[pve-devel] [PATCH kernel-meta] efiboot/autorm functions: ignore running kernel if it was removed

Thu Nov 7 20:46:01 CET 2019

In the case were someone removes the current kernel we do not can
"keep" it anymore. While this was obviously no issue for the
autoremoval logic, it is an issue for the pve-efiboot-tool refresh
command, which reuses this helper to see which kernels it needs to
keep on the ESP.

Without this a running kernel was never removed from the EFI System
Partitions if de-installed from a host, so if it sorted as newest one
it was then booted again, which naturally confuses users (it was just
removed!!). So to ensure that we cannot get such zombie kernels
ensure that only installed kernels are included in the list.

Signed-off-by: Thomas Lamprecht <t.lamprecht at proxmox.com>
---

still not enough to make it fully work, as a previous fix (initrd entry removal
from /proc/cmdline) doesn't work with `mawk` AWK (the default) but only with
`gawk` as it uses GNU AWK extensions

 efiboot/functions | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/efiboot/functions b/efiboot/functions
index a179713..b804fb9 100755
--- a/efiboot/functions
+++ b/efiboot/functions
@@ -14,7 +14,7 @@ PMX_LOADER_CONF="loader/loader.conf"
 # debian's apt package:
 #
 # Mark as not-for-autoremoval those kernel packages that are:
-#  - the currently booted version
+#  - the currently booted version, if still installed
 #  - the kernel version we've been called for
 #  - the latest kernel version (as determined by debian version number)
 #  - the second-latest kernel version
@@ -37,6 +37,11 @@ kernel_keep_versions() {
 	# ignore the currently running version if attempting a reproducible build
 	if [ -n "${SOURCE_DATE_EPOCH}" ]; then
 		running_version=""
+	elif [ ! -e "/boot/vmlinuz-$running_version" ]; then
+		# ignore the current version if it got removed, the "auto-remove" logic
+		# will not be affected, because either it is installed and thus we keep
+		# it in the list, or it's already removed anyway
+		running_version=""
 	fi
 
 	latest_2_versions="$(echo "$sorted_list" | grep -E '^[^ ]+-pve' | head -n2 )"
-- 
2.20.1



