ec2 Alma 9.2 停留在旧内核版本上

tag-icon tag-icon grub2 yum amazon-ec2 dnf alma-linux
ec2 Alma 9.2 停留在旧内核版本上 
# the issue:
dnf check-update
Last metadata expiration check: 1:35:58 ago on Sun Jun  4 10:26:18 2023.
Security: kernel-core-5.14.0-284.11.1.el9_2.aarch64 is an installed security update
Security: kernel-core-5.14.0-162.6.1.el9_1.aarch64 is the currently running version

# double check:
uname -r
5.14.0-162.6.1.el9_1.aarch64

# only reboot is not fixing it:
uptime
12:01:37 up 0 min,  1 user,  load average: 0.34, 0.10, 0.04

# the cfg is up to date:
grub2-mkconfig > test.cfg 2>/dev/null
diff test.cfg /boot/grub2/grub.cfg

# and manually it looks fine:
. /usr/share/grub/grub-mkconfig_lib 
version_find_latest $(ls -1 /boot/vmlinuz-*)
/boot/vmlinuz-5.14.0-284.11.1.el9_2.aarch64

# maybe these efi boot logs are related:
grep -Pi "efi\b" /var/log/messages | tail -n 6
Jun  4 12:00:59 amazon4 systemd[1]: Condition check resulted in Amazon Elastic Block Store EFI\x20System\x20Partition being skipped.
Jun  4 12:00:59 amazon4 systemd[1]: Mounting /boot/efi...
Jun  4 12:00:59 amazon4 systemd[1]: Mounted /boot/efi.
Jun  4 12:00:59 amazon4 systemd[1]: Store a System Token in an EFI Variable was skipped because of an unmet condition check (ConditionPathExists=/sys/firmware/efi/efivars/LoaderFeatures-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f).
Jun  4 12:00:59 amazon4 systemd[1]: TPM2 PCR Barrier (Initialization) was skipped because of an unmet condition check (ConditionPathExists=/sys/firmware/efi/efivars/StubPcrKernelImage-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f).
Jun  4 12:00:59 amazon4 systemd[1]: TPM2 PCR Barrier (User) was skipped because of an unmet condition check (ConditionPathExists=/sys/firmware/efi/efivars/StubPcrKernelImage-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f).

非 efi 虚拟机不存在此问题。

如何告诉 grub/efi 使用较新的内核?

编辑01:

感谢@Svižný_Svišť 的分享

grubby --info=ALL
grub2-reboot 1

列出已安装的内容;

dnf list --installed | grep "kernel-core"
kernel-core.aarch64                5.14.0-162.6.1.el9_1               @baseos   
kernel-core.aarch64                5.14.0-284.11.1.el9_2              @baseos   
kernel-core.aarch64                5.14.0-284.18.1.el9_2              @baseos

我删除了这个:

dnf remove kernel-core-5.14.0-162.6.1.el9_1

但 grubby 仍然列出了它,所以我修复了它

grubby --remove-kernel=/boot/vmlinuz-5.14.0-162.6.1.el9_1.aarch64

答案1

我刚刚经历了这个问题从升级kernel-core-5.14.0-284.11.1.el9_2.x86_64kernel-core-5.14.0-284.18.1.el9_2.x86_64

虽然我还没有找到解决方案,但我发现为 GRUB 设置“仅下次启动”默认启动项确实会加载所需的内核:

$ sudo grubby --info=ALL | grep -E '^(kernel|index)'
index=0
kernel="/boot/vmlinuz-5.14.0-284.11.1.el9_2.x86_64"
index=1
kernel="/boot/vmlinuz-5.14.0-284.18.1.el9_2.x86_64"

$ sudo grub2-reboot 1   # index 1
$ sudo reboot

显然这只是暂时加载最新的内核。开机后又会回到之前的状态。虽然不是为了解决问题,但它可能会让其他人知道下一步该去哪里。

答案2

dnf 无法正确更新 grub,有时必须手动更新,如下所示:

grubby --remove-kernel=/boot/vmlinuz-5.14.0-162.6.1.el9_1.aarch64
reboot

相关内容