PDA

View Full Version : Need to upgrade the kernel?



ErwinC
4th March 2009, 12:44 PM
Do we need to install the latest kernel en xserver upgrades everytime? Is there a reason? Security?
It Seems to put a lot of people in trouble, these automatic upgrades.
In a matter of fact, this is the reason why I switched from Ubuntu, to Fedora: but here it happened to me again: a messed up system after a automatic update.
For now I use the Mint 6-distro. Mint does categorize kernel-upgrades as 'dangerous' and does not upgrade them automatically.
What repo's do you have to 'switch of' to avoid downloading those kernel upgrades?

EC

stoat
4th March 2009, 02:27 PM
In a matter of fact, this is the reason why I switched from Ubuntu, to Fedora...Well, that was a mistake. The Fedora kernel gets updated often.

Hello ErwinC,

It's not unheard of for new kernels to break things. In the past, I never worried about fully updating Fedora on a regular basis. Nothing bad ever happened. But nowadays, I no longer allow the kernel to update with my regular weekly system updates. I still update the kernel, but much less often.




What repo's do you have to 'switch of' to avoid downloading those kernel upgrades?You don't disable a repo because the kernel updates are in the updates repo with all of the other updates. You edit the file /etc/yum.conf and add a line to exclude the kernel. Example (my yum.conf)...
[main]
cachedir=/var/cache/yum
keepcache=1
debuglevel=2
logfile=/var/log/yum.log
exactarch=1
obsoletes=1
gpgcheck=1
plugins=1
installonly_limit=3
exclude=kernel*
And when you want to allow the kernel to update, edit that file and remove that line or comment it out (with the # character). After the kernel updates, change it back.

This kernel thing we are discussing now is another good reason for retaining some old kernels. The default nowadays for installed kernels is 3. I think that is adequate and gives plenty of time to discover kernel-related problems before another new kernel comes along and deletes the oldest kernel.

JonathanR
4th March 2009, 02:30 PM
I only do manual update. This way I maintain control.

stefan1975
4th March 2009, 02:35 PM
i just love living on the edge and do a full "yum update" every day just to see what it is they break this time around ;-)

ErwinC
4th March 2009, 04:45 PM
Thank you for the reply's.
I will give Fedora another try and use the 'stoat' 'methode.

One thing is not yet clear: why do we have to do a kernel-update if everything works out for you with the present kernel?

grtz,
EC

stefan1975
4th March 2009, 04:56 PM
Thank you for the reply's.
I will Fedora give another try and use the 'stoat' 'methode.

One thing is not yet clear: why do we have to do a kernel-update if everything works out for you with the present kernel?

grtz,
EC

because you get new nifty features, security patches, stability fixes, package issues, dependency stuff that is fixed. Hey Win3.11 also works just fine for me, why should I upgrade to Vista? (ok with Vista it sounds very much like bad example).

Just NOT upgrading the kernel might land you other issues though, if you skip kernel updates but do upgrade kernel-modules (kmod-*), things might get really broken for you.

If you don't want in-life-cycle upgrades maybe fedora isn't for you. CentOS or Debian have a very conservative update policy, with fedora you always get the latest stuff which is great but also means sometimes it hurts before it gets better. Ubuntu only does security upgrades but no new version upgrades during a release which is also more conservative that with Fedora.

stefan

stoat
4th March 2009, 05:09 PM
Just NOT upgrading the kernel might land you other issues though, if you skip kernel updates but do upgrade kernel-modules (kmod-*), things might get really broken for you.Well, maybe. But that has never happened to me. Ever. Whereas the kmod issue is actually the reason I stopped updating the kernel so often. What sometimes would happen was a new kernel would appear in the update repo but certain kmod "things" weren't ready yet and were not in their repos. If the kernel was then updated that same day or so, then the kmod "thing" got broken (for a day or so until the kmods for that kernel finally appeared). But the opposite situation never happened (to me, anyway). The kmod things would not be updated when I did my routine system update with the kernel excluded. But I'm only talking about kmod-ndiswrapper. I wasn't using any other kmod "things" at the time. Nowadays I don't use any, but I still am leery of new kernels. They can break anything. I'm not arguing with your security angle. I still update the kernel. Just not as much any more.

ErwinC
4th March 2009, 05:24 PM
If you don't want in-life-cycle upgrades maybe fedora isn't for you. ... /... Ubuntu only does security upgrades but no new version upgrades during a release which is also more conservative that with Fedora.

stefan

Fact is that I like Fedora, I find it fast and well 'organized'.....

And Ubuntu the kernel-updates did mess up my system several times.

stefan1975
4th March 2009, 05:31 PM
Well, maybe. But that has never happened to me. Ever. Whereas the kmod issue is actually the reason I stopped updating the kernel so often. What sometimes would happen was a new kernel would appear in the update repo but certain kmod "things" weren't ready yet and were not in their repos. If the kernel was then updated that same day or so, then the kmod "thing" got broken (for a day or so until the kmods for that kernel finally appeared). But the opposite situation never happened (to me, anyway). The kmod things would not be updated when I did my routine system update with the kernel excluded. But I'm only talking about kmod-ndiswrapper. I wasn't using any other kmod "things" at the time. Nowadays I don't use any, but I still am leery of new kernels. They can break anything. I'm not arguing with your security angle. I still update the kernel. Just not as much any more.

lol. Well for me it *almost* always works, and if it doesnt It also leaves the previous kernel available in GRUB so no biggie there. The one thing I did learn to check.wait for is the corresponding rpmfusion kmod-nvidia packages. I do so hate it when I get only vesa after an upgrade because the nvidia packages were not ready or synced to my mirror yet.

stefan