我当前的系统版本是 18.04 LTS,内核 4.15.0-45-generic。由于CVE-2019-11477,我想将内核更新为修复版本 linux-image-4.15.0-52-generic。
我试过了sudo apt dist-upgrade,什么也没发生。但是当我使用时apt search linux-image-4.15.0-52,这个内核存在于官方存储库中。然后我手动安装了它。
根据 Karel 的回答,我在新的 VPS 上测试了它,它们都可以更新内核。所以我认为是系统中的文件损坏了。如何检查?
root@ubuntu:/home/username# uname -a
Linux ubuntu 4.15.0-45-generic #48-Ubuntu SMP Tue Jan 29 16:28:13 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
root@ubuntu:/home/username# apt update
Hit:1 http://archive.ubuntu.com/ubuntu bionic InRelease
Get:2 http://security.ubuntu.com/ubuntu bionic-security InRelease [88.7 kB]
Hit:3 http://ppa.launchpad.net/ondrej/nginx-mainline/ubuntu bionic InRelease
Hit:4 https://deb.nodesource.com/node_10.x bionic InRelease
Get:5 http://archive.ubuntu.com/ubuntu bionic-updates InRelease [88.7 kB]
Get:6 http://archive.ubuntu.com/ubuntu bionic-backports InRelease [74.6 kB]
Fetched 252 kB in 2s (110 kB/s)
Reading package lists... Done
Building dependency tree
Reading state information... Done
All packages are up to date.
root@ubuntu:/home/username# apt search linux-image-4.15.0-52
Sorting... Done
Full Text Search... Done
linux-image-4.15.0-52-generic/bionic-updates 4.15.0-52.56 amd64
Signed kernel image generic
linux-image-4.15.0-52-lowlatency/bionic-updates 4.15.0-52.56 amd64
Signed kernel image lowlatency
root@ubuntu:/home/username# apt upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
root@ubuntu:/home/username# apt dist-upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
搭载 18.04 LTS 的新 vps
Welcome to Ubuntu 18.04.2 LTS (GNU/Linux 4.15.0-50-generic x86_64)
root@vultr:~# apt upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... Done
The following NEW packages will be installed:
linux-headers-4.15.0-52 linux-headers-4.15.0-52-generic linux-image-4.15.0-52-generic
linux-modules-4.15.0-52-generic linux-modules-extra-4.15.0-52-generic
The following packages will be upgraded:
root@vultr:~# apt dist-upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... Done
The following NEW packages will be installed:
linux-headers-4.15.0-52 linux-headers-4.15.0-52-generic linux-image-4.15.0-52-generic
linux-modules-4.15.0-52-generic linux-modules-extra-4.15.0-52-generic
The following packages will be upgraded:
apt-cache policy linux-image-generic
root@ubuntu:/home/username# apt-cache policy linux-image-generic
linux-image-generic:
Installed: (none)
Candidate: 4.15.0.52.54
Version table:
4.15.0.52.54 500
500 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages
4.15.0.51.53 500
500 http://security.ubuntu.com/ubuntu bionic-security/main amd64 Packages
4.15.0.20.23 500
500 http://archive.ubuntu.com/ubuntu bionic/main amd64 Packages
答案1
你在系统上执行的一些操作删除了元包这使得这些升级“有效”。
和包linux-image-genericlinux-headers-generic追踪您的系统的最新发布的内核版本 - 4.15.0 - 您需要安装它们才能提示升级。
sudo apt install linux-image-generic linux-headers-generic应该足以完成此操作。这还应该会引入您所需的内核包版本,尽管看起来您所在的镜像不是 -52.56,而是 -52.54。
答案2
Linux 内核 4.15.0-52 位于默认的 Ubuntu 18.04 存储库中。在 Ubuntu 18.04 中更新软件,它会将内核更新到 4.15.0-52。这是我的做法(我没有使用sudo apt-get dist-upgrade)。
sudo apt update
sudo apt upgrade
apt policy linux-image-4.15.0-52-genericUbuntu 18.04更新软件后的结果:
$apt 策略 linux-image-4.15.0-52-generic Linux-image-4.15.0-52-通用: 安装:4.15.0-52.56 候选人:4.15.0-52.56 版本表: ***4.15.0-52.56 500
重新启动 Ubuntu 以使用新安装的内核启动。然后结果uname -a将显示 Ubuntu 18.04 正在使用最新安装的内核版本。