apt-get autoremove may remove current kernel
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apt (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Bionic |
Fix Released
|
Undecided
|
Unassigned | ||
Focal |
Fix Released
|
Undecided
|
Unassigned | ||
Groovy |
Fix Released
|
Undecided
|
Unassigned | ||
Hirsute |
Fix Released
|
Undecided
|
Unassigned | ||
unattended-upgrades (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
Trusty |
Won't Fix
|
Low
|
Unassigned | ||
Xenial |
Fix Released
|
High
|
Unassigned | ||
Artful |
Won't Fix
|
High
|
Unassigned |
Bug Description
[Impact]
APT will try and fail to remove the currently running kernel, when booted into an older kernel that is not protected. May wreak some havoc if mixed with other operations to the point that apt goes weird and needs manual fixing up.
[Test case]
For the SRUs we have included an automated test case that starts with an empty autoremove config file, and then checks that the running kernel is protected at runtime.
You can also test manually, but it's not necessary:
- Install new kernel
- Reboot into kernel not listed as protected in 01autoremove-
- Run autoremove
[Where problems could occur]
We may more easily run out of space in /boot. hirsute has new autoremoval code that runs completely at runtime; but that seems a bit large to SRU after only a few weeks in hirsute. Hence, we should protect the current kernel _in addition_ to the other kernels, just like unattended-upgrades and update-manager do. This increases the risk of filling up /boot compared to older apt versions, but is at the same level as unattended-upgrades and update-manager.
[Original bug report]
This may happen, if you boot one of the older kernels, that is not protected by /etc/apt/
Workaround: run
/etc/kernel/
during each boot (e.g. by using cron).
Note: The workaround breaks autoremoving feature of new unneeded kernels in unattended-upgrades i.e. the setting 'Unattended-
In shell:
$ uname -r
4.4.0-22-generic
$ apt-get -s autoremove
NOTE: This is only a simulation!
apt-get needs root privileges for real execution.
Keep also in mind that locking is deactivated,
so don't depend on the relevance to the real current situation!
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages will be REMOVED:
linux-
linux-
linux-
linux-
linux-
0 upgraded, 0 newly installed, 11 to remove and 13 not upgraded.
ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: apt 1.2.12~
ProcVersionSign
Uname: Linux 4.4.0-22-generic x86_64
ApportVersion: 2.20.1-0ubuntu2.1
Architecture: amd64
CurrentDesktop: XFCE
Date: Sun Aug 21 16:11:27 2016
EcryptfsInUse: Yes
InstallationDate: Installed on 2016-04-28 (114 days ago)
InstallationMedia: Xubuntu 16.04 LTS "Xenial Xerus" - Release amd64 (20160420.1)
SourcePackage: apt
UpgradeStatus: No upgrade log present (probably fresh install)
modified.
mtime.conffile.
description: | updated |
tags: | added: kernel-autoremove |
Changed in unattended-upgrades (Ubuntu): | |
status: | Confirmed → In Progress |
Changed in apt (Ubuntu Artful): | |
status: | New → Won't Fix |
tags: | added: sts |
Changed in unattended-upgrades (Ubuntu Artful): | |
status: | New → Won't Fix |
Changed in unattended-upgrades (Ubuntu): | |
importance: | Undecided → High |
Changed in unattended-upgrades (Ubuntu Artful): | |
importance: | Undecided → High |
Changed in unattended-upgrades (Ubuntu Trusty): | |
importance: | Undecided → Low |
no longer affects: | apt (Ubuntu Artful) |
no longer affects: | apt (Ubuntu Xenial) |
no longer affects: | apt (Ubuntu Trusty) |
no longer affects: | apt (Ubuntu) |
Changed in unattended-upgrades (Ubuntu Trusty): | |
status: | New → Won't Fix |
tags: | added: seg |
tags: | added: fr-747 |
description: | updated |
no longer affects: | unattended-upgrades (Ubuntu Bionic) |
no longer affects: | unattended-upgrades (Ubuntu Focal) |
no longer affects: | unattended-upgrades (Ubuntu Groovy) |
no longer affects: | unattended-upgrades (Ubuntu Hirsute) |
Changed in apt (Ubuntu Groovy): | |
status: | New → Confirmed |
status: | Confirmed → Triaged |
status: | Triaged → Confirmed |
Changed in apt (Ubuntu Focal): | |
status: | New → Confirmed |
Changed in apt (Ubuntu Bionic): | |
status: | New → Confirmed |
Changed in apt (Ubuntu Groovy): | |
status: | Confirmed → Triaged |
description: | updated |
Changed in apt (Ubuntu Groovy): | |
status: | Triaged → In Progress |
I suppose this may happen with unattended- upgrades, too, if user has configured removing of old kernels.