The irritation of all of the Ubuntu kernels you wind up with

October 7, 2015

Let's start with my tweet:

I really dislike just how difficult Debian and Ubuntu make it to only keep the last N kernels and remove all the rest. What a stupid mess.

(I may be unfairly slamming Debian here, but if so they have their own terrible problem with kernel updates.)

One of the many stupid things about the Ubuntu kernel update process is how if you just use 'apt-get install' to install kernel updates, you'll wind up with a steadily increasing collection of old kernels. This isn't because Debian and Ubuntu care deeply about never removing a good kernel out from underneath you, as Ubuntu will happily overwrite a good kernel with a bad one sometimes (and Debian may be worse here). Instead, as far as I can tell, it is just because APT doesn't support this and no one has fixed it in more than a decade.

This matters for reasons beyond disk space and clutter in your list of installed package. Dpkg kernel updates are already kind of slow and definitely verbose enough that you can miss important things, and every installed kernel you have adds its own contribution to both the slowness and the verbosity. The fewer installed kernels you have, the faster things update and the higher the chance is that you'll notice any problems.

As they say, but wait, it gets worse. Not only does apt not support limiting how many kernels it keeps around, but Ubuntu (and Debian) don't even ship with an add-on command to remove such surplus kernels for you. This is asinine. Essentially everyone is going to want to do this, it is something that is surprisingly tricky to get right (and easy to get wrong in dangerous ways), and the best that Ubuntu has to offer is Stack Overflow answers full of arcane (and incomplete) command line incantations, people's homegrown scripts, and recommendations of packages with pages of new dependencies on normal systems.

Since cleaning up this mess would be far too much work, our systems totter along with an increasing collection of totally useless and pointless kernels (most of them with serious security holes, since the existence of serious holes is usually what prompts us to upgrade kernels). I rather enjoy when we get to reinstall machines, because it means starting from scratch with a clean and very short list of kernels.

(I've written about this in quieter tones, for example in How Ubuntu and Fedora each do kernel packages. That entry also discusses why it happens this way; see the comments for some additional hair-raising details.)

Written on 07 October 2015.
« How many recent sender domains are in the Spamhaus DBL
Why you (probably) want to have blog categories (and topics and more) »

Page tools: View Source, Add Comment.
Search:
Login: Password:
Atom Syndication: Recent Comments.

Last modified: Wed Oct 7 01:58:53 2015
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.