This fixes selecting kernels for manual inclusion in the ESP which do
not come with a "-pve" in name.
It fixes listing, by just printing out the whole list as is. refresh
complains already if there's a kernel selected but no respective
vmlinuz got found. Additionally, we already plainly add the "manual
kernel list" in kernel_keep_versions, but filter then out any kernel
not containing a "-pve" in boot_kernel_list.
But boot_kernel_list should actually only filter out the kernel meta
packages.
So, use a inverse match and check for a /\d+\.\d+/ pattern, this
seems to work well enough.
Note that kernel_keep_versions doesn't picks up non-pve kernels
anyway, so this only really alters manual selection.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
this awk line only works with gawk because of implementation differences
between awk alternatives.
debian has mawk installed by default, and mawk does not implement word
boundary regex. to avoid having to depend on gawk, we can just use perl
instead.
Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
In the case were someone removes the current kernel we do not can
"keep" it anymore. While this was obviously no issue for the
autoremoval logic, it is an issue for the pve-efiboot-tool refresh
command, which reuses this helper to see which kernels it needs to
keep on the ESP.
Without this a running kernel was never removed from the EFI System
Partitions if de-installed from a host, so if it sorted as newest one
it was then booted again, which naturally confuses users (it was just
removed!!). So to ensure that we cannot get such zombie kernels
ensure that only installed kernels are included in the list.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
* add some spaces for separation, increasing readability
* do not use the non-existent variable x as replacement, but an actual
empty string ""
* don't use the "truth-y action" at end to make awk print the line ($0)
but explicitly print $0 after the gsub, makes it easier to get for
people with not much awk background
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
if we fallback to /proc/cmdline, it can include the booted initrd.
to avoid loader entries with initrd 'options' lines, we have to parse
them out.
Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
Previously, mentioning "virtual package" in the package long
description was enough to supress the "empty-binary-package" linitian
tag[0]. That changed, so let's use "metapackage", which is suggested
as one of the replacement options.
[0]: https://lintian.debian.org/tags/empty-binary-package.html
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
As explained in [0], we can add a hook script that will be called after
update-initramfs did its job (and thus, a new initrd has been created).
We can use this to automatically sync the ESPs using 'pve-efiboot-tool
refresh', if update-initramfs was called manually (on kernel upgrade we
already have a hook that does this).
[0]: https://kernel-team.pages.debian.net/kernel-handbook/ch-update-hooks.html
Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
As all operations are done on a single or no version, thus "kernel"
fits minimally better, IMO. But just accept both, for convenience
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
default to "Proxmox Virtual Environment", and if the
proxmox-mailgateway package is installed (we simply check the docs
path) use "Proxmox Mailgateway" instead
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
namely, the current/latest and previous one, for which we also keep the
last kernel installed and synced.
the pipe to 'head' has the added bonus of guarding against 'grep'
returnin non-zero and triggering 'set -e'
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
especially after modifying the manually selected kernels list, we don't
want this to be skipped.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
to list custom and automatically selected kernel versions that are synced to configured ESPs
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
with 'kernels <add|remove>' command in pve-efiboot-tool to add/remove
kernels to/from manual kernel list, and honor it when generating lists
of kernels to not autoremove/sync to ESPs
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
by re-executing the whole 'pve-efiboot-tool init' command inside a new mount namespace
Co-Developed-By: Thomas Lamprecht <t.lamprecht@proxmox.com>
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
to avoid affecting the running system negatively, e.g. because the
target paths for mounting the ESPs have been modified via symlinks or
similar attacks.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
to re-execute the currently running script in an unshared mount name
space.
Co-Developed-By: Thomas Lamprecht <t.lamprecht@proxmox.com>
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
