assets/sso_eportal-cc19d109.js","assets/eportal-qemu-feed-7c9efdb9.js","assets/framework-0ba8e1ea.js"])),"v-1b6f4a0a":T(()=>b(()=>import("./index.html-8e531858.js"),["assets/index.html-8e531858.js","assets/framework-0ba8e1ea.js"])),"v-6c1fb884":T(()=>b(()=>import("./index.html-2bee62b8.js"),["assets/index.html-2bee62b8.js","assets/framework-0ba8e1ea.js"])),"v-cadd6498":T(()=>b(()=>import("./index.html-6fea13c2.js"),["assets/index.html-6fea13c2.js","assets/framework-0ba8e1ea.js"])),"v-2d0a9a10":T(()=>b(()=>import("./index.html-5be4a58a.js"),["assets/index.html-5be4a58a.js","assets/framework-0ba8e1ea.js"])),"v-33720eeb":T(()=>b(()=>import("./index.html-f8b8c896.js"),["assets/index.html-f8b8c896.js","assets/framework-0ba8e1ea.js"])),"v-37e5fb86":T(()=>b(()=>import("./index.html-a217ad23.js"),["assets/index.html-a217ad23.js","assets/uchecker-31d683fa.js","assets/eportal-qemu-feed-7c9efdb9.js","assets/framework-0ba8e1ea.js"])),"v-c271a6b2":T(()=>b(()=>import("./index.html-822dc78a.js"),["assets/index.html-822dc78a.js","assets/framework-0ba8e1ea.js"])),"v-2f5e7500":T(()=>b(()=>import("./index.html-c2cc080f.js"),["assets/index.html-c2cc080f.js","assets/framework-0ba8e1ea.js"])),"v-1f847a28":T(()=>b(()=>import("./index.html-f2b36c2b.js"),["assets/index.html-f2b36c2b.js","assets/reports-c7f76afe.js","assets/framework-0ba8e1ea.js"])),"v-ec0cad0c":T(()=>b(()=>import("./index.html-63823c79.js"),["assets/index.html-63823c79.js","assets/framework-0ba8e1ea.js"])),"v-52e27964":T(()=>b(()=>import("./index.html-527a5e84.js"),["assets/index.html-527a5e84.js","assets/sso_eportal-cc19d109.js","assets/eportal-qemu-feed-7c9efdb9.js","assets/framework-0ba8e1ea.js"])),"v-c05bf2be":T(()=>b(()=>import("./index.html-1738772c.js"),["assets/index.html-1738772c.js","assets/framework-0ba8e1ea.js"])),"v-3d707372":T(()=>b(()=>import("./index.html-3e49682f.js"),["assets/index.html-3e49682f.js","assets/framework-0ba8e1ea.js"])),"v-7d514c7d":T(()=>b(()=>import("./index.html-815d4f25.js"),["assets/index.html-815d4f25.js","assets/framework-0ba8e1ea.js"])),"v-50c7132c":T(()=>b(()=>import("./index.html-84c31207.js"),["assets/index.html-84c31207.js","assets/framework-0ba8e1ea.js"])),"v-fd036ae2":T(()=>b(()=>import("./index.html-862975e7.js"),["assets/index.html-862975e7.js","assets/uchecker-31d683fa.js","assets/eportal-qemu-feed-7c9efdb9.js","assets/framework-0ba8e1ea.js"])),"v-03bf6597":T(()=>b(()=>import("./index.html-9a9ef1ef.js"),["assets/index.html-9a9ef1ef.js","assets/framework-0ba8e1ea.js"])),"v-b8319282":T(()=>b(()=>import("./index.html-c0147096.js"),["assets/index.html-c0147096.js","assets/reports-c7f76afe.js","assets/framework-0ba8e1ea.js"])),"v-3706649a":T(()=>b(()=>import("./404.html-3b82156f.js"),["assets/404.html-3b82156f.js","assets/framework-0ba8e1ea.js"]))};var Vt=Symbol(""),kt=k(Le),Fe=ot({key:"",path:"",title:"",lang:"",frontmatter:{},headers:[]}),X=k(Fe),Z=()=>X,We=Symbol(""),ne=()=>{const e=C(We);if(!e)throw new Error("usePageFrontmatter() is called without provider.");return e},Ne=Symbol(""),xt=()=>{const e=C(Ne);if(!e)throw new Error("usePageHead() is called without provider.");return e},At=Symbol(""),Ge=Symbol(""),Ke=()=>{const e=C(Ge);if(!e)throw new Error("usePageLang() is called without provider.");return e},qe=Symbol(""),Tt=()=>{const e=C(qe);if(!e)throw new Error("usePageLayout() is called without provider.");return e},Ue=Symbol(""),ze=()=>{const e=C(Ue);if(!e)throw new Error("useRouteLocale() is called without provider.");return e},le=k($t),Pt=Symbol(""),Ct=Symbol(""),Rt="Layout",It="NotFound",U=at({resolveLayouts:e=>e.reduce((t,s)=>({...t,...s.layouts}),{}),resolvePageData:async e=>{const t=kt.value[e];return await(t==null?void 0:t())??Fe},resolvePageFrontmatter:e=>e.frontmatter,resolvePageHead:(e,t,s)=>{const o=se(t.description)?t.description:s.description,a=[...rt(t.head)?t.head:[],...s.head,["title",{},e],["meta",{name:"description",content:o}]];return it(a)},resolvePageHeadTitle:(e,t)=>[e.title,t.title].filter(s=>!!s).join(" | "),resolvePageLang:e=>e.lang||"en",resolvePageLayout:(e,t)=>{let s;if(e.path){const o=e.frontmatter.layout;se(o)?s=o:s=Rt}else s=It;return t[s]},resolveRouteLocale:(e,t)=>lt(e,t),resolveSiteLocaleData:(e,t)=>({...e,...e.locales[t]})}),Mt=ve({name:"ClientOnly",setup(e,t){const s=k(!1);return J(()=>{s.value=!0}),()=>{var o,a;return s.value?(a=(o=t.slots).default)==null?void 0:a.call(o):null}}}),Bt=ve({name:"Content",props:{pageKey:{type:String,required:!1,default:""}},setup(e){const t=Z(),s=E(()=>je[e.pageKey||t.value.key]);return()=>s.value?z(s.value):z("div","404 Not Found")}}),Ht=(e={})=>e,F=e=>nt(e)?e:`/${ct(e)}`;const jt={enhance:({app:e})=>{}};function Ft(e){return{all:e=e||new Map,on:function(t,s){var o=e.get(t);o?o.push(s):e.set(t,[s])},off:function(t,s){var o=e.get(t);o&&(s?o.splice(o.indexOf(s)>>>0,1):e.set(t,[]))},emit:function(t,s){var o=e.get(t);o&&o.slice().map(function(a){a(s)}),(o=e.get("*"))&&o.slice().map(function(a){a(t,s)})}}}const Wt={class:"footer__img"},Nt=["href"],Gt=["src","alt"],Kt={class:"footer-company-title"},qt={class:"social"},Ut={class:"social_links"},zt=["href"],Jt={class:"footer-social-text"},Xt={class:"social-icons-wrapper"},Yt=["href"],Qt=["src"],Zt={__name:"Footer",setup(e){const{social:t,cloudlinuxSite:s,footerCustomLogo:o,footerCustomAltText:a,locales:r}=C("themeConfig"),i=ne(),l=E(()=>new Date().getFullYear()),c=E(()=>i.value.layout==="HomeLayout");return(u,f)=>(n(),d("div",{class:j(["footer",{"footer-default-layout":!c.value}])},[p("div",Wt,[p("a",{href:w(s)},[p("img",{src:w(F)(w(o)),alt:w(a)},null,8,Gt)],8,Nt)]),p("div",Kt,V(l.value)+". CloudLinux Inc ",1),p("div",qt,[p("div",Ut,[(n(!0),d(I,null,B(w(r).bottomLinks,_=>(n(),d("a",{href:_.url,target:"_blank"},V(_.text),9,zt))),256))]),p("span",Jt,V(w(r).stayInTouch),1),p("div",Xt,[(n(!0),d(I,null,B(w(t),_=>(n(),d("a",{class:"social-icons-link",href:_==null?void 0:_.url,target:"_blank"},[_.icon?(n(),d("img",{key:0,class:"social-icons-link-img",src:w(F)(_==null?void 0:_.icon),alt:"footer logo"},null,8,Qt)):L("v-if",!0)],8,Yt))),256))])])],2))}},pe=A(Zt,[["__scopeId","data-v-0190e83e"],["__file","Footer.vue"]]),Oe=/#.*$/,es=/\.(md|html)$/,te=/\/$/,we=/^(https?:|mailto:|tel:)/;function ae(e){return decodeURI(e).replace(Oe,"").replace(es,"")}function ts(e){const t=e==null?void 0:e.match(Oe);if(t)return t[0]}function ss(e){return we.test(e)}function os(e){if(ss(e))return e;const t=e==null?void 0:e.match(Oe),s=t?t[0]:"",o=ae(e);return te.test(o)?e:o+".html"+s}function he(e,t){const s=e.hash,o=ts(t);if(o&&s!==o)return!1;const a=ae(e.path),r=ae(t);return a===r}function fe(e,t,s){s&&(t=as(t,s));const o=ae(t);for(let a=0;a<e.length;a++)if(ae(e[a].path)===o)return Object.assign({},e[a],{type:"page",path:os(t),relativePath:`${t.slice(1)}README.md`,regularPath:t});return null}function as(e,t,s){const o=e.charAt(0);if(o==="/")return e;if(o==="?"||o==="#")return t+e;const a=t.split("/");(!s||!a[a.length-1])&&a.pop();const r=e.replace(/^\//,"").split("/");for(let i=0;i<r.length;i++){const l=r[i];l===".."?a.pop():l!=="."&&a.push(l)}return a[0]!==""&&a.unshift(""),a.join("/")}function Je(e,t,s){const{locales:o}=C("themeConfig"),{base:a,config:r}=is(t,o.sidebar);return r?r.map(i=>Xe(i,s,a)):[]}function rs(e){e=e.map(s=>Object.assign({},JSON.parse(JSON.stringify(s))));let t;return e.forEach(s=>{s.level!==1?t=s:t&&(t.children||(t.children=[])).push(s)}),e.filter(s=>s.level!==1)}function is(e,t){if(Array.isArray(t))return{base:"/",config:t};for(const s in t)if(ls(e.path).indexOf(s)===0)return{base:s,config:t[s]};return null}function ls(e){return/(\.html|\/)$/.test(e)?e:e+"/"}function Xe(e,t,s,o){if(typeof e=="string")return fe(t,e,s);if(Array.isArray(e))return Object.assign(fe(t,e[0],s),{title:e[1]});{o&&console.error("[vuepress] Nested sidebar groups are not supported. Consider using navbar + categories instead.");const a=e.children||[];return{type:"group",title:e.title,children:a.map(r=>Xe(r,t,s,!0)),collapsable:e.collapsable!==!1}}}const ns={functional:!0,props:["item","closeSidebarDrawer"],render({item:e,closeSidebarDrawer:t}){var f,_;if(!e)return;const s=Z(),o=me(),a=_e(),r=he(o,e==null?void 0:e.path),i=(e==null?void 0:e.type)==="auto"?r||e.children.some(g=>he(o,e.basePath+"#"+g.slug)):r,l=cs(z,e==null?void 0:e.path,e.title||(e==null?void 0:e.path),i,e.headers,t,a),c=((f=s.value.frontmatter)==null?void 0:f.sidebarDepth)!=null?(_=s.value.frontmatter)==null?void 0:_.sidebarDepth:5,u=c??1;if((e==null?void 0:e.type)==="auto")return[l,Se(z,e.children,e.basePath,o,u,1,t)];if(e.headers&&e.headers.length){const g=rs(e.headers);return[l,Se(z,g,e==null?void 0:e.path,o,u,1,t)]}return Ee(z,e==null?void 0:e.path,e.title||(e==null?void 0:e.path),i,e.children,0,t)}};function Ee(e,t,s,o,a,r=0,i){const l=e(ut,{"data-anchor":t,to:t,activeClass:"",exactActiveClass:"",class:{active:o,"sidebar-link":!0,["link-depth-level-"+r]:!0}},()=>[s]);return e("div",{class:{active:o,collapsed:!0,"sidebar-link-container":!!(a!=null&&a.length)},onClick:c=>{c.target.classList.toggle("collapsed"),c.target.tagName!=="DIV"&&i()}},[l])}function cs(e,t,s,o,a,r,i){const l=!!a&&a.some(c=>c.level!==1);return e("div",{class:{active:o,collapsed:o,"sidebar-header":!0,"sidebar-link":!0,"sidebar-header--empty":!l},onClick:c=>{const u=c.target.classList,f=c.target.querySelector("a");u.toggle("collapsed"),f&&i.push(f.getAttribute("href"))}},[Ee(e,t,s,o,null,0,r)])}function Se(e,t,s,o,a,r=1,i){return!t||r>a?null:e("ul",{class:"sidebar-sub-headers"},t.map(l=>{const c=he(o,s+"#"+l.slug);return e("li",{class:{collapsible:r<3,"sidebar-sub-header":!0}},[Ee(e,s+"#"+l.slug,l.title,c,l.children,r,i),Se(e,l.children,s,o,a,r+1,i)])}))}const Ye=A(ns,[["__file","SidebarLink.vue"]]);const us={__name:"DropdownTransition",setup(e){const t=o=>{o.style.height=o.scrollHeight+"px"},s=o=>{o.style.height=""};return(o,a)=>(n(),O(de,{name:"dropdown",onEnter:t,onAfterEnter:s,onBeforeLeave:t},{default:W(()=>[D(o.$slots,"default")]),_:3}))}},ds=A(us,[["__file","DropdownTransition.vue"]]);const ps={key:0,ref:"items",class:"sidebar-group-items"},hs={__name:"SidebarGroup",props:{item:{type:Object,required:!0},first:{type:Boolean,required:!0},open:{type:Boolean,required:!0},collapsable:{type:Boolean,required:!0},closeSidebarDrawer:{type:Function,default:()=>{}}},setup(e){return(t,s)=>(n(),d("div",{class:j(["sidebar-group",{first:e.first,collapsable:e.collapsable}])},[S(ds,null,{default:W(()=>{var o;return[e.open||!e.collapsable?(n(),d("ul",ps,[(n(!0),d(I,null,B((o=e.item)==null?void 0:o.children,a=>(n(),d("li",null,[S(Ye,{closeSidebarDrawer:e.closeSidebarDrawer,item:a},null,8,["closeSidebarDrawer","item"])]))),256))],512)):L("v-if",!0)]}),_:1})],2))}},fs=A(hs,[["__file","SidebarGroup.vue"]]);const vs={class:"sidebar"},ms={key:0,class:"sidebar-links"},_s={__name:"Sidebar",props:{items:{type:Array,required:!0},closeSidebarDrawer:{type:Function,default:()=>{}},isMobileWidth:{type:Boolean}},setup(e){const t=e,s=E(()=>t.items),o=me(),a=Z(),r=E(()=>Je(a.value,o,s.value)),i=k(0),l=()=>{const h=_(o,t.items);h>-1&&(i.value=h)},c=h=>{i.value=h===i.value?-1:h},u=h=>{const v=h.getBoundingClientRect();return v.top>=0&&v.left>=0&&v.bottom<=(window.innerHeight/2||document.documentElement.clientHeight/2)&&v.right<=(window.innerWidth||document.documentElement.clientWidth)};re(()=>o,l);const f=()=>{const h=document.querySelectorAll(".header-anchor"),v=document.querySelector(".sidebar"),m=v.querySelectorAll("a"),y=v.querySelectorAll(".collapsible.sidebar-sub-header"),x=Array.from(m).map($=>$.getAttribute("data-anchor"));h.forEach($=>{$.getAttribute("data-anchor")||$.setAttribute("data-anchor",a.value.path+$.hash)}),h.forEach($=>{if(u($)){const H=x.find(R=>R===$.getAttribute("data-anchor"));y.forEach(R=>{R.querySelectorAll(".sidebar-link-container").forEach(K=>{R.querySelector(`a[data-anchor="${H}"]`)?K.classList.remove("collapsed"):K.classList.add("collapsed")})}),v.querySelector(`a[data-anchor="${H}"]`)&&(m.forEach(R=>R.classList.remove("active")),v.querySelector(`a[data-anchor="${H}"]`).classList.add("active"))}})},_=(h,v)=>{for(let m=0;m<v.length;m++){const y=v[m];if(y.type==="group"&&y.children.some(x=>he(h,x.path)))return m}return-1},g=()=>{const h=window.location.hash,v=document.querySelectorAll(".sidebar a");v.forEach(m=>{if(m.getAttribute("data-anchor")===h){v.forEach(x=>x.classList.remove("active")),m.classList.add("active");const y=m.closest(".collapsible");y&&y.classList.remove("collapsed")}})};return J(()=>{l(),t.isMobileWidth||window.addEventListener("scroll",f),t.isMobileWidth||window.addEventListener("resize",f),window.addEventListener("hashchange",g)}),ie(()=>{window.removeEventListener("scroll",f),window.removeEventListener("resize",f),window.removeEventListener("hashchange",g)}),(h,v)=>(n(),d("div",vs,[D(h.$slots,"top"),r.value.length?(n(),d("ul",ms,[(n(!0),d(I,null,B(r.value,(m,y)=>(n(),d("li",{key:y},[m.type==="group"?(n(),O(fs,{key:0,item:m,first:y===0,open:y===i.value,closeSidebarDrawer:e.closeSidebarDrawer,collapsable:!!(m.collapsable||m.collapsible),onToggle:x=>c(y)},null,8,["item","first","open","closeSidebarDrawer","collapsable","onToggle"])):(n(),O(Ye,{key:1,closeSidebarDrawer:e.closeSidebarDrawer,item:m},null,8,["closeSidebarDrawer","item"]))]))),128))])):L("v-if",!0),D(h.$slots,"bottom")]))}},Qe=A(_s,[["__file","Sidebar.vue"]]);var gs=Object.defineProperty,bs=Object.defineProperties,ys=Object.getOwnPropertyDescriptors,ke=Object.getOwnPropertySymbols,ws=Object.prototype.hasOwnProperty,Ss=Object.prototype.propertyIsEnumerable,xe=(e,t,s)=>t in e?gs(e,t,{enumerable:!0,configurable:!0,writable:!0,value:s}):e[t]=s,ee=(e,t)=>{for(var s in t||(t={}))ws.call(t,s)&&xe(e,s,t[s]);if(ke)for(var s of ke(t))Ss.call(t,s)&&xe(e,s,t[s]);return e},Ae=(e,t)=>bs(e,ys(t));const Ls={props:{autoscroll:{type:Boolean,default:!0}},watch:{typeAheadPointer(){this.autoscroll&&this.maybeAdjustScroll()},open(e){this.autoscroll&&e&&this.$nextTick(()=>this.maybeAdjustScroll())}},methods:{maybeAdjustScroll(){var e;const t=((e=this.$refs.dropdownMenu)==null?void 0:e.children[this.typeAheadPointer])||!1;if(t){const s=this.getDropdownViewport(),{top:o,bottom:a,height:r}=t.getBoundingClientRect();if(o<s.top)return this.$refs.dropdownMenu.scrollTop=t.offsetTop;if(a>s.bottom)return this.$refs.dropdownMenu.scrollTop=t.offsetTop-(s.height-r)}},getDropdownViewport(){return this.$refs.dropdownMenu?this.$refs.dropdownMenu.getBoundingClientRect():{height:0,top:0,bottom:0}}}},Os={data(){return{typeAheadPointer:-1}},watch:{filteredOptions(){for(let e=0;e<this.filteredOptions.length;e++)if(this.selectable(this.filteredOptions[e])){this.typeAheadPointer=e;break}},open(e){e&&this.typeAheadToLastSelected()},selectedValue(){this.open&&this.typeAheadToLastSelected()}},methods:{typeAheadUp(){for(let e=this.typeAheadPointer-1;e>=0;e--)if(this.selectable(this.filteredOptions[e])){this.typeAheadPointer=e;break}},typeAheadDown(){for(let e=this.typeAheadPointer+1;e<this.filteredOptions.length;e++)if(this.selectable(this.filteredOptions[e])){this.typeAheadPointer=e;break}},typeAheadSelect(){const e=this.filteredOptions[this.typeAheadPointer];e&&this.selectable(e)&&this.select(e)},typeAheadToLastSelected(){this.typeAheadPointer=this.selectedValue.length!==0?this.filteredOptions.indexOf(this.selectedValue[this.selectedValue.length-1]):-1}}},Es={props:{loading:{type:Boolean,default:!1}},data(){return{mutableLoading:!1}},watch:{search(){this.$emit("search",this.search,this.toggleLoading)},loading(e){this.mutableLoading=e}},methods:{toggleLoading(e=null){return e==null?this.mutableLoading=!this.mutableLoading:this.mutableLoading=e}}},De=(e,t)=>{const s=e.__vccOpts||e;for(const[o,a]of t)s[o]=a;return s},Ds={},$s={xmlns:"http://www.w3.org/2000/svg",width:"10",height:"10"},Vs=p("path",{d:"M6.895455 5l2.842897-2.842898c.348864-.348863.348864-.914488 0-1.263636L9.106534.261648c-.348864-.348864-.914489-.348864-1.263636 0L5 3.104545 2.157102.261648c-.348863-.348864-.914488-.348864-1.263636 0L.261648.893466c-.348864.348864-.348864.914489 0 1.263636L3.104545 5 .261648 7.842898c-.348864.348863-.348864.914488 0 1.263636l.631818.631818c.348864.348864.914773.348864 1.263636 0L5 6.895455l2.842898 2.842897c.348863.348864.914772.348864 1.263636 0l.631818-.631818c.348864-.348864.348864-.914489 0-1.263636L6.895455 5z"},null,-1),ks=[Vs];function xs(e,t){return n(),d("svg",$s,ks)}const As=De(Ds,[["render",xs]]),Ts={},Ps={xmlns:"http://www.w3.org/2000/svg",width:"14",height:"10"},Cs=p("path",{d:"M9.211364 7.59931l4.48338-4.867229c.407008-.441854.407008-1.158247 0-1.60046l-.73712-.80023c-.407008-.441854-1.066904-.441854-1.474243 0L7 5.198617 2.51662.33139c-.407008-.441853-1.066904-.441853-1.474243 0l-.737121.80023c-.407008.441854-.407008 1.158248 0 1.600461l4.48338 4.867228L7 10l2.211364-2.40069z"},null,-1),Rs=[Cs];function Is(e,t){return n(),d("svg",Ps,Rs)}const Ms=De(Ts,[["render",Is]]),Te={Deselect:As,OpenIndicator:Ms},Bs={mounted(e,{instance:t}){if(t.appendToBody){const{height:s,top:o,left:a,width:r}=t.$refs.toggle.getBoundingClientRect();let i=window.scrollX||window.pageXOffset,l=window.scrollY||window.pageYOffset;e.unbindPosition=t.calculatePosition(e,t,{width:r+"px",left:i+a+"px",top:l+o+s+"px"}),document.body.appendChild(e)}},unmounted(e,{instance:t}){t.appendToBody&&(e.unbindPosition&&typeof e.unbindPosition=="function"&&e.unbindPosition(),e.parentNode&&e.parentNode.removeChild(e))}};function Hs(e){const t={};return Object.keys(e).sort().forEach(s=>{t[s]=e[s]}),JSON.stringify(t)}let js=0;function Fs(){return++js}const Ws={components:ee({},Te),directives:{appendToBody:Bs},mixins:[Ls,Os,Es],compatConfig:{MODE:3},emits:["open","close","update:modelValue","search","search:compositionstart","search:compositionend","search:keydown","search:blur","search:focus","search:input","option:created","option:selecting","option:selected","option:deselecting","option:deselected"],props:{modelValue:{},components:{type:Object,default:()=>({})},options:{type:Array,default(){return[]}},disabled:{type:Boolean,default:!1},clearable:{type:Boolean,default:!0},deselectFromDropdown:{type:Boolean,default:!1},searchable:{type:Boolean,default:!0},multiple:{type:Boolean,default:!1},placeholder:{type:String,default:""},transition:{type:String,default:"vs__fade"},clearSearchOnSelect:{type:Boolean,default:!0},closeOnSelect:{type:Boolean,default:!0},label:{type:String,default:"label"},autocomplete:{type:String,default:"off"},reduce:{type:Function,default:e=>e},selectable:{type:Function,default:e=>!0},getOptionLabel:{type:Function,default(e){return typeof e=="object"?e.hasOwnProperty(this.label)?e[this.label]:console.warn(`[vue-select warn]: Label key "option.${this.label}" does not exist in options object ${JSON.stringify(e)}.
+import{d as T,r as k,a as ot,b as at,i as se,c as rt,e as it,f as lt,g as ve,h as nt,j as ct,o as J,k as E,l as z,m as C,_ as A,n,p as d,q as p,u as w,t as V,F as I,s as B,v as L,w as j,x as me,y as _e,R as ut,z as O,A as W,B as D,T as de,C as S,D as re,E as ie,G as dt,H as N,I as q,J as M,K as ue,L as ye,M as pt,N as Y,O as Q,P,Q as ht,S as G,U as Be,V as oe,W as ft,X as vt,Y as mt,Z as _t,$ as He,a0 as gt,a1 as bt,a2 as yt,a3 as wt,a4 as St,a5 as Lt,a6 as Ot}from"./framework-0ba8e1ea.js";const Et="modulepreload",Dt=function(e){return"/"+e},Ve={},b=function(t,s,o){if(!s||s.length===0)return t();const a=document.getElementsByTagName("link");return Promise.all(s.map(r=>{if(r=Dt(r),r in Ve)return;Ve[r]=!0;const i=r.endsWith(".css"),l=i?'[rel="stylesheet"]':"";if(!!o)for(let f=a.length-1;f>=0;f--){const _=a[f];if(_.href===r&&(!i||_.rel==="stylesheet"))return}else if(document.querySelector(`link[href="${r}"]${l}`))return;const u=document.createElement("link");if(u.rel=i?"stylesheet":Et,i||(u.as="script",u.crossOrigin=""),u.href=r,document.head.appendChild(u),i)return new Promise((f,_)=>{u.addEventListener("load",f),u.addEventListener("error",()=>_(new Error(`Unable to preload CSS for ${r}`)))})})).then(()=>t())},Le={"v-8daa1a0e":()=>b(()=>import("./index.html-e8171bcc.js"),[]).then(({data:e})=>e),"v-b0d2ea62":()=>b(()=>import("./index.html-dd83167f.js"),[]).then(({data:e})=>e),"v-89bfb992":()=>b(()=>import("./index.html-c138238f.js"),[]).then(({data:e})=>e),"v-1b6f4a0a":()=>b(()=>import("./index.html-ae0b2092.js"),[]).then(({data:e})=>e),"v-6c1fb884":()=>b(()=>import("./index.html-998f6864.js"),[]).then(({data:e})=>e),"v-cadd6498":()=>b(()=>import("./index.html-3b4a4f38.js"),[]).then(({data:e})=>e),"v-2d0a9a10":()=>b(()=>import("./index.html-092f14d9.js"),[]).then(({data:e})=>e),"v-33720eeb":()=>b(()=>import("./index.html-e1c111f0.js"),[]).then(({data:e})=>e),"v-37e5fb86":()=>b(()=>import("./index.html-8a6bcf47.js"),[]).then(({data:e})=>e),"v-c271a6b2":()=>b(()=>import("./index.html-448a5efa.js"),[]).then(({data:e})=>e),"v-2f5e7500":()=>b(()=>import("./index.html-6c9650cc.js"),[]).then(({data:e})=>e),"v-1f847a28":()=>b(()=>import("./index.html-55653af3.js"),[]).then(({data:e})=>e),"v-ec0cad0c":()=>b(()=>import("./index.html-a16753b4.js"),[]).then(({data:e})=>e),"v-52e27964":()=>b(()=>import("./index.html-71fb4d10.js"),[]).then(({data:e})=>e),"v-c05bf2be":()=>b(()=>import("./index.html-bfb306f5.js"),[]).then(({data:e})=>e),"v-3d707372":()=>b(()=>import("./index.html-04265117.js"),[]).then(({data:e})=>e),"v-7d514c7d":()=>b(()=>import("./index.html-c09eba5b.js"),[]).then(({data:e})=>e),"v-50c7132c":()=>b(()=>import("./index.html-45ca0bbf.js"),[]).then(({data:e})=>e),"v-fd036ae2":()=>b(()=>import("./index.html-070c63b3.js"),[]).then(({data:e})=>e),"v-03bf6597":()=>b(()=>import("./index.html-270136ce.js"),[]).then(({data:e})=>e),"v-b8319282":()=>b(()=>import("./index.html-e424f433.js"),[]).then(({data:e})=>e),"v-3706649a":()=>b(()=>import("./404.html-e0575d4e.js"),[]).then(({data:e})=>e)},$t=JSON.parse(`{"base":"/","lang":"en-US","title":"","description":"","head":[["script",{"type":"text/javascript","charset":"UTF-8","src":"//cdn.cookie-script.com/s/c9f81de32507a4fec1eb03ee80d0f0ed.js"}],["script",{"type":"text/javascript","id":"hs-script-loader","async":true,"defer":true,"src":"//js.hs-scripts.com/5408110.js"}],["script",{},"\\n              (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':\\n              new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],\\n              j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src=\\n              'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);\\n              })(window,document,'script','dataLayer','GTM-5BSW555');\\n              "],["script",{},"\\n      (function() {\\n        var routes = {\\"/almacare/\\":\\"/enterprise-support-for-almalinux/\\",\\"/service-descriptions/#almacare\\":\\"/enterprise-support-for-almalinux/#essential-and-enhanced-support\\",\\"/eportal/#almacare-cybersecurity-patch-management\\":\\"/eportal/#live-patching-for-almalinux-kernelcare-and-libcare-management\\",\\"/eportal/#deploying-almacare-almacare-cybersecurity\\":\\"/eportal/#deploying-essential-support-live-patching-for-almalinux\\"};\\n    \\n        for (var route_url in routes) {\\n          if (window.location.href.indexOf(route_url) !== -1) {\\n            window.location.href = routes[route_url];\\n          }\\n        }\\n      })();\\n      "],["script",{},"\\n                    (function() {\\n                      // Trigger the scroll event without actually scrolling\\n                      function triggerScrollEvent() {\\n                        const targetElement = window;\\n                        const scrollEvent = new Event('scroll', {\\n                          bubbles: true,\\n                          cancelable: true,\\n                        });\\n                        targetElement.dispatchEvent(scrollEvent);\\n                      }\\n              \\n                      // Call the triggerScrollEvent and scrollBodyDown functions after the page is fully loaded\\n                      window.addEventListener('load', () => {\\n                        triggerScrollEvent();\\n                      });\\n                    })();\\n                  "]],"locales":{}}`),je={"v-8daa1a0e":T(()=>b(()=>import("./index.html-5be4a58a.js"),["assets/index.html-5be4a58a.js","assets/framework-0ba8e1ea.js"])),"v-b0d2ea62":T(()=>b(()=>import("./index.html-3565e0af.js"),["assets/index.html-3565e0af.js","assets/framework-0ba8e1ea.js"])),"v-89bfb992":T(()=>b(()=>import("./index.html-da6a5cef.js"),["assets/index.html-da6a5cef.js","assets/sso_eportal-cc19d109.js","assets/eportal-qemu-feed-7c9efdb9.js","assets/framework-0ba8e1ea.js"])),"v-1b6f4a0a":T(()=>b(()=>import("./index.html-8e531858.js"),["assets/index.html-8e531858.js","assets/framework-0ba8e1ea.js"])),"v-6c1fb884":T(()=>b(()=>import("./index.html-2bee62b8.js"),["assets/index.html-2bee62b8.js","assets/framework-0ba8e1ea.js"])),"v-cadd6498":T(()=>b(()=>import("./index.html-6fea13c2.js"),["assets/index.html-6fea13c2.js","assets/framework-0ba8e1ea.js"])),"v-2d0a9a10":T(()=>b(()=>import("./index.html-84b523eb.js"),["assets/index.html-84b523eb.js","assets/framework-0ba8e1ea.js"])),"v-33720eeb":T(()=>b(()=>import("./index.html-f8b8c896.js"),["assets/index.html-f8b8c896.js","assets/framework-0ba8e1ea.js"])),"v-37e5fb86":T(()=>b(()=>import("./index.html-04b3e155.js"),["assets/index.html-04b3e155.js","assets/uchecker-31d683fa.js","assets/eportal-qemu-feed-7c9efdb9.js","assets/framework-0ba8e1ea.js"])),"v-c271a6b2":T(()=>b(()=>import("./index.html-822dc78a.js"),["assets/index.html-822dc78a.js","assets/framework-0ba8e1ea.js"])),"v-2f5e7500":T(()=>b(()=>import("./index.html-c2cc080f.js"),["assets/index.html-c2cc080f.js","assets/framework-0ba8e1ea.js"])),"v-1f847a28":T(()=>b(()=>import("./index.html-f2b36c2b.js"),["assets/index.html-f2b36c2b.js","assets/reports-c7f76afe.js","assets/framework-0ba8e1ea.js"])),"v-ec0cad0c":T(()=>b(()=>import("./index.html-63823c79.js"),["assets/index.html-63823c79.js","assets/framework-0ba8e1ea.js"])),"v-52e27964":T(()=>b(()=>import("./index.html-527a5e84.js"),["assets/index.html-527a5e84.js","assets/sso_eportal-cc19d109.js","assets/eportal-qemu-feed-7c9efdb9.js","assets/framework-0ba8e1ea.js"])),"v-c05bf2be":T(()=>b(()=>import("./index.html-1738772c.js"),["assets/index.html-1738772c.js","assets/framework-0ba8e1ea.js"])),"v-3d707372":T(()=>b(()=>import("./index.html-3e49682f.js"),["assets/index.html-3e49682f.js","assets/framework-0ba8e1ea.js"])),"v-7d514c7d":T(()=>b(()=>import("./index.html-815d4f25.js"),["assets/index.html-815d4f25.js","assets/framework-0ba8e1ea.js"])),"v-50c7132c":T(()=>b(()=>import("./index.html-84c31207.js"),["assets/index.html-84c31207.js","assets/framework-0ba8e1ea.js"])),"v-fd036ae2":T(()=>b(()=>import("./index.html-862975e7.js"),["assets/index.html-862975e7.js","assets/uchecker-31d683fa.js","assets/eportal-qemu-feed-7c9efdb9.js","assets/framework-0ba8e1ea.js"])),"v-03bf6597":T(()=>b(()=>import("./index.html-9a9ef1ef.js"),["assets/index.html-9a9ef1ef.js","assets/framework-0ba8e1ea.js"])),"v-b8319282":T(()=>b(()=>import("./index.html-c0147096.js"),["assets/index.html-c0147096.js","assets/reports-c7f76afe.js","assets/framework-0ba8e1ea.js"])),"v-3706649a":T(()=>b(()=>import("./404.html-3b82156f.js"),["assets/404.html-3b82156f.js","assets/framework-0ba8e1ea.js"]))};var Vt=Symbol(""),kt=k(Le),Fe=ot({key:"",path:"",title:"",lang:"",frontmatter:{},headers:[]}),X=k(Fe),Z=()=>X,We=Symbol(""),ne=()=>{const e=C(We);if(!e)throw new Error("usePageFrontmatter() is called without provider.");return e},Ne=Symbol(""),xt=()=>{const e=C(Ne);if(!e)throw new Error("usePageHead() is called without provider.");return e},At=Symbol(""),Ge=Symbol(""),Ke=()=>{const e=C(Ge);if(!e)throw new Error("usePageLang() is called without provider.");return e},qe=Symbol(""),Tt=()=>{const e=C(qe);if(!e)throw new Error("usePageLayout() is called without provider.");return e},Ue=Symbol(""),ze=()=>{const e=C(Ue);if(!e)throw new Error("useRouteLocale() is called without provider.");return e},le=k($t),Pt=Symbol(""),Ct=Symbol(""),Rt="Layout",It="NotFound",U=at({resolveLayouts:e=>e.reduce((t,s)=>({...t,...s.layouts}),{}),resolvePageData:async e=>{const t=kt.value[e];return await(t==null?void 0:t())??Fe},resolvePageFrontmatter:e=>e.frontmatter,resolvePageHead:(e,t,s)=>{const o=se(t.description)?t.description:s.description,a=[...rt(t.head)?t.head:[],...s.head,["title",{},e],["meta",{name:"description",content:o}]];return it(a)},resolvePageHeadTitle:(e,t)=>[e.title,t.title].filter(s=>!!s).join(" | "),resolvePageLang:e=>e.lang||"en",resolvePageLayout:(e,t)=>{let s;if(e.path){const o=e.frontmatter.layout;se(o)?s=o:s=Rt}else s=It;return t[s]},resolveRouteLocale:(e,t)=>lt(e,t),resolveSiteLocaleData:(e,t)=>({...e,...e.locales[t]})}),Mt=ve({name:"ClientOnly",setup(e,t){const s=k(!1);return J(()=>{s.value=!0}),()=>{var o,a;return s.value?(a=(o=t.slots).default)==null?void 0:a.call(o):null}}}),Bt=ve({name:"Content",props:{pageKey:{type:String,required:!1,default:""}},setup(e){const t=Z(),s=E(()=>je[e.pageKey||t.value.key]);return()=>s.value?z(s.value):z("div","404 Not Found")}}),Ht=(e={})=>e,F=e=>nt(e)?e:`/${ct(e)}`;const jt={enhance:({app:e})=>{}};function Ft(e){return{all:e=e||new Map,on:function(t,s){var o=e.get(t);o?o.push(s):e.set(t,[s])},off:function(t,s){var o=e.get(t);o&&(s?o.splice(o.indexOf(s)>>>0,1):e.set(t,[]))},emit:function(t,s){var o=e.get(t);o&&o.slice().map(function(a){a(s)}),(o=e.get("*"))&&o.slice().map(function(a){a(t,s)})}}}const Wt={class:"footer__img"},Nt=["href"],Gt=["src","alt"],Kt={class:"footer-company-title"},qt={class:"social"},Ut={class:"social_links"},zt=["href"],Jt={class:"footer-social-text"},Xt={class:"social-icons-wrapper"},Yt=["href"],Qt=["src"],Zt={__name:"Footer",setup(e){const{social:t,cloudlinuxSite:s,footerCustomLogo:o,footerCustomAltText:a,locales:r}=C("themeConfig"),i=ne(),l=E(()=>new Date().getFullYear()),c=E(()=>i.value.layout==="HomeLayout");return(u,f)=>(n(),d("div",{class:j(["footer",{"footer-default-layout":!c.value}])},[p("div",Wt,[p("a",{href:w(s)},[p("img",{src:w(F)(w(o)),alt:w(a)},null,8,Gt)],8,Nt)]),p("div",Kt,V(l.value)+". CloudLinux Inc ",1),p("div",qt,[p("div",Ut,[(n(!0),d(I,null,B(w(r).bottomLinks,_=>(n(),d("a",{href:_.url,target:"_blank"},V(_.text),9,zt))),256))]),p("span",Jt,V(w(r).stayInTouch),1),p("div",Xt,[(n(!0),d(I,null,B(w(t),_=>(n(),d("a",{class:"social-icons-link",href:_==null?void 0:_.url,target:"_blank"},[_.icon?(n(),d("img",{key:0,class:"social-icons-link-img",src:w(F)(_==null?void 0:_.icon),alt:"footer logo"},null,8,Qt)):L("v-if",!0)],8,Yt))),256))])])],2))}},pe=A(Zt,[["__scopeId","data-v-0190e83e"],["__file","Footer.vue"]]),Oe=/#.*$/,es=/\.(md|html)$/,te=/\/$/,we=/^(https?:|mailto:|tel:)/;function ae(e){return decodeURI(e).replace(Oe,"").replace(es,"")}function ts(e){const t=e==null?void 0:e.match(Oe);if(t)return t[0]}function ss(e){return we.test(e)}function os(e){if(ss(e))return e;const t=e==null?void 0:e.match(Oe),s=t?t[0]:"",o=ae(e);return te.test(o)?e:o+".html"+s}function he(e,t){const s=e.hash,o=ts(t);if(o&&s!==o)return!1;const a=ae(e.path),r=ae(t);return a===r}function fe(e,t,s){s&&(t=as(t,s));const o=ae(t);for(let a=0;a<e.length;a++)if(ae(e[a].path)===o)return Object.assign({},e[a],{type:"page",path:os(t),relativePath:`${t.slice(1)}README.md`,regularPath:t});return null}function as(e,t,s){const o=e.charAt(0);if(o==="/")return e;if(o==="?"||o==="#")return t+e;const a=t.split("/");(!s||!a[a.length-1])&&a.pop();const r=e.replace(/^\//,"").split("/");for(let i=0;i<r.length;i++){const l=r[i];l===".."?a.pop():l!=="."&&a.push(l)}return a[0]!==""&&a.unshift(""),a.join("/")}function Je(e,t,s){const{locales:o}=C("themeConfig"),{base:a,config:r}=is(t,o.sidebar);return r?r.map(i=>Xe(i,s,a)):[]}function rs(e){e=e.map(s=>Object.assign({},JSON.parse(JSON.stringify(s))));let t;return e.forEach(s=>{s.level!==1?t=s:t&&(t.children||(t.children=[])).push(s)}),e.filter(s=>s.level!==1)}function is(e,t){if(Array.isArray(t))return{base:"/",config:t};for(const s in t)if(ls(e.path).indexOf(s)===0)return{base:s,config:t[s]};return null}function ls(e){return/(\.html|\/)$/.test(e)?e:e+"/"}function Xe(e,t,s,o){if(typeof e=="string")return fe(t,e,s);if(Array.isArray(e))return Object.assign(fe(t,e[0],s),{title:e[1]});{o&&console.error("[vuepress] Nested sidebar groups are not supported. Consider using navbar + categories instead.");const a=e.children||[];return{type:"group",title:e.title,children:a.map(r=>Xe(r,t,s,!0)),collapsable:e.collapsable!==!1}}}const ns={functional:!0,props:["item","closeSidebarDrawer"],render({item:e,closeSidebarDrawer:t}){var f,_;if(!e)return;const s=Z(),o=me(),a=_e(),r=he(o,e==null?void 0:e.path),i=(e==null?void 0:e.type)==="auto"?r||e.children.some(g=>he(o,e.basePath+"#"+g.slug)):r,l=cs(z,e==null?void 0:e.path,e.title||(e==null?void 0:e.path),i,e.headers,t,a),c=((f=s.value.frontmatter)==null?void 0:f.sidebarDepth)!=null?(_=s.value.frontmatter)==null?void 0:_.sidebarDepth:5,u=c??1;if((e==null?void 0:e.type)==="auto")return[l,Se(z,e.children,e.basePath,o,u,1,t)];if(e.headers&&e.headers.length){const g=rs(e.headers);return[l,Se(z,g,e==null?void 0:e.path,o,u,1,t)]}return Ee(z,e==null?void 0:e.path,e.title||(e==null?void 0:e.path),i,e.children,0,t)}};function Ee(e,t,s,o,a,r=0,i){const l=e(ut,{"data-anchor":t,to:t,activeClass:"",exactActiveClass:"",class:{active:o,"sidebar-link":!0,["link-depth-level-"+r]:!0}},()=>[s]);return e("div",{class:{active:o,collapsed:!0,"sidebar-link-container":!!(a!=null&&a.length)},onClick:c=>{c.target.classList.toggle("collapsed"),c.target.tagName!=="DIV"&&i()}},[l])}function cs(e,t,s,o,a,r,i){const l=!!a&&a.some(c=>c.level!==1);return e("div",{class:{active:o,collapsed:o,"sidebar-header":!0,"sidebar-link":!0,"sidebar-header--empty":!l},onClick:c=>{const u=c.target.classList,f=c.target.querySelector("a");u.toggle("collapsed"),f&&i.push(f.getAttribute("href"))}},[Ee(e,t,s,o,null,0,r)])}function Se(e,t,s,o,a,r=1,i){return!t||r>a?null:e("ul",{class:"sidebar-sub-headers"},t.map(l=>{const c=he(o,s+"#"+l.slug);return e("li",{class:{collapsible:r<3,"sidebar-sub-header":!0}},[Ee(e,s+"#"+l.slug,l.title,c,l.children,r,i),Se(e,l.children,s,o,a,r+1,i)])}))}const Ye=A(ns,[["__file","SidebarLink.vue"]]);const us={__name:"DropdownTransition",setup(e){const t=o=>{o.style.height=o.scrollHeight+"px"},s=o=>{o.style.height=""};return(o,a)=>(n(),O(de,{name:"dropdown",onEnter:t,onAfterEnter:s,onBeforeLeave:t},{default:W(()=>[D(o.$slots,"default")]),_:3}))}},ds=A(us,[["__file","DropdownTransition.vue"]]);const ps={key:0,ref:"items",class:"sidebar-group-items"},hs={__name:"SidebarGroup",props:{item:{type:Object,required:!0},first:{type:Boolean,required:!0},open:{type:Boolean,required:!0},collapsable:{type:Boolean,required:!0},closeSidebarDrawer:{type:Function,default:()=>{}}},setup(e){return(t,s)=>(n(),d("div",{class:j(["sidebar-group",{first:e.first,collapsable:e.collapsable}])},[S(ds,null,{default:W(()=>{var o;return[e.open||!e.collapsable?(n(),d("ul",ps,[(n(!0),d(I,null,B((o=e.item)==null?void 0:o.children,a=>(n(),d("li",null,[S(Ye,{closeSidebarDrawer:e.closeSidebarDrawer,item:a},null,8,["closeSidebarDrawer","item"])]))),256))],512)):L("v-if",!0)]}),_:1})],2))}},fs=A(hs,[["__file","SidebarGroup.vue"]]);const vs={class:"sidebar"},ms={key:0,class:"sidebar-links"},_s={__name:"Sidebar",props:{items:{type:Array,required:!0},closeSidebarDrawer:{type:Function,default:()=>{}},isMobileWidth:{type:Boolean}},setup(e){const t=e,s=E(()=>t.items),o=me(),a=Z(),r=E(()=>Je(a.value,o,s.value)),i=k(0),l=()=>{const h=_(o,t.items);h>-1&&(i.value=h)},c=h=>{i.value=h===i.value?-1:h},u=h=>{const v=h.getBoundingClientRect();return v.top>=0&&v.left>=0&&v.bottom<=(window.innerHeight/2||document.documentElement.clientHeight/2)&&v.right<=(window.innerWidth||document.documentElement.clientWidth)};re(()=>o,l);const f=()=>{const h=document.querySelectorAll(".header-anchor"),v=document.querySelector(".sidebar"),m=v.querySelectorAll("a"),y=v.querySelectorAll(".collapsible.sidebar-sub-header"),x=Array.from(m).map($=>$.getAttribute("data-anchor"));h.forEach($=>{$.getAttribute("data-anchor")||$.setAttribute("data-anchor",a.value.path+$.hash)}),h.forEach($=>{if(u($)){const H=x.find(R=>R===$.getAttribute("data-anchor"));y.forEach(R=>{R.querySelectorAll(".sidebar-link-container").forEach(K=>{R.querySelector(`a[data-anchor="${H}"]`)?K.classList.remove("collapsed"):K.classList.add("collapsed")})}),v.querySelector(`a[data-anchor="${H}"]`)&&(m.forEach(R=>R.classList.remove("active")),v.querySelector(`a[data-anchor="${H}"]`).classList.add("active"))}})},_=(h,v)=>{for(let m=0;m<v.length;m++){const y=v[m];if(y.type==="group"&&y.children.some(x=>he(h,x.path)))return m}return-1},g=()=>{const h=window.location.hash,v=document.querySelectorAll(".sidebar a");v.forEach(m=>{if(m.getAttribute("data-anchor")===h){v.forEach(x=>x.classList.remove("active")),m.classList.add("active");const y=m.closest(".collapsible");y&&y.classList.remove("collapsed")}})};return J(()=>{l(),t.isMobileWidth||window.addEventListener("scroll",f),t.isMobileWidth||window.addEventListener("resize",f),window.addEventListener("hashchange",g)}),ie(()=>{window.removeEventListener("scroll",f),window.removeEventListener("resize",f),window.removeEventListener("hashchange",g)}),(h,v)=>(n(),d("div",vs,[D(h.$slots,"top"),r.value.length?(n(),d("ul",ms,[(n(!0),d(I,null,B(r.value,(m,y)=>(n(),d("li",{key:y},[m.type==="group"?(n(),O(fs,{key:0,item:m,first:y===0,open:y===i.value,closeSidebarDrawer:e.closeSidebarDrawer,collapsable:!!(m.collapsable||m.collapsible),onToggle:x=>c(y)},null,8,["item","first","open","closeSidebarDrawer","collapsable","onToggle"])):(n(),O(Ye,{key:1,closeSidebarDrawer:e.closeSidebarDrawer,item:m},null,8,["closeSidebarDrawer","item"]))]))),128))])):L("v-if",!0),D(h.$slots,"bottom")]))}},Qe=A(_s,[["__file","Sidebar.vue"]]);var gs=Object.defineProperty,bs=Object.defineProperties,ys=Object.getOwnPropertyDescriptors,ke=Object.getOwnPropertySymbols,ws=Object.prototype.hasOwnProperty,Ss=Object.prototype.propertyIsEnumerable,xe=(e,t,s)=>t in e?gs(e,t,{enumerable:!0,configurable:!0,writable:!0,value:s}):e[t]=s,ee=(e,t)=>{for(var s in t||(t={}))ws.call(t,s)&&xe(e,s,t[s]);if(ke)for(var s of ke(t))Ss.call(t,s)&&xe(e,s,t[s]);return e},Ae=(e,t)=>bs(e,ys(t));const Ls={props:{autoscroll:{type:Boolean,default:!0}},watch:{typeAheadPointer(){this.autoscroll&&this.maybeAdjustScroll()},open(e){this.autoscroll&&e&&this.$nextTick(()=>this.maybeAdjustScroll())}},methods:{maybeAdjustScroll(){var e;const t=((e=this.$refs.dropdownMenu)==null?void 0:e.children[this.typeAheadPointer])||!1;if(t){const s=this.getDropdownViewport(),{top:o,bottom:a,height:r}=t.getBoundingClientRect();if(o<s.top)return this.$refs.dropdownMenu.scrollTop=t.offsetTop;if(a>s.bottom)return this.$refs.dropdownMenu.scrollTop=t.offsetTop-(s.height-r)}},getDropdownViewport(){return this.$refs.dropdownMenu?this.$refs.dropdownMenu.getBoundingClientRect():{height:0,top:0,bottom:0}}}},Os={data(){return{typeAheadPointer:-1}},watch:{filteredOptions(){for(let e=0;e<this.filteredOptions.length;e++)if(this.selectable(this.filteredOptions[e])){this.typeAheadPointer=e;break}},open(e){e&&this.typeAheadToLastSelected()},selectedValue(){this.open&&this.typeAheadToLastSelected()}},methods:{typeAheadUp(){for(let e=this.typeAheadPointer-1;e>=0;e--)if(this.selectable(this.filteredOptions[e])){this.typeAheadPointer=e;break}},typeAheadDown(){for(let e=this.typeAheadPointer+1;e<this.filteredOptions.length;e++)if(this.selectable(this.filteredOptions[e])){this.typeAheadPointer=e;break}},typeAheadSelect(){const e=this.filteredOptions[this.typeAheadPointer];e&&this.selectable(e)&&this.select(e)},typeAheadToLastSelected(){this.typeAheadPointer=this.selectedValue.length!==0?this.filteredOptions.indexOf(this.selectedValue[this.selectedValue.length-1]):-1}}},Es={props:{loading:{type:Boolean,default:!1}},data(){return{mutableLoading:!1}},watch:{search(){this.$emit("search",this.search,this.toggleLoading)},loading(e){this.mutableLoading=e}},methods:{toggleLoading(e=null){return e==null?this.mutableLoading=!this.mutableLoading:this.mutableLoading=e}}},De=(e,t)=>{const s=e.__vccOpts||e;for(const[o,a]of t)s[o]=a;return s},Ds={},$s={xmlns:"http://www.w3.org/2000/svg",width:"10",height:"10"},Vs=p("path",{d:"M6.895455 5l2.842897-2.842898c.348864-.348863.348864-.914488 0-1.263636L9.106534.261648c-.348864-.348864-.914489-.348864-1.263636 0L5 3.104545 2.157102.261648c-.348863-.348864-.914488-.348864-1.263636 0L.261648.893466c-.348864.348864-.348864.914489 0 1.263636L3.104545 5 .261648 7.842898c-.348864.348863-.348864.914488 0 1.263636l.631818.631818c.348864.348864.914773.348864 1.263636 0L5 6.895455l2.842898 2.842897c.348863.348864.914772.348864 1.263636 0l.631818-.631818c.348864-.348864.348864-.914489 0-1.263636L6.895455 5z"},null,-1),ks=[Vs];function xs(e,t){return n(),d("svg",$s,ks)}const As=De(Ds,[["render",xs]]),Ts={},Ps={xmlns:"http://www.w3.org/2000/svg",width:"14",height:"10"},Cs=p("path",{d:"M9.211364 7.59931l4.48338-4.867229c.407008-.441854.407008-1.158247 0-1.60046l-.73712-.80023c-.407008-.441854-1.066904-.441854-1.474243 0L7 5.198617 2.51662.33139c-.407008-.441853-1.066904-.441853-1.474243 0l-.737121.80023c-.407008.441854-.407008 1.158248 0 1.600461l4.48338 4.867228L7 10l2.211364-2.40069z"},null,-1),Rs=[Cs];function Is(e,t){return n(),d("svg",Ps,Rs)}const Ms=De(Ts,[["render",Is]]),Te={Deselect:As,OpenIndicator:Ms},Bs={mounted(e,{instance:t}){if(t.appendToBody){const{height:s,top:o,left:a,width:r}=t.$refs.toggle.getBoundingClientRect();let i=window.scrollX||window.pageXOffset,l=window.scrollY||window.pageYOffset;e.unbindPosition=t.calculatePosition(e,t,{width:r+"px",left:i+a+"px",top:l+o+s+"px"}),document.body.appendChild(e)}},unmounted(e,{instance:t}){t.appendToBody&&(e.unbindPosition&&typeof e.unbindPosition=="function"&&e.unbindPosition(),e.parentNode&&e.parentNode.removeChild(e))}};function Hs(e){const t={};return Object.keys(e).sort().forEach(s=>{t[s]=e[s]}),JSON.stringify(t)}let js=0;function Fs(){return++js}const Ws={components:ee({},Te),directives:{appendToBody:Bs},mixins:[Ls,Os,Es],compatConfig:{MODE:3},emits:["open","close","update:modelValue","search","search:compositionstart","search:compositionend","search:keydown","search:blur","search:focus","search:input","option:created","option:selecting","option:selected","option:deselecting","option:deselected"],props:{modelValue:{},components:{type:Object,default:()=>({})},options:{type:Array,default(){return[]}},disabled:{type:Boolean,default:!1},clearable:{type:Boolean,default:!0},deselectFromDropdown:{type:Boolean,default:!1},searchable:{type:Boolean,default:!0},multiple:{type:Boolean,default:!1},placeholder:{type:String,default:""},transition:{type:String,default:"vs__fade"},clearSearchOnSelect:{type:Boolean,default:!0},closeOnSelect:{type:Boolean,default:!0},label:{type:String,default:"label"},autocomplete:{type:String,default:"off"},reduce:{type:Function,default:e=>e},selectable:{type:Function,default:e=>!0},getOptionLabel:{type:Function,default(e){return typeof e=="object"?e.hasOwnProperty(this.label)?e[this.label]:console.warn(`[vue-select warn]: Label key "option.${this.label}" does not exist in options object ${JSON.stringify(e)}.
 https://vue-select.org/api/props.html#getoptionlabel`):e}},getOptionKey:{type:Function,default(e){if(typeof e!="object")return e;try{return e.hasOwnProperty("id")?e.id:Hs(e)}catch(t){return console.warn(`[vue-select warn]: Could not stringify this option to generate unique key. Please provide'getOptionKey' prop to return a unique key for each option.
 https://vue-select.org/api/props.html#getoptionkey`,e,t)}}},onTab:{type:Function,default:function(){this.selectOnTab&&!this.isComposing&&this.typeAheadSelect()}},taggable:{type:Boolean,default:!1},tabindex:{type:Number,default:null},pushTags:{type:Boolean,default:!1},filterable:{type:Boolean,default:!0},filterBy:{type:Function,default(e,t,s){return(t||"").toLocaleLowerCase().indexOf(s.toLocaleLowerCase())>-1}},filter:{type:Function,default(e,t){return e.filter(s=>{let o=this.getOptionLabel(s);return typeof o=="number"&&(o=o.toString()),this.filterBy(s,o,t)})}},createOption:{type:Function,default(e){return typeof this.optionList[0]=="object"?{[this.label]:e}:e}},resetOnOptionsChange:{default:!1,validator:e=>["function","boolean"].includes(typeof e)},clearSearchOnBlur:{type:Function,default:function({clearSearchOnSelect:e,multiple:t}){return e&&!t}},noDrop:{type:Boolean,default:!1},inputId:{type:String},dir:{type:String,default:"auto"},selectOnTab:{type:Boolean,default:!1},selectOnKeyCodes:{type:Array,default:()=>[13]},searchInputQuerySelector:{type:String,default:"[type=search]"},mapKeydown:{type:Function,default:(e,t)=>e},appendToBody:{type:Boolean,default:!1},calculatePosition:{type:Function,default(e,t,{width:s,top:o,left:a}){e.style.top=o,e.style.left=a,e.style.width=s}},dropdownShouldOpen:{type:Function,default({noDrop:e,open:t,mutableLoading:s}){return e?!1:t&&!s}},uid:{type:[String,Number],default:()=>Fs()}},data(){return{search:"",open:!1,isComposing:!1,pushedTags:[],_value:[],deselectButtons:[]}},computed:{isReducingValues(){return this.$props.reduce!==this.$options.props.reduce.default},isTrackingValues(){return typeof this.modelValue>"u"||this.isReducingValues},selectedValue(){let e=this.modelValue;return this.isTrackingValues&&(e=this.$data._value),e!=null&&e!==""?[].concat(e):[]},optionList(){return this.options.concat(this.pushTags?this.pushedTags:[])},searchEl(){return this.$slots.search?this.$refs.selectedOptions.querySelector(this.searchInputQuerySelector):this.$refs.search},scope(){const e={search:this.search,loading:this.loading,searching:this.searching,filteredOptions:this.filteredOptions};return{search:{attributes:ee({disabled:this.disabled,placeholder:this.searchPlaceholder,tabindex:this.tabindex,readonly:!this.searchable,id:this.inputId,"aria-autocomplete":"list","aria-labelledby":`vs${this.uid}__combobox`,"aria-controls":`vs${this.uid}__listbox`,ref:"search",type:"search",autocomplete:this.autocomplete,value:this.search},this.dropdownOpen&&this.filteredOptions[this.typeAheadPointer]?{"aria-activedescendant":`vs${this.uid}__option-${this.typeAheadPointer}`}:{}),events:{compositionstart:()=>this.isComposing=!0,compositionend:()=>this.isComposing=!1,keydown:this.onSearchKeyDown,blur:this.onSearchBlur,focus:this.onSearchFocus,input:t=>this.search=t.target.value}},spinner:{loading:this.mutableLoading},noOptions:{search:this.search,loading:this.mutableLoading,searching:this.searching},openIndicator:{attributes:{ref:"openIndicator",role:"presentation",class:"vs__open-indicator"}},listHeader:e,listFooter:e,header:Ae(ee({},e),{deselect:this.deselect}),footer:Ae(ee({},e),{deselect:this.deselect})}},childComponents(){return ee(ee({},Te),this.components)},stateClasses(){return{"vs--open":this.dropdownOpen,"vs--single":!this.multiple,"vs--multiple":this.multiple,"vs--searching":this.searching&&!this.noDrop,"vs--searchable":this.searchable&&!this.noDrop,"vs--unsearchable":!this.searchable,"vs--loading":this.mutableLoading,"vs--disabled":this.disabled}},searching(){return!!this.search},dropdownOpen(){return this.dropdownShouldOpen(this)},searchPlaceholder(){return this.isValueEmpty&&this.placeholder?this.placeholder:void 0},filteredOptions(){const e=[].concat(this.optionList);if(!this.filterable&&!this.taggable)return e;const t=this.search.length?this.filter(e,this.search,this):e;if(this.taggable&&this.search.length){const s=this.createOption(this.search);this.optionExists(s)||t.unshift(s)}return t},isValueEmpty(){return this.selectedValue.length===0},showClearButton(){return!this.multiple&&this.clearable&&!this.open&&!this.isValueEmpty}},watch:{options(e,t){const s=()=>typeof this.resetOnOptionsChange=="function"?this.resetOnOptionsChange(e,t,this.selectedValue):this.resetOnOptionsChange;!this.taggable&&s()&&this.clearSelection(),this.modelValue&&this.isTrackingValues&&this.setInternalValueFromOptions(this.modelValue)},modelValue:{immediate:!0,handler(e){this.isTrackingValues&&this.setInternalValueFromOptions(e)}},multiple(){this.clearSelection()},open(e){this.$emit(e?"open":"close")}},created(){this.mutableLoading=this.loading},methods:{setInternalValueFromOptions(e){Array.isArray(e)?this.$data._value=e.map(t=>this.findOptionFromReducedValue(t)):this.$data._value=this.findOptionFromReducedValue(e)},select(e){this.$emit("option:selecting",e),this.isOptionSelected(e)?this.deselectFromDropdown&&(this.clearable||this.multiple&&this.selectedValue.length>1)&&this.deselect(e):(this.taggable&&!this.optionExists(e)&&(this.$emit("option:created",e),this.pushTag(e)),this.multiple&&(e=this.selectedValue.concat(e)),this.updateValue(e),this.$emit("option:selected",e)),this.onAfterSelect(e)},deselect(e){this.$emit("option:deselecting",e),this.updateValue(this.selectedValue.filter(t=>!this.optionComparator(t,e))),this.$emit("option:deselected",e)},clearSelection(){this.updateValue(this.multiple?[]:null)},onAfterSelect(e){this.closeOnSelect&&(this.open=!this.open,this.searchEl.blur()),this.clearSearchOnSelect&&(this.search="")},updateValue(e){typeof this.modelValue>"u"&&(this.$data._value=e),e!==null&&(Array.isArray(e)?e=e.map(t=>this.reduce(t)):e=this.reduce(e)),this.$emit("update:modelValue",e)},toggleDropdown(e){const t=e.target!==this.searchEl;t&&e.preventDefault();const s=[...this.deselectButtons||[],this.$refs.clearButton];if(this.searchEl===void 0||s.filter(Boolean).some(o=>o.contains(e.target)||o===e.target)){e.preventDefault();return}this.open&&t?this.searchEl.blur():this.disabled||(this.open=!0,this.searchEl.focus())},isOptionSelected(e){return this.selectedValue.some(t=>this.optionComparator(t,e))},isOptionDeselectable(e){return this.isOptionSelected(e)&&this.deselectFromDropdown},optionComparator(e,t){return this.getOptionKey(e)===this.getOptionKey(t)},findOptionFromReducedValue(e){const t=o=>JSON.stringify(this.reduce(o))===JSON.stringify(e),s=[...this.options,...this.pushedTags].filter(t);return s.length===1?s[0]:s.find(o=>this.optionComparator(o,this.$data._value))||e},closeSearchOptions(){this.open=!1,this.$emit("search:blur")},maybeDeleteValue(){if(!this.searchEl.value.length&&this.selectedValue&&this.selectedValue.length&&this.clearable){let e=null;this.multiple&&(e=[...this.selectedValue.slice(0,this.selectedValue.length-1)]),this.updateValue(e)}},optionExists(e){return this.optionList.some(t=>this.optionComparator(t,e))},normalizeOptionForSlot(e){return typeof e=="object"?e:{[this.label]:e}},pushTag(e){this.pushedTags.push(e)},onEscape(){this.search.length?this.search="":this.searchEl.blur()},onSearchBlur(){if(this.mousedown&&!this.searching)this.mousedown=!1;else{const{clearSearchOnSelect:e,multiple:t}=this;this.clearSearchOnBlur({clearSearchOnSelect:e,multiple:t})&&(this.search=""),this.closeSearchOptions();return}if(this.search.length===0&&this.options.length===0){this.closeSearchOptions();return}},onSearchFocus(){this.open=!0,this.$emit("search:focus")},onMousedown(){this.mousedown=!0},onMouseUp(){this.mousedown=!1},onSearchKeyDown(e){const t=a=>(a.preventDefault(),!this.isComposing&&this.typeAheadSelect()),s={8:a=>this.maybeDeleteValue(),9:a=>this.onTab(),27:a=>this.onEscape(),38:a=>(a.preventDefault(),this.typeAheadUp()),40:a=>(a.preventDefault(),this.typeAheadDown())};this.selectOnKeyCodes.forEach(a=>s[a]=t);const o=this.mapKeydown(s,this);if(typeof o[e.keyCode]=="function")return o[e.keyCode](e)}}},Ns=["dir"],Gs=["id","aria-expanded","aria-owns"],Ks={ref:"selectedOptions",class:"vs__selected-options"},qs=["disabled","title","aria-label","onClick"],Us={ref:"actions",class:"vs__actions"},zs=["disabled"],Js={class:"vs__spinner"},Xs=["id"],Ys=["id","aria-selected","onMouseover","onClick"],Qs={key:0,class:"vs__no-options"},Zs=M(" Sorry, no matching options. "),eo=["id"];function to(e,t,s,o,a,r){const i=dt("append-to-body");return n(),d("div",{dir:s.dir,class:j(["v-select",r.stateClasses])},[D(e.$slots,"header",N(q(r.scope.header))),p("div",{id:`vs${s.uid}__combobox`,ref:"toggle",class:"vs__dropdown-toggle",role:"combobox","aria-expanded":r.dropdownOpen.toString(),"aria-owns":`vs${s.uid}__listbox`,"aria-label":"Search for option",onMousedown:t[1]||(t[1]=l=>r.toggleDropdown(l))},[p("div",Ks,[(n(!0),d(I,null,B(r.selectedValue,(l,c)=>D(e.$slots,"selected-option-container",{option:r.normalizeOptionForSlot(l),deselect:r.deselect,multiple:s.multiple,disabled:s.disabled},()=>[(n(),d("span",{key:s.getOptionKey(l),class:"vs__selected"},[D(e.$slots,"selected-option",N(q(r.normalizeOptionForSlot(l))),()=>[M(V(s.getOptionLabel(l)),1)]),s.multiple?(n(),d("button",{key:0,ref_for:!0,ref:u=>a.deselectButtons[c]=u,disabled:s.disabled,type:"button",class:"vs__deselect",title:`Deselect ${s.getOptionLabel(l)}`,"aria-label":`Deselect ${s.getOptionLabel(l)}`,onClick:u=>r.deselect(l)},[(n(),O(ue(r.childComponents.Deselect)))],8,qs)):L("",!0)]))])),256)),D(e.$slots,"search",N(q(r.scope.search)),()=>[p("input",ye({class:"vs__search"},r.scope.search.attributes,pt(r.scope.search.events)),null,16)])],512),p("div",Us,[Y(p("button",{ref:"clearButton",disabled:s.disabled,type:"button",class:"vs__clear",title:"Clear Selected","aria-label":"Clear Selected",onClick:t[0]||(t[0]=(...l)=>r.clearSelection&&r.clearSelection(...l))},[(n(),O(ue(r.childComponents.Deselect)))],8,zs),[[Q,r.showClearButton]]),D(e.$slots,"open-indicator",N(q(r.scope.openIndicator)),()=>[s.noDrop?L("",!0):(n(),O(ue(r.childComponents.OpenIndicator),N(ye({key:0},r.scope.openIndicator.attributes)),null,16))]),D(e.$slots,"spinner",N(q(r.scope.spinner)),()=>[Y(p("div",Js,"Loading...",512),[[Q,e.mutableLoading]])])],512)],40,Gs),S(de,{name:s.transition},{default:W(()=>[r.dropdownOpen?Y((n(),d("ul",{id:`vs${s.uid}__listbox`,ref:"dropdownMenu",key:`vs${s.uid}__listbox`,class:"vs__dropdown-menu",role:"listbox",tabindex:"-1",onMousedown:t[2]||(t[2]=P((...l)=>r.onMousedown&&r.onMousedown(...l),["prevent"])),onMouseup:t[3]||(t[3]=(...l)=>r.onMouseUp&&r.onMouseUp(...l))},[D(e.$slots,"list-header",N(q(r.scope.listHeader))),(n(!0),d(I,null,B(r.filteredOptions,(l,c)=>(n(),d("li",{id:`vs${s.uid}__option-${c}`,key:s.getOptionKey(l),role:"option",class:j(["vs__dropdown-option",{"vs__dropdown-option--deselect":r.isOptionDeselectable(l)&&c===e.typeAheadPointer,"vs__dropdown-option--selected":r.isOptionSelected(l),"vs__dropdown-option--highlight":c===e.typeAheadPointer,"vs__dropdown-option--disabled":!s.selectable(l)}]),"aria-selected":c===e.typeAheadPointer?!0:null,onMouseover:u=>s.selectable(l)?e.typeAheadPointer=c:null,onClick:P(u=>s.selectable(l)?r.select(l):null,["prevent","stop"])},[D(e.$slots,"option",N(q(r.normalizeOptionForSlot(l))),()=>[M(V(s.getOptionLabel(l)),1)])],42,Ys))),128)),r.filteredOptions.length===0?(n(),d("li",Qs,[D(e.$slots,"no-options",N(q(r.scope.noOptions)),()=>[Zs])])):L("",!0),D(e.$slots,"list-footer",N(q(r.scope.listFooter)))],40,Xs)),[[i]]):(n(),d("ul",{key:1,id:`vs${s.uid}__listbox`,role:"listbox",style:{display:"none",visibility:"hidden"}},null,8,eo))]),_:3},8,["name"]),D(e.$slots,"footer",N(q(r.scope.footer)))],10,Ns)}const so=De(Ws,[["render",to]]);const oo=["src"],ao={key:1},ro={__name:"DSelect",props:{withIcon:{type:Boolean,default:!0},modelValue:{type:Object,default:()=>({label:"",value:""})},options:{type:Array,default:()=>[]}},emits:["changeSidebarItems","update:selectedValue","update:model-value"],setup(e,{emit:t}){const{searchSelectIcon:s}=C("themeConfig"),o=i=>{t("changeSidebarItems",i),t("update:model-value",i)},a=k(),r=()=>{a.value&&(a.value.open=!1)};return J(()=>window.addEventListener("click",i=>{var l;(l=a.value)!=null&&l.$el.contains(i.target)||r()})),ie(()=>window.removeEventListener("click",r)),(i,l)=>(n(),O(w(so),{ref_key:"dropdown",ref:a,"onUpdate:modelValue":o,"model-value":e.modelValue,label:"title",value:"link",clearable:!1,searchable:!1,options:e.options},{"open-indicator":W(({attributes:c})=>[e.withIcon?(n(),d("div",ye({key:0,class:"select-icon"},c),[p("img",{src:w(F)(w(s)),alt:"search Icon"},null,8,oo)],16)):(n(),d("span",ao))]),_:1},8,["model-value","options"]))}},Ze=A(ro,[["__file","DSelect.vue"]]),io={class:"sidebar-drawer__mobile"},lo={class:"sidebar-header"},no=p("p",{class:"sidebar-header__paragraph"},"Select TuxCare docs",-1),co=ve({__name:"SidebarDrawer",props:{allPages:{type:Array,required:!0,default:()=>[]},documents:{type:Array,required:!0,default:()=>[]},closeSidebarDrawer:{type:Function,default:()=>{}},modelValue:{type:Object,required:!0,default:()=>{}},isMobileWidth:{type:Boolean}},emits:["changeSidebarItems","update:model-value"],setup(e){return(t,s)=>(n(),d("div",io,[S(Qe,{closeSidebarDrawer:e.closeSidebarDrawer,items:e.allPages,isMobileWidth:e.isMobileWidth},{top:W(()=>[p("div",lo,[no,S(Ze,{modelValue:e.modelValue,"onUpdate:modelValue":s[0]||(s[0]=o=>t.$emit("update:model-value",o)),onChangeSidebarItems:s[1]||(s[1]=o=>t.$emit("changeSidebarItems",o)),"with-icon":"",options:e.documents},null,8,["modelValue","options"])])]),_:1},8,["closeSidebarDrawer","items","isMobileWidth"])]))}});const uo=A(co,[["__file","SidebarDrawer.vue"]]);const po={class:"drawer-tabs__wrapper"},ho=["onClick"],fo={__name:"DrawerTabs",props:{data:{type:Array,required:!0,default:()=>({})},modelValue:{type:Number,default:-1}},emits:["update:modelValue"],setup(e,{emit:t}){const s=o=>{t("update:modelValue",o)};return(o,a)=>(n(),d("div",po,[(n(!0),d(I,null,B(e.data,(r,i)=>(n(),d("div",{key:i,onClick:l=>s(i),class:j([{"drawer-tab__active":e.modelValue===i},"drawer-tab"])},[p("div",{class:j(["drawer-tab__text",{"drawer-tab__text__active":e.modelValue===i}])},V(r.title)+" ("+V(r==null?void 0:r.numberResults)+") ",3)],10,ho))),128))]))}},vo=A(fo,[["__scopeId","data-v-c60e280a"],["__file","DrawerTabs.vue"]]);const mo={key:0,class:"drawer-main__search-results"},_o=["onClick"],go=["innerHTML"],bo=["innerHTML"],yo=["innerHTML"],wo={key:1},So={class:"hidden_results__text"},Lo=p("p",{class:"hidden_results__text"},"Collapse results",-1),Oo=[Lo],Eo={key:2},Do={key:0,class:"no_results"},$o={key:1,class:"no_results"},Vo={key:0},ko=p("br",null,null,-1),xo=p("a",{class:"no_results__link",href:" https://forum.cloudlinux.com/",target:"_blank"},"https://forum.cloudlinux.com/",-1),Ao={__name:"DrawerSearchResult",props:{data:{type:[Array,Object],required:!0},modelValue:{type:String,required:!0}},setup(e){const t=e;ht(g=>({aa1be2ec:w(o)}));const{MAX_ALGOLIA_VISIBLE_RESULT:s,MAX_ALGOLIA_VISIBLE_ROWS:o}=C("themeConfig"),a=k(!1),r=g=>{window.location.href=g},i=E(()=>{var g;return a.value?t.data:(g=t.data)==null?void 0:g.slice(0,s)}),l=E(()=>t.data.length-i.value.length),c=()=>{a.value=!0},u=()=>{a.value=!1},f=g=>{var h,v;for(const m in g)if(g[m].value!==null||g[m].value!==void 0)return((h=g.lvl1)==null?void 0:h.value)||((v=g.lvl0)==null?void 0:v.value);return null},_=g=>Object.values(g).slice(2).filter(Boolean).map(h=>h.value).join(" > ");return(g,h)=>(n(),d(I,null,[e.data.length?(n(),d("section",mo,[(n(!0),d(I,null,B(i.value,v=>{var m,y,x,$;return n(),d("div",{key:v,class:"search-result",onClick:H=>r((v==null?void 0:v.url)||"/")},[p("div",{class:"search-result__title",innerHTML:f((m=v._highlightResult)==null?void 0:m.hierarchy)},null,8,go),p("div",{class:"search-result__breadcrumb",innerHTML:_((y=v._highlightResult)==null?void 0:y.hierarchy)},null,8,bo),p("div",{class:"search-result__text",innerHTML:($=(x=v._highlightResult)==null?void 0:x.content)==null?void 0:$.value},null,8,yo)],8,_o)}),128))])):L("v-if",!0),e.data.length?(n(),d("div",wo,[l.value?(n(),d("div",{key:0,class:"hidden_results",onClick:c},[p("p",So,"Show all results("+V(l.value)+")",1)])):!l.value&&a.value?(n(),d("div",{key:1,class:"hidden_results",onClick:u},Oo)):L("v-if",!0)])):(n(),d("div",Eo,[e.modelValue.length?(n(),d("p",$o,[M(" Sorry! No results found for "),e.modelValue?(n(),d("span",Vo,'"'+V(e.modelValue)+'"',1)):L("v-if",!0),M(" 😞"),ko,M("Please try ask the community (link to the "),xo,M("). ")])):(n(),d("p",Do,"What are you searching for?"))]))],64))}},To=A(Ao,[["__file","DrawerSearchResult.vue"]]);const Po={class:"drawer-header"},Co=p("div",{class:"drawer-header__wrapper"},[p("h2",{class:"drawer-header__paragraph"},"How can we help you?"),p("div",{id:"drawerSearch"})],-1),Ro={class:"drawer-cross"},Io=["src"],Mo={class:"drawer-main"},Bo={class:"drawer-main__wrapper"},Ho={class:"drawer-main__breadcrumb"},jo={key:0,class:"drawer-main__breadcrumb__text"},Fo=["src"],Wo={__name:"Drawer",props:{isOpenDrawer:{type:Boolean,required:!0,default:!1},isMobileWidth:{type:Boolean,required:!0,default:!1},modelValue:{type:String,required:!0,default:""},homeLayoutSearchResult:{type:Array,required:!0,default:()=>[]}},emits:["closeDrawer","update:modelValue"],setup(e,{emit:t}){const s=e,o=k(0),a=E(()=>{const l=s.homeLayoutSearchResult.reduce((c,u)=>{var _;const f=(_=u.hierarchy)==null?void 0:_.lvl0;return c[f]=c[f]||{title:f,numberResults:0},c[f].numberResults++,c},{});return Object.values(l)}),r=E(()=>{if(o.value===-1)return s.homeLayoutSearchResult||[];const l=a.value[o.value];return s.homeLayoutSearchResult.filter(c=>c.hierarchy.lvl0===(l==null?void 0:l.title))}),i=()=>{t("closeDrawer"),o.value=0};return re(()=>s.isOpenDrawer,()=>{document.body.classList.toggle("disable-scroll",s.isOpenDrawer)}),(l,c)=>(n(),d("div",null,[p("div",{class:j(["drawer",{"is-open":e.isOpenDrawer}])},[p("div",Po,[Co,p("div",Ro,[p("img",{onClick:i,class:"drawer-cross__img",src:w(F)("/global/cross.svg"),alt:"cross"},null,8,Io),p("p",{onClick:i,class:"drawer-cross__text"},"close")])]),S(vo,{modelValue:o.value,"onUpdate:modelValue":c[0]||(c[0]=u=>o.value=u),data:a.value},null,8,["modelValue","data"]),p("main",null,[p("div",Mo,[p("div",Bo,[p("div",Ho,[r.value.length?(n(),d("p",jo,[M("Home "),p("img",{src:w(F)("/arrows/arrow-right-breadcrumb.svg"),alt:"breadcrumb icon"},null,8,Fo),M(" Documentation ")])):L("v-if",!0)]),S(To,{modelValue:e.modelValue,data:r.value},null,8,["modelValue","data"])])]),e.isOpenDrawer&&e.isMobileWidth?(n(),O(pe,{key:0,class:"drawer-footer__mobile"})):L("v-if",!0)])],2),e.isOpenDrawer&&!e.isMobileWidth?(n(),O(pe,{key:0,class:"drawer-footer"})):L("v-if",!0)]))}},No=A(Wo,[["__file","Drawer.vue"]]);const Go={id:"search-form",class:"drawer-header__input"},Ko=["value","placeholder"],qo=["src"],Uo={__name:"DrawerSearch",props:{options:{type:[Object,Array],required:!0},modelValue:{type:String,required:!0},isOpenDrawer:{type:Boolean,required:!0},isMobileWidth:{type:Boolean}},emits:["openDrawer","update:modelValue","result"],setup(e,{emit:t}){const s=e,{MAX_ALGOLIA_HITS_PER_PAGE:o}=C("themeConfig"),{headerDefaultSearchIcon:a,headerSearchIcon:r,headerSearchPlaceholder:i}=C("themeConfig"),l=ne(),c=E(()=>l.value.layout==="HomeLayout"),u=E(()=>s.isOpenDrawer?"drawer-header__search":c.value?"header-layout__search":"header-layout__search-default"),f=E(()=>s.isOpenDrawer?"drawer-header__search-icon":c.value?"header-layout__search-icon":"header-layout__search-icon-default"),_=E(()=>c.value||s.isOpenDrawer?r:a),g=E(()=>s.isOpenDrawer?"Search":c.value?i:"Search"),h=E(()=>s.isMobileWidth?"Search accross all Imunify Security support":g.value),v=async m=>{if(typeof window>"u")return;const[y]=await Promise.all([b(()=>import("./docsearch.min-de7e3b59.js").then($=>$.d),["assets/docsearch.min-de7e3b59.js","assets/framework-0ba8e1ea.js"]),b(()=>import("./docsearch.min-49eb4b49.js"),[])]),x=y.default;x(Object.assign({},m,{inputSelector:"#algolia-search-input",algoliaOptions:{hitsPerPage:o},handleSelected:()=>{t("openDrawer")},transformData:$=>{t("result",$)}}))};return re(()=>s.options,async m=>{await v(m)},{immediate:!0}),(m,y)=>(n(),d("form",Go,[p("input",{value:e.modelValue,onInput:y[0]||(y[0]=x=>m.$emit("update:modelValue",x.target.value)),id:"algolia-search-input",placeholder:h.value,class:j(u.value),onKeypress:y[1]||(y[1]=G(P(x=>m.$emit("openDrawer"),["prevent"]),["enter"]))},null,42,Ko),p("div",{class:j(f.value)},[p("img",{onClick:y[2]||(y[2]=x=>m.$emit("openDrawer")),alt:"search icon",src:w(F)(_.value)},null,8,qo)],2)]))}},Pe=A(Uo,[["__file","DrawerSearch.vue"]]);const zo={class:"header-layout__search-container"},Jo={key:0,class:"header-layout__search-title"},Xo={__name:"HeaderLayoutSearch",props:{isMobileWidth:{type:Boolean,default:!1},closeSidebarDrawer:{type:Function}},setup(e,{expose:t}){const s=e,{headerSearch:o,algoliaOptions:a}=C("themeConfig"),r=ne(),i=k(!1),l=k(!1),c=k(""),u=k([]);re(()=>c.value,()=>{c.value||(u.value=[])});const f=v=>{u.value=v},_=E(()=>r.value.layout==="HomeLayout"),g=()=>{i.value=!0,l.value=!0,s.closeSidebarDrawer&&s.closeSidebarDrawer()},h=()=>{u.value.length=0,c.value="",i.value=!1,l.value=!1};return t({openDrawer:g,closeDrawer:h,mobileDrawerVisible:l}),(v,m)=>(n(),d("div",zo,[_.value?(n(),d("h1",Jo,V(w(o)),1)):L("v-if",!0),i.value?(n(),O(Be,{key:1,to:"#drawerSearch"},[S(Pe,{options:w(a),modelValue:c.value,"onUpdate:modelValue":m[0]||(m[0]=y=>c.value=y),isMobileWidth:e.isMobileWidth,onOpenDrawer:g,isOpenDrawer:i.value,onResult:f},null,8,["options","modelValue","isMobileWidth","isOpenDrawer"])])):(n(),O(Pe,{key:2,isMobileWidth:e.isMobileWidth,options:w(a),modelValue:c.value,"onUpdate:modelValue":m[1]||(m[1]=y=>c.value=y),onOpenDrawer:g,isOpenDrawer:i.value,onResult:f},null,8,["isMobileWidth","options","modelValue","isOpenDrawer"])),S(No,{homeLayoutSearchResult:u.value,modelValue:c.value,"onUpdate:modelValue":m[2]||(m[2]=y=>c.value=y),onCloseDrawer:h,isOpenDrawer:i.value,isMobileWidth:e.isMobileWidth},null,8,["homeLayoutSearchResult","modelValue","isOpenDrawer","isMobileWidth"])]))}},Ce=A(Xo,[["__file","HeaderLayoutSearch.vue"]]);const Yo={class:"header-products-wrapper"},Qo={key:0,class:"dropdown-wrapper"},Zo=["href"],ea={key:1,class:"dropdown-wrapper"},ta=["href"],sa=["src"],oa={class:"header-products-wrapper-paragraph"},aa=["src"],ra={__name:"HeaderProducts",props:{isMobileWidth:{type:Boolean}},setup(e){const{productsTitle:t,arrowDownIcon:s,productsList:o,productsURLs:a}=C("themeConfig"),r=k(!1),i=k(null),l=c=>{!c.composedPath().includes(i.value)&&(r.value=!1)};return J(()=>{document.addEventListener("click",l)}),ie(()=>{document.removeEventListener("click",l)}),(c,u)=>(n(),d("div",Yo,[p("div",{ref_key:"menu",ref:i,class:"dropdown"},[e.isMobileWidth?(n(),O(Be,{key:0,to:"body"},[r.value?(n(),d("div",Qo,[(n(!0),d(I,null,B(w(o),(f,_)=>(n(),d("p",{class:"dropdown-content__paragraph",key:f},[p("a",{class:"dropdown-content__link",href:w(a)[_]},V(f),9,Zo)]))),128))])):L("v-if",!0)])):L("v-if",!0),r.value&&!e.isMobileWidth?(n(),d("div",ea,[(n(!0),d(I,null,B(w(o),(f,_)=>(n(),d("p",{class:"dropdown-content__paragraph",key:f},[p("a",{class:"dropdown-content__link",href:w(a)[_]},V(f),9,ta)]))),128))])):L("v-if",!0),p("div",{onClick:u[0]||(u[0]=f=>r.value=!r.value),class:"header-products-container"},[p("img",{class:"header-products-container__img",alt:"hamburger menu",src:w(F)("/global/hamburger-menu.svg")},null,8,sa),p("p",oa,V(w(t)),1),p("img",{class:j(["products-icon__default",{"products-icon__rotate":r.value}]),width:"10",height:"8",src:w(F)(w(s)),alt:"arrow down icon"},null,10,aa)])],512)]))}},ia=A(ra,[["__file","HeaderProducts.vue"]]);const la={class:"navbar-header"},na={class:"navbar-header__logo-wrapper"},ca=["src"],ua=["src"],da=["href","onClick"],pa={__name:"HeaderLayout",props:{isMobileWidth:{type:Boolean},closeSidebarDrawer:{type:Function}},setup(e){const{siteLogo:t,defaultURL:s,locales:o,headerDefaultSearchIcon:a}=C("themeConfig"),r=k(null),i=ne(),l=ze(),c=k(null),u=()=>{var h;return(h=c==null?void 0:c.value)==null?void 0:h.openDrawer()},f=E(()=>i.value.layout==="HomeLayout"),_=E(()=>(l.value+s).replace(/\/+/g,"/")),g=h=>{if(h.type)switch(h.type){case"event":var h=new CustomEvent(h.name);document.dispatchEvent(h)}};return(h,v)=>{var y;const m=oe("router-link");return n(),d("header",{class:j(["navbar",{fixed:!f.value}])},[p("div",la,[p("div",na,[S(m,{to:_.value,class:"home-link"},{default:W(()=>[w(t)?(n(),d("img",{key:0,class:"logo",src:w(F)(w(t)),alt:"logo header"},null,8,ca)):L("v-if",!0)]),_:1},8,["to"]),f.value?L("v-if",!0):(n(),O(Ce,{key:0,closeSidebarDrawer:e.closeSidebarDrawer,ref_key:"headerLayoutSearch",ref:c,class:j({"header-mobile__hidden":!((y=c.value)!=null&&y.mobileDrawerVisible)}),isMobileWidth:e.isMobileWidth},null,8,["closeSidebarDrawer","class","isMobileWidth"]))]),p("div",{class:"links",style:ft({"max-width":r.value+"px"})},[p("img",{onClick:u,class:"navbar-header__mobile-search",src:w(F)(w(a)),alt:"icon image"},null,8,ua),S(ia,{isMobileWidth:e.isMobileWidth},null,8,["isMobileWidth"]),(n(!0),d(I,null,B(w(o).navbarLinks,x=>(n(),d("a",{href:x.url,target:"_blank",class:j(x.class),onClick:$=>g(x.event)},V(x.text),11,da))),256))],4)]),f.value?(n(),O(Ce,{key:0,closeSidebarDrawer:e.closeSidebarDrawer,ref_key:"headerLayoutSearch",ref:c,isMobileWidth:e.isMobileWidth},null,8,["closeSidebarDrawer","isMobileWidth"])):L("v-if",!0)],2)}}},et=A(pa,[["__file","HeaderLayout.vue"]]);const ha=e=>(vt("data-v-1eb13e00"),e=e(),mt(),e),fa={class:"back-to-top"},va=ha(()=>p("span",{class:"back-to-top__link-span"},"Scroll up",-1)),ma=[va],_a={__name:"BackToTop",props:{boundary:{type:Number,default:200}},setup(e){const t=e,s=k(!1),o=()=>{window&&(s.value=window.pageYOffset>t.boundary)},a=()=>{document.body.scrollTop=0,document.documentElement.scrollTop=0};return J(()=>{window&&(o(),window.addEventListener("scroll",o))}),ie(()=>{window&&window.removeEventListener("scroll",o)}),(r,i)=>(n(),d("div",fa,[p("a",{class:j([{active:s.value},"nav-arrow top back-to-top__link"]),onClick:a},ma,2)]))}},ga=A(_a,[["__scopeId","data-v-1eb13e00"],["__file","BackToTop.vue"]]);const ba={class:"breadcrumb-wrapper"},ya={class:"breadcrumb-title"},wa={__name:"Breadcrumb",setup(e){const t=Z(),{locales:{siteTitle:s}}=C("themeConfig"),o=E(()=>{const a=[];return t.value.path!=="/"&&a.push({path:t.value.path,title:t.value.title}),a});return(a,r)=>{const i=oe("router-link");return n(),d("div",ba,[p("span",ya,V(w(s))+":",1),(n(!0),d(I,null,B(o.value,l=>(n(),O(i,{class:"breadcrumb",key:l.path,to:l.path},{default:W(()=>[M(V(l.title),1)]),_:2},1032,["to"]))),128))])}}},Sa=A(wa,[["__scopeId","data-v-9445381a"],["__file","Breadcrumb.vue"]]);const La={key:0,class:"page-nav"},Oa={__name:"PageNav",props:{sidebarItems:{type:Array,default:()=>[]},allPages:{type:Array}},setup(e){const t=e,s=ze(),o=Z(),a=E(()=>{const u=o.value.frontmatter.prev;return u===!1?null:u?fe(t.allPages,u,s):i(o.value,t.sidebarItems)}),r=E(()=>{const u=o.value.frontmatter.next;return u===!1?null:u?fe(t.allPages,u,s):l(o.value,t.sidebarItems)}),i=(u,f)=>c(u,f,-1),l=(u,f)=>c(u,f,1),c=(u,f,_)=>{const g=[];f.forEach(h=>{h.type==="group"?g.push(...h.children||[]):g.push(h)});for(let h=0;h<g.length;h++){const v=g[h];if((v==null?void 0:v.type)==="page"&&v.path===u.path)return g[h+_]}};return(u,f)=>{const _=oe("router-link");return a.value||r.value?(n(),d("div",La,[a.value?(n(),O(_,{key:0,class:"nav-arrow left",to:a.value.path},null,8,["to"])):L("v-if",!0),r.value?(n(),O(_,{key:1,class:"nav-arrow right",to:r.value.path},null,8,["to"])):L("v-if",!0)])):L("v-if",!0)}}},Ea=A(Oa,[["__file","PageNav.vue"]]);const Da={class:"page"},$a=["src"],Va={class:"page-nav-wrapper"},ka={key:0,class:"page-edit"},xa={class:"edit-link"},Aa=["src"],Ta=["href"],Pa={__name:"Page",props:{sidebarItems:{type:Array,default:()=>[]},allPages:{type:Array,default:()=>[]},isMobileWidth:{type:Boolean}},setup(e,{expose:t}){const s=e,{githubEditIcon:o,githubRepository:a,allowGithubEdit:r,githubMainDir:i="",githubBranch:l="master",docsRepo:c=a,editLinkText:u}=C("themeConfig"),f=Z();Ke();const _=ne(),g=k(s.isMobileWidth),h=()=>g.value=!0,v=()=>g.value=!1,m=E(()=>{if(_.value.editLink===!1)return;let $=ae(f.value.path);if(te.test($)?$+="README.md":$+=".md",c&&r)return x(a,c,i,l,$)}),y=E(()=>u||"Edit this page"),x=($,H,R,K,$e)=>/bitbucket.org/.test($)?(we.test(H)?H:$).replace(te,"")+`/${K}`+(R?"/"+R.replace(te,""):"")+$e+`?mode=edit&spa=0&at=${K}&fileviewer=file-view-default`:(we.test(H)?H:`https://github.com/${H}`).replace(te,"")+`/tree/${K}`+(R?"/"+R.replace(te,""):"")+$e;return t({isOpenMobileSidebarMenu:g,closeSidebarDrawer:v}),($,H)=>{const R=oe("Content");return n(),d("div",Da,[D($.$slots,"top"),S(Sa,{class:"page-breadcrumb"}),p("img",{onClick:h,class:"page-mobile__sidebar-menu",src:w(F)("/global/sidebar-menu.svg"),alt:"sidebar hamburger menu"},null,8,$a),p("div",Va,[S(Ea,{"sidebar-items":e.sidebarItems,allPages:e.allPages},null,8,["sidebar-items","allPages"])]),S(R,{class:"content",custom:!1}),w(r)?(n(),d("div",ka,[p("div",xa,[p("img",{src:w(F)(w(o)),alt:"icon pen"},null,8,Aa),p("a",{href:m.value,target:"_blank",rel:"noopener noreferrer"},V(y.value),9,Ta)])])):L("v-if",!0),S(ga),D($.$slots,"bottom")])}}},Ca=A(Pa,[["__file","Page.vue"]]);const Ra={class:"theme-container"},Ia={key:0,class:"sidebar-header"},Ma=p("p",{class:"sidebar-header__paragraph"},"Select TuxCare docs",-1),Ba={__name:"Layout",setup(e){const{documents:t,MOBILE_BREAKPOINT:s}=C("themeConfig"),o=k(null),a=k(null),r=_e(),i=me(),l=Z(),c=k([]),u=k(!1),f=E(()=>l.value&&c.value.length?Je(l.value,i,c.value):[]),_=v=>r.push(v.link),g=()=>{var y;const v=(y=l.value)==null?void 0:y.path,m=v.indexOf("/",v.indexOf("/")+1);return v.substr(0,m)},h=()=>{u.value=window.innerWidth<=s};return J(()=>{Object.values(Le).map(v=>v().then(m=>{c.value.push(m)})),a.value=t.find(v=>{var m;return(m=v.link)==null?void 0:m.startsWith(g())}),window.addEventListener("resize",h),u.value=window.innerWidth<=s}),ie(()=>{window.removeEventListener("resize",h)}),(v,m)=>{var y,x,$,H,R;return n(),d("div",Ra,[S(et,{closeSidebarDrawer:(y=o.value)==null?void 0:y.closeSidebarDrawer,isMobileWidth:u.value},null,8,["closeSidebarDrawer","isMobileWidth"]),c.value.length&&!((x=o.value)!=null&&x.isOpenMobileSidebarMenu)&&!u.value?(n(),O(Qe,{key:0,items:c.value,closeSidebarDrawer:($=o.value)==null?void 0:$.closeSidebarDrawer},{top:W(()=>[w(t)?(n(),d("div",Ia,[Ma,S(Ze,{"with-icon":"",modelValue:a.value,"onUpdate:modelValue":m[0]||(m[0]=K=>a.value=K),onChangeSidebarItems:_,options:w(t)},null,8,["modelValue","options"])])):L("v-if",!0)]),_:1},8,["items","closeSidebarDrawer"])):L("v-if",!0),S(Ca,{ref_key:"pageRef",ref:o,sidebarItems:f.value,allPages:c.value,isMobileWidth:u.value},null,8,["sidebarItems","allPages","isMobileWidth"]),c.value.length&&((H=o.value)!=null&&H.isOpenMobileSidebarMenu)&&u.value?(n(),O(uo,{key:1,onChangeSidebarItems:_,"all-pages":c.value,documents:w(t),modelValue:a.value,"onUpdate:modelValue":m[1]||(m[1]=K=>a.value=K),closeSidebarDrawer:(R=o.value)==null?void 0:R.closeSidebarDrawer,isMobileWidth:u.value},null,8,["all-pages","documents","modelValue","closeSidebarDrawer","isMobileWidth"])):L("v-if",!0),S(pe)])}}},Ha=A(Ba,[["__file","Layout.vue"]]);const ja={class:"docs-card-container"},Fa={class:"docs-card-container__header"},Wa=["src"],Na={key:0,class:"docs-card-container__header-paragraph"},Ga={class:"docs-card-container__main"},Ka={key:0,class:"docs-card-container__main-paragraph"},qa={class:"docs-card-container__footer"},Ua={__name:"DocsCard",props:{card:{type:Object,default:null}},setup(e){const t=e,s=_e(),o=()=>{var a;return s.push((a=t.card)==null?void 0:a.link)};return(a,r)=>(n(),d("div",ja,[p("div",Fa,[p("img",{width:"20",height:"20",src:w(F)("collections-bookmark.svg"),alt:"document icon"},null,8,Wa),e.card.title?(n(),d("p",Na,V(e.card.title),1)):L("v-if",!0)]),p("div",Ga,[e.card.description?(n(),d("p",Ka,V(e.card.description),1)):L("v-if",!0)]),p("div",qa,[p("button",{onClick:r[0]||(r[0]=i=>o()),class:"docs-card-container__footer-btn"},"View Documentation")])]))}},za=A(Ua,[["__file","DocsCard.vue"]]);const Ja={class:"docs-cards-wrapper"},Xa={__name:"DocsCardsWrapper",setup(e){const{documents:t}=C("themeConfig");return(s,o)=>(n(),d("div",Ja,[(n(!0),d(I,null,B(w(t),(a,r)=>(n(),O(za,{key:r,card:a},null,8,["card"]))),128))]))}},Ya=A(Xa,[["__file","DocsCardsWrapper.vue"]]),Qa={class:"theme-container"},Za={__name:"HomeLayout",setup(e){const{MOBILE_BREAKPOINT:t}=C("themeConfig"),s=k(!1),o=()=>s.value=window.innerWidth<=t;return J(()=>{window.addEventListener("resize",o),s.value=window.innerWidth<=t}),ie(()=>window.removeEventListener("resize",o)),(a,r)=>(n(),d("div",Qa,[S(et,{isMobileWidth:s.value},null,8,["isMobileWidth"]),S(Ya),S(pe)]))}},er=A(Za,[["__file","HomeLayout.vue"]]),tr={class:"theme-container"},sr={__name:"NotFound",setup(e){const t=me(),s=_e();k([]);const o=[{from:"cloudlinux-os-plus/#get-started",to:"shared-pro/accelerate-wp/#get-started"},{from:"cloudlinux-os-plus/#setup-upgrade-url-for-acceleratewp-premium",to:"shared-pro/accelerate-wp/#setup-upgrade-url-for-acceleratewp-premium"},{from:"cloudlinux-os-plus",to:"shared-pro"},{from:"cagefs.html",to:"shared/cloudlinux_os_components/#cagefs"},{from:"index.html?cagefs_installation.html",to:"shared/cloudlinux_os_components/#installation-and-update-1"},{from:"mod_lsapi_troubleshooting.html",to:"shared/cloudlinux_os_components/#troubleshooting-3"}];return J(()=>{const a=t.path+t.hash,r=new RegExp(a,"gi");let i=!1;const l=(u,f)=>{var _;if(!i&&((_=u.children)==null?void 0:_.length)>0)for(let g of u.children){const h=f+"/"+g.link;if(h.search(r)!==-1){s.push(h),i=!0;return}u.children.length>0&&l(g,f)}};(async()=>{var _;const u=Object==null?void 0:Object.values(Le);let f=!1;for(let g of o)if(a.search(g.from)!==-1){const h=a.replace(g.from,g.to);s.push(h),f=!0;return}f||(window.location.href="/not-found.html");for(let g of u){const h=await g();let v=h.path;if(v.at(-1)==="/"&&(v=v.slice(0,-1)),((_=h.headers)==null?void 0:_.length)>0)for(let m of h.headers){const y=v+"/"+m.link;if(y.search(r)!==-1){s.push(y),i=!0;return}l(m,v)}}})()}),(a,r)=>(n(),d("div",tr))}},or=A(sr,[["__file","NotFound.vue"]]),ar=[{text:"Knowledge base",url:"https://cloudlinux.zendesk.com/hc/en-us/categories/360002375960-KernelCare"},{text:"Forum",url:"https://forum.cloudlinux.com/forum/tuxcare"},{text:"Blog",url:"https://blog.tuxcare.com/"},{text:"Privacy Policy",url:"https://www.cloudlinux.com/privacy-policy/"}],rr=[{text:"Ask GPT?",event:{type:"event",name:"botui-open"},class:"btn"},{text:"Submit support request",url:"https://www.tuxcare.com/support-portal/",class:"btn"},{text:"Submit your idea",url:"https://features.tuxcare.com/submit-idea/",class:"btn"}],ir=[{title:"TuxCare",description:"services automate, simplify, and enhance Linux operations, giving organizations more flexibility in managing Linux distro choices and versions, significant maintenance cost reductions, and greatly enhanced security and compliance postures.",link:"/tuxcare/"},{title:"Enterprise Support for AlmaLinux",description:"provides a TuxCare-vetted repository of AlmaLinux updates with 16 years of support coverage, delivers an extension of an additional 4.5 years of security fixes for Critical and High-risk vulnerabilities and FIPS-compliant security patches for select AlmaLinux minor versions, minimizes vulnerability windows with rebootless security patches and helps to avoid costly upfront support package fees with pay-as-you-go hourly support bundles.",link:"/enterprise-support-for-almalinux/"},{title:"KernelCare Enterprise",description:"is a live kernel patching service that provides security patches and bugfixes for a range of popular Linux kernels that can be installed without rebooting the system.",link:"/live-patching-services/"},{title:"KernelCare for IOT",description:"provides live security patching for ARM64-based embedded systems for enterprise IoT users and original equipment manufacturers.",link:"/kernelcare-for-iot/"},{title:"ePortal",description:"TuxCare ePortal is the web management console dedicated to KernelCare Enterprise live patch management.",link:"/eportal/"},{title:"ePortal API",description:"is a complete API for everyday use.",link:"/eportal-api/"},{title:"Extended Lifecycle Support",description:"allows you to continue running your Linux server after the operating system’s end of life.",link:"/extended-lifecycle-support/"},{title:"Extended Lifecycle Support for Languages",description:"provides security fixes for PHP and Python versions that have reached their end-of-life which allows to continue running Linux server vulnerability-free.",link:"/extended-lifecycle-support-for-languages/"},{title:"Subscription Management Portal",description:"The TuxCare subscription management portal is designed to easily manage your licenses of TuxCare products and services by means of a user-friendly interface.",link:"/tuxcare-cln/"},{title:"Service Descriptions",description:"AlmaCare service description",link:"/service-descriptions/"}],lr={"/enterprise-support-for-almalinux/":[{collapsable:!1,children:["/enterprise-support-for-almalinux/","/enterprise-support-for-almalinux/fips/"]}],"/eportal/":[{collapsable:!1,children:["/eportal/","/eportal/general"]}],"/eportal-api/":[{collapsable:!1,children:["/eportal-api/"]}],"/extended-lifecycle-support/":[{collapsable:!1,children:["/extended-lifecycle-support/"]}],"/extended-lifecycle-support-for-languages/":[{collapsable:!1,children:["/extended-lifecycle-support-for-languages/"]}],"/jp/":[{collapsable:!1,children:["/jp/","/jp/eportal","/jp/eportal-api","/jp/extended-lifecycle-support","/jp/extended-lifecycle-support-for-languages","/jp/linux-support-services","/jp/live-patching-services","/jp/tuxcare","/jp/tuxcare-cln"]}],"/kernelcare-for-iot/":[{collapsable:!1,children:["/kernelcare-for-iot/"]}],"/live-patching-services/":[{collapsable:!1,children:["/live-patching-services/"]}],"/service-descriptions/":[{collapsable:!1,children:["/service-descriptions/"]}],"/tuxcare/":[{collapsable:!1,children:["/tuxcare/"]}],"/tuxcare-cln/":[{collapsable:!1,children:["/tuxcare-cln/"]}]},nr=[{url:"https://www.facebook.com/tuxcare/",icon:"footer-social/fb.png"},{url:"https://twitter.com/tuxcare_/",icon:"footer-social/tw.png"},{url:"https://linkedin.com/company/tuxcare",icon:"footer-social/in.png"},{url:"https://www.youtube.com/@TuxCare",icon:"footer-social/ytube.png"}];function ge(e){return e===0?!1:Array.isArray(e)&&e.length===0?!0:!e}function cr(e){return(...t)=>!e(...t)}function ur(e,t){return e===void 0&&(e="undefined"),e===null&&(e="null"),e===!1&&(e="false"),e.toString().toLowerCase().indexOf(t.trim())!==-1}function tt(e,t,s,o){return t?e.filter(a=>ur(o(a,s),t)).sort((a,r)=>o(a,s).length-o(r,s).length):e}function dr(e){return e.filter(t=>!t.$isLabel)}function be(e,t){return s=>s.reduce((o,a)=>a[e]&&a[e].length?(o.push({$groupLabel:a[t],$isLabel:!0}),o.concat(a[e])):o,[])}function pr(e,t,s,o,a){return r=>r.map(i=>{if(!i[s])return console.warn("Options passed to vue-multiselect do not contain groups, despite the config."),[];const l=tt(i[s],e,t,a);return l.length?{[o]:i[o],[s]:l}:[]})}const Re=(...e)=>t=>e.reduce((s,o)=>o(s),t);var hr={data(){return{search:"",isOpen:!1,preferredOpenDirection:"below",optimizedHeight:this.maxHeight}},props:{internalSearch:{type:Boolean,default:!0},options:{type:Array,required:!0},multiple:{type:Boolean,default:!1},trackBy:{type:String},label:{type:String},searchable:{type:Boolean,default:!0},clearOnSelect:{type:Boolean,default:!0},hideSelected:{type:Boolean,default:!1},placeholder:{type:String,default:"Select option"},allowEmpty:{type:Boolean,default:!0},resetAfter:{type:Boolean,default:!1},closeOnSelect:{type:Boolean,default:!0},customLabel:{type:Function,default(e,t){return ge(e)?"":t?e[t]:e}},taggable:{type:Boolean,default:!1},tagPlaceholder:{type:String,default:"Press enter to create a tag"},tagPosition:{type:String,default:"top"},max:{type:[Number,Boolean],default:!1},id:{default:null},optionsLimit:{type:Number,default:1e3},groupValues:{type:String},groupLabel:{type:String},groupSelect:{type:Boolean,default:!1},blockKeys:{type:Array,default(){return[]}},preserveSearch:{type:Boolean,default:!1},preselectFirst:{type:Boolean,default:!1},preventAutofocus:{type:Boolean,default:!1}},mounted(){!this.multiple&&this.max&&console.warn("[Vue-Multiselect warn]: Max prop should not be used when prop Multiple equals false."),this.preselectFirst&&!this.internalValue.length&&this.options.length&&this.select(this.filteredOptions[0])},computed:{internalValue(){return this.modelValue||this.modelValue===0?Array.isArray(this.modelValue)?this.modelValue:[this.modelValue]:[]},filteredOptions(){const e=this.search||"",t=e.toLowerCase().trim();let s=this.options.concat();return this.internalSearch?s=this.groupValues?this.filterAndFlat(s,t,this.label):tt(s,t,this.label,this.customLabel):s=this.groupValues?be(this.groupValues,this.groupLabel)(s):s,s=this.hideSelected?s.filter(cr(this.isSelected)):s,this.taggable&&t.length&&!this.isExistingOption(t)&&(this.tagPosition==="bottom"?s.push({isTag:!0,label:e}):s.unshift({isTag:!0,label:e})),s.slice(0,this.optionsLimit)},valueKeys(){return this.trackBy?this.internalValue.map(e=>e[this.trackBy]):this.internalValue},optionKeys(){return(this.groupValues?this.flatAndStrip(this.options):this.options).map(t=>this.customLabel(t,this.label).toString().toLowerCase())},currentOptionLabel(){return this.multiple?this.searchable?"":this.placeholder:this.internalValue.length?this.getOptionLabel(this.internalValue[0]):this.searchable?"":this.placeholder}},watch:{internalValue:{handler(){this.resetAfter&&this.internalValue.length&&(this.search="",this.$emit("update:modelValue",this.multiple?[]:null))},deep:!0},search(){this.$emit("search-change",this.search)}},emits:["open","search-change","close","select","update:modelValue","remove","tag"],methods:{getValue(){return this.multiple?this.internalValue:this.internalValue.length===0?null:this.internalValue[0]},filterAndFlat(e,t,s){return Re(pr(t,s,this.groupValues,this.groupLabel,this.customLabel),be(this.groupValues,this.groupLabel))(e)},flatAndStrip(e){return Re(be(this.groupValues,this.groupLabel),dr)(e)},updateSearch(e){this.search=e},isExistingOption(e){return this.options?this.optionKeys.indexOf(e)>-1:!1},isSelected(e){const t=this.trackBy?e[this.trackBy]:e;return this.valueKeys.indexOf(t)>-1},isOptionDisabled(e){return!!e.$isDisabled},getOptionLabel(e){if(ge(e))return"";if(e.isTag)return e.label;if(e.$isLabel)return e.$groupLabel;const t=this.customLabel(e,this.label);return ge(t)?"":t},select(e,t){if(e.$isLabel&&this.groupSelect){this.selectGroup(e);return}if(!(this.blockKeys.indexOf(t)!==-1||this.disabled||e.$isDisabled||e.$isLabel)&&!(this.max&&this.multiple&&this.internalValue.length===this.max)&&!(t==="Tab"&&!this.pointerDirty)){if(e.isTag)this.$emit("tag",e.label,this.id),this.search="",this.closeOnSelect&&!this.multiple&&this.deactivate();else{if(this.isSelected(e)){t!=="Tab"&&this.removeElement(e);return}this.multiple?this.$emit("update:modelValue",this.internalValue.concat([e])):this.$emit("update:modelValue",e),this.$emit("select",e,this.id),this.clearOnSelect&&(this.search="")}this.closeOnSelect&&this.deactivate()}},selectGroup(e){const t=this.options.find(s=>s[this.groupLabel]===e.$groupLabel);if(t){if(this.wholeGroupSelected(t)){this.$emit("remove",t[this.groupValues],this.id);const s=this.internalValue.filter(o=>t[this.groupValues].indexOf(o)===-1);this.$emit("update:modelValue",s)}else{let s=t[this.groupValues].filter(o=>!(this.isOptionDisabled(o)||this.isSelected(o)));this.max&&s.splice(this.max-this.internalValue.length),this.$emit("select",s,this.id),this.$emit("update:modelValue",this.internalValue.concat(s))}this.closeOnSelect&&this.deactivate()}},wholeGroupSelected(e){return e[this.groupValues].every(t=>this.isSelected(t)||this.isOptionDisabled(t))},wholeGroupDisabled(e){return e[this.groupValues].every(this.isOptionDisabled)},removeElement(e,t=!0){if(this.disabled||e.$isDisabled)return;if(!this.allowEmpty&&this.internalValue.length<=1){this.deactivate();return}const s=typeof e=="object"?this.valueKeys.indexOf(e[this.trackBy]):this.valueKeys.indexOf(e);if(this.multiple){const o=this.internalValue.slice(0,s).concat(this.internalValue.slice(s+1));this.$emit("update:modelValue",o)}else this.$emit("update:modelValue",null);this.$emit("remove",e,this.id),this.closeOnSelect&&t&&this.deactivate()},removeLastElement(){this.blockKeys.indexOf("Delete")===-1&&this.search.length===0&&Array.isArray(this.internalValue)&&this.internalValue.length&&this.removeElement(this.internalValue[this.internalValue.length-1],!1)},activate(){this.isOpen||this.disabled||(this.adjustPosition(),this.groupValues&&this.pointer===0&&this.filteredOptions.length&&(this.pointer=1),this.isOpen=!0,this.searchable?(this.preserveSearch||(this.search=""),this.preventAutofocus||this.$nextTick(()=>this.$refs.search&&this.$refs.search.focus())):this.preventAutofocus||typeof this.$el<"u"&&this.$el.focus(),this.$emit("open",this.id))},deactivate(){this.isOpen&&(this.isOpen=!1,this.searchable?typeof this.$refs.search<"u"&&this.$refs.search.blur():typeof this.$el<"u"&&this.$el.blur(),this.preserveSearch||(this.search=""),this.$emit("close",this.getValue(),this.id))},toggle(){this.isOpen?this.deactivate():this.activate()},adjustPosition(){if(typeof window>"u")return;const e=this.$el.getBoundingClientRect().top,t=window.innerHeight-this.$el.getBoundingClientRect().bottom;t>this.maxHeight||t>e||this.openDirection==="below"||this.openDirection==="bottom"?(this.preferredOpenDirection="below",this.optimizedHeight=Math.min(t-40,this.maxHeight)):(this.preferredOpenDirection="above",this.optimizedHeight=Math.min(e-40,this.maxHeight))}}},fr={data(){return{pointer:0,pointerDirty:!1}},props:{showPointer:{type:Boolean,default:!0},optionHeight:{type:Number,default:40}},computed:{pointerPosition(){return this.pointer*this.optionHeight},visibleElements(){return this.optimizedHeight/this.optionHeight}},watch:{filteredOptions(){this.pointerAdjust()},isOpen(){this.pointerDirty=!1},pointer(){this.$refs.search&&this.$refs.search.setAttribute("aria-activedescendant",this.id+"-"+this.pointer.toString())}},methods:{optionHighlight(e,t){return{"multiselect__option--highlight":e===this.pointer&&this.showPointer,"multiselect__option--selected":this.isSelected(t)}},groupHighlight(e,t){if(!this.groupSelect)return["multiselect__option--disabled",{"multiselect__option--group":t.$isLabel}];const s=this.options.find(o=>o[this.groupLabel]===t.$groupLabel);return s&&!this.wholeGroupDisabled(s)?["multiselect__option--group",{"multiselect__option--highlight":e===this.pointer&&this.showPointer},{"multiselect__option--group-selected":this.wholeGroupSelected(s)}]:"multiselect__option--disabled"},addPointerElement({key:e}="Enter"){this.filteredOptions.length>0&&this.select(this.filteredOptions[this.pointer],e),this.pointerReset()},pointerForward(){this.pointer<this.filteredOptions.length-1&&(this.pointer++,this.$refs.list.scrollTop<=this.pointerPosition-(this.visibleElements-1)*this.optionHeight&&(this.$refs.list.scrollTop=this.pointerPosition-(this.visibleElements-1)*this.optionHeight),this.filteredOptions[this.pointer]&&this.filteredOptions[this.pointer].$isLabel&&!this.groupSelect&&this.pointerForward()),this.pointerDirty=!0},pointerBackward(){this.pointer>0?(this.pointer--,this.$refs.list.scrollTop>=this.pointerPosition&&(this.$refs.list.scrollTop=this.pointerPosition),this.filteredOptions[this.pointer]&&this.filteredOptions[this.pointer].$isLabel&&!this.groupSelect&&this.pointerBackward()):this.filteredOptions[this.pointer]&&this.filteredOptions[0].$isLabel&&!this.groupSelect&&this.pointerForward(),this.pointerDirty=!0},pointerReset(){this.closeOnSelect&&(this.pointer=0,this.$refs.list&&(this.$refs.list.scrollTop=0))},pointerAdjust(){this.pointer>=this.filteredOptions.length-1&&(this.pointer=this.filteredOptions.length?this.filteredOptions.length-1:0),this.filteredOptions.length>0&&this.filteredOptions[this.pointer].$isLabel&&!this.groupSelect&&this.pointerForward()},pointerSet(e){this.pointer=e,this.pointerDirty=!0}}},st={name:"vue-multiselect",mixins:[hr,fr],compatConfig:{MODE:3,ATTR_ENUMERATED_COERCION:!1},props:{name:{type:String,default:""},modelValue:{type:null,default(){return[]}},selectLabel:{type:String,default:"Press enter to select"},selectGroupLabel:{type:String,default:"Press enter to select group"},selectedLabel:{type:String,default:"Selected"},deselectLabel:{type:String,default:"Press enter to remove"},deselectGroupLabel:{type:String,default:"Press enter to deselect group"},showLabels:{type:Boolean,default:!0},limit:{type:Number,default:99999},maxHeight:{type:Number,default:300},limitText:{type:Function,default:e=>`and ${e} more`},loading:{type:Boolean,default:!1},disabled:{type:Boolean,default:!1},openDirection:{type:String,default:""},showNoOptions:{type:Boolean,default:!0},showNoResults:{type:Boolean,default:!0},tabindex:{type:Number,default:0}},computed:{hasOptionGroup(){return this.groupValues&&this.groupLabel&&this.groupSelect},isSingleLabelVisible(){return(this.singleValue||this.singleValue===0)&&(!this.isOpen||!this.searchable)&&!this.visibleValues.length},isPlaceholderVisible(){return!this.internalValue.length&&(!this.searchable||!this.isOpen)},visibleValues(){return this.multiple?this.internalValue.slice(0,this.limit):[]},singleValue(){return this.internalValue[0]},deselectLabelText(){return this.showLabels?this.deselectLabel:""},deselectGroupLabelText(){return this.showLabels?this.deselectGroupLabel:""},selectLabelText(){return this.showLabels?this.selectLabel:""},selectGroupLabelText(){return this.showLabels?this.selectGroupLabel:""},selectedLabelText(){return this.showLabels?this.selectedLabel:""},inputStyle(){return this.searchable||this.multiple&&this.modelValue&&this.modelValue.length?this.isOpen?{width:"100%"}:{width:"0",position:"absolute",padding:"0"}:""},contentStyle(){return this.options.length?{display:"inline-block"}:{display:"block"}},isAbove(){return this.openDirection==="above"||this.openDirection==="top"?!0:this.openDirection==="below"||this.openDirection==="bottom"?!1:this.preferredOpenDirection==="above"},showSearchInput(){return this.searchable&&(this.hasSingleSelectedSlot&&(this.visibleSingleValue||this.visibleSingleValue===0)?this.isOpen:!0)}}};const vr={ref:"tags",class:"multiselect__tags"},mr={class:"multiselect__tags-wrap"},_r={class:"multiselect__spinner"},gr={key:0},br={class:"multiselect__option"},yr={class:"multiselect__option"},wr=M("No elements found. Consider changing the search query."),Sr={class:"multiselect__option"},Lr=M("List is empty.");function Or(e,t,s,o,a,r){return n(),O("div",{tabindex:e.searchable?-1:s.tabindex,class:[{"multiselect--active":e.isOpen,"multiselect--disabled":s.disabled,"multiselect--above":r.isAbove,"multiselect--has-options-group":r.hasOptionGroup},"multiselect"],onFocus:t[14]||(t[14]=i=>e.activate()),onBlur:t[15]||(t[15]=i=>e.searchable?!1:e.deactivate()),onKeydown:[t[16]||(t[16]=G(P(i=>e.pointerForward(),["self","prevent"]),["down"])),t[17]||(t[17]=G(P(i=>e.pointerBackward(),["self","prevent"]),["up"]))],onKeypress:t[18]||(t[18]=G(P(i=>e.addPointerElement(i),["stop","self"]),["enter","tab"])),onKeyup:t[19]||(t[19]=G(i=>e.deactivate(),["esc"])),role:"combobox","aria-owns":"listbox-"+e.id},[D(e.$slots,"caret",{toggle:e.toggle},()=>[S("div",{onMousedown:t[1]||(t[1]=P(i=>e.toggle(),["prevent","stop"])),class:"multiselect__select"},null,32)]),D(e.$slots,"clear",{search:e.search}),S("div",vr,[D(e.$slots,"selection",{search:e.search,remove:e.removeElement,values:r.visibleValues,isOpen:e.isOpen},()=>[Y(S("div",mr,[(n(!0),O(I,null,B(r.visibleValues,(i,l)=>D(e.$slots,"tag",{option:i,search:e.search,remove:e.removeElement},()=>[(n(),O("span",{class:"multiselect__tag",key:l},[S("span",{textContent:V(e.getOptionLabel(i))},null,8,["textContent"]),S("i",{tabindex:"1",onKeypress:G(P(c=>e.removeElement(i),["prevent"]),["enter"]),onMousedown:P(c=>e.removeElement(i),["prevent"]),class:"multiselect__tag-icon"},null,40,["onKeypress","onMousedown"])]))])),256))],512),[[Q,r.visibleValues.length>0]]),e.internalValue&&e.internalValue.length>s.limit?D(e.$slots,"limit",{key:0},()=>[S("strong",{class:"multiselect__strong",textContent:V(s.limitText(e.internalValue.length-s.limit))},null,8,["textContent"])]):L("v-if",!0)]),S(de,{name:"multiselect__loading"},{default:W(()=>[D(e.$slots,"loading",{},()=>[Y(S("div",_r,null,512),[[Q,s.loading]])])]),_:3}),e.searchable?(n(),O("input",{key:0,ref:"search",name:s.name,id:e.id,type:"text",autocomplete:"off",spellcheck:"false",placeholder:e.placeholder,style:r.inputStyle,value:e.search,disabled:s.disabled,tabindex:s.tabindex,onInput:t[2]||(t[2]=i=>e.updateSearch(i.target.value)),onFocus:t[3]||(t[3]=P(i=>e.activate(),["prevent"])),onBlur:t[4]||(t[4]=P(i=>e.deactivate(),["prevent"])),onKeyup:t[5]||(t[5]=G(i=>e.deactivate(),["esc"])),onKeydown:[t[6]||(t[6]=G(P(i=>e.pointerForward(),["prevent"]),["down"])),t[7]||(t[7]=G(P(i=>e.pointerBackward(),["prevent"]),["up"])),t[9]||(t[9]=G(P(i=>e.removeLastElement(),["stop"]),["delete"]))],onKeypress:t[8]||(t[8]=G(P(i=>e.addPointerElement(i),["prevent","stop","self"]),["enter"])),class:"multiselect__input","aria-controls":"listbox-"+e.id},null,44,["name","id","placeholder","value","disabled","tabindex","aria-controls"])):L("v-if",!0),r.isSingleLabelVisible?(n(),O("span",{key:1,class:"multiselect__single",onMousedown:t[10]||(t[10]=P((...i)=>e.toggle&&e.toggle(...i),["prevent"]))},[D(e.$slots,"singleLabel",{option:r.singleValue},()=>[M(V(e.currentOptionLabel),1)])],32)):L("v-if",!0),r.isPlaceholderVisible?(n(),O("span",{key:2,class:"multiselect__placeholder",onMousedown:t[11]||(t[11]=P((...i)=>e.toggle&&e.toggle(...i),["prevent"]))},[D(e.$slots,"placeholder",{},()=>[M(V(e.placeholder),1)])],32)):L("v-if",!0)],512),S(de,{name:"multiselect"},{default:W(()=>[Y(S("div",{class:"multiselect__content-wrapper",onFocus:t[12]||(t[12]=(...i)=>e.activate&&e.activate(...i)),tabindex:"-1",onMousedown:t[13]||(t[13]=P(()=>{},["prevent"])),style:{maxHeight:e.optimizedHeight+"px"},ref:"list"},[S("ul",{class:"multiselect__content",style:r.contentStyle,role:"listbox",id:"listbox-"+e.id},[D(e.$slots,"beforeList"),e.multiple&&e.max===e.internalValue.length?(n(),O("li",gr,[S("span",br,[D(e.$slots,"maxElements",{},()=>[M("Maximum of "+V(e.max)+" options selected. First remove a selected option to select another.",1)])])])):L("v-if",!0),!e.max||e.internalValue.length<e.max?(n(!0),O(I,{key:1},B(e.filteredOptions,(i,l)=>(n(),O("li",{class:"multiselect__element",key:l,id:e.id+"-"+l,role:i&&(i.$isLabel||i.$isDisabled)?null:"option"},[i&&(i.$isLabel||i.$isDisabled)?L("v-if",!0):(n(),O("span",{key:0,class:[e.optionHighlight(l,i),"multiselect__option"],onClick:P(c=>e.select(i),["stop"]),onMouseenter:P(c=>e.pointerSet(l),["self"]),"data-select":i&&i.isTag?e.tagPlaceholder:r.selectLabelText,"data-selected":r.selectedLabelText,"data-deselect":r.deselectLabelText},[D(e.$slots,"option",{option:i,search:e.search,index:l},()=>[S("span",null,V(e.getOptionLabel(i)),1)])],42,["onClick","onMouseenter","data-select","data-selected","data-deselect"])),i&&(i.$isLabel||i.$isDisabled)?(n(),O("span",{key:1,"data-select":e.groupSelect&&r.selectGroupLabelText,"data-deselect":e.groupSelect&&r.deselectGroupLabelText,class:[e.groupHighlight(l,i),"multiselect__option"],onMouseenter:P(c=>e.groupSelect&&e.pointerSet(l),["self"]),onMousedown:P(c=>e.selectGroup(i),["prevent"])},[D(e.$slots,"option",{option:i,search:e.search,index:l},()=>[S("span",null,V(e.getOptionLabel(i)),1)])],42,["data-select","data-deselect","onMouseenter","onMousedown"])):L("v-if",!0)],8,["id","role"]))),128)):L("v-if",!0),Y(S("li",null,[S("span",yr,[D(e.$slots,"noResult",{search:e.search},()=>[wr])])],512),[[Q,s.showNoResults&&e.filteredOptions.length===0&&e.search&&!s.loading]]),Y(S("li",null,[S("span",Sr,[D(e.$slots,"noOptions",{},()=>[Lr])])],512),[[Q,s.showNoOptions&&(e.options.length===0||r.hasOptionGroup===!0&&e.filteredOptions.length===0)&&!e.search&&!s.loading]]),D(e.$slots,"afterList")],12,["id"])],36),[[Q,e.isOpen]])]),_:3})],42,["tabindex","aria-owns"])}st.render=Or;const Ie="/assets/bot-6afebef6.png";const Er={components:{BotIcon:Ie,Multiselect:st},data(){return{dynamicComponent:null,messages:[],isConnected:!1,waitResponse:!1,botOptions:{botAvatarImg:Ie,botTitle:"AI Bot",colorScheme:"#314659",boardContentBg:"#f4f4f4",msgBubbleBgBot:"#fff",msgBubbleBgUser:"#314659",inputPlaceholder:"Ask a new question"},docName:"tuxcare-documentation",tags:[],options:[{name:"TuxCare",value:["level-0","tuxcare"]},{name:"AlmaCare",value:["level-0","almacare"]},{name:"KernelCare Enterprise",value:["level-0","live-patching-services"]},{name:"KernelCare for IOT",value:["level-0","kernelcare-for-iot"]},{name:"ePortal",value:["level-0","eportal"]},{name:"ePortal API",value:["level-0","eportal-api"]},{name:"Extended Lifecycle Support",value:["level-0","extended-lifecycle-support"]},{name:"Extended Lifecycle Support for Languages",value:["level-0","extended-lifecycle-support-for-languages"]},{name:"Subscription Management Portal",value:["level-0","tuxcare-cln"]},{name:"Service Descriptions",value:["level-0","service-descriptions"]}]}},mounted(){b(()=>import("./vue-bot-ui.common-605c2d08.js").then(e=>e.v),["assets/vue-bot-ui.common-605c2d08.js","assets/framework-0ba8e1ea.js"]).then(e=>{this.dynamicComponent=_t(e.VueBotUI)}),console.log("Starting connection..."),this.connection=new WebSocket("wss://doc-bot.cloudlinux.com:2096"),this.connection.onmessage=e=>{const t=JSON.parse(e.data);this.messages.push({agent:"bot",type:"markdown",text:t.text}),this.waitResponse=!1,setTimeout(()=>{this.messages.push({agent:"bot",type:"rate",id:t.id})},1e3)},this.connection.onclose=()=>{console.log("Connection closed"),this.isConnected=!1},this.connection.onopen=()=>{console.log("Successfully connected to the websocket server..."),this.isConnected=!0}},methods:{messageSendHandler(e){this.messages.push({agent:"user",type:"text",text:e.text});let t=[];this.tags.length!==this.options.length&&(t=this.tags.map(s=>s.value)),this.connection.send(JSON.stringify({type:"question",text:e.text,"doc-name":this.docName,tags:t})),this.waitResponse=!0},messageToServer(e){this.connection.send(JSON.stringify({"doc-name":this.docName,...e}))}}},Dr={id:"bot-ui"},$r={class:"qkb-board-header__title"},Vr={class:"qkb-board-header__select_field"};function kr(e,t,s,o,a,r){const i=oe("multiselect"),l=oe("ClientOnly");return n(),O(l,null,{default:W(()=>[p("div",Dr,[a.dynamicComponent&&a.isConnected?(n(),O(ue(a.dynamicComponent),{key:0,messages:a.messages,options:a.botOptions,"bot-typing":a.waitResponse,"input-disable":a.waitResponse,onMsgSend:r.messageSendHandler,onMsgToServer:r.messageToServer},{header:W(()=>[p("div",$r,V(a.botOptions.botTitle),1),p("div",Vr,[S(i,{modelValue:a.tags,"onUpdate:modelValue":t[0]||(t[0]=c=>a.tags=c),options:a.options,multiple:!0,"close-on-select":!0,limit:3,label:"name","track-by":"value",placeholder:"Select section"},null,8,["modelValue","options"])])]),_:1},40,["messages","options","bot-typing","input-disable","onMsgSend","onMsgToServer"])):L("v-if",!0)])]),_:1})}const xr=A(Er,[["render",kr],["__file","Chat.vue"]]),Ar=Ht({rootComponents:[xr],async enhance({app:e}){e.config.globalProperties.$eventBus=Ft()},layouts:{Layout:Ha,HomeLayout:er,NotFound:or},setup(){He("themeConfig",{cloudlinuxSite:"https://tuxcare.com",defaultURL:"/",githubBranch:"master",allowGithubEdit:!0,githubMainDir:"docs",githubRepository:"cloudlinux/tuxcare-documentation",MOBILE_BREAKPOINT:767,documents:ir,arrowDownIcon:"arrows/arrow-down.svg",githubEditIcon:"global/pen.svg",footerCustomLogo:"global/we-are-cloudlinux.svg",headerDefaultSearchIcon:"global/search.svg",siteLogo:"global/logo.svg",searchSelectIcon:"arrows/select-down.svg",headerSearchIcon:"global/header-search.svg",headerSearch:"TuxCare Product Documentation",headerSearchPlaceholder:"Search across the TuxCare product documentation",locales:{bottomLinks:ar,editLinkText:"Edit this page",sidebar:lr,siteTitle:"Documentation",stayInTouch:"Stay in touch",navbarLinks:rr},productsList:["CloudLinux","Imunify","TuxCare"],productsTitle:"Products",productsURLs:["https://docs.cloudlinux.com","https://docs.imunify360.com","https://docs.tuxcare.com"],social:nr,algoliaOptions:{apiKey:"17e673c12b93fbf7c4a00159b0ae2de0",indexName:"tuxcare",appId:"R7FCMJM4P7"},MAX_ALGOLIA_VISIBLE_RESULT:20,MAX_ALGOLIA_VISIBLE_ROWS:15,MAX_ALGOLIA_HITS_PER_PAGE:20})}}),ce=[jt,Ar],Tr=[["v-8daa1a0e","/",{},["/index.html","/README.md"]],["v-b0d2ea62","/enterprise-support-for-almalinux/",{},["/enterprise-support-for-almalinux/index.html","/enterprise-support-for-almalinux/README.md"]],["v-89bfb992","/eportal/",{},["/eportal/index.html","/eportal/README.md"]],["v-1b6f4a0a","/eportal-api/",{},["/eportal-api/index.html","/eportal-api/README.md"]],["v-6c1fb884","/extended-lifecycle-support/",{},["/extended-lifecycle-support/index.html","/extended-lifecycle-support/README.md"]],["v-cadd6498","/extended-lifecycle-support-for-languages/",{},["/extended-lifecycle-support-for-languages/index.html","/extended-lifecycle-support-for-languages/README.md"]],["v-2d0a9a10","/jp/",{},["/jp/index.html","/jp/README.md"]],["v-33720eeb","/kernelcare-for-iot/",{},["/kernelcare-for-iot/index.html","/kernelcare-for-iot/README.md"]],["v-37e5fb86","/live-patching-services/",{},["/live-patching-services/index.html","/live-patching-services/README.md"]],["v-c271a6b2","/service-descriptions/",{},["/service-descriptions/index.html","/service-descriptions/README.md"]],["v-2f5e7500","/tuxcare/",{},["/tuxcare/index.html","/tuxcare/README.md"]],["v-1f847a28","/tuxcare-cln/",{},["/tuxcare-cln/index.html","/tuxcare-cln/README.md"]],["v-ec0cad0c","/enterprise-support-for-almalinux/fips/",{},["/enterprise-support-for-almalinux/fips/index.html","/enterprise-support-for-almalinux/fips/README.md"]],["v-52e27964","/jp/eportal/",{},["/jp/eportal/index.html","/jp/eportal/README.md"]],["v-c05bf2be","/jp/eportal-api/",{},["/jp/eportal-api/index.html","/jp/eportal-api/README.md"]],["v-3d707372","/jp/extended-lifecycle-support/",{},["/jp/extended-lifecycle-support/index.html","/jp/extended-lifecycle-support/README.md"]],["v-7d514c7d","/jp/extended-lifecycle-support-for-languages/",{},["/jp/extended-lifecycle-support-for-languages/index.html","/jp/extended-lifecycle-support-for-languages/README.md"]],["v-50c7132c","/jp/linux-support-services/",{},["/jp/linux-support-services/index.html","/jp/linux-support-services/README.md"]],["v-fd036ae2","/jp/live-patching-services/",{},["/jp/live-patching-services/index.html","/jp/live-patching-services/README.md"]],["v-03bf6597","/jp/tuxcare/",{},["/jp/tuxcare/index.html","/jp/tuxcare/README.md"]],["v-b8319282","/jp/tuxcare-cln/",{},["/jp/tuxcare-cln/index.html","/jp/tuxcare-cln/README.md"]],["v-3706649a","/404.html",{},["/404"]]];var Me=ve({name:"Vuepress",setup(){const e=Tt();return()=>z(e.value)}}),Pr=()=>Tr.reduce((e,[t,s,o,a])=>(e.push({name:t,path:s,component:Me,meta:o},...a.map(r=>({path:r,redirect:s}))),e),[{name:"404",path:"/:catchAll(.*)",component:Me}]),Cr=St,Rr=()=>{const e=gt({history:Cr(bt("/")),routes:Pr(),scrollBehavior:(t,s,o)=>o||(t.hash?{el:t.hash}:{top:0})});return e.beforeResolve(async(t,s)=>{var o;(t.path!==s.path||s===yt)&&([X.value]=await Promise.all([U.resolvePageData(t.name),(o=je[t.name])==null?void 0:o.__asyncLoader()]))}),e},Ir=e=>{e.component("ClientOnly",Mt),e.component("Content",Bt)},Mr=(e,t,s)=>{const o=k(t.currentRoute.value.path);re(()=>t.currentRoute.value.path,g=>o.value=g);const a=E(()=>U.resolveLayouts(s)),r=E(()=>U.resolveRouteLocale(le.value.locales,o.value)),i=E(()=>U.resolveSiteLocaleData(le.value,r.value)),l=E(()=>U.resolvePageFrontmatter(X.value)),c=E(()=>U.resolvePageHeadTitle(X.value,i.value)),u=E(()=>U.resolvePageHead(c.value,l.value,i.value)),f=E(()=>U.resolvePageLang(X.value)),_=E(()=>U.resolvePageLayout(X.value,a.value));return e.provide(Vt,a),e.provide(We,l),e.provide(At,c),e.provide(Ne,u),e.provide(Ge,f),e.provide(qe,_),e.provide(Ue,r),e.provide(Pt,i),Object.defineProperties(e.config.globalProperties,{$frontmatter:{get:()=>l.value},$head:{get:()=>u.value},$headTitle:{get:()=>c.value},$lang:{get:()=>f.value},$page:{get:()=>X.value},$routeLocale:{get:()=>r.value},$site:{get:()=>le.value},$siteLocale:{get:()=>i.value},$withBase:{get:()=>F}}),{layouts:a,pageData:X,pageFrontmatter:l,pageHead:u,pageHeadTitle:c,pageLang:f,pageLayout:_,routeLocale:r,siteData:le,siteLocaleData:i}},Br=()=>{const e=xt(),t=Ke(),s=k([]),o=()=>{e.value.forEach(r=>{const i=Hr(r);i&&s.value.push(i)})},a=()=>{document.documentElement.lang=t.value,s.value.forEach(r=>{r.parentNode===document.head&&document.head.removeChild(r)}),s.value.splice(0,s.value.length),e.value.forEach(r=>{const i=jr(r);i!==null&&(document.head.appendChild(i),s.value.push(i))})};He(Ct,a),J(()=>{o(),a(),re(()=>e.value,()=>a())})},Hr=([e,t,s=""])=>{const o=Object.entries(t).map(([l,c])=>se(c)?`[${l}=${JSON.stringify(c)}]`:c===!0?`[${l}]`:"").join(""),a=`head > ${e}${o}`;return Array.from(document.querySelectorAll(a)).find(l=>l.innerText===s)||null},jr=([e,t,s])=>{if(!se(e))return null;const o=document.createElement(e);return Ot(t)&&Object.entries(t).forEach(([a,r])=>{se(r)?o.setAttribute(a,r):r===!0&&o.setAttribute(a,"")}),se(s)&&o.appendChild(document.createTextNode(s)),o},Fr=wt,Wr=async()=>{var s;const e=Fr({name:"VuepressApp",setup(){var o;Br();for(const a of ce)(o=a.setup)==null||o.call(a);return()=>[z(Lt),...ce.flatMap(({rootComponents:a=[]})=>a.map(r=>z(r)))]}}),t=Rr();Ir(e),Mr(e,t,ce);for(const o of ce)await((s=o.enhance)==null?void 0:s.call(o,{app:e,router:t,siteData:le}));return e.use(t),{app:e,router:t}};Wr().then(({app:e,router:t})=>{t.isReady().then(()=>{e.mount("#app")})});export{Wr as createVueApp};
diff --git a/assets/index.html-04b3e155.js b/assets/index.html-04b3e155.js
new file mode 100644
index 00000000..daa2352f
--- /dev/null
+++ b/assets/index.html-04b3e155.js
@@ -0,0 +1,260 @@
+import{_ as s,a as l,b as o,c as d,d as c,e as u,f as h,g as p,h as m,i as v,j as g,k as b,l as f,m as y,n as x,o as k,p as w,q as _,r as C,s as T,t as K,u as S,v as E,w as I,x as P,y as A}from"./uchecker-31d683fa.js";import{_ as L}from"./eportal-qemu-feed-7c9efdb9.js";import{_ as O,V as M,n as D,p as U,v as Y,q as e,J as a,C as n,A as r,a7 as t}from"./framework-0ba8e1ea.js";const N={},R=t(`<h1 id="kernelcare-enterprise" tabindex="-1"><a class="header-anchor" href="#kernelcare-enterprise" aria-hidden="true">#</a> KernelCare Enterprise</h1><p>KernelCare Enterprise live patching enhances your vulnerability patching program by providing live patches to the Linux kernel and, optionally, with add-ons to critical userspace components, as well as the virtualization stack.</p><p>The systems are patched according to your patch deployment policy, allowing you to customize your patch management to align with the needs of your unique environment, whether online or in an air-gapped environment. Plus, your vulnerability reports reduce in size quickly as KernelCare seamlessly integrates with all popular vulnerability scanners to give you an accurate vulnerability exposure report.</p><p>KernelCare Enterprise brings KernelCare live patching by default and the following add-ons are available:</p><ul><li>LibCare</li><li>QEMUCare</li></ul><p>The sections below describe KernelCare live patching and the additional add-ons in more detail.</p><h2 id="kernelcare" tabindex="-1"><a class="header-anchor" href="#kernelcare" aria-hidden="true">#</a> KernelCare</h2><h3 id="introduction" tabindex="-1"><a class="header-anchor" href="#introduction" aria-hidden="true">#</a> Introduction</h3><p>KernelCare Enterprise is a live kernel patching service that provides security patches and bugfixes for a range of popular Linux kernels that can be installed without rebooting the system</p><h3 id="benefits" tabindex="-1"><a class="header-anchor" href="#benefits" aria-hidden="true">#</a> Benefits</h3><p>Today, system administrators have to reboot a server to apply the latest kernel updates. These updates are necessary to prevent security issues. Due to downtime associated with reboots, however, such updates are often delayed, pushed into the darkest hours of the night. It is common for server owners to not update their systems for months or even years and to run vulnerable systems to avoid downtime. Managed service providers face the problem of having to schedule downtime and then updating and rebooting thousands of servers in a short period of time, straining resources. KernelCare solves this update and reboot issue by providing live kernel patching without the need for a reboot</p><h3 id="key-features" tabindex="-1"><a class="header-anchor" href="#key-features" aria-hidden="true">#</a> Key Features</h3><ul><li>Rebootless Linux Kernel Patching &amp; Custom Patching</li><li>Works On-prem &amp; in the cloud</li><li>Private patch server for gated infrastructures - ePortal</li><li>Out-of-the-box integration with patch management &amp; vulnerability assessment tools</li></ul><h3 id="getting-a-trial-license" tabindex="-1"><a class="header-anchor" href="#getting-a-trial-license" aria-hidden="true">#</a> Getting a trial license</h3><p>You will need a trial activation key to be able to use the KernelCare Enterprise. The trial license subscription will work for 7 days.</p><p>If you have any issues getting an activation key or if you have any questions regarding using your trial subscription, contact <a href="mailto:sales@cloudlinux.com">sales@cloudlinux.com</a> and we will help.</p><h3 id="installation" tabindex="-1"><a class="header-anchor" href="#installation" aria-hidden="true">#</a> Installation</h3><p>KernelCare Enterprise is compatible with 64-bit versions of CloudLinuxOS/CentOS 6, 7 and 8, AlmaLinux/RHEL 6, 7, 8 and 9, Oracle Linux 6 and 7, Amazon Linux 1 and 2, Virtuozzo/PCS/OpenVZ 2.6.32, Debian 8, 9 and 10, Proxmox VE 5 and 6, Virt-SIG/Xen4CentOS 6 and 7, Ubuntu 14.04, 15.04, 16.04, 18.04 and 20.04 kernels. The list of compatible kernels can be found at the following link: <a href="https://patches.kernelcare.com/" target="_blank" rel="noopener noreferrer">https://patches.kernelcare.com/</a></p><p>To install KernelCare Enterprise, run the following as root:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># curl -s -L https://kernelcare.com/installer | bash
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>or:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># wget -qq -O - https://kernelcare.com/installer | bash
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>If you are using an IP-based license, nothing else is required to be done.</p><p>If you are using a key-based license, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --register &lt;KEY&gt;
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>Where <code>KEY</code> is the registration key code string provided when you sign up for purchase or trial of the product.</p><p>If you are experiencing a <code>Key limit reached</code> error after the end of the trial period, you should first unregister the server by running:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --unregister
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To check if patches applied, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --info
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>The software will automatically check for new patches every 4 hours.</p><p>If you would like to run update manually:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --update
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To check current kernel compatibility with KernelCare, use the following <a href="https://raw.githubusercontent.com/iseletsk/kernelchecker/master/py/kc-compat.py" target="_blank" rel="noopener noreferrer">script</a> by running:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ curl -s -L https://kernelcare.com/checker | python
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>or:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ wget -qq -O - https://kernelcare.com/checker | python
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h3 id="update" tabindex="-1"><a class="header-anchor" href="#update" aria-hidden="true">#</a> Update</h3><p>To update the agent package to the latest version use:</p><ul><li>For rpm-based distributions (CentOS, RedHat, etc):</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># yum install -y kernelcare
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>or:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># dnf install -y kernelcare
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ul><li>For apt-based distributions (Debian, Ubuntu, etc):</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># apt-get install kernelcare
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>or:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># apt install kernelcare
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h3 id="uninstalling" tabindex="-1"><a class="header-anchor" href="#uninstalling" aria-hidden="true">#</a> Uninstalling</h3><p>To uninstall KernelCare Enterprise, run the following as root:</p><ul><li>For CloudLinux, CentOS, RHEL, Virtuozzo, OpenVZ:</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># yum remove kernelcare
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>or:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># dnf remove kernelcare
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ul><li>For Ubuntu, Debian, Proxmox VE:</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># apt-get remove kernelcare
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>or:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># apt purge kernelcare
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>This will also unlink the system from its activation key (provided there is network connectivity to the CLN Portal). However, you&#39;ll need to remove the license from the CLN Portal manually if you don&#39;t plan to use the service anymore.</p><h3 id="switching-from-ksplice" tabindex="-1"><a class="header-anchor" href="#switching-from-ksplice" aria-hidden="true">#</a> Switching from Ksplice</h3><p>To switch from Ksplice to KernelCare Enterprise, use the following script that uninstalls Ksplice and installs KernelCare Enterprise instead.</p><p>It will automatically detect and abort if the system is not 64-bit (as KernelCare Enterprise doesn&#39;t support it).</p><p>It will also detect when the Ksplice module cannot be uninstalled and retries multiple times.</p><p>Download the script here: <a href="https://patches.kernelcare.com/ksplice2kcare" target="_blank" rel="noopener noreferrer">https://patches.kernelcare.com/ksplice2kcare</a></p><p>Run the command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># bash ksplice2kcare &lt;KERNELCARE_KEY&gt;
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>The key can be created/retrieved in KernelCare Enterprise Keys section of CLN.</p><p>If you want to use IP based licenses, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># bash ksplice2kcare IP
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>You have to add an IP license for that server, and it is just the two letters <code>IP</code>, not your actual IP address.</p><p>By default the script will attempt 3 times to uninstall Ksplice, waiting 60 seconds in between. You can run it using <code>nohup</code> if you don&#39;t want to wait.</p><p>You can change that by editing the script and changing <code>RETRY</code> and <code>SLEEP</code> values.</p><p>The script will exit with exit code <code>0</code> and message <code>Done</code> on success. Otherwise, it will produce exit code <code>-1</code></p><p>The complete log file can be found at <code>/var/log/ksplice2kcare.log</code></p><h4 id="canonical-livepatch" tabindex="-1"><a class="header-anchor" href="#canonical-livepatch" aria-hidden="true">#</a> Canonical Livepatch</h4><p>KernelCare Enterprise is not compatible with Canonical Livepatch and should not be used on the same system.</p><h3 id="basic-management" tabindex="-1"><a class="header-anchor" href="#basic-management" aria-hidden="true">#</a> Basic management</h3><p>To disable automatic updates, edit the file <code>/etc/sysconfig/kcare/kcare.conf</code></p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>AUTO_UPDATE=False
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To check the updated &#39;effective&#39; version, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --uname
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>We provide a convenience script <code>/usr/bin/kcare-uname</code> that has same syntax as <code>uname</code></p><p>To see applied patches, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --patch-info
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h3 id="command-line-tools" tabindex="-1"><a class="header-anchor" href="#command-line-tools" aria-hidden="true">#</a> Command line tools</h3><p><code>/usr/bin/kcarectl</code> - Manage KernelCare Enterprise patches for your kernel.</p><p><code>/usr/bin/kcare-uname</code> - Print certain system information.</p><h4 id="kcarectl" tabindex="-1"><a class="header-anchor" href="#kcarectl" aria-hidden="true">#</a> kcarectl</h4>`,87),F=e("thead",null,[e("tr",null,[e("th"),e("th")])],-1),q=e("tr",null,[e("td",null,[e("code",null,"-i, --info")]),e("td",null,"Display information about patches installed by KernelCare Enterprise.")],-1),H=e("tr",null,[e("td",null,[e("code",null,"-u, --update")]),e("td",null,"Download latest patches, and apply them to current kernel.")],-1),z=e("td",null,[e("code",null,"--smart-update [since 1.6]")],-1),V=e("tr",null,[e("td",null,[e("code",null,"--unload")]),e("td",null,"Unload patches.")],-1),$=e("tr",null,[e("td",null,[e("code",null,"--auto-update")]),e("td",null,"Check if update is needed and update.")],-1),W=e("tr",null,[e("td",null,[e("code",null,"--patch-info")]),e("td",null,"Lists applied patches.")],-1),B=e("tr",null,[e("td",null,[e("code",null,"--status")]),e("td",null,[a("Return a status of an update. Refer to the exit code: "),e("code",null,"0"),a(" - host is updated to latest patch level, "),e("code",null,"1"),a(" - there are no applied patches, "),e("code",null,"2"),a(" - there are new not applied patches, "),e("code",null,"3"),a(" - kernel is unsupported")])],-1),Q=e("tr",null,[e("td",null,[e("code",null,"--force [since 2.3]")]),e("td",null,"When used with update, forces applying the patch even if unable to freeze some threads.")],-1),G=e("tr",null,[e("td",null,[e("code",null,"--uname")]),e("td",null,"Prints safe kernel version.")],-1),X=e("tr",null,[e("td",null,[e("code",null,"--license-info")]),e("td",null,"Output current license info.")],-1),j=e("tr",null,[e("td",null,[e("code",null,"--register KEY")]),e("td",null,"Register using KernelCare Enterprise Key.")],-1),Z=e("tr",null,[e("td",null,[e("code",null,"--register-autoretry [since 2.5]")]),e("td",null,"If registration fails retries registration indefinitely.")],-1),J=e("tr",null,[e("td",null,[e("code",null,"--unregister")]),e("td",null,"Unregister from KernelCare Enterprise for Key based servers.")],-1),ee=e("tr",null,[e("td",null,[e("code",null,"--userspace-update [PATCHES]")]),e("td",null,"Download latest patches and apply them to the corresponding userspace processes. Сan be set so that only certain types of patches are applied.")],-1),ae=e("tr",null,[e("td",null,[e("code",null,"--test")]),e("td",null,"Try test builds instead of production builds (deprecated, use --prefix=test instead).")],-1),te=e("tr",null,[e("td",null,[e("code",null,"--prefix")]),e("td",null,"Patch source prefix, used to test different builds, by downloading builds from a different location, based on prefix (v2.2+)")],-1),ie=e("tr",null,[e("td",null,[e("code",null,"--version")]),e("td",null,"Print KernelCare Enterprise version.")],-1),ne=e("tr",null,[e("td",null,[e("code",null,"--import-key PATH")]),e("td",null,"Import gpg key.")],-1),re=e("tr",null,[e("td",null,[e("code",null,"--set-monitoring-key")]),e("td",null,"Set monitoring key for IP based licenses. 16 to 32 characters, alphanumeric only [version 2.1+]")],-1),se=e("tr",null,[e("td",null,[e("code",null,"--freezer [since 2.3]")]),e("td",null,"none: don't freeze any threads; full: freeze all threads; smart: freezes only threads that need to be frozen for patching. If option is not selected, best freezer method is chosen automatically.")],-1),le=e("tr",null,[e("td",null,[e("code",null,"--check [since 2.4-1]")]),e("td",null,"Check if new patchset is available, without updating. Exit code 0 means there is a new kernel. 1 when there is no new kernel.")],-1),oe=e("tr",null,[e("td",null,[e("code",null,"--doctor [since 2.6]")]),e("td",null,"Send a report to the TuxCare support staff for diagnostics.")],-1),de=e("tr",null,[e("td",null,[e("code",null,"--set-patch-type extra")]),e("td",null,"To enable extra patches.")],-1),ce=e("tr",null,[e("td",null,[e("code",null,"--set-patch-type free")]),e("td",null,"To enable free patches.")],-1),ue=e("td",null,[e("code",null,"--set-sticky-patch SET_STICKY_PATCH")],-1),he=e("tr",null,[e("td",null,[e("code",null,"--tag COMMAND")]),e("td",null,[a("Adds an extra "),e("em",null,"Tag"),a(" field for a server. COMMAND is a user-defined parameter.")])],-1),pe=t(`<div class="tip custom-block"><p class="custom-block-title">Note</p><p>Currently available userspace patch types are <code>libs</code> and <code>qemu</code>. To apply patches only for shared libraries, use <code>--userspace-update libs</code></p></div><h4 id="kcare-uname" tabindex="-1"><a class="header-anchor" href="#kcare-uname" aria-hidden="true">#</a> kcare-uname</h4><p>Print certain system information. Default is <code>-s</code></p><table><thead><tr><th></th><th></th></tr></thead><tbody><tr><td><code>-a, --all</code></td><td>print all information in the following order, except omit <code>-p</code> and <code>-i</code> if unknown</td></tr><tr><td><code>-s, --kernel-name</code></td><td>print the kernel name</td></tr><tr><td><code>-n, --nodename</code></td><td>print the network node hostname</td></tr><tr><td><code>-r, --kernel-release</code></td><td>print the kernel release</td></tr><tr><td><code>-v, --kernel-version</code></td><td>print the kernel version</td></tr><tr><td><code>-m, --machine</code></td><td>print the machine hardware name</td></tr><tr><td><code>-p, --processor</code></td><td>print the processor type or <code>unknown</code></td></tr><tr><td><code>-i, --hardware-platform</code></td><td>print the hardware platform or <code>unknown</code></td></tr><tr><td><code>-o, --operating-system</code></td><td>print the operating system</td></tr><tr><td><code>--help</code></td><td>display this help and exit</td></tr><tr><td><code>--version</code></td><td>output version information and exit</td></tr></tbody></table><h4 id="kernelcare-doctor" tabindex="-1"><a class="header-anchor" href="#kernelcare-doctor" aria-hidden="true">#</a> kernelcare doctor</h4><p>This tool collects essential information about the KernelCare environment and sends it to the support team.</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --doctor
+
+Generating report...
+Uploading...
+Key: FRWf74Zw11111111.83991334-1111-1111-1111-681ddd653e5f
+Please, provide above mentioned key to KernelCare Support Team
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>The command generates a report and prints out the ID which could be linked to a support ticket.</p><div class="tip custom-block"><p class="custom-block-title">Note</p><p>If there was a connection problem during uploading the report, the report will be stored locally as <code>/root/cl-report</code>. This file should be sent to the support team manually.</p></div><h3 id="config-options" tabindex="-1"><a class="header-anchor" href="#config-options" aria-hidden="true">#</a> Config options</h3><p><code>kcarectl</code> behavior can be configured using <code>/etc/sysconfig/kcare/kcare.conf</code></p>`,11),me=e("thead",null,[e("tr",null,[e("th"),e("th")])],-1),ve=e("tr",null,[e("td",null,[e("code",null,"AUTO_UPDATE=YES|NO")]),e("td",null,[e("code",null,"YES"),a(" - enable auto-update; "),e("code",null,"NO"),a(" - disable auto-update.")])],-1),ge=e("tr",null,[e("td",null,[e("code",null,"PATCH_METHOD=normal|nofreeze|smart")]),e("td",null,[e("code",null,"Normal"),a(" - (default) use freezer;"),e("br"),e("code",null,"Nofreeze"),a(" - don't use freezer to freeze processes;"),e("br"),a(),e("code",null,"Smart"),a(" - smart freezer freezes only threads that need to be frozen for patching [kernelcare 2.3+].")])],-1),be=e("tr",null,[e("td",null,[e("code",null,"PATCH_SERVER")]),e("td",null,"Server to use to download patches.")],-1),fe=e("tr",null,[e("td",null,[e("code",null,"REGISTRATION_URL")]),e("td",null,"Licensing server.")],-1),ye=e("tr",null,[e("td",null,[e("code",null,"PREFIX=prefix")]),e("td",null,"Patch source prefix, used to test different builds, by downloading builds from a different location, based on prefix [kernelcare 2.2+]")],-1),xe=e("tr",null,[e("td",null,[e("code",null,"UPDATE_POLICY=REMOTE|LOCAL|LOCAL_FIRST")]),e("td",null,[a("Depending on the policy, on server startup, use:"),e("br"),e("code",null,"REMOTE"),a(" - (default) patches from patch server."),e("br"),e("code",null,"LOCAL"),a(" - only locally cached patches, if none cached (caching is done automatically) - do nothing."),e("br"),e("code",null,"LOCAL_FIRST"),a(" - see if locally cached patches exist, and load them. If not, try getting them from remote server.")])],-1),ke=e("tr",null,[e("td",null,[e("code",null,"IGNORE_UNKNOWN_KERNEL=True|False")]),e("td",null,"Don't provide notification if unknown kernel on auto-update. [kernelcare 2.5+]")],-1),we=e("tr",null,[e("td",null,[e("code",null,"LOAD_KCARE_SYSCTL")]),e("td",null,[a("Controls if "),e("code",null,"/etc/sysconfig/kcare/sysctl.conf"),a(" will be loaded on patchset load. True by default. [kernelcare 2.7+]")])],-1),_e=e("tr",null,[e("td",null,[e("code",null,"STICKY_PATCH=KEY")]),e("td",null,[a("Retrieve sticky patch from "),e("code",null,"KEY"),a(" (see CLN, Key Edit); not supported for IP based servers or ePortal.")])],-1),Ce=e("td",null,[e("code",null,"STICKY_PATCH=DDMMYY")],-1),Te=e("tr",null,[e("td",null,[e("code",null,"[AUTO_]UPDATE_DELAY=<num>h|<num>d")]),e("td",null,[a("Use patchsets not newer than specified time. For example "),e("code",null,"24h"),a(" or "),e("code",null,"2d"),a(". "),e("code",null,"AUTO_UPDATE_DELAY"),a(" works for "),e("code",null,"auto"),a(" and "),e("code",null,"smart"),a(" modes. "),e("code",null,"UPDATE_DELAY"),a(" works for all modes. [kernelcare 2.82+]")])],-1),Ke=e("tr",null,[e("td",null,[e("code",null,"[AUTO_]STICKY_PATCHSET=<patchset>")]),e("td",null,[a("Use patchsets not newer than specified value. For example "),e("code",null,"K20230908_02"),a(". "),e("code",null,"AUTO_STICKY_PATCHSET"),a(" works for "),e("code",null,"auto"),a(" and "),e("code",null,"smart"),a(" modes. "),e("code",null,"STICKY_PATCHSET"),a(" works for all modes. [kernelcare 2.82+]")])],-1),Se=e("tr",null,[e("td",null,[e("code",null,"REPORT_FQDN=True|False")]),e("td",null,"Force using Fully Qualified Domain as a hostname. False by default.")],-1),Ee=e("tr",null,[e("td",null,[e("code",null,"FORCE_GID=N")]),e("td",null,[a("Use this group ID for symlink protection patch. By default, it's 48 (default Apache user GID) or 99 ("),e("code",null,"nobody"),a(" user)")])],-1),Ie=e("tr",null,[e("td",null,[e("code",null,"USERSPACE_PATCHES=libs,qemu")]),e("td",null,"Define which userspace patches will be applyed by default")],-1),Pe=t(`<h3 id="disabling-some-patches" tabindex="-1"><a class="header-anchor" href="#disabling-some-patches" aria-hidden="true">#</a> Disabling some patches</h3><p>Some patches might affect the functioning of the system, and we created a way to disable them.</p><p>This is done via the <code>sysctl</code> command.</p><p>When new patchsets load, KernelCare Enterprise sysctl options get reset. To prevent that we added a file:</p><p><code>/etc/sysconfig/kcare/sysctl.conf</code></p><p>Options in this file will be loaded automatically on new patchset load.</p><p>To disable loading these options, specify <code>LOAD_KCARE_SYSCTL=0</code> in <code>/etc/sysconfig/kcare/kcare.conf</code></p><p>To disable the patch, set the corresponding kcare option to <code>1</code></p><p>Patches that can be disabled:</p><table><thead><tr><th></th><th></th></tr></thead><tbody><tr><td>Patch</td><td><em>sysctl</em> option</td></tr><tr><td>CVE-2015-5157</td><td>kcare_modify_ldt</td></tr></tbody></table><h3 id="extra-patchset" tabindex="-1"><a class="header-anchor" href="#extra-patchset" aria-hidden="true">#</a> Extra patchset</h3><div class="tip custom-block"><p class="custom-block-title">Note</p><p>KernelCare Enterprise 2.12-5 or higher</p></div><p>KernelCare Enterprise Extra patchset includes all the security fixes from KernelCare Enterprise for AlmaLinux, CentOS 6, CentOS 7, and CentOS 8 as well as symlink protection and the IPSet bugfix for CentOS 6.</p><p>To enable extra patches and apply updates, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --set-patch-type extra --update
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To enable extra patches without an update, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --set-patch-type extra
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>The &#39;extra&#39; patch will be applied on the next automatic update.</p><p>To see details, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --patch-info
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>You should see something similar to:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>OS: centos6
+kernel: kernel-2.6.32-696.6.3.el6
+time: 2017-07-31 22:46:22
+uname: 2.6.32-696.6.3.el6
+
+kpatch-name: 2.6.32/symlink-protection.patch
+kpatch-description: symlink protection // If you see this patch, it mean that you can enable symlink protection.
+kpatch-kernel: kernel-2.6.32-279.2.1.el6
+kpatch-cve: N/A
+kpatch-cvss: N/A
+kpatch-cve-url: N/A
+kpatch-patch-url: https://gerrit.cloudlinux.com/#/c/16508/
+
+kpatch-name: 2.6.32/symlink-protection.kpatch-1.patch
+kpatch-description: symlink protection (kpatch adaptation)
+kpatch-kernel: kernel-2.6.32-279.2.1.el6
+kpatch-cve: N/A
+kpatch-cvss: N/A
+kpatch-cve-url: N/A
+kpatch-patch-url: https://gerrit.cloudlinux.com/#/c/16508/
+
+kpatch-name: 2.6.32/ipset-fix-list-shrinking.patch
+kpatch-description: fix ipset list shrinking for no reason
+kpatch-kernel: N/A
+kpatch-cve: N/A
+kpatch-cvss: N/A
+kpatch-cve-url: N/A
+kpatch-patch-url: https://bugs.centos.org/view.php?id=13499
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>To enable Symlink Owner Match Protection, add <code>fs.enforce_symlinksifowner=1</code> to <code>/etc/sysconfig/kcare/sysctl.conf</code> and run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># sysctl -p /etc/sysconfig/kcare/sysctl.conf
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h3 id="sticky-patches" tabindex="-1"><a class="header-anchor" href="#sticky-patches" aria-hidden="true">#</a> Sticky patches</h3>`,25),Ae={class:"tip custom-block"},Le=e("p",{class:"custom-block-title"},"Note",-1),Oe=t('<div class="tip custom-block"><p class="custom-block-title">Note</p><p>Since v2.82 there is a more convenient way to specify the latest available release via the <code>[AUTO_]STICKY_PATCHSET</code> and <code>[AUTO_]UPDATE_DELAY</code> configuration options. It also works with recent ePortal versions (v2.3+).</p></div><p>Sometimes you don&#39;t want to use the latest patches, and you&#39;d like to control which patches are get installed instead. For example, you have tested the patch released on 25th of May 2018 and want to use that patch across all servers.</p><p>You can do it by setting <code>STICKY_PATCH=25052018</code> (DDMMYYYY format, DDMMYY and YYYY-mm-dd are also valid) in <code>/etc/sysconfig/kcare/kcare.conf</code>, this guarantees that when <code>kcarectl --update</code> or <code>kcarectl --auto-update</code> is called, you will get patches from that date and not the newest patches.</p><p>Alternatively, you can set <code>STICKY_PATCH=KEY</code>, this way you can control the date from which patches will be applied using KernelCare keys in CLN. On update, the actual date will be retrieved from CLN (from Key settings) for the key used to register a particular server (not supported for IP based servers).</p><p>This is very useful if you want to test patches in QA first and later roll them out to production without doing any changes on the systems.</p><p>Here is how you can do that:</p><ul><li>Set <code>STICKY_PATCH=KEY</code> on all your servers.</li><li>Register QA servers with one KEY, and Production servers with ANOTHER key.</li><li>Then, stop new updates for Production servers. In CLN set <code>Sticky Tag</code> to <code>yesterday</code>. You can do it by editing KEY in CLN in DDMMYY format.</li><li>Now, for example, let&#39;s use patches as of 03052018 (DDMMYYYY format). Set them for your QA server key. On the next auto-update, your QA servers will get those patches (auto-updates are typically every 4 hours).</li></ul><p>Once you are happy with these patches, set the same Sticky Tag for Production servers key. In 4 hours your production servers should be updated to the same patches that QA servers were.</p><h4 id="how-to-find-a-proper-sticky-patch-name" tabindex="-1"><a class="header-anchor" href="#how-to-find-a-proper-sticky-patch-name" aria-hidden="true">#</a> How to find a proper sticky patch name</h4><p>Let&#39;s assume that you have a kernel patch that you want to &quot;stick&quot; with. All you need is to find a proper label for that patch.</p><p><img src="'+s+'" alt="sticky-proper-label"></p><p>As you can see, the patch was released at 2020-09-16 (16th September 2020). And if you apply a supported date format, it becomes <code>16092020</code>, that will be the sticky patch value.</p><h3 id="scanning-for-vulnerabilities" tabindex="-1"><a class="header-anchor" href="#scanning-for-vulnerabilities" aria-hidden="true">#</a> Scanning for vulnerabilities</h3><p>Identifying the vulnerabilities that apply to your systems is an important task for IT and InfoSec teams, and at TuxCare we make it easy. KernelCare live patching is integrated natively with vulnerability scanners including Tenable Nessus, Qualys, Rapid7 and many others.</p><h4 id="how-to-use-a-vulnerability-scanner-with-kernelcare" tabindex="-1"><a class="header-anchor" href="#how-to-use-a-vulnerability-scanner-with-kernelcare" aria-hidden="true">#</a> How to use a vulnerability scanner with KernelCare</h4><p>It&#39;s rather simple. New scan results after installing a package and applying a patchset should not show any kernel CVEs that are handled by KernelCare Enterprise.</p><p>For example, Nessus for an old kernel shows a lot of detected CVEs before apply live patches:</p><p><img src="'+l+'" alt="before"></p><p>After the live patches were applied, there are no kernel-related CVEs:</p><p><img src="'+o+`" alt="after"></p><h4 id="what-if-my-scanner-is-producing-false-positives" tabindex="-1"><a class="header-anchor" href="#what-if-my-scanner-is-producing-false-positives" aria-hidden="true">#</a> What if my scanner is producing false positives?</h4><p>If your scanner produces incorrect results due to not being KernelCare aware, we have a solution that works at the OS level to report the correct information to the rpm/dpkg/uname commands; namely <code>kcare-scanner-interface</code></p><p>If you are using a scanner agent the defaults usually work and you can configure the scanner interface like so:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcare-scanner-interface init
+
+Resetting.
+Setting up scanner agents
+Done.
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>If you are using SSH credentials-based scanning, then you can configure the scanner interface like so - where user1 and user2 are the usernames your vulnerability scanner will ssh/sudo as:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcare-scanner-interface init user1 user2
+
+Resetting.
+Setting up a scanner-interface for user1
+Setting up a scanner-interface for user2
+Setting up scanner agents
+Done.
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>To disable the scanner interface run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcare-scanner-interface disable
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>We don&#39;t recommend enabling the scanner interface as root, as the root user&#39;s command output should not be changed in this way. If your scanner elevates privileges after logging in via SSH, only sudo can be used and not su.</p><h4 id="how-to-use-openscap-with-kernelcare" tabindex="-1"><a class="header-anchor" href="#how-to-use-openscap-with-kernelcare" aria-hidden="true">#</a> How to use OpenSCAP with KernelCare</h4><p>OpenSCAP is an open source vulnerability scanner and compliance tool and it can be used to scan a system protected by KernelCare Enterprise. The following commands show how to use OpenSCAP to produce a vulnerability report for a system.</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ source /etc/os-release
+$ wget https://patches.kernelcare.com/oval/com.kernelcare.\${ID}.\${VERSION_ID}.xml
+$ oscap oval eval --report report.htm com.kernelcare.\${ID}.\${VERSION_ID}.xml
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><h3 id="uefi-secure-boot-support" tabindex="-1"><a class="header-anchor" href="#uefi-secure-boot-support" aria-hidden="true">#</a> UEFI Secure Boot Support</h3><div class="tip custom-block"><p class="custom-block-title">Note</p><p>This feature is an early stage of adoption. Not all the distribution will be able to support it.</p></div><p>This new functionality lets KernelCare work on systems with secure boot set up in their UEFI firmware. We are going to add a public certificate to the MOK (Machine Owner Keys) database that KernelCare will use to sign modules.</p><p>The latest KernelCare package contains a public certificate and will be available in the <code>/usr/libexec/kcare/kernelcare_pub.der</code>. For older versions, it could be downloaded from the <a href="https://patches.kernelcare.com/kernelcare_pub.der" target="_blank" rel="noopener noreferrer">https://patches.kernelcare.com/kernelcare_pub.der</a> to that location.</p><p>For example:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># curl -o /usr/libexec/kcare/kernelcare_pub.der https://patches.kernelcare.com/kernelcare_pub.der
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol><li>Use <code>mokutil</code> as root to add this new MOK to the UEFI firmware.</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># mokutil --import /usr/libexec/kcare/kernelcare_pub.der
+
+input password:
+input password again:
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>It doesn&#39;t have a MOK password, and <code>mokutil</code> will ask you to create one. The password is temporary and will be used on the next boot.</p><ol start="2"><li>Reboot your machine to enter the MOK manager EFI utility.</li></ol><p>First, go down to &#39;Enroll Mok&#39;:</p><p><img src="`+d+'" alt="enroll mok" title="Select Enroll MOK"></p><p>Then the firmware gives you the option of viewing the new MOK or continuing. Let&#39;s continue.</p><p><img src="'+c+'" alt="select continue" title="Select Continue"></p><p>It then asks you to confirm the enrollment.</p><p><img src="'+u+'" alt="yes" title="Select Yes"></p><p>Then you will need to enter the password you used when running <code>mokutil --import</code>.</p><p><img src="'+h+'" alt="enter password" title="Enter the password"></p><p>Finally, the firmware will ask you to reboot.</p><p><img src="'+p+`" alt="select ok" title="Select OK"></p><ol start="3"><li>Verify the key has been loaded by finding it in the output of the following command:</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># mokutil --list-enrolled | egrep -i &#39;SHA1|Issuer&#39;
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>In some cases the enrolled key will not be shown but could be verified by the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># dmesg | grep -i &#39;cloud linux&#39;
+
+[   0.722149] EFI: Loaded cert &#39;Cloud Linux Software, Inc: Kernel Module Signing Key: 12ff0613c0f80cfba3b2f8eba71ebc27c5a76170&#39; linked to &#39;.system_keyring&#39;
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>That&#39;s it. Now you should be able to apply patches as usual.</p><p>To get more information about signing kernel modules for secure boot, see <a href="https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/managing_monitoring_and_updating_the_kernel/signing-kernel-modules-for-secure-boot_managing-monitoring-and-updating-the-kernel" target="_blank" rel="noopener noreferrer">https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/managing_monitoring_and_updating_the_kernel/signing-kernel-modules-for-secure-boot_managing-monitoring-and-updating-the-kernel</a>.</p><h3 id="live-patching-and-fips-compliance" tabindex="-1"><a class="header-anchor" href="#live-patching-and-fips-compliance" aria-hidden="true">#</a> Live patching and FIPS compliance</h3><p>The FIPS-140 certification of a Linux kernel validates that the cryptography contained within a Linux kernel complies with the US government FIPS-140 data protection standard. Meaning that algorithms like AES, the random generator and other cryptographic aspects of the kernel are implemented as the standard defines.</p><p>At the same time the certification is a lengthy process --a typical validation can take almost a year-- and for that reason only some of each vendor&#39;s kernels are validated. That is because vendors release new kernels with security and feature updates on a regular cadence some as often as weekly, irrespective of their FIPS validation status. This means users of FIPS validated kernels need to choose between: (a) strict compliance by staying on the same kernel without updating until the next validated kernel is available and (b) reducing their security risk by installing new kernels with security updates even if they are not validated. The same story applies to the vendor&#39;s live patching solutions.</p><p>With KernelCare Enterprise it is possible to live patch FIPS-140 validated Linux kernels, for example at the Red Hat Enterprise Linux operating system. The live patches applied to these kernels, in this example, consist of the same RHEL kernel patches but are limited to the ones addressing security vulnerabilities. That way, a live patched kernel contains the same security fixes as a vendor update without any feature or bug-fix updates, e.g. updates that may change the cryptographic subsystem for performance or other non-security related reasons.</p><p><strong>In this way, security-conscious users of FIPS-validated Linux kernels that today apply their vendor&#39;s security patches can rely on KernelCare live patching the same way they do with their vendor&#39;s security updates</strong>. Furthermore, KernelCare live patching applies the minimum possible updates to the validated kernel by explicitly excluding any non-security updates.</p><h3 id="firewall-and-proxy-settings" tabindex="-1"><a class="header-anchor" href="#firewall-and-proxy-settings" aria-hidden="true">#</a> Firewall and Proxy Settings</h3><h4 id="patching-servers-through-firewall" tabindex="-1"><a class="header-anchor" href="#patching-servers-through-firewall" aria-hidden="true">#</a> Patching servers through firewall</h4><p>As long as your servers have access to the Internet, even behind NAT - you will be able to use KernelCare patch server without any problems.</p><p>Generally, KernelCare requires connection to only two servers to work:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>cln.cloudlinux.com
+patches.kernelcare.com
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>An additional address is used for KernelCare agent installation/update:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>repo.cloudlinux.com
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p><img src="`+m+`" alt="through firewall"></p><h4 id="patching-servers-through-proxy" tabindex="-1"><a class="header-anchor" href="#patching-servers-through-proxy" aria-hidden="true">#</a> Patching servers through proxy</h4><p>If your servers don&#39;t have direct Internet access but can gain access to the Internet using proxy, the configuration is not that different. KernelCare can pick up standard environment variables for a proxy.</p><p>Make sure you have environment settings for proxy setup, and everything else will be the same as if servers were directly connected to the Internet:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># export http_proxy=http://proxy.domain.com:port
+# export https_proxy=http://proxy.domain.com:port
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><div class="tip custom-block"><p class="custom-block-title">Note</p><p>Settings defined by <code>export</code> are case-insensitive, so the example above could be as follows for certain software:</p></div><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># export HTTP_PROXY=http://proxy.domain.com:port
+# export HTTPS_PROXY=http://proxy.domain.com:port
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>You can define these settings in the KernelCare config <code>/etc/sysconfig/kcare/kcare.conf</code>, for example:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ cat /etc/sysconfig/kcare/kcare.conf
+
+AUTO_UPDATE=True
+HTTPS_PROXY=http://myproxy.com:59794
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>If you define these settings in the config, you don&#39;t need to export them each <code>kcarectl</code> launch and don&#39;t need to edit cron jobs.</p><p>All <code>kcarectl</code> launches will be aware of proxy settings from the config. In this case, you need to set proxy settings only once.</p><p><img src="`+v+`" alt="through proxy"></p><h3 id="kernelcare-on-aws-deployment-user-guide" tabindex="-1"><a class="header-anchor" href="#kernelcare-on-aws-deployment-user-guide" aria-hidden="true">#</a> KernelCare on AWS - Deployment User Guide</h3><h4 id="introductory-material" tabindex="-1"><a class="header-anchor" href="#introductory-material" aria-hidden="true">#</a> Introductory Material</h4><p>The Linux kernel is the most important piece of software on your server, as a security flaw in it can expose all of your services and customer data. KernelCare is a technology that allows you to keep the Linux kernel safe at all times, automatically, without ever having to stop the server and rebooting it causing downtime and inconvenient scheduling of maintenance windows. This improves availability, security, stability, operational costs, and customer satisfaction. It works with almost all mainstream distributions of Linux. It is simple, fast, and very easy to deploy while being able to handle very complex patches and customized kernels if you need them.</p><h4 id="prerequisites-and-requirements" tabindex="-1"><a class="header-anchor" href="#prerequisites-and-requirements" aria-hidden="true">#</a> Prerequisites and Requirements</h4><p>KernelCare can be installed on any x86_64 compatible server or VM running one of the following distributions:</p><ul><li>Amazon Linux 1, 2</li><li>CentOS 6, 7, Xen4CentOS, CentOS-Plus, ElRepo</li><li>CloudLinux 6, 7</li><li>Debian 7, 8, 9, 8-backports</li><li>Oracle Linux 6, 7</li><li>ProxmoxVE 3,4,5</li><li>RedHat EL 6, 7</li><li>Ubuntu 14.04, 16.04, 18.04</li><li>Virtuozzo 6</li></ul><p>The exact list of compatible kernels can be found at the following link: <a href="https://patches.kernelcare.com/" target="_blank" rel="noopener noreferrer">https://patches.kernelcare.com/</a></p><p>Standard OS kernels are required in most cases unless the custom kernel is supported.</p><p>The software can be installed on a running server and doesn&#39;t require a reboot.</p><p>Basic Linux skills are sufficient to deploy KernelCare on AWS. Simple deployments involve just an EC2 instance. KernelCare is available using the BYOL model. You need to register in our <a href="https://cln.cloudlinux.com" target="_blank" rel="noopener noreferrer">customer portal</a> to get a trial license. Once you get the trial license, you need to register your running EC2 instance with the activation key.</p><h4 id="architectural-design" tabindex="-1"><a class="header-anchor" href="#architectural-design" aria-hidden="true">#</a> Architectural Design</h4><p>As long as your servers have access to the Internet, even behind NAT - you will be able to use KernelCare without any problems.</p><p>Generally, KernelCare requires connection to only two servers to work:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>cln.cloudlinux.com
+patches.kernelcare.com
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p><img src="`+g+'" alt="aws arch"></p><p>If your servers don&#39;t have direct Internet access but can gain access to the Internet using a proxy, the configuration is not that different. KernelCare can pick up standard environment variables for proxies.</p><p><img src="'+b+`" alt="aws proxy"></p><p>Make sure you have environment settings for your proxy setup, and everything else will be the same as if the servers were directly connected to the Internet:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># export http_proxy=http://proxy.domain.com:port
+# export https_proxy=http://proxy.domain.com:port
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><h4 id="security" tabindex="-1"><a class="header-anchor" href="#security" aria-hidden="true">#</a> Security</h4><p>The only thing you need to be able to install/control your KernelCare deployment is SSH access (root credentials, key-based authentication/sudo or similar mechanisms are preferred).</p><h4 id="costs" tabindex="-1"><a class="header-anchor" href="#costs" aria-hidden="true">#</a> Costs</h4><p>KernelCare is billed as a subscription service, for volume pricing please contact <a href="mailto:sales@cloudlinux.com">sales@cloudlinux.com</a></p><h4 id="sizing" tabindex="-1"><a class="header-anchor" href="#sizing" aria-hidden="true">#</a> Sizing</h4><p>KernelCare agent has a tiny RAM footprint - binary patches usually require less than 1 MB.</p><h4 id="deployment-guidance" tabindex="-1"><a class="header-anchor" href="#deployment-guidance" aria-hidden="true">#</a> Deployment Guidance</h4><p>To install KernelCare, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># curl -s -L https://kernelcare.com/installer | bash
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>or:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># wget -qq -O - https://kernelcare.com/installer | bash
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>If you are using IP-based license, nothing else required to be done. If you are using key-based license, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --register &lt;KEY&gt;
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>Where <code>KEY</code> is the registration key code string provided when you signed up for a trial or pruchased the product.</p><p>You can easily automate KernelCare deployment with Ansible, Puppet, Chef or other orchestration tools. Here are the steps that may be automated:</p><ol><li>Distribute KernelCare agent package (optional - required only for servers with no access to the Internet) and a KernelCare agent configuration file (<code>/etc/sysconfig/kcare/kcare.conf</code>);</li><li>Set required environmental variables (optional);</li><li>Install KernelCare agent from either locally available package or central KernelCare download location;</li><li>Register KernelCare with either license key or IP-based license.</li></ol><h4 id="health-check" tabindex="-1"><a class="header-anchor" href="#health-check" aria-hidden="true">#</a> Health Check</h4><p>Systems protected by KernelCare can be monitored by means of CloudLinux Network (CLN) portal available at <a href="https://cln.cloudlinux.com" target="_blank" rel="noopener noreferrer">https://cln.cloudlinux.com</a>. Registered KernelCare installations are grouped by license keys. Kernels that are marked with the exclamation sign in <span style="color:#E76930;">amber</span> do not have the latest patches installed.</p><p><img src="`+f+`" alt="monit"></p><p>In either case, you can check whether the latest available patch has been applied by running the following command on a system protected by KernelCare:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --check
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h4 id="backup-and-recovery" tabindex="-1"><a class="header-anchor" href="#backup-and-recovery" aria-hidden="true">#</a> Backup and Recovery</h4><p>There is no reason to backup KernelCare. KernelCare doesn&#39;t store any data. You can always re-install and re-register KernelCare. To backup the configuration file of KernelCare if you have modified it, backup the <code>/etc/sysconfig/kcare/</code> folder.</p><h4 id="routine-maintenance" tabindex="-1"><a class="header-anchor" href="#routine-maintenance" aria-hidden="true">#</a> Routine Maintenance</h4><p>KernelCare is packaged in RPM/DEB packages (depending on Linux distribution) and will update any time system packages are updated. No additional maintenance is needed.</p><h4 id="emergency-maintenance" tabindex="-1"><a class="header-anchor" href="#emergency-maintenance" aria-hidden="true">#</a> Emergency Maintenance</h4><p>If one of your instances degraded, once you start another instance based on EBS or snapshot - KernelCare will continue working as before, no additional work is needed. If you set up a new server instead, re-register KernelCare on the new server. If you decide to uninstall patches, run the command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --unload
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>Or to completely remove the kernelcare package run one of the following commands:</p><ul><li>on RPM-based systems:</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># yum remove kernelcare
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ul><li>or on DEB-based systems:</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># apt-get remove kernelcare
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h3 id="patch-feed-advanced-options" tabindex="-1"><a class="header-anchor" href="#patch-feed-advanced-options" aria-hidden="true">#</a> Patch Feed Advanced Options</h3><h4 id="test-and-delayed-feeds" tabindex="-1"><a class="header-anchor" href="#test-and-delayed-feeds" aria-hidden="true">#</a> Test and Delayed Feeds</h4><p>The KernelCare Patch Server has several patch feeds available in addition to the standard (production) feed:</p><ul><li><strong>Test feed</strong> - the newest patches (test builds) that have not undergone the complete testing process. Test feed makes it possible to start testing new patches earlier.</li><li><strong>Delayed feeds</strong> - instructs KernelCare to skip loading patches that were released within the last 12/24/48 hours.</li></ul><p>The alternate feed option is enabled by setting <code>PREFIX</code> variable in <code>/etc/sysconfig/kcare/kcare.conf</code> to one of <code>test</code>/<code>12h</code>/<code>24h</code>/<code>48h</code>.</p><h4 id="feed-management-with-sticky-patch-feature" tabindex="-1"><a class="header-anchor" href="#feed-management-with-sticky-patch-feature" aria-hidden="true">#</a> Feed Management With Sticky Patch Feature</h4><p>The best way to handle QA and Production environments is to use Sticky tag feature of KernelCare license keys issued from CloudLinux Network (CLN) portal. To use this tag, go to CLN portal -&gt; KernelCare tab -&gt; click on the target key -&gt; Edit Key Info window.</p><p><img src="`+y+'" alt="activation keys"></p><p><img src="'+x+'" alt="key details"></p><p>You should provide a separate key for each environment and set them to a particular sticky tag which is actually the date to which all the servers in an environment have to be patched.</p><p><img src="'+k+`" alt="edit key"></p><p>The date in the Sticky tag field can be any date from May 28, 2018 up to one day before today. To use the Sticky tag feature on the servers to be patched, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ kcarectl --set-sticky-patch=KEY
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>Alternatively, you can do the same by adding <code>STICKY_PATCH=KEY</code> to the <code>/etc/sysconfig/kcare/kcare.conf</code> file.</p><div class="tip custom-block"><p class="custom-block-title">Warning</p><p><strong>Do Not</strong> replace the <code>KEY</code> word with the actual KernelCare license key used to register the server, you should just use the word <code>KEY</code></p></div><p>When the Sticky tag feature is enabled for particular servers, all such servers will get patches only released before the date specified in the Sticky tag field. This way, you can add new patches to all the servers in an environment (i.e. registered with the same KernelCare license key) by updating only a single field in the CLN portal.</p><h4 id="support" tabindex="-1"><a class="header-anchor" href="#support" aria-hidden="true">#</a> Support</h4><p>We offer unlimited, 24x7x365 support. <a href="https://cloudlinux.zendesk.com/hc/requests/new" target="_blank" rel="noopener noreferrer">Submit a request</a> or email us at <a href="mailto:support@cloudlinux.com">support@cloudlinux.com</a></p><ul><li>We answer all support questions within one business day and most within a couple of hours. To expedite the support, run the following command on your server (as root):</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --doctor
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>Then paste the generated key into the support request.</p><h4 id="support-costs" tabindex="-1"><a class="header-anchor" href="#support-costs" aria-hidden="true">#</a> Support Costs</h4><p>Your KernelCare subscription includes free 24/7 support.</p><h4 id="reference-materials" tabindex="-1"><a class="header-anchor" href="#reference-materials" aria-hidden="true">#</a> Reference Materials</h4><ul><li>KernelCare website: <a href="https://www.kernelcare.com" target="_blank" rel="noopener noreferrer">https://www.kernelcare.com</a></li><li>KernelCare Blog: <a href="https://www.kernelcare.com/blog/" target="_blank" rel="noopener noreferrer">https://www.kernelcare.com/blog/</a></li><li>KernelCare Patch Server: <a href="https://patches.kernelcare.com" target="_blank" rel="noopener noreferrer">https://patches.kernelcare.com</a></li><li>KernelCare documentation: <a href="https://docs.kernelcare.com/" target="_blank" rel="noopener noreferrer">https://docs.kernelcare.com/</a></li><li>CloudLinux Network - CLN (Billing Portal): <a href="https://cln.cloudlinux.com" target="_blank" rel="noopener noreferrer">https://cln.cloudlinux.com</a></li><li>CloudLinux 24/7 online support system: <a href="https://tuxcare.zendesk.com" target="_blank" rel="noopener noreferrer">https://tuxcare.zendesk.com</a></li></ul><h4 id="localization" tabindex="-1"><a class="header-anchor" href="#localization" aria-hidden="true">#</a> Localization</h4><p>KernelCare is available in the English language only.</p><h3 id="reseller-partner-ui" tabindex="-1"><a class="header-anchor" href="#reseller-partner-ui" aria-hidden="true">#</a> Reseller Partner UI</h3><p>Once you have got the reseller partner access, in the IP Reseller Partner UI you can view and manage IP licenses, billing options and profile details. Here you can track your balance, license count and license prices as well as using an IP address search to find customers. You can find more information about KernelCare licensing <a href="https://www.kernelcare.com/pricing/" target="_blank" rel="noopener noreferrer">here</a>.</p><h4 id="server-section" tabindex="-1"><a class="header-anchor" href="#server-section" aria-hidden="true">#</a> Server Section</h4><p>As soon as you have added funds (See <strong>Billing Info/Add Funds</strong> below) to your account you can immediately add new licenses for clients. To add an IP KernelCare license:</p><ol><li>Enter IP address in the <strong>Add IP License</strong> field, choose a license type in the pull-down menu (KernelCare) and click <strong>Add license</strong>.</li></ol><p><img src="`+w+'" alt="reseller ui"></p><ol start="2"><li><p>To delete a license click <strong>Delete</strong> in front of the needed IP address.</p></li><li><p>To add a KernelCare Key license go to the <strong>KernelCare Keys</strong> tab, enter the number of servers allowed for the license in <strong>Max Servers</strong>, add a description if needed and click <strong>Add</strong>. The key will be generated and appear in the list below.</p></li></ol><p>In the <strong>Operations List</strong> you are able to edit or delete the key.</p><p><img src="'+_+'" alt="reseller ops"></p><h4 id="billing-info-add-funds" tabindex="-1"><a class="header-anchor" href="#billing-info-add-funds" aria-hidden="true">#</a> Billing Info/Add Funds</h4><p>To add funds:</p><ol><li><p>Click <strong>Add Funds</strong> near your balance or go to <strong>Billing Info/Add Funds</strong> on the top of the starting page of your account.</p></li><li><p>Click <strong>Add</strong> to add credit card details, then enter funds amount and click <strong>TopUp</strong> or <strong>Process to Checkout</strong> to pay via PayPal.</p></li></ol><p><img src="'+C+'" alt="reseller billing"></p><p>While adding credit card details, you can also choose the <strong>Auto add funds</strong> option - the funds amount you choose in the pull down menu will be automatically added when your balance is below $100.</p><p>If you choose <strong>Auto repay</strong>, your card will be automatically charged when your balance becomes negative. The minimum charge is $20 (e.g. for a balance of -$15 you will be charged at $20, for a balance of -$134.2 you will be charged at $134.2).</p><p><img src="'+T+'" alt="add funds"></p><div class="tip custom-block"><p class="custom-block-title">Note</p><p>If your balance is shown as negative, it means that you have to deposit more funds.</p></div><h4 id="api-section" tabindex="-1"><a class="header-anchor" href="#api-section" aria-hidden="true">#</a> API Section</h4><p>CloudLinux and KernelCare IP license adding and removing is compatible with different hosting and domain management and billing systems and platforms. You can find comprehensive information on all possible CloudLinux modules and plug-ins APIs in API Section.</p><p><img src="'+K+'" alt="reseller api"></p><h4 id="profile" tabindex="-1"><a class="header-anchor" href="#profile" aria-hidden="true">#</a> Profile</h4><p>You can edit your profile information by clicking on <strong>Profile</strong> section. Edit the necessary info and click <strong>Update Account</strong>.</p><p><img src="'+S+'" alt="profile"><img src="'+E+`" alt="contacts"></p><h3 id="how-to" tabindex="-1"><a class="header-anchor" href="#how-to" aria-hidden="true">#</a> How To</h3><h4 id="how-to-disable-hyperthreading-smt-without-reboot-kernelcare-case" tabindex="-1"><a class="header-anchor" href="#how-to-disable-hyperthreading-smt-without-reboot-kernelcare-case" aria-hidden="true">#</a> How to disable HyperThreading (SMT) without reboot: KernelCare case</h4><p>This article explains how to disable or enable SMT (Simultaneous multithreading) without rebooting using KernelCare, to help mitigate the recent MDS/Zombieload vulnerability.</p><p>Disabling CPU simultaneous multithreading (SMT) is one of the mitigations needed to counter the recent MDS vulnerability (also known as ‘Zombieload&#39;). There is a performance impact that depends on the configuration of the hosting platform and its workload patterns. You should also consider the impact of other mitigation strategies, such as assigning dedicated cores to guests (e.g. VMs).</p><p>You can control and get the status of SMT with the kernel&#39;s <code>sysfs</code> interface. There are two files, both in the <code>/sys/devices/system/cpu/smt</code> directory:</p><ul><li><code>control</code></li><li><code>active</code></li></ul><p>If you cannot find the <code>/sys/devices/system/cpu/smt</code> directory, this means your running kernel does not support SMT. In this case, you need to apply KernelCare patches so the SMT controls become available to your system. Use the <code>kcarectrl</code> command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --update
+
+Kernel is safe
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># ls -l /sys/devices/system/cpu/smt
+
+-r--r--r-- 1 root root 4096 May 17 13:06 active
+-rw-r--r-- 1 root root 4096 May 17 13:06 control
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>As soon as you have these files in place, it is possible to proceed with disabling SMT.</p>`,194),Me=e("iframe",{width:"560",height:"315",src:"https://www.youtube.com/embed/RUGCvEO1hAE",frameborder:"0",allow:"accelerometer; autoplay; encrypted-media; gyroscope; picture-in-picture",allowfullscreen:""},null,-1),De=t(`<h4 id="smt-control" tabindex="-1"><a class="header-anchor" href="#smt-control" aria-hidden="true">#</a> SMT Control</h4><p><code>/sys/devices/system/cpu/smt/control</code></p><p>This file lets you enable or disable SMT, and shows its state. There are three values:</p><ol><li><code>on</code>: The CPU supports SMT and it is enabled. All logical CPUs can be taken offline or online without restriction.</li><li><code>off</code>: The CPU supports SMT but it is disabled. Only so-called primary SMT threads can be taken offline/online without restriction. Attempts to put a non-primary sibling thread online will be rejected.</li><li><code>notsupported</code>: The CPU does not support SMT. You will not be able to write to the control file.</li></ol><h4 id="smt-status" tabindex="-1"><a class="header-anchor" href="#smt-status" aria-hidden="true">#</a> SMT Status</h4><p><code>/sys/devices/system/cpu/smt/active</code></p><p>The contents of this file show the status of SMT (e.g. if two or more sibling threads are active on the same physical core the contents of this file is 1, if not: 0).</p><p>Here are some commands to control SMT support (root permissions are required):</p><h4 id="check-the-smt-state" tabindex="-1"><a class="header-anchor" href="#check-the-smt-state" aria-hidden="true">#</a> Check the SMT state</h4><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ cat /sys/devices/system/cpu/smt/active
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h4 id="enable-smt" tabindex="-1"><a class="header-anchor" href="#enable-smt" aria-hidden="true">#</a> Enable SMT</h4><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># echo on &gt; /sys/devices/system/cpu/smt/control
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h4 id="disable-smt" tabindex="-1"><a class="header-anchor" href="#disable-smt" aria-hidden="true">#</a> Disable SMT</h4><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># echo off &gt; /sys/devices/system/cpu/smt/control
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div>`,14),Ue=t(`<h4 id="how-to-update-microcode-without-reboot-with-vendor-provided-package" tabindex="-1"><a class="header-anchor" href="#how-to-update-microcode-without-reboot-with-vendor-provided-package" aria-hidden="true">#</a> How to update Microcode without reboot with vendor-provided package</h4><p>This article shows how to update the microcode of Intel CPUs running Linux.</p><div class="warning custom-block"><p class="custom-block-title">Warning</p><p>To avoid possible issues with Microcode updating, enable SMT before the update.</p></div><div class="tip custom-block"><p class="custom-block-title">Note</p><p>This article is subject to change and will be updated with instructions for other distributions.</p></div><div class="tip custom-block"><p class="custom-block-title">Notes</p><ul><li>These steps must be done as root.</li><li>The examples shown are for Debian.</li><li>If you have doubts your systems are fully protected against CPU- and kernel-related vulnerabilities, please <a href="mailto:sales@cloudlinux.com">get in touch with us</a>.</li></ul></div><h4 id="updating-microcode-on-ubuntu-and-debian" tabindex="-1"><a class="header-anchor" href="#updating-microcode-on-ubuntu-and-debian" aria-hidden="true">#</a> Updating microcode on Ubuntu and Debian</h4><ol><li><p>Find the microcode package download link for your platform</p><ul><li>Ubuntu: <a href="https://usn.ubuntu.com/3977-1/" target="_blank" rel="noopener noreferrer">https://usn.ubuntu.com/3977-1/</a></li><li>Debian: <a href="https://packages.debian.org/search?keywords=intel-microcode" target="_blank" rel="noopener noreferrer">https://packages.debian.org/search?keywords=intel-microcode</a></li></ul></li><li><p>Download the package</p></li></ol><div class="tip custom-block"><p class="custom-block-title">Note</p><p>Example shown for Debian 9</p></div><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ cd &lt;a temporary directory, e.g. /tmp&gt;
+$ mkdir firmware
+$ cd firmware
+$ wget http://security.debian.org/debian-security/pool/updates/non-free/i/intel-microcode/intel-microcode_3.20190514.1~deb9u1_amd64.deb
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="3"><li>Check the downloaded package</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ md5sum intel-microcode_3.20190514.1~deb9u1_amd64.deb
+
+c7bc9728634137453e0f4821fb6bb436  intel-microcode_3.20190514.1~deb9u1_amd64.deb
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>A list of checksums is on <a href="https://packages.debian.org/stretch/amd64/intel-microcode/download" target="_blank" rel="noopener noreferrer">the Debian packages download page</a>.</p><ol start="4"><li>Unpack the package</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ dpkg -x intel-microcode_3.20190514.1~deb9u1_amd64.deb
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="5"><li>Check the unpacked files</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ ls -l
+
+total 1896
+drwxr-xr-x 5 root root   53 May 15 04:18 etc
+-rw-r--r-- 1 root root 1940140 May 17 11:42 intel-microcode_3.20190514.1~deb9u1_amd64.deb
+drwxr-xr-x 3 root root   22 May 15 04:18 lib
+drwxr-xr-x 3 root root   19 May 15 04:18 usr
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="6"><li>Create a backup of existing microcode:</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># test -d /lib/firmware/intel-ucode/ &amp;&amp; mv /lib/firmware/intel-ucode/ /lib/firmware/intel-ucode.backup
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="7"><li>Copy the new microcode and check it</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># cp -r lib/firmware/intel-ucode/ /lib/firmware/
+# ls -l /lib/firmware/ | grep intel-ucode
+
+drwxr-xr-x  2 root root 4096 May 17 11:47 intel-ucode
+drwxr-xr-x  2 root root 4096 May 16 20:54 intel-ucode.backup
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="8"><li>Check the current microcode version</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># dmesg | grep microcode
+
+[ 2.254717] microcode: sig=0x306a9, pf=0x10, revision=0x12
+[ 2.254820] microcode: Microcode Update Driver: v2.01 &lt;tigran@aivazian.fsnet.co.uk&gt;, Peter Oruba
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="9"><li>(Optional) Double check the current microcode versions (revisions per core)</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ grep microcode /proc/cpuinfo
+
+microcode : 0x12
+microcode : 0x12
+microcode : 0x12
+microcode : 0x12
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="10"><li>Check the microcode reload file exists</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ ls -l /sys/devices/system/cpu/microcode/reload
+
+--w------- 1 root root 4096 May 17 11:54 /sys/devices/system/cpu/microcode/reload
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="11"><li>Force the kernel to load the new microcode</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># echo 1 &gt; /sys/devices/system/cpu/microcode/reload
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="12"><li>Check the new microcode</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># dmesg | grep microcode
+
+[ 2.254717] microcode: sig=0x306a9, pf=0x10, revision=0x12
+[ 2.254820] microcode: Microcode Update Driver: v2.01 &lt;tigran@aivazian.fsnet.co.uk&gt;, Peter Oruba
+[ 1483.494573] platform microcode: firmware: direct-loading firmware intel-ucode/06-3a-09
+[ 1483.495985] microcode: updated to revision 0x21, date = 2019-02-13
+[ 1483.496012] platform microcode: firmware: direct-loading firmware intel-ucode/06-3a-09
+[ 1483.496698] platform microcode: firmware: direct-loading firmware intel-ucode/06-3a-09
+[ 1483.497391] platform microcode: firmware: direct-loading firmware intel-ucode/06-3a-09
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="13"><li>(Optional) Double check the new microcode version (revisions per core)</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ grep microcode /proc/cpuinfo
+
+microcode : 0x21
+microcode : 0x21
+microcode : 0x21
+microcode : 0x21
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><h4 id="updating-microcode-on-red-hat-and-centos" tabindex="-1"><a class="header-anchor" href="#updating-microcode-on-red-hat-and-centos" aria-hidden="true">#</a> Updating Microcode on Red Hat and CentOS</h4><p>For RHEL-based distributions, you can use the <code>microcode_ctl utility</code> to update microcode.</p><ol><li>Get the latest microcode by updating the <code>microcode_ctl</code> package</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># yum update microcode_ctl
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="2"><li>Create a force file</li></ol><p>Create a <code>force-late-intel-06-4f-01</code> inside the firmware directory.</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># touch /lib/firmware/\`uname -r\`/force-late-intel-06-4f-01
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="3"><li>Run the microcode update</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># /usr/libexec/microcode_ctl/update_ucode
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="4"><li>Force the kernel to load the new microcode</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># echo 1 &gt; /sys/devices/system/cpu/microcode/reload
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="5"><li>Check the new microcode</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># dmesg | grep microcode
+
+[ 2.254717] microcode: sig=0x306a9, pf=0x10, revision=0x12
+[ 2.254820] microcode: Microcode Update Driver: v2.01 &lt;tigran@aivazian.fsnet.co.uk&gt;, Peter Oruba
+[ 1483.494573] platform microcode: firmware: direct-loading firmware intel-ucode/06-3a-09
+[ 1483.495985] microcode: updated to revision 0x21, date = 2019-02-13
+[ 1483.496012] platform microcode: firmware: direct-loading firmware intel-ucode/06-3a-09
+[ 1483.496698] platform microcode: firmware: direct-loading firmware intel-ucode/06-3a-09
+[ 1483.497391] platform microcode: firmware: direct-loading firmware intel-ucode/06-3a-09
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="6"><li>(Optional) Double check the new microcode version (revisions per core)</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ grep microcode /proc/cpuinfo
+
+microcode : 0x21
+microcode : 0x21
+microcode : 0x21
+microcode : 0x21
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><h4 id="updating-microcode-on-centos-6" tabindex="-1"><a class="header-anchor" href="#updating-microcode-on-centos-6" aria-hidden="true">#</a> Updating Microcode on CentOS 6</h4><ol><li>Get the latest microcode by updating the <code>microcode_ctl</code> package</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># yum update microcode_ctl
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="2"><li>If <code>yum update microcode_ctl</code> outputs the following:</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>Package(s) microcode_ctl available, but not installed.
+No Packages marked for Update
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>you need to install the package manually.</p><ol start="3"><li>To install <code>microcode_ctl</code> package, run the command:</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># yum install microcode_ctl
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>The command should output:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>Installed:
+  microcode_ctl.x86_64 2:1.17-33.11.el6_10
+
+Complete!
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="4"><li>Check CPU microcode version:</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ grep microcode /proc/cpuinfo
+
+microcode       : 9
+microcode       : 9
+microcode       : 9
+microcode       : 9
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="5"><li>Try to update microcode</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># microcode_ctl -u
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>If you see the output:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>microcode_ctl: writing microcode (length: 2370560)
+microcode_ctl: cannot open /dev/cpu/microcode for writing errno=2 (No such file or directory)
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>You need to load driver microcode.</p><ol start="6"><li>Load driver microcode</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># modprobe microcode
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="7"><li>Try to update microcode again:</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># microcode_ctl -u
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>If you see the output:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>microcode_ctl: writing microcode (length: 2370560)
+microcode_ctl: microcode successfully written to /dev/cpu/microcode
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>then the update is successful.</p><ol start="8"><li>Check version:</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ grep microcode /proc/cpuinfo
+
+microcode       : 17
+microcode       : 17
+microcode       : 17
+microcode       : 17
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div>`,73),Ye=e("iframe",{width:"560",height:"315",src:"https://www.youtube.com/embed/EydWy-b9uns",frameborder:"0",allow:"accelerometer; autoplay; encrypted-media; gyroscope; picture-in-picture",allowfullscreen:""},null,-1),Ne=t('<h4 id="plesk-related" tabindex="-1"><a class="header-anchor" href="#plesk-related" aria-hidden="true">#</a> Plesk related</h4><h4 id="how-to-get-a-kernelcare-activation-key-from-the-extended-plesk-license" tabindex="-1"><a class="header-anchor" href="#how-to-get-a-kernelcare-activation-key-from-the-extended-plesk-license" aria-hidden="true">#</a> How to get a KernelCare activation key from the extended Plesk license</h4><p>Often our clients purchase KernelCare licenses through Plesk/Odin and in such cases, they get a universal key which includes the KernelCare license and other additional keys for Plesk plugins. Such a key has the following syntax - <code>A00B00-0CDE00-F0G000-HIGK00-LM0N00</code>, and initially, it is installed through Plesk automatically and the license gets activated successfully.</p><p>However, if it is required to re-register the agent for some reason or simply get the KernelCare activation key separately, it would be impossible to apply the above-mentioned one - we would need to deal with the KernelCare service separately.</p><p>To get the KernelCare activation key from the extended Plesk license key, you will need to proceed with the following.</p><ol><li>Navigate to <em>Tools &amp; Settings -&gt; Plesk -&gt; License Management -&gt; Additional License Keys</em></li></ol><p><img src="'+I+'" alt="plesk keys"></p><p><img src="'+P+`" alt="more keys"></p><ol start="2"><li><p>Click <em>Download key</em> next to the KernelCare license listed on the page and open the file downloaded in some text editor</p></li><li><p>Find the following abstract:</p></li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>&lt;!--Key body--&gt;
+&lt;aps-3:key-body core:encoding=&quot;base64&quot; core:type=&quot;binary&quot;&gt;YOUR_BASE64_ENCODED_LICENSE_KEY==&lt;/aps-3:key-body&gt;
+&lt;!--Information about additional key--&gt;
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="4"><li><p>This is your base64-encoded key, and it should be decoded using a CLI utility or an online base64 decoder into UTF-8, e.g. <a href="https://www.base64decode.org" target="_blank" rel="noopener noreferrer">https://www.base64decode.org</a>. The new license key should have the following format: <code>xxxxxxxxxxxxxxxx</code>. It will contain lower and upper case letters and numbers.</p></li><li><p>Use the new key decoded to activate the service:</p></li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --register DECODED_KEY_HERE
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>That&#39;s it!</p><h2 id="libcare" tabindex="-1"><a class="header-anchor" href="#libcare" aria-hidden="true">#</a> LibCare</h2><p>LibCare enables security patching of critical userspace shared libraries in-memory without restarting or disrupting the applications using them. This is techinical documentation describing the solution; for a high level summary see <a href="https://tuxcare.com/enterprise-live-patching-services/libcare/" target="_blank" rel="noopener noreferrer">LibCare&#39;s main web site</a>.</p><h3 id="supported-libraries-and-operating-systems" tabindex="-1"><a class="header-anchor" href="#supported-libraries-and-operating-systems" aria-hidden="true">#</a> Supported libraries and operating systems</h3><p>LibCare provide security updates for the OpenSSL and glibc libraries on many operating systems.</p><h3 id="supported-operating-systems" tabindex="-1"><a class="header-anchor" href="#supported-operating-systems" aria-hidden="true">#</a> Supported operating systems</h3><p>LibCare patching is available for many operating systems including CentOS, AlmaLinux, Oracle Linux, Debian and Ubuntu.</p><p><a href="https://patches.kernelcare.com/" target="_blank" rel="noopener noreferrer">Check compatibility with your operating system</a>.</p><h3 id="installation-and-upgrade" tabindex="-1"><a class="header-anchor" href="#installation-and-upgrade" aria-hidden="true">#</a> Installation and upgrade</h3><p>Userspace processes patching feature is available in the KernelCare package.</p><h3 id="usage" tabindex="-1"><a class="header-anchor" href="#usage" aria-hidden="true">#</a> Usage</h3><p>To apply the available patches to all userspace processes, run the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --lib-update
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To gather information about what processes were patched, run the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --lib-info
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To gather information about applied patches, run the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --lib-patch-info
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To unpatch all processes, run the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --lib-unload
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h4 id="blacklisting" tabindex="-1"><a class="header-anchor" href="#blacklisting" aria-hidden="true">#</a> Blacklisting</h4><p>Applying a live patch may clash with software such as anti-viruses that detect or prevent memory updates. While the majority of software is compatible with live patching, for the software that may misbehave, LibCare comes with a default blacklist. The blacklist is located in the /var/lib/libcare/blacklist and contains the list of known applications that may misbehave when live patched. You can override those values by creating the file <code>/var/cache/kcare/userspace/blacklist</code>.</p><p>The format of the file is as follows. Patterns should be specified line by line prefixed with pattern type and a colon. Comments start with a hash (#). For example:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code> # Symantec Antivirus
+ path: /opt/Symantec/*
+ filename:symcfgd
+ filename:rtvscand
+ filename:smcd
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>Specifying <code>path</code> means that the whole path to binary will be taken into account, while using <code>filename</code> allows you to blacklist a process irrespective of the full path to the binary.</p><p>Wildcards are also supported:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code> filename:docker*
+ path:/usr/libexec/docker/docker-*
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>Also POSIX regular expressions could be used as follows:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code> regex:/usr/bin/[[:alnum:]]+
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h4 id="auto-update" tabindex="-1"><a class="header-anchor" href="#auto-update" aria-hidden="true">#</a> Auto update</h4><p>Userspace patching cron job is disabled by default. To enable it, run the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># libcare-cron init
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h3 id="usage-in-containers" tabindex="-1"><a class="header-anchor" href="#usage-in-containers" aria-hidden="true">#</a> Usage in containers</h3><p>LibCare supports containers natively, including docker, LXC and other containerization technologies. When run on the host it operates on all processes that are running, including processes present in containers. At the same time there are two ways to use LibCare with containers and each has its own advantages and disadvantages. Let&#39;s go through them.</p><h4 id="disposable-container-servers" tabindex="-1"><a class="header-anchor" href="#disposable-container-servers" aria-hidden="true">#</a> Disposable container servers</h4><p>Disposable container servers are services that are run within a container for a limited time and are refreshed periodically, e.g. daily to get the latest security updates. The recommended way to run LibCare with disposable containers is by installing <code>kernelcare</code> on the host, and it will automatically patch all processes libraries in the containers.</p><h4 id="persistent-container-servers" tabindex="-1"><a class="header-anchor" href="#persistent-container-servers" aria-hidden="true">#</a> Persistent container servers</h4><p>Persistent container servers are services that are run in containers the same way as a traditional physical server, i.e. the LXC approach. Although LibCare can run the same way as with disposable containers, it is also possible to install <code>kernelcare</code> within each container and that will enable live patching of the processes of each container individually. That approach enables accurate patching information within each containerized server that can be used by the available vulnerability scanner. When using this approach userspace patching must be disabled on the host using <code>kcarectl --disable-libcare</code>.</p><h3 id="troubleshooting" tabindex="-1"><a class="header-anchor" href="#troubleshooting" aria-hidden="true">#</a> Troubleshooting</h3><h4 id="auditd-logs" tabindex="-1"><a class="header-anchor" href="#auditd-logs" aria-hidden="true">#</a> Auditd logs</h4><p>The LibCare tools heavily use the <code>ptrace</code> syscall, and if <code>auditd</code> is configured to trace it&#39;s calls there will be a lot of records in the logs. There is a rule that is provided by the kernelcare package and is located at <code>/etc/audit/rules.d/kernelcare.rules</code> that will exclude the kernelcare processes from auditd.</p><p><strong>Note</strong>: no such rule is provided for EL6 due to old <code>autditd</code> restrictions. There is a command that will add such a rule at runtime:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># auditctl -l | grep kcare | cut -d&#39; &#39; -f2- | xargs -t -L1 -r auditctl -d &amp;&amp; pgrep libcare-server | \\
+    xargs -t -n1 -i auditctl -A exit,never -F arch=b64 -S ptrace -F pid=&quot;{}&quot; -k kcarever | \\
+    xargs -t -n1 -i auditctl -A exit,never -F arch=b64 -S ptrace -F pid=&quot;{}&quot; -k kcare
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>It removes all currently enabled KernelCare rules and adds a new one by LibCare&#39;s process ID.</p><h3 id="unpatched-library-detector-uchecker" tabindex="-1"><a class="header-anchor" href="#unpatched-library-detector-uchecker" aria-hidden="true">#</a> Unpatched Library Detector (UChecker)</h3><h4 id="description" tabindex="-1"><a class="header-anchor" href="#description" aria-hidden="true">#</a> Description</h4><p>UChecker is a scanner that checks network Linux servers and detects out-of-date libraries both on disk and in memory. KernelCare&#39;s open-source scanner will find false negatives by correctly reporting vulnerable libraries running in memory that could be reported as updated by other scanners.</p><p>The UChecker (originated from &quot;userspace checker&quot;) works with all modern Linux Distributions, it is free and open-source, distributed under the GNU General Public License.</p><h4 id="how-uchecker-works" tabindex="-1"><a class="header-anchor" href="#how-uchecker-works" aria-hidden="true">#</a> How UChecker works</h4><p>This activity diagram shows how UChecker works:</p><p><img src="`+A+`" alt="uchecker"></p><h4 id="uchecker-usage" tabindex="-1"><a class="header-anchor" href="#uchecker-usage" aria-hidden="true">#</a> UChecker Usage</h4><p>To scan your systems, run the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ curl -s -L https://kernelcare.com/uchecker | sudo python
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>You will receive the following output:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>[*] Process httpd[15516] linked to the \`libc-2.17.so\` that is not up to date.
+
+You may want to update libraries above and restart corresponding processes.
+
+KernelCare+ allows to resolve such issues with no process downtime. To find
+out more, please, visit https://lp.kernelcare.com/kernelcare-early-access?
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>The following information is available in the output:</p><ul><li>Process ID</li><li>Process Name</li></ul><h4 id="uchecker-troubleshooting" tabindex="-1"><a class="header-anchor" href="#uchecker-troubleshooting" aria-hidden="true">#</a> UChecker Troubleshooting</h4><p>To see verbose output, you can choose a logging level: <code>ERROR</code>, <code>WARNING</code>, <code>INFO</code>, and <code>DEBUG</code>.</p><p>For example:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ curl -s -L https://kernelcare.com/uchecker | sudo LOGLEVEL=debug python
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To learn more, visit the <a href="https://github.com/cloudlinux/kcare-uchecker" target="_blank" rel="noopener noreferrer">UChecker Github page</a>.</p><h2 id="qemucare" tabindex="-1"><a class="header-anchor" href="#qemucare" aria-hidden="true">#</a> QEMUCare</h2><p>QEMUCare - virtualization patching for cloud providers, VPS hosters, or any other company with QEMU based virtualization systems. It keeps infrastructure patched without disrupting virtual tenants&#39; systems.</p><h3 id="how-qemucare-works" tabindex="-1"><a class="header-anchor" href="#how-qemucare-works" aria-hidden="true">#</a> How QEMUCare works</h3><ul><li>An agent is installed on each virtualization host which installs patches directly from the QEMUCare repository.</li><li>In an ePortal environment, your Virtualization Hosts communicate with the QEMUCare ePortal server that acts as an intermediary.</li></ul><h3 id="qemu-patchset-deployment" tabindex="-1"><a class="header-anchor" href="#qemu-patchset-deployment" aria-hidden="true">#</a> QEMU PatchSet Deployment</h3><p>Starting from version 1.25, ePortal supports the QEMU patchset management. It is accessible from the <code>Patches / QEMUcare</code> navigation item. QEMU patches use the same Patch Source credentials, and you don&#39;t need to perform additional configuration.</p><p><img src="`+L+`" alt="qemu feed"></p><p>User interface for the QEMU patch management is the same as for KernelCare patches, and you can refer the <a href="https://docs.tuxcare.com/eportal/#patchset-deployment" target="_blank" rel="noopener noreferrer">PatchSet Deployment</a> documentation.</p><h4 id="cli-to-install-the-latest-patchsets" tabindex="-1"><a class="header-anchor" href="#cli-to-install-the-latest-patchsets" aria-hidden="true">#</a> CLI to install the latest patchsets</h4><p>To update the default feed, run the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kc.eportal qemu update
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To update the <code>test</code> feed, run the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kc.eportal qemu update --feed test
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To update all auto-feeds, run the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kc.eportal qemu auto-update
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h4 id="cli-to-deploy-patchset-from-archive" tabindex="-1"><a class="header-anchor" href="#cli-to-deploy-patchset-from-archive" aria-hidden="true">#</a> CLI to deploy patchset from archive</h4><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ kc.eportal qemu deploy --help
+usage: kc.eportal qemu deploy [-h] [--feed FEED] [--disabled] archive
+
+positional arguments:
+  archive      path to archive
+
+optional arguments:
+  -h, --help   show this help message and exit
+  --feed FEED  feed to deploy archive to
+  --disabled   do not enable patchset after deploy
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>For example:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kc.eportal qemu deploy --feed test /tmp/U20210818_01-qemu.tar.bz2
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>This command will deploy and enable the <code>U20210818_01-qemu</code> patchset in to the <code>test</code> feed.</p><h2 id="vulnerability-scanner-integration-with-kernelcare" tabindex="-1"><a class="header-anchor" href="#vulnerability-scanner-integration-with-kernelcare" aria-hidden="true">#</a> Vulnerability Scanner Integration with KernelCare</h2><p>This document is made for developers of vulnerability scanners to correctly report live patched vulnerabilities as delivered by KernelCare. There are several approaches that vendors might take to identify vulnerabilities patched by KernelCare correctly.</p><h3 id="easiest-identifying-correctly-the-effective-kernel" tabindex="-1"><a class="header-anchor" href="#easiest-identifying-correctly-the-effective-kernel" aria-hidden="true">#</a> Easiest: Identifying correctly the effective kernel</h3><p>KernelCare provides &quot;effective kernel&quot; information in</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>/proc/kcare/effective_version
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>Security scanners can check if the file is present, and if it is, use it instead of /proc/version to identify the kernel. This will provide an effective kernel version from a security standpoint.</p><p>Alternatively, the command <code>/usr/bin/kcarectl --uname</code> can be run instead of the <code>uname</code> command to detect effective kernel version</p><h3 id="comprehensive-using-oval-data" tabindex="-1"><a class="header-anchor" href="#comprehensive-using-oval-data" aria-hidden="true">#</a> Comprehensive: Using OVAL data</h3><p>KernelCare comes with OVAL data that provides instructions to the scanner to identify the vulnerabilities addressed by the installed live patches. OVAL data are available for the operating systems supported by KernelCare Enterprise, including AlmaLinux, Red Hat Enterprise Linux, Oracle Linux, CentOS, Debian, and Ubuntu.</p><p>The OVAL data cover all KernelCare enterprise products and add-ons, including LibCare and QEMUCare.</p><p>The OVAL data for KernelCare live patching are available at <a href="https://patches.kernelcare.com/oval/" target="_blank" rel="noopener noreferrer">patches.kernelcare.com/oval</a>.</p><h3 id="comprehensive-local-using-the-local-cvelist-file-on-each-scanned-node" tabindex="-1"><a class="header-anchor" href="#comprehensive-local-using-the-local-cvelist-file-on-each-scanned-node" aria-hidden="true">#</a> Comprehensive &amp; local: Using the local CVELIST file on each scanned node</h3><p>KernelCare provides two files listing the vulnerabilities the currently installed live patches address. These files contain a list of CVEs separated by a new line.</p><p>The list of vulnerabilities addressed by Kernel live patches is available at:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>/proc/kcare/cvelist
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>The list of vulnerabilities addressed by system live patching (LibCare, QEMUCare, etc.) is available at:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>/var/cache/kcare/libcare_cvelist
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div>`,111);function Re(Fe,qe){const i=M("RouterLink");return D(),U("div",null,[Y(" markdownlint-disable MD014 MD033 MD029 MD049 "),R,e("table",null,[F,e("tbody",null,[q,H,e("tr",null,[z,e("td",null,[a("The same as --update, but uses "),n(i,{to:"/live-patching-services/#config-options"},{default:r(()=>[a("UPDATE_POLICY")]),_:1}),a(" to decide where to get patches.")])]),V,$,W,B,Q,G,X,j,Z,J,ee,ae,te,ie,ne,re,se,le,oe,de,ce,e("tr",null,[ue,e("td",null,[a("Set patch to stick to date in format DDMMYY or retrieve it from KEY if set to KEY (no support for ePortal). Empty to unstick. More info at "),n(i,{to:"/live-patching-services/#sticky-patches"},{default:r(()=>[a("Sticky Patches")]),_:1}),a(".")])]),he])]),pe,e("table",null,[me,e("tbody",null,[ve,ge,be,fe,ye,xe,ke,we,_e,e("tr",null,[Ce,e("td",null,[a("Stick patch to a particular date. More info at "),n(i,{to:"/live-patching-services/#sticky-patches"},{default:r(()=>[a("Sticky Patches")]),_:1}),a(".")])]),Te,Ke,Se,Ee,Ie])]),Pe,e("div",Ae,[Le,e("p",null,[a("This functionality is not available for ePortal customers. If you are using ePortal, please use "),n(i,{to:"/eportal/#feed-management"},{default:r(()=>[a("Feeds")]),_:1}),a(" instead.")])]),Oe,Me,De,e("p",null,[a("Disabling SMT, "),n(i,{to:"/how-to/#how-to-update-microcode-without-reboot-with-vendor-provided-package"},{default:r(()=>[a("updating microcode")]),_:1}),a(", and applying KernelCare patches will protect your systems against the ZombieLoad vulnerability. Note, only the latter action is applicable to virtual systems (e.g. VMs, VPS and other cloud instance types).")]),Ue,Ye,Ne])}const $e=O(N,[["render",Re],["__file","index.html.vue"]]);export{$e as default};
diff --git a/assets/index.html-8a6bcf47.js b/assets/index.html-8a6bcf47.js
new file mode 100644
index 00000000..54a7752e
--- /dev/null
+++ b/assets/index.html-8a6bcf47.js
@@ -0,0 +1 @@
+const e=JSON.parse('{"key":"v-37e5fb86","path":"/live-patching-services/","title":"KernelCare Enterprise","lang":"en-US","frontmatter":{"sidebarDepth":4},"headers":[{"level":2,"title":"KernelCare","slug":"kernelcare","link":"#kernelcare","children":[{"level":3,"title":"Introduction","slug":"introduction","link":"#introduction","children":[]},{"level":3,"title":"Benefits","slug":"benefits","link":"#benefits","children":[]},{"level":3,"title":"Key Features","slug":"key-features","link":"#key-features","children":[]},{"level":3,"title":"Getting a trial license","slug":"getting-a-trial-license","link":"#getting-a-trial-license","children":[]},{"level":3,"title":"Installation","slug":"installation","link":"#installation","children":[]},{"level":3,"title":"Update","slug":"update","link":"#update","children":[]},{"level":3,"title":"Uninstalling","slug":"uninstalling","link":"#uninstalling","children":[]},{"level":3,"title":"Switching from Ksplice","slug":"switching-from-ksplice","link":"#switching-from-ksplice","children":[{"level":4,"title":"Canonical Livepatch","slug":"canonical-livepatch","link":"#canonical-livepatch","children":[]}]},{"level":3,"title":"Basic management","slug":"basic-management","link":"#basic-management","children":[]},{"level":3,"title":"Command line tools","slug":"command-line-tools","link":"#command-line-tools","children":[{"level":4,"title":"kcarectl","slug":"kcarectl","link":"#kcarectl","children":[]},{"level":4,"title":"kcare-uname","slug":"kcare-uname","link":"#kcare-uname","children":[]},{"level":4,"title":"kernelcare doctor","slug":"kernelcare-doctor","link":"#kernelcare-doctor","children":[]}]},{"level":3,"title":"Config options","slug":"config-options","link":"#config-options","children":[]},{"level":3,"title":"Disabling some patches","slug":"disabling-some-patches","link":"#disabling-some-patches","children":[]},{"level":3,"title":"Extra patchset","slug":"extra-patchset","link":"#extra-patchset","children":[]},{"level":3,"title":"Sticky patches","slug":"sticky-patches","link":"#sticky-patches","children":[{"level":4,"title":"How to find a proper sticky patch name","slug":"how-to-find-a-proper-sticky-patch-name","link":"#how-to-find-a-proper-sticky-patch-name","children":[]}]},{"level":3,"title":"Scanning for vulnerabilities","slug":"scanning-for-vulnerabilities","link":"#scanning-for-vulnerabilities","children":[{"level":4,"title":"How to use a vulnerability scanner with KernelCare","slug":"how-to-use-a-vulnerability-scanner-with-kernelcare","link":"#how-to-use-a-vulnerability-scanner-with-kernelcare","children":[]},{"level":4,"title":"What if my scanner is producing false positives?","slug":"what-if-my-scanner-is-producing-false-positives","link":"#what-if-my-scanner-is-producing-false-positives","children":[]},{"level":4,"title":"How to use OpenSCAP with KernelCare","slug":"how-to-use-openscap-with-kernelcare","link":"#how-to-use-openscap-with-kernelcare","children":[]}]},{"level":3,"title":"UEFI Secure Boot Support","slug":"uefi-secure-boot-support","link":"#uefi-secure-boot-support","children":[]},{"level":3,"title":"Live patching and FIPS compliance","slug":"live-patching-and-fips-compliance","link":"#live-patching-and-fips-compliance","children":[]},{"level":3,"title":"Firewall and Proxy Settings","slug":"firewall-and-proxy-settings","link":"#firewall-and-proxy-settings","children":[{"level":4,"title":"Patching servers through firewall","slug":"patching-servers-through-firewall","link":"#patching-servers-through-firewall","children":[]},{"level":4,"title":"Patching servers through proxy","slug":"patching-servers-through-proxy","link":"#patching-servers-through-proxy","children":[]}]},{"level":3,"title":"KernelCare on AWS - Deployment User Guide","slug":"kernelcare-on-aws-deployment-user-guide","link":"#kernelcare-on-aws-deployment-user-guide","children":[{"level":4,"title":"Introductory Material","slug":"introductory-material","link":"#introductory-material","children":[]},{"level":4,"title":"Prerequisites and Requirements","slug":"prerequisites-and-requirements","link":"#prerequisites-and-requirements","children":[]},{"level":4,"title":"Architectural Design","slug":"architectural-design","link":"#architectural-design","children":[]},{"level":4,"title":"Security","slug":"security","link":"#security","children":[]},{"level":4,"title":"Costs","slug":"costs","link":"#costs","children":[]},{"level":4,"title":"Sizing","slug":"sizing","link":"#sizing","children":[]},{"level":4,"title":"Deployment Guidance","slug":"deployment-guidance","link":"#deployment-guidance","children":[]},{"level":4,"title":"Health Check","slug":"health-check","link":"#health-check","children":[]},{"level":4,"title":"Backup and Recovery","slug":"backup-and-recovery","link":"#backup-and-recovery","children":[]},{"level":4,"title":"Routine Maintenance","slug":"routine-maintenance","link":"#routine-maintenance","children":[]},{"level":4,"title":"Emergency Maintenance","slug":"emergency-maintenance","link":"#emergency-maintenance","children":[]}]},{"level":3,"title":"Patch Feed Advanced Options","slug":"patch-feed-advanced-options","link":"#patch-feed-advanced-options","children":[{"level":4,"title":"Test and Delayed Feeds","slug":"test-and-delayed-feeds","link":"#test-and-delayed-feeds","children":[]},{"level":4,"title":"Feed Management With Sticky Patch Feature","slug":"feed-management-with-sticky-patch-feature","link":"#feed-management-with-sticky-patch-feature","children":[]},{"level":4,"title":"Support","slug":"support","link":"#support","children":[]},{"level":4,"title":"Support Costs","slug":"support-costs","link":"#support-costs","children":[]},{"level":4,"title":"Reference Materials","slug":"reference-materials","link":"#reference-materials","children":[]},{"level":4,"title":"Localization","slug":"localization","link":"#localization","children":[]}]},{"level":3,"title":"Reseller Partner UI","slug":"reseller-partner-ui","link":"#reseller-partner-ui","children":[{"level":4,"title":"Server Section","slug":"server-section","link":"#server-section","children":[]},{"level":4,"title":"Billing Info/Add Funds","slug":"billing-info-add-funds","link":"#billing-info-add-funds","children":[]},{"level":4,"title":"API Section","slug":"api-section","link":"#api-section","children":[]},{"level":4,"title":"Profile","slug":"profile","link":"#profile","children":[]}]},{"level":3,"title":"How To","slug":"how-to","link":"#how-to","children":[{"level":4,"title":"How to disable HyperThreading (SMT) without reboot: KernelCare case","slug":"how-to-disable-hyperthreading-smt-without-reboot-kernelcare-case","link":"#how-to-disable-hyperthreading-smt-without-reboot-kernelcare-case","children":[]},{"level":4,"title":"SMT Control","slug":"smt-control","link":"#smt-control","children":[]},{"level":4,"title":"SMT Status","slug":"smt-status","link":"#smt-status","children":[]},{"level":4,"title":"Check the SMT state","slug":"check-the-smt-state","link":"#check-the-smt-state","children":[]},{"level":4,"title":"Enable SMT","slug":"enable-smt","link":"#enable-smt","children":[]},{"level":4,"title":"Disable SMT","slug":"disable-smt","link":"#disable-smt","children":[]},{"level":4,"title":"How to update Microcode without reboot with vendor-provided package","slug":"how-to-update-microcode-without-reboot-with-vendor-provided-package","link":"#how-to-update-microcode-without-reboot-with-vendor-provided-package","children":[]},{"level":4,"title":"Updating microcode on Ubuntu and Debian","slug":"updating-microcode-on-ubuntu-and-debian","link":"#updating-microcode-on-ubuntu-and-debian","children":[]},{"level":4,"title":"Updating Microcode on Red Hat and CentOS","slug":"updating-microcode-on-red-hat-and-centos","link":"#updating-microcode-on-red-hat-and-centos","children":[]},{"level":4,"title":"Updating Microcode on CentOS 6","slug":"updating-microcode-on-centos-6","link":"#updating-microcode-on-centos-6","children":[]},{"level":4,"title":"Plesk related","slug":"plesk-related","link":"#plesk-related","children":[]},{"level":4,"title":"How to get a KernelCare activation key from the extended Plesk license","slug":"how-to-get-a-kernelcare-activation-key-from-the-extended-plesk-license","link":"#how-to-get-a-kernelcare-activation-key-from-the-extended-plesk-license","children":[]}]}]},{"level":2,"title":"LibCare","slug":"libcare","link":"#libcare","children":[{"level":3,"title":"Supported libraries and operating systems","slug":"supported-libraries-and-operating-systems","link":"#supported-libraries-and-operating-systems","children":[]},{"level":3,"title":"Supported operating systems","slug":"supported-operating-systems","link":"#supported-operating-systems","children":[]},{"level":3,"title":"Installation and upgrade","slug":"installation-and-upgrade","link":"#installation-and-upgrade","children":[]},{"level":3,"title":"Usage","slug":"usage","link":"#usage","children":[{"level":4,"title":"Blacklisting","slug":"blacklisting","link":"#blacklisting","children":[]},{"level":4,"title":"Auto update","slug":"auto-update","link":"#auto-update","children":[]}]},{"level":3,"title":"Usage in containers","slug":"usage-in-containers","link":"#usage-in-containers","children":[{"level":4,"title":"Disposable container servers","slug":"disposable-container-servers","link":"#disposable-container-servers","children":[]},{"level":4,"title":"Persistent container servers","slug":"persistent-container-servers","link":"#persistent-container-servers","children":[]}]},{"level":3,"title":"Troubleshooting","slug":"troubleshooting","link":"#troubleshooting","children":[{"level":4,"title":"Auditd logs","slug":"auditd-logs","link":"#auditd-logs","children":[]}]},{"level":3,"title":"Unpatched Library Detector (UChecker)","slug":"unpatched-library-detector-uchecker","link":"#unpatched-library-detector-uchecker","children":[{"level":4,"title":"Description","slug":"description","link":"#description","children":[]},{"level":4,"title":"How UChecker works","slug":"how-uchecker-works","link":"#how-uchecker-works","children":[]},{"level":4,"title":"UChecker Usage","slug":"uchecker-usage","link":"#uchecker-usage","children":[]},{"level":4,"title":"UChecker Troubleshooting","slug":"uchecker-troubleshooting","link":"#uchecker-troubleshooting","children":[]}]}]},{"level":2,"title":"QEMUCare","slug":"qemucare","link":"#qemucare","children":[{"level":3,"title":"How QEMUCare works","slug":"how-qemucare-works","link":"#how-qemucare-works","children":[]},{"level":3,"title":"QEMU PatchSet Deployment","slug":"qemu-patchset-deployment","link":"#qemu-patchset-deployment","children":[{"level":4,"title":"CLI to install the latest patchsets","slug":"cli-to-install-the-latest-patchsets","link":"#cli-to-install-the-latest-patchsets","children":[]},{"level":4,"title":"CLI to deploy patchset from archive","slug":"cli-to-deploy-patchset-from-archive","link":"#cli-to-deploy-patchset-from-archive","children":[]}]}]},{"level":2,"title":"Vulnerability Scanner Integration with KernelCare","slug":"vulnerability-scanner-integration-with-kernelcare","link":"#vulnerability-scanner-integration-with-kernelcare","children":[{"level":3,"title":"Easiest: Identifying correctly the effective kernel","slug":"easiest-identifying-correctly-the-effective-kernel","link":"#easiest-identifying-correctly-the-effective-kernel","children":[]},{"level":3,"title":"Comprehensive: Using OVAL data","slug":"comprehensive-using-oval-data","link":"#comprehensive-using-oval-data","children":[]},{"level":3,"title":"Comprehensive & local: Using the local CVELIST file on each scanned node","slug":"comprehensive-local-using-the-local-cvelist-file-on-each-scanned-node","link":"#comprehensive-local-using-the-local-cvelist-file-on-each-scanned-node","children":[]}]}]}');export{e as data};
diff --git a/assets/index.html-a217ad23.js b/assets/index.html-a217ad23.js
deleted file mode 100644
index b8e185ad..00000000
--- a/assets/index.html-a217ad23.js
+++ /dev/null
@@ -1,225 +0,0 @@
-import{_ as s,a as l,b as o,c as d,d as c,e as u,f as h,g as p,h as m,i as v,j as b,k as g,l as f,m as y,n as x,o as k,p as w,q as _,r as C,s as T,t as K,u as E,v as S,w as P,x as I,y as A}from"./uchecker-31d683fa.js";import{_ as L}from"./eportal-qemu-feed-7c9efdb9.js";import{_ as O,V as M,n as D,p as U,q as e,J as a,C as n,A as r,a7 as t}from"./framework-0ba8e1ea.js";const N={},Y=t(`<h1 id="kernelcare-enterprise" tabindex="-1"><a class="header-anchor" href="#kernelcare-enterprise" aria-hidden="true">#</a> KernelCare Enterprise</h1><p>KernelCare Enterprise live patching enhances your vulnerability patching program by providing live patches to the Linux kernel and, optionally, with add-ons to critical userspace components, as well as the virtualization stack.</p><p>The systems are patched according to your patch deployment policy, allowing you to customize your patch management to align with the needs of your unique environment, whether online or in an air-gapped environment. Plus, your vulnerability reports reduce in size quickly as KernelCare seamlessly integrates with all popular vulnerability scanners to give you an accurate vulnerability exposure report.</p><p>KernelCare Enterprise brings KernelCare live patching by default and the following add-ons:</p><ul><li>LibCare</li><li>QEMUCare</li></ul><p>The sections below describe KernelCare live patching and the additional add-ons in more detail.</p><h2 id="kernelcare" tabindex="-1"><a class="header-anchor" href="#kernelcare" aria-hidden="true">#</a> KernelCare</h2><h3 id="introduction" tabindex="-1"><a class="header-anchor" href="#introduction" aria-hidden="true">#</a> Introduction</h3><p>KernelCare Enterprise is a live kernel patching service that provides security patches and bugfixes for a range of popular Linux kernels that can be installed without rebooting the system</p><h3 id="benefits" tabindex="-1"><a class="header-anchor" href="#benefits" aria-hidden="true">#</a> Benefits</h3><p>Today, system administrators have to reboot a server to apply the latest kernel updates. These updates are necessary to prevent security issues. Due to downtime associated with reboots, however, such updates are often delayed, pushed into the darkest hours of the night. It is common for server owners to not update their systems for months or even years and to run vulnerable systems to avoid downtime. Managed service providers face the problem of having to schedule downtime and then updating and rebooting thousands of servers in a short period of time, straining resources. KernelCare solves this update and reboot issue by providing live kernel patching without the need for a reboot</p><h3 id="key-features" tabindex="-1"><a class="header-anchor" href="#key-features" aria-hidden="true">#</a> Key Features</h3><ul><li>Rebootless Linux Kernel Patching &amp; Custom Patching</li><li>Works On-prem &amp; in the cloud</li><li>Private patch server for gated infrastructures - ePortal</li><li>Out-of-the-box integration with patch management &amp; vulnerability assessment tools</li></ul><h3 id="getting-trial-license" tabindex="-1"><a class="header-anchor" href="#getting-trial-license" aria-hidden="true">#</a> Getting trial license</h3><p>You will need a trial activation key to be able to use the KernelCare Enterprise. The trial license subscription will work for 7 days.</p><p>If you have any issues getting activation key or if you have any questions regarding using your trial subscription – contact <a href="mailto:sales@cloudlinux.com">sales@cloudlinux.com</a> and we will help.</p><h3 id="installation" tabindex="-1"><a class="header-anchor" href="#installation" aria-hidden="true">#</a> Installation</h3><p>KernelCare Enterprise is compatible with 64-bit versions of CloudLinuxOS/CentOS 6,7, and 8, AlmaLinux/RHEL 6,7,8, and 9, Oracle Linux 6 and 7, Amazon Linux 1 and 2, Virtuozzo/PCS/OpenVZ 2.6.32, Debian 8,9 and 10, Proxmox VE 5 and 6, Virt-SIG/Xen4CentOS 6 and 7, Ubuntu 14.04, 15.04, 16.04, 18.04 and 20.04 kernels. The list of compatible kernels can be found on the following link: <a href="https://patches.kernelcare.com/" target="_blank" rel="noopener noreferrer">https://patches.kernelcare.com/</a> .</p><p>To install KernelCare Enterprise, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>curl -s -L https://kernelcare.com/installer | bash
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>or:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>wget -qq -O - https://kernelcare.com/installer | bash
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>If you are using IP-based license, nothing else required to be done.</p><p>If you are using key-based license, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ /usr/bin/kcarectl --register KEY
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p><code>KEY</code> is the registration key code string provided when you sign up for purchase or trial of the product.</p><p>If you are experiencing <strong><em>Key limit reached</em></strong> error after the end of the trial period you should first, unregister the server by running:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>kcarectl --unregister
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To check if patches applied, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ /usr/bin/kcarectl --info
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>The software will automatically check for new patches every 4 hours.</p><p>If you would like to run update manually:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ /usr/bin/kcarectl --update
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To check current kernel compatibility with KernelCare, use the following <a href="https://raw.githubusercontent.com/iseletsk/kernelchecker/master/py/kc-compat.py" target="_blank" rel="noopener noreferrer">script</a> by running:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>curl -s -L https://kernelcare.com/checker | python
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>or:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>wget -qq -O - https://kernelcare.com/checker | python
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h3 id="update" tabindex="-1"><a class="header-anchor" href="#update" aria-hidden="true">#</a> Update</h3><p>To update the agent package to the latest version use:</p><ul><li>For rpm-based distributives (CentOS, RedHat, etc):</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>yum install -y kernelcare
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ul><li>For apt-based distributives (Debian, Ubuntu, etc):</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>apt-get install kernelcare
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h3 id="uninstalling" tabindex="-1"><a class="header-anchor" href="#uninstalling" aria-hidden="true">#</a> Uninstalling</h3><p>To uninstall KernelCare Enterprise, do the the following:</p><p><em>For CloudLinux, CentOS, RHEL, Virtuozzo, OpenVZ:</em></p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ yum remove kernelcare
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p><em>For Ubuntu, Debian, Proxmox VE:</em></p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>apt-get remove kernelcare
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>dpkg --remove kernelcare
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>This will also unlink the system from its activation key (provided there is network connectivity to the CLN Portal). However, you&#39;ll need to remove the license from the CLN Portal manually if you don&#39;t plan to use the service anymore.</p><h3 id="switching-from-ksplice" tabindex="-1"><a class="header-anchor" href="#switching-from-ksplice" aria-hidden="true">#</a> Switching from Ksplice</h3><p>To switch from Ksplice to KernelCare Enterprise, use the following script that uninstalls Ksplice and installs KernelCare Enterprise instead.</p><p>It will automatically detect and abort if the system is not 64-bit (as KernelCare Enterprise doesn&#39;t support it).</p><p>It will also detects when Ksplice module cannot be uninstalled and retries multiple times.</p><p>Download the script here: <a href="https://patches.kernelcare.com/ksplice2kcare" target="_blank" rel="noopener noreferrer">https://patches.kernelcare.com/ksplice2kcare</a>.</p><p>Run the command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ bash ksplice2kcare $KERNELCARE_KEY$
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>The key can be created/retrieved in KernelCare Enterprise Keys section of CLN.</p><p>If you want to use IP based licenses, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ bash ksplice2kcare IP
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>You have to add IP license for that server, and it is just two letters: IP, not the actual IP.</p><p>By default the script will attempt 3 times to uninstall Ksplice, waiting 60 seconds in between. You can run it using <code>nohup</code> if you don&#39;t want to wait.</p><p>You can change that by editing the script and changing <code>RETRY</code> and <code>SLEEP</code> values.</p><p>The script will exit with exit code <code>0</code> and message <em>Done</em> on success. Otherwise, it will produce exit code <code>-1</code>.</p><p>Complete log file can be found at <code>/var/log/ksplice2kcare.log</code>.</p><h4 id="canonical-livepatch" tabindex="-1"><a class="header-anchor" href="#canonical-livepatch" aria-hidden="true">#</a> Canonical Livepatch</h4><p>KernelCare Enterprise is not compatible with Canonical Livepatch and should not be used on the same system.</p><h3 id="basic-management" tabindex="-1"><a class="header-anchor" href="#basic-management" aria-hidden="true">#</a> Basic management</h3><p>To disable automatic updates, edit the file <code>/etc/sysconfig/kcare/kcare.conf</code></p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>AUTO_UPDATE=False 
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To check the updated (&#39;effective&#39;) version, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ /usr/bin/kcarectl --uname 
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>We provide convenience script <code>/usr/bin/kcare-uname</code> that has same syntax as <code>uname</code>.</p><p>To see applied patches, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ /usr/bin/kcarectl --patch-info 
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h3 id="command-line-tools" tabindex="-1"><a class="header-anchor" href="#command-line-tools" aria-hidden="true">#</a> Command line tools</h3><p><code>/usr/bin/kcarectl</code> - Manage KernelCare Enterprise patches for your kernel.</p><p><code>/usr/bin/kcare-uname</code> - Print certain system information.</p><h4 id="kcarectl" tabindex="-1"><a class="header-anchor" href="#kcarectl" aria-hidden="true">#</a> kcarectl</h4>`,80),R=e("thead",null,[e("tr",null,[e("th"),e("th")])],-1),F=e("tr",null,[e("td",null,[e("code",null,"-i, --info")]),e("td",null,"Display information about patches installed by KernelCare Enterprise.")],-1),q=e("tr",null,[e("td",null,[e("code",null,"-u, --update ")]),e("td",null,"Download latest patches, and apply them to current kernel.")],-1),H=e("td",null,[e("code",null,"--smart-update [since 1.6] ")],-1),z=e("tr",null,[e("td",null,[e("code",null,"--unload")]),e("td",null,"Unload patches.")],-1),$=e("tr",null,[e("td",null,[e("code",null,"--auto-update")]),e("td",null,"Check if update is needed and update.")],-1),V=e("tr",null,[e("td",null,[e("code",null,"--patch-info")]),e("td",null,"Lists applied patches.")],-1),Q=e("tr",null,[e("td",null,[e("code",null,"--status")]),e("td",null,[a("Return a status of an update. Refer to the exit code: "),e("code",null,"0"),a(" - host is updated to latest patch level, "),e("code",null,"1"),a(" - there are no applied patches, "),e("code",null,"2"),a(" - there are new not applied patches, "),e("code",null,"3"),a(" - kernel is unsupported")])],-1),B=e("tr",null,[e("td",null,[e("code",null,"--force [since 2.3] ")]),e("td",null,"When used with update, forces applying the patch even if unable to freeze some threads.")],-1),G=e("tr",null,[e("td",null,[e("code",null,"--uname")]),e("td",null,"Prints safe kernel version.")],-1),W=e("tr",null,[e("td",null,[e("code",null,"--license-info")]),e("td",null,"Output current license info.")],-1),X=e("tr",null,[e("td",null,[e("code",null,"--register KEY")]),e("td",null,"Register using KernelCare Enterprise Key.")],-1),j=e("tr",null,[e("td",null,[e("code",null,"--register-autoretry [since 2.5]")]),e("td",null,"If registration fails retries registration indefinitely.")],-1),Z=e("tr",null,[e("td",null,[e("code",null,"--unregister")]),e("td",null,"Unregister from KernelCare Enterprise for Key based servers.")],-1),J=e("tr",null,[e("td",null,[e("code",null,"--userspace-update [PATCHES]")]),e("td",null,"Download latest patches and apply them to the corresponding userspace processes. Сan be set so that only certain types of patches are applied.")],-1),ee=e("tr",null,[e("td",null,[e("code",null,"--test")]),e("td",null,"Try test builds instead of production builds (deprecated, use --prefix=test instead).")],-1),ae=e("tr",null,[e("td",null,[e("code",null,"--prefix")]),e("td",null,"Patch source prefix, used to test different builds, by downloading builds from a different location, based on prefix (v2.2+)")],-1),te=e("tr",null,[e("td",null,[e("code",null,"--version")]),e("td",null,"Print KernelCare Enterprise version.")],-1),ie=e("tr",null,[e("td",null,[e("code",null,"--import-key PATH")]),e("td",null,"Import gpg key.")],-1),ne=e("tr",null,[e("td",null,[e("code",null,"--set-monitoring-key")]),e("td",null,"Set monitoring key for IP based licenses. 16 to 32 characters, alphanumeric only [version 2.1+]")],-1),re=e("tr",null,[e("td",null,[e("code",null,"--freezer [since 2.3] ")]),e("td",null,"none: don't freeze any threads; full: freeze all threads; smart: freezes only threads that need to be frozen for patching. If option is not selected, best freezer method is chosen automatically.")],-1),se=e("tr",null,[e("td",null,[e("code",null,"--check [since 2.4-1]")]),e("td",null,"Check if new patchset is available, without updating. Exit code 0 means there is a new kernel. 1 when there is no new kernel.")],-1),le=e("tr",null,[e("td",null,[e("code",null,"--doctor [since 2.6]")]),e("td",null,"Send a report to the TuxCare support staff for diagnostics.")],-1),oe=e("tr",null,[e("td",null,[e("code",null,"--set-patch-type extra ")]),e("td",null,"To enable extra patches.")],-1),de=e("tr",null,[e("td",null,[e("code",null,"--set-patch-type free")]),e("td",null,"To enable free patches.")],-1),ce=e("td",null,[e("code",null,"--set-sticky-patch SET_STICKY_PATCH")],-1),ue=e("tr",null,[e("td",null,[e("code",null,"--tag COMMAND")]),e("td",null,[a("Adds an extra "),e("em",null,"Tag"),a(" field for a server. COMMAND is a user-defined parameter.")])],-1),he=t(`<div class="tip custom-block"><p class="custom-block-title">Note</p><p>Currenlty available userspace patch types are <code>libs</code> and <code>qemu</code>. To apply patches only for shared libraries, use <code>--userspace-update libs</code>.</p></div><h4 id="kcare-uname" tabindex="-1"><a class="header-anchor" href="#kcare-uname" aria-hidden="true">#</a> kcare-uname</h4><p>Print certain system information. With no OPTION, same as <code>-s</code>.</p><table><thead><tr><th></th><th></th></tr></thead><tbody><tr><td><code>-a, --all</code></td><td>print all information in the following order, except omit <code>-p</code> and <code>-i</code> if unknown</td></tr><tr><td><code>-s, --kernel-name</code></td><td>print the kernel name</td></tr><tr><td><code>-n, --nodename</code></td><td>print the network node hostname</td></tr><tr><td><code>-r, --kernel-release</code></td><td>print the kernel release</td></tr><tr><td><code>-v, --kernel-version</code></td><td>print the kernel version</td></tr><tr><td><code>-m, --machine</code></td><td>print the machine hardware name</td></tr><tr><td><code>-p, --processor</code></td><td>print the processor type or <code>unknown</code></td></tr><tr><td><code>-i, --hardware-platform</code></td><td>print the hardware platform or <code>unknown</code></td></tr><tr><td><code>-o, --operating-system</code></td><td>print the operating system</td></tr><tr><td><code>--help</code></td><td>display this help and exit</td></tr><tr><td><code>--version</code></td><td>output version information and exit</td></tr></tbody></table><h4 id="kernelcare-doctor" tabindex="-1"><a class="header-anchor" href="#kernelcare-doctor" aria-hidden="true">#</a> kernelcare doctor</h4><p>This tool collects essential information about the KernelCare environment and sends it to the support team.</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --doctor
-Generating report...
-Uploading...
-Key: FRWf74Zw11111111.83991334-1111-1111-1111-681ddd653e5f
-Please, provide above mentioned key to KernelCare Support Team
-
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>The command generates a report and prints out the ID which could be linked to a support ticket.</p><div class="tip custom-block"><p class="custom-block-title">Note</p><p>If there was some connection problem during report uploading, the report will be stored locally as <code>/root/cl-report</code>. This file should be sent to the support team manually.</p></div><h3 id="config-options" tabindex="-1"><a class="header-anchor" href="#config-options" aria-hidden="true">#</a> Config options</h3><p>A <code>kcarectl</code> behavior can be configured using <code>/etc/sysconfig/kcare/kcare.conf</code></p>`,11),pe=e("thead",null,[e("tr",null,[e("th"),e("th")])],-1),me=e("tr",null,[e("td",null,[e("code",null,"AUTO_UPDATE=YES|NO")]),e("td",null,[e("code",null,"YES"),a(" - enable auto-update; "),e("code",null,"NO"),a(" - disable auto-update.")])],-1),ve=e("tr",null,[e("td",null,[e("code",null,"PATCH_METHOD=normal|nofreeze|smart")]),e("td",null,[e("code",null,"Normal"),a(" - (default) use freezer;"),e("br"),e("code",null,"Nofreeze"),a(" - don't use freezer to freeze processes;"),e("br"),a(),e("code",null,"Smart"),a(" - smart freezer freezes only threads that need to be frozen for patching [kernelcare 2.3+].")])],-1),be=e("tr",null,[e("td",null,[e("code",null,"PATCH_SERVER")]),e("td",null,"Server to use to download patches.")],-1),ge=e("tr",null,[e("td",null,[e("code",null,"REGISTRATION_URL")]),e("td",null,"Licensing server.")],-1),fe=e("tr",null,[e("td",null,[e("code",null,"PREFIX=prefix")]),e("td",null,"Patch source prefix, used to test different builds, by downloading builds from a different location, based on prefix [kernelcare 2.2+]")],-1),ye=e("tr",null,[e("td",null,[e("code",null,"UPDATE_POLICY=REMOTE|LOCAL|LOCAL_FIRST")]),e("td",null,[a("Depending on the policy, on server startup, use:"),e("br"),e("code",null,"REMOTE"),a(" - (default) patches from patch server."),e("br"),e("code",null,"LOCAL"),a(" - only locally cached patches, if none cached (caching is done automatically) - do nothing."),e("br"),e("code",null,"LOCAL_FIRST"),a(" - see if locally cached patches exist, and load them. If not, try getting them from remote server.")])],-1),xe=e("tr",null,[e("td",null,[e("code",null,"IGNORE_UNKNOWN_KERNEL=True|False")]),e("td",null,"Don't provide notification if unknown kernel on auto-update. [kernelcare 2.5+]")],-1),ke=e("tr",null,[e("td",null,[e("code",null,"LOAD_KCARE_SYSCTL")]),e("td",null,[a("Controls if "),e("code",null,"/etc/sysconfig/kcare/sysctl.conf"),a(" will be loaded on patchset load. True by default. [kernelcare 2.7+]")])],-1),we=e("tr",null,[e("td",null,[e("code",null,"STICKY_PATCH=KEY")]),e("td",null,[a("Retrieve sticky patch from "),e("code",null,"KEY"),a(" (see CLN, Key Edit); not supported for IP based servers or ePortal.")])],-1),_e=e("td",null,[e("code",null,"STICKY_PATCH=DDMMYY")],-1),Ce=e("tr",null,[e("td",null,[e("code",null,"[AUTO_]UPDATE_DELAY=<num>h|<num>d")]),e("td",null,[a("Use patchsets not newer than specified time. For example "),e("code",null,"24h"),a(" or "),e("code",null,"2d"),a(". "),e("code",null,"AUTO_UPDATE_DELAY"),a(" works for "),e("code",null,"auto"),a(" and "),e("code",null,"smart"),a(" modes. "),e("code",null,"UPDATE_DELAY"),a(" works for all modes. [kernelcare 2.82+]")])],-1),Te=e("tr",null,[e("td",null,[e("code",null,"[AUTO_]STICKY_PATCHSET=<patchset>")]),e("td",null,[a("Use patchsets not newer than specified value. For example "),e("code",null,"K20230908_02"),a(". "),e("code",null,"AUTO_STICKY_PATCHSET"),a(" works for "),e("code",null,"auto"),a(" and "),e("code",null,"smart"),a(" modes. "),e("code",null,"STICKY_PATCHSET"),a(" works for all modes. [kernelcare 2.82+]")])],-1),Ke=e("tr",null,[e("td",null,[e("code",null,"REPORT_FQDN=True|False")]),e("td",null,"Force using Fully Qualified Domain as a hostname. False by default.")],-1),Ee=e("tr",null,[e("td",null,[e("code",null,"FORCE_GID=N")]),e("td",null,[a("Use this group ID for symlink protection patch. By default, it's 48 (default Apache user GID) or 99 ("),e("code",null,"nobody"),a(" user)")])],-1),Se=e("tr",null,[e("td",null,[e("code",null,"USERSPACE_PATCHES=libs,qemu")]),e("td",null,"Define which userspace patches will be applyed by default")],-1),Pe=t(`<h3 id="disabling-some-patches" tabindex="-1"><a class="header-anchor" href="#disabling-some-patches" aria-hidden="true">#</a> Disabling some patches</h3><p>Some patches might affect the work of the system, and we created a way to disable them.</p><p>This is done via the <code>sysctl</code> command.</p><p>When new patchset loads, KernelCare Enterprise sysctl options get reset. To prevent that we added a file:</p><p><code>/etc/sysconfig/kcare/sysctl.conf</code></p><p>Options in this file will be loaded automatically on new patchset load.</p><p>To disable loading this options, specify:</p><p><code>LOAD_KCARE_SYSCTL=0</code> in <code>/etc/sysconfig/kcare/kcare.conf</code></p><p>To disable the patch, set the corresponding kcare option to <code>1</code>.</p><p>Patches that can be disabled:</p><table><thead><tr><th></th><th></th></tr></thead><tbody><tr><td>Patch</td><td><em>sysctl</em> option</td></tr><tr><td>CVE-2015-5157</td><td>kcare_modify_ldt</td></tr></tbody></table><h3 id="extra-patchset" tabindex="-1"><a class="header-anchor" href="#extra-patchset" aria-hidden="true">#</a> Extra patchset</h3><div class="tip custom-block"><p class="custom-block-title">Note</p><p>KernelCare Enterprise 2.12-5 or higher</p></div><p>KernelCare Enterprise Extra patchset includes all the security fixes from KernelCare Enterprise for AlmaLinux, CentOS 6, CentOS 7, and CentOS 8 as well as symlink protection and IPSet bugfix for CentOS 6.</p><p>To enable extra patches and apply patch, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>kcarectl --set-patch-type extra --update
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To enable extra patches without update, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>kcarectl --set-patch-type extra
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>The ‘extra’ patch will be applied on the next automatic update.</p><p>To see details, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>kcarectl --patch-info
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>You should see something similar to:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>OS: centos6
-kernel: kernel-2.6.32-696.6.3.el6
-time: 2017-07-31 22:46:22
-uname: 2.6.32-696.6.3.el6
- 
-kpatch-name: 2.6.32/symlink-protection.patch
-kpatch-description: symlink protection // If you see this patch, it mean that you can enable symlink protection.
-kpatch-kernel: kernel-2.6.32-279.2.1.el6
-kpatch-cve: N/A
-kpatch-cvss: N/A
-kpatch-cve-url: N/A
-kpatch-patch-url: https://gerrit.cloudlinux.com/#/c/16508/
- 
-kpatch-name: 2.6.32/symlink-protection.kpatch-1.patch
-kpatch-description: symlink protection (kpatch adaptation)
-kpatch-kernel: kernel-2.6.32-279.2.1.el6
-kpatch-cve: N/A
-kpatch-cvss: N/A
-kpatch-cve-url: N/A
-kpatch-patch-url: https://gerrit.cloudlinux.com/#/c/16508/
- 
-kpatch-name: 2.6.32/ipset-fix-list-shrinking.patch
-kpatch-description: fix ipset list shrinking for no reason
-kpatch-kernel: N/A
-kpatch-cve: N/A
-kpatch-cvss: N/A
-kpatch-cve-url: N/A
-kpatch-patch-url: https://bugs.centos.org/view.php?id=13499
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>To enable Symlink Owner Match Protection, add the following line:</p><p><code>fs.enforce_symlinksifowner=1</code></p><p>to <code>/etc/sysconfig/kcare/sysctl.conf</code>.</p><p>And run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>sysctl -w fs.enforce_symlinksifowner=1
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h3 id="sticky-patches" tabindex="-1"><a class="header-anchor" href="#sticky-patches" aria-hidden="true">#</a> Sticky patches</h3>`,29),Ie={class:"tip custom-block"},Ae=e("p",{class:"custom-block-title"},"Note",-1),Le=t('<div class="tip custom-block"><p class="custom-block-title">Note</p><p>Since v2.82 there is more convenient way to specify latest available release via <code>[AUTO_]STICKY_PATCHSET</code> and <code>[AUTO_]UPDATE_DELAY</code> configuration options. It also works with recent ePortal versions (v2.3+).</p></div><p>Sometimes you don&#39;t want to use the latest patches, but you&#39;d like to control which patches are get installed instead. For example, you have tested the patch released on 25th of May 2018 and want to use that patch across all servers.</p><p>You can do it by setting <code>STICKY_PATCH=25052018</code> (DDMMYY format, ISO YYYY-MM-DD is also valid) in <code>/etc/sysconfig/kcare/kcare.conf</code> This guarantees that when <code>kcarectl --update</code> or <code>kcarectl --auto-update</code> is called, you will get patches from that date and not the newest patches.</p><p>Alternatively, you can set <code>STICKY_PATCH=KEY</code> This way you can control the date from which patches will be applied using KernelCare keys in CLN. On update, the actual date will be retrieved from CLN (from Key settings) for the key used to register a particular server (not supported for IP based servers).</p><p>This is very useful if you want to test patches in QA first and later roll them out to production without doing any changes on the systems.</p><p>Here is how you can do that:</p><ul><li>Set <code>STICKY_PATCH=KEY</code> on all your servers.</li><li>Register QA servers with one KEY, and Production servers with ANOTHER key.</li><li>Then, stop new updates for Production servers. In CLN set <code>Sticky Tag</code> to <code>yesterday</code>. You can do it by editing KEY in CLN in DDMMYY format.</li><li>Now, for example, let&#39;s use patches as of 03052018 (DDMMYY format). Set them for your QA server key. On the next auto-update, your QA servers will get those patches (auto-updates are typically every 4 hours).</li></ul><p>Once you are happy with this patches, set the same Sticky Tag for Production servers key. In 4 hours your production servers should be updated to the same patches that QA servers were.</p><h4 id="how-to-find-a-proper-sticky-patch-name" tabindex="-1"><a class="header-anchor" href="#how-to-find-a-proper-sticky-patch-name" aria-hidden="true">#</a> How to find a proper sticky patch name</h4><p>Let&#39;s assume that you have some kernel patch that you want to &quot;stick&quot; with. All you need is to find a proper label for that patch.</p><p><img src="'+s+'" alt="sticky-proper-label"></p><p>As you can see, the patch was released at 2020-09-16. And if apply label&#39;s date format, it becomes <code>16092020</code> that will be the sticky patch value.</p><h3 id="scanning-for-vulnerabilities" tabindex="-1"><a class="header-anchor" href="#scanning-for-vulnerabilities" aria-hidden="true">#</a> Scanning for vulnerabilities</h3><p>Identifying the vulnerabilities that apply to your systems is an important task for IT and InfoSec teams, and at TuxCare we make it easy. KernelCare live patching is integrated natively with vulnerability scanners including Tenable Nessus, Qualys, Rapid7 and many others.</p><div class="tip custom-block"><p class="custom-block-title">Note</p><p>A generic integration that works with any vulnerability scanner is available for environments that native integration may not be sufficient. Contact your account manager or <a href="mailto:sales@tuxcare.com">sales@tuxcare.com</a> for more information.</p></div><h4 id="how-to-use-a-vulnerability-scanner-with-kernelcare" tabindex="-1"><a class="header-anchor" href="#how-to-use-a-vulnerability-scanner-with-kernelcare" aria-hidden="true">#</a> How to use a vulnerability scanner with KernelCare</h4><p>It’s rather simple. New scan results after installing a package and applying a patchset should not show any kernel CVEs that are handled by KernelCare Enterprise.</p><p>For example, Nessus for an old kernel shows a bunch of detected CVEs:</p><p><img src="'+l+'" alt=""></p><p>After the live patches were applied, there are no kernel-related CVEs:</p><p><img src="'+o+`" alt=""></p><h4 id="how-use-openscap-with-kernelcare" tabindex="-1"><a class="header-anchor" href="#how-use-openscap-with-kernelcare" aria-hidden="true">#</a> How use OpenSCAP with KernelCare</h4><p>OpenSCAP is an open source vulnerability scanner and compliance tool and it can be used to scan a system protected by KernelCare Enterprise. The following commands show how to use OpenSCAP to produce a vulnerability report for a system.</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ source /etc/os-release
-$ wget https://patches.kernelcare.com/oval/com.kernelcare.\${ID}.\${VERSION_ID}.xml
-$ oscap oval eval --report report.htm com.kernelcare.\${ID}.\${VERSION_ID}.xml
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><h4 id="how-to-natively-integrate-kernelcare-with-a-vulnerability-scanner" tabindex="-1"><a class="header-anchor" href="#how-to-natively-integrate-kernelcare-with-a-vulnerability-scanner" aria-hidden="true">#</a> How to natively integrate KernelCare with a vulnerability scanner</h4><div class="tip custom-block"><p class="custom-block-title">Note</p><p>These instructions are intended for integrators with 3rd party vulnerability scanners.</p></div><p>There are two ways for a vulnerability scanner to integrate with KernelCare live patching.</p><h4 id="integrate-via-oval-data" tabindex="-1"><a class="header-anchor" href="#integrate-via-oval-data" aria-hidden="true">#</a> Integrate via OVAL data</h4><p>KernelCare comes with OVAL data that provide the instructions to the scanner to identify the vulnerabilities that are addressed by the installed live patches. OVAL data are available for the operating systems supported by KernelCare Enterprise, including AlmaLinux, Red Hat Enterprise Linux, Oracle Linux, CentOS, Debian and Ubuntu.</p><p>The OVAL data cover all KernelCare enterprise products and add-ons including LibCare, and QEMUCare.</p><p>The OVAL data for KernelCare live patching are available at <a href="https://patches.kernelcare.com/oval/" target="_blank" rel="noopener noreferrer">patches.kernelcare.com/oval</a>.</p><h4 id="integrate-using-files" tabindex="-1"><a class="header-anchor" href="#integrate-using-files" aria-hidden="true">#</a> Integrate using files</h4><p>KernelCare provides two files that list the vulnerabilities that are addressed by the currently installed live patches. These files contain a list of CVEs separated by a newline.</p><p>The list of vulnerabilities addressed by Kernel live patches is available at:</p><ul><li><code>/proc/kcare/cvelist</code></li></ul><p>The list of vulnerabilities addressed by system live patching (LibCare, QEMUCare etc.) is available at:</p><ul><li><code>/var/cache/kcare/libcare_cvelist</code></li></ul><h3 id="uefi-secure-boot-support" tabindex="-1"><a class="header-anchor" href="#uefi-secure-boot-support" aria-hidden="true">#</a> UEFI Secure Boot Support</h3><div class="tip custom-block"><p class="custom-block-title">Note</p><p>This feature is an early stage of adoption. Not all the distribution will be able to support.</p></div><p>This new functionality lets KernelCare work on systems with secure boot set up in their UEFI firmware. We are going to add a public certificate to the MOK (Machine Owner Keys) database that KernelCare will use to sign modules.</p><p>The latest KernelCare package contains a public certificate and will be available in the <code>/usr/libexec/kcare/kernelcare_pub.der</code>. For older versions, it could be downloaded from the <a href="https://patches.kernelcare.com/kernelcare_pub.der" target="_blank" rel="noopener noreferrer">https://patches.kernelcare.com/kernelcare_pub.der</a> to that location.</p><p>For example:</p><div class="language-bash line-numbers-mode" data-ext="sh"><pre class="language-bash"><code>curl -o /usr/libexec/kcare/kernelcare_pub.der https://patches.kernelcare.com/kernelcare_pub.der
-
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ol><li>Use <code>mokutil</code> as root to add this new MOK to the UEFI firmware.</li></ol><div class="language-bash line-numbers-mode" data-ext="sh"><pre class="language-bash"><code>$ mokutil --import /usr/libexec/kcare/kernelcare_pub.der
- input password:
- input password again:
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>It doesn&#39;t have a MOK password, and <code>mokutil</code> will ask you to create one. The password is temporary and will be used on the next boot.</p><ol start="2"><li>Reboot your machine to enter the MOK manager EFI utility.</li></ol><p>First, go down to the &#39;Enroll Mok&#39;:</p><p><img src="`+d+'" alt="alt text" title="Select Enroll MOK"></p><p>Then the firmware gives you the option of viewing the new MOK or continuing. Let&#39;s continue.</p><p><img src="'+c+'" alt="alt text" title="Select Continue"></p><p>It then asks you to confirm the enrollment.</p><p><img src="'+u+'" alt="alt text" title="Select Yes"></p><p>Then you will need to enter the password you used when running <code>mokutil --import</code>.</p><p><img src="'+h+'" alt="alt text" title="Enter the password"></p><p>Finally, the firmware will ask you to reboot.</p><p><img src="'+p+`" alt="alt text" title="Select OK"></p><ol start="3"><li>Verify the key has been loaded by finding it in the output of the following command:</li></ol><div class="language-bash line-numbers-mode" data-ext="sh"><pre class="language-bash"><code>$ mokutil --list-enrolled | egrep -i &#39;SHA1|Issuer&#39;
-
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>In some cases the enrolled key will not be shown but could be verified by the following command:</p><div class="language-bash line-numbers-mode" data-ext="sh"><pre class="language-bash"><code>$ dmesg | grep -i &#39;cloud linux&#39; 
-[   0.722149] EFI: Loaded cert &#39;Cloud Linux Software, Inc: Kernel Module Signing Key: 12ff0613c0f80cfba3b2f8eba71ebc27c5a76170&#39; linked to &#39;.system_keyring&#39;
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>That&#39;s it. Now you should be able to apply patches as usual.</p><p>To get more information about signing kernel modules for secure boot, see <a href="https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/managing_monitoring_and_updating_the_kernel/signing-kernel-modules-for-secure-boot_managing-monitoring-and-updating-the-kernel" target="_blank" rel="noopener noreferrer">https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/managing_monitoring_and_updating_the_kernel/signing-kernel-modules-for-secure-boot_managing-monitoring-and-updating-the-kernel</a>.</p><h3 id="live-patching-and-fips-compliance" tabindex="-1"><a class="header-anchor" href="#live-patching-and-fips-compliance" aria-hidden="true">#</a> Live patching and FIPS compliance</h3><p>The FIPS-140 certification of a Linux kernel validates that the cryptography contained within a Linux kernel complies with the US government FIPS-140 data protection standard. Meaning that algorithms like AES, the random generator and other cryptographic aspects of the kernel are implemented as the standard defines.</p><p>At the same time the certification is a lengthy process –a typical validation can take almost a year– and for that reason only some of each vendor’s kernels are validated. That is because vendors release new kernels with security and feature updates on a regular cadence some as often as weekly, irrespective of their FIPS validation status. This means users of FIPS validated kernels need to choose between: (a) strict compliance by staying on the same kernel without updating until the next validated kernel is available and (b) reducing their security risk by installing new kernels with security updates even if they are not validated. The same story applies to the vendor’s live patching solutions.</p><p>With KernelCare Enterprise it is possible to live patch FIPS-140 validated Linux kernels, for example at the Red Hat Enterprise Linux operating system. The live patches applied to these kernels, in this example, consist of the same RHEL kernel patches but are limited to the ones addressing security vulnerabilities. That way, a live patched kernel contains the same security fixes as a vendor update without any feature or bug-fix updates, e.g., updates that may change the cryptographic subsystem for performance or other non-security related reasons.</p><p><strong>In this way, security-conscious users of FIPS-validated Linux kernels that today apply their vendor&#39;s security patches can rely on KernelCare live patching the same way they do with their vendor&#39;s security updates</strong>. Furthermore, KernelCare live patching applies the minimum possible updates to the validated kernel by explicitly excluding any non-security updates.</p><h3 id="firewall-and-proxy-settings" tabindex="-1"><a class="header-anchor" href="#firewall-and-proxy-settings" aria-hidden="true">#</a> Firewall and Proxy Settings</h3><h4 id="patching-servers-through-firewall" tabindex="-1"><a class="header-anchor" href="#patching-servers-through-firewall" aria-hidden="true">#</a> Patching servers through firewall</h4><p>As long as your servers have access to the Internet, even behind NAT — you will be able to use KernelCare patch server without any problems.</p><p>Generally, KernelCare requires connection to only two servers for a proper work:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>cln.cloudlinux.com
-patches.kernelcare.com
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>An additional address is used for KernelCare agent installation/update:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>repo.cloudlinux.com
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p><img src="`+m+`" alt=""></p><h4 id="patching-servers-through-proxy" tabindex="-1"><a class="header-anchor" href="#patching-servers-through-proxy" aria-hidden="true">#</a> Patching servers through proxy</h4><p>If your servers don&#39;t have direct Internet access but can gain access to the Internet using proxy, the configuration is not that different. KernelCare can pick up standard environment variables for a proxy.</p><p>Make sure you have environment settings for proxy setup, and everything else will be the same as if servers were directly connected to the Internet:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># export http_proxy=http://proxy.domain.com:port
-# export https_proxy=http://proxy.domain.com:port
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><div class="tip custom-block"><p class="custom-block-title">Note</p><p>Settings defined by <code>export</code> are case-insensitive, so the example above could be as follows:</p></div><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># export HTTP_PROXY=http://proxy.domain.com:port
-# export HTTPS_PROXY=http://proxy.domain.com:port
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>You can define these settings in the KernelCare config <code>/etc/sysconfig/kcare/kcare.conf</code>.</p><p>Example:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ cat /etc/sysconfig/kcare/kcare.conf
-AUTO_UPDATE=True
-HTTPS_PROXY=http://myproxy.com:59794
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>If you define these settings in the config, you don&#39;t need to export them each <code>kcarectl</code> launch and don&#39;t need to edit cron jobs.</p><p>All <code>kcarectl</code> launches will be aware of proxy settings from the config. In this case, you need to set proxy settings only once.</p><p><img src="`+v+'" alt=""></p><h3 id="kernelcare-on-aws-–-deployment-user-guide" tabindex="-1"><a class="header-anchor" href="#kernelcare-on-aws-–-deployment-user-guide" aria-hidden="true">#</a> KernelCare on AWS – Deployment User Guide</h3><h4 id="introductory-material" tabindex="-1"><a class="header-anchor" href="#introductory-material" aria-hidden="true">#</a> Introductory Material</h4><h4 id="introduction-1" tabindex="-1"><a class="header-anchor" href="#introduction-1" aria-hidden="true">#</a> Introduction</h4><p>The Linux kernel is the most important piece of software on your server, as a security flaw in it can expose all of your services and customers&#39; data. KernelCare is a technology that allows you to keep the Linux kernel safe at all times, automatically, without ever having to stop the server and rebooting it causing downtime and inconvenient scheduling of maintenance windows. This improves availability, security, stability, operation costs, and customer satisfaction. It works with almost all mainstream distributions of Linux. It is simple, fast, and very easy to deploy while being able to handle very complex patches and customized kernels if you need them.</p><h4 id="prerequisites-and-requirements" tabindex="-1"><a class="header-anchor" href="#prerequisites-and-requirements" aria-hidden="true">#</a> Prerequisites and Requirements</h4><p>KernelCare can be installed on any x86_64 compatible server or VM running one of the following distribution:</p><ul><li>Amazon Linux 1, 2</li><li>CentOS 6, 7, Xen4CentOS, CentOS-Plus, ElRepo</li><li>CloudLinux 6, 7</li><li>Debian 7, 8, 9, 8-backports</li><li>Oracle Linux 6, 7</li><li>ProxmoxVE 3,4,5</li><li>RedHat EL 6, 7</li><li>Ubuntu 14.04, 16.04, 18.04</li><li>Virtuozzo 6</li></ul><p>The exact list of compatible kernels can be found on the following link: <a href="https://patches.kernelcare.com/" target="_blank" rel="noopener noreferrer">https://patches.kernelcare.com/</a>.</p><p>Standard OS kernels are required in most cases unless the custom kernel is supported.</p><p>The software can be installed on the running server and doesn&#39;t require a reboot.</p><p>Basic Linux skills are sufficient to deploy KernelCare on AWS. Simple deployments involve just an EC2 instance. KernelCare is available as BYOL model. You need to register in our <a href="https://cln.cloudlinux.com" target="_blank" rel="noopener noreferrer">customer portal</a> to get the trial license. Once you get the trial license, you need to register your running EC2 instance with the activation key.</p><h4 id="architecture-diagrams" tabindex="-1"><a class="header-anchor" href="#architecture-diagrams" aria-hidden="true">#</a> Architecture Diagrams</h4><p>As long as your servers have access to the Internet, even behind NAT – you will be able to use KernelCare patch server without any problems.</p><p>Generally, KernelCare requires HTTPS connection to two servers for the proper work:</p><ul><li>cln.cloudlinux.com</li><li>patches.kernelcare.com</li></ul><p><img src="'+b+'" alt=""></p><p>If your servers don&#39;t have direct Internet access but can gain access to the Internet using proxy, the configuration is not that different. KernelCare can pick up standard environment variables for proxy.</p><p><img src="'+g+`" alt=""></p><p>Make sure you have environment settings for proxy setup, and everything else will be the same as if the servers were directly connected to the Internet:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># export http_proxy=http://proxy.domain.com:port
-# export https_proxy=http://proxy.domain.com:port
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><h4 id="planning-guidance" tabindex="-1"><a class="header-anchor" href="#planning-guidance" aria-hidden="true">#</a> Planning Guidance</h4><h4 id="security" tabindex="-1"><a class="header-anchor" href="#security" aria-hidden="true">#</a> Security</h4><p>The only thing you need to be able to install/control you KernelCare deployment is SSH access (root credentials, key-based authentication/sudo or similar mechanisms are preferred).</p><h4 id="costs" tabindex="-1"><a class="header-anchor" href="#costs" aria-hidden="true">#</a> Costs</h4><p>KernelCare is billed as a subscription service – you can find more details in the table below.</p><table><thead><tr><th><strong>License Volume</strong></th><th><strong>Monthly Price</strong></th><th><strong>Annual Price</strong></th></tr></thead><tbody><tr><td>1</td><td>$3.95</td><td>$45</td></tr><tr><td>2-49</td><td>$2.95</td><td>$33</td></tr><tr><td>50-499</td><td>$2.55</td><td>$28</td></tr><tr><td>500+</td><td>$2.25</td><td>$25</td></tr></tbody></table><h4 id="sizing" tabindex="-1"><a class="header-anchor" href="#sizing" aria-hidden="true">#</a> Sizing</h4><p>KernelCare agent has a tiny RAM footprint – binary patches usually require less than 1 MB.</p><h4 id="deployment-guidance" tabindex="-1"><a class="header-anchor" href="#deployment-guidance" aria-hidden="true">#</a> Deployment Guidance</h4><h4 id="deployment-assets" tabindex="-1"><a class="header-anchor" href="#deployment-assets" aria-hidden="true">#</a> Deployment Assets</h4><p>To install KernelCare, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>curl -s -L https://kernelcare.com/installer | bash
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>or:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>wget -qq -O - https://kernelcare.com/installer | bash
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>If you are using IP-based license, nothing else required to be done. If you are using key-based license, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ /usr/bin/kcarectl --register KEY
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p><code>KEY</code> is the registration key code string provided when you sign up for purchase or trial of the product.</p><p>You can easily automate KernelCare deployment with Ansible, Puppet, Chef or other automation tools. Here are the steps that may be automated:</p><ol><li>Distribute KernelCare agent package (optional – required only for servers with no access to the Internet) and a KernelCare agent configuration file (<code>/etc/sysconfig/kcare/kcare.conf</code>).</li><li>Set required environmental variables (optional).</li><li>Install KernelCare agent from either locally available package or central KernelCare download location.</li><li>Register KernelCare with either license key or IP-based license.</li></ol><h4 id="operational-guidance" tabindex="-1"><a class="header-anchor" href="#operational-guidance" aria-hidden="true">#</a> Operational Guidance</h4><h4 id="health-check" tabindex="-1"><a class="header-anchor" href="#health-check" aria-hidden="true">#</a> Health Check</h4><p>Systems protected by KernelCare can be monitored by means of CloudLinux Network (CLN) portal available at <a href="https://cln.cloudlinux.com" target="_blank" rel="noopener noreferrer">https://cln.cloudlinux.com</a>. Registered KernelCare installations are grouped by license keys. Kernels that are marked with exclamation sign in <span style="color:#E76930;">amber</span> do not have the latest patches installed.</p><p><img src="`+f+`" alt=""></p><p>In either case, you can check whether the latest available patch has been applied by running the following command on a system protected by KernelCare:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ /usr/bin/kcarectl --check
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h4 id="backup-and-recovery" tabindex="-1"><a class="header-anchor" href="#backup-and-recovery" aria-hidden="true">#</a> Backup and Recovery</h4><p>There is no reason to backup KernelCare. KernelCare doesn&#39;t store any data. You can always re-install and re-register KernelCare. To backup the configuration file of KernelCare if you have modified it, backup the <code>/etc/sysconfig/kcare/</code> folder.</p><h4 id="routine-maintenance" tabindex="-1"><a class="header-anchor" href="#routine-maintenance" aria-hidden="true">#</a> Routine Maintenance</h4><p>KernelCare is packaged in RPM/DEB packages (depending on Linux distribution) and will update any time system packages are updated. No additional maintenance is needed.</p><h4 id="emergency-maintenance" tabindex="-1"><a class="header-anchor" href="#emergency-maintenance" aria-hidden="true">#</a> Emergency Maintenance</h4><p>If one of your instances degraded, once you start another instance based on EBS or snapshot – KernelCare will continue working as before, no additional work is needed. If you set up a new server instead, re-register KernelCare on the new server. If you decide to uninstall patches, run command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --unload
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>or complete remove <em>kernelcare</em> package by running the following command:</p><ul><li>on RPM-based systems<div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># rpm -e kernelcare
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div></li></ul><p>or</p><ul><li>on DEB-based systems<div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># dpkg --remove kernelcare
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div></li></ul><h4 id="patch-feed-advanced-options" tabindex="-1"><a class="header-anchor" href="#patch-feed-advanced-options" aria-hidden="true">#</a> Patch Feed Advanced Options</h4><h5 id="test-and-delayed-feeds" tabindex="-1"><a class="header-anchor" href="#test-and-delayed-feeds" aria-hidden="true">#</a> <strong>Test and Delayed Feeds</strong></h5><p>KernelCare Patch Server has several patch feeds available in addition to the standard (production) feed:</p><ul><li><strong>Test feed</strong> – the newest patches (test builds) that have not undergone the complete testing process. Test feed makes it possible to start testing new patches earlier.</li><li><strong>Delayed feeds</strong> – instructs KernelCare to skip loading patches that were released within the last 12/24/48 hours.</li></ul><p>The alternate feed option is enabled by setting <code>PREFIX</code> variable in <code>/etc/sysconfig/kcare/kcare.conf</code> to one of <code>test</code>/<code>12h</code>/<code>24h</code>/<code>48h</code>.</p><h5 id="feed-management-with-sticky-patch-feature" tabindex="-1"><a class="header-anchor" href="#feed-management-with-sticky-patch-feature" aria-hidden="true">#</a> <strong>Feed Management With Sticky Patch Feature</strong></h5><p>The best way to handle QA and Production environments is to use Sticky tag feature of KernelCare license keys issued from CloudLinux Network (CLN) portal. To use this tag, go to CLN portal → KernelCare tab → click on the target key → Edit Key Info window.</p><p><img src="`+y+'" alt=""></p><p><img src="'+x+'" alt=""></p><p>You should provide a separate key for each environment and set them to a particular sticky tag which is actually the date to which all the servers in an environment have to be patched.</p><p><img src="'+k+`" alt=""></p><p>The date in Sticky tag field can be any date from May 28, 2018 up to one day before today.</p><p>To use Sticky tag feature on the servers to be patched, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ /usr/bin/kcarectl --set-sticky-patch=KEY
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>Alternatively, you can do the same by adding <code>STICKY_PATCH=KEY</code> to the <code>/etc/sysconfig/kcare/kcare.conf</code> file.</p><div class="tip custom-block"><p class="custom-block-title">Warning</p><p><strong>Do Not</strong> replace the <code>KEY</code> word with the actual KernelCare license key used to register the server.</p></div><p>When the Sticky tag feature is enabled for particular servers, all such servers will get patches only released before the date specified in the Sticky tag field.</p><p>This way, you can add new patches to all the servers in some environment (i.e. registered with the same KernelCare license key) by updating only a single field in the CLN portal.</p><h4 id="support" tabindex="-1"><a class="header-anchor" href="#support" aria-hidden="true">#</a> Support</h4><p>We offer unlimited, 24x7x365 support. <a href="https://cloudlinux.zendesk.com/hc/requests/new" target="_blank" rel="noopener noreferrer">Submit a request</a> or email us at <a href="mailto:support@cloudlinux.com">support@cloudlinux.com</a>.</p><ul><li>We answer all support questions within one business day and most within a couple of hours To expedite the support, run the following command on your server (as root user):</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --doctor
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>Then paste the generated key into the support request.</p><h4 id="support-costs" tabindex="-1"><a class="header-anchor" href="#support-costs" aria-hidden="true">#</a> Support Costs</h4><p>Your KernelCare subscription includes free 24/7 support.</p><h4 id="accessibility" tabindex="-1"><a class="header-anchor" href="#accessibility" aria-hidden="true">#</a> Accessibility</h4><h4 id="reference-materials" tabindex="-1"><a class="header-anchor" href="#reference-materials" aria-hidden="true">#</a> Reference Materials</h4><ul><li>KernelCare website: <a href="https://www.kernelcare.com" target="_blank" rel="noopener noreferrer">https://www.kernelcare.com</a></li><li>KernelCare Blog: <a href="https://www.kernelcare.com/blog/" target="_blank" rel="noopener noreferrer">https://www.kernelcare.com/blog/</a></li><li>KernelCare Patch Server: <a href="https://patches.kernelcare.com" target="_blank" rel="noopener noreferrer">https://patches.kernelcare.com</a></li><li>KernelCare documentation: <a href="https://docs.kernelcare.com/" target="_blank" rel="noopener noreferrer">https://docs.kernelcare.com/</a></li><li>CloudLinux Network – CLN (Billing Portal): <a href="https://cln.cloudlinux.com" target="_blank" rel="noopener noreferrer">https://cln.cloudlinux.com</a></li><li>CloudLinux 24/7 online support system: <a href="https://tuxcare.zendesk.com" target="_blank" rel="noopener noreferrer">https://tuxcare.zendesk.com</a></li></ul><h4 id="localization" tabindex="-1"><a class="header-anchor" href="#localization" aria-hidden="true">#</a> Localization</h4><p>KernelCare is available in the English language only.</p><h3 id="reseller-partner-ui" tabindex="-1"><a class="header-anchor" href="#reseller-partner-ui" aria-hidden="true">#</a> Reseller Partner UI</h3><p>Once you have got the reseller partner access, in IP Reseller Partner UI you can view and manage IP licenses, billing options, profile details. Here you can track your money balance, licenses count and licenses prices as well as using IP address search to find customers. You can find more information about KernelCare licensing <a href="https://www.kernelcare.com/pricing/" target="_blank" rel="noopener noreferrer">here</a>.</p><h4 id="server-section" tabindex="-1"><a class="header-anchor" href="#server-section" aria-hidden="true">#</a> Server Section</h4><p>As soon as you have added funds (See <strong>Billing Info/Add Funds</strong> below) to your account you can immediately add new licenses for clients. To add IP KernelCare license:</p><ol><li>Enter IP address in <strong>Add IP License</strong> field, choose license type in pull-down menu (KernelCare) and click <strong>Add license</strong>.</li></ol><p><img src="`+w+'" alt=""></p><ol start="2"><li><p>To delete license click <strong>Delete</strong> in front of the needed IP address.</p></li><li><p>To add KernelCare Key license go to <strong>KernelCare Keys</strong> tab, enter the number of servers allowed for the license in <strong>Max Servers</strong>, add description if needed and click <strong>Add</strong> . The key will be generated and appear in the list below.</p></li></ol><p>In the <strong>Operations List</strong> you are able to edit or delete the key.</p><p><img src="'+_+'" alt=""></p><h4 id="billing-info-add-funds" tabindex="-1"><a class="header-anchor" href="#billing-info-add-funds" aria-hidden="true">#</a> Billing Info/Add Funds</h4><p>To add funds:</p><ol><li><p>Click <strong>Add Funds</strong> near your balance or go to <strong>Billing Info/Add Funds</strong> on the top of the starting page of your account.</p></li><li><p>Click <strong>Add</strong> to add credit card details, then enter funds amount and click <strong>TopUp</strong> or <strong>Process to Checkout</strong> to pay via PayPal.</p></li></ol><p><img src="'+C+'" alt=""></p><p>While adding credit card details, you can also choose <strong>Auto add funds</strong> option - the funds amount you choose in pull down menu will be automatically added when your balance is below $100.</p><p>If you choose <strong>Auto repay</strong>, your card will be automatically charged when your balance becomes negative. Minimal charge is $20 (E.g. for balance -$15 - you&#39;ll be charged at $20, for balance -$134.2 - you&#39;ll be charged at $134.2).</p><p><img src="'+T+'" alt=""></p><div class="tip custom-block"><p class="custom-block-title">Note</p><p>If your balance is shown as negative, it means that you have to deposit more funds.</p></div><h4 id="api-section" tabindex="-1"><a class="header-anchor" href="#api-section" aria-hidden="true">#</a> API Section</h4><p>CloudLinux and KernelCare IP licenses adding and removing is compatible with different hosting and domain management and billing systems and platforms. You can find comprehensive information on all possible CloudLinux modules and plug-ins APIs in API Section.</p><p><img src="'+K+'" alt=""></p><h4 id="profile" tabindex="-1"><a class="header-anchor" href="#profile" aria-hidden="true">#</a> Profile</h4><p>You can edit your profile information by clicking on <strong>Profile</strong> section. Edit the necessary info and click <strong>Update Account</strong>.</p><p><img src="'+E+'" alt=""><img src="'+S+`" alt=""></p><h3 id="how-to" tabindex="-1"><a class="header-anchor" href="#how-to" aria-hidden="true">#</a> How To</h3><h4 id="how-to-disable-hyperthreading-smt-without-reboot-kernelcare-case" tabindex="-1"><a class="header-anchor" href="#how-to-disable-hyperthreading-smt-without-reboot-kernelcare-case" aria-hidden="true">#</a> How to disable HyperThreading (SMT) without reboot: KernelCare case</h4><p>This article explains how to disable or enable SMT (Simultaneous multithreading) without rebooting using KernelCare, to help mitigate the recent MDS/Zombieload vulnerability.</p><p>Disabling CPU simultaneous multithreading (SMT) is one of the mitigations needed to counter the recent MDS vulnerability (also known as ‘Zombieload’). There is a performance impact that depends on the configuration of the hosting platform and its workload patterns. You should also consider the impact of other mitigation strategies, such as assigning dedicated cores to guests (e.g. VMs).</p><p>You can control and get the status of SMT with the kernel’s <code>sysfs</code> interface. There are two files, both in the <code>/sys/devices/system/cpu/smt</code> directory:</p><ul><li><code>control</code></li><li><code>active</code></li></ul><p>If you cannot find the <code>/sys/devices/system/cpu/smt</code> directory, this means your running kernel does not support SMT. In this case, you need to apply KernelCare patches so the SMT controls become available to your system. Use the <code>kcarectrl</code> command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>kcarectl --update
-Kernel is safe
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>ls -l /sys/devices/system/cpu/smt
--r--r--r-- 1 root root 4096 May 17 13:06 active
--rw-r--r-- 1 root root 4096 May 17 13:06 control
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>As soon as you have these files in place, it is possible to proceed with disabling SMT.</p>`,207),Oe=e("iframe",{width:"560",height:"315",src:"https://www.youtube.com/embed/RUGCvEO1hAE",frameborder:"0",allow:"accelerometer; autoplay; encrypted-media; gyroscope; picture-in-picture",allowfullscreen:""},null,-1),Me=t(`<h4 id="smt-control" tabindex="-1"><a class="header-anchor" href="#smt-control" aria-hidden="true">#</a> SMT Control</h4><p><code>/sys/devices/system/cpu/smt/control</code></p><p>This file lets you enable or disable SMT, and shows its state. There are three values:</p><ol><li><code>on</code>: The CPU supports SMT and it is enabled. All logical CPUs can be taken offline or online without restriction.</li><li><code>off</code>: The CPU supports SMT but it is disabled. Only so-called primary SMT threads can be taken offline/online without restriction. Attempts to put a non-primary sibling thread online will be rejected.</li><li><code>notsupported</code>: The CPU does not support SMT. You will not be able to write to the control file.</li></ol><h4 id="smt-status" tabindex="-1"><a class="header-anchor" href="#smt-status" aria-hidden="true">#</a> SMT Status</h4><p><code>/sys/devices/system/cpu/smt/active</code></p><p>The contents of this file show the status of SMT (e.g. if two or more sibling threads are active on the same physical core the contents of this file is 1, if not: 0).</p><p>Here are some commands to control SMT support (root permissions are required):</p><h4 id="check-the-smt-state" tabindex="-1"><a class="header-anchor" href="#check-the-smt-state" aria-hidden="true">#</a> Check the SMT state</h4><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>cat /sys/devices/system/cpu/smt/active
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h4 id="enable-smt" tabindex="-1"><a class="header-anchor" href="#enable-smt" aria-hidden="true">#</a> Enable SMT</h4><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>echo on &gt; /sys/devices/system/cpu/smt/control
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h4 id="disable-smt" tabindex="-1"><a class="header-anchor" href="#disable-smt" aria-hidden="true">#</a> Disable SMT</h4><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>echo off &gt; /sys/devices/system/cpu/smt/control
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div>`,14),De=t(`<h4 id="how-to-update-microcode-without-reboot-with-vendor-provided-package" tabindex="-1"><a class="header-anchor" href="#how-to-update-microcode-without-reboot-with-vendor-provided-package" aria-hidden="true">#</a> How to update Microcode without reboot with vendor-provided package</h4><p>This article shows how to update the microcode of Intel CPUs running Linux.</p><div class="warning custom-block"><p class="custom-block-title">Warning</p><p>To avoid possible issues with Microcode updating, enable SMT before the update.</p></div><div class="tip custom-block"><p class="custom-block-title">Note</p><p>This article is subject to change and will be updated with instructions for other distributions.</p></div><div class="tip custom-block"><p class="custom-block-title">Notes</p><ul><li>These steps must be done as root.</li><li>The examples shown are for Debian.</li><li>If you have doubts your systems are fully protected against CPU- and kernel-related vulnerabilities, please <a href="mailto:sales@cloudlinux.com">get in touch with us</a>.</li></ul></div><h4 id="updating-microcode-on-ubuntu-and-debian" tabindex="-1"><a class="header-anchor" href="#updating-microcode-on-ubuntu-and-debian" aria-hidden="true">#</a> Updating microcode on Ubuntu and Debian</h4><ol><li><p>Find the microcode package download link for your platform</p><ul><li>Ubuntu: <a href="https://usn.ubuntu.com/3977-1/" target="_blank" rel="noopener noreferrer">https://usn.ubuntu.com/3977-1/</a></li><li>Debian: <a href="https://packages.debian.org/search?keywords=intel-microcode" target="_blank" rel="noopener noreferrer">https://packages.debian.org/search?keywords=intel-microcode</a></li></ul></li><li><p>Download the package</p></li></ol><div class="tip custom-block"><p class="custom-block-title">Note</p><p>Example shown for Debian 9</p></div><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>cd &lt;a temporary directory, e.g. /tmp&gt;
-mkdir firmware
-cd firmware
-wget http://security.debian.org/debian-security/pool/updates/non-free/i/intel-microcode/intel-microcode_3.20190514.1~deb9u1_amd64.deb
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="3"><li>Check the downloaded package</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>md5sum intel-microcode_3.20190514.1~deb9u1_amd64.deb
-c7bc9728634137453e0f4821fb6bb436  intel-microcode_3.20190514.1~deb9u1_amd64.deb
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>A list of checksums is on <a href="https://packages.debian.org/stretch/amd64/intel-microcode/download" target="_blank" rel="noopener noreferrer">the Debian packages download page</a>.</p><ol start="4"><li>Unpack the package</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>dpkg -x intel-microcode_3.20190514.1~deb9u1_amd64.deb
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="5"><li>Check the unpacked files</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>ls -l
-total 1896
-drwxr-xr-x 5 root root   53 May 15 04:18 etc
--rw-r--r-- 1 root root 1940140 May 17 11:42 intel-microcode_3.20190514.1~deb9u1_amd64.deb
-drwxr-xr-x 3 root root   22 May 15 04:18 lib
-drwxr-xr-x 3 root root   19 May 15 04:18 usr
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="6"><li>Create a backup of existing microcode:</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>test -d /lib/firmware/intel-ucode/ &amp;&amp; mv /lib/firmware/intel-ucode/ /lib/firmware/intel-ucode.backup
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="7"><li>Copy the new microcode and check it</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>cp -r lib/firmware/intel-ucode/ /lib/firmware/
-ls -l /lib/firmware/ | grep intel-ucode
-drwxr-xr-x  2 root root 4096 May 17 11:47 intel-ucode
-drwxr-xr-x  2 root root 4096 May 16 20:54 intel-ucode.backup
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="8"><li>Check the current microcode version</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>dmesg | grep microcode
-[ 2.254717] microcode: sig=0x306a9, pf=0x10, revision=0x12
-[ 2.254820] microcode: Microcode Update Driver: v2.01 &lt;tigran@aivazian.fsnet.co.uk&gt;, Peter Oruba
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="9"><li>(Optional) Double check the current microcode versions (revisions per core)</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>cat /proc/cpuinfo | grep -e microcode
-microcode : 0x12
-microcode : 0x12
-microcode : 0x12
-microcode : 0x12
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="10"><li>Check the microcode reload file exists</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>ls -l /sys/devices/system/cpu/microcode/reload
---w------- 1 root root 4096 May 17 11:54 /sys/devices/system/cpu/microcode/reload
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ol start="11"><li>Force the kernel to load the new microcode</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>echo 1 &gt; /sys/devices/system/cpu/microcode/reload
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="12"><li>Check the new microcode</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>dmesg | grep microcode
-[ 2.254717] microcode: sig=0x306a9, pf=0x10, revision=0x12
-[ 2.254820] microcode: Microcode Update Driver: v2.01 &lt;tigran@aivazian.fsnet.co.uk&gt;, Peter Oruba
-[ 1483.494573] platform microcode: firmware: direct-loading firmware intel-ucode/06-3a-09
-[ 1483.495985] microcode: updated to revision 0x21, date = 2019-02-13
-[ 1483.496012] platform microcode: firmware: direct-loading firmware intel-ucode/06-3a-09
-[ 1483.496698] platform microcode: firmware: direct-loading firmware intel-ucode/06-3a-09
-[ 1483.497391] platform microcode: firmware: direct-loading firmware intel-ucode/06-3a-09
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="13"><li>(Optional) Double check the new microcode version (revisions per core)</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>cat /proc/cpuinfo | grep -e microcode
-microcode : 0x21
-microcode : 0x21
-microcode : 0x21
-microcode : 0x21
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><h4 id="updating-microcode-on-red-hat-and-centos" tabindex="-1"><a class="header-anchor" href="#updating-microcode-on-red-hat-and-centos" aria-hidden="true">#</a> Updating Microcode on Red Hat and CentOS</h4><p>For RHEL-based distributions, you can use the <code>microcode_ctl utility</code> to update microcode.</p><ol><li>Get the latest microcode by updating the <code>microcode_ctl</code> package</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>yum update microcode_ctl
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="2"><li>Create a force file</li></ol><p>Create a <code>force-late-intel–06–4f–01</code> inside the firmware directory.</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>touch /lib/firmware/\`uname -r\`/force-late-intel-06-4f-01
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="3"><li>Run the microcode update</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>/usr/libexec/microcode_ctl/update_ucode
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="4"><li>Force the kernel to load the new microcode</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>echo 1 &gt; /sys/devices/system/cpu/microcode/reload
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="5"><li>Check the new microcode</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>dmesg | grep microcode
-[ 2.254717] microcode: sig=0x306a9, pf=0x10, revision=0x12
-[ 2.254820] microcode: Microcode Update Driver: v2.01 &lt;tigran@aivazian.fsnet.co.uk&gt;, Peter Oruba
-[ 1483.494573] platform microcode: firmware: direct-loading firmware intel-ucode/06-3a-09
-[ 1483.495985] microcode: updated to revision 0x21, date = 2019-02-13
-[ 1483.496012] platform microcode: firmware: direct-loading firmware intel-ucode/06-3a-09
-[ 1483.496698] platform microcode: firmware: direct-loading firmware intel-ucode/06-3a-09
-[ 1483.497391] platform microcode: firmware: direct-loading firmware intel-ucode/06-3a-09
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="6"><li>(Optional) Double check the new microcode version (revisions per core)</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>cat /proc/cpuinfo | grep -e microcode
-microcode : 0x21
-microcode : 0x21
-microcode : 0x21
-microcode : 0x21
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><h4 id="updating-microcode-on-centos-6" tabindex="-1"><a class="header-anchor" href="#updating-microcode-on-centos-6" aria-hidden="true">#</a> Updating Microcode on CentOS 6</h4><ol><li>Get the latest microcode by updating the <code>microcode_ctl</code> package</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>yum update microcode_ctl
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="2"><li>If <code>yum update microcode_ctl</code> outputs the following:</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>Package(s) microcode_ctl available, but not installed.
-No Packages marked for Update
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>you need to install the package manually.</p><ol start="3"><li>To install <code>microcode_ctl</code> package, run the command:</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>yum install microcode_ctl
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>The command output:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>Installed:
-  microcode_ctl.x86_64 2:1.17-33.11.el6_10                                                                                                                                 
-
-Complete!
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="4"><li>Check CPU microcode version:</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>cat /proc/cpuinfo | grep microcode
-microcode       : 9
-microcode       : 9
-microcode       : 9
-microcode       : 9
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="5"><li>Try to update microcode</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>microcode_ctl -u
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>If you see the output:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>microcode_ctl: writing microcode (length: 2370560)
-microcode_ctl: cannot open /dev/cpu/microcode for writing errno=2 (No such file or directory)
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>You need to load driver microcode.</p><ol start="6"><li>Load driver microcode</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>modprobe microcode
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="7"><li>Try to update microcode again:</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>microcode_ctl -u
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>If you see the output:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>microcode_ctl: writing microcode (length: 2370560)
-microcode_ctl: microcode successfully written to /dev/cpu/microcode
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>then update is successful.</p><ol start="8"><li>Check version:</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>cat /proc/cpuinfo | grep microcode
-microcode       : 17
-microcode       : 17
-microcode       : 17
-microcode       : 17
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div>`,73),Ue=e("iframe",{width:"560",height:"315",src:"https://www.youtube.com/embed/EydWy-b9uns",frameborder:"0",allow:"accelerometer; autoplay; encrypted-media; gyroscope; picture-in-picture",allowfullscreen:""},null,-1),Ne=t('<h4 id="plesk-related" tabindex="-1"><a class="header-anchor" href="#plesk-related" aria-hidden="true">#</a> Plesk related</h4><h4 id="how-to-get-a-kernelcare-activation-key-from-the-extended-plesk-license" tabindex="-1"><a class="header-anchor" href="#how-to-get-a-kernelcare-activation-key-from-the-extended-plesk-license" aria-hidden="true">#</a> How to get a KernelCare activation key from the extended Plesk license</h4><p>Often our clients purchase KernelCare licenses through Plesk/Odin and in such cases, they get a universal key which includes the KernelCare license and other additional keys for Plesk plugins. Such a key has the following syntax – <code>A00B00-0CDE00-F0G000-HIGK00-LM0N00</code>, – and initially, it is installed through Plesk automatically and the license gets activated successfully.</p><p>However, if it is required to re-register the agent for some reason or simply get the KernelCare activation key separately, it would be impossible to apply the above-mentioned one – we would need to deal with the KernelCare service separately.</p><p>To get the KernelCare activation key from the extended Plesk license key, you will need to proceed with the following.</p><ol><li>Navigate to <em>Tools &amp; Settings &gt;&gt; Plesk &gt;&gt; License Management &gt;&gt; Additional License Keys</em></li></ol><p><img src="'+P+'" alt=""></p><p><img src="'+I+`" alt=""></p><ol start="2"><li><p>Click <em>Download key</em> next to the KernelCare license listed on the page and open the file downloaded in some text editor</p></li><li><p>Find the following abstract:</p></li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>&lt;!--Key body--&gt;
-&lt;aps-3:key-body core:encoding=&quot;base64&quot; core:type=&quot;binary&quot;&gt;YOUR_BASE64_ENCODED_LICENSE_KEY==&lt;/aps-3:key-body&gt;
-&lt;!--Information about additional key--&gt;
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="4"><li><p>This is your base64-encoded key, and it should be decoded using a CLI utility or an online base64 decoder into UTF-8, e.g. <a href="https://www.base64decode.org" target="_blank" rel="noopener noreferrer">https://www.base64decode.org</a>. The new license key should have the following format: <code>xxxxxxxxxxxxxxxx</code>. It will contain lower and upper case letters and numbers.</p></li><li><p>Use the new key decoded to activate the service:</p></li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>/usr/bin/kcarectl --register DECODED_KEY_HERE
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>This is it!</p><h2 id="libcare" tabindex="-1"><a class="header-anchor" href="#libcare" aria-hidden="true">#</a> LibCare</h2><p>LibCare enables security patching of critical userspace shared libraries in-memory without restarting or disrupting the applications using them. This is techinical documentation describing the solution; for a high level summary see <a href="https://tuxcare.com/enterprise-live-patching-services/libcare/" target="_blank" rel="noopener noreferrer">LibCare&#39;s main web site</a>.</p><h3 id="supported-libraries-and-operating-systems" tabindex="-1"><a class="header-anchor" href="#supported-libraries-and-operating-systems" aria-hidden="true">#</a> Supported libraries and operating systems</h3><p>LibCare provide security updates for the OpenSSL and glibc libraries on many operating systems.</p><h3 id="supported-operating-systems" tabindex="-1"><a class="header-anchor" href="#supported-operating-systems" aria-hidden="true">#</a> Supported operating systems</h3><p>LibCare patching is available for many operating systems including CentOS, AlmaLinux, Oracle Linux, Debian and Ubuntu.</p><p><a href="https://patches.kernelcare.com/" target="_blank" rel="noopener noreferrer">Check compatibility with your operating system</a>.</p><h3 id="installation-and-upgrade" tabindex="-1"><a class="header-anchor" href="#installation-and-upgrade" aria-hidden="true">#</a> Installation and upgrade</h3><p>Userspace processes patching feature is available in the KernelCare package.</p><h3 id="usage" tabindex="-1"><a class="header-anchor" href="#usage" aria-hidden="true">#</a> Usage</h3><p>To apply the available patches to all userspace processes, run the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ kcarectl --lib-update
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To gather information about what processes were patched, run the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ kcarectl --lib-info
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To gather information about applied patches, run the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ kcarectl --lib-patch-info
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To unpatch all processes, run the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ kcarectl --lib-unload
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h4 id="blacklisting" tabindex="-1"><a class="header-anchor" href="#blacklisting" aria-hidden="true">#</a> Blacklisting</h4><p>Applying a live patch may clash with software such as anti-viruses that detect or prevent memory updates. While the majority of software is compatible with live patching, for the software that may misbehave, LibCare comes with a default blacklist. The blacklist is located in the /var/lib/libcare/blacklist and contains the list of known applications that may misbehave when live patched. You can override those values by creating the file <code>/var/cache/kcare/userspace/blacklist</code>.</p><p>The format of the file is as follows. Patterns should be specified line by line prefixed with pattern type and a colon. Comment starts with dash (#). Example:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code> # Symantec Antivirus
- path: /opt/Symantec/*
- filename:symcfgd
- filename:rtvscand
- filename:smcd
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>Specifying <code>path</code> means that the whole path to binary will be taken into account, while using <code>filename</code> allows to blacklist a process irrespective of the full path to binary.</p><p>Wildcards are also supported:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code> filename:docker*
- path:/usr/libexec/docker/docker-*
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>Also a POSIX regular expressions could be used as follows:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code> regex:/usr/bin/[[:alnum:]]+
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h4 id="auto-update" tabindex="-1"><a class="header-anchor" href="#auto-update" aria-hidden="true">#</a> Auto update</h4><p>Userspace patching cron job is disabled by default. To enable it, run the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>libcare-cron init
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h3 id="usage-in-containers" tabindex="-1"><a class="header-anchor" href="#usage-in-containers" aria-hidden="true">#</a> Usage in containers</h3><p>LibCare supports containers natively, including docker, LXC and other containerization technologies. When run on the host it operates on all processes that are running, including processes present in containers. At the same time there are two ways to use LibCare with containers and each has its own advantages and disadvantages. Let&#39;s go through them.</p><h4 id="disposable-container-servers" tabindex="-1"><a class="header-anchor" href="#disposable-container-servers" aria-hidden="true">#</a> Disposable container servers</h4><p>Disposable container servers are services that are run within a container for limited time and are refreshed periodically, e.g., daily to get the latest security updates. The recommended way to run LibCare with disposable containers is by installing <code>kernelcare</code> on the host, and it will automatically patch all processes libraries in the containers.</p><h4 id="persistent-container-servers" tabindex="-1"><a class="header-anchor" href="#persistent-container-servers" aria-hidden="true">#</a> Persistent container servers</h4><p>Persistent container servers are services that are run in containers the same way as a traditional physical server, i.e., the LXC approach. Although LibCare can run the same way as with disposable containers, it is also possible to install <code>kernelcare</code> within each container and that will enable live patching of the processes of each container individually. That approach enables accurate patching information within each containerized server that can be used by the available vulnerability scanner. When using this approach userspace patching must be disabled on the host using <code>kcarectl --disable-libcare</code>.</p><h3 id="troubleshooting" tabindex="-1"><a class="header-anchor" href="#troubleshooting" aria-hidden="true">#</a> Troubleshooting</h3><h4 id="auditd-logs" tabindex="-1"><a class="header-anchor" href="#auditd-logs" aria-hidden="true">#</a> Auditd logs</h4><p>The LibCare tools heavily use a <code>ptrace</code> syscall and, in case of <code>auditd</code> trace it&#39;s calls, there will be a lot of records in a log. There is a rule that provided by kernelcare package and located here: <code>/etc/audit/rules.d/kernelcare.rules</code>. It will exclue kernelcare processes from audit.</p><p><strong>Note</strong>: no such rule is provided for <code>el6</code> due to old <code>autditd</code> restrictions. There is a command that will add such rule in runtime:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>auditctl -l | grep kcare | cut -d&#39; &#39; -f2- | xargs -t -L1 -r auditctl -d &amp;&amp; pgrep libcare-server | xargs -t -n1 -i auditctl -A exit,never -F arch=b64 -S ptrace -F pid=&quot;{}&quot; -k kcarever | xargs -t -n1 -i auditctl -A exit,never -F arch=b64 -S ptrace -F pid=&quot;{}&quot; -k kcare
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>It removes all currently enabled KernelCare rules and adds a new one by LibCare&#39;s process ID.</p><h3 id="unpatched-library-detector-uchecker" tabindex="-1"><a class="header-anchor" href="#unpatched-library-detector-uchecker" aria-hidden="true">#</a> Unpatched Library Detector (UChecker)</h3><h4 id="description" tabindex="-1"><a class="header-anchor" href="#description" aria-hidden="true">#</a> Description</h4><p>UChecker is a scanner that checks network Linux servers and detects out-of-date libraries both on disk and in memory. KernelCare’s open-source scanner will find false negatives by correctly reporting vulnerable libraries running in memory that could be reported as updated by other scanners.</p><p>The UChecker (originated from &quot;userspace checker&quot;) works with all modern Linux Distributions, it is free and open-source, distributed under the GNU General Public License.</p><h4 id="how-uchecker-works" tabindex="-1"><a class="header-anchor" href="#how-uchecker-works" aria-hidden="true">#</a> How UChecker works</h4><p>This activity diagram shows how UChecker works:</p><p><img src="`+A+`" alt=""></p><h4 id="usage-1" tabindex="-1"><a class="header-anchor" href="#usage-1" aria-hidden="true">#</a> Usage</h4><p>To scan your systems, run the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ curl -s -L https://kernelcare.com/uchecker | sudo python
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>You will receive the following output:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>[*] Process httpd[15516] linked to the \`libc-2.17.so\` that is not up to date.
-
-You may want to update libraries above and restart corresponding processes.
-
-KernelCare+ allows to resolve such issues with no process downtime. To find 
-out more, please, visit https://lp.kernelcare.com/kernelcare-early-access?
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>The following information is available in the output:</p><ul><li>Process ID</li><li>Process Name</li></ul><h4 id="troubleshooting-1" tabindex="-1"><a class="header-anchor" href="#troubleshooting-1" aria-hidden="true">#</a> Troubleshooting</h4><p>To verbose output, you can choose a logging level: <code>ERROR</code>, <code>WARNING</code>, <code>INFO</code>, and <code>DEBUG</code>.</p><p>For example:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ curl -s -L https://kernelcare.com/uchecker | sudo LOGLEVEL=debug python
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To learn more, visit the <a href="https://github.com/cloudlinux/kcare-uchecker" target="_blank" rel="noopener noreferrer">UChecker Github page</a>.</p><h2 id="qemucare" tabindex="-1"><a class="header-anchor" href="#qemucare" aria-hidden="true">#</a> QEMUCare</h2><p>QEMUCare – virtualization patching for cloud providers, VPS hosters, or any other company with QEMU based virtualization systems. It keeps infrastructure patched without disrupting virtual tenants’ systems.</p><h3 id="how-qemucare-works" tabindex="-1"><a class="header-anchor" href="#how-qemucare-works" aria-hidden="true">#</a> How QEMUCare works</h3><ul><li>An agent is installed on each virtualization host which installs patches directly from the QEMUCare repository.</li><li>In an ePortal environment, your Virtualization Hosts communicate with the QEMUCare ePortal server that acts as an intermediary.</li></ul><h3 id="qemu-patchset-deployment" tabindex="-1"><a class="header-anchor" href="#qemu-patchset-deployment" aria-hidden="true">#</a> QEMU PatchSet Deployment</h3><p>Starting from version 1.25, ePortal supports the QEMU patchset management. It is accessible from the <code>Patches / QEMUcare</code> navigation item. QEMU patches use the same Patch Source credentials, and you don&#39;t need to perform additional configuration.</p><p><img src="`+L+`" alt=""></p><p>User interface for the QEMU patch management is the same as for KernelCare patches, and you can refer the <a href="https://docs.tuxcare.com/eportal/#patchset-deployment" target="_blank" rel="noopener noreferrer">PatchSet Deployment</a> documentation.</p><h4 id="cli-to-install-the-latest-patchsets" tabindex="-1"><a class="header-anchor" href="#cli-to-install-the-latest-patchsets" aria-hidden="true">#</a> CLI to install the latest patchsets</h4><p>To update the default feed, run the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>kc.eportal qemu update
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To update the <code>test</code> feed, run the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>kc.eportal qemu update --feed test
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To update all auto-feeds, run the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>kc.eportal qemu auto-update
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h4 id="cli-to-deploy-patchset-from-archive" tabindex="-1"><a class="header-anchor" href="#cli-to-deploy-patchset-from-archive" aria-hidden="true">#</a> CLI to deploy patchset from archive</h4><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>~$ kc.eportal qemu deploy --help
-usage: kc.eportal qemu deploy [-h] [--feed FEED] [--disabled] archive
-
-positional arguments:
-  archive      path to archive
-
-optional arguments:
-  -h, --help   show this help message and exit
-  --feed FEED  feed to deploy archive to
-  --disabled   do not enable patchset after deploy
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>For example:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>kc.eportal qemu deploy --feed test /tmp/U20210818_01-qemu.tar.bz2
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>This command will deploy and enable the <code>U20210818_01-qemu</code> patchset in to the <code>test</code> feed.</p><h2 id="vulnerability-scanner-integration-with-kernelcare" tabindex="-1"><a class="header-anchor" href="#vulnerability-scanner-integration-with-kernelcare" aria-hidden="true">#</a> Vulnerability Scanner Integration with KernelCare</h2><p>This document is made for developers of vulnerability scanners to correctly report live patched vulnerabilities as delivered by KernelCare. There are several approaches that vendors might take to identify vulnerabilities patched by KernelCare correctly.</p><h3 id="easiest-identifying-correctly-the-effective-kernel" tabindex="-1"><a class="header-anchor" href="#easiest-identifying-correctly-the-effective-kernel" aria-hidden="true">#</a> Easiest: Identifying correctly the effective kernel</h3><p>KernelCare provides &quot;effective kernel&quot; information in</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>/proc/kcare/effective_version
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>Security scanners can check if the file is present, and if it is, use it instead of /proc/version to identify the kernel. This will provide an effective kernel version from a security standpoint.</p><p>Alternatively, the command <code>/usr/bin/kcarectl --uname</code> can be run instead of the <code>uname</code> command to detect effective kernel version</p><h3 id="comprehensive-using-oval-data" tabindex="-1"><a class="header-anchor" href="#comprehensive-using-oval-data" aria-hidden="true">#</a> Comprehensive: Using OVAL data</h3><p>KernelCare comes with OVAL data that provides instructions to the scanner to identify the vulnerabilities addressed by the installed live patches. OVAL data are available for the operating systems supported by KernelCare Enterprise, including AlmaLinux, Red Hat Enterprise Linux, Oracle Linux, CentOS, Debian, and Ubuntu.</p><p>The OVAL data cover all KernelCare enterprise products and add-ons, including LibCare and QEMUCare.</p><p>The OVAL data for KernelCare live patching are available at <a href="https://patches.kernelcare.com/oval/" target="_blank" rel="noopener noreferrer">patches.kernelcare.com/oval</a>.</p><h3 id="comprehensive-local-using-the-local-cvelist-file-on-each-scanned-node" tabindex="-1"><a class="header-anchor" href="#comprehensive-local-using-the-local-cvelist-file-on-each-scanned-node" aria-hidden="true">#</a> Comprehensive &amp; local: Using the local CVELIST file on each scanned node</h3><p>KernelCare provides two files listing the vulnerabilities the currently installed live patches address. These files contain a list of CVEs separated by a new line.</p><p>The list of vulnerabilities addressed by Kernel live patches is available at:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>/proc/kcare/cvelist
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>The list of vulnerabilities addressed by system live patching (LibCare, QEMUCare, etc.) is available at:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>/var/cache/kcare/libcare_cvelist
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div>`,111);function Ye(Re,Fe){const i=M("RouterLink");return D(),U("div",null,[Y,e("table",null,[R,e("tbody",null,[F,q,e("tr",null,[H,e("td",null,[a("The same as --update, but uses "),n(i,{to:"/live-patching-services/#config-options"},{default:r(()=>[a("UPDATE_POLICY")]),_:1}),a(" to decide where to get patches.")])]),z,$,V,Q,B,G,W,X,j,Z,J,ee,ae,te,ie,ne,re,se,le,oe,de,e("tr",null,[ce,e("td",null,[a("Set patch to stick to date in format DDMMYY or retrieve it from KEY if set to KEY (no support for ePortal). Empty to unstick. More info at "),n(i,{to:"/live-patching-services/#sticky-patches"},{default:r(()=>[a("Sticky Patches")]),_:1}),a(".")])]),ue])]),he,e("table",null,[pe,e("tbody",null,[me,ve,be,ge,fe,ye,xe,ke,we,e("tr",null,[_e,e("td",null,[a("Stick patch to a particular date. More info at "),n(i,{to:"/live-patching-services/#sticky-patches"},{default:r(()=>[a("Sticky Patches")]),_:1}),a(".")])]),Ce,Te,Ke,Ee,Se])]),Pe,e("div",Ie,[Ae,e("p",null,[a("This functionality is not available for ePortal customers. If you are using ePortal, please use "),n(i,{to:"/eportal/#feed-management"},{default:r(()=>[a("Feeds")]),_:1}),a(" instead.")])]),Le,Oe,Me,e("p",null,[a("Disabling SMT, "),n(i,{to:"/how-to/#how-to-update-microcode-without-reboot-with-vendor-provided-package"},{default:r(()=>[a("updating microcode")]),_:1}),a(", and applying KernelCare patches will protect your systems against the ZombieLoad vulnerability. Note, only the latter action is applicable to virtual systems (e.g. VMs, VPS and other cloud instance types).")]),De,Ue,Ne])}const $e=O(N,[["render",Ye],["__file","index.html.vue"]]);export{$e as default};
diff --git a/assets/index.html-b5822e8c.js b/assets/index.html-b5822e8c.js
deleted file mode 100644
index f1866a83..00000000
--- a/assets/index.html-b5822e8c.js
+++ /dev/null
@@ -1 +0,0 @@
-const e=JSON.parse('{"key":"v-37e5fb86","path":"/live-patching-services/","title":"KernelCare Enterprise","lang":"en-US","frontmatter":{"sidebarDepth":4},"headers":[{"level":2,"title":"KernelCare","slug":"kernelcare","link":"#kernelcare","children":[{"level":3,"title":"Introduction","slug":"introduction","link":"#introduction","children":[]},{"level":3,"title":"Benefits","slug":"benefits","link":"#benefits","children":[]},{"level":3,"title":"Key Features","slug":"key-features","link":"#key-features","children":[]},{"level":3,"title":"Getting trial license","slug":"getting-trial-license","link":"#getting-trial-license","children":[]},{"level":3,"title":"Installation","slug":"installation","link":"#installation","children":[]},{"level":3,"title":"Update","slug":"update","link":"#update","children":[]},{"level":3,"title":"Uninstalling","slug":"uninstalling","link":"#uninstalling","children":[]},{"level":3,"title":"Switching from Ksplice","slug":"switching-from-ksplice","link":"#switching-from-ksplice","children":[{"level":4,"title":"Canonical Livepatch","slug":"canonical-livepatch","link":"#canonical-livepatch","children":[]}]},{"level":3,"title":"Basic management","slug":"basic-management","link":"#basic-management","children":[]},{"level":3,"title":"Command line tools","slug":"command-line-tools","link":"#command-line-tools","children":[{"level":4,"title":"kcarectl","slug":"kcarectl","link":"#kcarectl","children":[]},{"level":4,"title":"kcare-uname","slug":"kcare-uname","link":"#kcare-uname","children":[]},{"level":4,"title":"kernelcare doctor","slug":"kernelcare-doctor","link":"#kernelcare-doctor","children":[]}]},{"level":3,"title":"Config options","slug":"config-options","link":"#config-options","children":[]},{"level":3,"title":"Disabling some patches","slug":"disabling-some-patches","link":"#disabling-some-patches","children":[]},{"level":3,"title":"Extra patchset","slug":"extra-patchset","link":"#extra-patchset","children":[]},{"level":3,"title":"Sticky patches","slug":"sticky-patches","link":"#sticky-patches","children":[{"level":4,"title":"How to find a proper sticky patch name","slug":"how-to-find-a-proper-sticky-patch-name","link":"#how-to-find-a-proper-sticky-patch-name","children":[]}]},{"level":3,"title":"Scanning for vulnerabilities","slug":"scanning-for-vulnerabilities","link":"#scanning-for-vulnerabilities","children":[{"level":4,"title":"How to use a vulnerability scanner with KernelCare","slug":"how-to-use-a-vulnerability-scanner-with-kernelcare","link":"#how-to-use-a-vulnerability-scanner-with-kernelcare","children":[]},{"level":4,"title":"How use OpenSCAP with KernelCare","slug":"how-use-openscap-with-kernelcare","link":"#how-use-openscap-with-kernelcare","children":[]},{"level":4,"title":"How to natively integrate KernelCare with a vulnerability scanner","slug":"how-to-natively-integrate-kernelcare-with-a-vulnerability-scanner","link":"#how-to-natively-integrate-kernelcare-with-a-vulnerability-scanner","children":[]},{"level":4,"title":"Integrate via OVAL data","slug":"integrate-via-oval-data","link":"#integrate-via-oval-data","children":[]},{"level":4,"title":"Integrate using files","slug":"integrate-using-files","link":"#integrate-using-files","children":[]}]},{"level":3,"title":"UEFI Secure Boot Support","slug":"uefi-secure-boot-support","link":"#uefi-secure-boot-support","children":[]},{"level":3,"title":"Live patching and FIPS compliance","slug":"live-patching-and-fips-compliance","link":"#live-patching-and-fips-compliance","children":[]},{"level":3,"title":"Firewall and Proxy Settings","slug":"firewall-and-proxy-settings","link":"#firewall-and-proxy-settings","children":[{"level":4,"title":"Patching servers through firewall","slug":"patching-servers-through-firewall","link":"#patching-servers-through-firewall","children":[]},{"level":4,"title":"Patching servers through proxy","slug":"patching-servers-through-proxy","link":"#patching-servers-through-proxy","children":[]}]},{"level":3,"title":"KernelCare on AWS – Deployment User Guide","slug":"kernelcare-on-aws-–-deployment-user-guide","link":"#kernelcare-on-aws-–-deployment-user-guide","children":[{"level":4,"title":"Introductory Material","slug":"introductory-material","link":"#introductory-material","children":[]},{"level":4,"title":"Introduction","slug":"introduction-1","link":"#introduction-1","children":[]},{"level":4,"title":"Prerequisites and Requirements","slug":"prerequisites-and-requirements","link":"#prerequisites-and-requirements","children":[]},{"level":4,"title":"Architecture Diagrams","slug":"architecture-diagrams","link":"#architecture-diagrams","children":[]},{"level":4,"title":"Planning Guidance","slug":"planning-guidance","link":"#planning-guidance","children":[]},{"level":4,"title":"Security","slug":"security","link":"#security","children":[]},{"level":4,"title":"Costs","slug":"costs","link":"#costs","children":[]},{"level":4,"title":"Sizing","slug":"sizing","link":"#sizing","children":[]},{"level":4,"title":"Deployment Guidance","slug":"deployment-guidance","link":"#deployment-guidance","children":[]},{"level":4,"title":"Deployment Assets","slug":"deployment-assets","link":"#deployment-assets","children":[]},{"level":4,"title":"Operational Guidance","slug":"operational-guidance","link":"#operational-guidance","children":[]},{"level":4,"title":"Health Check","slug":"health-check","link":"#health-check","children":[]},{"level":4,"title":"Backup and Recovery","slug":"backup-and-recovery","link":"#backup-and-recovery","children":[]},{"level":4,"title":"Routine Maintenance","slug":"routine-maintenance","link":"#routine-maintenance","children":[]},{"level":4,"title":"Emergency Maintenance","slug":"emergency-maintenance","link":"#emergency-maintenance","children":[]},{"level":4,"title":"Patch Feed Advanced Options","slug":"patch-feed-advanced-options","link":"#patch-feed-advanced-options","children":[{"level":5,"title":"Test and Delayed Feeds","slug":"test-and-delayed-feeds","link":"#test-and-delayed-feeds","children":[]},{"level":5,"title":"Feed Management With Sticky Patch Feature","slug":"feed-management-with-sticky-patch-feature","link":"#feed-management-with-sticky-patch-feature","children":[]}]},{"level":4,"title":"Support","slug":"support","link":"#support","children":[]},{"level":4,"title":"Support Costs","slug":"support-costs","link":"#support-costs","children":[]},{"level":4,"title":"Accessibility","slug":"accessibility","link":"#accessibility","children":[]},{"level":4,"title":"Reference Materials","slug":"reference-materials","link":"#reference-materials","children":[]},{"level":4,"title":"Localization","slug":"localization","link":"#localization","children":[]}]},{"level":3,"title":"Reseller Partner UI","slug":"reseller-partner-ui","link":"#reseller-partner-ui","children":[{"level":4,"title":"Server Section","slug":"server-section","link":"#server-section","children":[]},{"level":4,"title":"Billing Info/Add Funds","slug":"billing-info-add-funds","link":"#billing-info-add-funds","children":[]},{"level":4,"title":"API Section","slug":"api-section","link":"#api-section","children":[]},{"level":4,"title":"Profile","slug":"profile","link":"#profile","children":[]}]},{"level":3,"title":"How To","slug":"how-to","link":"#how-to","children":[{"level":4,"title":"How to disable HyperThreading (SMT) without reboot: KernelCare case","slug":"how-to-disable-hyperthreading-smt-without-reboot-kernelcare-case","link":"#how-to-disable-hyperthreading-smt-without-reboot-kernelcare-case","children":[]},{"level":4,"title":"SMT Control","slug":"smt-control","link":"#smt-control","children":[]},{"level":4,"title":"SMT Status","slug":"smt-status","link":"#smt-status","children":[]},{"level":4,"title":"Check the SMT state","slug":"check-the-smt-state","link":"#check-the-smt-state","children":[]},{"level":4,"title":"Enable SMT","slug":"enable-smt","link":"#enable-smt","children":[]},{"level":4,"title":"Disable SMT","slug":"disable-smt","link":"#disable-smt","children":[]},{"level":4,"title":"How to update Microcode without reboot with vendor-provided package","slug":"how-to-update-microcode-without-reboot-with-vendor-provided-package","link":"#how-to-update-microcode-without-reboot-with-vendor-provided-package","children":[]},{"level":4,"title":"Updating microcode on Ubuntu and Debian","slug":"updating-microcode-on-ubuntu-and-debian","link":"#updating-microcode-on-ubuntu-and-debian","children":[]},{"level":4,"title":"Updating Microcode on Red Hat and CentOS","slug":"updating-microcode-on-red-hat-and-centos","link":"#updating-microcode-on-red-hat-and-centos","children":[]},{"level":4,"title":"Updating Microcode on CentOS 6","slug":"updating-microcode-on-centos-6","link":"#updating-microcode-on-centos-6","children":[]},{"level":4,"title":"Plesk related","slug":"plesk-related","link":"#plesk-related","children":[]},{"level":4,"title":"How to get a KernelCare activation key from the extended Plesk license","slug":"how-to-get-a-kernelcare-activation-key-from-the-extended-plesk-license","link":"#how-to-get-a-kernelcare-activation-key-from-the-extended-plesk-license","children":[]}]}]},{"level":2,"title":"LibCare","slug":"libcare","link":"#libcare","children":[{"level":3,"title":"Supported libraries and operating systems","slug":"supported-libraries-and-operating-systems","link":"#supported-libraries-and-operating-systems","children":[]},{"level":3,"title":"Supported operating systems","slug":"supported-operating-systems","link":"#supported-operating-systems","children":[]},{"level":3,"title":"Installation and upgrade","slug":"installation-and-upgrade","link":"#installation-and-upgrade","children":[]},{"level":3,"title":"Usage","slug":"usage","link":"#usage","children":[{"level":4,"title":"Blacklisting","slug":"blacklisting","link":"#blacklisting","children":[]},{"level":4,"title":"Auto update","slug":"auto-update","link":"#auto-update","children":[]}]},{"level":3,"title":"Usage in containers","slug":"usage-in-containers","link":"#usage-in-containers","children":[{"level":4,"title":"Disposable container servers","slug":"disposable-container-servers","link":"#disposable-container-servers","children":[]},{"level":4,"title":"Persistent container servers","slug":"persistent-container-servers","link":"#persistent-container-servers","children":[]}]},{"level":3,"title":"Troubleshooting","slug":"troubleshooting","link":"#troubleshooting","children":[{"level":4,"title":"Auditd logs","slug":"auditd-logs","link":"#auditd-logs","children":[]}]},{"level":3,"title":"Unpatched Library Detector (UChecker)","slug":"unpatched-library-detector-uchecker","link":"#unpatched-library-detector-uchecker","children":[{"level":4,"title":"Description","slug":"description","link":"#description","children":[]},{"level":4,"title":"How UChecker works","slug":"how-uchecker-works","link":"#how-uchecker-works","children":[]},{"level":4,"title":"Usage","slug":"usage-1","link":"#usage-1","children":[]},{"level":4,"title":"Troubleshooting","slug":"troubleshooting-1","link":"#troubleshooting-1","children":[]}]}]},{"level":2,"title":"QEMUCare","slug":"qemucare","link":"#qemucare","children":[{"level":3,"title":"How QEMUCare works","slug":"how-qemucare-works","link":"#how-qemucare-works","children":[]},{"level":3,"title":"QEMU PatchSet Deployment","slug":"qemu-patchset-deployment","link":"#qemu-patchset-deployment","children":[{"level":4,"title":"CLI to install the latest patchsets","slug":"cli-to-install-the-latest-patchsets","link":"#cli-to-install-the-latest-patchsets","children":[]},{"level":4,"title":"CLI to deploy patchset from archive","slug":"cli-to-deploy-patchset-from-archive","link":"#cli-to-deploy-patchset-from-archive","children":[]}]}]},{"level":2,"title":"Vulnerability Scanner Integration with KernelCare","slug":"vulnerability-scanner-integration-with-kernelcare","link":"#vulnerability-scanner-integration-with-kernelcare","children":[{"level":3,"title":"Easiest: Identifying correctly the effective kernel","slug":"easiest-identifying-correctly-the-effective-kernel","link":"#easiest-identifying-correctly-the-effective-kernel","children":[]},{"level":3,"title":"Comprehensive: Using OVAL data","slug":"comprehensive-using-oval-data","link":"#comprehensive-using-oval-data","children":[]},{"level":3,"title":"Comprehensive & local: Using the local CVELIST file on each scanned node","slug":"comprehensive-local-using-the-local-cvelist-file-on-each-scanned-node","link":"#comprehensive-local-using-the-local-cvelist-file-on-each-scanned-node","children":[]}]}]}');export{e as data};
diff --git a/enterprise-support-for-almalinux/fips/index.html b/enterprise-support-for-almalinux/fips/index.html
index ae18e93f..59d80504 100644
--- a/enterprise-support-for-almalinux/fips/index.html
+++ b/enterprise-support-for-almalinux/fips/index.html
@@ -39,7 +39,7 @@
                     })();
                   </script><title>FIPS packages for AlmaLinux</title><meta name="description" content="">
     <link rel="preload" href="/assets/style-9d49d80e.css" as="style"><link rel="stylesheet" href="/assets/style-9d49d80e.css">
-    <link rel="modulepreload" href="/assets/app-566f9dfe.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-63823c79.js"><link rel="modulepreload" href="/assets/index.html-a16753b4.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-b5822e8c.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-a217ad23.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
+    <link rel="modulepreload" href="/assets/app-eec13f0a.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-63823c79.js"><link rel="modulepreload" href="/assets/index.html-a16753b4.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-8a6bcf47.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-04b3e155.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
   </head>
   <body>
     <div id="app"><!--[--><div class="theme-container"><header class="navbar fixed"><div class="navbar-header"><div class="navbar-header__logo-wrapper"><a href="/" class="home-link"><img class="logo" src="/global/logo.svg" alt="logo header"></a><div class="header-layout__search-container header-mobile__hidden"><!----><form id="search-form" class="drawer-header__input"><input value="" id="algolia-search-input" placeholder="Search" class="header-layout__search-default"><div class="header-layout__search-icon-default"><img alt="search icon" src="/global/search.svg"></div></form><div><div class="drawer"><div class="drawer-header"><div class="drawer-header__wrapper"><h2 class="drawer-header__paragraph">How can we help you?</h2><div id="drawerSearch"></div></div><div class="drawer-cross"><img class="drawer-cross__img" src="/global/cross.svg" alt="cross"><p class="drawer-cross__text">close</p></div></div><div class="drawer-tabs__wrapper" data-v-c60e280a><!--[--><!--]--></div><main><div class="drawer-main"><div class="drawer-main__wrapper"><div class="drawer-main__breadcrumb"><!----></div><!--[--><!----><div style="--aa1be2ec:15;"><p class="no_results">What are you searching for?</p></div><!--]--></div></div><!----></main></div><!----></div></div></div><div class="links" style="max-width:nullpx;"><img class="navbar-header__mobile-search" src="/global/search.svg" alt="icon image"><div class="header-products-wrapper"><div class="dropdown"><!----><!----><div class="header-products-container"><img class="header-products-container__img" alt="hamburger menu" src="/global/hamburger-menu.svg"><p class="header-products-wrapper-paragraph">Products</p><img class="products-icon__default" width="10" height="8" src="/arrows/arrow-down.svg" alt="arrow down icon"></div></div></div><!--[--><a target="_blank" class="btn">Ask GPT?</a><a href="https://www.tuxcare.com/support-portal/" target="_blank" class="btn">Submit support request</a><a href="https://features.tuxcare.com/submit-idea/" target="_blank" class="btn">Submit your idea</a><!--]--></div></div><!----></header><!----><div class="page"><!--[--><!--]--><div class="breadcrumb-wrapper page-breadcrumb" data-v-9445381a><span class="breadcrumb-title" data-v-9445381a>Documentation:</span><!--[--><a aria-current="page" href="/enterprise-support-for-almalinux/fips/" class="router-link-active router-link-exact-active breadcrumb" data-v-9445381a>FIPS packages for AlmaLinux</a><!--]--></div><img class="page-mobile__sidebar-menu" src="/global/sidebar-menu.svg" alt="sidebar hamburger menu"><div class="page-nav-wrapper"><!----></div><div class="content" custom="false"><h1 id="fips-packages-for-almalinux" tabindex="-1"><a class="header-anchor" href="#fips-packages-for-almalinux" aria-hidden="true">#</a> FIPS packages for AlmaLinux</h1><p>Below are the instructions for installing the TuxCare FIPS 140-3 validated modules for AlmaLinux 9.2, they should be run as root.</p><p>By installing this software, you agree to be bound by the terms of the <a href="https://tuxcare.com/wp-content/uploads/2023/09/COMMUNITY-EULA.txt" target="_blank" rel="noopener noreferrer">TuxCare Community EULA</a>.</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># dnf -y install https://repo.tuxcare.com/fips/tuxcare-fips-release-latest-9.noarch.rpm
@@ -54,6 +54,6 @@
 # dnf versionlock add openssl*tuxcare* kernel*tuxcare*
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>To revert to the previous behaviour of getting updated kernel/openssl packages from AlmaLinux, run the following as root:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># dnf versionlock delete openssl*tuxcare* kernel*tuxcare*
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div></div><div class="page-edit"><div class="edit-link"><img src="/global/pen.svg" alt="icon pen"><a href="https://github.com/cloudlinux/tuxcare-documentation/tree/master/docs/enterprise-support-for-almalinux/fips/README.md" target="_blank" rel="noopener noreferrer">Edit this page</a></div></div><div class="back-to-top" data-v-1eb13e00><a class="nav-arrow top back-to-top__link" data-v-1eb13e00><span class="back-to-top__link-span" data-v-1eb13e00>Scroll up</span></a></div><!--[--><!--]--></div><!----><div class="footer footer-default-layout" data-v-0190e83e><div class="footer__img" data-v-0190e83e><a href="https://tuxcare.com" data-v-0190e83e><img src="/global/we-are-cloudlinux.svg" data-v-0190e83e></a></div><div class="footer-company-title" data-v-0190e83e>2023. CloudLinux Inc </div><div class="social" data-v-0190e83e><div class="social_links" data-v-0190e83e><!--[--><a href="https://cloudlinux.zendesk.com/hc/en-us/categories/360002375960-KernelCare" target="_blank" data-v-0190e83e>Knowledge base</a><a href="https://forum.cloudlinux.com/forum/tuxcare" target="_blank" data-v-0190e83e>Forum</a><a href="https://blog.tuxcare.com/" target="_blank" data-v-0190e83e>Blog</a><a href="https://www.cloudlinux.com/privacy-policy/" target="_blank" data-v-0190e83e>Privacy Policy</a><!--]--></div><span class="footer-social-text" data-v-0190e83e>Stay in touch</span><div class="social-icons-wrapper" data-v-0190e83e><!--[--><a class="social-icons-link" href="https://www.facebook.com/tuxcare/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/fb.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://twitter.com/tuxcare_/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/tw.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://linkedin.com/company/tuxcare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/in.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://www.youtube.com/@TuxCare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/ytube.png" alt="footer logo" data-v-0190e83e></a><!--]--></div></div></div></div><!----><!--]--></div>
-    <script type="module" src="/assets/app-566f9dfe.js" defer></script>
+    <script type="module" src="/assets/app-eec13f0a.js" defer></script>
   </body>
 </html>
diff --git a/enterprise-support-for-almalinux/index.html b/enterprise-support-for-almalinux/index.html
index 7ccb4f8c..a35158da 100644
--- a/enterprise-support-for-almalinux/index.html
+++ b/enterprise-support-for-almalinux/index.html
@@ -39,7 +39,7 @@
                     })();
                   </script><title>Enterprise Support for AlmaLinux</title><meta name="description" content="">
     <link rel="preload" href="/assets/style-9d49d80e.css" as="style"><link rel="stylesheet" href="/assets/style-9d49d80e.css">
-    <link rel="modulepreload" href="/assets/app-566f9dfe.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-3565e0af.js"><link rel="modulepreload" href="/assets/index.html-dd83167f.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-b5822e8c.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-a217ad23.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
+    <link rel="modulepreload" href="/assets/app-eec13f0a.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-3565e0af.js"><link rel="modulepreload" href="/assets/index.html-dd83167f.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-8a6bcf47.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-04b3e155.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
   </head>
   <body>
     <div id="app"><!--[--><div class="theme-container"><header class="navbar fixed"><div class="navbar-header"><div class="navbar-header__logo-wrapper"><a href="/" class="home-link"><img class="logo" src="/global/logo.svg" alt="logo header"></a><div class="header-layout__search-container header-mobile__hidden"><!----><form id="search-form" class="drawer-header__input"><input value="" id="algolia-search-input" placeholder="Search" class="header-layout__search-default"><div class="header-layout__search-icon-default"><img alt="search icon" src="/global/search.svg"></div></form><div><div class="drawer"><div class="drawer-header"><div class="drawer-header__wrapper"><h2 class="drawer-header__paragraph">How can we help you?</h2><div id="drawerSearch"></div></div><div class="drawer-cross"><img class="drawer-cross__img" src="/global/cross.svg" alt="cross"><p class="drawer-cross__text">close</p></div></div><div class="drawer-tabs__wrapper" data-v-c60e280a><!--[--><!--]--></div><main><div class="drawer-main"><div class="drawer-main__wrapper"><div class="drawer-main__breadcrumb"><!----></div><!--[--><!----><div style="--aa1be2ec:15;"><p class="no_results">What are you searching for?</p></div><!--]--></div></div><!----></main></div><!----></div></div></div><div class="links" style="max-width:nullpx;"><img class="navbar-header__mobile-search" src="/global/search.svg" alt="icon image"><div class="header-products-wrapper"><div class="dropdown"><!----><!----><div class="header-products-container"><img class="header-products-container__img" alt="hamburger menu" src="/global/hamburger-menu.svg"><p class="header-products-wrapper-paragraph">Products</p><img class="products-icon__default" width="10" height="8" src="/arrows/arrow-down.svg" alt="arrow down icon"></div></div></div><!--[--><a target="_blank" class="btn">Ask GPT?</a><a href="https://www.tuxcare.com/support-portal/" target="_blank" class="btn">Submit support request</a><a href="https://features.tuxcare.com/submit-idea/" target="_blank" class="btn">Submit your idea</a><!--]--></div></div><!----></header><!----><div class="page"><!--[--><!--]--><div class="breadcrumb-wrapper page-breadcrumb" data-v-9445381a><span class="breadcrumb-title" data-v-9445381a>Documentation:</span><!--[--><a aria-current="page" href="/enterprise-support-for-almalinux/" class="router-link-active router-link-exact-active breadcrumb" data-v-9445381a>Enterprise Support for AlmaLinux</a><!--]--></div><img class="page-mobile__sidebar-menu" src="/global/sidebar-menu.svg" alt="sidebar hamburger menu"><div class="page-nav-wrapper"><!----></div><div class="content" custom="false"><h1 id="enterprise-support-for-almalinux" tabindex="-1"><a class="header-anchor" href="#enterprise-support-for-almalinux" aria-hidden="true">#</a> <strong>Enterprise Support for AlmaLinux</strong></h1><p>This guide describes <a href="https://tuxcare.com/almalinux-enterprise-support/" target="_blank" rel="noopener noreferrer">Enterprise Support for AlmaLinux</a> and how to set it up on your AlmaLinux system.</p><h2 id="what-is-enterprise-support-for-almalinux" tabindex="-1"><a class="header-anchor" href="#what-is-enterprise-support-for-almalinux" aria-hidden="true">#</a> What is Enterprise Support for AlmaLinux?</h2><p>Enterprise Support for AlmaLinux services provides a TuxCare-vetted repository of AlmaLinux updates with 16 years of support coverage, minimizes vulnerability windows with rebootless security patches and helps to avoid costly upfront support package fees with pay-as-you-go hourly support bundles.</p><p>Available services:</p><ul><li><strong>Essential Support</strong>: TuxCare-vetted repository of AlmaLinux updates with guaranteed uptime, expedited break-and-fix support and up to 16 years of support coverage</li><li><strong>Extended Security Updates</strong> deliver an extension of an additional 4.5 years of security fixes for Critical and High-risk vulnerabilities and FIPS-compliant security patches for select AlmaLinux minor versions</li><li><strong>Live Patching (KernelCare and LibCare)</strong>: automated live patches for the kernel and critical userspace packages with zero downtime</li><li><strong>Enhanced Support</strong>: Enterprise-grade support for AlmaLinux and open-source applications with pay-as-you-go pricing in 5, 10, and 20-hour bundles</li></ul><p>Learn more at <a href="https://tuxcare.com/almalinux-enterprise-support/" target="_blank" rel="noopener noreferrer">https://tuxcare.com/almalinux-enterprise-support/</a></p><h2 id="requirements" tabindex="-1"><a class="header-anchor" href="#requirements" aria-hidden="true">#</a> Requirements</h2><ul><li>AlmaLinux 8 or AlmaLinux 9 operating system</li><li>x86_64 or aarch64 architecture</li><li>Enterprise Support license key (should be obtained from <a href="https://portal.tuxcare.com" target="_blank" rel="noopener noreferrer">portal.tuxcare.com</a>)</li><li>Internet access</li></ul><h2 id="installing-tuxctl" tabindex="-1"><a class="header-anchor" href="#installing-tuxctl" aria-hidden="true">#</a> Installing tuxctl</h2><p>tuxctl is a setup tool for TuxCare’s Enterprise Support for AlmaLinux, which provides access to Essential Support and Live Patching (KernelCare and LibCare), depending on the purchased license. To install tuxctl you need to install the tuxcare-release package first. This package contains the TuxCare repo definitions, TuxCare GPG key and the tuxctl setup tool. Run the following as root:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># dnf install https://repo.tuxcare.com/tuxcare/tuxcare-release-latest-$(rpm --eval %almalinux).noarch.rpm
@@ -57,6 +57,6 @@
 Patch level 1 applied. Effective kernel version 5.14.0-162.12.1.el9_1
 Kernel is safe
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><h2 id="essential-and-enhanced-support" tabindex="-1"><a class="header-anchor" href="#essential-and-enhanced-support" aria-hidden="true">#</a> <strong>Essential and Enhanced Support</strong></h2><h3 id="_1-introduction" tabindex="-1"><a class="header-anchor" href="#_1-introduction" aria-hidden="true">#</a> 1. Introduction</h3><p>In April 2023, TuxCare, a division of CloudLinux Inc., launched Enterprise Support for AlmaLinux, delivering a range of services for AlmaLinux workloads. It provides two levels of support, the essential level, focused on the operating system, and the enhanced support focused on applications. This document defines those services.</p><p><strong>Overview of Services</strong></p><p>There are two levels of support services for AlmaLinux:</p><p><strong>Essential Support</strong> – a limited technical support offering that covers AlmaLinux installation/update issues (packaging, dependencies, repositories), migration issues (from CentOS/OracleLinux/RHEL to AlmaLinux), operating systems bugs/kernel crashes, a self-service portal, as well as an online knowledge base</p><p><strong>Enhanced Support</strong> – an enterprise technical support service covering a range of open-source software running on AlmaLinux, a self-service portal, as well as an online knowledge base.</p><h3 id="_2-definitions" tabindex="-1"><a class="header-anchor" href="#_2-definitions" aria-hidden="true">#</a> 2. Definitions</h3><p><strong>“Customer,” “End User,” “User,” “You/Your”</strong> shall mean an organization which has a valid license to the Product that is supported in accordance with this Program.</p><p><strong>“Customer Technical Lead”</strong> shall mean an employee or authorized contractor of Customer who shall complete required AlmaLinux product training, in order to serve as Customer’s first line of internal support for the purpose of triaging AlmaLinux-related product issues, and who shall have authority to submit Technical Support Incidents and Service Requests to TuxCare Technical Support</p><p><strong>“Incident”</strong> shall mean any event reported by the Customer, which is not part of the standard operation of a Product, and which causes, or may cause an interruption to, or a reduction in, the quality of service provided by the Product.</p><p><strong>“Incident Severity/Urgency”</strong> shall mean a measure of the business criticality of an incident or problem based on the business needs of the Customer. See Appendix 1 for more details.</p><p><strong>“Known Error”</strong> shall mean a Problem that becomes a Known Error when the root cause is known, and a temporary workaround or permanent alternative has been identified.</p><p><strong>“Problem”</strong> shall mean an unknown underlying cause of one or more Incidents. It becomes a Known Error when the root cause is known, and a temporary workaround or permanent alternative has been identified.</p><p><strong>“Product(s)”</strong> shall mean software product(s) of TuxCare, which the Customer has purchased, deployed, and installed in accordance with the terms of a License Agreement between TuxCare and the Customer.</p><p><strong>“Product Error”</strong> shall mean undeclared behaviour of the Product.</p><p><strong>“Response time”</strong> shall mean the elapsed time measured from the moment of any incident receipt until confirmation of receipt by TuxCare to the initiator (via the support system).</p><p><strong>“Service Request”</strong> shall mean a request from a Customer for support, delivery, information, advice, or documentation, which is not related to an incorrect functioning or non-functioning of the Product(s).</p><p><strong>“Upgrade”</strong> shall mean a Product update associated with assigning a new version number.</p><p><strong>“Workaround”</strong> shall mean a procedure that may serve as a temporary solution to an incident.</p><h3 id="_3-service-features" tabindex="-1"><a class="header-anchor" href="#_3-service-features" aria-hidden="true">#</a> 3. Service Features</h3><table><thead><tr><th>Feature</th><th style="text-align:left;">Essential Support</th><th style="text-align:left;">Enhanced Support</th></tr></thead><tbody><tr><td>Support</td><td style="text-align:left;"><ul><li>AlmaLinux installation/update issues (packaging, dependencies, repositories)</li><li>Migration issues (from CentOS/OracleLinux/RHEL to AlmaLinux)</li><li>Operating system bugs / kernel crashes; root cause analysis</li></ul></td><td style="text-align:left;">Coverage, includes the following applications: <ul><li>Apps - Identity / Directory<ul><li>FreeIPA, Bind</li><li>openldap</li></ul></li><li>Apps - Infrastructure<ul><li>Ceph</li><li>Samba</li></ul></li><li>Containers (docker, podman)</li><li>VMs (KVM)</li><li>Apps - Package / Config management:<ul><li>Foreman</li><li>Ansible</li><li>Puppet</li><li>Chef</li></ul></li><li>Apps - Web servers<ul><li>nginx</li><li>apache</li><li>squid</li></ul></li><li>Apps - Data<ul><li>SQL Databases (MariaDB, Postgresql)</li><li>Redis, MySQL, InfluxDB, CouchDB</li></ul></li><li>Apps - Security / Compliance<ul><li>OpenSCAP</li></ul></li><li>Devops Apps:<ul><li>gitlab/git, jenkins, kubernetes</li></ul></li><li>Apps - event streaming<ul><li>Apache Kafka</li><li>Rabbitmq</li></ul></li><li>Operating system migration (e.g, from Oracle to AlmaLinux)</li><li>Operating system upgrades (e.g, from CentOS 7 to AlmaLinux 8)</li><li>Design &amp; Architecture (e.g., review)</li><li>Data storage, backup assistance</li><li>Configuration assistance</li></ul> <em><strong>Outside the scope: code changes or software updates</strong></em></td></tr><tr><td>Incident Support</td><td style="text-align:left;">24/7/365 support through web ticketing system</td><td style="text-align:left;">24/7/365 support through web ticketing system and email</td></tr><tr><td>Allowed Number of Customer Technical Leads</td><td style="text-align:left;">2 per 1000 hosts, with maximum 10</td><td style="text-align:left;">2 per 1000 hosts, with maximum 10</td></tr></tbody></table><h3 id="_4-description-of-support-program" tabindex="-1"><a class="header-anchor" href="#_4-description-of-support-program" aria-hidden="true">#</a> 4. Description of Support Program</h3><h4 id="accessing-technical-support" tabindex="-1"><a class="header-anchor" href="#accessing-technical-support" aria-hidden="true">#</a> Accessing Technical Support</h4><p>TuxCare Technical Support is designed for enterprise clients with trained IT staff which provide initial ‘1st-line’ support to triage incidents. Customer and TuxCare will agree on Customer Technical Leads with the client, who will be entitled to access TuxCare Technical Support services; Customer Technical Leads must complete AlmaLinux training requirements. Customer Technical Leads may submit Technical Support Incidents and Service Requests to:</p><ol><li>Technical Support ticketing system:</li></ol><ul><li>Acceptance of requests 24 hours a day, 365 days a year</li><li>Unlimited number of tickets may be submitted</li><li>Customers will be supplied with instructions describing the use of the ticketing system during onboarding</li><li>User accounts will be created for each nominated user within each client organization</li><li>User accounts will have access to log, view and respond to tickets</li></ul><ol start="2"><li>Email: acceptance of requests 24 hours a day, 365 days a year:</li></ol><ul><li>New tickets may be created by simply emailing the support desk (email address to be provided during onboarding)</li></ul><p>All customers are entitled to access the Support knowledgebase, FAQs, and other self-service tools as may be offered by Enterprise Support for AlmaLinux.</p><h4 id="response-time" tabindex="-1"><a class="header-anchor" href="#response-time" aria-hidden="true">#</a> Response Time</h4><p>When submitting a ticket, Customers will select the appropriate Severity Level, as defined in Appendix A, from a drop-down list; TuxCare reserves the right to change the Severity Level based on available information. TuxCare will use reasonable efforts to respond to support requests within the initial response times described below, based on the Severity Level of the incident.</p><table><thead><tr><th>Severity Level</th><th style="text-align:left;">Essential Support</th><th style="text-align:left;">Enhanced Support</th></tr></thead><tbody><tr><td>1</td><td style="text-align:left;">2 hours</td><td style="text-align:left;">30 minutes</td></tr><tr><td>2</td><td style="text-align:left;">12 hours</td><td style="text-align:left;">2 hours</td></tr><tr><td>3</td><td style="text-align:left;">2 business days</td><td style="text-align:left;">12 hours</td></tr><tr><td>4</td><td style="text-align:left;">5 business days</td><td style="text-align:left;">2 business days</td></tr></tbody></table><h4 id="incident-resolution-cooperation" tabindex="-1"><a class="header-anchor" href="#incident-resolution-cooperation" aria-hidden="true">#</a> Incident Resolution Cooperation</h4><p>Some incidents may require reproduction by TuxCare for the purpose of testing and verifying a product error. Customer agrees to provide TuxCare with all information which may be necessary for reproducing the condition under which the incident will re-occur and could be examined.</p><p>TuxCare will endeavor to reproduce the incident as soon as all the necessary information and software and/or hardware is provided. If the incident could not be reproduced, Customer should grant TuxCare a supervised remote access to the malfunctioning system. If the incident cannot be reproduced by either party, or Customer did not grant access to the network environment where the incident could be reproduced, or if it is detected that the incident’s cause lies beyond the Product, the incident cannot be classified within this Support Program.</p><p>An incident may at any time be either on the Customer’s side (i.e., Customer is taking actions that will promote/expedite the resolution of the issue by TuxCare) or on the AlmaLinux side. An incident is on the Customer’s side when TuxCare engineers request information from the Customer. When Customer provides the requested information to TuxCare, the incident is considered to be on the side of the latter. The period during which the incident may be on the Customer’s side is limited to one calendar week. If the Customer’s response is overdue, the incident is closed by timeout.</p><h3 id="appendices" tabindex="-1"><a class="header-anchor" href="#appendices" aria-hidden="true">#</a> Appendices</h3><h4 id="appendix-a-incident-severity-levels" tabindex="-1"><a class="header-anchor" href="#appendix-a-incident-severity-levels" aria-hidden="true">#</a> Appendix A. Incident Severity Levels</h4><table><thead><tr><th>Level: Descriptor</th><th style="text-align:left;">Criteria/Definition</th></tr></thead><tbody><tr><td>Level 1: Business Standstill</td><td style="text-align:left;">Production and/or mission critical services are down and there is no immediate workaround.<ul><li>All or a majority of your mission critical environment is unavailable or not functioning</li><li>Your business operations are completely disrupted</li><li>Majority / All Critical users affected</li><li>Request from important client/partner (subject to management approval)</li></ul></td></tr><tr><td>Level 2: Major Impact</td><td style="text-align:left;">Major feature or function failure; operations are severely restricted, but a workaround is available.<ul><li>Critical business operations seriously affected</li><li>Direct fiscal impact</li><li>Substantial number of users are affected, or critical group of users are affected that would not allow the business to run normally</li></ul></td></tr><tr><td>Level 3: Minor Impact</td><td style="text-align:left;">Minor feature or function failure; standard business operations can continue, though possibly in a minor restricted manner.<ul><li>No immediate direct fiscal impact</li><li>A temporary workaround may have been provided</li></ul></td></tr><tr><td>Level 4: General Inquiry/Issue</td><td style="text-align:left;">General usage questions or other non-critical inquiries.<ul><li>Small number of users/systems affected</li><li>Documentation issue</li><li>General information request</li><li>Enhancement request</li></ul></td></tr></tbody></table><h4 id="appendix-b-quality-management" tabindex="-1"><a class="header-anchor" href="#appendix-b-quality-management" aria-hidden="true">#</a> Appendix B: Quality management</h4><p><strong>Incident escalation</strong></p><p>Customer may escalate unresolved incidents or reports of dissatisfaction according to the following scheme:</p><table><thead><tr><th>Escalation Level</th><th>1</th><th>2</th><th>3</th></tr></thead><tbody><tr><td>Escalation Path</td><td>Technical Senior Support Engineer</td><td>Specialized Support Team Lead or Manager</td><td>Chief Experience Officer (CXO)</td></tr></tbody></table><p><strong>Provision of reports on open incidents</strong></p><p>During the process of incident resolution, TuxCare will use reasonable effort to promptly provide the Customer with information regarding open incidents’ status, according to the following table.</p><table><thead><tr><th>Severity Level</th><th>Report Schedule (through the web ticketing system)</th></tr></thead><tbody><tr><td>1</td><td>By agreement, but not more often than once a day</td></tr><tr><td>2</td><td>At least once every 3 business days</td></tr><tr><td>3</td><td>At least once every 2 weeks</td></tr><tr><td>4</td><td>Upon customer request</td></tr></tbody></table><p><strong>Limitations of the Support Services</strong></p><p>Technical support covered by any of the TuxCare Support Programs shall not be provided in the following cases:</p><ul><li>Incidents already resolved for the Customer (e.g., an incident that occurred on one installed copy of the Product after the same incident had been resolved for another copy of the Product)</li><li>Troubleshooting of all issues similar or identical to already resolved issues (i.e., the incidents to which a previously produced solution can be applied without additional guidance from TuxCare)</li><li>Incidents caused by Customer’s hardware malfunction</li><li>Incidents caused by software platform incompatibility (including, but not limited to beta software, new versions of service packs or additions, whose compatibility with the Product has not been confirmed by AlmaLinux)</li><li>Incidents caused by installing and running third-party applications (including, but not limited to the list of unsupported or incompatible applications published in the documentation)</li><li>Incidents for which the Customer cannot provide accurate information, as reasonably requested by TuxCare, in order to reproduce, investigate, and resolve the incident</li><li>Incidents which arise as a result of neglect or incorrect use of TuxCare instructions, which, if properly used, would have prevented the Incident</li></ul></div><div class="page-edit"><div class="edit-link"><img src="/global/pen.svg" alt="icon pen"><a href="https://github.com/cloudlinux/tuxcare-documentation/tree/master/docs/enterprise-support-for-almalinux/README.md" target="_blank" rel="noopener noreferrer">Edit this page</a></div></div><div class="back-to-top" data-v-1eb13e00><a class="nav-arrow top back-to-top__link" data-v-1eb13e00><span class="back-to-top__link-span" data-v-1eb13e00>Scroll up</span></a></div><!--[--><!--]--></div><!----><div class="footer footer-default-layout" data-v-0190e83e><div class="footer__img" data-v-0190e83e><a href="https://tuxcare.com" data-v-0190e83e><img src="/global/we-are-cloudlinux.svg" data-v-0190e83e></a></div><div class="footer-company-title" data-v-0190e83e>2023. CloudLinux Inc </div><div class="social" data-v-0190e83e><div class="social_links" data-v-0190e83e><!--[--><a href="https://cloudlinux.zendesk.com/hc/en-us/categories/360002375960-KernelCare" target="_blank" data-v-0190e83e>Knowledge base</a><a href="https://forum.cloudlinux.com/forum/tuxcare" target="_blank" data-v-0190e83e>Forum</a><a href="https://blog.tuxcare.com/" target="_blank" data-v-0190e83e>Blog</a><a href="https://www.cloudlinux.com/privacy-policy/" target="_blank" data-v-0190e83e>Privacy Policy</a><!--]--></div><span class="footer-social-text" data-v-0190e83e>Stay in touch</span><div class="social-icons-wrapper" data-v-0190e83e><!--[--><a class="social-icons-link" href="https://www.facebook.com/tuxcare/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/fb.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://twitter.com/tuxcare_/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/tw.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://linkedin.com/company/tuxcare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/in.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://www.youtube.com/@TuxCare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/ytube.png" alt="footer logo" data-v-0190e83e></a><!--]--></div></div></div></div><!----><!--]--></div>
-    <script type="module" src="/assets/app-566f9dfe.js" defer></script>
+    <script type="module" src="/assets/app-eec13f0a.js" defer></script>
   </body>
 </html>
diff --git a/eportal-api/index.html b/eportal-api/index.html
index 411f35cb..cc97a3df 100644
--- a/eportal-api/index.html
+++ b/eportal-api/index.html
@@ -39,7 +39,7 @@
                     })();
                   </script><title>ePortal API</title><meta name="description" content="">
     <link rel="preload" href="/assets/style-9d49d80e.css" as="style"><link rel="stylesheet" href="/assets/style-9d49d80e.css">
-    <link rel="modulepreload" href="/assets/app-566f9dfe.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-8e531858.js"><link rel="modulepreload" href="/assets/index.html-ae0b2092.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-b5822e8c.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-a217ad23.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
+    <link rel="modulepreload" href="/assets/app-eec13f0a.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-8e531858.js"><link rel="modulepreload" href="/assets/index.html-ae0b2092.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-8a6bcf47.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-04b3e155.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
   </head>
   <body>
     <div id="app"><!--[--><div class="theme-container"><header class="navbar fixed"><div class="navbar-header"><div class="navbar-header__logo-wrapper"><a href="/" class="home-link"><img class="logo" src="/global/logo.svg" alt="logo header"></a><div class="header-layout__search-container header-mobile__hidden"><!----><form id="search-form" class="drawer-header__input"><input value="" id="algolia-search-input" placeholder="Search" class="header-layout__search-default"><div class="header-layout__search-icon-default"><img alt="search icon" src="/global/search.svg"></div></form><div><div class="drawer"><div class="drawer-header"><div class="drawer-header__wrapper"><h2 class="drawer-header__paragraph">How can we help you?</h2><div id="drawerSearch"></div></div><div class="drawer-cross"><img class="drawer-cross__img" src="/global/cross.svg" alt="cross"><p class="drawer-cross__text">close</p></div></div><div class="drawer-tabs__wrapper" data-v-c60e280a><!--[--><!--]--></div><main><div class="drawer-main"><div class="drawer-main__wrapper"><div class="drawer-main__breadcrumb"><!----></div><!--[--><!----><div style="--aa1be2ec:15;"><p class="no_results">What are you searching for?</p></div><!--]--></div></div><!----></main></div><!----></div></div></div><div class="links" style="max-width:nullpx;"><img class="navbar-header__mobile-search" src="/global/search.svg" alt="icon image"><div class="header-products-wrapper"><div class="dropdown"><!----><!----><div class="header-products-container"><img class="header-products-container__img" alt="hamburger menu" src="/global/hamburger-menu.svg"><p class="header-products-wrapper-paragraph">Products</p><img class="products-icon__default" width="10" height="8" src="/arrows/arrow-down.svg" alt="arrow down icon"></div></div></div><!--[--><a target="_blank" class="btn">Ask GPT?</a><a href="https://www.tuxcare.com/support-portal/" target="_blank" class="btn">Submit support request</a><a href="https://features.tuxcare.com/submit-idea/" target="_blank" class="btn">Submit your idea</a><!--]--></div></div><!----></header><!----><div class="page"><!--[--><!--]--><div class="breadcrumb-wrapper page-breadcrumb" data-v-9445381a><span class="breadcrumb-title" data-v-9445381a>Documentation:</span><!--[--><a aria-current="page" href="/eportal-api/" class="router-link-active router-link-exact-active breadcrumb" data-v-9445381a>ePortal API</a><!--]--></div><img class="page-mobile__sidebar-menu" src="/global/sidebar-menu.svg" alt="sidebar hamburger menu"><div class="page-nav-wrapper"><!----></div><div class="content" custom="false"><h1 id="eportal-api" tabindex="-1"><a class="header-anchor" href="#eportal-api" aria-hidden="true">#</a> ePortal API</h1><p>You may need to create a separate ePortal account for API usage with:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>kc.eportal user -a api-user -p &lt;password&gt;
@@ -255,6 +255,6 @@
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div></li><li>Now your plan is ready and can be called directly with:<div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>bolt plan run eportal_puppet:unregister_server -t &lt;TARGETS&gt;
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div></li></ul><p>Ad hoc run example with:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>bolt plan run eportal_puppet::unregister_server -t 192.168.246.110
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>This can be called during machine tear down to properly remove the server from ePortal.</p></div><div class="page-edit"><div class="edit-link"><img src="/global/pen.svg" alt="icon pen"><a href="https://github.com/cloudlinux/tuxcare-documentation/tree/master/docs/eportal-api/README.md" target="_blank" rel="noopener noreferrer">Edit this page</a></div></div><div class="back-to-top" data-v-1eb13e00><a class="nav-arrow top back-to-top__link" data-v-1eb13e00><span class="back-to-top__link-span" data-v-1eb13e00>Scroll up</span></a></div><!--[--><!--]--></div><!----><div class="footer footer-default-layout" data-v-0190e83e><div class="footer__img" data-v-0190e83e><a href="https://tuxcare.com" data-v-0190e83e><img src="/global/we-are-cloudlinux.svg" data-v-0190e83e></a></div><div class="footer-company-title" data-v-0190e83e>2023. CloudLinux Inc </div><div class="social" data-v-0190e83e><div class="social_links" data-v-0190e83e><!--[--><a href="https://cloudlinux.zendesk.com/hc/en-us/categories/360002375960-KernelCare" target="_blank" data-v-0190e83e>Knowledge base</a><a href="https://forum.cloudlinux.com/forum/tuxcare" target="_blank" data-v-0190e83e>Forum</a><a href="https://blog.tuxcare.com/" target="_blank" data-v-0190e83e>Blog</a><a href="https://www.cloudlinux.com/privacy-policy/" target="_blank" data-v-0190e83e>Privacy Policy</a><!--]--></div><span class="footer-social-text" data-v-0190e83e>Stay in touch</span><div class="social-icons-wrapper" data-v-0190e83e><!--[--><a class="social-icons-link" href="https://www.facebook.com/tuxcare/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/fb.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://twitter.com/tuxcare_/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/tw.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://linkedin.com/company/tuxcare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/in.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://www.youtube.com/@TuxCare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/ytube.png" alt="footer logo" data-v-0190e83e></a><!--]--></div></div></div></div><!----><!--]--></div>
-    <script type="module" src="/assets/app-566f9dfe.js" defer></script>
+    <script type="module" src="/assets/app-eec13f0a.js" defer></script>
   </body>
 </html>
diff --git a/eportal/index.html b/eportal/index.html
index 5c973811..b4b9058e 100644
--- a/eportal/index.html
+++ b/eportal/index.html
@@ -39,7 +39,7 @@
                     })();
                   </script><title>ePortal</title><meta name="description" content="">
     <link rel="preload" href="/assets/style-9d49d80e.css" as="style"><link rel="stylesheet" href="/assets/style-9d49d80e.css">
-    <link rel="modulepreload" href="/assets/app-566f9dfe.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-da6a5cef.js"><link rel="modulepreload" href="/assets/sso_eportal-cc19d109.js"><link rel="modulepreload" href="/assets/eportal-qemu-feed-7c9efdb9.js"><link rel="modulepreload" href="/assets/index.html-c138238f.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-b5822e8c.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-a217ad23.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
+    <link rel="modulepreload" href="/assets/app-eec13f0a.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-da6a5cef.js"><link rel="modulepreload" href="/assets/sso_eportal-cc19d109.js"><link rel="modulepreload" href="/assets/eportal-qemu-feed-7c9efdb9.js"><link rel="modulepreload" href="/assets/index.html-c138238f.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-8a6bcf47.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-04b3e155.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
   </head>
   <body>
     <div id="app"><!--[--><div class="theme-container"><header class="navbar fixed"><div class="navbar-header"><div class="navbar-header__logo-wrapper"><a href="/" class="home-link"><img class="logo" src="/global/logo.svg" alt="logo header"></a><div class="header-layout__search-container header-mobile__hidden"><!----><form id="search-form" class="drawer-header__input"><input value="" id="algolia-search-input" placeholder="Search" class="header-layout__search-default"><div class="header-layout__search-icon-default"><img alt="search icon" src="/global/search.svg"></div></form><div><div class="drawer"><div class="drawer-header"><div class="drawer-header__wrapper"><h2 class="drawer-header__paragraph">How can we help you?</h2><div id="drawerSearch"></div></div><div class="drawer-cross"><img class="drawer-cross__img" src="/global/cross.svg" alt="cross"><p class="drawer-cross__text">close</p></div></div><div class="drawer-tabs__wrapper" data-v-c60e280a><!--[--><!--]--></div><main><div class="drawer-main"><div class="drawer-main__wrapper"><div class="drawer-main__breadcrumb"><!----></div><!--[--><!----><div style="--aa1be2ec:15;"><p class="no_results">What are you searching for?</p></div><!--]--></div></div><!----></main></div><!----></div></div></div><div class="links" style="max-width:nullpx;"><img class="navbar-header__mobile-search" src="/global/search.svg" alt="icon image"><div class="header-products-wrapper"><div class="dropdown"><!----><!----><div class="header-products-container"><img class="header-products-container__img" alt="hamburger menu" src="/global/hamburger-menu.svg"><p class="header-products-wrapper-paragraph">Products</p><img class="products-icon__default" width="10" height="8" src="/arrows/arrow-down.svg" alt="arrow down icon"></div></div></div><!--[--><a target="_blank" class="btn">Ask GPT?</a><a href="https://www.tuxcare.com/support-portal/" target="_blank" class="btn">Submit support request</a><a href="https://features.tuxcare.com/submit-idea/" target="_blank" class="btn">Submit your idea</a><!--]--></div></div><!----></header><!----><div class="page"><!--[--><!--]--><div class="breadcrumb-wrapper page-breadcrumb" data-v-9445381a><span class="breadcrumb-title" data-v-9445381a>Documentation:</span><!--[--><a aria-current="page" href="/eportal/" class="router-link-active router-link-exact-active breadcrumb" data-v-9445381a>ePortal</a><!--]--></div><img class="page-mobile__sidebar-menu" src="/global/sidebar-menu.svg" alt="sidebar hamburger menu"><div class="page-nav-wrapper"><!----></div><div class="content" custom="false"><h1 id="eportal" tabindex="-1"><a class="header-anchor" href="#eportal" aria-hidden="true">#</a> ePortal</h1><p>TuxCare ePortal is the web management console dedicated to KernelCare Enterprise live patch management.</p><p>ePortal software can help protect servers located behind the firewall (i.e. with no internet access) and can be installed both on-premises and in the cloud.</p><p><img src="/images/eportal-overview.svg" alt="Overview"></p><h2 id="eportal-hardware-requirements" tabindex="-1"><a class="header-anchor" href="#eportal-hardware-requirements" aria-hidden="true">#</a> ePortal Hardware Requirements</h2><p><strong>Disk</strong></p><ul><li>100 GB minimum, 200 GB recommended (20GB in case of cache mode)</li><li>SSD with at least 100 IOPS</li></ul><div class="tip custom-block"><p class="custom-block-title">Note</p><p>SSD based storage is a crucial requirement for ePortal server.</p></div><p><strong>CPU</strong></p><p>As far as other requirements concerned, we have tested the following configuration and the following number of connected servers:</p><ul><li><p>10k of connected machines is the maximum for the following requirements:</p><ul><li>VM</li><li>1 VCPU</li><li>1 GB RAM</li></ul></li><li><p>75k of connected machines is the maximum for the following requirements:</p><ul><li>Core i5</li><li>1 CPU</li><li>4 GB RAM</li></ul></li></ul><h2 id="installation" tabindex="-1"><a class="header-anchor" href="#installation" aria-hidden="true">#</a> Installation</h2><p>ePortal is compatible with 64-bit versions of EL7/8/9 based distros like CentOS 7/8, AlmaLinux 8/9 and Ubuntu 20.04/22.04.</p><h3 id="rhel-based-distros" tabindex="-1"><a class="header-anchor" href="#rhel-based-distros" aria-hidden="true">#</a> RHEL-based distros</h3><p>For installation and workability of ePortal the Nginx web server is required. We recommend to use stable version from the official Nginx repository:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>cat &gt; /etc/yum.repos.d/nginx.repo &lt;&lt;EOL
@@ -365,6 +365,6 @@
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>Run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>kc.eportal sync-nginx-conf
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>It initializes storage and makes corresponding modifications to nginx config to serve patches from a new place.</p><p>And restart <code>nginx</code> and <code>eportal</code> services to apply changes:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>systemctl restart eportal nginx
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div></div><div class="page-edit"><div class="edit-link"><img src="/global/pen.svg" alt="icon pen"><a href="https://github.com/cloudlinux/tuxcare-documentation/tree/master/docs/eportal/README.md" target="_blank" rel="noopener noreferrer">Edit this page</a></div></div><div class="back-to-top" data-v-1eb13e00><a class="nav-arrow top back-to-top__link" data-v-1eb13e00><span class="back-to-top__link-span" data-v-1eb13e00>Scroll up</span></a></div><!--[--><!--]--></div><!----><div class="footer footer-default-layout" data-v-0190e83e><div class="footer__img" data-v-0190e83e><a href="https://tuxcare.com" data-v-0190e83e><img src="/global/we-are-cloudlinux.svg" data-v-0190e83e></a></div><div class="footer-company-title" data-v-0190e83e>2023. CloudLinux Inc </div><div class="social" data-v-0190e83e><div class="social_links" data-v-0190e83e><!--[--><a href="https://cloudlinux.zendesk.com/hc/en-us/categories/360002375960-KernelCare" target="_blank" data-v-0190e83e>Knowledge base</a><a href="https://forum.cloudlinux.com/forum/tuxcare" target="_blank" data-v-0190e83e>Forum</a><a href="https://blog.tuxcare.com/" target="_blank" data-v-0190e83e>Blog</a><a href="https://www.cloudlinux.com/privacy-policy/" target="_blank" data-v-0190e83e>Privacy Policy</a><!--]--></div><span class="footer-social-text" data-v-0190e83e>Stay in touch</span><div class="social-icons-wrapper" data-v-0190e83e><!--[--><a class="social-icons-link" href="https://www.facebook.com/tuxcare/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/fb.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://twitter.com/tuxcare_/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/tw.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://linkedin.com/company/tuxcare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/in.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://www.youtube.com/@TuxCare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/ytube.png" alt="footer logo" data-v-0190e83e></a><!--]--></div></div></div></div><!----><!--]--></div>
-    <script type="module" src="/assets/app-566f9dfe.js" defer></script>
+    <script type="module" src="/assets/app-eec13f0a.js" defer></script>
   </body>
 </html>
diff --git a/extended-lifecycle-support-for-languages/index.html b/extended-lifecycle-support-for-languages/index.html
index 9b425494..08aeadab 100644
--- a/extended-lifecycle-support-for-languages/index.html
+++ b/extended-lifecycle-support-for-languages/index.html
@@ -39,7 +39,7 @@
                     })();
                   </script><title>Extended Lifecycle Support for Languages</title><meta name="description" content="">
     <link rel="preload" href="/assets/style-9d49d80e.css" as="style"><link rel="stylesheet" href="/assets/style-9d49d80e.css">
-    <link rel="modulepreload" href="/assets/app-566f9dfe.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-6fea13c2.js"><link rel="modulepreload" href="/assets/index.html-3b4a4f38.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-b5822e8c.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-a217ad23.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
+    <link rel="modulepreload" href="/assets/app-eec13f0a.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-6fea13c2.js"><link rel="modulepreload" href="/assets/index.html-3b4a4f38.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-8a6bcf47.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-04b3e155.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
   </head>
   <body>
     <div id="app"><!--[--><div class="theme-container"><header class="navbar fixed"><div class="navbar-header"><div class="navbar-header__logo-wrapper"><a href="/" class="home-link"><img class="logo" src="/global/logo.svg" alt="logo header"></a><div class="header-layout__search-container header-mobile__hidden"><!----><form id="search-form" class="drawer-header__input"><input value="" id="algolia-search-input" placeholder="Search" class="header-layout__search-default"><div class="header-layout__search-icon-default"><img alt="search icon" src="/global/search.svg"></div></form><div><div class="drawer"><div class="drawer-header"><div class="drawer-header__wrapper"><h2 class="drawer-header__paragraph">How can we help you?</h2><div id="drawerSearch"></div></div><div class="drawer-cross"><img class="drawer-cross__img" src="/global/cross.svg" alt="cross"><p class="drawer-cross__text">close</p></div></div><div class="drawer-tabs__wrapper" data-v-c60e280a><!--[--><!--]--></div><main><div class="drawer-main"><div class="drawer-main__wrapper"><div class="drawer-main__breadcrumb"><!----></div><!--[--><!----><div style="--aa1be2ec:15;"><p class="no_results">What are you searching for?</p></div><!--]--></div></div><!----></main></div><!----></div></div></div><div class="links" style="max-width:nullpx;"><img class="navbar-header__mobile-search" src="/global/search.svg" alt="icon image"><div class="header-products-wrapper"><div class="dropdown"><!----><!----><div class="header-products-container"><img class="header-products-container__img" alt="hamburger menu" src="/global/hamburger-menu.svg"><p class="header-products-wrapper-paragraph">Products</p><img class="products-icon__default" width="10" height="8" src="/arrows/arrow-down.svg" alt="arrow down icon"></div></div></div><!--[--><a target="_blank" class="btn">Ask GPT?</a><a href="https://www.tuxcare.com/support-portal/" target="_blank" class="btn">Submit support request</a><a href="https://features.tuxcare.com/submit-idea/" target="_blank" class="btn">Submit your idea</a><!--]--></div></div><!----></header><!----><div class="page"><!--[--><!--]--><div class="breadcrumb-wrapper page-breadcrumb" data-v-9445381a><span class="breadcrumb-title" data-v-9445381a>Documentation:</span><!--[--><a aria-current="page" href="/extended-lifecycle-support-for-languages/" class="router-link-active router-link-exact-active breadcrumb" data-v-9445381a>Extended Lifecycle Support for Languages</a><!--]--></div><img class="page-mobile__sidebar-menu" src="/global/sidebar-menu.svg" alt="sidebar hamburger menu"><div class="page-nav-wrapper"><!----></div><div class="content" custom="false"><h1 id="extended-lifecycle-support-for-languages" tabindex="-1"><a class="header-anchor" href="#extended-lifecycle-support-for-languages" aria-hidden="true">#</a> Extended Lifecycle Support for Languages</h1><h2 id="extended-lifecycle-support-for-php" tabindex="-1"><a class="header-anchor" href="#extended-lifecycle-support-for-php" aria-hidden="true">#</a> Extended Lifecycle Support for PHP</h2><p>Extended Lifecycle Support (ELS) for PHP from TuxCare provides security fixes for PHP versions that have reached their end-of-life. This allows to continue running Linux server vulnerability-free.</p><h3 id="supported-os" tabindex="-1"><a class="header-anchor" href="#supported-os" aria-hidden="true">#</a> Supported OS</h3><p>TuxCare provides Extended Lifecycle Support through four years after the EOL date.</p><table><thead><tr><th style="text-align:center;">OS</th><th style="text-align:center;">Version</th></tr></thead><tbody><tr><td style="text-align:center;">CentOS, CloudLinux, OracleLinux, etc.</td><td style="text-align:center;">6.x 64-bit, 7.x 64-bit, 8.x 64-bit, 9.x 64-bit</td></tr><tr><td style="text-align:center;">AlmaLinux</td><td style="text-align:center;">8.x 64-bit, 9.x 64-bit</td></tr><tr><td style="text-align:center;">Ubuntu</td><td style="text-align:center;">16.04 64-bit, 18.04 64-bit, 20.04 64-bit, 22.04 64-bit</td></tr></tbody></table><h3 id="supported-versions" tabindex="-1"><a class="header-anchor" href="#supported-versions" aria-hidden="true">#</a> Supported versions</h3><p><strong>CentOS, CloudLinux, AlmaLinux, Oracle Linux, etc.:</strong> 5.1, 5.2, 5.3, 5.4, 5.5, 5.6, 7.0, 7.1, 7.2, 7.3, 7.4, 8.0, 8.1, 8.2</p><p><strong>Ubuntu:</strong> 5.6, 7.0, 7.1, 7.2, 7.3, 7.4, 8.0, 8.1, 8.2</p><h3 id="installation-instructions-of-yum-repositories" tabindex="-1"><a class="header-anchor" href="#installation-instructions-of-yum-repositories" aria-hidden="true">#</a> Installation instructions of yum repositories</h3><h4 id="rhel-based-systems" tabindex="-1"><a class="header-anchor" href="#rhel-based-systems" aria-hidden="true">#</a> RHEL based systems</h4><ol><li>Download an installer script:</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>wget https://repo.cloudlinux.com/php-els/install-php-els-repo.sh
@@ -258,6 +258,6 @@
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="2"><li>Download OVAL stream:</li></ol><div class="language-bash line-numbers-mode" data-ext="sh"><pre class="language-bash"><code>wget https://repo.cloudlinux.com/python-els/almalinux9-els-python-oval.xml
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="3"><li>Run scanning:</li></ol><div class="language-bash line-numbers-mode" data-ext="sh"><pre class="language-bash"><code>oscap oval eval --results result.xml --report report.xml almalinux9-els-python-oval.xml
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div></div><div class="page-edit"><div class="edit-link"><img src="/global/pen.svg" alt="icon pen"><a href="https://github.com/cloudlinux/tuxcare-documentation/tree/master/docs/extended-lifecycle-support-for-languages/README.md" target="_blank" rel="noopener noreferrer">Edit this page</a></div></div><div class="back-to-top" data-v-1eb13e00><a class="nav-arrow top back-to-top__link" data-v-1eb13e00><span class="back-to-top__link-span" data-v-1eb13e00>Scroll up</span></a></div><!--[--><!--]--></div><!----><div class="footer footer-default-layout" data-v-0190e83e><div class="footer__img" data-v-0190e83e><a href="https://tuxcare.com" data-v-0190e83e><img src="/global/we-are-cloudlinux.svg" data-v-0190e83e></a></div><div class="footer-company-title" data-v-0190e83e>2023. CloudLinux Inc </div><div class="social" data-v-0190e83e><div class="social_links" data-v-0190e83e><!--[--><a href="https://cloudlinux.zendesk.com/hc/en-us/categories/360002375960-KernelCare" target="_blank" data-v-0190e83e>Knowledge base</a><a href="https://forum.cloudlinux.com/forum/tuxcare" target="_blank" data-v-0190e83e>Forum</a><a href="https://blog.tuxcare.com/" target="_blank" data-v-0190e83e>Blog</a><a href="https://www.cloudlinux.com/privacy-policy/" target="_blank" data-v-0190e83e>Privacy Policy</a><!--]--></div><span class="footer-social-text" data-v-0190e83e>Stay in touch</span><div class="social-icons-wrapper" data-v-0190e83e><!--[--><a class="social-icons-link" href="https://www.facebook.com/tuxcare/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/fb.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://twitter.com/tuxcare_/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/tw.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://linkedin.com/company/tuxcare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/in.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://www.youtube.com/@TuxCare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/ytube.png" alt="footer logo" data-v-0190e83e></a><!--]--></div></div></div></div><!----><!--]--></div>
-    <script type="module" src="/assets/app-566f9dfe.js" defer></script>
+    <script type="module" src="/assets/app-eec13f0a.js" defer></script>
   </body>
 </html>
diff --git a/extended-lifecycle-support/index.html b/extended-lifecycle-support/index.html
index 6b12b5da..ca11d708 100644
--- a/extended-lifecycle-support/index.html
+++ b/extended-lifecycle-support/index.html
@@ -39,7 +39,7 @@
                     })();
                   </script><title>Extended Lifecycle Support</title><meta name="description" content="">
     <link rel="preload" href="/assets/style-9d49d80e.css" as="style"><link rel="stylesheet" href="/assets/style-9d49d80e.css">
-    <link rel="modulepreload" href="/assets/app-566f9dfe.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-2bee62b8.js"><link rel="modulepreload" href="/assets/index.html-998f6864.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-b5822e8c.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-a217ad23.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
+    <link rel="modulepreload" href="/assets/app-eec13f0a.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-998f6864.js"><link rel="modulepreload" href="/assets/index.html-2bee62b8.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-8a6bcf47.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-04b3e155.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
   </head>
   <body>
     <div id="app"><!--[--><div class="theme-container"><header class="navbar fixed"><div class="navbar-header"><div class="navbar-header__logo-wrapper"><a href="/" class="home-link"><img class="logo" src="/global/logo.svg" alt="logo header"></a><div class="header-layout__search-container header-mobile__hidden"><!----><form id="search-form" class="drawer-header__input"><input value="" id="algolia-search-input" placeholder="Search" class="header-layout__search-default"><div class="header-layout__search-icon-default"><img alt="search icon" src="/global/search.svg"></div></form><div><div class="drawer"><div class="drawer-header"><div class="drawer-header__wrapper"><h2 class="drawer-header__paragraph">How can we help you?</h2><div id="drawerSearch"></div></div><div class="drawer-cross"><img class="drawer-cross__img" src="/global/cross.svg" alt="cross"><p class="drawer-cross__text">close</p></div></div><div class="drawer-tabs__wrapper" data-v-c60e280a><!--[--><!--]--></div><main><div class="drawer-main"><div class="drawer-main__wrapper"><div class="drawer-main__breadcrumb"><!----></div><!--[--><!----><div style="--aa1be2ec:15;"><p class="no_results">What are you searching for?</p></div><!--]--></div></div><!----></main></div><!----></div></div></div><div class="links" style="max-width:nullpx;"><img class="navbar-header__mobile-search" src="/global/search.svg" alt="icon image"><div class="header-products-wrapper"><div class="dropdown"><!----><!----><div class="header-products-container"><img class="header-products-container__img" alt="hamburger menu" src="/global/hamburger-menu.svg"><p class="header-products-wrapper-paragraph">Products</p><img class="products-icon__default" width="10" height="8" src="/arrows/arrow-down.svg" alt="arrow down icon"></div></div></div><!--[--><a target="_blank" class="btn">Ask GPT?</a><a href="https://www.tuxcare.com/support-portal/" target="_blank" class="btn">Submit support request</a><a href="https://features.tuxcare.com/submit-idea/" target="_blank" class="btn">Submit your idea</a><!--]--></div></div><!----></header><!----><div class="page"><!--[--><!--]--><div class="breadcrumb-wrapper page-breadcrumb" data-v-9445381a><span class="breadcrumb-title" data-v-9445381a>Documentation:</span><!--[--><a aria-current="page" href="/extended-lifecycle-support/" class="router-link-active router-link-exact-active breadcrumb" data-v-9445381a>Extended Lifecycle Support</a><!--]--></div><img class="page-mobile__sidebar-menu" src="/global/sidebar-menu.svg" alt="sidebar hamburger menu"><div class="page-nav-wrapper"><!----></div><div class="content" custom="false"><h1 id="extended-lifecycle-support" tabindex="-1"><a class="header-anchor" href="#extended-lifecycle-support" aria-hidden="true">#</a> Extended Lifecycle Support</h1><p>TuxCare&#39;s <a href="https://tuxcare.com/extended-lifecycle-support/" target="_blank" rel="noopener noreferrer">Extended Lifecycle Support (ELS)</a> service provides security updates, system enhancement patches, and selected bug fixes for older versions of a variety of Linux distributions, including CentOS 6, Oracle Linux 6, CloudLinux 6, CentOS 7, CentOS 8, Ubuntu 16.04, and Ubuntu 18.04. These distributions have either reached their end of standard support from vendors or have reached End of Life (EOL).</p><p>Our ELS service is designed to provide solutions for organizations that are not yet ready to migrate to newer versions and that are seeking long-term stability for their out-of-date operating systems. The service coverage includes updates for the Linux kernel and a list of essential packages that are integral to server operations.</p><h3 id="vulnerability-coverage" tabindex="-1"><a class="header-anchor" href="#vulnerability-coverage" aria-hidden="true">#</a> Vulnerability coverage</h3><p>TuxCare employs the Common Vulnerability Scoring System (CVSS v3) to assess the severity of security vulnerabilities. Our severity rating system for patching vulnerabilities integrates both NVD scoring and vendor scoring (when available). When the vendor&#39;s score is lower than the NVD score, we give priority to the NVD score.</p><p>TuxCare Extended Lifecycle Support, by default, provides security patches for High and Critical vulnerabilities (with a 7+ CVSS score). For vulnerabilities rated as Medium (4.0 to 6.9), and/or when patches are required for FIPS-certified deployments, custom coverage options are available. Specific details regarding these coverage options and their pricing can be obtained by contacting our sales team.</p><h3 id="target-response-times" tabindex="-1"><a class="header-anchor" href="#target-response-times" aria-hidden="true">#</a> Target response times</h3><p>Aligning with many industry standards and regulatory requirements, TuxCare is committed to delivering timely security updates. For instance, the Payment Card Industry Data Security Standard (PCI DSS) mandates that all &#39;High&#39; vulnerabilities (CVSS score of 7.0+) must be addressed within 30 days. Other regulations and standards, such as the Health Insurance Portability and Accountability Act (HIPAA) for healthcare or the Federal Information Security Management Act (FISMA) for government agencies, uphold similar requirements.</p><p>We aim to deliver security patches for critical and high-risk vulnerabilities (CVSS 7+) within 14 days from when the vulnerabilities become publicly disclosed. This rapid response time significantly reduces the window of opportunity for potential attackers and meets most security regulation requirements.</p><h3 id="duration-of-support" tabindex="-1"><a class="header-anchor" href="#duration-of-support" aria-hidden="true">#</a> Duration of support</h3><p>TuxCare provides Extended Lifecycle Support (ELS) for up to four years (except for CentOS 7 which is supported for up to five years). This support is offered after the Linux distribution has reached its End of Life (EOL) or no longer receives standard support.</p><table><thead><tr><th><strong>Distribution</strong></th><th><strong>EOL</strong></th><th><strong>ELS</strong></th></tr></thead><tbody><tr><td>CentOS 6</td><td>November 2020</td><td>November 2024</td></tr><tr><td>CentOS 7</td><td>June 2024</td><td>June 2029</td></tr><tr><td>CentOS 8</td><td>January 2022</td><td>January 2026</td></tr><tr><td>Oracle Linux 6</td><td>December 2020</td><td>December 2024</td></tr><tr><td>Ubuntu 16.04</td><td>April 2021</td><td>April 2025</td></tr><tr><td>Ubuntu 18.04</td><td>April 2023</td><td>April 2027</td></tr></tbody></table><h3 id="supported-packages" tabindex="-1"><a class="header-anchor" href="#supported-packages" aria-hidden="true">#</a> Supported packages</h3><p>TuxCare&#39;s Extended Lifecycle Support provides updates for a comprehensive list of packages integral to server operations (100+ packages), providing maximum security for your operating system. You can view the full list of supported packages for each operating system, as well as get detailed information on the patched Common Vulnerabilities and Exposures (CVEs), <a href="https://cve.tuxcare.com/els/projects" target="_blank" rel="noopener noreferrer">here</a>. Support for additional packages can be provided on request.</p><h3 id="errata-advisories" tabindex="-1"><a class="header-anchor" href="#errata-advisories" aria-hidden="true">#</a> Errata advisories</h3><p>TuxCare Extended Lifecycle Support provides qualified security and selected bug-fix errata advisories across all architectures. They can help users track which CVEs are resolved and which bugs have been addressed. You can view the full list of released advisories <a href="https://cve.tuxcare.com/els/releases" target="_blank" rel="noopener noreferrer">here</a>.</p><h3 id="oval-patch-definitions" tabindex="-1"><a class="header-anchor" href="#oval-patch-definitions" aria-hidden="true">#</a> OVAL patch definitions</h3><p>Leveraging the <a aria-current="page" href="/extended-lifecycle-support/#oval-data" class="router-link-active router-link-exact-active">Open Vulnerability and Assessment Language (OVAL)</a> patch definitions with OVAL-compatible tools, e.g. OpenSCAP, users can accurately check their systems for the presence of vulnerabilities.</p><h3 id="connection-to-els-repository" tabindex="-1"><a class="header-anchor" href="#connection-to-els-repository" aria-hidden="true">#</a> Connection to ELS repository</h3><p>To install the Extended Lifecycle Support repository on a server, you just need to download an installer script and run the script with a key. The installation script will register the server in the CLN with the key, add a PGP key to the server, and create the ELS repository.</p><p>In order to use Extended Lifecycle Support, you will need to open TCP port 443 to the following destinations:</p><ul><li><a href="http://cln.cloudlinux.com" target="_blank" rel="noopener noreferrer">cln.cloudlinux.com</a></li><li><a href="http://repo.cloudlinux.com" target="_blank" rel="noopener noreferrer">repo.cloudlinux.com</a></li></ul><h3 id="technical-support" tabindex="-1"><a class="header-anchor" href="#technical-support" aria-hidden="true">#</a> Technical Support</h3><p>All TuxCare products include technical support provided according to the <a href="https://tuxcare.com/TuxCare-support-policy.pdf" target="_blank" rel="noopener noreferrer">support policy</a>. It delivers 24/7/365 access to our engineers through the TuxCare Support Portal <a href="https://tuxcare.com/support-portal/" target="_blank" rel="noopener noreferrer">https://tuxcare.com/support-portal/</a> and to our online knowledge base.</p><h2 id="installation-instructions-of-yum-repositories" tabindex="-1"><a class="header-anchor" href="#installation-instructions-of-yum-repositories" aria-hidden="true">#</a> Installation instructions of yum repositories</h2><h3 id="centos-6-els" tabindex="-1"><a class="header-anchor" href="#centos-6-els" aria-hidden="true">#</a> CentOS 6 ELS</h3><ol><li>Download an installer script:</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>wget https://repo.cloudlinux.com/centos6-els/install-centos6-els-repo.sh
@@ -182,6 +182,6 @@
 # rm /etc/yum.repos.d/centos6-els.repo
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="2"><li>Remove the <code>els-define</code> package:</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># yum remove els-define
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div></div><div class="page-edit"><div class="edit-link"><img src="/global/pen.svg" alt="icon pen"><a href="https://github.com/cloudlinux/tuxcare-documentation/tree/master/docs/extended-lifecycle-support/README.md" target="_blank" rel="noopener noreferrer">Edit this page</a></div></div><div class="back-to-top" data-v-1eb13e00><a class="nav-arrow top back-to-top__link" data-v-1eb13e00><span class="back-to-top__link-span" data-v-1eb13e00>Scroll up</span></a></div><!--[--><!--]--></div><!----><div class="footer footer-default-layout" data-v-0190e83e><div class="footer__img" data-v-0190e83e><a href="https://tuxcare.com" data-v-0190e83e><img src="/global/we-are-cloudlinux.svg" data-v-0190e83e></a></div><div class="footer-company-title" data-v-0190e83e>2023. CloudLinux Inc </div><div class="social" data-v-0190e83e><div class="social_links" data-v-0190e83e><!--[--><a href="https://cloudlinux.zendesk.com/hc/en-us/categories/360002375960-KernelCare" target="_blank" data-v-0190e83e>Knowledge base</a><a href="https://forum.cloudlinux.com/forum/tuxcare" target="_blank" data-v-0190e83e>Forum</a><a href="https://blog.tuxcare.com/" target="_blank" data-v-0190e83e>Blog</a><a href="https://www.cloudlinux.com/privacy-policy/" target="_blank" data-v-0190e83e>Privacy Policy</a><!--]--></div><span class="footer-social-text" data-v-0190e83e>Stay in touch</span><div class="social-icons-wrapper" data-v-0190e83e><!--[--><a class="social-icons-link" href="https://www.facebook.com/tuxcare/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/fb.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://twitter.com/tuxcare_/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/tw.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://linkedin.com/company/tuxcare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/in.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://www.youtube.com/@TuxCare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/ytube.png" alt="footer logo" data-v-0190e83e></a><!--]--></div></div></div></div><!----><!--]--></div>
-    <script type="module" src="/assets/app-566f9dfe.js" defer></script>
+    <script type="module" src="/assets/app-eec13f0a.js" defer></script>
   </body>
 </html>
diff --git a/index.html b/index.html
index 05475bbd..5cdb216c 100644
--- a/index.html
+++ b/index.html
@@ -39,10 +39,10 @@
                     })();
                   </script><title></title><meta name="description" content="">
     <link rel="preload" href="/assets/style-9d49d80e.css" as="style"><link rel="stylesheet" href="/assets/style-9d49d80e.css">
-    <link rel="modulepreload" href="/assets/app-566f9dfe.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-84b523eb.js"><link rel="modulepreload" href="/assets/index.html-e8171bcc.js"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-b5822e8c.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-a217ad23.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
+    <link rel="modulepreload" href="/assets/app-eec13f0a.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-5be4a58a.js"><link rel="modulepreload" href="/assets/index.html-e8171bcc.js"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-8a6bcf47.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-04b3e155.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
   </head>
   <body>
     <div id="app"><!--[--><div class="theme-container"><header class="navbar"><div class="navbar-header"><div class="navbar-header__logo-wrapper"><a aria-current="page" href="/" class="router-link-active router-link-exact-active home-link"><img class="logo" src="/global/logo.svg" alt="logo header"></a><!----></div><div class="links" style="max-width:nullpx;"><img class="navbar-header__mobile-search" src="/global/search.svg" alt="icon image"><div class="header-products-wrapper"><div class="dropdown"><!----><!----><div class="header-products-container"><img class="header-products-container__img" alt="hamburger menu" src="/global/hamburger-menu.svg"><p class="header-products-wrapper-paragraph">Products</p><img class="products-icon__default" width="10" height="8" src="/arrows/arrow-down.svg" alt="arrow down icon"></div></div></div><!--[--><a target="_blank" class="btn">Ask GPT?</a><a href="https://www.tuxcare.com/support-portal/" target="_blank" class="btn">Submit support request</a><a href="https://features.tuxcare.com/submit-idea/" target="_blank" class="btn">Submit your idea</a><!--]--></div></div><div class="header-layout__search-container"><h1 class="header-layout__search-title">TuxCare Product Documentation</h1><form id="search-form" class="drawer-header__input"><input value="" id="algolia-search-input" placeholder="Search across the TuxCare product documentation" class="header-layout__search"><div class="header-layout__search-icon"><img alt="search icon" src="/global/header-search.svg"></div></form><div><div class="drawer"><div class="drawer-header"><div class="drawer-header__wrapper"><h2 class="drawer-header__paragraph">How can we help you?</h2><div id="drawerSearch"></div></div><div class="drawer-cross"><img class="drawer-cross__img" src="/global/cross.svg" alt="cross"><p class="drawer-cross__text">close</p></div></div><div class="drawer-tabs__wrapper" data-v-c60e280a><!--[--><!--]--></div><main><div class="drawer-main"><div class="drawer-main__wrapper"><div class="drawer-main__breadcrumb"><!----></div><!--[--><!----><div style="--aa1be2ec:15;"><p class="no_results">What are you searching for?</p></div><!--]--></div></div><!----></main></div><!----></div></div></header><div class="docs-cards-wrapper"><!--[--><div class="docs-card-container"><div class="docs-card-container__header"><img width="20" height="20" src="/collections-bookmark.svg" alt="document icon"><p class="docs-card-container__header-paragraph">TuxCare</p></div><div class="docs-card-container__main"><p class="docs-card-container__main-paragraph">services automate, simplify, and enhance Linux operations, giving organizations more flexibility in managing Linux distro choices and versions, significant maintenance cost reductions, and greatly enhanced security and compliance postures.</p></div><div class="docs-card-container__footer"><button class="docs-card-container__footer-btn">View Documentation</button></div></div><div class="docs-card-container"><div class="docs-card-container__header"><img width="20" height="20" src="/collections-bookmark.svg" alt="document icon"><p class="docs-card-container__header-paragraph">Enterprise Support for AlmaLinux</p></div><div class="docs-card-container__main"><p class="docs-card-container__main-paragraph">provides a TuxCare-vetted repository of AlmaLinux updates with 16 years of support coverage, delivers an extension of an additional 4.5 years of security fixes for Critical and High-risk vulnerabilities and FIPS-compliant security patches for select AlmaLinux minor versions, minimizes vulnerability windows with rebootless security patches and helps to avoid costly upfront support package fees with pay-as-you-go hourly support bundles.</p></div><div class="docs-card-container__footer"><button class="docs-card-container__footer-btn">View Documentation</button></div></div><div class="docs-card-container"><div class="docs-card-container__header"><img width="20" height="20" src="/collections-bookmark.svg" alt="document icon"><p class="docs-card-container__header-paragraph">KernelCare Enterprise</p></div><div class="docs-card-container__main"><p class="docs-card-container__main-paragraph">is a live kernel patching service that provides security patches and bugfixes for a range of popular Linux kernels that can be installed without rebooting the system.</p></div><div class="docs-card-container__footer"><button class="docs-card-container__footer-btn">View Documentation</button></div></div><div class="docs-card-container"><div class="docs-card-container__header"><img width="20" height="20" src="/collections-bookmark.svg" alt="document icon"><p class="docs-card-container__header-paragraph">KernelCare for IOT</p></div><div class="docs-card-container__main"><p class="docs-card-container__main-paragraph">provides live security patching for ARM64-based embedded systems for enterprise IoT users and original equipment manufacturers.</p></div><div class="docs-card-container__footer"><button class="docs-card-container__footer-btn">View Documentation</button></div></div><div class="docs-card-container"><div class="docs-card-container__header"><img width="20" height="20" src="/collections-bookmark.svg" alt="document icon"><p class="docs-card-container__header-paragraph">ePortal</p></div><div class="docs-card-container__main"><p class="docs-card-container__main-paragraph">TuxCare ePortal is the web management console dedicated to KernelCare Enterprise live patch management.</p></div><div class="docs-card-container__footer"><button class="docs-card-container__footer-btn">View Documentation</button></div></div><div class="docs-card-container"><div class="docs-card-container__header"><img width="20" height="20" src="/collections-bookmark.svg" alt="document icon"><p class="docs-card-container__header-paragraph">ePortal API</p></div><div class="docs-card-container__main"><p class="docs-card-container__main-paragraph">is a complete API for everyday use.</p></div><div class="docs-card-container__footer"><button class="docs-card-container__footer-btn">View Documentation</button></div></div><div class="docs-card-container"><div class="docs-card-container__header"><img width="20" height="20" src="/collections-bookmark.svg" alt="document icon"><p class="docs-card-container__header-paragraph">Extended Lifecycle Support</p></div><div class="docs-card-container__main"><p class="docs-card-container__main-paragraph">allows you to continue running your Linux server after the operating system’s end of life.</p></div><div class="docs-card-container__footer"><button class="docs-card-container__footer-btn">View Documentation</button></div></div><div class="docs-card-container"><div class="docs-card-container__header"><img width="20" height="20" src="/collections-bookmark.svg" alt="document icon"><p class="docs-card-container__header-paragraph">Extended Lifecycle Support for Languages</p></div><div class="docs-card-container__main"><p class="docs-card-container__main-paragraph">provides security fixes for PHP and Python versions that have reached their end-of-life which allows to continue running Linux server vulnerability-free.</p></div><div class="docs-card-container__footer"><button class="docs-card-container__footer-btn">View Documentation</button></div></div><div class="docs-card-container"><div class="docs-card-container__header"><img width="20" height="20" src="/collections-bookmark.svg" alt="document icon"><p class="docs-card-container__header-paragraph">Subscription Management Portal</p></div><div class="docs-card-container__main"><p class="docs-card-container__main-paragraph">The TuxCare subscription management portal is designed to easily manage your licenses of TuxCare products and services by means of a user-friendly interface.</p></div><div class="docs-card-container__footer"><button class="docs-card-container__footer-btn">View Documentation</button></div></div><div class="docs-card-container"><div class="docs-card-container__header"><img width="20" height="20" src="/collections-bookmark.svg" alt="document icon"><p class="docs-card-container__header-paragraph">Service Descriptions</p></div><div class="docs-card-container__main"><p class="docs-card-container__main-paragraph">AlmaCare service description</p></div><div class="docs-card-container__footer"><button class="docs-card-container__footer-btn">View Documentation</button></div></div><!--]--></div><div class="footer" data-v-0190e83e><div class="footer__img" data-v-0190e83e><a href="https://tuxcare.com" data-v-0190e83e><img src="/global/we-are-cloudlinux.svg" data-v-0190e83e></a></div><div class="footer-company-title" data-v-0190e83e>2023. CloudLinux Inc </div><div class="social" data-v-0190e83e><div class="social_links" data-v-0190e83e><!--[--><a href="https://cloudlinux.zendesk.com/hc/en-us/categories/360002375960-KernelCare" target="_blank" data-v-0190e83e>Knowledge base</a><a href="https://forum.cloudlinux.com/forum/tuxcare" target="_blank" data-v-0190e83e>Forum</a><a href="https://blog.tuxcare.com/" target="_blank" data-v-0190e83e>Blog</a><a href="https://www.cloudlinux.com/privacy-policy/" target="_blank" data-v-0190e83e>Privacy Policy</a><!--]--></div><span class="footer-social-text" data-v-0190e83e>Stay in touch</span><div class="social-icons-wrapper" data-v-0190e83e><!--[--><a class="social-icons-link" href="https://www.facebook.com/tuxcare/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/fb.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://twitter.com/tuxcare_/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/tw.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://linkedin.com/company/tuxcare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/in.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://www.youtube.com/@TuxCare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/ytube.png" alt="footer logo" data-v-0190e83e></a><!--]--></div></div></div></div><!----><!--]--></div>
-    <script type="module" src="/assets/app-566f9dfe.js" defer></script>
+    <script type="module" src="/assets/app-eec13f0a.js" defer></script>
   </body>
 </html>
diff --git a/jp/eportal-api/index.html b/jp/eportal-api/index.html
index bb6c4f51..cb72e92d 100644
--- a/jp/eportal-api/index.html
+++ b/jp/eportal-api/index.html
@@ -39,7 +39,7 @@
                     })();
                   </script><title>ePortal API</title><meta name="description" content="">
     <link rel="preload" href="/assets/style-9d49d80e.css" as="style"><link rel="stylesheet" href="/assets/style-9d49d80e.css">
-    <link rel="modulepreload" href="/assets/app-566f9dfe.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-1738772c.js"><link rel="modulepreload" href="/assets/index.html-bfb306f5.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-b5822e8c.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-a217ad23.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
+    <link rel="modulepreload" href="/assets/app-eec13f0a.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-1738772c.js"><link rel="modulepreload" href="/assets/index.html-bfb306f5.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-8a6bcf47.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-04b3e155.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
   </head>
   <body>
     <div id="app"><!--[--><div class="theme-container"><header class="navbar fixed"><div class="navbar-header"><div class="navbar-header__logo-wrapper"><a href="/" class="home-link"><img class="logo" src="/global/logo.svg" alt="logo header"></a><div class="header-layout__search-container header-mobile__hidden"><!----><form id="search-form" class="drawer-header__input"><input value="" id="algolia-search-input" placeholder="Search" class="header-layout__search-default"><div class="header-layout__search-icon-default"><img alt="search icon" src="/global/search.svg"></div></form><div><div class="drawer"><div class="drawer-header"><div class="drawer-header__wrapper"><h2 class="drawer-header__paragraph">How can we help you?</h2><div id="drawerSearch"></div></div><div class="drawer-cross"><img class="drawer-cross__img" src="/global/cross.svg" alt="cross"><p class="drawer-cross__text">close</p></div></div><div class="drawer-tabs__wrapper" data-v-c60e280a><!--[--><!--]--></div><main><div class="drawer-main"><div class="drawer-main__wrapper"><div class="drawer-main__breadcrumb"><!----></div><!--[--><!----><div style="--aa1be2ec:15;"><p class="no_results">What are you searching for?</p></div><!--]--></div></div><!----></main></div><!----></div></div></div><div class="links" style="max-width:nullpx;"><img class="navbar-header__mobile-search" src="/global/search.svg" alt="icon image"><div class="header-products-wrapper"><div class="dropdown"><!----><!----><div class="header-products-container"><img class="header-products-container__img" alt="hamburger menu" src="/global/hamburger-menu.svg"><p class="header-products-wrapper-paragraph">Products</p><img class="products-icon__default" width="10" height="8" src="/arrows/arrow-down.svg" alt="arrow down icon"></div></div></div><!--[--><a target="_blank" class="btn">Ask GPT?</a><a href="https://www.tuxcare.com/support-portal/" target="_blank" class="btn">Submit support request</a><a href="https://features.tuxcare.com/submit-idea/" target="_blank" class="btn">Submit your idea</a><!--]--></div></div><!----></header><!----><div class="page"><!--[--><!--]--><div class="breadcrumb-wrapper page-breadcrumb" data-v-9445381a><span class="breadcrumb-title" data-v-9445381a>Documentation:</span><!--[--><a aria-current="page" href="/jp/eportal-api/" class="router-link-active router-link-exact-active breadcrumb" data-v-9445381a>ePortal API</a><!--]--></div><img class="page-mobile__sidebar-menu" src="/global/sidebar-menu.svg" alt="sidebar hamburger menu"><div class="page-nav-wrapper"><!----></div><div class="content" custom="false"><h1 id="eportal-api" tabindex="-1"><a class="header-anchor" href="#eportal-api" aria-hidden="true">#</a> ePortal API</h1><p>以下のコマンドで、API使用のための別のePortalアカウントを作成する必要がある場合があります。</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>kc.eportal user -a api-user -p &lt;password&gt;
@@ -239,6 +239,6 @@
 }
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p><strong>例：</strong></p><p>mainフィードとtest-feedフィードで、libcareパッチセット<code>U20200506_01</code>を有効にします。</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>curl -X POST -u admin &#39;https://eportal.corp.com/admin/api/patchsets/manage?patchset=U20200506_01&amp;feed=main&amp;feed=test-feed&amp;product=user&amp;action=enable&#39;
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div></div><div class="page-edit"><div class="edit-link"><img src="/global/pen.svg" alt="icon pen"><a href="https://github.com/cloudlinux/tuxcare-documentation/tree/master/docs/jp/eportal-api/README.md" target="_blank" rel="noopener noreferrer">Edit this page</a></div></div><div class="back-to-top" data-v-1eb13e00><a class="nav-arrow top back-to-top__link" data-v-1eb13e00><span class="back-to-top__link-span" data-v-1eb13e00>Scroll up</span></a></div><!--[--><!--]--></div><!----><div class="footer footer-default-layout" data-v-0190e83e><div class="footer__img" data-v-0190e83e><a href="https://tuxcare.com" data-v-0190e83e><img src="/global/we-are-cloudlinux.svg" data-v-0190e83e></a></div><div class="footer-company-title" data-v-0190e83e>2023. CloudLinux Inc </div><div class="social" data-v-0190e83e><div class="social_links" data-v-0190e83e><!--[--><a href="https://cloudlinux.zendesk.com/hc/en-us/categories/360002375960-KernelCare" target="_blank" data-v-0190e83e>Knowledge base</a><a href="https://forum.cloudlinux.com/forum/tuxcare" target="_blank" data-v-0190e83e>Forum</a><a href="https://blog.tuxcare.com/" target="_blank" data-v-0190e83e>Blog</a><a href="https://www.cloudlinux.com/privacy-policy/" target="_blank" data-v-0190e83e>Privacy Policy</a><!--]--></div><span class="footer-social-text" data-v-0190e83e>Stay in touch</span><div class="social-icons-wrapper" data-v-0190e83e><!--[--><a class="social-icons-link" href="https://www.facebook.com/tuxcare/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/fb.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://twitter.com/tuxcare_/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/tw.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://linkedin.com/company/tuxcare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/in.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://www.youtube.com/@TuxCare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/ytube.png" alt="footer logo" data-v-0190e83e></a><!--]--></div></div></div></div><!----><!--]--></div>
-    <script type="module" src="/assets/app-566f9dfe.js" defer></script>
+    <script type="module" src="/assets/app-eec13f0a.js" defer></script>
   </body>
 </html>
diff --git a/jp/eportal/index.html b/jp/eportal/index.html
index 267eb1d6..f37ba9ac 100644
--- a/jp/eportal/index.html
+++ b/jp/eportal/index.html
@@ -39,7 +39,7 @@
                     })();
                   </script><title>ePortal</title><meta name="description" content="">
     <link rel="preload" href="/assets/style-9d49d80e.css" as="style"><link rel="stylesheet" href="/assets/style-9d49d80e.css">
-    <link rel="modulepreload" href="/assets/app-566f9dfe.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-527a5e84.js"><link rel="modulepreload" href="/assets/sso_eportal-cc19d109.js"><link rel="modulepreload" href="/assets/eportal-qemu-feed-7c9efdb9.js"><link rel="modulepreload" href="/assets/index.html-71fb4d10.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-b5822e8c.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-a217ad23.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
+    <link rel="modulepreload" href="/assets/app-eec13f0a.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-71fb4d10.js"><link rel="modulepreload" href="/assets/index.html-527a5e84.js"><link rel="modulepreload" href="/assets/sso_eportal-cc19d109.js"><link rel="modulepreload" href="/assets/eportal-qemu-feed-7c9efdb9.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-8a6bcf47.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-04b3e155.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
   </head>
   <body>
     <div id="app"><!--[--><div class="theme-container"><header class="navbar fixed"><div class="navbar-header"><div class="navbar-header__logo-wrapper"><a href="/" class="home-link"><img class="logo" src="/global/logo.svg" alt="logo header"></a><div class="header-layout__search-container header-mobile__hidden"><!----><form id="search-form" class="drawer-header__input"><input value="" id="algolia-search-input" placeholder="Search" class="header-layout__search-default"><div class="header-layout__search-icon-default"><img alt="search icon" src="/global/search.svg"></div></form><div><div class="drawer"><div class="drawer-header"><div class="drawer-header__wrapper"><h2 class="drawer-header__paragraph">How can we help you?</h2><div id="drawerSearch"></div></div><div class="drawer-cross"><img class="drawer-cross__img" src="/global/cross.svg" alt="cross"><p class="drawer-cross__text">close</p></div></div><div class="drawer-tabs__wrapper" data-v-c60e280a><!--[--><!--]--></div><main><div class="drawer-main"><div class="drawer-main__wrapper"><div class="drawer-main__breadcrumb"><!----></div><!--[--><!----><div style="--aa1be2ec:15;"><p class="no_results">What are you searching for?</p></div><!--]--></div></div><!----></main></div><!----></div></div></div><div class="links" style="max-width:nullpx;"><img class="navbar-header__mobile-search" src="/global/search.svg" alt="icon image"><div class="header-products-wrapper"><div class="dropdown"><!----><!----><div class="header-products-container"><img class="header-products-container__img" alt="hamburger menu" src="/global/hamburger-menu.svg"><p class="header-products-wrapper-paragraph">Products</p><img class="products-icon__default" width="10" height="8" src="/arrows/arrow-down.svg" alt="arrow down icon"></div></div></div><!--[--><a target="_blank" class="btn">Ask GPT?</a><a href="https://www.tuxcare.com/support-portal/" target="_blank" class="btn">Submit support request</a><a href="https://features.tuxcare.com/submit-idea/" target="_blank" class="btn">Submit your idea</a><!--]--></div></div><!----></header><!----><div class="page"><!--[--><!--]--><div class="breadcrumb-wrapper page-breadcrumb" data-v-9445381a><span class="breadcrumb-title" data-v-9445381a>Documentation:</span><!--[--><a aria-current="page" href="/jp/eportal/" class="router-link-active router-link-exact-active breadcrumb" data-v-9445381a>ePortal</a><!--]--></div><img class="page-mobile__sidebar-menu" src="/global/sidebar-menu.svg" alt="sidebar hamburger menu"><div class="page-nav-wrapper"><!----></div><div class="content" custom="false"><h1 id="eportal" tabindex="-1"><a class="header-anchor" href="#eportal" aria-hidden="true">#</a> ePortal</h1><p>TuxCare ePortalは、KernelCare Enterpriseライブ パッチ管理専用のWeb管理コンソールです。</p><p>ePortalソフトウェアは、ファイアウォールの内側にある（つまり、インターネットにアクセスできない）サーバーを保護するのに役立ちます。また、オンプレミスにもクラウドにもインストールできます。</p><p><img src="/images/eportal-overview.svg" alt="Overview"></p><h2 id="eportalハードウェア要件" tabindex="-1"><a class="header-anchor" href="#eportalハードウェア要件" aria-hidden="true">#</a> ePortalハードウェア要件</h2><p><strong>ディスク</strong></p><ul><li>最小100 GB、推奨200 GB（キャッシュモードの場合は、20 GB）</li><li>100 IOPS以上のSSD</li></ul><div class="tip custom-block"><p class="custom-block-title">注</p><p>SSDベースのストレージは、ePortalサーバーに必須の要件です。</p></div><p><strong>CPU</strong></p><p>その他の要件に関して、以下の構成と接続サーバー数をテストしました。</p><ul><li><p>以下の要件では、最大接続マシン数は10kです。</p><ul><li>VM</li><li>1 vCPU</li><li>1 GB RAM</li></ul></li><li><p>以下の要件では、最大接続マシン数は75kです。</p><ul><li>Core i5</li><li>1 CPU</li><li>4 GB RAM</li></ul></li></ul><h2 id="インストール" tabindex="-1"><a class="header-anchor" href="#インストール" aria-hidden="true">#</a> インストール</h2><p>ePortalは、CentOS 7/8、AlmaLinux 8、Ubuntu 20.04/22.04などのEL7/8ベースのディストリビューションの64bit版と互換性があります。</p><h3 id="rhelベースのディストリビューション" tabindex="-1"><a class="header-anchor" href="#rhelベースのディストリビューション" aria-hidden="true">#</a> RHELベースのディストリビューション</h3><p>ePortalをインストールして実行するには、NginxのWebサーバーが必要です。Nginxの公式リポジトリからインストールした安定版を使用することをお勧めします。</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>cat &gt; /etc/yum.repos.d/nginx.repo &lt;&lt;EOL
@@ -358,6 +358,6 @@
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>以下を実行します。</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>kc.eportal sync-nginx-conf
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>ストレージが初期化され、新しい場所からパッチが提供されるように、nginx構成ファイルに対応する変更が行われます。</p><p><code>nginx</code>と<code>ePortal</code>サービスを再起動して、変更を適用します。</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>systemctl restart eportal nginx
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div></div><div class="page-edit"><div class="edit-link"><img src="/global/pen.svg" alt="icon pen"><a href="https://github.com/cloudlinux/tuxcare-documentation/tree/master/docs/jp/eportal/README.md" target="_blank" rel="noopener noreferrer">Edit this page</a></div></div><div class="back-to-top" data-v-1eb13e00><a class="nav-arrow top back-to-top__link" data-v-1eb13e00><span class="back-to-top__link-span" data-v-1eb13e00>Scroll up</span></a></div><!--[--><!--]--></div><!----><div class="footer footer-default-layout" data-v-0190e83e><div class="footer__img" data-v-0190e83e><a href="https://tuxcare.com" data-v-0190e83e><img src="/global/we-are-cloudlinux.svg" data-v-0190e83e></a></div><div class="footer-company-title" data-v-0190e83e>2023. CloudLinux Inc </div><div class="social" data-v-0190e83e><div class="social_links" data-v-0190e83e><!--[--><a href="https://cloudlinux.zendesk.com/hc/en-us/categories/360002375960-KernelCare" target="_blank" data-v-0190e83e>Knowledge base</a><a href="https://forum.cloudlinux.com/forum/tuxcare" target="_blank" data-v-0190e83e>Forum</a><a href="https://blog.tuxcare.com/" target="_blank" data-v-0190e83e>Blog</a><a href="https://www.cloudlinux.com/privacy-policy/" target="_blank" data-v-0190e83e>Privacy Policy</a><!--]--></div><span class="footer-social-text" data-v-0190e83e>Stay in touch</span><div class="social-icons-wrapper" data-v-0190e83e><!--[--><a class="social-icons-link" href="https://www.facebook.com/tuxcare/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/fb.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://twitter.com/tuxcare_/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/tw.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://linkedin.com/company/tuxcare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/in.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://www.youtube.com/@TuxCare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/ytube.png" alt="footer logo" data-v-0190e83e></a><!--]--></div></div></div></div><!----><!--]--></div>
-    <script type="module" src="/assets/app-566f9dfe.js" defer></script>
+    <script type="module" src="/assets/app-eec13f0a.js" defer></script>
   </body>
 </html>
diff --git a/jp/extended-lifecycle-support-for-languages/index.html b/jp/extended-lifecycle-support-for-languages/index.html
index 781e6119..4a9d78a8 100644
--- a/jp/extended-lifecycle-support-for-languages/index.html
+++ b/jp/extended-lifecycle-support-for-languages/index.html
@@ -39,7 +39,7 @@
                     })();
                   </script><title>言語向け延長ライフサイクルサポート</title><meta name="description" content="">
     <link rel="preload" href="/assets/style-9d49d80e.css" as="style"><link rel="stylesheet" href="/assets/style-9d49d80e.css">
-    <link rel="modulepreload" href="/assets/app-566f9dfe.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-815d4f25.js"><link rel="modulepreload" href="/assets/index.html-c09eba5b.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-b5822e8c.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-a217ad23.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
+    <link rel="modulepreload" href="/assets/app-eec13f0a.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-815d4f25.js"><link rel="modulepreload" href="/assets/index.html-c09eba5b.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-8a6bcf47.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-04b3e155.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
   </head>
   <body>
     <div id="app"><!--[--><div class="theme-container"><header class="navbar fixed"><div class="navbar-header"><div class="navbar-header__logo-wrapper"><a href="/" class="home-link"><img class="logo" src="/global/logo.svg" alt="logo header"></a><div class="header-layout__search-container header-mobile__hidden"><!----><form id="search-form" class="drawer-header__input"><input value="" id="algolia-search-input" placeholder="Search" class="header-layout__search-default"><div class="header-layout__search-icon-default"><img alt="search icon" src="/global/search.svg"></div></form><div><div class="drawer"><div class="drawer-header"><div class="drawer-header__wrapper"><h2 class="drawer-header__paragraph">How can we help you?</h2><div id="drawerSearch"></div></div><div class="drawer-cross"><img class="drawer-cross__img" src="/global/cross.svg" alt="cross"><p class="drawer-cross__text">close</p></div></div><div class="drawer-tabs__wrapper" data-v-c60e280a><!--[--><!--]--></div><main><div class="drawer-main"><div class="drawer-main__wrapper"><div class="drawer-main__breadcrumb"><!----></div><!--[--><!----><div style="--aa1be2ec:15;"><p class="no_results">What are you searching for?</p></div><!--]--></div></div><!----></main></div><!----></div></div></div><div class="links" style="max-width:nullpx;"><img class="navbar-header__mobile-search" src="/global/search.svg" alt="icon image"><div class="header-products-wrapper"><div class="dropdown"><!----><!----><div class="header-products-container"><img class="header-products-container__img" alt="hamburger menu" src="/global/hamburger-menu.svg"><p class="header-products-wrapper-paragraph">Products</p><img class="products-icon__default" width="10" height="8" src="/arrows/arrow-down.svg" alt="arrow down icon"></div></div></div><!--[--><a target="_blank" class="btn">Ask GPT?</a><a href="https://www.tuxcare.com/support-portal/" target="_blank" class="btn">Submit support request</a><a href="https://features.tuxcare.com/submit-idea/" target="_blank" class="btn">Submit your idea</a><!--]--></div></div><!----></header><!----><div class="page"><!--[--><!--]--><div class="breadcrumb-wrapper page-breadcrumb" data-v-9445381a><span class="breadcrumb-title" data-v-9445381a>Documentation:</span><!--[--><a aria-current="page" href="/jp/extended-lifecycle-support-for-languages/" class="router-link-active router-link-exact-active breadcrumb" data-v-9445381a>言語向け延長ライフサイクルサポート</a><!--]--></div><img class="page-mobile__sidebar-menu" src="/global/sidebar-menu.svg" alt="sidebar hamburger menu"><div class="page-nav-wrapper"><!----></div><div class="content" custom="false"><h1 id="言語向け延長ライフサイクルサポート" tabindex="-1"><a class="header-anchor" href="#言語向け延長ライフサイクルサポート" aria-hidden="true">#</a> 言語向け延長ライフサイクルサポート</h1><h2 id="hp向け延長ライフサイクルサポート" tabindex="-1"><a class="header-anchor" href="#hp向け延長ライフサイクルサポート" aria-hidden="true">#</a> HP向け延長ライフサイクルサポート</h2><p>TuxCareは、PHP向け延長ライフサイクルサポート（ELS）によって、ライフサイクルが終了したPHPバージョンにセキュリティ修正を提供しています。これにより、脆弱性なしでLinuxサーバーを実行し続けることができます。</p><h3 id="対応os" tabindex="-1"><a class="header-anchor" href="#対応os" aria-hidden="true">#</a> 対応OS</h3><p>TuxCareは、EOL日から4年間延長ライフサイクルサポートを提供します。</p><table><thead><tr><th style="text-align:center;">OS</th><th style="text-align:center;">バージョン</th></tr></thead><tbody><tr><td style="text-align:center;">CentOS、CloudLinux、OracleLinuxなど.</td><td style="text-align:center;">6.x 64-bit、7.x 64-bit、8.x 64-bit</td></tr><tr><td style="text-align:center;">AlmaLinux</td><td style="text-align:center;">8.x 64-bit</td></tr><tr><td style="text-align:center;">Ubuntu</td><td style="text-align:center;">16.04 64-bit、18.04 64-bit、20.04 64-bit</td></tr></tbody></table><h3 id="サポートバージョン" tabindex="-1"><a class="header-anchor" href="#サポートバージョン" aria-hidden="true">#</a> サポートバージョン</h3><p><strong>CentOS、CloudLinux、AlmaLinux、OracleLinuxなど</strong>：5.1、5.2、5.3、5.4、5.5、5.6、7.0、7.1、7.2、7.3、7.4、8.0、8.1</p><p><strong>Ubuntu:</strong> 5.6、7.0、7.1、7.2、7.3、7.4、8.0、8.1</p><h3 id="yumリポジトリのインストール説明" tabindex="-1"><a class="header-anchor" href="#yumリポジトリのインストール説明" aria-hidden="true">#</a> yumリポジトリのインストール説明</h3><h4 id="rhelベースのシステム" tabindex="-1"><a class="header-anchor" href="#rhelベースのシステム" aria-hidden="true">#</a> RHELベースのシステム</h4><ol><li>インストールスクリプトをダウンロードします。</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>wget https://repo.cloudlinux.com/php-els/install-php-els-repo.sh
@@ -258,6 +258,6 @@
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="2"><li>OVALストリームをダウンロードします。</li></ol><div class="language-bash line-numbers-mode" data-ext="sh"><pre class="language-bash"><code>wget https://repo.cloudlinux.com/python-els/almalinux9-els-python-oval.xml
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="3"><li>スキャンを実行します。</li></ol><div class="language-bash line-numbers-mode" data-ext="sh"><pre class="language-bash"><code>oscap oval eval --results result.xml --report report.xml almalinux9-els-python-oval.xml
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div></div><div class="page-edit"><div class="edit-link"><img src="/global/pen.svg" alt="icon pen"><a href="https://github.com/cloudlinux/tuxcare-documentation/tree/master/docs/jp/extended-lifecycle-support-for-languages/README.md" target="_blank" rel="noopener noreferrer">Edit this page</a></div></div><div class="back-to-top" data-v-1eb13e00><a class="nav-arrow top back-to-top__link" data-v-1eb13e00><span class="back-to-top__link-span" data-v-1eb13e00>Scroll up</span></a></div><!--[--><!--]--></div><!----><div class="footer footer-default-layout" data-v-0190e83e><div class="footer__img" data-v-0190e83e><a href="https://tuxcare.com" data-v-0190e83e><img src="/global/we-are-cloudlinux.svg" data-v-0190e83e></a></div><div class="footer-company-title" data-v-0190e83e>2023. CloudLinux Inc </div><div class="social" data-v-0190e83e><div class="social_links" data-v-0190e83e><!--[--><a href="https://cloudlinux.zendesk.com/hc/en-us/categories/360002375960-KernelCare" target="_blank" data-v-0190e83e>Knowledge base</a><a href="https://forum.cloudlinux.com/forum/tuxcare" target="_blank" data-v-0190e83e>Forum</a><a href="https://blog.tuxcare.com/" target="_blank" data-v-0190e83e>Blog</a><a href="https://www.cloudlinux.com/privacy-policy/" target="_blank" data-v-0190e83e>Privacy Policy</a><!--]--></div><span class="footer-social-text" data-v-0190e83e>Stay in touch</span><div class="social-icons-wrapper" data-v-0190e83e><!--[--><a class="social-icons-link" href="https://www.facebook.com/tuxcare/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/fb.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://twitter.com/tuxcare_/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/tw.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://linkedin.com/company/tuxcare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/in.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://www.youtube.com/@TuxCare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/ytube.png" alt="footer logo" data-v-0190e83e></a><!--]--></div></div></div></div><!----><!--]--></div>
-    <script type="module" src="/assets/app-566f9dfe.js" defer></script>
+    <script type="module" src="/assets/app-eec13f0a.js" defer></script>
   </body>
 </html>
diff --git a/jp/extended-lifecycle-support/index.html b/jp/extended-lifecycle-support/index.html
index b05c7c37..ad180a1c 100644
--- a/jp/extended-lifecycle-support/index.html
+++ b/jp/extended-lifecycle-support/index.html
@@ -39,7 +39,7 @@
                     })();
                   </script><title>延長ライフサイクルサポート</title><meta name="description" content="">
     <link rel="preload" href="/assets/style-9d49d80e.css" as="style"><link rel="stylesheet" href="/assets/style-9d49d80e.css">
-    <link rel="modulepreload" href="/assets/app-566f9dfe.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-04265117.js"><link rel="modulepreload" href="/assets/index.html-3e49682f.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-b5822e8c.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-a217ad23.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
+    <link rel="modulepreload" href="/assets/app-eec13f0a.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-3e49682f.js"><link rel="modulepreload" href="/assets/index.html-04265117.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-8a6bcf47.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-04b3e155.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
   </head>
   <body>
     <div id="app"><!--[--><div class="theme-container"><header class="navbar fixed"><div class="navbar-header"><div class="navbar-header__logo-wrapper"><a href="/" class="home-link"><img class="logo" src="/global/logo.svg" alt="logo header"></a><div class="header-layout__search-container header-mobile__hidden"><!----><form id="search-form" class="drawer-header__input"><input value="" id="algolia-search-input" placeholder="Search" class="header-layout__search-default"><div class="header-layout__search-icon-default"><img alt="search icon" src="/global/search.svg"></div></form><div><div class="drawer"><div class="drawer-header"><div class="drawer-header__wrapper"><h2 class="drawer-header__paragraph">How can we help you?</h2><div id="drawerSearch"></div></div><div class="drawer-cross"><img class="drawer-cross__img" src="/global/cross.svg" alt="cross"><p class="drawer-cross__text">close</p></div></div><div class="drawer-tabs__wrapper" data-v-c60e280a><!--[--><!--]--></div><main><div class="drawer-main"><div class="drawer-main__wrapper"><div class="drawer-main__breadcrumb"><!----></div><!--[--><!----><div style="--aa1be2ec:15;"><p class="no_results">What are you searching for?</p></div><!--]--></div></div><!----></main></div><!----></div></div></div><div class="links" style="max-width:nullpx;"><img class="navbar-header__mobile-search" src="/global/search.svg" alt="icon image"><div class="header-products-wrapper"><div class="dropdown"><!----><!----><div class="header-products-container"><img class="header-products-container__img" alt="hamburger menu" src="/global/hamburger-menu.svg"><p class="header-products-wrapper-paragraph">Products</p><img class="products-icon__default" width="10" height="8" src="/arrows/arrow-down.svg" alt="arrow down icon"></div></div></div><!--[--><a target="_blank" class="btn">Ask GPT?</a><a href="https://www.tuxcare.com/support-portal/" target="_blank" class="btn">Submit support request</a><a href="https://features.tuxcare.com/submit-idea/" target="_blank" class="btn">Submit your idea</a><!--]--></div></div><!----></header><!----><div class="page"><!--[--><!--]--><div class="breadcrumb-wrapper page-breadcrumb" data-v-9445381a><span class="breadcrumb-title" data-v-9445381a>Documentation:</span><!--[--><a aria-current="page" href="/jp/extended-lifecycle-support/" class="router-link-active router-link-exact-active breadcrumb" data-v-9445381a>延長ライフサイクルサポート</a><!--]--></div><img class="page-mobile__sidebar-menu" src="/global/sidebar-menu.svg" alt="sidebar hamburger menu"><div class="page-nav-wrapper"><!----></div><div class="content" custom="false"><h1 id="延長ライフサイクルサポート" tabindex="-1"><a class="header-anchor" href="#延長ライフサイクルサポート" aria-hidden="true">#</a> 延長ライフサイクルサポート</h1><p>TuxCareの<a href="https://tuxcare.com/extended-lifecycle-support/" target="_blank" rel="noopener noreferrer">延長ライフサイクルサポート</a>（ELS）をご利用いただければ、オペレーティングシステムのライフサイクル終了後も引き続きLinuxサーバーを稼働できます。</p><p>他のバージョンのディストリビューションのサポートをご希望の場合は、SLA対象のサポートに他のパッケージを追加してください。ご不明な点がございましたら、<a href="https://tuxcare.com/faq/" target="_blank" rel="noopener noreferrer">FAQ欄</a>をお読みください。ご意見がございましたら、<a href="mailto:sales@cloudlinux.com">sales@tuxcare.com</a>までご連絡ください。</p><h3 id="サポート期間" tabindex="-1"><a class="header-anchor" href="#サポート期間" aria-hidden="true">#</a> サポート期間</h3><p>TuxCareは、EOL日から4年間延長ライフサイクルサポートを提供します。</p><table><thead><tr><th style="text-align:center;">ディストリビューション</th><th style="text-align:center;">EOL</th><th style="text-align:center;">ELS</th></tr></thead><tbody><tr><td style="text-align:center;">CentOS 6</td><td style="text-align:center;">2020年12月</td><td style="text-align:center;">2024年12月</td></tr><tr><td style="text-align:center;">Oracle Linux 6</td><td style="text-align:center;">2020年12月</td><td style="text-align:center;">2024年12月</td></tr><tr><td style="text-align:center;">Ubuntu 16.04</td><td style="text-align:center;">2021年4月</td><td style="text-align:center;">2025年4月</td></tr><tr><td style="text-align:center;">CentOS 8.4</td><td style="text-align:center;">2022年1月</td><td style="text-align:center;">2026年1月</td></tr><tr><td style="text-align:center;">CentOS 8.5</td><td style="text-align:center;">2022年1月</td><td style="text-align:center;">2026年1月</td></tr></tbody></table><h3 id="対応パッケージ" tabindex="-1"><a class="header-anchor" href="#対応パッケージ" aria-hidden="true">#</a> 対応パッケージ</h3><p>TuxCareは、カーネル、Apache、PHP、Glibc、OpenSSL、OpenSSH、Pythonパッケージを継続的にアップデートします。</p><h3 id="アップデート情報の入手方法" tabindex="-1"><a class="header-anchor" href="#アップデート情報の入手方法" aria-hidden="true">#</a> アップデート情報の入手方法</h3><p><a href="https://cve.tuxcare.com/" target="_blank" rel="noopener noreferrer">CVEダッシュボード</a>を使用して、アップデートを受信するように登録できます。CVEダッシュボードでは、各CVEに対する当社の進捗状況、CVEに関する情報、CVEの既知の悪用事例の詳細などに関する詳しい情報を確認できます。</p><p>ダッシュボードをより良く、より便利にするためのご意見がございましたら、<a href="mailto:sales@cloudlinux.com">sales@tuxcare.com</a>までご連絡ください。</p><p>また、<a href="https://blog.tuxcare.com/" target="_blank" rel="noopener noreferrer">TuxCareブログ</a>を購読して、パッチされた脆弱性の詳細な分析や、TuxCareチームのメンバーが作成したその他のサイバーセキュリティコンテンツを読むこともできます。</p><h3 id="elsへの移行" tabindex="-1"><a class="header-anchor" href="#elsへの移行" aria-hidden="true">#</a> ELSへの移行</h3><p>TuxCareの延長ライフサイクルサポートサービスでは、移行の必要がありません。新しいリポジトリ ファイルを追加するインストールスクリプトを実行するだけです。再起動は必要ありません。</p><h3 id="elsリポジトリのインストール方法" tabindex="-1"><a class="header-anchor" href="#elsリポジトリのインストール方法" aria-hidden="true">#</a> ELSリポジトリのインストール方法</h3><p>サーバーに延長ライフサイクルサポートリポジトリをインストールするには、インストールスクリプトをダウンロードして、キーを使用してスクリプトを実行するだけです。インストールスクリプトを実行すると、そのキーと一緒にCLNにサーバーが登録され、サーバーにPGPキーが追加され、ELSリポジトリが作成されます。</p><p>延長ライフサイクルサポートのご利用には、以下の宛先に対してTCP ポート443を開く必要があります。</p><ul><li>cln.cloudlinux.com</li><li>repo.cloudlinux.com</li></ul><h2 id="yumリポジトリのインストール手順" tabindex="-1"><a class="header-anchor" href="#yumリポジトリのインストール手順" aria-hidden="true">#</a> yumリポジトリのインストール手順</h2><h3 id="centos-6-els" tabindex="-1"><a class="header-anchor" href="#centos-6-els" aria-hidden="true">#</a> CentOS 6 ELS</h3><ol><li>インストールスクリプトをダウンロードします。</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>wget https://repo.cloudlinux.com/centos6-els/install-centos6-els-repo.py
@@ -164,6 +164,6 @@
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h4 id="ubuntu-16-04の場合" tabindex="-1"><a class="header-anchor" href="#ubuntu-16-04の場合" aria-hidden="true">#</a> Ubuntu 16.04の場合</h4><p>OVALを使用するには、システムがELSとして定義されていることを確認してください。</p><ol><li>以下のコマンドを実行します。</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ apt list els-define | grep -o &quot;installed&quot;
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>コマンドの結果が<code>installed</code>の場合、ご利用のシステムはELSとして定義されていますので、OVALを使用できます。</p><ol start="2"><li>それ以外の場合は、以下のコマンドを使用して、<code>els-define</code>パッケージをインストールする必要があります。</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ apt-get install els-define
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div></div><div class="page-edit"><div class="edit-link"><img src="/global/pen.svg" alt="icon pen"><a href="https://github.com/cloudlinux/tuxcare-documentation/tree/master/docs/jp/extended-lifecycle-support/README.md" target="_blank" rel="noopener noreferrer">Edit this page</a></div></div><div class="back-to-top" data-v-1eb13e00><a class="nav-arrow top back-to-top__link" data-v-1eb13e00><span class="back-to-top__link-span" data-v-1eb13e00>Scroll up</span></a></div><!--[--><!--]--></div><!----><div class="footer footer-default-layout" data-v-0190e83e><div class="footer__img" data-v-0190e83e><a href="https://tuxcare.com" data-v-0190e83e><img src="/global/we-are-cloudlinux.svg" data-v-0190e83e></a></div><div class="footer-company-title" data-v-0190e83e>2023. CloudLinux Inc </div><div class="social" data-v-0190e83e><div class="social_links" data-v-0190e83e><!--[--><a href="https://cloudlinux.zendesk.com/hc/en-us/categories/360002375960-KernelCare" target="_blank" data-v-0190e83e>Knowledge base</a><a href="https://forum.cloudlinux.com/forum/tuxcare" target="_blank" data-v-0190e83e>Forum</a><a href="https://blog.tuxcare.com/" target="_blank" data-v-0190e83e>Blog</a><a href="https://www.cloudlinux.com/privacy-policy/" target="_blank" data-v-0190e83e>Privacy Policy</a><!--]--></div><span class="footer-social-text" data-v-0190e83e>Stay in touch</span><div class="social-icons-wrapper" data-v-0190e83e><!--[--><a class="social-icons-link" href="https://www.facebook.com/tuxcare/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/fb.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://twitter.com/tuxcare_/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/tw.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://linkedin.com/company/tuxcare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/in.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://www.youtube.com/@TuxCare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/ytube.png" alt="footer logo" data-v-0190e83e></a><!--]--></div></div></div></div><!----><!--]--></div>
-    <script type="module" src="/assets/app-566f9dfe.js" defer></script>
+    <script type="module" src="/assets/app-eec13f0a.js" defer></script>
   </body>
 </html>
diff --git a/jp/index.html b/jp/index.html
index 94e1213a..50659b4a 100644
--- a/jp/index.html
+++ b/jp/index.html
@@ -39,10 +39,10 @@
                     })();
                   </script><title></title><meta name="description" content="">
     <link rel="preload" href="/assets/style-9d49d80e.css" as="style"><link rel="stylesheet" href="/assets/style-9d49d80e.css">
-    <link rel="modulepreload" href="/assets/app-566f9dfe.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-5be4a58a.js"><link rel="modulepreload" href="/assets/index.html-092f14d9.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-b5822e8c.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-a217ad23.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
+    <link rel="modulepreload" href="/assets/app-eec13f0a.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-84b523eb.js"><link rel="modulepreload" href="/assets/index.html-092f14d9.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-8a6bcf47.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-04b3e155.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
   </head>
   <body>
     <div id="app"><!--[--><div class="theme-container"><header class="navbar fixed"><div class="navbar-header"><div class="navbar-header__logo-wrapper"><a href="/" class="home-link"><img class="logo" src="/global/logo.svg" alt="logo header"></a><div class="header-layout__search-container header-mobile__hidden"><!----><form id="search-form" class="drawer-header__input"><input value="" id="algolia-search-input" placeholder="Search" class="header-layout__search-default"><div class="header-layout__search-icon-default"><img alt="search icon" src="/global/search.svg"></div></form><div><div class="drawer"><div class="drawer-header"><div class="drawer-header__wrapper"><h2 class="drawer-header__paragraph">How can we help you?</h2><div id="drawerSearch"></div></div><div class="drawer-cross"><img class="drawer-cross__img" src="/global/cross.svg" alt="cross"><p class="drawer-cross__text">close</p></div></div><div class="drawer-tabs__wrapper" data-v-c60e280a><!--[--><!--]--></div><main><div class="drawer-main"><div class="drawer-main__wrapper"><div class="drawer-main__breadcrumb"><!----></div><!--[--><!----><div style="--aa1be2ec:15;"><p class="no_results">What are you searching for?</p></div><!--]--></div></div><!----></main></div><!----></div></div></div><div class="links" style="max-width:nullpx;"><img class="navbar-header__mobile-search" src="/global/search.svg" alt="icon image"><div class="header-products-wrapper"><div class="dropdown"><!----><!----><div class="header-products-container"><img class="header-products-container__img" alt="hamburger menu" src="/global/hamburger-menu.svg"><p class="header-products-wrapper-paragraph">Products</p><img class="products-icon__default" width="10" height="8" src="/arrows/arrow-down.svg" alt="arrow down icon"></div></div></div><!--[--><a target="_blank" class="btn">Ask GPT?</a><a href="https://www.tuxcare.com/support-portal/" target="_blank" class="btn">Submit support request</a><a href="https://features.tuxcare.com/submit-idea/" target="_blank" class="btn">Submit your idea</a><!--]--></div></div><!----></header><!----><div class="page"><!--[--><!--]--><div class="breadcrumb-wrapper page-breadcrumb" data-v-9445381a><span class="breadcrumb-title" data-v-9445381a>Documentation:</span><!--[--><a aria-current="page" href="/jp/" class="router-link-active router-link-exact-active breadcrumb" data-v-9445381a></a><!--]--></div><img class="page-mobile__sidebar-menu" src="/global/sidebar-menu.svg" alt="sidebar hamburger menu"><div class="page-nav-wrapper"><!----></div><div class="content" custom="false"></div><div class="page-edit"><div class="edit-link"><img src="/global/pen.svg" alt="icon pen"><a href="https://github.com/cloudlinux/tuxcare-documentation/tree/master/docs/jp/README.md" target="_blank" rel="noopener noreferrer">Edit this page</a></div></div><div class="back-to-top" data-v-1eb13e00><a class="nav-arrow top back-to-top__link" data-v-1eb13e00><span class="back-to-top__link-span" data-v-1eb13e00>Scroll up</span></a></div><!--[--><!--]--></div><!----><div class="footer footer-default-layout" data-v-0190e83e><div class="footer__img" data-v-0190e83e><a href="https://tuxcare.com" data-v-0190e83e><img src="/global/we-are-cloudlinux.svg" data-v-0190e83e></a></div><div class="footer-company-title" data-v-0190e83e>2023. CloudLinux Inc </div><div class="social" data-v-0190e83e><div class="social_links" data-v-0190e83e><!--[--><a href="https://cloudlinux.zendesk.com/hc/en-us/categories/360002375960-KernelCare" target="_blank" data-v-0190e83e>Knowledge base</a><a href="https://forum.cloudlinux.com/forum/tuxcare" target="_blank" data-v-0190e83e>Forum</a><a href="https://blog.tuxcare.com/" target="_blank" data-v-0190e83e>Blog</a><a href="https://www.cloudlinux.com/privacy-policy/" target="_blank" data-v-0190e83e>Privacy Policy</a><!--]--></div><span class="footer-social-text" data-v-0190e83e>Stay in touch</span><div class="social-icons-wrapper" data-v-0190e83e><!--[--><a class="social-icons-link" href="https://www.facebook.com/tuxcare/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/fb.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://twitter.com/tuxcare_/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/tw.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://linkedin.com/company/tuxcare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/in.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://www.youtube.com/@TuxCare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/ytube.png" alt="footer logo" data-v-0190e83e></a><!--]--></div></div></div></div><!----><!--]--></div>
-    <script type="module" src="/assets/app-566f9dfe.js" defer></script>
+    <script type="module" src="/assets/app-eec13f0a.js" defer></script>
   </body>
 </html>
diff --git a/jp/linux-support-services/index.html b/jp/linux-support-services/index.html
index 4a6398c2..c3a6f319 100644
--- a/jp/linux-support-services/index.html
+++ b/jp/linux-support-services/index.html
@@ -39,10 +39,10 @@
                     })();
                   </script><title>Linuxサポートサービス</title><meta name="description" content="">
     <link rel="preload" href="/assets/style-9d49d80e.css" as="style"><link rel="stylesheet" href="/assets/style-9d49d80e.css">
-    <link rel="modulepreload" href="/assets/app-566f9dfe.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-84c31207.js"><link rel="modulepreload" href="/assets/index.html-45ca0bbf.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-b5822e8c.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-a217ad23.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
+    <link rel="modulepreload" href="/assets/app-eec13f0a.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-84c31207.js"><link rel="modulepreload" href="/assets/index.html-45ca0bbf.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-8a6bcf47.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-04b3e155.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
   </head>
   <body>
     <div id="app"><!--[--><div class="theme-container"><header class="navbar fixed"><div class="navbar-header"><div class="navbar-header__logo-wrapper"><a href="/" class="home-link"><img class="logo" src="/global/logo.svg" alt="logo header"></a><div class="header-layout__search-container header-mobile__hidden"><!----><form id="search-form" class="drawer-header__input"><input value="" id="algolia-search-input" placeholder="Search" class="header-layout__search-default"><div class="header-layout__search-icon-default"><img alt="search icon" src="/global/search.svg"></div></form><div><div class="drawer"><div class="drawer-header"><div class="drawer-header__wrapper"><h2 class="drawer-header__paragraph">How can we help you?</h2><div id="drawerSearch"></div></div><div class="drawer-cross"><img class="drawer-cross__img" src="/global/cross.svg" alt="cross"><p class="drawer-cross__text">close</p></div></div><div class="drawer-tabs__wrapper" data-v-c60e280a><!--[--><!--]--></div><main><div class="drawer-main"><div class="drawer-main__wrapper"><div class="drawer-main__breadcrumb"><!----></div><!--[--><!----><div style="--aa1be2ec:15;"><p class="no_results">What are you searching for?</p></div><!--]--></div></div><!----></main></div><!----></div></div></div><div class="links" style="max-width:nullpx;"><img class="navbar-header__mobile-search" src="/global/search.svg" alt="icon image"><div class="header-products-wrapper"><div class="dropdown"><!----><!----><div class="header-products-container"><img class="header-products-container__img" alt="hamburger menu" src="/global/hamburger-menu.svg"><p class="header-products-wrapper-paragraph">Products</p><img class="products-icon__default" width="10" height="8" src="/arrows/arrow-down.svg" alt="arrow down icon"></div></div></div><!--[--><a target="_blank" class="btn">Ask GPT?</a><a href="https://www.tuxcare.com/support-portal/" target="_blank" class="btn">Submit support request</a><a href="https://features.tuxcare.com/submit-idea/" target="_blank" class="btn">Submit your idea</a><!--]--></div></div><!----></header><!----><div class="page"><!--[--><!--]--><div class="breadcrumb-wrapper page-breadcrumb" data-v-9445381a><span class="breadcrumb-title" data-v-9445381a>Documentation:</span><!--[--><a aria-current="page" href="/jp/linux-support-services/" class="router-link-active router-link-exact-active breadcrumb" data-v-9445381a>Linuxサポートサービス</a><!--]--></div><img class="page-mobile__sidebar-menu" src="/global/sidebar-menu.svg" alt="sidebar hamburger menu"><div class="page-nav-wrapper"><!----></div><div class="content" custom="false"><h1 id="linuxサポートサービス" tabindex="-1"><a class="header-anchor" href="#linuxサポートサービス" aria-hidden="true">#</a> Linuxサポートサービス</h1><p>TuxCareは、「エッセンシャル」ティア、「プレミアム」ティア、「製品OEMサポート」ティアでサブスクリプションパッケージを提供しています。AlmaLinux OS 8やその他の一般的なEnterprise Linuxディストリビューションでご利用いただけます。</p><h2 id="almalinux-os-8向け「エッセンシャル」サポート" tabindex="-1"><a class="header-anchor" href="#almalinux-os-8向け「エッセンシャル」サポート" aria-hidden="true">#</a> AlmaLinux OS 8向け「エッセンシャル」サポート</h2><p>生産インフラストラクチャでAlmaLinux OSをご利用の企業向けに基本的なサポートパッケージを提供しています。</p><ul><li>Linuxカーネルとコアパッケージ向けの定期的なパッチとアップデート</li><li>CVSSと高CVEに14営業日でパッチを配信</li><li>24時間年中無休のEメールサポート</li></ul><h2 id="almalinux-os8とその他のlinuxディストリビューション向け「プレミアム」サポート" tabindex="-1"><a class="header-anchor" href="#almalinux-os8とその他のlinuxディストリビューション向け「プレミアム」サポート" aria-hidden="true">#</a> AlmaLinux OS8とその他のLinuxディストリビューション向け「プレミアム」サポート</h2><p>カスタムベースの、さまざまなLinuxディストリビューション向けパッチとアップデート、プレミアムSLA、年中無休のインシデントサポート、コンサルティングサービスへのアクセスの提供</p><ul><li>AlmaLinux OS、CentOS、Oracle、Ubuntu、Debian、Suse、Linuxディストリビューションに含まれていないその他のオープンソースソフトウェアのサポート</li><li>24時間365日のEメールによるインシデントサポート、ライブチャットと電話も利用可能</li><li>他のLinuxディストリビューション向けの、ニーズに応じた、リポジトリ外のセキュリティ／バグ修正（作業範囲記述書の一部)</li></ul><h2 id="almalinux-os-8向け製品nodeosサポート" tabindex="-1"><a class="header-anchor" href="#almalinux-os-8向け製品nodeosサポート" aria-hidden="true">#</a> AlmaLinux OS 8向け製品NodeOSサポート</h2><p>顧客に出荷中の製品のNodeOSとして、AlmaLinux 8をご利用のエンタープライズ企業向けに、カスタマイズされたLinuxサポートパッケージを提供しています。特定のパッケージセット、カスタムSLA、迅速なインシデント対応のための専任サポートチーム。</p><ul><li>各契約向けに特別に交渉されたパッチ配信とインシデント対応</li><li>CVSSと高CVEに10営業日でパッチを配信</li><li>24時間365日対応のEメールサポート。重大インシデント用ライブチャットも利用可能</li><li>指名された専任サポートマネージャー</li><li>個々の作業範囲記述書（SOW）ベースでのコンサルティングサービスへのアクセス</li></ul><p>詳細については、<a href="https://tuxcare.com/linux-support-services/" target="_blank" rel="noopener noreferrer">TuxCare LinuxサポートサービスWebサイト</a>を参照してください。</p></div><div class="page-edit"><div class="edit-link"><img src="/global/pen.svg" alt="icon pen"><a href="https://github.com/cloudlinux/tuxcare-documentation/tree/master/docs/jp/linux-support-services/README.md" target="_blank" rel="noopener noreferrer">Edit this page</a></div></div><div class="back-to-top" data-v-1eb13e00><a class="nav-arrow top back-to-top__link" data-v-1eb13e00><span class="back-to-top__link-span" data-v-1eb13e00>Scroll up</span></a></div><!--[--><!--]--></div><!----><div class="footer footer-default-layout" data-v-0190e83e><div class="footer__img" data-v-0190e83e><a href="https://tuxcare.com" data-v-0190e83e><img src="/global/we-are-cloudlinux.svg" data-v-0190e83e></a></div><div class="footer-company-title" data-v-0190e83e>2023. CloudLinux Inc </div><div class="social" data-v-0190e83e><div class="social_links" data-v-0190e83e><!--[--><a href="https://cloudlinux.zendesk.com/hc/en-us/categories/360002375960-KernelCare" target="_blank" data-v-0190e83e>Knowledge base</a><a href="https://forum.cloudlinux.com/forum/tuxcare" target="_blank" data-v-0190e83e>Forum</a><a href="https://blog.tuxcare.com/" target="_blank" data-v-0190e83e>Blog</a><a href="https://www.cloudlinux.com/privacy-policy/" target="_blank" data-v-0190e83e>Privacy Policy</a><!--]--></div><span class="footer-social-text" data-v-0190e83e>Stay in touch</span><div class="social-icons-wrapper" data-v-0190e83e><!--[--><a class="social-icons-link" href="https://www.facebook.com/tuxcare/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/fb.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://twitter.com/tuxcare_/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/tw.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://linkedin.com/company/tuxcare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/in.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://www.youtube.com/@TuxCare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/ytube.png" alt="footer logo" data-v-0190e83e></a><!--]--></div></div></div></div><!----><!--]--></div>
-    <script type="module" src="/assets/app-566f9dfe.js" defer></script>
+    <script type="module" src="/assets/app-eec13f0a.js" defer></script>
   </body>
 </html>
diff --git a/jp/live-patching-services/index.html b/jp/live-patching-services/index.html
index eadbfb91..c1d2f599 100644
--- a/jp/live-patching-services/index.html
+++ b/jp/live-patching-services/index.html
@@ -39,7 +39,7 @@
                     })();
                   </script><title>ライブパッチ適用サービス</title><meta name="description" content="">
     <link rel="preload" href="/assets/style-9d49d80e.css" as="style"><link rel="stylesheet" href="/assets/style-9d49d80e.css">
-    <link rel="modulepreload" href="/assets/app-566f9dfe.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-070c63b3.js"><link rel="modulepreload" href="/assets/index.html-862975e7.js"><link rel="modulepreload" href="/assets/uchecker-31d683fa.js"><link rel="modulepreload" href="/assets/eportal-qemu-feed-7c9efdb9.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-b5822e8c.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-a217ad23.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
+    <link rel="modulepreload" href="/assets/app-eec13f0a.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-070c63b3.js"><link rel="modulepreload" href="/assets/index.html-862975e7.js"><link rel="modulepreload" href="/assets/uchecker-31d683fa.js"><link rel="modulepreload" href="/assets/eportal-qemu-feed-7c9efdb9.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-8a6bcf47.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-04b3e155.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
   </head>
   <body>
     <div id="app"><!--[--><div class="theme-container"><header class="navbar fixed"><div class="navbar-header"><div class="navbar-header__logo-wrapper"><a href="/" class="home-link"><img class="logo" src="/global/logo.svg" alt="logo header"></a><div class="header-layout__search-container header-mobile__hidden"><!----><form id="search-form" class="drawer-header__input"><input value="" id="algolia-search-input" placeholder="Search" class="header-layout__search-default"><div class="header-layout__search-icon-default"><img alt="search icon" src="/global/search.svg"></div></form><div><div class="drawer"><div class="drawer-header"><div class="drawer-header__wrapper"><h2 class="drawer-header__paragraph">How can we help you?</h2><div id="drawerSearch"></div></div><div class="drawer-cross"><img class="drawer-cross__img" src="/global/cross.svg" alt="cross"><p class="drawer-cross__text">close</p></div></div><div class="drawer-tabs__wrapper" data-v-c60e280a><!--[--><!--]--></div><main><div class="drawer-main"><div class="drawer-main__wrapper"><div class="drawer-main__breadcrumb"><!----></div><!--[--><!----><div style="--aa1be2ec:15;"><p class="no_results">What are you searching for?</p></div><!--]--></div></div><!----></main></div><!----></div></div></div><div class="links" style="max-width:nullpx;"><img class="navbar-header__mobile-search" src="/global/search.svg" alt="icon image"><div class="header-products-wrapper"><div class="dropdown"><!----><!----><div class="header-products-container"><img class="header-products-container__img" alt="hamburger menu" src="/global/hamburger-menu.svg"><p class="header-products-wrapper-paragraph">Products</p><img class="products-icon__default" width="10" height="8" src="/arrows/arrow-down.svg" alt="arrow down icon"></div></div></div><!--[--><a target="_blank" class="btn">Ask GPT?</a><a href="https://www.tuxcare.com/support-portal/" target="_blank" class="btn">Submit support request</a><a href="https://features.tuxcare.com/submit-idea/" target="_blank" class="btn">Submit your idea</a><!--]--></div></div><!----></header><!----><div class="page"><!--[--><!--]--><div class="breadcrumb-wrapper page-breadcrumb" data-v-9445381a><span class="breadcrumb-title" data-v-9445381a>Documentation:</span><!--[--><a aria-current="page" href="/jp/live-patching-services/" class="router-link-active router-link-exact-active breadcrumb" data-v-9445381a>ライブパッチ適用サービス</a><!--]--></div><img class="page-mobile__sidebar-menu" src="/global/sidebar-menu.svg" alt="sidebar hamburger menu"><div class="page-nav-wrapper"><!----></div><div class="content" custom="false"><h1 id="ライブパッチ適用サービス" tabindex="-1"><a class="header-anchor" href="#ライブパッチ適用サービス" aria-hidden="true">#</a> ライブパッチ適用サービス</h1><p>ライブパッチ適用サービスの一環として、TuxCareは以下のサービスを提供します。</p><ul><li>KernelCare Enterprise</li><li>LibCare</li><li>KernelCare for IOT</li><li>QEMUCare</li><li>DBCare（ベータ版で利用可能）</li></ul><h2 id="kernelcare-enterprise" tabindex="-1"><a class="header-anchor" href="#kernelcare-enterprise" aria-hidden="true">#</a> KernelCare Enterprise</h2><h3 id="概要" tabindex="-1"><a class="header-anchor" href="#概要" aria-hidden="true">#</a> 概要</h3><p>KernelCare Enterpriseは、さまざまな人気のLinuxカーネルに、システムを再起動することなしにインストール可能なセキュリティパッチとバグ修正を提供するライブカーネルパッチ適用サービスです。</p><h3 id="メリット" tabindex="-1"><a class="header-anchor" href="#メリット" aria-hidden="true">#</a> メリット</h3><p>現在、システム管理者は、最新のカーネルアップデートを適用するのに、サーバーを再起動する必要があります。このアップデートは、セキュリティ上の問題を防ぐために必要です。ただし、再起動に伴うダウンタイムのせいで、このようなアップデートは遅れがちで、深夜の時間帯になりがちです。ダウンタイムを回避するために、サーバーの所有者が数ヶ月、数年もシステムをアップデートせずに、脆弱なシステムを実行し続けることはめずらしいことではありません。マネージドサービスプロバイダは、ダウンタイムを計画し、リソースを圧迫しながら短時間に数千台のサーバーのアップデートと再起動をする問題に直面しています。KernelCareは、再起動不要のライブカーネルパッチ適用サービスを提供することで、このアップデートと再起動の問題を解決します。</p><h3 id="主な機能" tabindex="-1"><a class="header-anchor" href="#主な機能" aria-hidden="true">#</a> 主な機能</h3><ul><li>再起動不要のLinuxカーネルパッチ適用とカスタムパッチ適用</li><li>オンプレミスでも、クラウドでも利用可能</li><li>保護されたインフラストラクチャ用のプライベートパッチサーバー、ePortal</li><li>追加設定不要で、パッチ管理・脆弱性評価ツールと統合</li></ul><h3 id="試用ライセンスの取得" tabindex="-1"><a class="header-anchor" href="#試用ライセンスの取得" aria-hidden="true">#</a> 試用ライセンスの取得</h3><p>KernelCare Enterpriseのご利用には、試用版アクティベーションキーが必要です。試用ライセンスは7日間有効です。</p><p>アクティベーションキーの取得に問題がある場合や試用版の使用に関してご不明点がある場合は、<a href="mailto:sales@cloudlinux.com">sales@cloudlinux.com</a> までご連絡ください。私たちがお助けします。</p><h3 id="インストール" tabindex="-1"><a class="header-anchor" href="#インストール" aria-hidden="true">#</a> インストール</h3><p>KernelCare Enterpriseは、64ビット版のAlmaLinux/CloudLinuxOS/CentOS/RHEL 6、7、8、Oracle Linux 6、7、Amazon Linux 1、2、Virtuozzo／PCS／OpenVZ 2.6.32、Debian 8、9、10、Proxmox VE 5 、6、Virt-SIG／Xen 4CentOS 6、7、Ubuntu 14.04、15.04、16.04、18.04、20.04カーネルと互換性があります。互換性のあるカーネル一覧は、<a href="https://patches.kernelcare.com/" target="_blank" rel="noopener noreferrer">https://patches.kernelcare.com/</a> からご覧いただけます。</p><p>KernelCare Enterpriseをインストールするには、以下を実行します。</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>curl -s -L https://kernelcare.com/installer | bash
@@ -253,6 +253,6 @@
   --disabled   do not enable patchset after deploy
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>例えば、</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>kc.eportal qemu deploy --feed test /tmp/U20210818_01-qemu.tar.bz2
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>このコマンドは、<code>U20210818_01-qemu</code>パッチセットを<code>test</code>フィードにデプロイして、有効にします。</p><h2 id="dbcare" tabindex="-1"><a class="header-anchor" href="#dbcare" aria-hidden="true">#</a> DBCare</h2><p>DBCareのベータテストが利用可能です！<a href="https://tuxcare.com/live-patching-services/databasecare/" target="_blank" rel="noopener noreferrer">こちら</a>からお申し込みください。</p><h3 id="概要-3" tabindex="-1"><a class="header-anchor" href="#概要-3" aria-hidden="true">#</a> 概要</h3><p>DBCareは、MariaDB向けのライブパッチ適用サービスです。 DBCareを使用すると、データベースのバックエンドがアップデートされている間もアプリケーションを実行し続けることができるので、データベースのパフォーマンス、信頼性、セキュリティ、コンプライアンスが強化されます。</p><h3 id="メリット-2" tabindex="-1"><a class="header-anchor" href="#メリット-2" aria-hidden="true">#</a> メリット</h3><p>データベースのアップデートは、バグの修正、システムパフォーマンスの向上、脆弱性数の削減のために行われますが、これらの活動には多大な影響と労力が必要になります。DBCareを使用すると、データベースのダウンタイム一切不要で、パッチがメモリに適用されます。</p><p>ライブパッチ適用は、メンテナンスウィンドウまでの待機不要で、迅速にセキュリティアップデートを適用します。実は、DBCareを導入している組織は、データベースシステムのほとんどのメンテナンスウィンドウを完全に削除していて、それでいて、これまで以上に安全になっています。</p><h3 id="主な機能-2" tabindex="-1"><a class="header-anchor" href="#主な機能-2" aria-hidden="true">#</a> 主な機能</h3><ul><li>現時点で、MariaDBをサポート</li><li>高可用性環境におけるデータベースのフェイルオーバーの回避</li><li>ダウンタイム中のワークロードの移行の回避</li></ul><h3 id="dbcareの仕組み" tabindex="-1"><a class="header-anchor" href="#dbcareの仕組み" aria-hidden="true">#</a> DBCareの仕組み</h3><ul><li>データベースサーバーにエージェントがインストールされ、当社のリポジトリから直接パッチがインストールされます。</li><li>このエージェントは、すべてのTuxCare製品にわたって、パッチをダウンロードして適用するために使用されます。そのため、複数のTuxCare製品を使用する場合でも、実行中のエージェントは1つだけです。</li></ul><p>DBCareの詳細については、<a href="https://tuxcare.com/live-patching-services/databasecare/" target="_blank" rel="noopener noreferrer">こちらのページにアクセスしてください</a>。</p></div><div class="page-edit"><div class="edit-link"><img src="/global/pen.svg" alt="icon pen"><a href="https://github.com/cloudlinux/tuxcare-documentation/tree/master/docs/jp/live-patching-services/README.md" target="_blank" rel="noopener noreferrer">Edit this page</a></div></div><div class="back-to-top" data-v-1eb13e00><a class="nav-arrow top back-to-top__link" data-v-1eb13e00><span class="back-to-top__link-span" data-v-1eb13e00>Scroll up</span></a></div><!--[--><!--]--></div><!----><div class="footer footer-default-layout" data-v-0190e83e><div class="footer__img" data-v-0190e83e><a href="https://tuxcare.com" data-v-0190e83e><img src="/global/we-are-cloudlinux.svg" data-v-0190e83e></a></div><div class="footer-company-title" data-v-0190e83e>2023. CloudLinux Inc </div><div class="social" data-v-0190e83e><div class="social_links" data-v-0190e83e><!--[--><a href="https://cloudlinux.zendesk.com/hc/en-us/categories/360002375960-KernelCare" target="_blank" data-v-0190e83e>Knowledge base</a><a href="https://forum.cloudlinux.com/forum/tuxcare" target="_blank" data-v-0190e83e>Forum</a><a href="https://blog.tuxcare.com/" target="_blank" data-v-0190e83e>Blog</a><a href="https://www.cloudlinux.com/privacy-policy/" target="_blank" data-v-0190e83e>Privacy Policy</a><!--]--></div><span class="footer-social-text" data-v-0190e83e>Stay in touch</span><div class="social-icons-wrapper" data-v-0190e83e><!--[--><a class="social-icons-link" href="https://www.facebook.com/tuxcare/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/fb.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://twitter.com/tuxcare_/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/tw.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://linkedin.com/company/tuxcare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/in.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://www.youtube.com/@TuxCare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/ytube.png" alt="footer logo" data-v-0190e83e></a><!--]--></div></div></div></div><!----><!--]--></div>
-    <script type="module" src="/assets/app-566f9dfe.js" defer></script>
+    <script type="module" src="/assets/app-eec13f0a.js" defer></script>
   </body>
 </html>
diff --git a/jp/tuxcare-cln/index.html b/jp/tuxcare-cln/index.html
index a24c9d08..640792cb 100644
--- a/jp/tuxcare-cln/index.html
+++ b/jp/tuxcare-cln/index.html
@@ -39,10 +39,10 @@
                     })();
                   </script><title>サブスクリプション管理ポータル</title><meta name="description" content="">
     <link rel="preload" href="/assets/style-9d49d80e.css" as="style"><link rel="stylesheet" href="/assets/style-9d49d80e.css">
-    <link rel="modulepreload" href="/assets/app-566f9dfe.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-e424f433.js"><link rel="modulepreload" href="/assets/index.html-c0147096.js"><link rel="modulepreload" href="/assets/reports-c7f76afe.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-b5822e8c.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-a217ad23.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
+    <link rel="modulepreload" href="/assets/app-eec13f0a.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-c0147096.js"><link rel="modulepreload" href="/assets/reports-c7f76afe.js"><link rel="modulepreload" href="/assets/index.html-e424f433.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-8a6bcf47.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-04b3e155.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
   </head>
   <body>
     <div id="app"><!--[--><div class="theme-container"><header class="navbar fixed"><div class="navbar-header"><div class="navbar-header__logo-wrapper"><a href="/" class="home-link"><img class="logo" src="/global/logo.svg" alt="logo header"></a><div class="header-layout__search-container header-mobile__hidden"><!----><form id="search-form" class="drawer-header__input"><input value="" id="algolia-search-input" placeholder="Search" class="header-layout__search-default"><div class="header-layout__search-icon-default"><img alt="search icon" src="/global/search.svg"></div></form><div><div class="drawer"><div class="drawer-header"><div class="drawer-header__wrapper"><h2 class="drawer-header__paragraph">How can we help you?</h2><div id="drawerSearch"></div></div><div class="drawer-cross"><img class="drawer-cross__img" src="/global/cross.svg" alt="cross"><p class="drawer-cross__text">close</p></div></div><div class="drawer-tabs__wrapper" data-v-c60e280a><!--[--><!--]--></div><main><div class="drawer-main"><div class="drawer-main__wrapper"><div class="drawer-main__breadcrumb"><!----></div><!--[--><!----><div style="--aa1be2ec:15;"><p class="no_results">What are you searching for?</p></div><!--]--></div></div><!----></main></div><!----></div></div></div><div class="links" style="max-width:nullpx;"><img class="navbar-header__mobile-search" src="/global/search.svg" alt="icon image"><div class="header-products-wrapper"><div class="dropdown"><!----><!----><div class="header-products-container"><img class="header-products-container__img" alt="hamburger menu" src="/global/hamburger-menu.svg"><p class="header-products-wrapper-paragraph">Products</p><img class="products-icon__default" width="10" height="8" src="/arrows/arrow-down.svg" alt="arrow down icon"></div></div></div><!--[--><a target="_blank" class="btn">Ask GPT?</a><a href="https://www.tuxcare.com/support-portal/" target="_blank" class="btn">Submit support request</a><a href="https://features.tuxcare.com/submit-idea/" target="_blank" class="btn">Submit your idea</a><!--]--></div></div><!----></header><!----><div class="page"><!--[--><!--]--><div class="breadcrumb-wrapper page-breadcrumb" data-v-9445381a><span class="breadcrumb-title" data-v-9445381a>Documentation:</span><!--[--><a aria-current="page" href="/jp/tuxcare-cln/" class="router-link-active router-link-exact-active breadcrumb" data-v-9445381a>サブスクリプション管理ポータル</a><!--]--></div><img class="page-mobile__sidebar-menu" src="/global/sidebar-menu.svg" alt="sidebar hamburger menu"><div class="page-nav-wrapper"><!----></div><div class="content" custom="false"><h1 id="サブスクリプション管理ポータル" tabindex="-1"><a class="header-anchor" href="#サブスクリプション管理ポータル" aria-hidden="true">#</a> サブスクリプション管理ポータル</h1><p>TuxCareサブスクリプション管理ポータル（CLN）は、TuxCareの製品とサービスのライセンスをユーザーフレンドリーなインターフェイスで簡単に管理できるように設計されています。</p><h2 id="概要" tabindex="-1"><a class="header-anchor" href="#概要" aria-hidden="true">#</a> 概要</h2><p>CLNでは、以下のことができます。</p><ul><li>ライセンスの追加、削除、編集</li><li>サーバーの追加、削除、編集</li><li>お支払い方法の選択とライセンスの購入</li><li>関連するすべての費用の追跡</li></ul><h3 id="新しいアカウントの作成" tabindex="-1"><a class="header-anchor" href="#新しいアカウントの作成" aria-hidden="true">#</a> 新しいアカウントの作成</h3><p>初めてのユーザーの方は、<a href="https://portal.tuxcare.com/register/customer?originUrl=%2Fdashboard%2Fproducts" target="_blank" rel="noopener noreferrer">https://portal.tuxcare.com</a>にアクセスして、簡単な登録フォームに記入して、アカウントを作成してください。ログイン名とパスワードは、登録確認メールでご案内しています。</p><h3 id="ログイン" tabindex="-1"><a class="header-anchor" href="#ログイン" aria-hidden="true">#</a> ログイン</h3><p><a href="https://portal.tuxcare.com/auth/login?originUrl=%2Fdashboard%2Fproducts" target="_blank" rel="noopener noreferrer">https://portal.tuxcare.com</a>にアクセスして、ログイン名とパスワードでログインします。</p><h2 id="dashboard" tabindex="-1"><a class="header-anchor" href="#dashboard" aria-hidden="true">#</a> Dashboard</h2><p>Dashboardは、<em>Products</em>に迅速にアクセスするのに役立ちます。以下のタブがあります。</p><ul><li><a aria-current="page" href="/jp/tuxcare-cln/#products" class="router-link-active router-link-exact-active">Products</a></li><li><a aria-current="page" href="/jp/tuxcare-cln/#servers" class="router-link-active router-link-exact-active">Servers</a></li></ul><h3 id="products" tabindex="-1"><a class="header-anchor" href="#products" aria-hidden="true">#</a> Products</h3><p><em>Dashboard</em>をクリックすると、<em>My Products</em>ページにリダイレクトされます。</p><p><img src="/images/dashboard.png" alt=""></p><p>以下のアクションをご利用いただけます。</p><ul><li><strong>Manage licenses and billing cycle</strong>。リンクをクリックすると、当社セールスチームに連絡できます。ライセンス数や製品クォータを変更したり、請求サイクルを管理したりする際にご利用ください。</li><li><strong>Manage activation keys</strong>。<a aria-current="page" href="/jp/tuxcare-cln/#activation-keys" class="router-link-active router-link-exact-active">Extended Support Services | Activation Keys</a>ページへのショートカット。</li></ul><h3 id="servers" tabindex="-1"><a class="header-anchor" href="#servers" aria-hidden="true">#</a> Servers</h3><p>Dashboard → Serversの順にクリックして、All Serversページに移動します。このアカウントに属する全サーバーが、各サーバーにインストールされている製品とともにリスト表示されます。</p><p><img src="/images/allservers.png" alt=""></p><p>表には、アカウント内の全製品のアクティブ化されたサーバーがすべて含まれています。表には、以下の列が含まれています。</p><ul><li><strong>Server name</strong> — サーバーのホスト名</li><li><strong>IP</strong> — サーバーのIPアドレス</li><li><strong>Registered</strong> — サーバーがアクティブ化された日付。サーバーは、この情報をCLNに送信します</li><li><strong>Group</strong> — サーバーグループ（サーバーグループの詳細については、<a href="https://docs.cln.cloudlinux.com/dashboard/#server-groups" target="_blank" rel="noopener noreferrer">CLNのドキュメント</a>を参照してください）</li><li><strong>Installed products</strong> — サーバー上でアクティブ化された製品のロゴの表示</li><li><strong>Actions</strong><ul><li>アイテムを削除するには、<img src="/images/remove.png" alt=""> をクリックしてください</li></ul></li></ul><p>サーバーの詳細を表示するには、サーバー名をクリックしてください。</p><ul><li><strong>Installed products</strong> — インストール済み製品の完全な名前</li><li><strong>Last check-in</strong> — サーバーが正常にチェックインに応答した最後の日付</li></ul><p>以下のフィルターを利用できます。</p><ul><li><strong>Product</strong> — <em>Product</em>ボタンをクリックすると、1つ以上の製品を選択できま</li><li><strong>Registered date</strong> — <em>Registered date</em>をクリックすると、カレンダーが表示されます。選択した日付または期間でフィルタリングできます</li><li><strong>Search</strong> — クエリを入力します。検索は、<em>Server name</em>と<em>Activation key</em>エンティティで実行されます</li></ul><h2 id="live-patching-services" tabindex="-1"><a class="header-anchor" href="#live-patching-services" aria-hidden="true">#</a> Live Patching Services</h2><p><em>Live Patching Services</em>をクリックすると、<em>Server License Types</em>ページにリダイレクトされます。</p><p><img src="/images/serverlicensetypes.png" alt=""></p><p>このページでは、サーバーライセンス数を確認できます。また、TuxCareセールスチームに連絡して、ライセンスと請求サイクルを管理できます。</p><h2 id="extended-support-services" tabindex="-1"><a class="header-anchor" href="#extended-support-services" aria-hidden="true">#</a> Extended Support Services</h2><p><em>Extended Support Services</em>をクリックすると、<em>Server License Types</em>ページにリダイレクトされます。</p><p><img src="/images/serverlicensetypes1.png" alt=""></p><h3 id="server-license-types" tabindex="-1"><a class="header-anchor" href="#server-license-types" aria-hidden="true">#</a> Server License Types</h3><p>このページでは、各製品のサーバーライセンス数を確認できます。</p><ul><li><strong>Manage servers</strong> –<a aria-current="page" href="/jp/tuxcare-cln/#servers-2" class="router-link-active router-link-exact-active">Servers | Selected product</a>へのショートカット</li><li><strong>Manage activation keys</strong> –<a aria-current="page" href="/jp/tuxcare-cln/#activation-keys" class="router-link-active router-link-exact-active">Activation Keys | Selected product</a>ページへのショートカット</li></ul><h3 id="activation-keys" tabindex="-1"><a class="header-anchor" href="#activation-keys" aria-hidden="true">#</a> Activation Keys</h3><p>Extended Support Services → Activation Keysの順にクリックすると、Activation Keysページにリダイレクトされます。</p><p><img src="/images/activationkeys.png" alt=""></p><p>表には、アカウント内の全製品のアクティベーションキーがすべて含まれています。表には、以下の列が含まれています。</p><ul><li><strong>Activation key</strong> — 製品のアクティベーションに使用される英数字の文字列です</li><li><strong>License type</strong> — 使用されるサーバーライセンスの種類です。サーバーユーザーの制限を決定します</li><li><strong>Note</strong> — このアクティベーションキーに追加した情報</li><li><strong>Servers (used/limits)</strong> — このキーですでにアクティブ化されたサーバー数（used）と、この特定のキーで登録できるサーバーの総数（limits）</li><li><strong>チェック</strong> — 1つ以上のアクティベーションキーにチェックを入れて、削除アクションを実行します（(use <img src="/images/delete.png" alt="">) を使用）</li></ul><div class="tip custom-block"><p class="custom-block-title">注意</p><p>デフォルトのアクティベーションキーは削除できません。</p></div><p>以下のフィルターを利用できます。</p><ul><li><strong>Server limits</strong> — サーバー制限／無制限でフィルタリング</li><li><strong>License type</strong> — ライセンスの種類でフィルタリング</li></ul><p>アクティベーションキーをクリックすると、そのキーの<a aria-current="page" href="/jp/tuxcare-cln/#activation-key-details" class="router-link-active router-link-exact-active">Activation Key Details（アクティベーションキー詳細）</a>ページに移動します。</p><h4 id="製品別アクティベーションキー" tabindex="-1"><a class="header-anchor" href="#製品別アクティベーションキー" aria-hidden="true">#</a> 製品別アクティベーションキー</h4><p><em>Extended Support Services</em> → <em>Product</em>の順にクリックすると、その<em>Product Activation Keys</em>ページにリダイレクトされます。</p><p><img src="/images/productactivationkeypage.png" alt=""></p><ul><li>製品のアクティベーションキーがない場合は、<em>Create activation key</em>をクリックしてキーを作成できます。</li><li>製品のデフォルトのアクティベーションキーがある場合は、<em>Generate new activation key</em>をクリックして、新しいキーを生成できます。新しいキーは自動的に作成され、表に追加されます。</li><li><em>Copy</em>をクリックすると、アクティベーションキーをコピーできます。</li></ul><p>この表には、製品のすべてのアクティベーションキーが含まれています。表には、以下の列が含まれます。</p><ul><li><strong>Activation key</strong> — 製品のアクティベーションに使用される英数字の文字列です。</li><li><strong>Note</strong> — このアクティベーションキーに追加した情報</li><li><strong>Servers (used/limits)</strong> – このキーですでにアクティブ化されているサーバー数（used）と、この特定のキーで登録できるサーバーの総数（limits）</li></ul><p>キーを削除するには、キーを選択して <img src="/images/delete.png" alt=""> をクリックしてください。</p><p>以下のフィルターを利用できます。</p><ul><li><strong>Server limits</strong> — サーバー制限／無制限でフィルタリング</li><li><strong>検索</strong></li></ul><p>キーをクリックして、このキーの<em>Activation Key Details</em>ページに移動します。</p><h4 id="activation-key-details" tabindex="-1"><a class="header-anchor" href="#activation-key-details" aria-hidden="true">#</a> Activation Key Details</h4><p><img src="/images/activationkeydetails.png" alt=""></p><p>このページでは、以下のことができます。</p><ul><li>アクティベーションキーの完全な情報の閲覧</li><li>キーの編集。 <em>Edit key</em>をクリックしてください</li><li>キーの削除。 <img src="/images/delete1.png" alt=""> をクリックしてください</li><li>サーバーリストの確認</li></ul><p>表には、そのキーで登録されたすべてのサーバーが含まれています。表には以下の列があります。</p><ul><li><strong>Server name</strong> — サーバーのホスト名</li><li><strong>IP</strong> — サーバーのIPアドレス</li><li><strong>Registered</strong> — サーバーがアクティブ化された日付。サーバーはこの情報をCLNに送信します</li><li><strong>Last check-in</strong> — サーバーがチェックインに正常に応答した最後の日付</li></ul><p>以下のフィルターを利用できます。</p><ul><li><strong>Server limits</strong> — サーバー制限／無制限でフィルタリング</li><li><strong>検索欄</strong></li></ul><h3 id="サーバー" tabindex="-1"><a class="header-anchor" href="#サーバー" aria-hidden="true">#</a> サーバー</h3><p><em>Extended Support Services</em> → <em>Servers</em>の順にクリックすると、Serversページにリダイレクトされます。</p><p><img src="/images/servers.png" alt=""></p><p>表には、延長ライフサイクルサポート内のあらゆる製品に対してアクティブ化されたすべてのサーバーが含まれています。表には以下の列があります。</p><ul><li><strong>Server name</strong> — サーバーのホスト名</li><li><strong>IP</strong> — サーバーのIPアドレス</li><li><strong>Registered</strong> — サーバーがアクティブ化された日付。サーバーは、この情報をCLNに送信します</li><li><strong>Installed products</strong> — サーバー上でアクティブ化された製品のロゴの表示</li><li><strong>Actions</strong><ul><li>アイテムを削除するには、 <img src="/images/remove.png" alt=""> をクリックしてください</li></ul></li></ul><p>サーバーの詳細を表示するには、サーバー名をクリックしてください。</p><ul><li><strong>Installed products</strong> – インストール済み製品の完全な名前</li><li><strong>Last check-in</strong> — サーバーが正常にチェックインに応答した最後の日付</li></ul><p>以下のフィルターを利用できます。</p><ul><li><strong>Product</strong> — <em>Product</em>ボタンをクリックして、1つ以上の製品を選択します</li><li><strong>Registered date</strong> — <em>Registered date</em>をクリックすると、カレンダーが表示されます。選択した日付または期間でフィルタリングできます</li><li><strong>検索</strong> — クエリを入力します</li></ul><h4 id="製品別サーバー" tabindex="-1"><a class="header-anchor" href="#製品別サーバー" aria-hidden="true">#</a> 製品別サーバー</h4><p><em>Extended Support Service</em>s → <em>Servers</em> → <em>Product</em>の順にクリックすると、その製品の<em>Product Servers</em>ページにリダイレクトされます。</p><p><img src="/images/productservers.png" alt=""></p><p>表には、延長ライフサイクルサポート内でその製品用にアクティブ化されたすべてのサーバーが含まれています。表には以下の列があります。</p><ul><li><strong>Server name</strong> — サーバーのホスト名</li><li><strong>IP</strong> — サーバーのIPアドレス</li><li><strong>Registered</strong> — サーバーがアクティブ化された日付。サーバーは、この情報をCLNに送信します</li><li><strong>Installed products</strong> — サーバー上でアクティブ化された製品のロゴの表示</li><li><strong>Actions</strong><ul><li>アイテムを削除するには、 <img src="/images/remove.png" alt=""> をクリックしてください</li></ul></li></ul><p>サーバーの詳細を表示するには、サーバー名をクリックしてください。</p><ul><li><strong>Installed products</strong> — インストール済み製品の完全な名前</li><li><strong>Last check-in</strong> — サーバーが正常にチェックインに応答した最後の日付</li></ul><p>以下のフィルターを利用できます。</p><ul><li><strong>Registered date</strong> — <em>Registered date</em>をクリックすると、カレンダーが表示されます。選択した日付または期間でフィルタリングできます</li><li><strong>検索</strong> — クエリを入力します</li></ul><p><em>Get servers list</em>をクリックすると、サーバーリストをダウンロードできます。</p><h2 id="billing" tabindex="-1"><a class="header-anchor" href="#billing" aria-hidden="true">#</a> Billing</h2><h3 id="balance-top-up" tabindex="-1"><a class="header-anchor" href="#balance-top-up" aria-hidden="true">#</a> Balance &amp; Top up</h3><p><em>Billing</em>をクリックすると、<em>Balance &amp; Top up</em>ページにリダイレクトされます。</p><p><img src="/images/billingmain.png" alt=""></p><p>このページでは、以下のことがわかります。</p><ul><li>現在のプランと価格</li><li>残高</li></ul><p>金額を入力して<em>Top up</em>をクリックすると、アカウントに入金できます。</p><h3 id="payment-methods" tabindex="-1"><a class="header-anchor" href="#payment-methods" aria-hidden="true">#</a> Payment methods</h3><p><em>Billing</em> → <em>Payment methods</em>の順にクリックすると、<em>Payment methods</em>ページにリダイレクトされます。</p><p>以下のタブを使用できます。</p><ul><li><strong>Billing information</strong></li><li><strong>Payment methods</strong></li><li><strong>Autopayment</strong></li></ul><h4 id="billing-information" tabindex="-1"><a class="header-anchor" href="#billing-information" aria-hidden="true">#</a> Billing information</h4><p><img src="/images/billingcontacts.png" alt=""></p><p>ここでは、請求先のEメールアドレスを変更できます。 変更を適用するには、<em>Save</em>をクリックしてください。</p><h4 id="payment-methods-1" tabindex="-1"><a class="header-anchor" href="#payment-methods-1" aria-hidden="true">#</a> Payment methods</h4><p><img src="/images/paymentmethods.png" alt=""></p><p>ここでは、支払い方法を管理できます。変更を適用するには、<em>Save</em>をクリックしてください。</p><h4 id="autopayment" tabindex="-1"><a class="header-anchor" href="#autopayment" aria-hidden="true">#</a> Autopayment</h4><p><img src="/images/autopayment.png" alt=""></p><p>ここでは、自動支払いの種類を変更できます。</p><ul><li>Auto add funds（自動資金追加）</li><li>Auto repay（自動支払）</li><li>Do not add funds automatically（自動で資金を追加しない）</li></ul><p>変更を適用するには、<em>Save</em>をクリックしてください。</p><h3 id="invoices" tabindex="-1"><a class="header-anchor" href="#invoices" aria-hidden="true">#</a> Invoices</h3><p><img src="/images/invoices.png" alt=""></p><p>表には以下の列があります。</p><ul><li><strong>Invoice id</strong> — 一意の請求書番号</li><li><strong>Created</strong> — 請求書の発行日</li><li><strong>Type</strong> — 支払いの種類：請求書または支払いの受領</li><li><strong>Pay period</strong> — 発行された請求書の対象期間の開始日</li><li><strong>Total</strong> — 受領済み／支払う必要がある合計金額</li><li><strong>Balance</strong> — 現在の残高</li><li><strong>Actions</strong> — 以下のアクションを利用できます。 <ul><li><strong>請求書の閲覧</strong> — — 請求書の詳細を閲覧するには、<img src="/images/eye.png" alt="">をクリックしてください。詳細は、新しいポップアップで開きます。</li><li><strong>請求書のダウンロード</strong> — — 請求書をダウンロードするには、<img src="/images/download.png" alt="">をクリックしてください。</li></ul></li></ul><p>請求書の詳細を表示するには、<img src="/images/details.png" alt=""> をクリックしてください。</p><h2 id="settings" tabindex="-1"><a class="header-anchor" href="#settings" aria-hidden="true">#</a> Settings</h2><p>アカウントの詳細に移動するには、右上隅にある Userアイコン → <em>Settings</em>をクリックします。<em>Account details</em>ページにリダイレクトされます。</p><p><img src="/images/accountsettings.png" alt=""></p><h3 id="account-details" tabindex="-1"><a class="header-anchor" href="#account-details" aria-hidden="true">#</a> Account details</h3><p>以下のタブを使用できます。</p><ul><li>Personal information（個人情報）</li><li>Company information（企業情報）</li><li>Billing contact information（請求連絡先情報）</li></ul><h4 id="p個人情報" tabindex="-1"><a class="header-anchor" href="#p個人情報" aria-hidden="true">#</a> P個人情報</h4><p><img src="/images/personalinformation.png" alt=""></p><p>*の付いた入力欄はすべて必須です。</p><ul><li><strong>API secret key</strong> – この鍵をCLN APIで使用します</li><li><strong>IM Upgrade URL</strong> – Imunify製品をアップグレードするためのURL（URLがデフォルトのものではない場合）</li></ul><p>パスワードを変更するには、<em>Change password</em>をクリックします。</p><p>2要素認証を有効にするには、スイッチを<em>On</em>にします。</p><p>変更を適用するには、<em>Save</em>をクリックしてください。</p><h4 id="企業情報" tabindex="-1"><a class="header-anchor" href="#企業情報" aria-hidden="true">#</a> 企業情報</h4><p><img src="/images/companyinformation.png" alt=""></p><p>変更を適用するには、<em>Save</em>をクリックしてください。</p><h4 id="請求連絡先" tabindex="-1"><a class="header-anchor" href="#請求連絡先" aria-hidden="true">#</a> 請求連絡先</h4><p><img src="/images/billinginformation.png" alt=""></p><p>変更を適用するには、<em>Save</em>をクリックしてください。</p><h3 id="account-sublogins" tabindex="-1"><a class="header-anchor" href="#account-sublogins" aria-hidden="true">#</a> Account sublogins</h3><p>Eメールアドレスの形式で、ご利用のアカウントに追加のログイン名を作成できます。サブログイン名は、以下に一覧表示されている、さまざまな権限がある任意の役割を持つことができます。マスターサーバー管理者アカウントには、すべての権限があり、アカウントサブログイン名を作成できます。</p><p><img src="/images/accountsublogins.png" alt=""></p><p>変更を適用するには、<em>Save</em>をクリックしてください。</p><h4 id="役割" tabindex="-1"><a class="header-anchor" href="#役割" aria-hidden="true">#</a> #役割</h4><h4 id="full-access-admin" tabindex="-1"><a class="header-anchor" href="#full-access-admin" aria-hidden="true">#</a> Full Access/Admin</h4><ul><li>製品の閲覧</li><li>サーバー／ライセンス情報の閲覧</li><li>レポーティング</li><li>サーバーの追加／削除</li><li>アクティベーションキーの作成</li><li>ライセンスの注文／削除</li><li>請求書の閲覧</li><li>請求情報の閲覧</li><li>クレジットカード情報の編集</li><li>アカウント情報の編集</li><li>請求情報の編集／再販業者用入金</li><li>料金の閲覧</li><li>アカウント情報の表示</li><li>パスワードの変更</li></ul><h4 id="billing-1" tabindex="-1"><a class="header-anchor" href="#billing-1" aria-hidden="true">#</a> Billing</h4><ul><li>製品の閲覧</li><li>サーバー／ライセンス情報の閲覧</li><li>請求書の閲覧</li><li>請求情報の閲覧</li><li>クレジットカード情報の編集</li><li>アカウント情報の編集</li><li>請求情報の編集／再販業者用入金</li><li>料金の閲覧</li><li>アカウント情報の閲覧</li></ul><h4 id="server-and-license-management" tabindex="-1"><a class="header-anchor" href="#server-and-license-management" aria-hidden="true">#</a> Server and License Management</h4><ul><li>製品の閲覧</li><li>サーバー／ライセンス情報の閲覧</li><li>レポーティング</li><li>サーバーの追加／削除</li><li>アクティベーションキーの作成</li><li>ライセンスの注文／削除</li></ul><h4 id="server-management-only" tabindex="-1"><a class="header-anchor" href="#server-management-only" aria-hidden="true">#</a> Server Management Only</h4><ul><li>製品の閲覧</li><li>サーバー／ライセンス情報の閲覧</li><li>レポーティング</li><li>サーバーの追加／削除</li><li>アクティベーションキーの作成</li></ul><h4 id="read-only-—-billing" tabindex="-1"><a class="header-anchor" href="#read-only-—-billing" aria-hidden="true">#</a> Read Only — Billing</h4><ul><li>製品の閲覧</li><li>サーバー／ライセンス情報の閲覧</li><li>レポーティング</li><li>請求書の閲覧</li><li>請求情報の閲覧</li></ul><h4 id="read-only-—-server-management" tabindex="-1"><a class="header-anchor" href="#read-only-—-server-management" aria-hidden="true">#</a> Read Only — Server Management</h4><ul><li>製品の閲覧</li><li>サーバー／ライセンス情報の閲覧</li><li>レポーティング</li></ul><h3 id="reports" tabindex="-1"><a class="header-anchor" href="#reports" aria-hidden="true">#</a> Reports</h3><p>ご希望のEメールアドレスにアカウントのレポートを受信するように設定できます。</p><p><img src="/images/reports.png" alt=""></p><p>新しいレポートの設定を追加するには、<em>Add config</em>をクリックしてください。</p></div><div class="page-edit"><div class="edit-link"><img src="/global/pen.svg" alt="icon pen"><a href="https://github.com/cloudlinux/tuxcare-documentation/tree/master/docs/jp/tuxcare-cln/README.md" target="_blank" rel="noopener noreferrer">Edit this page</a></div></div><div class="back-to-top" data-v-1eb13e00><a class="nav-arrow top back-to-top__link" data-v-1eb13e00><span class="back-to-top__link-span" data-v-1eb13e00>Scroll up</span></a></div><!--[--><!--]--></div><!----><div class="footer footer-default-layout" data-v-0190e83e><div class="footer__img" data-v-0190e83e><a href="https://tuxcare.com" data-v-0190e83e><img src="/global/we-are-cloudlinux.svg" data-v-0190e83e></a></div><div class="footer-company-title" data-v-0190e83e>2023. CloudLinux Inc </div><div class="social" data-v-0190e83e><div class="social_links" data-v-0190e83e><!--[--><a href="https://cloudlinux.zendesk.com/hc/en-us/categories/360002375960-KernelCare" target="_blank" data-v-0190e83e>Knowledge base</a><a href="https://forum.cloudlinux.com/forum/tuxcare" target="_blank" data-v-0190e83e>Forum</a><a href="https://blog.tuxcare.com/" target="_blank" data-v-0190e83e>Blog</a><a href="https://www.cloudlinux.com/privacy-policy/" target="_blank" data-v-0190e83e>Privacy Policy</a><!--]--></div><span class="footer-social-text" data-v-0190e83e>Stay in touch</span><div class="social-icons-wrapper" data-v-0190e83e><!--[--><a class="social-icons-link" href="https://www.facebook.com/tuxcare/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/fb.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://twitter.com/tuxcare_/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/tw.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://linkedin.com/company/tuxcare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/in.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://www.youtube.com/@TuxCare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/ytube.png" alt="footer logo" data-v-0190e83e></a><!--]--></div></div></div></div><!----><!--]--></div>
-    <script type="module" src="/assets/app-566f9dfe.js" defer></script>
+    <script type="module" src="/assets/app-eec13f0a.js" defer></script>
   </body>
 </html>
diff --git a/jp/tuxcare/index.html b/jp/tuxcare/index.html
index dda02c82..571f4890 100644
--- a/jp/tuxcare/index.html
+++ b/jp/tuxcare/index.html
@@ -39,10 +39,10 @@
                     })();
                   </script><title>TuxCare</title><meta name="description" content="">
     <link rel="preload" href="/assets/style-9d49d80e.css" as="style"><link rel="stylesheet" href="/assets/style-9d49d80e.css">
-    <link rel="modulepreload" href="/assets/app-566f9dfe.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-270136ce.js"><link rel="modulepreload" href="/assets/index.html-9a9ef1ef.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-b5822e8c.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-a217ad23.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
+    <link rel="modulepreload" href="/assets/app-eec13f0a.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-9a9ef1ef.js"><link rel="modulepreload" href="/assets/index.html-270136ce.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-8a6bcf47.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-04b3e155.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
   </head>
   <body>
     <div id="app"><!--[--><div class="theme-container"><header class="navbar fixed"><div class="navbar-header"><div class="navbar-header__logo-wrapper"><a href="/" class="home-link"><img class="logo" src="/global/logo.svg" alt="logo header"></a><div class="header-layout__search-container header-mobile__hidden"><!----><form id="search-form" class="drawer-header__input"><input value="" id="algolia-search-input" placeholder="Search" class="header-layout__search-default"><div class="header-layout__search-icon-default"><img alt="search icon" src="/global/search.svg"></div></form><div><div class="drawer"><div class="drawer-header"><div class="drawer-header__wrapper"><h2 class="drawer-header__paragraph">How can we help you?</h2><div id="drawerSearch"></div></div><div class="drawer-cross"><img class="drawer-cross__img" src="/global/cross.svg" alt="cross"><p class="drawer-cross__text">close</p></div></div><div class="drawer-tabs__wrapper" data-v-c60e280a><!--[--><!--]--></div><main><div class="drawer-main"><div class="drawer-main__wrapper"><div class="drawer-main__breadcrumb"><!----></div><!--[--><!----><div style="--aa1be2ec:15;"><p class="no_results">What are you searching for?</p></div><!--]--></div></div><!----></main></div><!----></div></div></div><div class="links" style="max-width:nullpx;"><img class="navbar-header__mobile-search" src="/global/search.svg" alt="icon image"><div class="header-products-wrapper"><div class="dropdown"><!----><!----><div class="header-products-container"><img class="header-products-container__img" alt="hamburger menu" src="/global/hamburger-menu.svg"><p class="header-products-wrapper-paragraph">Products</p><img class="products-icon__default" width="10" height="8" src="/arrows/arrow-down.svg" alt="arrow down icon"></div></div></div><!--[--><a target="_blank" class="btn">Ask GPT?</a><a href="https://www.tuxcare.com/support-portal/" target="_blank" class="btn">Submit support request</a><a href="https://features.tuxcare.com/submit-idea/" target="_blank" class="btn">Submit your idea</a><!--]--></div></div><!----></header><!----><div class="page"><!--[--><!--]--><div class="breadcrumb-wrapper page-breadcrumb" data-v-9445381a><span class="breadcrumb-title" data-v-9445381a>Documentation:</span><!--[--><a aria-current="page" href="/jp/tuxcare/" class="router-link-active router-link-exact-active breadcrumb" data-v-9445381a>TuxCare</a><!--]--></div><img class="page-mobile__sidebar-menu" src="/global/sidebar-menu.svg" alt="sidebar hamburger menu"><div class="page-nav-wrapper"><!----></div><div class="content" custom="false"><h1 id="tuxcare" tabindex="-1"><a class="header-anchor" href="#tuxcare" aria-hidden="true">#</a> TuxCare</h1><p>TuxCareサービスは、Linuxの運用を自動化し、簡略化し、改善します。TuxCareサービスによって、組織は、Linuxディストリビューションの選択とバージョンをより柔軟に管理でき、メンテナンス費用を大幅に削減でき、セキュリティとコンプライアンス体制を大幅に強化できます。</p><p>TuxCareは、CloudLinuxのKernelCareブランドと延長ライフサイクルサポートブランドが拡張されたものです。組織がEnterprise Linuxシステムのサポート、メンテナンス、セキュリティを管理するのに役立ちます。</p><p><a href="/jp/live-patching-services/" class="">TuxCareライブパッチ適用サービス</a>により、Linuxカーネル、ライブラリ、データベース、仮想化プラットフォーム、IoT端末に、ダウンタイムなしで自動的にセキュリティパッチが適用されます。</p><p><a href="/jp/extended-lifecycle-support/" class="">TuxCare延長ライフサイクルサポート</a>サービスを使用すると、ライフサイクルが終了したディストリビューションを実行する一般的なリスクから保護された状態を維持しながら、ご自身の都合に合わせて最新バージョンのLinuxに移行できます。</p><p><a href="/jp/linux-support-services/" class="">Linuxサポートサービス</a>は、特定のベンダーに依存しないテクノロジーパートナーシップの特典がある、エンタープライズクラスのLinuxサポートを幅広く提供しています。手頃な価格で、柔軟に、現在ご利用のバージョンのLinuxシステムを継続的に更新して安全に保つことができるサービスです。</p></div><div class="page-edit"><div class="edit-link"><img src="/global/pen.svg" alt="icon pen"><a href="https://github.com/cloudlinux/tuxcare-documentation/tree/master/docs/jp/tuxcare/README.md" target="_blank" rel="noopener noreferrer">Edit this page</a></div></div><div class="back-to-top" data-v-1eb13e00><a class="nav-arrow top back-to-top__link" data-v-1eb13e00><span class="back-to-top__link-span" data-v-1eb13e00>Scroll up</span></a></div><!--[--><!--]--></div><!----><div class="footer footer-default-layout" data-v-0190e83e><div class="footer__img" data-v-0190e83e><a href="https://tuxcare.com" data-v-0190e83e><img src="/global/we-are-cloudlinux.svg" data-v-0190e83e></a></div><div class="footer-company-title" data-v-0190e83e>2023. CloudLinux Inc </div><div class="social" data-v-0190e83e><div class="social_links" data-v-0190e83e><!--[--><a href="https://cloudlinux.zendesk.com/hc/en-us/categories/360002375960-KernelCare" target="_blank" data-v-0190e83e>Knowledge base</a><a href="https://forum.cloudlinux.com/forum/tuxcare" target="_blank" data-v-0190e83e>Forum</a><a href="https://blog.tuxcare.com/" target="_blank" data-v-0190e83e>Blog</a><a href="https://www.cloudlinux.com/privacy-policy/" target="_blank" data-v-0190e83e>Privacy Policy</a><!--]--></div><span class="footer-social-text" data-v-0190e83e>Stay in touch</span><div class="social-icons-wrapper" data-v-0190e83e><!--[--><a class="social-icons-link" href="https://www.facebook.com/tuxcare/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/fb.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://twitter.com/tuxcare_/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/tw.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://linkedin.com/company/tuxcare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/in.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://www.youtube.com/@TuxCare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/ytube.png" alt="footer logo" data-v-0190e83e></a><!--]--></div></div></div></div><!----><!--]--></div>
-    <script type="module" src="/assets/app-566f9dfe.js" defer></script>
+    <script type="module" src="/assets/app-eec13f0a.js" defer></script>
   </body>
 </html>
diff --git a/kernelcare-for-iot/index.html b/kernelcare-for-iot/index.html
index 1f9f49ea..d98e79b8 100644
--- a/kernelcare-for-iot/index.html
+++ b/kernelcare-for-iot/index.html
@@ -39,10 +39,10 @@
                     })();
                   </script><title>KernelCare for IOT</title><meta name="description" content="">
     <link rel="preload" href="/assets/style-9d49d80e.css" as="style"><link rel="stylesheet" href="/assets/style-9d49d80e.css">
-    <link rel="modulepreload" href="/assets/app-566f9dfe.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-f8b8c896.js"><link rel="modulepreload" href="/assets/index.html-e1c111f0.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-b5822e8c.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-a217ad23.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
+    <link rel="modulepreload" href="/assets/app-eec13f0a.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-f8b8c896.js"><link rel="modulepreload" href="/assets/index.html-e1c111f0.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-8a6bcf47.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-04b3e155.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
   </head>
   <body>
     <div id="app"><!--[--><div class="theme-container"><header class="navbar fixed"><div class="navbar-header"><div class="navbar-header__logo-wrapper"><a href="/" class="home-link"><img class="logo" src="/global/logo.svg" alt="logo header"></a><div class="header-layout__search-container header-mobile__hidden"><!----><form id="search-form" class="drawer-header__input"><input value="" id="algolia-search-input" placeholder="Search" class="header-layout__search-default"><div class="header-layout__search-icon-default"><img alt="search icon" src="/global/search.svg"></div></form><div><div class="drawer"><div class="drawer-header"><div class="drawer-header__wrapper"><h2 class="drawer-header__paragraph">How can we help you?</h2><div id="drawerSearch"></div></div><div class="drawer-cross"><img class="drawer-cross__img" src="/global/cross.svg" alt="cross"><p class="drawer-cross__text">close</p></div></div><div class="drawer-tabs__wrapper" data-v-c60e280a><!--[--><!--]--></div><main><div class="drawer-main"><div class="drawer-main__wrapper"><div class="drawer-main__breadcrumb"><!----></div><!--[--><!----><div style="--aa1be2ec:15;"><p class="no_results">What are you searching for?</p></div><!--]--></div></div><!----></main></div><!----></div></div></div><div class="links" style="max-width:nullpx;"><img class="navbar-header__mobile-search" src="/global/search.svg" alt="icon image"><div class="header-products-wrapper"><div class="dropdown"><!----><!----><div class="header-products-container"><img class="header-products-container__img" alt="hamburger menu" src="/global/hamburger-menu.svg"><p class="header-products-wrapper-paragraph">Products</p><img class="products-icon__default" width="10" height="8" src="/arrows/arrow-down.svg" alt="arrow down icon"></div></div></div><!--[--><a target="_blank" class="btn">Ask GPT?</a><a href="https://www.tuxcare.com/support-portal/" target="_blank" class="btn">Submit support request</a><a href="https://features.tuxcare.com/submit-idea/" target="_blank" class="btn">Submit your idea</a><!--]--></div></div><!----></header><!----><div class="page"><!--[--><!--]--><div class="breadcrumb-wrapper page-breadcrumb" data-v-9445381a><span class="breadcrumb-title" data-v-9445381a>Documentation:</span><!--[--><a aria-current="page" href="/kernelcare-for-iot/" class="router-link-active router-link-exact-active breadcrumb" data-v-9445381a>KernelCare for IOT</a><!--]--></div><img class="page-mobile__sidebar-menu" src="/global/sidebar-menu.svg" alt="sidebar hamburger menu"><div class="page-nav-wrapper"><!----></div><div class="content" custom="false"><h1 id="kernelcare-for-iot" tabindex="-1"><a class="header-anchor" href="#kernelcare-for-iot" aria-hidden="true">#</a> KernelCare for IOT</h1><p>Provides live security patching for ARM64-based embedded systems for enterprise IoT users and original equipment manufacturers.</p><p>For the list of supported distributions and chipsets, <a href="https://tuxcare.com/live-patching-services/kernelcare-iot/" target="_blank" rel="noopener noreferrer">visit this page</a>.</p><h3 id="how-kernelcare-iot-works" tabindex="-1"><a class="header-anchor" href="#how-kernelcare-iot-works" aria-hidden="true">#</a> How KernelCare IoT works</h3><ul><li>The KernelCare team is constantly monitoring security mailing lists to check for vulnerabilities. As soon as one is found, the team prepares a patch and then sends it to distribution servers.</li><li>An agent will run a process on your device, checking with the distribution servers every 4 hours until it finds a new patch and then safely apply it to the running kernel without needing to stop it.</li><li>A special kernel module is used to apply the patches. It first loads the update into the kernel address space, then it places relocations on the original code/data to make sure the code block doesn’t execute during the update. Once finished, it will safely switch the execution path from the original to the updated code and then make sure the old code will never run again.</li><li>KernelCare does all of this instantly, automatically, and without service interruptions.</li></ul><p>For more information about KernelCare for IOT, <a href="https://tuxcare.com/live-patching-services/kernelcare-iot/" target="_blank" rel="noopener noreferrer">visit this page</a>.</p></div><div class="page-edit"><div class="edit-link"><img src="/global/pen.svg" alt="icon pen"><a href="https://github.com/cloudlinux/tuxcare-documentation/tree/master/docs/kernelcare-for-iot/README.md" target="_blank" rel="noopener noreferrer">Edit this page</a></div></div><div class="back-to-top" data-v-1eb13e00><a class="nav-arrow top back-to-top__link" data-v-1eb13e00><span class="back-to-top__link-span" data-v-1eb13e00>Scroll up</span></a></div><!--[--><!--]--></div><!----><div class="footer footer-default-layout" data-v-0190e83e><div class="footer__img" data-v-0190e83e><a href="https://tuxcare.com" data-v-0190e83e><img src="/global/we-are-cloudlinux.svg" data-v-0190e83e></a></div><div class="footer-company-title" data-v-0190e83e>2023. CloudLinux Inc </div><div class="social" data-v-0190e83e><div class="social_links" data-v-0190e83e><!--[--><a href="https://cloudlinux.zendesk.com/hc/en-us/categories/360002375960-KernelCare" target="_blank" data-v-0190e83e>Knowledge base</a><a href="https://forum.cloudlinux.com/forum/tuxcare" target="_blank" data-v-0190e83e>Forum</a><a href="https://blog.tuxcare.com/" target="_blank" data-v-0190e83e>Blog</a><a href="https://www.cloudlinux.com/privacy-policy/" target="_blank" data-v-0190e83e>Privacy Policy</a><!--]--></div><span class="footer-social-text" data-v-0190e83e>Stay in touch</span><div class="social-icons-wrapper" data-v-0190e83e><!--[--><a class="social-icons-link" href="https://www.facebook.com/tuxcare/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/fb.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://twitter.com/tuxcare_/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/tw.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://linkedin.com/company/tuxcare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/in.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://www.youtube.com/@TuxCare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/ytube.png" alt="footer logo" data-v-0190e83e></a><!--]--></div></div></div></div><!----><!--]--></div>
-    <script type="module" src="/assets/app-566f9dfe.js" defer></script>
+    <script type="module" src="/assets/app-eec13f0a.js" defer></script>
   </body>
 </html>
diff --git a/live-patching-services/index.html b/live-patching-services/index.html
index 78f49c37..928d70cc 100644
--- a/live-patching-services/index.html
+++ b/live-patching-services/index.html
@@ -39,41 +39,44 @@
                     })();
                   </script><title>KernelCare Enterprise</title><meta name="description" content="">
     <link rel="preload" href="/assets/style-9d49d80e.css" as="style"><link rel="stylesheet" href="/assets/style-9d49d80e.css">
-    <link rel="modulepreload" href="/assets/app-566f9dfe.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-a217ad23.js"><link rel="modulepreload" href="/assets/uchecker-31d683fa.js"><link rel="modulepreload" href="/assets/eportal-qemu-feed-7c9efdb9.js"><link rel="modulepreload" href="/assets/index.html-b5822e8c.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
+    <link rel="modulepreload" href="/assets/app-eec13f0a.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-04b3e155.js"><link rel="modulepreload" href="/assets/uchecker-31d683fa.js"><link rel="modulepreload" href="/assets/eportal-qemu-feed-7c9efdb9.js"><link rel="modulepreload" href="/assets/index.html-8a6bcf47.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
   </head>
   <body>
-    <div id="app"><!--[--><div class="theme-container"><header class="navbar fixed"><div class="navbar-header"><div class="navbar-header__logo-wrapper"><a href="/" class="home-link"><img class="logo" src="/global/logo.svg" alt="logo header"></a><div class="header-layout__search-container header-mobile__hidden"><!----><form id="search-form" class="drawer-header__input"><input value="" id="algolia-search-input" placeholder="Search" class="header-layout__search-default"><div class="header-layout__search-icon-default"><img alt="search icon" src="/global/search.svg"></div></form><div><div class="drawer"><div class="drawer-header"><div class="drawer-header__wrapper"><h2 class="drawer-header__paragraph">How can we help you?</h2><div id="drawerSearch"></div></div><div class="drawer-cross"><img class="drawer-cross__img" src="/global/cross.svg" alt="cross"><p class="drawer-cross__text">close</p></div></div><div class="drawer-tabs__wrapper" data-v-c60e280a><!--[--><!--]--></div><main><div class="drawer-main"><div class="drawer-main__wrapper"><div class="drawer-main__breadcrumb"><!----></div><!--[--><!----><div style="--aa1be2ec:15;"><p class="no_results">What are you searching for?</p></div><!--]--></div></div><!----></main></div><!----></div></div></div><div class="links" style="max-width:nullpx;"><img class="navbar-header__mobile-search" src="/global/search.svg" alt="icon image"><div class="header-products-wrapper"><div class="dropdown"><!----><!----><div class="header-products-container"><img class="header-products-container__img" alt="hamburger menu" src="/global/hamburger-menu.svg"><p class="header-products-wrapper-paragraph">Products</p><img class="products-icon__default" width="10" height="8" src="/arrows/arrow-down.svg" alt="arrow down icon"></div></div></div><!--[--><a target="_blank" class="btn">Ask GPT?</a><a href="https://www.tuxcare.com/support-portal/" target="_blank" class="btn">Submit support request</a><a href="https://features.tuxcare.com/submit-idea/" target="_blank" class="btn">Submit your idea</a><!--]--></div></div><!----></header><!----><div class="page"><!--[--><!--]--><div class="breadcrumb-wrapper page-breadcrumb" data-v-9445381a><span class="breadcrumb-title" data-v-9445381a>Documentation:</span><!--[--><a aria-current="page" href="/live-patching-services/" class="router-link-active router-link-exact-active breadcrumb" data-v-9445381a>KernelCare Enterprise</a><!--]--></div><img class="page-mobile__sidebar-menu" src="/global/sidebar-menu.svg" alt="sidebar hamburger menu"><div class="page-nav-wrapper"><!----></div><div class="content" custom="false"><h1 id="kernelcare-enterprise" tabindex="-1"><a class="header-anchor" href="#kernelcare-enterprise" aria-hidden="true">#</a> KernelCare Enterprise</h1><p>KernelCare Enterprise live patching enhances your vulnerability patching program by providing live patches to the Linux kernel and, optionally, with add-ons to critical userspace components, as well as the virtualization stack.</p><p>The systems are patched according to your patch deployment policy, allowing you to customize your patch management to align with the needs of your unique environment, whether online or in an air-gapped environment. Plus, your vulnerability reports reduce in size quickly as KernelCare seamlessly integrates with all popular vulnerability scanners to give you an accurate vulnerability exposure report.</p><p>KernelCare Enterprise brings KernelCare live patching by default and the following add-ons:</p><ul><li>LibCare</li><li>QEMUCare</li></ul><p>The sections below describe KernelCare live patching and the additional add-ons in more detail.</p><h2 id="kernelcare" tabindex="-1"><a class="header-anchor" href="#kernelcare" aria-hidden="true">#</a> KernelCare</h2><h3 id="introduction" tabindex="-1"><a class="header-anchor" href="#introduction" aria-hidden="true">#</a> Introduction</h3><p>KernelCare Enterprise is a live kernel patching service that provides security patches and bugfixes for a range of popular Linux kernels that can be installed without rebooting the system</p><h3 id="benefits" tabindex="-1"><a class="header-anchor" href="#benefits" aria-hidden="true">#</a> Benefits</h3><p>Today, system administrators have to reboot a server to apply the latest kernel updates. These updates are necessary to prevent security issues. Due to downtime associated with reboots, however, such updates are often delayed, pushed into the darkest hours of the night. It is common for server owners to not update their systems for months or even years and to run vulnerable systems to avoid downtime. Managed service providers face the problem of having to schedule downtime and then updating and rebooting thousands of servers in a short period of time, straining resources. KernelCare solves this update and reboot issue by providing live kernel patching without the need for a reboot</p><h3 id="key-features" tabindex="-1"><a class="header-anchor" href="#key-features" aria-hidden="true">#</a> Key Features</h3><ul><li>Rebootless Linux Kernel Patching &amp; Custom Patching</li><li>Works On-prem &amp; in the cloud</li><li>Private patch server for gated infrastructures - ePortal</li><li>Out-of-the-box integration with patch management &amp; vulnerability assessment tools</li></ul><h3 id="getting-trial-license" tabindex="-1"><a class="header-anchor" href="#getting-trial-license" aria-hidden="true">#</a> Getting trial license</h3><p>You will need a trial activation key to be able to use the KernelCare Enterprise. The trial license subscription will work for 7 days.</p><p>If you have any issues getting activation key or if you have any questions regarding using your trial subscription – contact <a href="mailto:sales@cloudlinux.com">sales@cloudlinux.com</a> and we will help.</p><h3 id="installation" tabindex="-1"><a class="header-anchor" href="#installation" aria-hidden="true">#</a> Installation</h3><p>KernelCare Enterprise is compatible with 64-bit versions of CloudLinuxOS/CentOS 6,7, and 8, AlmaLinux/RHEL 6,7,8, and 9, Oracle Linux 6 and 7, Amazon Linux 1 and 2, Virtuozzo/PCS/OpenVZ 2.6.32, Debian 8,9 and 10, Proxmox VE 5 and 6, Virt-SIG/Xen4CentOS 6 and 7, Ubuntu 14.04, 15.04, 16.04, 18.04 and 20.04 kernels. The list of compatible kernels can be found on the following link: <a href="https://patches.kernelcare.com/" target="_blank" rel="noopener noreferrer">https://patches.kernelcare.com/</a> .</p><p>To install KernelCare Enterprise, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>curl -s -L https://kernelcare.com/installer | bash
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>or:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>wget -qq -O - https://kernelcare.com/installer | bash
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>If you are using IP-based license, nothing else required to be done.</p><p>If you are using key-based license, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ /usr/bin/kcarectl --register KEY
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p><code>KEY</code> is the registration key code string provided when you sign up for purchase or trial of the product.</p><p>If you are experiencing <strong><em>Key limit reached</em></strong> error after the end of the trial period you should first, unregister the server by running:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>kcarectl --unregister
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To check if patches applied, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ /usr/bin/kcarectl --info
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>The software will automatically check for new patches every 4 hours.</p><p>If you would like to run update manually:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ /usr/bin/kcarectl --update
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To check current kernel compatibility with KernelCare, use the following <a href="https://raw.githubusercontent.com/iseletsk/kernelchecker/master/py/kc-compat.py" target="_blank" rel="noopener noreferrer">script</a> by running:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>curl -s -L https://kernelcare.com/checker | python
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>or:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>wget -qq -O - https://kernelcare.com/checker | python
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h3 id="update" tabindex="-1"><a class="header-anchor" href="#update" aria-hidden="true">#</a> Update</h3><p>To update the agent package to the latest version use:</p><ul><li>For rpm-based distributives (CentOS, RedHat, etc):</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>yum install -y kernelcare
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ul><li>For apt-based distributives (Debian, Ubuntu, etc):</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>apt-get install kernelcare
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h3 id="uninstalling" tabindex="-1"><a class="header-anchor" href="#uninstalling" aria-hidden="true">#</a> Uninstalling</h3><p>To uninstall KernelCare Enterprise, do the the following:</p><p><em>For CloudLinux, CentOS, RHEL, Virtuozzo, OpenVZ:</em></p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ yum remove kernelcare
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p><em>For Ubuntu, Debian, Proxmox VE:</em></p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>apt-get remove kernelcare
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>dpkg --remove kernelcare
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>This will also unlink the system from its activation key (provided there is network connectivity to the CLN Portal). However, you&#39;ll need to remove the license from the CLN Portal manually if you don&#39;t plan to use the service anymore.</p><h3 id="switching-from-ksplice" tabindex="-1"><a class="header-anchor" href="#switching-from-ksplice" aria-hidden="true">#</a> Switching from Ksplice</h3><p>To switch from Ksplice to KernelCare Enterprise, use the following script that uninstalls Ksplice and installs KernelCare Enterprise instead.</p><p>It will automatically detect and abort if the system is not 64-bit (as KernelCare Enterprise doesn&#39;t support it).</p><p>It will also detects when Ksplice module cannot be uninstalled and retries multiple times.</p><p>Download the script here: <a href="https://patches.kernelcare.com/ksplice2kcare" target="_blank" rel="noopener noreferrer">https://patches.kernelcare.com/ksplice2kcare</a>.</p><p>Run the command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ bash ksplice2kcare $KERNELCARE_KEY$
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>The key can be created/retrieved in KernelCare Enterprise Keys section of CLN.</p><p>If you want to use IP based licenses, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ bash ksplice2kcare IP
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>You have to add IP license for that server, and it is just two letters: IP, not the actual IP.</p><p>By default the script will attempt 3 times to uninstall Ksplice, waiting 60 seconds in between. You can run it using <code>nohup</code> if you don&#39;t want to wait.</p><p>You can change that by editing the script and changing <code>RETRY</code> and <code>SLEEP</code> values.</p><p>The script will exit with exit code <code>0</code> and message <em>Done</em> on success. Otherwise, it will produce exit code <code>-1</code>.</p><p>Complete log file can be found at <code>/var/log/ksplice2kcare.log</code>.</p><h4 id="canonical-livepatch" tabindex="-1"><a class="header-anchor" href="#canonical-livepatch" aria-hidden="true">#</a> Canonical Livepatch</h4><p>KernelCare Enterprise is not compatible with Canonical Livepatch and should not be used on the same system.</p><h3 id="basic-management" tabindex="-1"><a class="header-anchor" href="#basic-management" aria-hidden="true">#</a> Basic management</h3><p>To disable automatic updates, edit the file <code>/etc/sysconfig/kcare/kcare.conf</code></p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>AUTO_UPDATE=False 
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To check the updated (&#39;effective&#39;) version, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ /usr/bin/kcarectl --uname 
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>We provide convenience script <code>/usr/bin/kcare-uname</code> that has same syntax as <code>uname</code>.</p><p>To see applied patches, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ /usr/bin/kcarectl --patch-info 
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h3 id="command-line-tools" tabindex="-1"><a class="header-anchor" href="#command-line-tools" aria-hidden="true">#</a> Command line tools</h3><p><code>/usr/bin/kcarectl</code> - Manage KernelCare Enterprise patches for your kernel.</p><p><code>/usr/bin/kcare-uname</code> - Print certain system information.</p><h4 id="kcarectl" tabindex="-1"><a class="header-anchor" href="#kcarectl" aria-hidden="true">#</a> kcarectl</h4><table><thead><tr><th></th><th></th></tr></thead><tbody><tr><td><code>-i, --info</code></td><td>Display information about patches installed by KernelCare Enterprise.</td></tr><tr><td><code>-u, --update </code></td><td>Download latest patches, and apply them to current kernel.</td></tr><tr><td><code>--smart-update [since 1.6] </code></td><td>The same as --update, but uses <a aria-current="page" href="/live-patching-services/#config-options" class="router-link-active router-link-exact-active">UPDATE_POLICY</a> to decide where to get patches.</td></tr><tr><td><code>--unload</code></td><td>Unload patches.</td></tr><tr><td><code>--auto-update</code></td><td>Check if update is needed and update.</td></tr><tr><td><code>--patch-info</code></td><td>Lists applied patches.</td></tr><tr><td><code>--status</code></td><td>Return a status of an update. Refer to the exit code: <code>0</code> - host is updated to latest patch level, <code>1</code> - there are no applied patches, <code>2</code> - there are new not applied patches, <code>3</code> - kernel is unsupported</td></tr><tr><td><code>--force [since 2.3] </code></td><td>When used with update, forces applying the patch even if unable to freeze some threads.</td></tr><tr><td><code>--uname</code></td><td>Prints safe kernel version.</td></tr><tr><td><code>--license-info</code></td><td>Output current license info.</td></tr><tr><td><code>--register KEY</code></td><td>Register using KernelCare Enterprise Key.</td></tr><tr><td><code>--register-autoretry [since 2.5]</code></td><td>If registration fails retries registration indefinitely.</td></tr><tr><td><code>--unregister</code></td><td>Unregister from KernelCare Enterprise for Key based servers.</td></tr><tr><td><code>--userspace-update [PATCHES]</code></td><td>Download latest patches and apply them to the corresponding userspace processes. Сan be set so that only certain types of patches are applied.</td></tr><tr><td><code>--test</code></td><td>Try test builds instead of production builds (deprecated, use --prefix=test instead).</td></tr><tr><td><code>--prefix</code></td><td>Patch source prefix, used to test different builds, by downloading builds from a different location, based on prefix (v2.2+)</td></tr><tr><td><code>--version</code></td><td>Print KernelCare Enterprise version.</td></tr><tr><td><code>--import-key PATH</code></td><td>Import gpg key.</td></tr><tr><td><code>--set-monitoring-key</code></td><td>Set monitoring key for IP based licenses. 16 to 32 characters, alphanumeric only [version 2.1+]</td></tr><tr><td><code>--freezer [since 2.3] </code></td><td>none: don&#39;t freeze any threads; full: freeze all threads; smart: freezes only threads that need to be frozen for patching. If option is not selected, best freezer method is chosen automatically.</td></tr><tr><td><code>--check [since 2.4-1]</code></td><td>Check if new patchset is available, without updating. Exit code 0 means there is a new kernel. 1 when there is no new kernel.</td></tr><tr><td><code>--doctor [since 2.6]</code></td><td>Send a report to the TuxCare support staff for diagnostics.</td></tr><tr><td><code>--set-patch-type extra </code></td><td>To enable extra patches.</td></tr><tr><td><code>--set-patch-type free</code></td><td>To enable free patches.</td></tr><tr><td><code>--set-sticky-patch SET_STICKY_PATCH</code></td><td>Set patch to stick to date in format DDMMYY or retrieve it from KEY if set to KEY (no support for ePortal). Empty to unstick. More info at <a aria-current="page" href="/live-patching-services/#sticky-patches" class="router-link-active router-link-exact-active">Sticky Patches</a>.</td></tr><tr><td><code>--tag COMMAND</code></td><td>Adds an extra <em>Tag</em> field for a server. COMMAND is a user-defined parameter.</td></tr></tbody></table><div class="tip custom-block"><p class="custom-block-title">Note</p><p>Currenlty available userspace patch types are <code>libs</code> and <code>qemu</code>. To apply patches only for shared libraries, use <code>--userspace-update libs</code>.</p></div><h4 id="kcare-uname" tabindex="-1"><a class="header-anchor" href="#kcare-uname" aria-hidden="true">#</a> kcare-uname</h4><p>Print certain system information. With no OPTION, same as <code>-s</code>.</p><table><thead><tr><th></th><th></th></tr></thead><tbody><tr><td><code>-a, --all</code></td><td>print all information in the following order, except omit <code>-p</code> and <code>-i</code> if unknown</td></tr><tr><td><code>-s, --kernel-name</code></td><td>print the kernel name</td></tr><tr><td><code>-n, --nodename</code></td><td>print the network node hostname</td></tr><tr><td><code>-r, --kernel-release</code></td><td>print the kernel release</td></tr><tr><td><code>-v, --kernel-version</code></td><td>print the kernel version</td></tr><tr><td><code>-m, --machine</code></td><td>print the machine hardware name</td></tr><tr><td><code>-p, --processor</code></td><td>print the processor type or <code>unknown</code></td></tr><tr><td><code>-i, --hardware-platform</code></td><td>print the hardware platform or <code>unknown</code></td></tr><tr><td><code>-o, --operating-system</code></td><td>print the operating system</td></tr><tr><td><code>--help</code></td><td>display this help and exit</td></tr><tr><td><code>--version</code></td><td>output version information and exit</td></tr></tbody></table><h4 id="kernelcare-doctor" tabindex="-1"><a class="header-anchor" href="#kernelcare-doctor" aria-hidden="true">#</a> kernelcare doctor</h4><p>This tool collects essential information about the KernelCare environment and sends it to the support team.</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --doctor
+    <div id="app"><!--[--><div class="theme-container"><header class="navbar fixed"><div class="navbar-header"><div class="navbar-header__logo-wrapper"><a href="/" class="home-link"><img class="logo" src="/global/logo.svg" alt="logo header"></a><div class="header-layout__search-container header-mobile__hidden"><!----><form id="search-form" class="drawer-header__input"><input value="" id="algolia-search-input" placeholder="Search" class="header-layout__search-default"><div class="header-layout__search-icon-default"><img alt="search icon" src="/global/search.svg"></div></form><div><div class="drawer"><div class="drawer-header"><div class="drawer-header__wrapper"><h2 class="drawer-header__paragraph">How can we help you?</h2><div id="drawerSearch"></div></div><div class="drawer-cross"><img class="drawer-cross__img" src="/global/cross.svg" alt="cross"><p class="drawer-cross__text">close</p></div></div><div class="drawer-tabs__wrapper" data-v-c60e280a><!--[--><!--]--></div><main><div class="drawer-main"><div class="drawer-main__wrapper"><div class="drawer-main__breadcrumb"><!----></div><!--[--><!----><div style="--aa1be2ec:15;"><p class="no_results">What are you searching for?</p></div><!--]--></div></div><!----></main></div><!----></div></div></div><div class="links" style="max-width:nullpx;"><img class="navbar-header__mobile-search" src="/global/search.svg" alt="icon image"><div class="header-products-wrapper"><div class="dropdown"><!----><!----><div class="header-products-container"><img class="header-products-container__img" alt="hamburger menu" src="/global/hamburger-menu.svg"><p class="header-products-wrapper-paragraph">Products</p><img class="products-icon__default" width="10" height="8" src="/arrows/arrow-down.svg" alt="arrow down icon"></div></div></div><!--[--><a target="_blank" class="btn">Ask GPT?</a><a href="https://www.tuxcare.com/support-portal/" target="_blank" class="btn">Submit support request</a><a href="https://features.tuxcare.com/submit-idea/" target="_blank" class="btn">Submit your idea</a><!--]--></div></div><!----></header><!----><div class="page"><!--[--><!--]--><div class="breadcrumb-wrapper page-breadcrumb" data-v-9445381a><span class="breadcrumb-title" data-v-9445381a>Documentation:</span><!--[--><a aria-current="page" href="/live-patching-services/" class="router-link-active router-link-exact-active breadcrumb" data-v-9445381a>KernelCare Enterprise</a><!--]--></div><img class="page-mobile__sidebar-menu" src="/global/sidebar-menu.svg" alt="sidebar hamburger menu"><div class="page-nav-wrapper"><!----></div><div class="content" custom="false"><!-- markdownlint-disable MD014 MD033 MD029 MD049 --><h1 id="kernelcare-enterprise" tabindex="-1"><a class="header-anchor" href="#kernelcare-enterprise" aria-hidden="true">#</a> KernelCare Enterprise</h1><p>KernelCare Enterprise live patching enhances your vulnerability patching program by providing live patches to the Linux kernel and, optionally, with add-ons to critical userspace components, as well as the virtualization stack.</p><p>The systems are patched according to your patch deployment policy, allowing you to customize your patch management to align with the needs of your unique environment, whether online or in an air-gapped environment. Plus, your vulnerability reports reduce in size quickly as KernelCare seamlessly integrates with all popular vulnerability scanners to give you an accurate vulnerability exposure report.</p><p>KernelCare Enterprise brings KernelCare live patching by default and the following add-ons are available:</p><ul><li>LibCare</li><li>QEMUCare</li></ul><p>The sections below describe KernelCare live patching and the additional add-ons in more detail.</p><h2 id="kernelcare" tabindex="-1"><a class="header-anchor" href="#kernelcare" aria-hidden="true">#</a> KernelCare</h2><h3 id="introduction" tabindex="-1"><a class="header-anchor" href="#introduction" aria-hidden="true">#</a> Introduction</h3><p>KernelCare Enterprise is a live kernel patching service that provides security patches and bugfixes for a range of popular Linux kernels that can be installed without rebooting the system</p><h3 id="benefits" tabindex="-1"><a class="header-anchor" href="#benefits" aria-hidden="true">#</a> Benefits</h3><p>Today, system administrators have to reboot a server to apply the latest kernel updates. These updates are necessary to prevent security issues. Due to downtime associated with reboots, however, such updates are often delayed, pushed into the darkest hours of the night. It is common for server owners to not update their systems for months or even years and to run vulnerable systems to avoid downtime. Managed service providers face the problem of having to schedule downtime and then updating and rebooting thousands of servers in a short period of time, straining resources. KernelCare solves this update and reboot issue by providing live kernel patching without the need for a reboot</p><h3 id="key-features" tabindex="-1"><a class="header-anchor" href="#key-features" aria-hidden="true">#</a> Key Features</h3><ul><li>Rebootless Linux Kernel Patching &amp; Custom Patching</li><li>Works On-prem &amp; in the cloud</li><li>Private patch server for gated infrastructures - ePortal</li><li>Out-of-the-box integration with patch management &amp; vulnerability assessment tools</li></ul><h3 id="getting-a-trial-license" tabindex="-1"><a class="header-anchor" href="#getting-a-trial-license" aria-hidden="true">#</a> Getting a trial license</h3><p>You will need a trial activation key to be able to use the KernelCare Enterprise. The trial license subscription will work for 7 days.</p><p>If you have any issues getting an activation key or if you have any questions regarding using your trial subscription, contact <a href="mailto:sales@cloudlinux.com">sales@cloudlinux.com</a> and we will help.</p><h3 id="installation" tabindex="-1"><a class="header-anchor" href="#installation" aria-hidden="true">#</a> Installation</h3><p>KernelCare Enterprise is compatible with 64-bit versions of CloudLinuxOS/CentOS 6, 7 and 8, AlmaLinux/RHEL 6, 7, 8 and 9, Oracle Linux 6 and 7, Amazon Linux 1 and 2, Virtuozzo/PCS/OpenVZ 2.6.32, Debian 8, 9 and 10, Proxmox VE 5 and 6, Virt-SIG/Xen4CentOS 6 and 7, Ubuntu 14.04, 15.04, 16.04, 18.04 and 20.04 kernels. The list of compatible kernels can be found at the following link: <a href="https://patches.kernelcare.com/" target="_blank" rel="noopener noreferrer">https://patches.kernelcare.com/</a></p><p>To install KernelCare Enterprise, run the following as root:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># curl -s -L https://kernelcare.com/installer | bash
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>or:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># wget -qq -O - https://kernelcare.com/installer | bash
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>If you are using an IP-based license, nothing else is required to be done.</p><p>If you are using a key-based license, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --register &lt;KEY&gt;
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>Where <code>KEY</code> is the registration key code string provided when you sign up for purchase or trial of the product.</p><p>If you are experiencing a <code>Key limit reached</code> error after the end of the trial period, you should first unregister the server by running:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --unregister
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To check if patches applied, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --info
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>The software will automatically check for new patches every 4 hours.</p><p>If you would like to run update manually:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --update
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To check current kernel compatibility with KernelCare, use the following <a href="https://raw.githubusercontent.com/iseletsk/kernelchecker/master/py/kc-compat.py" target="_blank" rel="noopener noreferrer">script</a> by running:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ curl -s -L https://kernelcare.com/checker | python
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>or:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ wget -qq -O - https://kernelcare.com/checker | python
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h3 id="update" tabindex="-1"><a class="header-anchor" href="#update" aria-hidden="true">#</a> Update</h3><p>To update the agent package to the latest version use:</p><ul><li>For rpm-based distributions (CentOS, RedHat, etc):</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># yum install -y kernelcare
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>or:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># dnf install -y kernelcare
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ul><li>For apt-based distributions (Debian, Ubuntu, etc):</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># apt-get install kernelcare
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>or:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># apt install kernelcare
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h3 id="uninstalling" tabindex="-1"><a class="header-anchor" href="#uninstalling" aria-hidden="true">#</a> Uninstalling</h3><p>To uninstall KernelCare Enterprise, run the following as root:</p><ul><li>For CloudLinux, CentOS, RHEL, Virtuozzo, OpenVZ:</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># yum remove kernelcare
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>or:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># dnf remove kernelcare
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ul><li>For Ubuntu, Debian, Proxmox VE:</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># apt-get remove kernelcare
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>or:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># apt purge kernelcare
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>This will also unlink the system from its activation key (provided there is network connectivity to the CLN Portal). However, you&#39;ll need to remove the license from the CLN Portal manually if you don&#39;t plan to use the service anymore.</p><h3 id="switching-from-ksplice" tabindex="-1"><a class="header-anchor" href="#switching-from-ksplice" aria-hidden="true">#</a> Switching from Ksplice</h3><p>To switch from Ksplice to KernelCare Enterprise, use the following script that uninstalls Ksplice and installs KernelCare Enterprise instead.</p><p>It will automatically detect and abort if the system is not 64-bit (as KernelCare Enterprise doesn&#39;t support it).</p><p>It will also detect when the Ksplice module cannot be uninstalled and retries multiple times.</p><p>Download the script here: <a href="https://patches.kernelcare.com/ksplice2kcare" target="_blank" rel="noopener noreferrer">https://patches.kernelcare.com/ksplice2kcare</a></p><p>Run the command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># bash ksplice2kcare &lt;KERNELCARE_KEY&gt;
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>The key can be created/retrieved in KernelCare Enterprise Keys section of CLN.</p><p>If you want to use IP based licenses, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># bash ksplice2kcare IP
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>You have to add an IP license for that server, and it is just the two letters <code>IP</code>, not your actual IP address.</p><p>By default the script will attempt 3 times to uninstall Ksplice, waiting 60 seconds in between. You can run it using <code>nohup</code> if you don&#39;t want to wait.</p><p>You can change that by editing the script and changing <code>RETRY</code> and <code>SLEEP</code> values.</p><p>The script will exit with exit code <code>0</code> and message <code>Done</code> on success. Otherwise, it will produce exit code <code>-1</code></p><p>The complete log file can be found at <code>/var/log/ksplice2kcare.log</code></p><h4 id="canonical-livepatch" tabindex="-1"><a class="header-anchor" href="#canonical-livepatch" aria-hidden="true">#</a> Canonical Livepatch</h4><p>KernelCare Enterprise is not compatible with Canonical Livepatch and should not be used on the same system.</p><h3 id="basic-management" tabindex="-1"><a class="header-anchor" href="#basic-management" aria-hidden="true">#</a> Basic management</h3><p>To disable automatic updates, edit the file <code>/etc/sysconfig/kcare/kcare.conf</code></p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>AUTO_UPDATE=False
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To check the updated &#39;effective&#39; version, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --uname
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>We provide a convenience script <code>/usr/bin/kcare-uname</code> that has same syntax as <code>uname</code></p><p>To see applied patches, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --patch-info
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h3 id="command-line-tools" tabindex="-1"><a class="header-anchor" href="#command-line-tools" aria-hidden="true">#</a> Command line tools</h3><p><code>/usr/bin/kcarectl</code> - Manage KernelCare Enterprise patches for your kernel.</p><p><code>/usr/bin/kcare-uname</code> - Print certain system information.</p><h4 id="kcarectl" tabindex="-1"><a class="header-anchor" href="#kcarectl" aria-hidden="true">#</a> kcarectl</h4><table><thead><tr><th></th><th></th></tr></thead><tbody><tr><td><code>-i, --info</code></td><td>Display information about patches installed by KernelCare Enterprise.</td></tr><tr><td><code>-u, --update</code></td><td>Download latest patches, and apply them to current kernel.</td></tr><tr><td><code>--smart-update [since 1.6]</code></td><td>The same as --update, but uses <a aria-current="page" href="/live-patching-services/#config-options" class="router-link-active router-link-exact-active">UPDATE_POLICY</a> to decide where to get patches.</td></tr><tr><td><code>--unload</code></td><td>Unload patches.</td></tr><tr><td><code>--auto-update</code></td><td>Check if update is needed and update.</td></tr><tr><td><code>--patch-info</code></td><td>Lists applied patches.</td></tr><tr><td><code>--status</code></td><td>Return a status of an update. Refer to the exit code: <code>0</code> - host is updated to latest patch level, <code>1</code> - there are no applied patches, <code>2</code> - there are new not applied patches, <code>3</code> - kernel is unsupported</td></tr><tr><td><code>--force [since 2.3]</code></td><td>When used with update, forces applying the patch even if unable to freeze some threads.</td></tr><tr><td><code>--uname</code></td><td>Prints safe kernel version.</td></tr><tr><td><code>--license-info</code></td><td>Output current license info.</td></tr><tr><td><code>--register KEY</code></td><td>Register using KernelCare Enterprise Key.</td></tr><tr><td><code>--register-autoretry [since 2.5]</code></td><td>If registration fails retries registration indefinitely.</td></tr><tr><td><code>--unregister</code></td><td>Unregister from KernelCare Enterprise for Key based servers.</td></tr><tr><td><code>--userspace-update [PATCHES]</code></td><td>Download latest patches and apply them to the corresponding userspace processes. Сan be set so that only certain types of patches are applied.</td></tr><tr><td><code>--test</code></td><td>Try test builds instead of production builds (deprecated, use --prefix=test instead).</td></tr><tr><td><code>--prefix</code></td><td>Patch source prefix, used to test different builds, by downloading builds from a different location, based on prefix (v2.2+)</td></tr><tr><td><code>--version</code></td><td>Print KernelCare Enterprise version.</td></tr><tr><td><code>--import-key PATH</code></td><td>Import gpg key.</td></tr><tr><td><code>--set-monitoring-key</code></td><td>Set monitoring key for IP based licenses. 16 to 32 characters, alphanumeric only [version 2.1+]</td></tr><tr><td><code>--freezer [since 2.3]</code></td><td>none: don&#39;t freeze any threads; full: freeze all threads; smart: freezes only threads that need to be frozen for patching. If option is not selected, best freezer method is chosen automatically.</td></tr><tr><td><code>--check [since 2.4-1]</code></td><td>Check if new patchset is available, without updating. Exit code 0 means there is a new kernel. 1 when there is no new kernel.</td></tr><tr><td><code>--doctor [since 2.6]</code></td><td>Send a report to the TuxCare support staff for diagnostics.</td></tr><tr><td><code>--set-patch-type extra</code></td><td>To enable extra patches.</td></tr><tr><td><code>--set-patch-type free</code></td><td>To enable free patches.</td></tr><tr><td><code>--set-sticky-patch SET_STICKY_PATCH</code></td><td>Set patch to stick to date in format DDMMYY or retrieve it from KEY if set to KEY (no support for ePortal). Empty to unstick. More info at <a aria-current="page" href="/live-patching-services/#sticky-patches" class="router-link-active router-link-exact-active">Sticky Patches</a>.</td></tr><tr><td><code>--tag COMMAND</code></td><td>Adds an extra <em>Tag</em> field for a server. COMMAND is a user-defined parameter.</td></tr></tbody></table><div class="tip custom-block"><p class="custom-block-title">Note</p><p>Currently available userspace patch types are <code>libs</code> and <code>qemu</code>. To apply patches only for shared libraries, use <code>--userspace-update libs</code></p></div><h4 id="kcare-uname" tabindex="-1"><a class="header-anchor" href="#kcare-uname" aria-hidden="true">#</a> kcare-uname</h4><p>Print certain system information. Default is <code>-s</code></p><table><thead><tr><th></th><th></th></tr></thead><tbody><tr><td><code>-a, --all</code></td><td>print all information in the following order, except omit <code>-p</code> and <code>-i</code> if unknown</td></tr><tr><td><code>-s, --kernel-name</code></td><td>print the kernel name</td></tr><tr><td><code>-n, --nodename</code></td><td>print the network node hostname</td></tr><tr><td><code>-r, --kernel-release</code></td><td>print the kernel release</td></tr><tr><td><code>-v, --kernel-version</code></td><td>print the kernel version</td></tr><tr><td><code>-m, --machine</code></td><td>print the machine hardware name</td></tr><tr><td><code>-p, --processor</code></td><td>print the processor type or <code>unknown</code></td></tr><tr><td><code>-i, --hardware-platform</code></td><td>print the hardware platform or <code>unknown</code></td></tr><tr><td><code>-o, --operating-system</code></td><td>print the operating system</td></tr><tr><td><code>--help</code></td><td>display this help and exit</td></tr><tr><td><code>--version</code></td><td>output version information and exit</td></tr></tbody></table><h4 id="kernelcare-doctor" tabindex="-1"><a class="header-anchor" href="#kernelcare-doctor" aria-hidden="true">#</a> kernelcare doctor</h4><p>This tool collects essential information about the KernelCare environment and sends it to the support team.</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --doctor
+
 Generating report...
 Uploading...
 Key: FRWf74Zw11111111.83991334-1111-1111-1111-681ddd653e5f
 Please, provide above mentioned key to KernelCare Support Team
-
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>The command generates a report and prints out the ID which could be linked to a support ticket.</p><div class="tip custom-block"><p class="custom-block-title">Note</p><p>If there was some connection problem during report uploading, the report will be stored locally as <code>/root/cl-report</code>. This file should be sent to the support team manually.</p></div><h3 id="config-options" tabindex="-1"><a class="header-anchor" href="#config-options" aria-hidden="true">#</a> Config options</h3><p>A <code>kcarectl</code> behavior can be configured using <code>/etc/sysconfig/kcare/kcare.conf</code></p><table><thead><tr><th></th><th></th></tr></thead><tbody><tr><td><code>AUTO_UPDATE=YES|NO</code></td><td><code>YES</code> - enable auto-update; <code>NO</code> - disable auto-update.</td></tr><tr><td><code>PATCH_METHOD=normal|nofreeze|smart</code></td><td><code>Normal</code> - (default) use freezer;<br><code>Nofreeze</code> - don&#39;t use freezer to freeze processes;<br> <code>Smart</code> - smart freezer freezes only threads that need to be frozen for patching [kernelcare 2.3+].</td></tr><tr><td><code>PATCH_SERVER</code></td><td>Server to use to download patches.</td></tr><tr><td><code>REGISTRATION_URL</code></td><td>Licensing server.</td></tr><tr><td><code>PREFIX=prefix</code></td><td>Patch source prefix, used to test different builds, by downloading builds from a different location, based on prefix [kernelcare 2.2+]</td></tr><tr><td><code>UPDATE_POLICY=REMOTE|LOCAL|LOCAL_FIRST</code></td><td>Depending on the policy, on server startup, use:<br><code>REMOTE</code> - (default) patches from patch server.<br><code>LOCAL</code> - only locally cached patches, if none cached (caching is done automatically) - do nothing.<br><code>LOCAL_FIRST</code> - see if locally cached patches exist, and load them. If not, try getting them from remote server.</td></tr><tr><td><code>IGNORE_UNKNOWN_KERNEL=True|False</code></td><td>Don&#39;t provide notification if unknown kernel on auto-update. [kernelcare 2.5+]</td></tr><tr><td><code>LOAD_KCARE_SYSCTL</code></td><td>Controls if <code>/etc/sysconfig/kcare/sysctl.conf</code> will be loaded on patchset load. True by default. [kernelcare 2.7+]</td></tr><tr><td><code>STICKY_PATCH=KEY</code></td><td>Retrieve sticky patch from <code>KEY</code> (see CLN, Key Edit); not supported for IP based servers or ePortal.</td></tr><tr><td><code>STICKY_PATCH=DDMMYY</code></td><td>Stick patch to a particular date. More info at <a aria-current="page" href="/live-patching-services/#sticky-patches" class="router-link-active router-link-exact-active">Sticky Patches</a>.</td></tr><tr><td><code>[AUTO_]UPDATE_DELAY=&lt;num&gt;h|&lt;num&gt;d</code></td><td>Use patchsets not newer than specified time. For example <code>24h</code> or <code>2d</code>. <code>AUTO_UPDATE_DELAY</code> works for <code>auto</code> and <code>smart</code> modes. <code>UPDATE_DELAY</code> works for all modes. [kernelcare 2.82+]</td></tr><tr><td><code>[AUTO_]STICKY_PATCHSET=&lt;patchset&gt;</code></td><td>Use patchsets not newer than specified value. For example <code>K20230908_02</code>. <code>AUTO_STICKY_PATCHSET</code> works for <code>auto</code> and <code>smart</code> modes. <code>STICKY_PATCHSET</code> works for all modes. [kernelcare 2.82+]</td></tr><tr><td><code>REPORT_FQDN=True|False</code></td><td>Force using Fully Qualified Domain as a hostname. False by default.</td></tr><tr><td><code>FORCE_GID=N</code></td><td>Use this group ID for symlink protection patch. By default, it&#39;s 48 (default Apache user GID) or 99 (<code>nobody</code> user)</td></tr><tr><td><code>USERSPACE_PATCHES=libs,qemu</code></td><td>Define which userspace patches will be applyed by default</td></tr></tbody></table><h3 id="disabling-some-patches" tabindex="-1"><a class="header-anchor" href="#disabling-some-patches" aria-hidden="true">#</a> Disabling some patches</h3><p>Some patches might affect the work of the system, and we created a way to disable them.</p><p>This is done via the <code>sysctl</code> command.</p><p>When new patchset loads, KernelCare Enterprise sysctl options get reset. To prevent that we added a file:</p><p><code>/etc/sysconfig/kcare/sysctl.conf</code></p><p>Options in this file will be loaded automatically on new patchset load.</p><p>To disable loading this options, specify:</p><p><code>LOAD_KCARE_SYSCTL=0</code> in <code>/etc/sysconfig/kcare/kcare.conf</code></p><p>To disable the patch, set the corresponding kcare option to <code>1</code>.</p><p>Patches that can be disabled:</p><table><thead><tr><th></th><th></th></tr></thead><tbody><tr><td>Patch</td><td><em>sysctl</em> option</td></tr><tr><td>CVE-2015-5157</td><td>kcare_modify_ldt</td></tr></tbody></table><h3 id="extra-patchset" tabindex="-1"><a class="header-anchor" href="#extra-patchset" aria-hidden="true">#</a> Extra patchset</h3><div class="tip custom-block"><p class="custom-block-title">Note</p><p>KernelCare Enterprise 2.12-5 or higher</p></div><p>KernelCare Enterprise Extra patchset includes all the security fixes from KernelCare Enterprise for AlmaLinux, CentOS 6, CentOS 7, and CentOS 8 as well as symlink protection and IPSet bugfix for CentOS 6.</p><p>To enable extra patches and apply patch, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>kcarectl --set-patch-type extra --update
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To enable extra patches without update, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>kcarectl --set-patch-type extra
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>The ‘extra’ patch will be applied on the next automatic update.</p><p>To see details, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>kcarectl --patch-info
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>The command generates a report and prints out the ID which could be linked to a support ticket.</p><div class="tip custom-block"><p class="custom-block-title">Note</p><p>If there was a connection problem during uploading the report, the report will be stored locally as <code>/root/cl-report</code>. This file should be sent to the support team manually.</p></div><h3 id="config-options" tabindex="-1"><a class="header-anchor" href="#config-options" aria-hidden="true">#</a> Config options</h3><p><code>kcarectl</code> behavior can be configured using <code>/etc/sysconfig/kcare/kcare.conf</code></p><table><thead><tr><th></th><th></th></tr></thead><tbody><tr><td><code>AUTO_UPDATE=YES|NO</code></td><td><code>YES</code> - enable auto-update; <code>NO</code> - disable auto-update.</td></tr><tr><td><code>PATCH_METHOD=normal|nofreeze|smart</code></td><td><code>Normal</code> - (default) use freezer;<br><code>Nofreeze</code> - don&#39;t use freezer to freeze processes;<br> <code>Smart</code> - smart freezer freezes only threads that need to be frozen for patching [kernelcare 2.3+].</td></tr><tr><td><code>PATCH_SERVER</code></td><td>Server to use to download patches.</td></tr><tr><td><code>REGISTRATION_URL</code></td><td>Licensing server.</td></tr><tr><td><code>PREFIX=prefix</code></td><td>Patch source prefix, used to test different builds, by downloading builds from a different location, based on prefix [kernelcare 2.2+]</td></tr><tr><td><code>UPDATE_POLICY=REMOTE|LOCAL|LOCAL_FIRST</code></td><td>Depending on the policy, on server startup, use:<br><code>REMOTE</code> - (default) patches from patch server.<br><code>LOCAL</code> - only locally cached patches, if none cached (caching is done automatically) - do nothing.<br><code>LOCAL_FIRST</code> - see if locally cached patches exist, and load them. If not, try getting them from remote server.</td></tr><tr><td><code>IGNORE_UNKNOWN_KERNEL=True|False</code></td><td>Don&#39;t provide notification if unknown kernel on auto-update. [kernelcare 2.5+]</td></tr><tr><td><code>LOAD_KCARE_SYSCTL</code></td><td>Controls if <code>/etc/sysconfig/kcare/sysctl.conf</code> will be loaded on patchset load. True by default. [kernelcare 2.7+]</td></tr><tr><td><code>STICKY_PATCH=KEY</code></td><td>Retrieve sticky patch from <code>KEY</code> (see CLN, Key Edit); not supported for IP based servers or ePortal.</td></tr><tr><td><code>STICKY_PATCH=DDMMYY</code></td><td>Stick patch to a particular date. More info at <a aria-current="page" href="/live-patching-services/#sticky-patches" class="router-link-active router-link-exact-active">Sticky Patches</a>.</td></tr><tr><td><code>[AUTO_]UPDATE_DELAY=&lt;num&gt;h|&lt;num&gt;d</code></td><td>Use patchsets not newer than specified time. For example <code>24h</code> or <code>2d</code>. <code>AUTO_UPDATE_DELAY</code> works for <code>auto</code> and <code>smart</code> modes. <code>UPDATE_DELAY</code> works for all modes. [kernelcare 2.82+]</td></tr><tr><td><code>[AUTO_]STICKY_PATCHSET=&lt;patchset&gt;</code></td><td>Use patchsets not newer than specified value. For example <code>K20230908_02</code>. <code>AUTO_STICKY_PATCHSET</code> works for <code>auto</code> and <code>smart</code> modes. <code>STICKY_PATCHSET</code> works for all modes. [kernelcare 2.82+]</td></tr><tr><td><code>REPORT_FQDN=True|False</code></td><td>Force using Fully Qualified Domain as a hostname. False by default.</td></tr><tr><td><code>FORCE_GID=N</code></td><td>Use this group ID for symlink protection patch. By default, it&#39;s 48 (default Apache user GID) or 99 (<code>nobody</code> user)</td></tr><tr><td><code>USERSPACE_PATCHES=libs,qemu</code></td><td>Define which userspace patches will be applyed by default</td></tr></tbody></table><h3 id="disabling-some-patches" tabindex="-1"><a class="header-anchor" href="#disabling-some-patches" aria-hidden="true">#</a> Disabling some patches</h3><p>Some patches might affect the functioning of the system, and we created a way to disable them.</p><p>This is done via the <code>sysctl</code> command.</p><p>When new patchsets load, KernelCare Enterprise sysctl options get reset. To prevent that we added a file:</p><p><code>/etc/sysconfig/kcare/sysctl.conf</code></p><p>Options in this file will be loaded automatically on new patchset load.</p><p>To disable loading these options, specify <code>LOAD_KCARE_SYSCTL=0</code> in <code>/etc/sysconfig/kcare/kcare.conf</code></p><p>To disable the patch, set the corresponding kcare option to <code>1</code></p><p>Patches that can be disabled:</p><table><thead><tr><th></th><th></th></tr></thead><tbody><tr><td>Patch</td><td><em>sysctl</em> option</td></tr><tr><td>CVE-2015-5157</td><td>kcare_modify_ldt</td></tr></tbody></table><h3 id="extra-patchset" tabindex="-1"><a class="header-anchor" href="#extra-patchset" aria-hidden="true">#</a> Extra patchset</h3><div class="tip custom-block"><p class="custom-block-title">Note</p><p>KernelCare Enterprise 2.12-5 or higher</p></div><p>KernelCare Enterprise Extra patchset includes all the security fixes from KernelCare Enterprise for AlmaLinux, CentOS 6, CentOS 7, and CentOS 8 as well as symlink protection and the IPSet bugfix for CentOS 6.</p><p>To enable extra patches and apply updates, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --set-patch-type extra --update
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To enable extra patches without an update, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --set-patch-type extra
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>The &#39;extra&#39; patch will be applied on the next automatic update.</p><p>To see details, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --patch-info
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>You should see something similar to:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>OS: centos6
 kernel: kernel-2.6.32-696.6.3.el6
 time: 2017-07-31 22:46:22
 uname: 2.6.32-696.6.3.el6
- 
+
 kpatch-name: 2.6.32/symlink-protection.patch
 kpatch-description: symlink protection // If you see this patch, it mean that you can enable symlink protection.
 kpatch-kernel: kernel-2.6.32-279.2.1.el6
@@ -81,7 +84,7 @@
 kpatch-cvss: N/A
 kpatch-cve-url: N/A
 kpatch-patch-url: https://gerrit.cloudlinux.com/#/c/16508/
- 
+
 kpatch-name: 2.6.32/symlink-protection.kpatch-1.patch
 kpatch-description: symlink protection (kpatch adaptation)
 kpatch-kernel: kernel-2.6.32-279.2.1.el6
@@ -89,7 +92,7 @@
 kpatch-cvss: N/A
 kpatch-cve-url: N/A
 kpatch-patch-url: https://gerrit.cloudlinux.com/#/c/16508/
- 
+
 kpatch-name: 2.6.32/ipset-fix-list-shrinking.patch
 kpatch-description: fix ipset list shrinking for no reason
 kpatch-kernel: N/A
@@ -97,78 +100,103 @@
 kpatch-cvss: N/A
 kpatch-cve-url: N/A
 kpatch-patch-url: https://bugs.centos.org/view.php?id=13499
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>To enable Symlink Owner Match Protection, add the following line:</p><p><code>fs.enforce_symlinksifowner=1</code></p><p>to <code>/etc/sysconfig/kcare/sysctl.conf</code>.</p><p>And run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>sysctl -w fs.enforce_symlinksifowner=1
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h3 id="sticky-patches" tabindex="-1"><a class="header-anchor" href="#sticky-patches" aria-hidden="true">#</a> Sticky patches</h3><div class="tip custom-block"><p class="custom-block-title">Note</p><p>This functionality is not available for ePortal customers. If you are using ePortal, please use <a href="/eportal/#feed-management" class="">Feeds</a> instead.</p></div><div class="tip custom-block"><p class="custom-block-title">Note</p><p>Since v2.82 there is more convenient way to specify latest available release via <code>[AUTO_]STICKY_PATCHSET</code> and <code>[AUTO_]UPDATE_DELAY</code> configuration options. It also works with recent ePortal versions (v2.3+).</p></div><p>Sometimes you don&#39;t want to use the latest patches, but you&#39;d like to control which patches are get installed instead. For example, you have tested the patch released on 25th of May 2018 and want to use that patch across all servers.</p><p>You can do it by setting <code>STICKY_PATCH=25052018</code> (DDMMYY format, ISO YYYY-MM-DD is also valid) in <code>/etc/sysconfig/kcare/kcare.conf</code> This guarantees that when <code>kcarectl --update</code> or <code>kcarectl --auto-update</code> is called, you will get patches from that date and not the newest patches.</p><p>Alternatively, you can set <code>STICKY_PATCH=KEY</code> This way you can control the date from which patches will be applied using KernelCare keys in CLN. On update, the actual date will be retrieved from CLN (from Key settings) for the key used to register a particular server (not supported for IP based servers).</p><p>This is very useful if you want to test patches in QA first and later roll them out to production without doing any changes on the systems.</p><p>Here is how you can do that:</p><ul><li>Set <code>STICKY_PATCH=KEY</code> on all your servers.</li><li>Register QA servers with one KEY, and Production servers with ANOTHER key.</li><li>Then, stop new updates for Production servers. In CLN set <code>Sticky Tag</code> to <code>yesterday</code>. You can do it by editing KEY in CLN in DDMMYY format.</li><li>Now, for example, let&#39;s use patches as of 03052018 (DDMMYY format). Set them for your QA server key. On the next auto-update, your QA servers will get those patches (auto-updates are typically every 4 hours).</li></ul><p>Once you are happy with this patches, set the same Sticky Tag for Production servers key. In 4 hours your production servers should be updated to the same patches that QA servers were.</p><h4 id="how-to-find-a-proper-sticky-patch-name" tabindex="-1"><a class="header-anchor" href="#how-to-find-a-proper-sticky-patch-name" aria-hidden="true">#</a> How to find a proper sticky patch name</h4><p>Let&#39;s assume that you have some kernel patch that you want to &quot;stick&quot; with. All you need is to find a proper label for that patch.</p><p><img src="/images/sticky-proper-label.png" alt="sticky-proper-label"></p><p>As you can see, the patch was released at 2020-09-16. And if apply label&#39;s date format, it becomes <code>16092020</code> that will be the sticky patch value.</p><h3 id="scanning-for-vulnerabilities" tabindex="-1"><a class="header-anchor" href="#scanning-for-vulnerabilities" aria-hidden="true">#</a> Scanning for vulnerabilities</h3><p>Identifying the vulnerabilities that apply to your systems is an important task for IT and InfoSec teams, and at TuxCare we make it easy. KernelCare live patching is integrated natively with vulnerability scanners including Tenable Nessus, Qualys, Rapid7 and many others.</p><div class="tip custom-block"><p class="custom-block-title">Note</p><p>A generic integration that works with any vulnerability scanner is available for environments that native integration may not be sufficient. Contact your account manager or <a href="mailto:sales@tuxcare.com">sales@tuxcare.com</a> for more information.</p></div><h4 id="how-to-use-a-vulnerability-scanner-with-kernelcare" tabindex="-1"><a class="header-anchor" href="#how-to-use-a-vulnerability-scanner-with-kernelcare" aria-hidden="true">#</a> How to use a vulnerability scanner with KernelCare</h4><p>It’s rather simple. New scan results after installing a package and applying a patchset should not show any kernel CVEs that are handled by KernelCare Enterprise.</p><p>For example, Nessus for an old kernel shows a bunch of detected CVEs:</p><p><img src="/images/scanner-manipulation-before.png" alt=""></p><p>After the live patches were applied, there are no kernel-related CVEs:</p><p><img src="/images/scanner-manipulation-after.png" alt=""></p><h4 id="how-use-openscap-with-kernelcare" tabindex="-1"><a class="header-anchor" href="#how-use-openscap-with-kernelcare" aria-hidden="true">#</a> How use OpenSCAP with KernelCare</h4><p>OpenSCAP is an open source vulnerability scanner and compliance tool and it can be used to scan a system protected by KernelCare Enterprise. The following commands show how to use OpenSCAP to produce a vulnerability report for a system.</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ source /etc/os-release
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>To enable Symlink Owner Match Protection, add <code>fs.enforce_symlinksifowner=1</code> to <code>/etc/sysconfig/kcare/sysctl.conf</code> and run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># sysctl -p /etc/sysconfig/kcare/sysctl.conf
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h3 id="sticky-patches" tabindex="-1"><a class="header-anchor" href="#sticky-patches" aria-hidden="true">#</a> Sticky patches</h3><div class="tip custom-block"><p class="custom-block-title">Note</p><p>This functionality is not available for ePortal customers. If you are using ePortal, please use <a href="/eportal/#feed-management" class="">Feeds</a> instead.</p></div><div class="tip custom-block"><p class="custom-block-title">Note</p><p>Since v2.82 there is a more convenient way to specify the latest available release via the <code>[AUTO_]STICKY_PATCHSET</code> and <code>[AUTO_]UPDATE_DELAY</code> configuration options. It also works with recent ePortal versions (v2.3+).</p></div><p>Sometimes you don&#39;t want to use the latest patches, and you&#39;d like to control which patches are get installed instead. For example, you have tested the patch released on 25th of May 2018 and want to use that patch across all servers.</p><p>You can do it by setting <code>STICKY_PATCH=25052018</code> (DDMMYYYY format, DDMMYY and YYYY-mm-dd are also valid) in <code>/etc/sysconfig/kcare/kcare.conf</code>, this guarantees that when <code>kcarectl --update</code> or <code>kcarectl --auto-update</code> is called, you will get patches from that date and not the newest patches.</p><p>Alternatively, you can set <code>STICKY_PATCH=KEY</code>, this way you can control the date from which patches will be applied using KernelCare keys in CLN. On update, the actual date will be retrieved from CLN (from Key settings) for the key used to register a particular server (not supported for IP based servers).</p><p>This is very useful if you want to test patches in QA first and later roll them out to production without doing any changes on the systems.</p><p>Here is how you can do that:</p><ul><li>Set <code>STICKY_PATCH=KEY</code> on all your servers.</li><li>Register QA servers with one KEY, and Production servers with ANOTHER key.</li><li>Then, stop new updates for Production servers. In CLN set <code>Sticky Tag</code> to <code>yesterday</code>. You can do it by editing KEY in CLN in DDMMYY format.</li><li>Now, for example, let&#39;s use patches as of 03052018 (DDMMYYYY format). Set them for your QA server key. On the next auto-update, your QA servers will get those patches (auto-updates are typically every 4 hours).</li></ul><p>Once you are happy with these patches, set the same Sticky Tag for Production servers key. In 4 hours your production servers should be updated to the same patches that QA servers were.</p><h4 id="how-to-find-a-proper-sticky-patch-name" tabindex="-1"><a class="header-anchor" href="#how-to-find-a-proper-sticky-patch-name" aria-hidden="true">#</a> How to find a proper sticky patch name</h4><p>Let&#39;s assume that you have a kernel patch that you want to &quot;stick&quot; with. All you need is to find a proper label for that patch.</p><p><img src="/images/sticky-proper-label.png" alt="sticky-proper-label"></p><p>As you can see, the patch was released at 2020-09-16 (16th September 2020). And if you apply a supported date format, it becomes <code>16092020</code>, that will be the sticky patch value.</p><h3 id="scanning-for-vulnerabilities" tabindex="-1"><a class="header-anchor" href="#scanning-for-vulnerabilities" aria-hidden="true">#</a> Scanning for vulnerabilities</h3><p>Identifying the vulnerabilities that apply to your systems is an important task for IT and InfoSec teams, and at TuxCare we make it easy. KernelCare live patching is integrated natively with vulnerability scanners including Tenable Nessus, Qualys, Rapid7 and many others.</p><h4 id="how-to-use-a-vulnerability-scanner-with-kernelcare" tabindex="-1"><a class="header-anchor" href="#how-to-use-a-vulnerability-scanner-with-kernelcare" aria-hidden="true">#</a> How to use a vulnerability scanner with KernelCare</h4><p>It&#39;s rather simple. New scan results after installing a package and applying a patchset should not show any kernel CVEs that are handled by KernelCare Enterprise.</p><p>For example, Nessus for an old kernel shows a lot of detected CVEs before apply live patches:</p><p><img src="/images/scanner-manipulation-before.png" alt="before"></p><p>After the live patches were applied, there are no kernel-related CVEs:</p><p><img src="/images/scanner-manipulation-after.png" alt="after"></p><h4 id="what-if-my-scanner-is-producing-false-positives" tabindex="-1"><a class="header-anchor" href="#what-if-my-scanner-is-producing-false-positives" aria-hidden="true">#</a> What if my scanner is producing false positives?</h4><p>If your scanner produces incorrect results due to not being KernelCare aware, we have a solution that works at the OS level to report the correct information to the rpm/dpkg/uname commands; namely <code>kcare-scanner-interface</code></p><p>If you are using a scanner agent the defaults usually work and you can configure the scanner interface like so:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcare-scanner-interface init
+
+Resetting.
+Setting up scanner agents
+Done.
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>If you are using SSH credentials-based scanning, then you can configure the scanner interface like so - where user1 and user2 are the usernames your vulnerability scanner will ssh/sudo as:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcare-scanner-interface init user1 user2
+
+Resetting.
+Setting up a scanner-interface for user1
+Setting up a scanner-interface for user2
+Setting up scanner agents
+Done.
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>To disable the scanner interface run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcare-scanner-interface disable
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>We don&#39;t recommend enabling the scanner interface as root, as the root user&#39;s command output should not be changed in this way. If your scanner elevates privileges after logging in via SSH, only sudo can be used and not su.</p><h4 id="how-to-use-openscap-with-kernelcare" tabindex="-1"><a class="header-anchor" href="#how-to-use-openscap-with-kernelcare" aria-hidden="true">#</a> How to use OpenSCAP with KernelCare</h4><p>OpenSCAP is an open source vulnerability scanner and compliance tool and it can be used to scan a system protected by KernelCare Enterprise. The following commands show how to use OpenSCAP to produce a vulnerability report for a system.</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ source /etc/os-release
 $ wget https://patches.kernelcare.com/oval/com.kernelcare.${ID}.${VERSION_ID}.xml
 $ oscap oval eval --report report.htm com.kernelcare.${ID}.${VERSION_ID}.xml
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><h4 id="how-to-natively-integrate-kernelcare-with-a-vulnerability-scanner" tabindex="-1"><a class="header-anchor" href="#how-to-natively-integrate-kernelcare-with-a-vulnerability-scanner" aria-hidden="true">#</a> How to natively integrate KernelCare with a vulnerability scanner</h4><div class="tip custom-block"><p class="custom-block-title">Note</p><p>These instructions are intended for integrators with 3rd party vulnerability scanners.</p></div><p>There are two ways for a vulnerability scanner to integrate with KernelCare live patching.</p><h4 id="integrate-via-oval-data" tabindex="-1"><a class="header-anchor" href="#integrate-via-oval-data" aria-hidden="true">#</a> Integrate via OVAL data</h4><p>KernelCare comes with OVAL data that provide the instructions to the scanner to identify the vulnerabilities that are addressed by the installed live patches. OVAL data are available for the operating systems supported by KernelCare Enterprise, including AlmaLinux, Red Hat Enterprise Linux, Oracle Linux, CentOS, Debian and Ubuntu.</p><p>The OVAL data cover all KernelCare enterprise products and add-ons including LibCare, and QEMUCare.</p><p>The OVAL data for KernelCare live patching are available at <a href="https://patches.kernelcare.com/oval/" target="_blank" rel="noopener noreferrer">patches.kernelcare.com/oval</a>.</p><h4 id="integrate-using-files" tabindex="-1"><a class="header-anchor" href="#integrate-using-files" aria-hidden="true">#</a> Integrate using files</h4><p>KernelCare provides two files that list the vulnerabilities that are addressed by the currently installed live patches. These files contain a list of CVEs separated by a newline.</p><p>The list of vulnerabilities addressed by Kernel live patches is available at:</p><ul><li><code>/proc/kcare/cvelist</code></li></ul><p>The list of vulnerabilities addressed by system live patching (LibCare, QEMUCare etc.) is available at:</p><ul><li><code>/var/cache/kcare/libcare_cvelist</code></li></ul><h3 id="uefi-secure-boot-support" tabindex="-1"><a class="header-anchor" href="#uefi-secure-boot-support" aria-hidden="true">#</a> UEFI Secure Boot Support</h3><div class="tip custom-block"><p class="custom-block-title">Note</p><p>This feature is an early stage of adoption. Not all the distribution will be able to support.</p></div><p>This new functionality lets KernelCare work on systems with secure boot set up in their UEFI firmware. We are going to add a public certificate to the MOK (Machine Owner Keys) database that KernelCare will use to sign modules.</p><p>The latest KernelCare package contains a public certificate and will be available in the <code>/usr/libexec/kcare/kernelcare_pub.der</code>. For older versions, it could be downloaded from the <a href="https://patches.kernelcare.com/kernelcare_pub.der" target="_blank" rel="noopener noreferrer">https://patches.kernelcare.com/kernelcare_pub.der</a> to that location.</p><p>For example:</p><div class="language-bash line-numbers-mode" data-ext="sh"><pre class="language-bash"><code>curl -o /usr/libexec/kcare/kernelcare_pub.der https://patches.kernelcare.com/kernelcare_pub.der
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><h3 id="uefi-secure-boot-support" tabindex="-1"><a class="header-anchor" href="#uefi-secure-boot-support" aria-hidden="true">#</a> UEFI Secure Boot Support</h3><div class="tip custom-block"><p class="custom-block-title">Note</p><p>This feature is an early stage of adoption. Not all the distribution will be able to support it.</p></div><p>This new functionality lets KernelCare work on systems with secure boot set up in their UEFI firmware. We are going to add a public certificate to the MOK (Machine Owner Keys) database that KernelCare will use to sign modules.</p><p>The latest KernelCare package contains a public certificate and will be available in the <code>/usr/libexec/kcare/kernelcare_pub.der</code>. For older versions, it could be downloaded from the <a href="https://patches.kernelcare.com/kernelcare_pub.der" target="_blank" rel="noopener noreferrer">https://patches.kernelcare.com/kernelcare_pub.der</a> to that location.</p><p>For example:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># curl -o /usr/libexec/kcare/kernelcare_pub.der https://patches.kernelcare.com/kernelcare_pub.der
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol><li>Use <code>mokutil</code> as root to add this new MOK to the UEFI firmware.</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># mokutil --import /usr/libexec/kcare/kernelcare_pub.der
 
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ol><li>Use <code>mokutil</code> as root to add this new MOK to the UEFI firmware.</li></ol><div class="language-bash line-numbers-mode" data-ext="sh"><pre class="language-bash"><code>$ mokutil --import /usr/libexec/kcare/kernelcare_pub.der
- input password:
- input password again:
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>It doesn&#39;t have a MOK password, and <code>mokutil</code> will ask you to create one. The password is temporary and will be used on the next boot.</p><ol start="2"><li>Reboot your machine to enter the MOK manager EFI utility.</li></ol><p>First, go down to the &#39;Enroll Mok&#39;:</p><p><img src="/images/uefi-enroll-mok.png" alt="alt text" title="Select Enroll MOK"></p><p>Then the firmware gives you the option of viewing the new MOK or continuing. Let&#39;s continue.</p><p><img src="/images/uefi-continue.png" alt="alt text" title="Select Continue"></p><p>It then asks you to confirm the enrollment.</p><p><img src="/images/uefi-yes.png" alt="alt text" title="Select Yes"></p><p>Then you will need to enter the password you used when running <code>mokutil --import</code>.</p><p><img src="/images/uefi-password.png" alt="alt text" title="Enter the password"></p><p>Finally, the firmware will ask you to reboot.</p><p><img src="/images/uefi-ok.png" alt="alt text" title="Select OK"></p><ol start="3"><li>Verify the key has been loaded by finding it in the output of the following command:</li></ol><div class="language-bash line-numbers-mode" data-ext="sh"><pre class="language-bash"><code>$ mokutil --list-enrolled | egrep -i &#39;SHA1|Issuer&#39;
+input password:
+input password again:
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>It doesn&#39;t have a MOK password, and <code>mokutil</code> will ask you to create one. The password is temporary and will be used on the next boot.</p><ol start="2"><li>Reboot your machine to enter the MOK manager EFI utility.</li></ol><p>First, go down to &#39;Enroll Mok&#39;:</p><p><img src="/images/uefi-enroll-mok.png" alt="enroll mok" title="Select Enroll MOK"></p><p>Then the firmware gives you the option of viewing the new MOK or continuing. Let&#39;s continue.</p><p><img src="/images/uefi-continue.png" alt="select continue" title="Select Continue"></p><p>It then asks you to confirm the enrollment.</p><p><img src="/images/uefi-yes.png" alt="yes" title="Select Yes"></p><p>Then you will need to enter the password you used when running <code>mokutil --import</code>.</p><p><img src="/images/uefi-password.png" alt="enter password" title="Enter the password"></p><p>Finally, the firmware will ask you to reboot.</p><p><img src="/images/uefi-ok.png" alt="select ok" title="Select OK"></p><ol start="3"><li>Verify the key has been loaded by finding it in the output of the following command:</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># mokutil --list-enrolled | egrep -i &#39;SHA1|Issuer&#39;
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>In some cases the enrolled key will not be shown but could be verified by the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># dmesg | grep -i &#39;cloud linux&#39;
 
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>In some cases the enrolled key will not be shown but could be verified by the following command:</p><div class="language-bash line-numbers-mode" data-ext="sh"><pre class="language-bash"><code>$ dmesg | grep -i &#39;cloud linux&#39; 
 [   0.722149] EFI: Loaded cert &#39;Cloud Linux Software, Inc: Kernel Module Signing Key: 12ff0613c0f80cfba3b2f8eba71ebc27c5a76170&#39; linked to &#39;.system_keyring&#39;
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>That&#39;s it. Now you should be able to apply patches as usual.</p><p>To get more information about signing kernel modules for secure boot, see <a href="https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/managing_monitoring_and_updating_the_kernel/signing-kernel-modules-for-secure-boot_managing-monitoring-and-updating-the-kernel" target="_blank" rel="noopener noreferrer">https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/managing_monitoring_and_updating_the_kernel/signing-kernel-modules-for-secure-boot_managing-monitoring-and-updating-the-kernel</a>.</p><h3 id="live-patching-and-fips-compliance" tabindex="-1"><a class="header-anchor" href="#live-patching-and-fips-compliance" aria-hidden="true">#</a> Live patching and FIPS compliance</h3><p>The FIPS-140 certification of a Linux kernel validates that the cryptography contained within a Linux kernel complies with the US government FIPS-140 data protection standard. Meaning that algorithms like AES, the random generator and other cryptographic aspects of the kernel are implemented as the standard defines.</p><p>At the same time the certification is a lengthy process –a typical validation can take almost a year– and for that reason only some of each vendor’s kernels are validated. That is because vendors release new kernels with security and feature updates on a regular cadence some as often as weekly, irrespective of their FIPS validation status. This means users of FIPS validated kernels need to choose between: (a) strict compliance by staying on the same kernel without updating until the next validated kernel is available and (b) reducing their security risk by installing new kernels with security updates even if they are not validated. The same story applies to the vendor’s live patching solutions.</p><p>With KernelCare Enterprise it is possible to live patch FIPS-140 validated Linux kernels, for example at the Red Hat Enterprise Linux operating system. The live patches applied to these kernels, in this example, consist of the same RHEL kernel patches but are limited to the ones addressing security vulnerabilities. That way, a live patched kernel contains the same security fixes as a vendor update without any feature or bug-fix updates, e.g., updates that may change the cryptographic subsystem for performance or other non-security related reasons.</p><p><strong>In this way, security-conscious users of FIPS-validated Linux kernels that today apply their vendor&#39;s security patches can rely on KernelCare live patching the same way they do with their vendor&#39;s security updates</strong>. Furthermore, KernelCare live patching applies the minimum possible updates to the validated kernel by explicitly excluding any non-security updates.</p><h3 id="firewall-and-proxy-settings" tabindex="-1"><a class="header-anchor" href="#firewall-and-proxy-settings" aria-hidden="true">#</a> Firewall and Proxy Settings</h3><h4 id="patching-servers-through-firewall" tabindex="-1"><a class="header-anchor" href="#patching-servers-through-firewall" aria-hidden="true">#</a> Patching servers through firewall</h4><p>As long as your servers have access to the Internet, even behind NAT — you will be able to use KernelCare patch server without any problems.</p><p>Generally, KernelCare requires connection to only two servers for a proper work:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>cln.cloudlinux.com
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>That&#39;s it. Now you should be able to apply patches as usual.</p><p>To get more information about signing kernel modules for secure boot, see <a href="https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/managing_monitoring_and_updating_the_kernel/signing-kernel-modules-for-secure-boot_managing-monitoring-and-updating-the-kernel" target="_blank" rel="noopener noreferrer">https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/managing_monitoring_and_updating_the_kernel/signing-kernel-modules-for-secure-boot_managing-monitoring-and-updating-the-kernel</a>.</p><h3 id="live-patching-and-fips-compliance" tabindex="-1"><a class="header-anchor" href="#live-patching-and-fips-compliance" aria-hidden="true">#</a> Live patching and FIPS compliance</h3><p>The FIPS-140 certification of a Linux kernel validates that the cryptography contained within a Linux kernel complies with the US government FIPS-140 data protection standard. Meaning that algorithms like AES, the random generator and other cryptographic aspects of the kernel are implemented as the standard defines.</p><p>At the same time the certification is a lengthy process --a typical validation can take almost a year-- and for that reason only some of each vendor&#39;s kernels are validated. That is because vendors release new kernels with security and feature updates on a regular cadence some as often as weekly, irrespective of their FIPS validation status. This means users of FIPS validated kernels need to choose between: (a) strict compliance by staying on the same kernel without updating until the next validated kernel is available and (b) reducing their security risk by installing new kernels with security updates even if they are not validated. The same story applies to the vendor&#39;s live patching solutions.</p><p>With KernelCare Enterprise it is possible to live patch FIPS-140 validated Linux kernels, for example at the Red Hat Enterprise Linux operating system. The live patches applied to these kernels, in this example, consist of the same RHEL kernel patches but are limited to the ones addressing security vulnerabilities. That way, a live patched kernel contains the same security fixes as a vendor update without any feature or bug-fix updates, e.g. updates that may change the cryptographic subsystem for performance or other non-security related reasons.</p><p><strong>In this way, security-conscious users of FIPS-validated Linux kernels that today apply their vendor&#39;s security patches can rely on KernelCare live patching the same way they do with their vendor&#39;s security updates</strong>. Furthermore, KernelCare live patching applies the minimum possible updates to the validated kernel by explicitly excluding any non-security updates.</p><h3 id="firewall-and-proxy-settings" tabindex="-1"><a class="header-anchor" href="#firewall-and-proxy-settings" aria-hidden="true">#</a> Firewall and Proxy Settings</h3><h4 id="patching-servers-through-firewall" tabindex="-1"><a class="header-anchor" href="#patching-servers-through-firewall" aria-hidden="true">#</a> Patching servers through firewall</h4><p>As long as your servers have access to the Internet, even behind NAT - you will be able to use KernelCare patch server without any problems.</p><p>Generally, KernelCare requires connection to only two servers to work:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>cln.cloudlinux.com
 patches.kernelcare.com
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>An additional address is used for KernelCare agent installation/update:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>repo.cloudlinux.com
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p><img src="/images/patchingthroughfirewall.png" alt=""></p><h4 id="patching-servers-through-proxy" tabindex="-1"><a class="header-anchor" href="#patching-servers-through-proxy" aria-hidden="true">#</a> Patching servers through proxy</h4><p>If your servers don&#39;t have direct Internet access but can gain access to the Internet using proxy, the configuration is not that different. KernelCare can pick up standard environment variables for a proxy.</p><p>Make sure you have environment settings for proxy setup, and everything else will be the same as if servers were directly connected to the Internet:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># export http_proxy=http://proxy.domain.com:port
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p><img src="/images/patchingthroughfirewall.png" alt="through firewall"></p><h4 id="patching-servers-through-proxy" tabindex="-1"><a class="header-anchor" href="#patching-servers-through-proxy" aria-hidden="true">#</a> Patching servers through proxy</h4><p>If your servers don&#39;t have direct Internet access but can gain access to the Internet using proxy, the configuration is not that different. KernelCare can pick up standard environment variables for a proxy.</p><p>Make sure you have environment settings for proxy setup, and everything else will be the same as if servers were directly connected to the Internet:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># export http_proxy=http://proxy.domain.com:port
 # export https_proxy=http://proxy.domain.com:port
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><div class="tip custom-block"><p class="custom-block-title">Note</p><p>Settings defined by <code>export</code> are case-insensitive, so the example above could be as follows:</p></div><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># export HTTP_PROXY=http://proxy.domain.com:port
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><div class="tip custom-block"><p class="custom-block-title">Note</p><p>Settings defined by <code>export</code> are case-insensitive, so the example above could be as follows for certain software:</p></div><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># export HTTP_PROXY=http://proxy.domain.com:port
 # export HTTPS_PROXY=http://proxy.domain.com:port
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>You can define these settings in the KernelCare config <code>/etc/sysconfig/kcare/kcare.conf</code>.</p><p>Example:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ cat /etc/sysconfig/kcare/kcare.conf
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>You can define these settings in the KernelCare config <code>/etc/sysconfig/kcare/kcare.conf</code>, for example:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ cat /etc/sysconfig/kcare/kcare.conf
+
 AUTO_UPDATE=True
 HTTPS_PROXY=http://myproxy.com:59794
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>If you define these settings in the config, you don&#39;t need to export them each <code>kcarectl</code> launch and don&#39;t need to edit cron jobs.</p><p>All <code>kcarectl</code> launches will be aware of proxy settings from the config. In this case, you need to set proxy settings only once.</p><p><img src="/images/patchingthroughproxy.png" alt=""></p><h3 id="kernelcare-on-aws-–-deployment-user-guide" tabindex="-1"><a class="header-anchor" href="#kernelcare-on-aws-–-deployment-user-guide" aria-hidden="true">#</a> KernelCare on AWS – Deployment User Guide</h3><h4 id="introductory-material" tabindex="-1"><a class="header-anchor" href="#introductory-material" aria-hidden="true">#</a> Introductory Material</h4><h4 id="introduction-1" tabindex="-1"><a class="header-anchor" href="#introduction-1" aria-hidden="true">#</a> Introduction</h4><p>The Linux kernel is the most important piece of software on your server, as a security flaw in it can expose all of your services and customers&#39; data. KernelCare is a technology that allows you to keep the Linux kernel safe at all times, automatically, without ever having to stop the server and rebooting it causing downtime and inconvenient scheduling of maintenance windows. This improves availability, security, stability, operation costs, and customer satisfaction. It works with almost all mainstream distributions of Linux. It is simple, fast, and very easy to deploy while being able to handle very complex patches and customized kernels if you need them.</p><h4 id="prerequisites-and-requirements" tabindex="-1"><a class="header-anchor" href="#prerequisites-and-requirements" aria-hidden="true">#</a> Prerequisites and Requirements</h4><p>KernelCare can be installed on any x86_64 compatible server or VM running one of the following distribution:</p><ul><li>Amazon Linux 1, 2</li><li>CentOS 6, 7, Xen4CentOS, CentOS-Plus, ElRepo</li><li>CloudLinux 6, 7</li><li>Debian 7, 8, 9, 8-backports</li><li>Oracle Linux 6, 7</li><li>ProxmoxVE 3,4,5</li><li>RedHat EL 6, 7</li><li>Ubuntu 14.04, 16.04, 18.04</li><li>Virtuozzo 6</li></ul><p>The exact list of compatible kernels can be found on the following link: <a href="https://patches.kernelcare.com/" target="_blank" rel="noopener noreferrer">https://patches.kernelcare.com/</a>.</p><p>Standard OS kernels are required in most cases unless the custom kernel is supported.</p><p>The software can be installed on the running server and doesn&#39;t require a reboot.</p><p>Basic Linux skills are sufficient to deploy KernelCare on AWS. Simple deployments involve just an EC2 instance. KernelCare is available as BYOL model. You need to register in our <a href="https://cln.cloudlinux.com" target="_blank" rel="noopener noreferrer">customer portal</a> to get the trial license. Once you get the trial license, you need to register your running EC2 instance with the activation key.</p><h4 id="architecture-diagrams" tabindex="-1"><a class="header-anchor" href="#architecture-diagrams" aria-hidden="true">#</a> Architecture Diagrams</h4><p>As long as your servers have access to the Internet, even behind NAT – you will be able to use KernelCare patch server without any problems.</p><p>Generally, KernelCare requires HTTPS connection to two servers for the proper work:</p><ul><li>cln.cloudlinux.com</li><li>patches.kernelcare.com</li></ul><p><img src="/images/AWS_arch2.png" alt=""></p><p>If your servers don&#39;t have direct Internet access but can gain access to the Internet using proxy, the configuration is not that different. KernelCare can pick up standard environment variables for proxy.</p><p><img src="/images/AWS_proxy_arch2.png" alt=""></p><p>Make sure you have environment settings for proxy setup, and everything else will be the same as if the servers were directly connected to the Internet:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># export http_proxy=http://proxy.domain.com:port
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>If you define these settings in the config, you don&#39;t need to export them each <code>kcarectl</code> launch and don&#39;t need to edit cron jobs.</p><p>All <code>kcarectl</code> launches will be aware of proxy settings from the config. In this case, you need to set proxy settings only once.</p><p><img src="/images/patchingthroughproxy.png" alt="through proxy"></p><h3 id="kernelcare-on-aws-deployment-user-guide" tabindex="-1"><a class="header-anchor" href="#kernelcare-on-aws-deployment-user-guide" aria-hidden="true">#</a> KernelCare on AWS - Deployment User Guide</h3><h4 id="introductory-material" tabindex="-1"><a class="header-anchor" href="#introductory-material" aria-hidden="true">#</a> Introductory Material</h4><p>The Linux kernel is the most important piece of software on your server, as a security flaw in it can expose all of your services and customer data. KernelCare is a technology that allows you to keep the Linux kernel safe at all times, automatically, without ever having to stop the server and rebooting it causing downtime and inconvenient scheduling of maintenance windows. This improves availability, security, stability, operational costs, and customer satisfaction. It works with almost all mainstream distributions of Linux. It is simple, fast, and very easy to deploy while being able to handle very complex patches and customized kernels if you need them.</p><h4 id="prerequisites-and-requirements" tabindex="-1"><a class="header-anchor" href="#prerequisites-and-requirements" aria-hidden="true">#</a> Prerequisites and Requirements</h4><p>KernelCare can be installed on any x86_64 compatible server or VM running one of the following distributions:</p><ul><li>Amazon Linux 1, 2</li><li>CentOS 6, 7, Xen4CentOS, CentOS-Plus, ElRepo</li><li>CloudLinux 6, 7</li><li>Debian 7, 8, 9, 8-backports</li><li>Oracle Linux 6, 7</li><li>ProxmoxVE 3,4,5</li><li>RedHat EL 6, 7</li><li>Ubuntu 14.04, 16.04, 18.04</li><li>Virtuozzo 6</li></ul><p>The exact list of compatible kernels can be found at the following link: <a href="https://patches.kernelcare.com/" target="_blank" rel="noopener noreferrer">https://patches.kernelcare.com/</a></p><p>Standard OS kernels are required in most cases unless the custom kernel is supported.</p><p>The software can be installed on a running server and doesn&#39;t require a reboot.</p><p>Basic Linux skills are sufficient to deploy KernelCare on AWS. Simple deployments involve just an EC2 instance. KernelCare is available using the BYOL model. You need to register in our <a href="https://cln.cloudlinux.com" target="_blank" rel="noopener noreferrer">customer portal</a> to get a trial license. Once you get the trial license, you need to register your running EC2 instance with the activation key.</p><h4 id="architectural-design" tabindex="-1"><a class="header-anchor" href="#architectural-design" aria-hidden="true">#</a> Architectural Design</h4><p>As long as your servers have access to the Internet, even behind NAT - you will be able to use KernelCare without any problems.</p><p>Generally, KernelCare requires connection to only two servers to work:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>cln.cloudlinux.com
+patches.kernelcare.com
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p><img src="/images/AWS_arch2.png" alt="aws arch"></p><p>If your servers don&#39;t have direct Internet access but can gain access to the Internet using a proxy, the configuration is not that different. KernelCare can pick up standard environment variables for proxies.</p><p><img src="/images/AWS_proxy_arch2.png" alt="aws proxy"></p><p>Make sure you have environment settings for your proxy setup, and everything else will be the same as if the servers were directly connected to the Internet:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># export http_proxy=http://proxy.domain.com:port
 # export https_proxy=http://proxy.domain.com:port
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><h4 id="planning-guidance" tabindex="-1"><a class="header-anchor" href="#planning-guidance" aria-hidden="true">#</a> Planning Guidance</h4><h4 id="security" tabindex="-1"><a class="header-anchor" href="#security" aria-hidden="true">#</a> Security</h4><p>The only thing you need to be able to install/control you KernelCare deployment is SSH access (root credentials, key-based authentication/sudo or similar mechanisms are preferred).</p><h4 id="costs" tabindex="-1"><a class="header-anchor" href="#costs" aria-hidden="true">#</a> Costs</h4><p>KernelCare is billed as a subscription service – you can find more details in the table below.</p><table><thead><tr><th><strong>License Volume</strong></th><th><strong>Monthly Price</strong></th><th><strong>Annual Price</strong></th></tr></thead><tbody><tr><td>1</td><td>$3.95</td><td>$45</td></tr><tr><td>2-49</td><td>$2.95</td><td>$33</td></tr><tr><td>50-499</td><td>$2.55</td><td>$28</td></tr><tr><td>500+</td><td>$2.25</td><td>$25</td></tr></tbody></table><h4 id="sizing" tabindex="-1"><a class="header-anchor" href="#sizing" aria-hidden="true">#</a> Sizing</h4><p>KernelCare agent has a tiny RAM footprint – binary patches usually require less than 1 MB.</p><h4 id="deployment-guidance" tabindex="-1"><a class="header-anchor" href="#deployment-guidance" aria-hidden="true">#</a> Deployment Guidance</h4><h4 id="deployment-assets" tabindex="-1"><a class="header-anchor" href="#deployment-assets" aria-hidden="true">#</a> Deployment Assets</h4><p>To install KernelCare, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>curl -s -L https://kernelcare.com/installer | bash
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>or:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>wget -qq -O - https://kernelcare.com/installer | bash
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>If you are using IP-based license, nothing else required to be done. If you are using key-based license, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ /usr/bin/kcarectl --register KEY
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p><code>KEY</code> is the registration key code string provided when you sign up for purchase or trial of the product.</p><p>You can easily automate KernelCare deployment with Ansible, Puppet, Chef or other automation tools. Here are the steps that may be automated:</p><ol><li>Distribute KernelCare agent package (optional – required only for servers with no access to the Internet) and a KernelCare agent configuration file (<code>/etc/sysconfig/kcare/kcare.conf</code>).</li><li>Set required environmental variables (optional).</li><li>Install KernelCare agent from either locally available package or central KernelCare download location.</li><li>Register KernelCare with either license key or IP-based license.</li></ol><h4 id="operational-guidance" tabindex="-1"><a class="header-anchor" href="#operational-guidance" aria-hidden="true">#</a> Operational Guidance</h4><h4 id="health-check" tabindex="-1"><a class="header-anchor" href="#health-check" aria-hidden="true">#</a> Health Check</h4><p>Systems protected by KernelCare can be monitored by means of CloudLinux Network (CLN) portal available at <a href="https://cln.cloudlinux.com" target="_blank" rel="noopener noreferrer">https://cln.cloudlinux.com</a>. Registered KernelCare installations are grouped by license keys. Kernels that are marked with exclamation sign in <span style="color:#E76930;">amber</span> do not have the latest patches installed.</p><p><img src="/images/KC-Ent-monit.png" alt=""></p><p>In either case, you can check whether the latest available patch has been applied by running the following command on a system protected by KernelCare:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ /usr/bin/kcarectl --check
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h4 id="backup-and-recovery" tabindex="-1"><a class="header-anchor" href="#backup-and-recovery" aria-hidden="true">#</a> Backup and Recovery</h4><p>There is no reason to backup KernelCare. KernelCare doesn&#39;t store any data. You can always re-install and re-register KernelCare. To backup the configuration file of KernelCare if you have modified it, backup the <code>/etc/sysconfig/kcare/</code> folder.</p><h4 id="routine-maintenance" tabindex="-1"><a class="header-anchor" href="#routine-maintenance" aria-hidden="true">#</a> Routine Maintenance</h4><p>KernelCare is packaged in RPM/DEB packages (depending on Linux distribution) and will update any time system packages are updated. No additional maintenance is needed.</p><h4 id="emergency-maintenance" tabindex="-1"><a class="header-anchor" href="#emergency-maintenance" aria-hidden="true">#</a> Emergency Maintenance</h4><p>If one of your instances degraded, once you start another instance based on EBS or snapshot – KernelCare will continue working as before, no additional work is needed. If you set up a new server instead, re-register KernelCare on the new server. If you decide to uninstall patches, run command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --unload
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>or complete remove <em>kernelcare</em> package by running the following command:</p><ul><li>on RPM-based systems<div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># rpm -e kernelcare
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div></li></ul><p>or</p><ul><li>on DEB-based systems<div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># dpkg --remove kernelcare
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div></li></ul><h4 id="patch-feed-advanced-options" tabindex="-1"><a class="header-anchor" href="#patch-feed-advanced-options" aria-hidden="true">#</a> Patch Feed Advanced Options</h4><h5 id="test-and-delayed-feeds" tabindex="-1"><a class="header-anchor" href="#test-and-delayed-feeds" aria-hidden="true">#</a> <strong>Test and Delayed Feeds</strong></h5><p>KernelCare Patch Server has several patch feeds available in addition to the standard (production) feed:</p><ul><li><strong>Test feed</strong> – the newest patches (test builds) that have not undergone the complete testing process. Test feed makes it possible to start testing new patches earlier.</li><li><strong>Delayed feeds</strong> – instructs KernelCare to skip loading patches that were released within the last 12/24/48 hours.</li></ul><p>The alternate feed option is enabled by setting <code>PREFIX</code> variable in <code>/etc/sysconfig/kcare/kcare.conf</code> to one of <code>test</code>/<code>12h</code>/<code>24h</code>/<code>48h</code>.</p><h5 id="feed-management-with-sticky-patch-feature" tabindex="-1"><a class="header-anchor" href="#feed-management-with-sticky-patch-feature" aria-hidden="true">#</a> <strong>Feed Management With Sticky Patch Feature</strong></h5><p>The best way to handle QA and Production environments is to use Sticky tag feature of KernelCare license keys issued from CloudLinux Network (CLN) portal. To use this tag, go to CLN portal → KernelCare tab → click on the target key → Edit Key Info window.</p><p><img src="/images/KC-Ent-list.png" alt=""></p><p><img src="/images/KC-Ent-edit.png" alt=""></p><p>You should provide a separate key for each environment and set them to a particular sticky tag which is actually the date to which all the servers in an environment have to be patched.</p><p><img src="/images/KC-Ent-sticky.png" alt=""></p><p>The date in Sticky tag field can be any date from May 28, 2018 up to one day before today.</p><p>To use Sticky tag feature on the servers to be patched, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ /usr/bin/kcarectl --set-sticky-patch=KEY
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>Alternatively, you can do the same by adding <code>STICKY_PATCH=KEY</code> to the <code>/etc/sysconfig/kcare/kcare.conf</code> file.</p><div class="tip custom-block"><p class="custom-block-title">Warning</p><p><strong>Do Not</strong> replace the <code>KEY</code> word with the actual KernelCare license key used to register the server.</p></div><p>When the Sticky tag feature is enabled for particular servers, all such servers will get patches only released before the date specified in the Sticky tag field.</p><p>This way, you can add new patches to all the servers in some environment (i.e. registered with the same KernelCare license key) by updating only a single field in the CLN portal.</p><h4 id="support" tabindex="-1"><a class="header-anchor" href="#support" aria-hidden="true">#</a> Support</h4><p>We offer unlimited, 24x7x365 support. <a href="https://cloudlinux.zendesk.com/hc/requests/new" target="_blank" rel="noopener noreferrer">Submit a request</a> or email us at <a href="mailto:support@cloudlinux.com">support@cloudlinux.com</a>.</p><ul><li>We answer all support questions within one business day and most within a couple of hours To expedite the support, run the following command on your server (as root user):</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --doctor
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>Then paste the generated key into the support request.</p><h4 id="support-costs" tabindex="-1"><a class="header-anchor" href="#support-costs" aria-hidden="true">#</a> Support Costs</h4><p>Your KernelCare subscription includes free 24/7 support.</p><h4 id="accessibility" tabindex="-1"><a class="header-anchor" href="#accessibility" aria-hidden="true">#</a> Accessibility</h4><h4 id="reference-materials" tabindex="-1"><a class="header-anchor" href="#reference-materials" aria-hidden="true">#</a> Reference Materials</h4><ul><li>KernelCare website: <a href="https://www.kernelcare.com" target="_blank" rel="noopener noreferrer">https://www.kernelcare.com</a></li><li>KernelCare Blog: <a href="https://www.kernelcare.com/blog/" target="_blank" rel="noopener noreferrer">https://www.kernelcare.com/blog/</a></li><li>KernelCare Patch Server: <a href="https://patches.kernelcare.com" target="_blank" rel="noopener noreferrer">https://patches.kernelcare.com</a></li><li>KernelCare documentation: <a href="https://docs.kernelcare.com/" target="_blank" rel="noopener noreferrer">https://docs.kernelcare.com/</a></li><li>CloudLinux Network – CLN (Billing Portal): <a href="https://cln.cloudlinux.com" target="_blank" rel="noopener noreferrer">https://cln.cloudlinux.com</a></li><li>CloudLinux 24/7 online support system: <a href="https://tuxcare.zendesk.com" target="_blank" rel="noopener noreferrer">https://tuxcare.zendesk.com</a></li></ul><h4 id="localization" tabindex="-1"><a class="header-anchor" href="#localization" aria-hidden="true">#</a> Localization</h4><p>KernelCare is available in the English language only.</p><h3 id="reseller-partner-ui" tabindex="-1"><a class="header-anchor" href="#reseller-partner-ui" aria-hidden="true">#</a> Reseller Partner UI</h3><p>Once you have got the reseller partner access, in IP Reseller Partner UI you can view and manage IP licenses, billing options, profile details. Here you can track your money balance, licenses count and licenses prices as well as using IP address search to find customers. You can find more information about KernelCare licensing <a href="https://www.kernelcare.com/pricing/" target="_blank" rel="noopener noreferrer">here</a>.</p><h4 id="server-section" tabindex="-1"><a class="header-anchor" href="#server-section" aria-hidden="true">#</a> Server Section</h4><p>As soon as you have added funds (See <strong>Billing Info/Add Funds</strong> below) to your account you can immediately add new licenses for clients. To add IP KernelCare license:</p><ol><li>Enter IP address in <strong>Add IP License</strong> field, choose license type in pull-down menu (KernelCare) and click <strong>Add license</strong>.</li></ol><p><img src="/images/reseller001.jpg" alt=""></p><ol start="2"><li><p>To delete license click <strong>Delete</strong> in front of the needed IP address.</p></li><li><p>To add KernelCare Key license go to <strong>KernelCare Keys</strong> tab, enter the number of servers allowed for the license in <strong>Max Servers</strong>, add description if needed and click <strong>Add</strong> . The key will be generated and appear in the list below.</p></li></ol><p>In the <strong>Operations List</strong> you are able to edit or delete the key.</p><p><img src="/images/reseller007_zoom96.png" alt=""></p><h4 id="billing-info-add-funds" tabindex="-1"><a class="header-anchor" href="#billing-info-add-funds" aria-hidden="true">#</a> Billing Info/Add Funds</h4><p>To add funds:</p><ol><li><p>Click <strong>Add Funds</strong> near your balance or go to <strong>Billing Info/Add Funds</strong> on the top of the starting page of your account.</p></li><li><p>Click <strong>Add</strong> to add credit card details, then enter funds amount and click <strong>TopUp</strong> or <strong>Process to Checkout</strong> to pay via PayPal.</p></li></ol><p><img src="/images/reseller002.jpg" alt=""></p><p>While adding credit card details, you can also choose <strong>Auto add funds</strong> option - the funds amount you choose in pull down menu will be automatically added when your balance is below $100.</p><p>If you choose <strong>Auto repay</strong>, your card will be automatically charged when your balance becomes negative. Minimal charge is $20 (E.g. for balance -$15 - you&#39;ll be charged at $20, for balance -$134.2 - you&#39;ll be charged at $134.2).</p><p><img src="/images/reseller003.jpg" alt=""></p><div class="tip custom-block"><p class="custom-block-title">Note</p><p>If your balance is shown as negative, it means that you have to deposit more funds.</p></div><h4 id="api-section" tabindex="-1"><a class="header-anchor" href="#api-section" aria-hidden="true">#</a> API Section</h4><p>CloudLinux and KernelCare IP licenses adding and removing is compatible with different hosting and domain management and billing systems and platforms. You can find comprehensive information on all possible CloudLinux modules and plug-ins APIs in API Section.</p><p><img src="/images/reseller004.jpg" alt=""></p><h4 id="profile" tabindex="-1"><a class="header-anchor" href="#profile" aria-hidden="true">#</a> Profile</h4><p>You can edit your profile information by clicking on <strong>Profile</strong> section. Edit the necessary info and click <strong>Update Account</strong>.</p><p><img src="/images/reseller5.jpg" alt=""><img src="/images/reseller006.jpg" alt=""></p><h3 id="how-to" tabindex="-1"><a class="header-anchor" href="#how-to" aria-hidden="true">#</a> How To</h3><h4 id="how-to-disable-hyperthreading-smt-without-reboot-kernelcare-case" tabindex="-1"><a class="header-anchor" href="#how-to-disable-hyperthreading-smt-without-reboot-kernelcare-case" aria-hidden="true">#</a> How to disable HyperThreading (SMT) without reboot: KernelCare case</h4><p>This article explains how to disable or enable SMT (Simultaneous multithreading) without rebooting using KernelCare, to help mitigate the recent MDS/Zombieload vulnerability.</p><p>Disabling CPU simultaneous multithreading (SMT) is one of the mitigations needed to counter the recent MDS vulnerability (also known as ‘Zombieload’). There is a performance impact that depends on the configuration of the hosting platform and its workload patterns. You should also consider the impact of other mitigation strategies, such as assigning dedicated cores to guests (e.g. VMs).</p><p>You can control and get the status of SMT with the kernel’s <code>sysfs</code> interface. There are two files, both in the <code>/sys/devices/system/cpu/smt</code> directory:</p><ul><li><code>control</code></li><li><code>active</code></li></ul><p>If you cannot find the <code>/sys/devices/system/cpu/smt</code> directory, this means your running kernel does not support SMT. In this case, you need to apply KernelCare patches so the SMT controls become available to your system. Use the <code>kcarectrl</code> command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>kcarectl --update
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><h4 id="security" tabindex="-1"><a class="header-anchor" href="#security" aria-hidden="true">#</a> Security</h4><p>The only thing you need to be able to install/control your KernelCare deployment is SSH access (root credentials, key-based authentication/sudo or similar mechanisms are preferred).</p><h4 id="costs" tabindex="-1"><a class="header-anchor" href="#costs" aria-hidden="true">#</a> Costs</h4><p>KernelCare is billed as a subscription service, for volume pricing please contact <a href="mailto:sales@cloudlinux.com">sales@cloudlinux.com</a></p><h4 id="sizing" tabindex="-1"><a class="header-anchor" href="#sizing" aria-hidden="true">#</a> Sizing</h4><p>KernelCare agent has a tiny RAM footprint - binary patches usually require less than 1 MB.</p><h4 id="deployment-guidance" tabindex="-1"><a class="header-anchor" href="#deployment-guidance" aria-hidden="true">#</a> Deployment Guidance</h4><p>To install KernelCare, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># curl -s -L https://kernelcare.com/installer | bash
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>or:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># wget -qq -O - https://kernelcare.com/installer | bash
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>If you are using IP-based license, nothing else required to be done. If you are using key-based license, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --register &lt;KEY&gt;
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>Where <code>KEY</code> is the registration key code string provided when you signed up for a trial or pruchased the product.</p><p>You can easily automate KernelCare deployment with Ansible, Puppet, Chef or other orchestration tools. Here are the steps that may be automated:</p><ol><li>Distribute KernelCare agent package (optional - required only for servers with no access to the Internet) and a KernelCare agent configuration file (<code>/etc/sysconfig/kcare/kcare.conf</code>);</li><li>Set required environmental variables (optional);</li><li>Install KernelCare agent from either locally available package or central KernelCare download location;</li><li>Register KernelCare with either license key or IP-based license.</li></ol><h4 id="health-check" tabindex="-1"><a class="header-anchor" href="#health-check" aria-hidden="true">#</a> Health Check</h4><p>Systems protected by KernelCare can be monitored by means of CloudLinux Network (CLN) portal available at <a href="https://cln.cloudlinux.com" target="_blank" rel="noopener noreferrer">https://cln.cloudlinux.com</a>. Registered KernelCare installations are grouped by license keys. Kernels that are marked with the exclamation sign in <span style="color:#E76930;">amber</span> do not have the latest patches installed.</p><p><img src="/images/KC-Ent-monit.png" alt="monit"></p><p>In either case, you can check whether the latest available patch has been applied by running the following command on a system protected by KernelCare:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --check
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h4 id="backup-and-recovery" tabindex="-1"><a class="header-anchor" href="#backup-and-recovery" aria-hidden="true">#</a> Backup and Recovery</h4><p>There is no reason to backup KernelCare. KernelCare doesn&#39;t store any data. You can always re-install and re-register KernelCare. To backup the configuration file of KernelCare if you have modified it, backup the <code>/etc/sysconfig/kcare/</code> folder.</p><h4 id="routine-maintenance" tabindex="-1"><a class="header-anchor" href="#routine-maintenance" aria-hidden="true">#</a> Routine Maintenance</h4><p>KernelCare is packaged in RPM/DEB packages (depending on Linux distribution) and will update any time system packages are updated. No additional maintenance is needed.</p><h4 id="emergency-maintenance" tabindex="-1"><a class="header-anchor" href="#emergency-maintenance" aria-hidden="true">#</a> Emergency Maintenance</h4><p>If one of your instances degraded, once you start another instance based on EBS or snapshot - KernelCare will continue working as before, no additional work is needed. If you set up a new server instead, re-register KernelCare on the new server. If you decide to uninstall patches, run the command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --unload
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>Or to completely remove the kernelcare package run one of the following commands:</p><ul><li>on RPM-based systems:</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># yum remove kernelcare
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ul><li>or on DEB-based systems:</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># apt-get remove kernelcare
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h3 id="patch-feed-advanced-options" tabindex="-1"><a class="header-anchor" href="#patch-feed-advanced-options" aria-hidden="true">#</a> Patch Feed Advanced Options</h3><h4 id="test-and-delayed-feeds" tabindex="-1"><a class="header-anchor" href="#test-and-delayed-feeds" aria-hidden="true">#</a> Test and Delayed Feeds</h4><p>The KernelCare Patch Server has several patch feeds available in addition to the standard (production) feed:</p><ul><li><strong>Test feed</strong> - the newest patches (test builds) that have not undergone the complete testing process. Test feed makes it possible to start testing new patches earlier.</li><li><strong>Delayed feeds</strong> - instructs KernelCare to skip loading patches that were released within the last 12/24/48 hours.</li></ul><p>The alternate feed option is enabled by setting <code>PREFIX</code> variable in <code>/etc/sysconfig/kcare/kcare.conf</code> to one of <code>test</code>/<code>12h</code>/<code>24h</code>/<code>48h</code>.</p><h4 id="feed-management-with-sticky-patch-feature" tabindex="-1"><a class="header-anchor" href="#feed-management-with-sticky-patch-feature" aria-hidden="true">#</a> Feed Management With Sticky Patch Feature</h4><p>The best way to handle QA and Production environments is to use Sticky tag feature of KernelCare license keys issued from CloudLinux Network (CLN) portal. To use this tag, go to CLN portal -&gt; KernelCare tab -&gt; click on the target key -&gt; Edit Key Info window.</p><p><img src="/images/KC-Ent-list.png" alt="activation keys"></p><p><img src="/images/KC-Ent-edit.png" alt="key details"></p><p>You should provide a separate key for each environment and set them to a particular sticky tag which is actually the date to which all the servers in an environment have to be patched.</p><p><img src="/images/KC-Ent-sticky.png" alt="edit key"></p><p>The date in the Sticky tag field can be any date from May 28, 2018 up to one day before today. To use the Sticky tag feature on the servers to be patched, run:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ kcarectl --set-sticky-patch=KEY
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>Alternatively, you can do the same by adding <code>STICKY_PATCH=KEY</code> to the <code>/etc/sysconfig/kcare/kcare.conf</code> file.</p><div class="tip custom-block"><p class="custom-block-title">Warning</p><p><strong>Do Not</strong> replace the <code>KEY</code> word with the actual KernelCare license key used to register the server, you should just use the word <code>KEY</code></p></div><p>When the Sticky tag feature is enabled for particular servers, all such servers will get patches only released before the date specified in the Sticky tag field. This way, you can add new patches to all the servers in an environment (i.e. registered with the same KernelCare license key) by updating only a single field in the CLN portal.</p><h4 id="support" tabindex="-1"><a class="header-anchor" href="#support" aria-hidden="true">#</a> Support</h4><p>We offer unlimited, 24x7x365 support. <a href="https://cloudlinux.zendesk.com/hc/requests/new" target="_blank" rel="noopener noreferrer">Submit a request</a> or email us at <a href="mailto:support@cloudlinux.com">support@cloudlinux.com</a></p><ul><li>We answer all support questions within one business day and most within a couple of hours. To expedite the support, run the following command on your server (as root):</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --doctor
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>Then paste the generated key into the support request.</p><h4 id="support-costs" tabindex="-1"><a class="header-anchor" href="#support-costs" aria-hidden="true">#</a> Support Costs</h4><p>Your KernelCare subscription includes free 24/7 support.</p><h4 id="reference-materials" tabindex="-1"><a class="header-anchor" href="#reference-materials" aria-hidden="true">#</a> Reference Materials</h4><ul><li>KernelCare website: <a href="https://www.kernelcare.com" target="_blank" rel="noopener noreferrer">https://www.kernelcare.com</a></li><li>KernelCare Blog: <a href="https://www.kernelcare.com/blog/" target="_blank" rel="noopener noreferrer">https://www.kernelcare.com/blog/</a></li><li>KernelCare Patch Server: <a href="https://patches.kernelcare.com" target="_blank" rel="noopener noreferrer">https://patches.kernelcare.com</a></li><li>KernelCare documentation: <a href="https://docs.kernelcare.com/" target="_blank" rel="noopener noreferrer">https://docs.kernelcare.com/</a></li><li>CloudLinux Network - CLN (Billing Portal): <a href="https://cln.cloudlinux.com" target="_blank" rel="noopener noreferrer">https://cln.cloudlinux.com</a></li><li>CloudLinux 24/7 online support system: <a href="https://tuxcare.zendesk.com" target="_blank" rel="noopener noreferrer">https://tuxcare.zendesk.com</a></li></ul><h4 id="localization" tabindex="-1"><a class="header-anchor" href="#localization" aria-hidden="true">#</a> Localization</h4><p>KernelCare is available in the English language only.</p><h3 id="reseller-partner-ui" tabindex="-1"><a class="header-anchor" href="#reseller-partner-ui" aria-hidden="true">#</a> Reseller Partner UI</h3><p>Once you have got the reseller partner access, in the IP Reseller Partner UI you can view and manage IP licenses, billing options and profile details. Here you can track your balance, license count and license prices as well as using an IP address search to find customers. You can find more information about KernelCare licensing <a href="https://www.kernelcare.com/pricing/" target="_blank" rel="noopener noreferrer">here</a>.</p><h4 id="server-section" tabindex="-1"><a class="header-anchor" href="#server-section" aria-hidden="true">#</a> Server Section</h4><p>As soon as you have added funds (See <strong>Billing Info/Add Funds</strong> below) to your account you can immediately add new licenses for clients. To add an IP KernelCare license:</p><ol><li>Enter IP address in the <strong>Add IP License</strong> field, choose a license type in the pull-down menu (KernelCare) and click <strong>Add license</strong>.</li></ol><p><img src="/images/reseller001.jpg" alt="reseller ui"></p><ol start="2"><li><p>To delete a license click <strong>Delete</strong> in front of the needed IP address.</p></li><li><p>To add a KernelCare Key license go to the <strong>KernelCare Keys</strong> tab, enter the number of servers allowed for the license in <strong>Max Servers</strong>, add a description if needed and click <strong>Add</strong>. The key will be generated and appear in the list below.</p></li></ol><p>In the <strong>Operations List</strong> you are able to edit or delete the key.</p><p><img src="/images/reseller007_zoom96.png" alt="reseller ops"></p><h4 id="billing-info-add-funds" tabindex="-1"><a class="header-anchor" href="#billing-info-add-funds" aria-hidden="true">#</a> Billing Info/Add Funds</h4><p>To add funds:</p><ol><li><p>Click <strong>Add Funds</strong> near your balance or go to <strong>Billing Info/Add Funds</strong> on the top of the starting page of your account.</p></li><li><p>Click <strong>Add</strong> to add credit card details, then enter funds amount and click <strong>TopUp</strong> or <strong>Process to Checkout</strong> to pay via PayPal.</p></li></ol><p><img src="/images/reseller002.jpg" alt="reseller billing"></p><p>While adding credit card details, you can also choose the <strong>Auto add funds</strong> option - the funds amount you choose in the pull down menu will be automatically added when your balance is below $100.</p><p>If you choose <strong>Auto repay</strong>, your card will be automatically charged when your balance becomes negative. The minimum charge is $20 (e.g. for a balance of -$15 you will be charged at $20, for a balance of -$134.2 you will be charged at $134.2).</p><p><img src="/images/reseller003.jpg" alt="add funds"></p><div class="tip custom-block"><p class="custom-block-title">Note</p><p>If your balance is shown as negative, it means that you have to deposit more funds.</p></div><h4 id="api-section" tabindex="-1"><a class="header-anchor" href="#api-section" aria-hidden="true">#</a> API Section</h4><p>CloudLinux and KernelCare IP license adding and removing is compatible with different hosting and domain management and billing systems and platforms. You can find comprehensive information on all possible CloudLinux modules and plug-ins APIs in API Section.</p><p><img src="/images/reseller004.jpg" alt="reseller api"></p><h4 id="profile" tabindex="-1"><a class="header-anchor" href="#profile" aria-hidden="true">#</a> Profile</h4><p>You can edit your profile information by clicking on <strong>Profile</strong> section. Edit the necessary info and click <strong>Update Account</strong>.</p><p><img src="/images/reseller5.jpg" alt="profile"><img src="/images/reseller006.jpg" alt="contacts"></p><h3 id="how-to" tabindex="-1"><a class="header-anchor" href="#how-to" aria-hidden="true">#</a> How To</h3><h4 id="how-to-disable-hyperthreading-smt-without-reboot-kernelcare-case" tabindex="-1"><a class="header-anchor" href="#how-to-disable-hyperthreading-smt-without-reboot-kernelcare-case" aria-hidden="true">#</a> How to disable HyperThreading (SMT) without reboot: KernelCare case</h4><p>This article explains how to disable or enable SMT (Simultaneous multithreading) without rebooting using KernelCare, to help mitigate the recent MDS/Zombieload vulnerability.</p><p>Disabling CPU simultaneous multithreading (SMT) is one of the mitigations needed to counter the recent MDS vulnerability (also known as ‘Zombieload&#39;). There is a performance impact that depends on the configuration of the hosting platform and its workload patterns. You should also consider the impact of other mitigation strategies, such as assigning dedicated cores to guests (e.g. VMs).</p><p>You can control and get the status of SMT with the kernel&#39;s <code>sysfs</code> interface. There are two files, both in the <code>/sys/devices/system/cpu/smt</code> directory:</p><ul><li><code>control</code></li><li><code>active</code></li></ul><p>If you cannot find the <code>/sys/devices/system/cpu/smt</code> directory, this means your running kernel does not support SMT. In this case, you need to apply KernelCare patches so the SMT controls become available to your system. Use the <code>kcarectrl</code> command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --update
+
 Kernel is safe
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>ls -l /sys/devices/system/cpu/smt
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># ls -l /sys/devices/system/cpu/smt
+
 -r--r--r-- 1 root root 4096 May 17 13:06 active
 -rw-r--r-- 1 root root 4096 May 17 13:06 control
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>As soon as you have these files in place, it is possible to proceed with disabling SMT.</p><iframe width="560" height="315" src="https://www.youtube.com/embed/RUGCvEO1hAE" frameborder="0" allow="accelerometer; autoplay; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe><h4 id="smt-control" tabindex="-1"><a class="header-anchor" href="#smt-control" aria-hidden="true">#</a> SMT Control</h4><p><code>/sys/devices/system/cpu/smt/control</code></p><p>This file lets you enable or disable SMT, and shows its state. There are three values:</p><ol><li><code>on</code>: The CPU supports SMT and it is enabled. All logical CPUs can be taken offline or online without restriction.</li><li><code>off</code>: The CPU supports SMT but it is disabled. Only so-called primary SMT threads can be taken offline/online without restriction. Attempts to put a non-primary sibling thread online will be rejected.</li><li><code>notsupported</code>: The CPU does not support SMT. You will not be able to write to the control file.</li></ol><h4 id="smt-status" tabindex="-1"><a class="header-anchor" href="#smt-status" aria-hidden="true">#</a> SMT Status</h4><p><code>/sys/devices/system/cpu/smt/active</code></p><p>The contents of this file show the status of SMT (e.g. if two or more sibling threads are active on the same physical core the contents of this file is 1, if not: 0).</p><p>Here are some commands to control SMT support (root permissions are required):</p><h4 id="check-the-smt-state" tabindex="-1"><a class="header-anchor" href="#check-the-smt-state" aria-hidden="true">#</a> Check the SMT state</h4><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>cat /sys/devices/system/cpu/smt/active
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h4 id="enable-smt" tabindex="-1"><a class="header-anchor" href="#enable-smt" aria-hidden="true">#</a> Enable SMT</h4><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>echo on &gt; /sys/devices/system/cpu/smt/control
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h4 id="disable-smt" tabindex="-1"><a class="header-anchor" href="#disable-smt" aria-hidden="true">#</a> Disable SMT</h4><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>echo off &gt; /sys/devices/system/cpu/smt/control
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>Disabling SMT, <a href="/how-to/#how-to-update-microcode-without-reboot-with-vendor-provided-package" class="">updating microcode</a>, and applying KernelCare patches will protect your systems against the ZombieLoad vulnerability. Note, only the latter action is applicable to virtual systems (e.g. VMs, VPS and other cloud instance types).</p><h4 id="how-to-update-microcode-without-reboot-with-vendor-provided-package" tabindex="-1"><a class="header-anchor" href="#how-to-update-microcode-without-reboot-with-vendor-provided-package" aria-hidden="true">#</a> How to update Microcode without reboot with vendor-provided package</h4><p>This article shows how to update the microcode of Intel CPUs running Linux.</p><div class="warning custom-block"><p class="custom-block-title">Warning</p><p>To avoid possible issues with Microcode updating, enable SMT before the update.</p></div><div class="tip custom-block"><p class="custom-block-title">Note</p><p>This article is subject to change and will be updated with instructions for other distributions.</p></div><div class="tip custom-block"><p class="custom-block-title">Notes</p><ul><li>These steps must be done as root.</li><li>The examples shown are for Debian.</li><li>If you have doubts your systems are fully protected against CPU- and kernel-related vulnerabilities, please <a href="mailto:sales@cloudlinux.com">get in touch with us</a>.</li></ul></div><h4 id="updating-microcode-on-ubuntu-and-debian" tabindex="-1"><a class="header-anchor" href="#updating-microcode-on-ubuntu-and-debian" aria-hidden="true">#</a> Updating microcode on Ubuntu and Debian</h4><ol><li><p>Find the microcode package download link for your platform</p><ul><li>Ubuntu: <a href="https://usn.ubuntu.com/3977-1/" target="_blank" rel="noopener noreferrer">https://usn.ubuntu.com/3977-1/</a></li><li>Debian: <a href="https://packages.debian.org/search?keywords=intel-microcode" target="_blank" rel="noopener noreferrer">https://packages.debian.org/search?keywords=intel-microcode</a></li></ul></li><li><p>Download the package</p></li></ol><div class="tip custom-block"><p class="custom-block-title">Note</p><p>Example shown for Debian 9</p></div><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>cd &lt;a temporary directory, e.g. /tmp&gt;
-mkdir firmware
-cd firmware
-wget http://security.debian.org/debian-security/pool/updates/non-free/i/intel-microcode/intel-microcode_3.20190514.1~deb9u1_amd64.deb
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="3"><li>Check the downloaded package</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>md5sum intel-microcode_3.20190514.1~deb9u1_amd64.deb
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>As soon as you have these files in place, it is possible to proceed with disabling SMT.</p><iframe width="560" height="315" src="https://www.youtube.com/embed/RUGCvEO1hAE" frameborder="0" allow="accelerometer; autoplay; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe><h4 id="smt-control" tabindex="-1"><a class="header-anchor" href="#smt-control" aria-hidden="true">#</a> SMT Control</h4><p><code>/sys/devices/system/cpu/smt/control</code></p><p>This file lets you enable or disable SMT, and shows its state. There are three values:</p><ol><li><code>on</code>: The CPU supports SMT and it is enabled. All logical CPUs can be taken offline or online without restriction.</li><li><code>off</code>: The CPU supports SMT but it is disabled. Only so-called primary SMT threads can be taken offline/online without restriction. Attempts to put a non-primary sibling thread online will be rejected.</li><li><code>notsupported</code>: The CPU does not support SMT. You will not be able to write to the control file.</li></ol><h4 id="smt-status" tabindex="-1"><a class="header-anchor" href="#smt-status" aria-hidden="true">#</a> SMT Status</h4><p><code>/sys/devices/system/cpu/smt/active</code></p><p>The contents of this file show the status of SMT (e.g. if two or more sibling threads are active on the same physical core the contents of this file is 1, if not: 0).</p><p>Here are some commands to control SMT support (root permissions are required):</p><h4 id="check-the-smt-state" tabindex="-1"><a class="header-anchor" href="#check-the-smt-state" aria-hidden="true">#</a> Check the SMT state</h4><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ cat /sys/devices/system/cpu/smt/active
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h4 id="enable-smt" tabindex="-1"><a class="header-anchor" href="#enable-smt" aria-hidden="true">#</a> Enable SMT</h4><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># echo on &gt; /sys/devices/system/cpu/smt/control
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h4 id="disable-smt" tabindex="-1"><a class="header-anchor" href="#disable-smt" aria-hidden="true">#</a> Disable SMT</h4><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># echo off &gt; /sys/devices/system/cpu/smt/control
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>Disabling SMT, <a href="/how-to/#how-to-update-microcode-without-reboot-with-vendor-provided-package" class="">updating microcode</a>, and applying KernelCare patches will protect your systems against the ZombieLoad vulnerability. Note, only the latter action is applicable to virtual systems (e.g. VMs, VPS and other cloud instance types).</p><h4 id="how-to-update-microcode-without-reboot-with-vendor-provided-package" tabindex="-1"><a class="header-anchor" href="#how-to-update-microcode-without-reboot-with-vendor-provided-package" aria-hidden="true">#</a> How to update Microcode without reboot with vendor-provided package</h4><p>This article shows how to update the microcode of Intel CPUs running Linux.</p><div class="warning custom-block"><p class="custom-block-title">Warning</p><p>To avoid possible issues with Microcode updating, enable SMT before the update.</p></div><div class="tip custom-block"><p class="custom-block-title">Note</p><p>This article is subject to change and will be updated with instructions for other distributions.</p></div><div class="tip custom-block"><p class="custom-block-title">Notes</p><ul><li>These steps must be done as root.</li><li>The examples shown are for Debian.</li><li>If you have doubts your systems are fully protected against CPU- and kernel-related vulnerabilities, please <a href="mailto:sales@cloudlinux.com">get in touch with us</a>.</li></ul></div><h4 id="updating-microcode-on-ubuntu-and-debian" tabindex="-1"><a class="header-anchor" href="#updating-microcode-on-ubuntu-and-debian" aria-hidden="true">#</a> Updating microcode on Ubuntu and Debian</h4><ol><li><p>Find the microcode package download link for your platform</p><ul><li>Ubuntu: <a href="https://usn.ubuntu.com/3977-1/" target="_blank" rel="noopener noreferrer">https://usn.ubuntu.com/3977-1/</a></li><li>Debian: <a href="https://packages.debian.org/search?keywords=intel-microcode" target="_blank" rel="noopener noreferrer">https://packages.debian.org/search?keywords=intel-microcode</a></li></ul></li><li><p>Download the package</p></li></ol><div class="tip custom-block"><p class="custom-block-title">Note</p><p>Example shown for Debian 9</p></div><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ cd &lt;a temporary directory, e.g. /tmp&gt;
+$ mkdir firmware
+$ cd firmware
+$ wget http://security.debian.org/debian-security/pool/updates/non-free/i/intel-microcode/intel-microcode_3.20190514.1~deb9u1_amd64.deb
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="3"><li>Check the downloaded package</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ md5sum intel-microcode_3.20190514.1~deb9u1_amd64.deb
+
 c7bc9728634137453e0f4821fb6bb436  intel-microcode_3.20190514.1~deb9u1_amd64.deb
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>A list of checksums is on <a href="https://packages.debian.org/stretch/amd64/intel-microcode/download" target="_blank" rel="noopener noreferrer">the Debian packages download page</a>.</p><ol start="4"><li>Unpack the package</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>dpkg -x intel-microcode_3.20190514.1~deb9u1_amd64.deb
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="5"><li>Check the unpacked files</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>ls -l
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>A list of checksums is on <a href="https://packages.debian.org/stretch/amd64/intel-microcode/download" target="_blank" rel="noopener noreferrer">the Debian packages download page</a>.</p><ol start="4"><li>Unpack the package</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ dpkg -x intel-microcode_3.20190514.1~deb9u1_amd64.deb
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="5"><li>Check the unpacked files</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ ls -l
+
 total 1896
 drwxr-xr-x 5 root root   53 May 15 04:18 etc
 -rw-r--r-- 1 root root 1940140 May 17 11:42 intel-microcode_3.20190514.1~deb9u1_amd64.deb
 drwxr-xr-x 3 root root   22 May 15 04:18 lib
 drwxr-xr-x 3 root root   19 May 15 04:18 usr
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="6"><li>Create a backup of existing microcode:</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>test -d /lib/firmware/intel-ucode/ &amp;&amp; mv /lib/firmware/intel-ucode/ /lib/firmware/intel-ucode.backup
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="7"><li>Copy the new microcode and check it</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>cp -r lib/firmware/intel-ucode/ /lib/firmware/
-ls -l /lib/firmware/ | grep intel-ucode
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="6"><li>Create a backup of existing microcode:</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># test -d /lib/firmware/intel-ucode/ &amp;&amp; mv /lib/firmware/intel-ucode/ /lib/firmware/intel-ucode.backup
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="7"><li>Copy the new microcode and check it</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># cp -r lib/firmware/intel-ucode/ /lib/firmware/
+# ls -l /lib/firmware/ | grep intel-ucode
+
 drwxr-xr-x  2 root root 4096 May 17 11:47 intel-ucode
 drwxr-xr-x  2 root root 4096 May 16 20:54 intel-ucode.backup
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="8"><li>Check the current microcode version</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>dmesg | grep microcode
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="8"><li>Check the current microcode version</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># dmesg | grep microcode
+
 [ 2.254717] microcode: sig=0x306a9, pf=0x10, revision=0x12
 [ 2.254820] microcode: Microcode Update Driver: v2.01 &lt;tigran@aivazian.fsnet.co.uk&gt;, Peter Oruba
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="9"><li>(Optional) Double check the current microcode versions (revisions per core)</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>cat /proc/cpuinfo | grep -e microcode
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="9"><li>(Optional) Double check the current microcode versions (revisions per core)</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ grep microcode /proc/cpuinfo
+
 microcode : 0x12
 microcode : 0x12
 microcode : 0x12
 microcode : 0x12
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="10"><li>Check the microcode reload file exists</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>ls -l /sys/devices/system/cpu/microcode/reload
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="10"><li>Check the microcode reload file exists</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ ls -l /sys/devices/system/cpu/microcode/reload
+
 --w------- 1 root root 4096 May 17 11:54 /sys/devices/system/cpu/microcode/reload
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ol start="11"><li>Force the kernel to load the new microcode</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>echo 1 &gt; /sys/devices/system/cpu/microcode/reload
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="12"><li>Check the new microcode</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>dmesg | grep microcode
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="11"><li>Force the kernel to load the new microcode</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># echo 1 &gt; /sys/devices/system/cpu/microcode/reload
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="12"><li>Check the new microcode</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># dmesg | grep microcode
+
 [ 2.254717] microcode: sig=0x306a9, pf=0x10, revision=0x12
 [ 2.254820] microcode: Microcode Update Driver: v2.01 &lt;tigran@aivazian.fsnet.co.uk&gt;, Peter Oruba
 [ 1483.494573] platform microcode: firmware: direct-loading firmware intel-ucode/06-3a-09
@@ -176,16 +204,18 @@
 [ 1483.496012] platform microcode: firmware: direct-loading firmware intel-ucode/06-3a-09
 [ 1483.496698] platform microcode: firmware: direct-loading firmware intel-ucode/06-3a-09
 [ 1483.497391] platform microcode: firmware: direct-loading firmware intel-ucode/06-3a-09
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="13"><li>(Optional) Double check the new microcode version (revisions per core)</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>cat /proc/cpuinfo | grep -e microcode
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="13"><li>(Optional) Double check the new microcode version (revisions per core)</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ grep microcode /proc/cpuinfo
+
 microcode : 0x21
 microcode : 0x21
 microcode : 0x21
 microcode : 0x21
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><h4 id="updating-microcode-on-red-hat-and-centos" tabindex="-1"><a class="header-anchor" href="#updating-microcode-on-red-hat-and-centos" aria-hidden="true">#</a> Updating Microcode on Red Hat and CentOS</h4><p>For RHEL-based distributions, you can use the <code>microcode_ctl utility</code> to update microcode.</p><ol><li>Get the latest microcode by updating the <code>microcode_ctl</code> package</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>yum update microcode_ctl
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="2"><li>Create a force file</li></ol><p>Create a <code>force-late-intel–06–4f–01</code> inside the firmware directory.</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>touch /lib/firmware/`uname -r`/force-late-intel-06-4f-01
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="3"><li>Run the microcode update</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>/usr/libexec/microcode_ctl/update_ucode
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="4"><li>Force the kernel to load the new microcode</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>echo 1 &gt; /sys/devices/system/cpu/microcode/reload
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="5"><li>Check the new microcode</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>dmesg | grep microcode
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><h4 id="updating-microcode-on-red-hat-and-centos" tabindex="-1"><a class="header-anchor" href="#updating-microcode-on-red-hat-and-centos" aria-hidden="true">#</a> Updating Microcode on Red Hat and CentOS</h4><p>For RHEL-based distributions, you can use the <code>microcode_ctl utility</code> to update microcode.</p><ol><li>Get the latest microcode by updating the <code>microcode_ctl</code> package</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># yum update microcode_ctl
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="2"><li>Create a force file</li></ol><p>Create a <code>force-late-intel-06-4f-01</code> inside the firmware directory.</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># touch /lib/firmware/`uname -r`/force-late-intel-06-4f-01
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="3"><li>Run the microcode update</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># /usr/libexec/microcode_ctl/update_ucode
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="4"><li>Force the kernel to load the new microcode</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># echo 1 &gt; /sys/devices/system/cpu/microcode/reload
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="5"><li>Check the new microcode</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># dmesg | grep microcode
+
 [ 2.254717] microcode: sig=0x306a9, pf=0x10, revision=0x12
 [ 2.254820] microcode: Microcode Update Driver: v2.01 &lt;tigran@aivazian.fsnet.co.uk&gt;, Peter Oruba
 [ 1483.494573] platform microcode: firmware: direct-loading firmware intel-ucode/06-3a-09
@@ -193,66 +223,71 @@
 [ 1483.496012] platform microcode: firmware: direct-loading firmware intel-ucode/06-3a-09
 [ 1483.496698] platform microcode: firmware: direct-loading firmware intel-ucode/06-3a-09
 [ 1483.497391] platform microcode: firmware: direct-loading firmware intel-ucode/06-3a-09
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="6"><li>(Optional) Double check the new microcode version (revisions per core)</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>cat /proc/cpuinfo | grep -e microcode
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="6"><li>(Optional) Double check the new microcode version (revisions per core)</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ grep microcode /proc/cpuinfo
+
 microcode : 0x21
 microcode : 0x21
 microcode : 0x21
 microcode : 0x21
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><h4 id="updating-microcode-on-centos-6" tabindex="-1"><a class="header-anchor" href="#updating-microcode-on-centos-6" aria-hidden="true">#</a> Updating Microcode on CentOS 6</h4><ol><li>Get the latest microcode by updating the <code>microcode_ctl</code> package</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>yum update microcode_ctl
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><h4 id="updating-microcode-on-centos-6" tabindex="-1"><a class="header-anchor" href="#updating-microcode-on-centos-6" aria-hidden="true">#</a> Updating Microcode on CentOS 6</h4><ol><li>Get the latest microcode by updating the <code>microcode_ctl</code> package</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># yum update microcode_ctl
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="2"><li>If <code>yum update microcode_ctl</code> outputs the following:</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>Package(s) microcode_ctl available, but not installed.
 No Packages marked for Update
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>you need to install the package manually.</p><ol start="3"><li>To install <code>microcode_ctl</code> package, run the command:</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>yum install microcode_ctl
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>The command output:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>Installed:
-  microcode_ctl.x86_64 2:1.17-33.11.el6_10                                                                                                                                 
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>you need to install the package manually.</p><ol start="3"><li>To install <code>microcode_ctl</code> package, run the command:</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># yum install microcode_ctl
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>The command should output:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>Installed:
+  microcode_ctl.x86_64 2:1.17-33.11.el6_10
 
 Complete!
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="4"><li>Check CPU microcode version:</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>cat /proc/cpuinfo | grep microcode
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="4"><li>Check CPU microcode version:</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ grep microcode /proc/cpuinfo
+
 microcode       : 9
 microcode       : 9
 microcode       : 9
 microcode       : 9
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="5"><li>Try to update microcode</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>microcode_ctl -u
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="5"><li>Try to update microcode</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># microcode_ctl -u
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>If you see the output:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>microcode_ctl: writing microcode (length: 2370560)
 microcode_ctl: cannot open /dev/cpu/microcode for writing errno=2 (No such file or directory)
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>You need to load driver microcode.</p><ol start="6"><li>Load driver microcode</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>modprobe microcode
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="7"><li>Try to update microcode again:</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>microcode_ctl -u
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>You need to load driver microcode.</p><ol start="6"><li>Load driver microcode</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># modprobe microcode
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ol start="7"><li>Try to update microcode again:</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># microcode_ctl -u
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>If you see the output:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>microcode_ctl: writing microcode (length: 2370560)
 microcode_ctl: microcode successfully written to /dev/cpu/microcode
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>then update is successful.</p><ol start="8"><li>Check version:</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>cat /proc/cpuinfo | grep microcode
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>then the update is successful.</p><ol start="8"><li>Check version:</li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ grep microcode /proc/cpuinfo
+
 microcode       : 17
 microcode       : 17
 microcode       : 17
 microcode       : 17
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><iframe width="560" height="315" src="https://www.youtube.com/embed/EydWy-b9uns" frameborder="0" allow="accelerometer; autoplay; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe><h4 id="plesk-related" tabindex="-1"><a class="header-anchor" href="#plesk-related" aria-hidden="true">#</a> Plesk related</h4><h4 id="how-to-get-a-kernelcare-activation-key-from-the-extended-plesk-license" tabindex="-1"><a class="header-anchor" href="#how-to-get-a-kernelcare-activation-key-from-the-extended-plesk-license" aria-hidden="true">#</a> How to get a KernelCare activation key from the extended Plesk license</h4><p>Often our clients purchase KernelCare licenses through Plesk/Odin and in such cases, they get a universal key which includes the KernelCare license and other additional keys for Plesk plugins. Such a key has the following syntax – <code>A00B00-0CDE00-F0G000-HIGK00-LM0N00</code>, – and initially, it is installed through Plesk automatically and the license gets activated successfully.</p><p>However, if it is required to re-register the agent for some reason or simply get the KernelCare activation key separately, it would be impossible to apply the above-mentioned one – we would need to deal with the KernelCare service separately.</p><p>To get the KernelCare activation key from the extended Plesk license key, you will need to proceed with the following.</p><ol><li>Navigate to <em>Tools &amp; Settings &gt;&gt; Plesk &gt;&gt; License Management &gt;&gt; Additional License Keys</em></li></ol><p><img src="/images/LicenseManagement.png" alt=""></p><p><img src="/images/AdditionalLicenseKeys.png" alt=""></p><ol start="2"><li><p>Click <em>Download key</em> next to the KernelCare license listed on the page and open the file downloaded in some text editor</p></li><li><p>Find the following abstract:</p></li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>&lt;!--Key body--&gt;
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><iframe width="560" height="315" src="https://www.youtube.com/embed/EydWy-b9uns" frameborder="0" allow="accelerometer; autoplay; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe><h4 id="plesk-related" tabindex="-1"><a class="header-anchor" href="#plesk-related" aria-hidden="true">#</a> Plesk related</h4><h4 id="how-to-get-a-kernelcare-activation-key-from-the-extended-plesk-license" tabindex="-1"><a class="header-anchor" href="#how-to-get-a-kernelcare-activation-key-from-the-extended-plesk-license" aria-hidden="true">#</a> How to get a KernelCare activation key from the extended Plesk license</h4><p>Often our clients purchase KernelCare licenses through Plesk/Odin and in such cases, they get a universal key which includes the KernelCare license and other additional keys for Plesk plugins. Such a key has the following syntax - <code>A00B00-0CDE00-F0G000-HIGK00-LM0N00</code>, and initially, it is installed through Plesk automatically and the license gets activated successfully.</p><p>However, if it is required to re-register the agent for some reason or simply get the KernelCare activation key separately, it would be impossible to apply the above-mentioned one - we would need to deal with the KernelCare service separately.</p><p>To get the KernelCare activation key from the extended Plesk license key, you will need to proceed with the following.</p><ol><li>Navigate to <em>Tools &amp; Settings -&gt; Plesk -&gt; License Management -&gt; Additional License Keys</em></li></ol><p><img src="/images/LicenseManagement.png" alt="plesk keys"></p><p><img src="/images/AdditionalLicenseKeys.png" alt="more keys"></p><ol start="2"><li><p>Click <em>Download key</em> next to the KernelCare license listed on the page and open the file downloaded in some text editor</p></li><li><p>Find the following abstract:</p></li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>&lt;!--Key body--&gt;
 &lt;aps-3:key-body core:encoding=&quot;base64&quot; core:type=&quot;binary&quot;&gt;YOUR_BASE64_ENCODED_LICENSE_KEY==&lt;/aps-3:key-body&gt;
 &lt;!--Information about additional key--&gt;
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="4"><li><p>This is your base64-encoded key, and it should be decoded using a CLI utility or an online base64 decoder into UTF-8, e.g. <a href="https://www.base64decode.org" target="_blank" rel="noopener noreferrer">https://www.base64decode.org</a>. The new license key should have the following format: <code>xxxxxxxxxxxxxxxx</code>. It will contain lower and upper case letters and numbers.</p></li><li><p>Use the new key decoded to activate the service:</p></li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>/usr/bin/kcarectl --register DECODED_KEY_HERE
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>This is it!</p><h2 id="libcare" tabindex="-1"><a class="header-anchor" href="#libcare" aria-hidden="true">#</a> LibCare</h2><p>LibCare enables security patching of critical userspace shared libraries in-memory without restarting or disrupting the applications using them. This is techinical documentation describing the solution; for a high level summary see <a href="https://tuxcare.com/enterprise-live-patching-services/libcare/" target="_blank" rel="noopener noreferrer">LibCare&#39;s main web site</a>.</p><h3 id="supported-libraries-and-operating-systems" tabindex="-1"><a class="header-anchor" href="#supported-libraries-and-operating-systems" aria-hidden="true">#</a> Supported libraries and operating systems</h3><p>LibCare provide security updates for the OpenSSL and glibc libraries on many operating systems.</p><h3 id="supported-operating-systems" tabindex="-1"><a class="header-anchor" href="#supported-operating-systems" aria-hidden="true">#</a> Supported operating systems</h3><p>LibCare patching is available for many operating systems including CentOS, AlmaLinux, Oracle Linux, Debian and Ubuntu.</p><p><a href="https://patches.kernelcare.com/" target="_blank" rel="noopener noreferrer">Check compatibility with your operating system</a>.</p><h3 id="installation-and-upgrade" tabindex="-1"><a class="header-anchor" href="#installation-and-upgrade" aria-hidden="true">#</a> Installation and upgrade</h3><p>Userspace processes patching feature is available in the KernelCare package.</p><h3 id="usage" tabindex="-1"><a class="header-anchor" href="#usage" aria-hidden="true">#</a> Usage</h3><p>To apply the available patches to all userspace processes, run the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ kcarectl --lib-update
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To gather information about what processes were patched, run the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ kcarectl --lib-info
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To gather information about applied patches, run the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ kcarectl --lib-patch-info
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To unpatch all processes, run the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ kcarectl --lib-unload
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h4 id="blacklisting" tabindex="-1"><a class="header-anchor" href="#blacklisting" aria-hidden="true">#</a> Blacklisting</h4><p>Applying a live patch may clash with software such as anti-viruses that detect or prevent memory updates. While the majority of software is compatible with live patching, for the software that may misbehave, LibCare comes with a default blacklist. The blacklist is located in the /var/lib/libcare/blacklist and contains the list of known applications that may misbehave when live patched. You can override those values by creating the file <code>/var/cache/kcare/userspace/blacklist</code>.</p><p>The format of the file is as follows. Patterns should be specified line by line prefixed with pattern type and a colon. Comment starts with dash (#). Example:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code> # Symantec Antivirus
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ol start="4"><li><p>This is your base64-encoded key, and it should be decoded using a CLI utility or an online base64 decoder into UTF-8, e.g. <a href="https://www.base64decode.org" target="_blank" rel="noopener noreferrer">https://www.base64decode.org</a>. The new license key should have the following format: <code>xxxxxxxxxxxxxxxx</code>. It will contain lower and upper case letters and numbers.</p></li><li><p>Use the new key decoded to activate the service:</p></li></ol><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --register DECODED_KEY_HERE
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>That&#39;s it!</p><h2 id="libcare" tabindex="-1"><a class="header-anchor" href="#libcare" aria-hidden="true">#</a> LibCare</h2><p>LibCare enables security patching of critical userspace shared libraries in-memory without restarting or disrupting the applications using them. This is techinical documentation describing the solution; for a high level summary see <a href="https://tuxcare.com/enterprise-live-patching-services/libcare/" target="_blank" rel="noopener noreferrer">LibCare&#39;s main web site</a>.</p><h3 id="supported-libraries-and-operating-systems" tabindex="-1"><a class="header-anchor" href="#supported-libraries-and-operating-systems" aria-hidden="true">#</a> Supported libraries and operating systems</h3><p>LibCare provide security updates for the OpenSSL and glibc libraries on many operating systems.</p><h3 id="supported-operating-systems" tabindex="-1"><a class="header-anchor" href="#supported-operating-systems" aria-hidden="true">#</a> Supported operating systems</h3><p>LibCare patching is available for many operating systems including CentOS, AlmaLinux, Oracle Linux, Debian and Ubuntu.</p><p><a href="https://patches.kernelcare.com/" target="_blank" rel="noopener noreferrer">Check compatibility with your operating system</a>.</p><h3 id="installation-and-upgrade" tabindex="-1"><a class="header-anchor" href="#installation-and-upgrade" aria-hidden="true">#</a> Installation and upgrade</h3><p>Userspace processes patching feature is available in the KernelCare package.</p><h3 id="usage" tabindex="-1"><a class="header-anchor" href="#usage" aria-hidden="true">#</a> Usage</h3><p>To apply the available patches to all userspace processes, run the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --lib-update
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To gather information about what processes were patched, run the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --lib-info
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To gather information about applied patches, run the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --lib-patch-info
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To unpatch all processes, run the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kcarectl --lib-unload
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h4 id="blacklisting" tabindex="-1"><a class="header-anchor" href="#blacklisting" aria-hidden="true">#</a> Blacklisting</h4><p>Applying a live patch may clash with software such as anti-viruses that detect or prevent memory updates. While the majority of software is compatible with live patching, for the software that may misbehave, LibCare comes with a default blacklist. The blacklist is located in the /var/lib/libcare/blacklist and contains the list of known applications that may misbehave when live patched. You can override those values by creating the file <code>/var/cache/kcare/userspace/blacklist</code>.</p><p>The format of the file is as follows. Patterns should be specified line by line prefixed with pattern type and a colon. Comments start with a hash (#). For example:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code> # Symantec Antivirus
  path: /opt/Symantec/*
  filename:symcfgd
  filename:rtvscand
  filename:smcd
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>Specifying <code>path</code> means that the whole path to binary will be taken into account, while using <code>filename</code> allows to blacklist a process irrespective of the full path to binary.</p><p>Wildcards are also supported:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code> filename:docker*
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>Specifying <code>path</code> means that the whole path to binary will be taken into account, while using <code>filename</code> allows you to blacklist a process irrespective of the full path to the binary.</p><p>Wildcards are also supported:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code> filename:docker*
  path:/usr/libexec/docker/docker-*
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>Also a POSIX regular expressions could be used as follows:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code> regex:/usr/bin/[[:alnum:]]+
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h4 id="auto-update" tabindex="-1"><a class="header-anchor" href="#auto-update" aria-hidden="true">#</a> Auto update</h4><p>Userspace patching cron job is disabled by default. To enable it, run the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>libcare-cron init
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h3 id="usage-in-containers" tabindex="-1"><a class="header-anchor" href="#usage-in-containers" aria-hidden="true">#</a> Usage in containers</h3><p>LibCare supports containers natively, including docker, LXC and other containerization technologies. When run on the host it operates on all processes that are running, including processes present in containers. At the same time there are two ways to use LibCare with containers and each has its own advantages and disadvantages. Let&#39;s go through them.</p><h4 id="disposable-container-servers" tabindex="-1"><a class="header-anchor" href="#disposable-container-servers" aria-hidden="true">#</a> Disposable container servers</h4><p>Disposable container servers are services that are run within a container for limited time and are refreshed periodically, e.g., daily to get the latest security updates. The recommended way to run LibCare with disposable containers is by installing <code>kernelcare</code> on the host, and it will automatically patch all processes libraries in the containers.</p><h4 id="persistent-container-servers" tabindex="-1"><a class="header-anchor" href="#persistent-container-servers" aria-hidden="true">#</a> Persistent container servers</h4><p>Persistent container servers are services that are run in containers the same way as a traditional physical server, i.e., the LXC approach. Although LibCare can run the same way as with disposable containers, it is also possible to install <code>kernelcare</code> within each container and that will enable live patching of the processes of each container individually. That approach enables accurate patching information within each containerized server that can be used by the available vulnerability scanner. When using this approach userspace patching must be disabled on the host using <code>kcarectl --disable-libcare</code>.</p><h3 id="troubleshooting" tabindex="-1"><a class="header-anchor" href="#troubleshooting" aria-hidden="true">#</a> Troubleshooting</h3><h4 id="auditd-logs" tabindex="-1"><a class="header-anchor" href="#auditd-logs" aria-hidden="true">#</a> Auditd logs</h4><p>The LibCare tools heavily use a <code>ptrace</code> syscall and, in case of <code>auditd</code> trace it&#39;s calls, there will be a lot of records in a log. There is a rule that provided by kernelcare package and located here: <code>/etc/audit/rules.d/kernelcare.rules</code>. It will exclue kernelcare processes from audit.</p><p><strong>Note</strong>: no such rule is provided for <code>el6</code> due to old <code>autditd</code> restrictions. There is a command that will add such rule in runtime:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>auditctl -l | grep kcare | cut -d&#39; &#39; -f2- | xargs -t -L1 -r auditctl -d &amp;&amp; pgrep libcare-server | xargs -t -n1 -i auditctl -A exit,never -F arch=b64 -S ptrace -F pid=&quot;{}&quot; -k kcarever | xargs -t -n1 -i auditctl -A exit,never -F arch=b64 -S ptrace -F pid=&quot;{}&quot; -k kcare
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>It removes all currently enabled KernelCare rules and adds a new one by LibCare&#39;s process ID.</p><h3 id="unpatched-library-detector-uchecker" tabindex="-1"><a class="header-anchor" href="#unpatched-library-detector-uchecker" aria-hidden="true">#</a> Unpatched Library Detector (UChecker)</h3><h4 id="description" tabindex="-1"><a class="header-anchor" href="#description" aria-hidden="true">#</a> Description</h4><p>UChecker is a scanner that checks network Linux servers and detects out-of-date libraries both on disk and in memory. KernelCare’s open-source scanner will find false negatives by correctly reporting vulnerable libraries running in memory that could be reported as updated by other scanners.</p><p>The UChecker (originated from &quot;userspace checker&quot;) works with all modern Linux Distributions, it is free and open-source, distributed under the GNU General Public License.</p><h4 id="how-uchecker-works" tabindex="-1"><a class="header-anchor" href="#how-uchecker-works" aria-hidden="true">#</a> How UChecker works</h4><p>This activity diagram shows how UChecker works:</p><p><img src="/images/uchecker.jpg" alt=""></p><h4 id="usage-1" tabindex="-1"><a class="header-anchor" href="#usage-1" aria-hidden="true">#</a> Usage</h4><p>To scan your systems, run the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ curl -s -L https://kernelcare.com/uchecker | sudo python
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>Also POSIX regular expressions could be used as follows:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code> regex:/usr/bin/[[:alnum:]]+
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h4 id="auto-update" tabindex="-1"><a class="header-anchor" href="#auto-update" aria-hidden="true">#</a> Auto update</h4><p>Userspace patching cron job is disabled by default. To enable it, run the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># libcare-cron init
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h3 id="usage-in-containers" tabindex="-1"><a class="header-anchor" href="#usage-in-containers" aria-hidden="true">#</a> Usage in containers</h3><p>LibCare supports containers natively, including docker, LXC and other containerization technologies. When run on the host it operates on all processes that are running, including processes present in containers. At the same time there are two ways to use LibCare with containers and each has its own advantages and disadvantages. Let&#39;s go through them.</p><h4 id="disposable-container-servers" tabindex="-1"><a class="header-anchor" href="#disposable-container-servers" aria-hidden="true">#</a> Disposable container servers</h4><p>Disposable container servers are services that are run within a container for a limited time and are refreshed periodically, e.g. daily to get the latest security updates. The recommended way to run LibCare with disposable containers is by installing <code>kernelcare</code> on the host, and it will automatically patch all processes libraries in the containers.</p><h4 id="persistent-container-servers" tabindex="-1"><a class="header-anchor" href="#persistent-container-servers" aria-hidden="true">#</a> Persistent container servers</h4><p>Persistent container servers are services that are run in containers the same way as a traditional physical server, i.e. the LXC approach. Although LibCare can run the same way as with disposable containers, it is also possible to install <code>kernelcare</code> within each container and that will enable live patching of the processes of each container individually. That approach enables accurate patching information within each containerized server that can be used by the available vulnerability scanner. When using this approach userspace patching must be disabled on the host using <code>kcarectl --disable-libcare</code>.</p><h3 id="troubleshooting" tabindex="-1"><a class="header-anchor" href="#troubleshooting" aria-hidden="true">#</a> Troubleshooting</h3><h4 id="auditd-logs" tabindex="-1"><a class="header-anchor" href="#auditd-logs" aria-hidden="true">#</a> Auditd logs</h4><p>The LibCare tools heavily use the <code>ptrace</code> syscall, and if <code>auditd</code> is configured to trace it&#39;s calls there will be a lot of records in the logs. There is a rule that is provided by the kernelcare package and is located at <code>/etc/audit/rules.d/kernelcare.rules</code> that will exclude the kernelcare processes from auditd.</p><p><strong>Note</strong>: no such rule is provided for EL6 due to old <code>autditd</code> restrictions. There is a command that will add such a rule at runtime:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># auditctl -l | grep kcare | cut -d&#39; &#39; -f2- | xargs -t -L1 -r auditctl -d &amp;&amp; pgrep libcare-server | \
+    xargs -t -n1 -i auditctl -A exit,never -F arch=b64 -S ptrace -F pid=&quot;{}&quot; -k kcarever | \
+    xargs -t -n1 -i auditctl -A exit,never -F arch=b64 -S ptrace -F pid=&quot;{}&quot; -k kcare
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>It removes all currently enabled KernelCare rules and adds a new one by LibCare&#39;s process ID.</p><h3 id="unpatched-library-detector-uchecker" tabindex="-1"><a class="header-anchor" href="#unpatched-library-detector-uchecker" aria-hidden="true">#</a> Unpatched Library Detector (UChecker)</h3><h4 id="description" tabindex="-1"><a class="header-anchor" href="#description" aria-hidden="true">#</a> Description</h4><p>UChecker is a scanner that checks network Linux servers and detects out-of-date libraries both on disk and in memory. KernelCare&#39;s open-source scanner will find false negatives by correctly reporting vulnerable libraries running in memory that could be reported as updated by other scanners.</p><p>The UChecker (originated from &quot;userspace checker&quot;) works with all modern Linux Distributions, it is free and open-source, distributed under the GNU General Public License.</p><h4 id="how-uchecker-works" tabindex="-1"><a class="header-anchor" href="#how-uchecker-works" aria-hidden="true">#</a> How UChecker works</h4><p>This activity diagram shows how UChecker works:</p><p><img src="/images/uchecker.jpg" alt="uchecker"></p><h4 id="uchecker-usage" tabindex="-1"><a class="header-anchor" href="#uchecker-usage" aria-hidden="true">#</a> UChecker Usage</h4><p>To scan your systems, run the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ curl -s -L https://kernelcare.com/uchecker | sudo python
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>You will receive the following output:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>[*] Process httpd[15516] linked to the `libc-2.17.so` that is not up to date.
 
 You may want to update libraries above and restart corresponding processes.
 
-KernelCare+ allows to resolve such issues with no process downtime. To find 
+KernelCare+ allows to resolve such issues with no process downtime. To find
 out more, please, visit https://lp.kernelcare.com/kernelcare-early-access?
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>The following information is available in the output:</p><ul><li>Process ID</li><li>Process Name</li></ul><h4 id="troubleshooting-1" tabindex="-1"><a class="header-anchor" href="#troubleshooting-1" aria-hidden="true">#</a> Troubleshooting</h4><p>To verbose output, you can choose a logging level: <code>ERROR</code>, <code>WARNING</code>, <code>INFO</code>, and <code>DEBUG</code>.</p><p>For example:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ curl -s -L https://kernelcare.com/uchecker | sudo LOGLEVEL=debug python
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To learn more, visit the <a href="https://github.com/cloudlinux/kcare-uchecker" target="_blank" rel="noopener noreferrer">UChecker Github page</a>.</p><h2 id="qemucare" tabindex="-1"><a class="header-anchor" href="#qemucare" aria-hidden="true">#</a> QEMUCare</h2><p>QEMUCare – virtualization patching for cloud providers, VPS hosters, or any other company with QEMU based virtualization systems. It keeps infrastructure patched without disrupting virtual tenants’ systems.</p><h3 id="how-qemucare-works" tabindex="-1"><a class="header-anchor" href="#how-qemucare-works" aria-hidden="true">#</a> How QEMUCare works</h3><ul><li>An agent is installed on each virtualization host which installs patches directly from the QEMUCare repository.</li><li>In an ePortal environment, your Virtualization Hosts communicate with the QEMUCare ePortal server that acts as an intermediary.</li></ul><h3 id="qemu-patchset-deployment" tabindex="-1"><a class="header-anchor" href="#qemu-patchset-deployment" aria-hidden="true">#</a> QEMU PatchSet Deployment</h3><p>Starting from version 1.25, ePortal supports the QEMU patchset management. It is accessible from the <code>Patches / QEMUcare</code> navigation item. QEMU patches use the same Patch Source credentials, and you don&#39;t need to perform additional configuration.</p><p><img src="/images/eportal-qemu-feed.png" alt=""></p><p>User interface for the QEMU patch management is the same as for KernelCare patches, and you can refer the <a href="https://docs.tuxcare.com/eportal/#patchset-deployment" target="_blank" rel="noopener noreferrer">PatchSet Deployment</a> documentation.</p><h4 id="cli-to-install-the-latest-patchsets" tabindex="-1"><a class="header-anchor" href="#cli-to-install-the-latest-patchsets" aria-hidden="true">#</a> CLI to install the latest patchsets</h4><p>To update the default feed, run the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>kc.eportal qemu update
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To update the <code>test</code> feed, run the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>kc.eportal qemu update --feed test
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To update all auto-feeds, run the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>kc.eportal qemu auto-update
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h4 id="cli-to-deploy-patchset-from-archive" tabindex="-1"><a class="header-anchor" href="#cli-to-deploy-patchset-from-archive" aria-hidden="true">#</a> CLI to deploy patchset from archive</h4><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>~$ kc.eportal qemu deploy --help
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>The following information is available in the output:</p><ul><li>Process ID</li><li>Process Name</li></ul><h4 id="uchecker-troubleshooting" tabindex="-1"><a class="header-anchor" href="#uchecker-troubleshooting" aria-hidden="true">#</a> UChecker Troubleshooting</h4><p>To see verbose output, you can choose a logging level: <code>ERROR</code>, <code>WARNING</code>, <code>INFO</code>, and <code>DEBUG</code>.</p><p>For example:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ curl -s -L https://kernelcare.com/uchecker | sudo LOGLEVEL=debug python
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To learn more, visit the <a href="https://github.com/cloudlinux/kcare-uchecker" target="_blank" rel="noopener noreferrer">UChecker Github page</a>.</p><h2 id="qemucare" tabindex="-1"><a class="header-anchor" href="#qemucare" aria-hidden="true">#</a> QEMUCare</h2><p>QEMUCare - virtualization patching for cloud providers, VPS hosters, or any other company with QEMU based virtualization systems. It keeps infrastructure patched without disrupting virtual tenants&#39; systems.</p><h3 id="how-qemucare-works" tabindex="-1"><a class="header-anchor" href="#how-qemucare-works" aria-hidden="true">#</a> How QEMUCare works</h3><ul><li>An agent is installed on each virtualization host which installs patches directly from the QEMUCare repository.</li><li>In an ePortal environment, your Virtualization Hosts communicate with the QEMUCare ePortal server that acts as an intermediary.</li></ul><h3 id="qemu-patchset-deployment" tabindex="-1"><a class="header-anchor" href="#qemu-patchset-deployment" aria-hidden="true">#</a> QEMU PatchSet Deployment</h3><p>Starting from version 1.25, ePortal supports the QEMU patchset management. It is accessible from the <code>Patches / QEMUcare</code> navigation item. QEMU patches use the same Patch Source credentials, and you don&#39;t need to perform additional configuration.</p><p><img src="/images/eportal-qemu-feed.png" alt="qemu feed"></p><p>User interface for the QEMU patch management is the same as for KernelCare patches, and you can refer the <a href="https://docs.tuxcare.com/eportal/#patchset-deployment" target="_blank" rel="noopener noreferrer">PatchSet Deployment</a> documentation.</p><h4 id="cli-to-install-the-latest-patchsets" tabindex="-1"><a class="header-anchor" href="#cli-to-install-the-latest-patchsets" aria-hidden="true">#</a> CLI to install the latest patchsets</h4><p>To update the default feed, run the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kc.eportal qemu update
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To update the <code>test</code> feed, run the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kc.eportal qemu update --feed test
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>To update all auto-feeds, run the following command:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kc.eportal qemu auto-update
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h4 id="cli-to-deploy-patchset-from-archive" tabindex="-1"><a class="header-anchor" href="#cli-to-deploy-patchset-from-archive" aria-hidden="true">#</a> CLI to deploy patchset from archive</h4><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>$ kc.eportal qemu deploy --help
 usage: kc.eportal qemu deploy [-h] [--feed FEED] [--disabled] archive
 
 positional arguments:
@@ -262,11 +297,11 @@
   -h, --help   show this help message and exit
   --feed FEED  feed to deploy archive to
   --disabled   do not enable patchset after deploy
-</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>For example:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>kc.eportal qemu deploy --feed test /tmp/U20210818_01-qemu.tar.bz2
+</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>For example:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code># kc.eportal qemu deploy --feed test /tmp/U20210818_01-qemu.tar.bz2
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>This command will deploy and enable the <code>U20210818_01-qemu</code> patchset in to the <code>test</code> feed.</p><h2 id="vulnerability-scanner-integration-with-kernelcare" tabindex="-1"><a class="header-anchor" href="#vulnerability-scanner-integration-with-kernelcare" aria-hidden="true">#</a> Vulnerability Scanner Integration with KernelCare</h2><p>This document is made for developers of vulnerability scanners to correctly report live patched vulnerabilities as delivered by KernelCare. There are several approaches that vendors might take to identify vulnerabilities patched by KernelCare correctly.</p><h3 id="easiest-identifying-correctly-the-effective-kernel" tabindex="-1"><a class="header-anchor" href="#easiest-identifying-correctly-the-effective-kernel" aria-hidden="true">#</a> Easiest: Identifying correctly the effective kernel</h3><p>KernelCare provides &quot;effective kernel&quot; information in</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>/proc/kcare/effective_version
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>Security scanners can check if the file is present, and if it is, use it instead of /proc/version to identify the kernel. This will provide an effective kernel version from a security standpoint.</p><p>Alternatively, the command <code>/usr/bin/kcarectl --uname</code> can be run instead of the <code>uname</code> command to detect effective kernel version</p><h3 id="comprehensive-using-oval-data" tabindex="-1"><a class="header-anchor" href="#comprehensive-using-oval-data" aria-hidden="true">#</a> Comprehensive: Using OVAL data</h3><p>KernelCare comes with OVAL data that provides instructions to the scanner to identify the vulnerabilities addressed by the installed live patches. OVAL data are available for the operating systems supported by KernelCare Enterprise, including AlmaLinux, Red Hat Enterprise Linux, Oracle Linux, CentOS, Debian, and Ubuntu.</p><p>The OVAL data cover all KernelCare enterprise products and add-ons, including LibCare and QEMUCare.</p><p>The OVAL data for KernelCare live patching are available at <a href="https://patches.kernelcare.com/oval/" target="_blank" rel="noopener noreferrer">patches.kernelcare.com/oval</a>.</p><h3 id="comprehensive-local-using-the-local-cvelist-file-on-each-scanned-node" tabindex="-1"><a class="header-anchor" href="#comprehensive-local-using-the-local-cvelist-file-on-each-scanned-node" aria-hidden="true">#</a> Comprehensive &amp; local: Using the local CVELIST file on each scanned node</h3><p>KernelCare provides two files listing the vulnerabilities the currently installed live patches address. These files contain a list of CVEs separated by a new line.</p><p>The list of vulnerabilities addressed by Kernel live patches is available at:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>/proc/kcare/cvelist
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>The list of vulnerabilities addressed by system live patching (LibCare, QEMUCare, etc.) is available at:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>/var/cache/kcare/libcare_cvelist
 </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div></div><div class="page-edit"><div class="edit-link"><img src="/global/pen.svg" alt="icon pen"><a href="https://github.com/cloudlinux/tuxcare-documentation/tree/master/docs/live-patching-services/README.md" target="_blank" rel="noopener noreferrer">Edit this page</a></div></div><div class="back-to-top" data-v-1eb13e00><a class="nav-arrow top back-to-top__link" data-v-1eb13e00><span class="back-to-top__link-span" data-v-1eb13e00>Scroll up</span></a></div><!--[--><!--]--></div><!----><div class="footer footer-default-layout" data-v-0190e83e><div class="footer__img" data-v-0190e83e><a href="https://tuxcare.com" data-v-0190e83e><img src="/global/we-are-cloudlinux.svg" data-v-0190e83e></a></div><div class="footer-company-title" data-v-0190e83e>2023. CloudLinux Inc </div><div class="social" data-v-0190e83e><div class="social_links" data-v-0190e83e><!--[--><a href="https://cloudlinux.zendesk.com/hc/en-us/categories/360002375960-KernelCare" target="_blank" data-v-0190e83e>Knowledge base</a><a href="https://forum.cloudlinux.com/forum/tuxcare" target="_blank" data-v-0190e83e>Forum</a><a href="https://blog.tuxcare.com/" target="_blank" data-v-0190e83e>Blog</a><a href="https://www.cloudlinux.com/privacy-policy/" target="_blank" data-v-0190e83e>Privacy Policy</a><!--]--></div><span class="footer-social-text" data-v-0190e83e>Stay in touch</span><div class="social-icons-wrapper" data-v-0190e83e><!--[--><a class="social-icons-link" href="https://www.facebook.com/tuxcare/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/fb.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://twitter.com/tuxcare_/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/tw.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://linkedin.com/company/tuxcare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/in.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://www.youtube.com/@TuxCare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/ytube.png" alt="footer logo" data-v-0190e83e></a><!--]--></div></div></div></div><!----><!--]--></div>
-    <script type="module" src="/assets/app-566f9dfe.js" defer></script>
+    <script type="module" src="/assets/app-eec13f0a.js" defer></script>
   </body>
 </html>
diff --git a/service-descriptions/index.html b/service-descriptions/index.html
index 27d8127d..4ec6d45c 100644
--- a/service-descriptions/index.html
+++ b/service-descriptions/index.html
@@ -39,10 +39,10 @@
                     })();
                   </script><title>Service Descriptions</title><meta name="description" content="">
     <link rel="preload" href="/assets/style-9d49d80e.css" as="style"><link rel="stylesheet" href="/assets/style-9d49d80e.css">
-    <link rel="modulepreload" href="/assets/app-566f9dfe.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-822dc78a.js"><link rel="modulepreload" href="/assets/index.html-448a5efa.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-b5822e8c.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-a217ad23.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
+    <link rel="modulepreload" href="/assets/app-eec13f0a.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-822dc78a.js"><link rel="modulepreload" href="/assets/index.html-448a5efa.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-8a6bcf47.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-04b3e155.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
   </head>
   <body>
     <div id="app"><!--[--><div class="theme-container"><header class="navbar fixed"><div class="navbar-header"><div class="navbar-header__logo-wrapper"><a href="/" class="home-link"><img class="logo" src="/global/logo.svg" alt="logo header"></a><div class="header-layout__search-container header-mobile__hidden"><!----><form id="search-form" class="drawer-header__input"><input value="" id="algolia-search-input" placeholder="Search" class="header-layout__search-default"><div class="header-layout__search-icon-default"><img alt="search icon" src="/global/search.svg"></div></form><div><div class="drawer"><div class="drawer-header"><div class="drawer-header__wrapper"><h2 class="drawer-header__paragraph">How can we help you?</h2><div id="drawerSearch"></div></div><div class="drawer-cross"><img class="drawer-cross__img" src="/global/cross.svg" alt="cross"><p class="drawer-cross__text">close</p></div></div><div class="drawer-tabs__wrapper" data-v-c60e280a><!--[--><!--]--></div><main><div class="drawer-main"><div class="drawer-main__wrapper"><div class="drawer-main__breadcrumb"><!----></div><!--[--><!----><div style="--aa1be2ec:15;"><p class="no_results">What are you searching for?</p></div><!--]--></div></div><!----></main></div><!----></div></div></div><div class="links" style="max-width:nullpx;"><img class="navbar-header__mobile-search" src="/global/search.svg" alt="icon image"><div class="header-products-wrapper"><div class="dropdown"><!----><!----><div class="header-products-container"><img class="header-products-container__img" alt="hamburger menu" src="/global/hamburger-menu.svg"><p class="header-products-wrapper-paragraph">Products</p><img class="products-icon__default" width="10" height="8" src="/arrows/arrow-down.svg" alt="arrow down icon"></div></div></div><!--[--><a target="_blank" class="btn">Ask GPT?</a><a href="https://www.tuxcare.com/support-portal/" target="_blank" class="btn">Submit support request</a><a href="https://features.tuxcare.com/submit-idea/" target="_blank" class="btn">Submit your idea</a><!--]--></div></div><!----></header><!----><div class="page"><!--[--><!--]--><div class="breadcrumb-wrapper page-breadcrumb" data-v-9445381a><span class="breadcrumb-title" data-v-9445381a>Documentation:</span><!--[--><a aria-current="page" href="/service-descriptions/" class="router-link-active router-link-exact-active breadcrumb" data-v-9445381a>Service Descriptions</a><!--]--></div><img class="page-mobile__sidebar-menu" src="/global/sidebar-menu.svg" alt="sidebar hamburger menu"><div class="page-nav-wrapper"><!----></div><div class="content" custom="false"><h1 id="service-descriptions" tabindex="-1"><a class="header-anchor" href="#service-descriptions" aria-hidden="true">#</a> Service Descriptions</h1><h2 id="essential-and-enhanced-support" tabindex="-1"><a class="header-anchor" href="#essential-and-enhanced-support" aria-hidden="true">#</a> Essential and Enhanced Support</h2><p>The description of Essential and Enhanced Support for AlmaLinux systems can be found <a href="/enterprise-support-for-almalinux/#essential-and-enhanced-support" class="">here</a>.</p><h2 id="technical-account-manager" tabindex="-1"><a class="header-anchor" href="#technical-account-manager" aria-hidden="true">#</a> Technical Account Manager</h2><h3 id="technical-account-manager-tam" tabindex="-1"><a class="header-anchor" href="#technical-account-manager-tam" aria-hidden="true">#</a> Technical Account Manager (TAM)</h3><p>A Technical Account Manager (TAM) is an extension to TuxCare products to enhance product and support experience.</p><ul><li>TuxCare provides a technical account manager who can perform the following tasks for up to 8 hours per week.</li><li>Provides best-in-practice configuration assistance.</li><li>Provides product presentation and training.</li><li>Participate in calls every other week identifying and addressing the customer&#39;s operational issues related to the TuxCare products.</li><li>Organise multi-vendor issue coordination through TuxCare&#39;s partners when applicable.</li><li>The TAM is available for customer requests during regular working hours for the TAM. Outside working hours support is provided through regular TuxCare support.</li></ul><h3 id="dedicated-technical-account-manager-dtam" tabindex="-1"><a class="header-anchor" href="#dedicated-technical-account-manager-dtam" aria-hidden="true">#</a> Dedicated Technical Account Manager (dTAM)</h3><p>A dedicated Technical Account Manager (dTAM) is an extension to TuxCare products to enhance the product and support experience.</p><ul><li>TuxCare provides a dedicated technical account manager who can perform the following tasks for up to 40 hours per week.</li><li>Acts as a primary point of contact for all TuxCare product-related requests from the customer.</li><li>Provides best-in-practice configuration assistance.</li><li>Provides product presentation and training.</li><li>Can assume maintenance and configuration tasks of TuxCare products on the agreement.</li><li>Participate in calls every other week identifying and addressing the customer&#39;s operational issues related to the TuxCare products.</li><li>Organise multi-vendor issue coordination through TuxCare&#39;s partners when applicable.</li><li>Facilitate integration of customer&#39;s ticketing system with TuxCare&#39;s when applicable.</li><li>Attend applicable TuxCare training and development activities.</li><li>The dTAM is available for customer requests during regular working hours for the dTAM and is subject to TuxCare leave policies. Outside working hours support is provided through regular TuxCare support.</li><li>The dTAM will visit the customer&#39;s site annually or twice per year according to the agreement.</li><li>If the dTAM is on annual leave for more than 5 consequent days, TuxCare will assign a temporary account manager.</li></ul></div><div class="page-edit"><div class="edit-link"><img src="/global/pen.svg" alt="icon pen"><a href="https://github.com/cloudlinux/tuxcare-documentation/tree/master/docs/service-descriptions/README.md" target="_blank" rel="noopener noreferrer">Edit this page</a></div></div><div class="back-to-top" data-v-1eb13e00><a class="nav-arrow top back-to-top__link" data-v-1eb13e00><span class="back-to-top__link-span" data-v-1eb13e00>Scroll up</span></a></div><!--[--><!--]--></div><!----><div class="footer footer-default-layout" data-v-0190e83e><div class="footer__img" data-v-0190e83e><a href="https://tuxcare.com" data-v-0190e83e><img src="/global/we-are-cloudlinux.svg" data-v-0190e83e></a></div><div class="footer-company-title" data-v-0190e83e>2023. CloudLinux Inc </div><div class="social" data-v-0190e83e><div class="social_links" data-v-0190e83e><!--[--><a href="https://cloudlinux.zendesk.com/hc/en-us/categories/360002375960-KernelCare" target="_blank" data-v-0190e83e>Knowledge base</a><a href="https://forum.cloudlinux.com/forum/tuxcare" target="_blank" data-v-0190e83e>Forum</a><a href="https://blog.tuxcare.com/" target="_blank" data-v-0190e83e>Blog</a><a href="https://www.cloudlinux.com/privacy-policy/" target="_blank" data-v-0190e83e>Privacy Policy</a><!--]--></div><span class="footer-social-text" data-v-0190e83e>Stay in touch</span><div class="social-icons-wrapper" data-v-0190e83e><!--[--><a class="social-icons-link" href="https://www.facebook.com/tuxcare/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/fb.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://twitter.com/tuxcare_/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/tw.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://linkedin.com/company/tuxcare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/in.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://www.youtube.com/@TuxCare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/ytube.png" alt="footer logo" data-v-0190e83e></a><!--]--></div></div></div></div><!----><!--]--></div>
-    <script type="module" src="/assets/app-566f9dfe.js" defer></script>
+    <script type="module" src="/assets/app-eec13f0a.js" defer></script>
   </body>
 </html>
diff --git a/tuxcare-cln/index.html b/tuxcare-cln/index.html
index f657a919..28f29221 100644
--- a/tuxcare-cln/index.html
+++ b/tuxcare-cln/index.html
@@ -39,10 +39,10 @@
                     })();
                   </script><title>Subscription management portal</title><meta name="description" content="">
     <link rel="preload" href="/assets/style-9d49d80e.css" as="style"><link rel="stylesheet" href="/assets/style-9d49d80e.css">
-    <link rel="modulepreload" href="/assets/app-566f9dfe.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-f2b36c2b.js"><link rel="modulepreload" href="/assets/reports-c7f76afe.js"><link rel="modulepreload" href="/assets/index.html-55653af3.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-b5822e8c.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-a217ad23.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
+    <link rel="modulepreload" href="/assets/app-eec13f0a.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-f2b36c2b.js"><link rel="modulepreload" href="/assets/reports-c7f76afe.js"><link rel="modulepreload" href="/assets/index.html-55653af3.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-8a6bcf47.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-6c9650cc.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-04b3e155.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-c2cc080f.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
   </head>
   <body>
     <div id="app"><!--[--><div class="theme-container"><header class="navbar fixed"><div class="navbar-header"><div class="navbar-header__logo-wrapper"><a href="/" class="home-link"><img class="logo" src="/global/logo.svg" alt="logo header"></a><div class="header-layout__search-container header-mobile__hidden"><!----><form id="search-form" class="drawer-header__input"><input value="" id="algolia-search-input" placeholder="Search" class="header-layout__search-default"><div class="header-layout__search-icon-default"><img alt="search icon" src="/global/search.svg"></div></form><div><div class="drawer"><div class="drawer-header"><div class="drawer-header__wrapper"><h2 class="drawer-header__paragraph">How can we help you?</h2><div id="drawerSearch"></div></div><div class="drawer-cross"><img class="drawer-cross__img" src="/global/cross.svg" alt="cross"><p class="drawer-cross__text">close</p></div></div><div class="drawer-tabs__wrapper" data-v-c60e280a><!--[--><!--]--></div><main><div class="drawer-main"><div class="drawer-main__wrapper"><div class="drawer-main__breadcrumb"><!----></div><!--[--><!----><div style="--aa1be2ec:15;"><p class="no_results">What are you searching for?</p></div><!--]--></div></div><!----></main></div><!----></div></div></div><div class="links" style="max-width:nullpx;"><img class="navbar-header__mobile-search" src="/global/search.svg" alt="icon image"><div class="header-products-wrapper"><div class="dropdown"><!----><!----><div class="header-products-container"><img class="header-products-container__img" alt="hamburger menu" src="/global/hamburger-menu.svg"><p class="header-products-wrapper-paragraph">Products</p><img class="products-icon__default" width="10" height="8" src="/arrows/arrow-down.svg" alt="arrow down icon"></div></div></div><!--[--><a target="_blank" class="btn">Ask GPT?</a><a href="https://www.tuxcare.com/support-portal/" target="_blank" class="btn">Submit support request</a><a href="https://features.tuxcare.com/submit-idea/" target="_blank" class="btn">Submit your idea</a><!--]--></div></div><!----></header><!----><div class="page"><!--[--><!--]--><div class="breadcrumb-wrapper page-breadcrumb" data-v-9445381a><span class="breadcrumb-title" data-v-9445381a>Documentation:</span><!--[--><a aria-current="page" href="/tuxcare-cln/" class="router-link-active router-link-exact-active breadcrumb" data-v-9445381a>Subscription management portal</a><!--]--></div><img class="page-mobile__sidebar-menu" src="/global/sidebar-menu.svg" alt="sidebar hamburger menu"><div class="page-nav-wrapper"><!----></div><div class="content" custom="false"><h1 id="subscription-management-portal" tabindex="-1"><a class="header-anchor" href="#subscription-management-portal" aria-hidden="true">#</a> Subscription management portal</h1><p>The TuxCare subscription management portal is designed to easily manage your licenses of TuxCare products and services by means of a user-friendly interface.</p><h2 id="introduction" tabindex="-1"><a class="header-anchor" href="#introduction" aria-hidden="true">#</a> Introduction</h2><p>The following are available in TuxCare portal:</p><ul><li>Add, delete and edit licenses</li><li>Add, delete and edit servers</li><li>Choose payment methods and buy licenses</li><li>Track all the associated costs</li></ul><h3 id="create-new-account" tabindex="-1"><a class="header-anchor" href="#create-new-account" aria-hidden="true">#</a> Create new account</h3><p>If you are a first time user, go to <a href="https://portal.tuxcare.com/register/customer?originUrl=%2Fdashboard%2Fproducts" target="_blank" rel="noopener noreferrer">https://portal.tuxcare.com</a> and fill in the simple registration form to create your account. You will find your login and password in your welcome email.</p><h3 id="log-in" tabindex="-1"><a class="header-anchor" href="#log-in" aria-hidden="true">#</a> Log in</h3><p>Go to <a href="https://portal.tuxcare.com/auth/login?originUrl=%2Fdashboard%2Fproducts" target="_blank" rel="noopener noreferrer">https://portal.tuxcare.com</a> and sign in with your credentials.</p><h2 id="dashboard" tabindex="-1"><a class="header-anchor" href="#dashboard" aria-hidden="true">#</a> Dashboard</h2><p>Dashboard helps quickly navigate to your <em>Products</em>. It has the following tabs:</p><ul><li><a aria-current="page" href="/tuxcare-cln/#products" class="router-link-active router-link-exact-active">Products</a></li><li><a aria-current="page" href="/tuxcare-cln/#servers" class="router-link-active router-link-exact-active">Servers</a></li></ul><h3 id="products" tabindex="-1"><a class="header-anchor" href="#products" aria-hidden="true">#</a> Products</h3><p>Click <em>Dashboard</em>. You will be redirected to the <em>My Products</em> page.</p><p><img src="/images/dashboard.png" alt=""></p><p>The following actions are available:</p><ul><li><strong>Manage licenses and billing cycle</strong>. Click the link to contact our Sales team to change license quantity and product quota, and to manage the billing cycle.</li><li><strong>Manage activation keys</strong>. Shortcut to the <a aria-current="page" href="/tuxcare-cln/#activation-keys" class="router-link-active router-link-exact-active">Extended Support Services | Activation Keys</a> page.</li></ul><h3 id="servers" tabindex="-1"><a class="header-anchor" href="#servers" aria-hidden="true">#</a> Servers</h3><p>Click <em>Dashboard → Servers</em> to go to <em>All Servers</em> page. A list of all servers with installed products belonged to this account is available.</p><p><img src="/images/allservers.png" alt=""></p><p>The table includes all servers that have been activated in all products within the account. The table contains the following columns:</p><ul><li><strong>Server name</strong> — server hostname</li><li><strong>IP</strong> — server IP address</li><li><strong>Registered</strong> — a date when a server was activated. A server sends this information to TuxCare portal</li><li><strong>Group</strong> – server group (please refer to the <a href="https://docs.cln.cloudlinux.com/dashboard/#server-groups" target="_blank" rel="noopener noreferrer">TuxCare portal documentation</a> to find more information about server group)</li><li><strong>Installed products</strong> — shows a logo of a product activated on a server</li><li><strong>Actions</strong><ul><li>To remove an item, click on <img src="/images/remove.png" alt=""></li></ul></li></ul><p>Click the server name to show server details:</p><ul><li><strong>Installed products</strong> – the full name of the installed products</li><li><strong>Last check-in</strong> — the last date when a server successfully responded to check-in</li></ul><p>The following filters are available:</p><ul><li><strong>Product</strong> — click <em>Product</em> button and select one or more products</li><li><strong>Registered date</strong> — click <em>Registered date</em> to display a calendar where you can pick a date or a period to filter by</li><li><strong>Search</strong> — type a query. A search is performed in <em>Server name</em> and <em>Activation key</em> entities</li></ul><h2 id="live-patching-services" tabindex="-1"><a class="header-anchor" href="#live-patching-services" aria-hidden="true">#</a> Live Patching Services</h2><p>Click <em>Live Patching Services</em> You will be redirected to the <em>Server License Types</em> page.</p><p><img src="/images/serverlicensetypes.png" alt=""></p><p>Here you can see the number of server licenses and manage licenses and billing cycle by contacting TuxCare Sales team.</p><h2 id="extended-support-services" tabindex="-1"><a class="header-anchor" href="#extended-support-services" aria-hidden="true">#</a> Extended Support Services</h2><p>Click <em>Extended Support Services</em> You will be redirected to the <em>Server License Types</em> page.</p><p><img src="/images/serverlicensetypes1.png" alt=""></p><h3 id="server-license-types" tabindex="-1"><a class="header-anchor" href="#server-license-types" aria-hidden="true">#</a> Server License Types</h3><p>Here you can see the the number of server licenses for each product.</p><ul><li><strong>Manage servers</strong> – shortcut to the <a aria-current="page" href="/tuxcare-cln/#servers-2" class="router-link-active router-link-exact-active">Servers | Selected product</a> page</li><li><strong>Manage activation keys</strong> – shortcut to the <a aria-current="page" href="/tuxcare-cln/#activation-keys" class="router-link-active router-link-exact-active">Activation Keys | Selected product</a> page</li></ul><h3 id="activation-keys" tabindex="-1"><a class="header-anchor" href="#activation-keys" aria-hidden="true">#</a> Activation Keys</h3><p>Click <em>Extended Support Services → Activation Keys</em>. You will be redirected to the <em>Activation Keys</em> page.</p><p><img src="/images/activationkeys.png" alt=""></p><p><strong>Activation Key</strong> is a string of numbers and letters used to activate a product.</p><p>The table includes all activation keys for all products within the account. The table contains the following columns:</p><ul><li><strong>Activation key</strong> – is a string of numbers and letters used to activate a product</li><li><strong>License type</strong> — a type of server license that is used and determines a limit of server users</li><li><strong>Note</strong> — any information you’ve added to this activation key</li><li><strong>Servers (used/limits)</strong> – a number of servers that have already been activated with this key (used) and a total number of servers that can be registered with this particular key (limits)</li><li><strong>Tick</strong> – tick an activation key or keys to perform a remove action (use <img src="/images/delete.png" alt="">)</li></ul><div class="tip custom-block"><p class="custom-block-title">Note</p><p>The default activation key cannot be deleted.</p></div><p>The following filters are available:</p><ul><li><strong>Server limits</strong> — filter by server limit/unlimited</li><li><strong>License type</strong> — filter by license type</li></ul><p>Click an activation key to go to this <a aria-current="page" href="/tuxcare-cln/#activation-key-details" class="router-link-active router-link-exact-active">Activation Key Details</a> page.</p><h4 id="activation-keys-by-product" tabindex="-1"><a class="header-anchor" href="#activation-keys-by-product" aria-hidden="true">#</a> Activation Keys by product</h4><p>Click <em>Extended Support Services → Activation Keys → Product</em>. You will be redirected to the <em>Product Activation Keys</em> page.</p><p><img src="/images/productactivationkeypage.png" alt=""></p><ul><li>If there are no activation keys for the product, you can create one by clicking the <em>Create activation key</em>.</li><li>If there is the default activation key for the product, you can generate a new one by clicking the <em>Generate new activation key</em>. A new key will be created automatically and added to the table.</li><li>You can copy an activation key by clicking <em>Copy</em>.</li></ul><p>The table includes all activation keys for the product. The table contains the following columns:</p><ul><li><strong>Activation key</strong> – is a string of numbers and letters used to activate a product</li><li><strong>Note</strong> — any information you’ve added to this activation key</li><li><strong>Servers (used/limits)</strong> – a number of servers that have already been activated with this key (used) and a total number of servers that can be registered with this particular key (limits)</li></ul><p>To remove a key, select it and click <img src="/images/delete.png" alt="">.</p><p>The following filters are available:</p><ul><li><strong>Server limits</strong> — filter by server limit/unlimited</li><li><strong>Search</strong></li></ul><p>Click a key to go to the <em>Activation Key Details</em> page for this key.</p><h4 id="activation-key-details" tabindex="-1"><a class="header-anchor" href="#activation-key-details" aria-hidden="true">#</a> Activation Key Details</h4><p><img src="/images/activationkeydetails.png" alt=""></p><p>Here you can:</p><ul><li>See the activation key complete information</li><li>Edit key. Click <em>Edit key</em></li><li>Remove key. Click <img src="/images/delete1.png" alt=""></li><li>Review <em>Servers List</em></li></ul><p>The table includes all servers registered with the key. The table contains the following columns:</p><ul><li><strong>Server name</strong> — server hostname</li><li><strong>IP</strong> — server IP address</li><li><strong>Registered</strong> — a date when a server was activated. A server sends this information to TuxCare portal</li><li><strong>Last check-in</strong> — the last date when a server successfully responded to check-in</li></ul><p>The following filters are available:</p><ul><li><strong>Server limits</strong> — filter by server limit/unlimited</li><li><strong>Search field</strong></li></ul><h3 id="servers-1" tabindex="-1"><a class="header-anchor" href="#servers-1" aria-hidden="true">#</a> Servers</h3><p>Click <em>Extended Support Services → Servers</em>. You will be redirected to the <em>Servers</em> page.</p><p><img src="/images/servers.png" alt=""></p><p>The table includes all servers activated for all products within Extended Lifecycle Support. The table contains the following columns:</p><ul><li><strong>Server name</strong> — server hostname</li><li><strong>IP</strong> — server IP address</li><li><strong>Registered</strong> — a date when a server was activated. A server sends this information to TuxCare portal</li><li><strong>Installed products</strong> — shows a logo of a product activated on a server</li><li><strong>Actions</strong><ul><li>To remove an item, click on <img src="/images/remove.png" alt=""></li></ul></li></ul><p>Click the server name to show server details:</p><ul><li><strong>Installed products</strong> – the full name of the installed products</li><li><strong>Last check-in</strong> — the last date when a server successfully responded to check-in</li></ul><p>The following filters are available:</p><ul><li><strong>Product</strong> — click <em>Product</em> button and select one or more products</li><li><strong>Registered date</strong> — click <em>Registered date</em> to display a calendar where you can pick a date or a period to filter by</li><li><strong>Search</strong> — type a query</li></ul><h4 id="servers-by-product" tabindex="-1"><a class="header-anchor" href="#servers-by-product" aria-hidden="true">#</a> Servers by product</h4><p>Click <em>Extended Support Services → Servers → Product</em>. You will be redirected to the <em>Product Servers</em> page.</p><p><img src="/images/productservers.png" alt=""></p><p>The table includes all servers activated for the product within Extended Lifecycle Support. The table contains the following columns:</p><ul><li><strong>Server name</strong> — server hostname</li><li><strong>IP</strong> — server IP address</li><li><strong>Registered</strong> — a date when a server was activated. A server sends this information to TuxCare portal</li><li><strong>Installed products</strong> — shows a logo of a product activated on a server</li><li><strong>Actions</strong><ul><li>To remove an item, click on <img src="/images/remove.png" alt=""></li></ul></li></ul><p>Click the server name to show server details:</p><ul><li><strong>Installed products</strong> – the full name of the installed products</li><li><strong>Last check-in</strong> — the last date when a server successfully responded to check-in</li></ul><p>The following filters are available:</p><ul><li><strong>Registered date</strong> — click <em>Registered date</em> to display a calendar where you can pick a date or a period to filter by</li><li><strong>Search</strong> — type a query</li></ul><p>You can download the servers list by clicking the <em>Get servers list</em>.</p><h2 id="billing" tabindex="-1"><a class="header-anchor" href="#billing" aria-hidden="true">#</a> Billing</h2><h3 id="balance-and-top-up" tabindex="-1"><a class="header-anchor" href="#balance-and-top-up" aria-hidden="true">#</a> Balance and Top up</h3><p>Click <em>Billing</em>, you will be redirected to the <em>Balance and Top up</em> page.</p><p><img src="/images/billingmain.png" alt=""></p><p>Here you find the following:</p><ul><li>your current plan and prices</li><li>your balance</li></ul><p>You can top up your account by entering the amount and clicking <em>Top up</em>.</p><h3 id="payment-methods" tabindex="-1"><a class="header-anchor" href="#payment-methods" aria-hidden="true">#</a> Payment methods</h3><p>Click <em>Billing → Payment methods</em>, you will be redirected to the <em>Payment methods</em> page.</p><p>The following tabs are available:</p><ul><li><strong>Billing information</strong></li><li><strong>Payment methods</strong></li><li><strong>Autopayment</strong></li></ul><h4 id="billing-information" tabindex="-1"><a class="header-anchor" href="#billing-information" aria-hidden="true">#</a> Billing information</h4><p><img src="/images/billingcontacts.png" alt=""></p><p>Here, you can change your email for billing. Click <em>Save</em> to apply changes.</p><h4 id="payment-methods-1" tabindex="-1"><a class="header-anchor" href="#payment-methods-1" aria-hidden="true">#</a> Payment methods</h4><p><img src="/images/paymentmethods.png" alt=""></p><p>Here, you can manage your payment method. Click <em>Save</em> to apply changes.</p><h4 id="autopayment" tabindex="-1"><a class="header-anchor" href="#autopayment" aria-hidden="true">#</a> Autopayment</h4><p><img src="/images/autopayment.png" alt=""></p><p>Here, you can change your autopayment type:</p><ul><li>Auto add funds</li><li>Auto repay</li><li>Do not add funds automatically</li></ul><p>Click <em>Save</em> to apply changes.</p><h3 id="invoices" tabindex="-1"><a class="header-anchor" href="#invoices" aria-hidden="true">#</a> Invoices</h3><p><img src="/images/invoices.png" alt=""></p><p>The table contains the followings columns:</p><ul><li><strong>Invoice id</strong> – unique invoice number</li><li><strong>Created</strong> — invoice issue date.</li><li><strong>Type</strong> – type of payment: invoice or payment received</li><li><strong>Pay period</strong> – the start date of the period for which the invoice was issued</li><li><strong>Total</strong> — a total amount received/need to pay</li><li><strong>Balance</strong> – the current balance</li><li><strong>Actions</strong> — the following actions are available: <ul><li><strong>View invoice</strong> — click <img src="/images/eye.png" alt=""> to view invoice in-details. It opens in a new popup.</li><li><strong>Download invoice</strong> — click <img src="/images/download.png" alt=""> to download an invoice.</li></ul></li></ul><p>Click <img src="/images/details.png" alt=""> to view the invoice details.</p><h2 id="settings" tabindex="-1"><a class="header-anchor" href="#settings" aria-hidden="true">#</a> Settings</h2><p>To go to account details, click <em>User</em> icon → <em>Settings</em> in the top right corner. You will be redirected to the <em>Account details</em> page.</p><p><img src="/images/accountsettings.png" alt=""></p><h3 id="account-details" tabindex="-1"><a class="header-anchor" href="#account-details" aria-hidden="true">#</a> Account details</h3><p>The following tabs are available:</p><ul><li>Personal information</li><li>Company information</li><li>Billing contact information</li></ul><h4 id="personal-information" tabindex="-1"><a class="header-anchor" href="#personal-information" aria-hidden="true">#</a> Personal information</h4><p><img src="/images/personalinformation.png" alt=""></p><p>All fields marked * are required.</p><ul><li><strong>API secret key</strong> – use this key with TuxCare portal API</li><li><strong>IM Upgrade URL</strong> – URL for upgrade Imunify products if it is not the default one</li></ul><p>To change the password, click <em>Change password</em>.</p><p>To enable two-factor authentication, move the slider to <em>On</em>.</p><p>Click <em>Save</em> to apply changes.</p><h4 id="company-information" tabindex="-1"><a class="header-anchor" href="#company-information" aria-hidden="true">#</a> Company information</h4><p><img src="/images/companyinformation.png" alt=""></p><p>Click <em>Save</em> to apply changes.</p><h4 id="billing-contact-information" tabindex="-1"><a class="header-anchor" href="#billing-contact-information" aria-hidden="true">#</a> Billing contact information</h4><p><img src="/images/billinginformation.png" alt=""></p><p>Click <em>Save</em> to apply changes.</p><h3 id="account-sublogins" tabindex="-1"><a class="header-anchor" href="#account-sublogins" aria-hidden="true">#</a> Account sublogins</h3><p>You can create additional logins for your account in the form of the email address. The sub login can have any role with different permissions listed below. A master Server Administrator account has the full scope of permissions; this role can create account sub logins.</p><p><img src="/images/accountsublogins.png" alt=""></p><p>Click <em>Save</em> to apply changes.</p><h4 id="roles" tabindex="-1"><a class="header-anchor" href="#roles" aria-hidden="true">#</a> Roles</h4><h4 id="full-access-admin" tabindex="-1"><a class="header-anchor" href="#full-access-admin" aria-hidden="true">#</a> Full Access/Admin</h4><ul><li>View products</li><li>View servers/licenses information</li><li>Reporting</li><li>Add/delete servers</li><li>Create activation keys</li><li>Order/delete licenses</li><li>View invoices</li><li>View billing information</li><li>Edit credit cards information</li><li>Edit account information</li><li>Edit billing information/top up for reseller</li><li>View prices</li><li>View account information</li><li>Change password</li></ul><h4 id="billing-1" tabindex="-1"><a class="header-anchor" href="#billing-1" aria-hidden="true">#</a> Billing</h4><ul><li>View products</li><li>View server&#39;s/licenses information</li><li>View invoices</li><li>View billing information</li><li>Edit credit cards information</li><li>Edit account information</li><li>Edit billing information/top up for reseller</li><li>View prices</li><li>View account information</li></ul><h4 id="server-and-license-management" tabindex="-1"><a class="header-anchor" href="#server-and-license-management" aria-hidden="true">#</a> Server and License Management</h4><ul><li>View products</li><li>View server&#39;s/licenses information</li><li>Reporting</li><li>Add/delete servers</li><li>Create activation keys</li><li>Order/delete licenses</li></ul><h4 id="server-management-only" tabindex="-1"><a class="header-anchor" href="#server-management-only" aria-hidden="true">#</a> Server Management Only</h4><ul><li>View products</li><li>View server&#39;s/licenses information</li><li>Reporting</li><li>Add/delete servers</li><li>Create activation keys</li></ul><h4 id="read-only-—-billing" tabindex="-1"><a class="header-anchor" href="#read-only-—-billing" aria-hidden="true">#</a> Read Only — Billing</h4><ul><li>View products</li><li>View server&#39;s/licenses information</li><li>Reporting</li><li>View invoices</li><li>View billing information</li></ul><h4 id="read-only-—-server-management" tabindex="-1"><a class="header-anchor" href="#read-only-—-server-management" aria-hidden="true">#</a> Read Only — Server Management</h4><ul><li>View products</li><li>View server&#39;s/licenses information</li><li>Reporting</li></ul><h3 id="reports" tabindex="-1"><a class="header-anchor" href="#reports" aria-hidden="true">#</a> Reports</h3><p>It is possible to set reports receiving for an account to the desired email address.</p><p><img src="/images/reports.png" alt=""></p><p>To add a new report configuration, click <em>Add config</em>.</p></div><div class="page-edit"><div class="edit-link"><img src="/global/pen.svg" alt="icon pen"><a href="https://github.com/cloudlinux/tuxcare-documentation/tree/master/docs/tuxcare-cln/README.md" target="_blank" rel="noopener noreferrer">Edit this page</a></div></div><div class="back-to-top" data-v-1eb13e00><a class="nav-arrow top back-to-top__link" data-v-1eb13e00><span class="back-to-top__link-span" data-v-1eb13e00>Scroll up</span></a></div><!--[--><!--]--></div><!----><div class="footer footer-default-layout" data-v-0190e83e><div class="footer__img" data-v-0190e83e><a href="https://tuxcare.com" data-v-0190e83e><img src="/global/we-are-cloudlinux.svg" data-v-0190e83e></a></div><div class="footer-company-title" data-v-0190e83e>2023. CloudLinux Inc </div><div class="social" data-v-0190e83e><div class="social_links" data-v-0190e83e><!--[--><a href="https://cloudlinux.zendesk.com/hc/en-us/categories/360002375960-KernelCare" target="_blank" data-v-0190e83e>Knowledge base</a><a href="https://forum.cloudlinux.com/forum/tuxcare" target="_blank" data-v-0190e83e>Forum</a><a href="https://blog.tuxcare.com/" target="_blank" data-v-0190e83e>Blog</a><a href="https://www.cloudlinux.com/privacy-policy/" target="_blank" data-v-0190e83e>Privacy Policy</a><!--]--></div><span class="footer-social-text" data-v-0190e83e>Stay in touch</span><div class="social-icons-wrapper" data-v-0190e83e><!--[--><a class="social-icons-link" href="https://www.facebook.com/tuxcare/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/fb.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://twitter.com/tuxcare_/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/tw.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://linkedin.com/company/tuxcare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/in.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://www.youtube.com/@TuxCare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/ytube.png" alt="footer logo" data-v-0190e83e></a><!--]--></div></div></div></div><!----><!--]--></div>
-    <script type="module" src="/assets/app-566f9dfe.js" defer></script>
+    <script type="module" src="/assets/app-eec13f0a.js" defer></script>
   </body>
 </html>
diff --git a/tuxcare/index.html b/tuxcare/index.html
index 600844ec..a6ac4f49 100644
--- a/tuxcare/index.html
+++ b/tuxcare/index.html
@@ -39,10 +39,10 @@
                     })();
                   </script><title>TuxCare</title><meta name="description" content="">
     <link rel="preload" href="/assets/style-9d49d80e.css" as="style"><link rel="stylesheet" href="/assets/style-9d49d80e.css">
-    <link rel="modulepreload" href="/assets/app-566f9dfe.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-c2cc080f.js"><link rel="modulepreload" href="/assets/index.html-6c9650cc.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-b5822e8c.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-a217ad23.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
+    <link rel="modulepreload" href="/assets/app-eec13f0a.js"><link rel="modulepreload" href="/assets/framework-0ba8e1ea.js"><link rel="modulepreload" href="/assets/index.html-c2cc080f.js"><link rel="modulepreload" href="/assets/index.html-6c9650cc.js"><link rel="prefetch" href="/assets/index.html-e8171bcc.js" as="script"><link rel="prefetch" href="/assets/index.html-dd83167f.js" as="script"><link rel="prefetch" href="/assets/index.html-c138238f.js" as="script"><link rel="prefetch" href="/assets/index.html-ae0b2092.js" as="script"><link rel="prefetch" href="/assets/index.html-998f6864.js" as="script"><link rel="prefetch" href="/assets/index.html-3b4a4f38.js" as="script"><link rel="prefetch" href="/assets/index.html-092f14d9.js" as="script"><link rel="prefetch" href="/assets/index.html-e1c111f0.js" as="script"><link rel="prefetch" href="/assets/index.html-8a6bcf47.js" as="script"><link rel="prefetch" href="/assets/index.html-448a5efa.js" as="script"><link rel="prefetch" href="/assets/index.html-55653af3.js" as="script"><link rel="prefetch" href="/assets/index.html-a16753b4.js" as="script"><link rel="prefetch" href="/assets/index.html-71fb4d10.js" as="script"><link rel="prefetch" href="/assets/index.html-bfb306f5.js" as="script"><link rel="prefetch" href="/assets/index.html-04265117.js" as="script"><link rel="prefetch" href="/assets/index.html-c09eba5b.js" as="script"><link rel="prefetch" href="/assets/index.html-45ca0bbf.js" as="script"><link rel="prefetch" href="/assets/index.html-070c63b3.js" as="script"><link rel="prefetch" href="/assets/index.html-270136ce.js" as="script"><link rel="prefetch" href="/assets/index.html-e424f433.js" as="script"><link rel="prefetch" href="/assets/404.html-e0575d4e.js" as="script"><link rel="prefetch" href="/assets/index.html-5be4a58a.js" as="script"><link rel="prefetch" href="/assets/index.html-3565e0af.js" as="script"><link rel="prefetch" href="/assets/index.html-da6a5cef.js" as="script"><link rel="prefetch" href="/assets/index.html-8e531858.js" as="script"><link rel="prefetch" href="/assets/index.html-2bee62b8.js" as="script"><link rel="prefetch" href="/assets/index.html-6fea13c2.js" as="script"><link rel="prefetch" href="/assets/index.html-84b523eb.js" as="script"><link rel="prefetch" href="/assets/index.html-f8b8c896.js" as="script"><link rel="prefetch" href="/assets/index.html-04b3e155.js" as="script"><link rel="prefetch" href="/assets/index.html-822dc78a.js" as="script"><link rel="prefetch" href="/assets/index.html-f2b36c2b.js" as="script"><link rel="prefetch" href="/assets/index.html-63823c79.js" as="script"><link rel="prefetch" href="/assets/index.html-527a5e84.js" as="script"><link rel="prefetch" href="/assets/index.html-1738772c.js" as="script"><link rel="prefetch" href="/assets/index.html-3e49682f.js" as="script"><link rel="prefetch" href="/assets/index.html-815d4f25.js" as="script"><link rel="prefetch" href="/assets/index.html-84c31207.js" as="script"><link rel="prefetch" href="/assets/index.html-862975e7.js" as="script"><link rel="prefetch" href="/assets/index.html-9a9ef1ef.js" as="script"><link rel="prefetch" href="/assets/index.html-c0147096.js" as="script"><link rel="prefetch" href="/assets/404.html-3b82156f.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-de7e3b59.js" as="script"><link rel="prefetch" href="/assets/docsearch.min-49eb4b49.js" as="script"><link rel="prefetch" href="/assets/vue-bot-ui.common-605c2d08.js" as="script">
   </head>
   <body>
     <div id="app"><!--[--><div class="theme-container"><header class="navbar fixed"><div class="navbar-header"><div class="navbar-header__logo-wrapper"><a href="/" class="home-link"><img class="logo" src="/global/logo.svg" alt="logo header"></a><div class="header-layout__search-container header-mobile__hidden"><!----><form id="search-form" class="drawer-header__input"><input value="" id="algolia-search-input" placeholder="Search" class="header-layout__search-default"><div class="header-layout__search-icon-default"><img alt="search icon" src="/global/search.svg"></div></form><div><div class="drawer"><div class="drawer-header"><div class="drawer-header__wrapper"><h2 class="drawer-header__paragraph">How can we help you?</h2><div id="drawerSearch"></div></div><div class="drawer-cross"><img class="drawer-cross__img" src="/global/cross.svg" alt="cross"><p class="drawer-cross__text">close</p></div></div><div class="drawer-tabs__wrapper" data-v-c60e280a><!--[--><!--]--></div><main><div class="drawer-main"><div class="drawer-main__wrapper"><div class="drawer-main__breadcrumb"><!----></div><!--[--><!----><div style="--aa1be2ec:15;"><p class="no_results">What are you searching for?</p></div><!--]--></div></div><!----></main></div><!----></div></div></div><div class="links" style="max-width:nullpx;"><img class="navbar-header__mobile-search" src="/global/search.svg" alt="icon image"><div class="header-products-wrapper"><div class="dropdown"><!----><!----><div class="header-products-container"><img class="header-products-container__img" alt="hamburger menu" src="/global/hamburger-menu.svg"><p class="header-products-wrapper-paragraph">Products</p><img class="products-icon__default" width="10" height="8" src="/arrows/arrow-down.svg" alt="arrow down icon"></div></div></div><!--[--><a target="_blank" class="btn">Ask GPT?</a><a href="https://www.tuxcare.com/support-portal/" target="_blank" class="btn">Submit support request</a><a href="https://features.tuxcare.com/submit-idea/" target="_blank" class="btn">Submit your idea</a><!--]--></div></div><!----></header><!----><div class="page"><!--[--><!--]--><div class="breadcrumb-wrapper page-breadcrumb" data-v-9445381a><span class="breadcrumb-title" data-v-9445381a>Documentation:</span><!--[--><a aria-current="page" href="/tuxcare/" class="router-link-active router-link-exact-active breadcrumb" data-v-9445381a>TuxCare</a><!--]--></div><img class="page-mobile__sidebar-menu" src="/global/sidebar-menu.svg" alt="sidebar hamburger menu"><div class="page-nav-wrapper"><!----></div><div class="content" custom="false"><h1 id="tuxcare" tabindex="-1"><a class="header-anchor" href="#tuxcare" aria-hidden="true">#</a> TuxCare</h1><p>The TuxCare services automate, simplify, and enhance Linux operations, giving organizations more flexibility in managing Linux distro choices and versions, significant maintenance cost reductions, and greatly enhanced security and compliance postures.</p><p>TuxCare, which is an expansion of the CloudLinux’s KernelCare and Extended Lifecycle Support brands, helps organizations take care of support, maintenance, and security for Enterprise Linux systems.</p><p>With <a href="/live-patching-services/" class="">TuxCare Live Patching Services</a>, Linux kernels, libraries, databases, virtualizations and IoT devices receive automated security patches applied with zero downtime.</p><p>Using the <a href="/extended-lifecycle-support/" class="">TuxCare Extended Lifecycle Support</a> services, you can migrate to the newest version of Linux at your own pace while maintaining protection from the common risks of running an end-of-life distro.</p><p><a href="/enterprise-support-for-almalinux/" class="">Enterprise Support for AlmaLinux</a> provides a TuxCare-vetted repository of AlmaLinux updates with 16 years of support coverage, delivers an extension of an additional 4.5 years of security fixes for Critical and High-risk vulnerabilities and FIPS-compliant security patches for select AlmaLinux minor versions, minimizes vulnerability windows with rebootless security patches and helps to avoid costly upfront support package fees with pay-as-you-go hourly support bundles.</p><p>TuxCare provides the AlmaLinux community with FIPS 140-3 certification for AlmaLinux 9.2. Organizations requiring FIPS-certified AlmaLinux deployments or those operating under compliance regimes with similar requirements (e.g., PCI DSS, HIPAA) can download and install <a href="/enterprise-support-for-almalinux/fips/" class="">FIPS-validated cryptographic packages for AlmaLinux 9.2</a> (including the kernel and OpenSSL) for free.</p></div><div class="page-edit"><div class="edit-link"><img src="/global/pen.svg" alt="icon pen"><a href="https://github.com/cloudlinux/tuxcare-documentation/tree/master/docs/tuxcare/README.md" target="_blank" rel="noopener noreferrer">Edit this page</a></div></div><div class="back-to-top" data-v-1eb13e00><a class="nav-arrow top back-to-top__link" data-v-1eb13e00><span class="back-to-top__link-span" data-v-1eb13e00>Scroll up</span></a></div><!--[--><!--]--></div><!----><div class="footer footer-default-layout" data-v-0190e83e><div class="footer__img" data-v-0190e83e><a href="https://tuxcare.com" data-v-0190e83e><img src="/global/we-are-cloudlinux.svg" data-v-0190e83e></a></div><div class="footer-company-title" data-v-0190e83e>2023. CloudLinux Inc </div><div class="social" data-v-0190e83e><div class="social_links" data-v-0190e83e><!--[--><a href="https://cloudlinux.zendesk.com/hc/en-us/categories/360002375960-KernelCare" target="_blank" data-v-0190e83e>Knowledge base</a><a href="https://forum.cloudlinux.com/forum/tuxcare" target="_blank" data-v-0190e83e>Forum</a><a href="https://blog.tuxcare.com/" target="_blank" data-v-0190e83e>Blog</a><a href="https://www.cloudlinux.com/privacy-policy/" target="_blank" data-v-0190e83e>Privacy Policy</a><!--]--></div><span class="footer-social-text" data-v-0190e83e>Stay in touch</span><div class="social-icons-wrapper" data-v-0190e83e><!--[--><a class="social-icons-link" href="https://www.facebook.com/tuxcare/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/fb.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://twitter.com/tuxcare_/" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/tw.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://linkedin.com/company/tuxcare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/in.png" alt="footer logo" data-v-0190e83e></a><a class="social-icons-link" href="https://www.youtube.com/@TuxCare" target="_blank" data-v-0190e83e><img class="social-icons-link-img" src="/footer-social/ytube.png" alt="footer logo" data-v-0190e83e></a><!--]--></div></div></div></div><!----><!--]--></div>
-    <script type="module" src="/assets/app-566f9dfe.js" defer></script>
+    <script type="module" src="/assets/app-eec13f0a.js" defer></script>
   </body>
 </html>