[pve-devel] applied: [PATCH kernel-meta] efiboot/autorm functions: ignore running kernel if it was removed

Fri Nov 8 14:33:26 CET 2019

On 11/7/19 8:46 PM, Thomas Lamprecht wrote:
> In the case were someone removes the current kernel we do not can
> "keep" it anymore. While this was obviously no issue for the
> autoremoval logic, it is an issue for the pve-efiboot-tool refresh
> command, which reuses this helper to see which kernels it needs to
> keep on the ESP.
> 
> Without this a running kernel was never removed from the EFI System
> Partitions if de-installed from a host, so if it sorted as newest one
> it was then booted again, which naturally confuses users (it was just
> removed!!). So to ensure that we cannot get such zombie kernels
> ensure that only installed kernels are included in the list.
> 
> Signed-off-by: Thomas Lamprecht <t.lamprecht at proxmox.com>
> ---
> 
> still not enough to make it fully work, as a previous fix (initrd entry removal
> from /proc/cmdline) doesn't work with `mawk` AWK (the default) but only with
> `gawk` as it uses GNU AWK extensions
> 
>  efiboot/functions | 7 ++++++-
>  1 file changed, 6 insertions(+), 1 deletion(-)
> 
> diff --git a/efiboot/functions b/efiboot/functions
> index a179713..b804fb9 100755
> --- a/efiboot/functions
> +++ b/efiboot/functions
> @@ -14,7 +14,7 @@ PMX_LOADER_CONF="loader/loader.conf"
>  # debian's apt package:
>  #
>  # Mark as not-for-autoremoval those kernel packages that are:
> -#  - the currently booted version
> +#  - the currently booted version, if still installed
>  #  - the kernel version we've been called for
>  #  - the latest kernel version (as determined by debian version number)
>  #  - the second-latest kernel version
> @@ -37,6 +37,11 @@ kernel_keep_versions() {
>  	# ignore the currently running version if attempting a reproducible build
>  	if [ -n "${SOURCE_DATE_EPOCH}" ]; then
>  		running_version=""
> +	elif [ ! -e "/boot/vmlinuz-$running_version" ]; then
> +		# ignore the current version if it got removed, the "auto-remove" logic
> +		# will not be affected, because either it is installed and thus we keep
> +		# it in the list, or it's already removed anyway
> +		running_version=""
>  	fi
>  
>  	latest_2_versions="$(echo "$sorted_list" | grep -E '^[^ ]+-pve' | head -n2 )"
> 

applied, as quite simple and it works well here.