Univention Bugzilla – Bug 51769
Provide "prune old kernel" for all kernel updates
Last modified: 2020-10-21 14:54:35 CEST
We offer a "prune old kernel" feature during major and minor release upgrades via the postup.sh script. We should also offer the possibility to do this outside of major/minor upgrades: 1) Provide a tool on the sytem that removes all kernel versions except the one that is currently running 2) Run this tool optionally (UCR variable) before every new kernel installation (even errata updates)
base/univention-updater/script/preup.sh list_passive_kernels () { ... } get_latest_kernel_pkg () { ... } pruneOldKernel () { ... } Or see Bug #32166 comment 2 or Bug #37144 comment 1 or <https://hutten.knut.univention.de/blog/suche-mit-aptitude/> Or test/utils/vm-ucs-image-check → check_kernel() #!/usr/bin/python2 from os import uname from apt import Cache PREFIX = 'linux-image-' cache = Cache() cur = {PREFIX + uname()[2] + suffix for suffix in {'', '-signed'}} top = {'univention-kernel-image', PREFIX + 'amd64', PREFIX + '686-pae'} meta = [ pkg.installed for pkg in ( cache[pkg] for pkg in top if pkg in cache ) if pkg.is_installed ] keep = { dep.name for pkg in meta for alt in pkg.dependencies for dep in alt if dep.name.startswith(PREFIX) } | cur | top cache.clear() for pkg in cache: if pkg.name.startswith(PREFIX) and pkg.is_installed and pkg.name not in keep: pkg.mark_delete(purge=True) cache.commit()
UCS-5 already contains /usr/sbin/univention-prune-kernels. Works with both Python 2 and 3. It would help if we could already include it with UCS-4.x as this would allow us to remove the now duplicated code from preup.sh and call that script instead.
[4.4-6] 1c1429e21d Bug #51769 up: Add univention-kernel-prune base/univention-updater/debian/changelog | 6 ++ .../debian/univention-updater.install | 1 + .../script/univention-prune-kernels | 97 ++++++++++++++++++++++ doc/errata/staging/univention-updater.yaml | 11 +++ 4 files changed, 115 insertions(+) Package: univention-updater Version: 14.0.3-3A~4.4.0.202010051531 Branch: ucs_4.4-0 Scope: errata4.4-6 [4.4-6] b3b6cd981a Bug #51769: univention-updater 14.0.3-3A~4.4.0.202010051531 doc/errata/staging/univention-updater.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) QA: ~/univention-prune-kernels --verbose --dry-run QA: ~/univention-prune-kernels --verbose FYI: The code is already part of UCS-5.0-0 but using Python 3 there.
I added more kernel variants to the exception list and added another message to be more verbose which kernels will be kept. [5.0-0 093b06961b] Bug #51769: univention-kernel-prune [4.4-6 f41e6cc9c5] Bug #51769: univention-kernel-prune [4.4-6 05c1b4600d] Bug #51769: Changelog [4.4-6 5fbcf62e9b] Bug #51769: yaml What I tested: Prune old kernels -> OK Boot into older kernel -> Currently booted and newest kernel are kept -> OK yaml -> OK Note: I was thinking if we need another safety net to ensure that at least one kernel will always be kept. But dpkg already gives a warning before removing the currently booted kernel, that should be enough.
<https://errata.software-univention.de/#/?erratum=4.4x780>