Remove kernels from EFI boot

usc · November 16, 2024, 3:10pm

hi,

when updating my system i get new kernels. and with every new kernel my systemd-boot menu grows with a new entry. as my /efi volume is only 1G it fills up with old kernels when reinstall-kernels is invoked

# kernel-install list
VERSION        HAS KERNEL PATH
6.11.8-arch1-2          ✓ /usr/lib/modules/6.11.8-arch1-2
6.6.61-1-lts            ✓ /usr/lib/modules/6.6.61-1-lts

but a bootctl list shows the previous kernels too:

# bootctl list
         type: Boot Loader Specification Type #1 (.conf)
        title: EndeavourOS (6.11.6-arch1-1) (default)
           id: 44e3675514b448b5946d0301489134dc-6.11.6-arch1-1.conf
       source: /efi//loader/entries/44e3675514b448b5946d0301489134dc-6.11.6-arch1-1.conf
     sort-key: endeavouros-6.11.6-arch1-1
      version: 6.11.6-arch1-1
   machine-id: 44e3675514b448b5946d0301489134dc
        linux: /efi//44e3675514b448b5946d0301489134dc/6.11.6-arch1-1/linux
       initrd: /efi//44e3675514b448b5946d0301489134dc/6.11.6-arch1-1/initrd
      options: nvme_load=YES nowatchdog rw root=UUID=c906eedf-4c06-484c-ae15-78fba3aef9c9 resume=UUID=87633dd8-b1a8-411e-a699-bc30838650fe rw root=UUID=c906eedf-4c06-484c-ae15-78fba3ae>

         type: Boot Loader Specification Type #1 (.conf)
        title: EndeavourOS (6.11.7-arch1-1)
           id: 44e3675514b448b5946d0301489134dc-6.11.7-arch1-1.conf
       source: /efi//loader/entries/44e3675514b448b5946d0301489134dc-6.11.7-arch1-1.conf
     sort-key: endeavouros-6.11.7-arch1-1
      version: 6.11.7-arch1-1
   machine-id: 44e3675514b448b5946d0301489134dc
        linux: /efi//44e3675514b448b5946d0301489134dc/6.11.7-arch1-1/linux
       initrd: /efi//44e3675514b448b5946d0301489134dc/6.11.7-arch1-1/initrd
      options: nvme_load=YES nowatchdog rw root=UUID=c906eedf-4c06-484c-ae15-78fba3aef9c9 resume=UUID=87633dd8-b1a8-411e-a699-bc30838650fe rw root=UUID=c906eedf-4c06-484c-ae15-78fba3ae>

         type: Boot Loader Specification Type #1 (.conf)
        title: EndeavourOS (6.11.8-arch1-2) (selected)
           id: 44e3675514b448b5946d0301489134dc-6.11.8-arch1-2.conf
       source: /efi//loader/entries/44e3675514b448b5946d0301489134dc-6.11.8-arch1-2.conf
     sort-key: endeavouros-6.11.8-arch1-2
...

as you can see the default is still 6.11.6 althoug i have 6.11.8 . every time a new kernel is published this will appear in the kernel list and a new loader entry is generated. but the old ones are not pruned.

as my /efi partition is ony 1G in size it will fill up.

# tree
.
├── 6.11.6-arch1-1
│   ├── initrd
│   └── linux
├── 6.11.7-arch1-1
│   ├── initrd
│   └── linux
├── 6.11.8-arch1-2
│   ├── initrd
│   └── linux
└── 6.6.61-1-lts
    ├── initrd
    └── linux

yes, i know how to manually cleanup. but is there any automatism? it would be great when i get a new kernel version not only to add this one to the boot loader list but also to remove the entries which are not listed by kernel-install list, in my case the 6.11.6 and 6.11.7.

dalto · November 16, 2024, 3:27pm

The automation does remove the old kernels.

You should not need to remove them manually.

It seems something is wrong.

Are you using timeshift or something similar to do system rollbacks?

usc · November 16, 2024, 3:39pm

no timeshift or something comparable. i never do (and did) a system rollback.

i have tried kernel-modules-hook to fix the problem but it does not help. at the moment i do manually cleanups.

when i do a pacman -R linux followed by a pacman -S linux … shouldn’t there be a cleanup of old entries?

usc · November 16, 2024, 4:38pm

FYI: i played around a bit. when doing a pacman -R linux the bootloader entry is removed. when i install it again, the entry appears. so it looks like it is working for the simple case.

in real live i mostly do system updates on a daily base but i do not reboot, i simply suspend my notebook. i reboot about once a week. perhaps this is a problem.

but it would be great to have some sort of “hard cleanup” when a pacman hook installs/removes a kernel. because in my case the default boot entry is the first one (with the lowest version number). when the system boots i have to manually select the latest kernel or i have to cleanup the kernel list and reboot again.

dalto · November 16, 2024, 5:28pm

There should be no need for a hard cleanup. The fact that you are seeing a need for it means something is broken somewhere or you are doing something unexpected.

usc · November 16, 2024, 6:28pm

no problem.

# pacman -Q | grep -E "linux|dracut|kernel|mkinitcpio|hook"
archlinux-appstream-data 20240914-1
archlinux-keyring 20241015-1
dracut 105-1
eos-hooks 1.16-1
kernel-install-for-dracut 1.10.1-1
kernel-modules-hook 0.1.7-3
linux 6.11.8.arch1-2
linux-api-headers 6.10-1
linux-firmware 20241111.b5885ec5-1
linux-firmware-whence 20241111.b5885ec5-1
linux-headers 6.11.8.arch1-2
linux-lts 6.6.61-1
linux-lts-headers 6.6.61-1
pacman-hook-kernel-install 0.13.0-1
util-linux 2.40.2-1
util-linux-libs 2.40.2-1

dalto · November 16, 2024, 6:30pm

I suspect this is your issue. You should not have this installed. You probably have multiple hooks doing the same thing.

I would have to look into what this does to know for sure, but this may also be a problem. You definitely don’t need it.

usc · November 16, 2024, 6:32pm

i’m pretty sure i installed both when i tried to fix the problem when my /efi run out of space.

but i will remove both packages.

i have 6.11.7 in my bootloader list. is there anything i can do so this will be removed automatically to test it without both packages?

dalto · November 16, 2024, 6:34pm

You could downgrade to that version and then upgrade again.

usc · November 16, 2024, 6:46pm

yes, that worked. downgrading to 6.11.7 and upgrading again removed the 6.11.7.

i will observe this. i’m sure i installed both packages to solve this problem, but perhaps that made the whole thing worse.

i have the impression that the problem arises, when i do a system update (where i get a new kernel) and a few days later i receive the next kernel although my system was not rebooted and my laptop still runs with an older kernel.

dalto · November 16, 2024, 6:52pm

That shouldn’t be a problem.

Here is what should be happening on an update.

There is a pre-update hook that removes the existing entries, kernels and initrds
The update happens removing all the kernel files and replacing them the new version
There is a post update hook that installs the new kernel and generates and installs the new initrds

When you are “running an older kernel”, it is in memory. The files that underpin that kernel are no longer on your system.