forked from canonical/ubuntu-pro-client
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathubuntu-advantage.1
92 lines (88 loc) · 2.36 KB
/
ubuntu-advantage.1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
.TH UBUNTU-ADVANTAGE 1 "28 April 2017" "" ""
.SH NAME
ubuntu-advantage \- Enable or disable Ubuntu Advantage offerings from
Canonical.
.SH SYNOPSIS
.B ubuntu-advantage
<command> [parameters]
.TP
.B ua
<command> [parameters]
.SH DESCRIPTION
This tool is used to enable or disable specific Ubuntu Advantage offerings
from Canonical. The available modules and their commands are described below.
It must be run with root privileges.
.TP
.B
status
Show the status of Ubuntu Advantage offerings.
.SH ESM (Extended Security Maintenance)
Ubuntu Extended Security Maintenance archive. See https://ubuntu.com/esm for
more information.
.TP
.B
enable-esm \fItoken\fR
Enable the ESM repository. The \fItoken\fR argument must be in the form
"user:password".
.TP
.B
disable-esm
Disable the ESM repository.
.SH Livepatch (Canonical Livepatch Service)
Managed live kernel patching. For more information, visit
https://www.ubuntu.com/server/livepatch
.TP
.B
enable-livepatch \fI<token>\fR
Enable the Livepatch service. The \fItoken\fR can be obtained by visiting
https://ubuntu.com/livepatch
.TP
.B
disable-livepatch \fR[\fB\-r\fR]
Disable the Livepatch service. If the \fB\-r\fR option is given, the
canonical-livepatch snap will be removed after the sevice is disabled.
.SH FIPS (Canonical FIPS 140-2 certified modules)
Install, Configure, and Enable FIPS 140-2 certified modules.
.TP
.B
enable-fips \fItoken\fR
Enable the FIPS PPA repository, install the FIPS modules, configure
the bootloader and enable fips on the system. After successfully executing the
ubuntu-advantage script to enable fips, the system MUST be rebooted to
complete the enablement process. Failing to reboot will result in the system
not being fips enabled.
The \fItoken\fR argument must be in the form "user:password".
The following FIPS certified modules will be installed and put in fips mode;
openssh-server, openssh-client, strongswan, openssl, and the kernel
cryptoapi.
.SH EXIT STATUS
.TP
.B
0
Command succeded
.TP
.B
1
Invalid command or option
.TP
.B
2
Current user is not root
.TP
.B
3
Invalid or missing token when enabling a service
.TP
.B
4
The requested service not supported on the current Ubuntu release
.TP
.B
5
Current kernel is too old to support Snaps (required for the Livepatch service)
.TP
.B
6
It was determined that FIPS has already been installed.
.TP
If apt commands run by the tool fail, the exit status from apt is returned.