Remote kernel upgrade with Debian/Ubuntu and Grub2

Remotely upgrading a kernel without some sort of remote KVM solution is not for the faint hearted. Realizing you forgot to include some module, or build the initrd image after remotely rebooting a kernel is even worse 😉

Luckily there are some nice tricks you can use to make a remote kernel upgrade as safe as possible.

First, make sure you have a valid kernel. Copy the .config of an old kernel and ‘make oldconfig’ to make it work on your new-to-be-compiled kernel.

Second, make the kernel using the ‘make-kpkg’ package, don’t forget the –initrd parameter if you need it.

Third, after installing the kernel package, don’t forget to check if the initrd image got generated. For some strange reason Debian won’t generate this even after building with make-kpkg –image, you can read more about that here. You basically need to copy a file from ‘/usr/share/kernel-package/examples/etc/kernel/postinst.d/initramfs’ to ‘/etc/kernel/postinst.d/initramfs’

Fourth, you need to configure Grub2 so it uses a kernel boot option which makes the kernel restart if it can’t boot for some reason. To do this with Grub2, open /etc/default/grub and add “panic=5″ to GRUB_CMDLINE_LINUX_DEFAULT, like this:

GRUB_CMDLINE_LINUX_DEFAULT=”quiet panic=5″

Fifth, Grub2 needs to be told to only boot the new kernel once, so in case the new kernel panics, it automatically restarts using a kernel you know works (your current one perhaps). Else the ‘panic=5′ we set earlier will only lead to a reboot loop.

To do this open /etc/default/grub and change GRUB_DEFAULT to saved, like this:

GRUB_DEFAULT=saved

To configure ‘reboot-once-into-new-kernel’, we need to do two more things, first we need to tell Grub2 what your working, safe kernel is. Check /boot/grub/grub.cfg for the name of this kernel, but don’t change anything in this file.

My safe kernel is called: “Debian GNU/Linux, with Linux 2.6.32-2-686″, which I can set as the default, safe, kernel with this command:

grub-set-default “Debian GNU/Linux, with Linux 2.6.32-2-686″

Now we have to tell Grub to reboot once into the new kernel, again we need the name of the new kernel, mine is “Debian GNU/Linux, with Linux 2.6.32-example”, use this command.

grub-reboot “Debian GNU/Linux, with Linux 2.6.32-example”

Don’t worry, this won’t reboot your machine.

The final step is to generate a new /boot/grub/grub.cfg, else all the things we just did won’t have an effect

update-grub

Now you’re ready to reboot, good luck and fingers crossed. After a succesful boot, you can set your new kernel as the default using the grub-set-default command

grub-set-default “Debian GNU/Linux, with Linux 2.6.32-example”

9 thoughts on “Remote kernel upgrade with Debian/Ubuntu and Grub2

  1. Pingback: Reinstalling at arm’s length - jwiltshire.org.uk

  2. Pingback: Status-Q » Blog Archive » Configuring GRUB to boot the right kernel after an upgrade

  3. Apparently the format for grub menus and submenus has changed. When I tried to install a new kernel and ran

    dpkg -i linux-*

    I got a warning

    Warning: Please don’t use old title `Ubuntu, with Linux 3.13.0-44-generic’ for GRUB_DEFAULT, use `Advanced options for Ubuntu>Ubuntu, with Linux 3.13.0-44-generic’ (for versions before 2.00) or `gnulinux-advanced-ae649ac3-2a1a-438f-8c02-10e03ec86be5>gnulinux-3.13.0-44-generic-advanced-ae649ac3-2a1a-438f-8c02-10e03ec86be5′ (for 2.00 or later)

    Unfortunately the command grub-set-default does not issue the same warning….

  4. Pingback: Remote Kernel upgrade with Debian/Ubuntu and Grub2 | nxhelp.com

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>