0

I have an Ubuntu 12.04 32 bit server running with unattended-upgrades set up to only install security upgrades. I have the linux-image-generic and linux-headers-generic packages installed and am getting too many kernel versions installed.

Would removing these meta-packages and installing specific kernel packages eg linux-image-3.2.0-101-generic stop the installation of newer kernel versions and what effect would this have on security i.e. would this package without the meta-package linux-image-generic still get security updates?

sapensadler
  • 208
  • 1
  • 7

2 Answers2

2

The metapackage exists to refer to the existing version-specific version of the full package. For example, linux-image-generic will point to linux-image-3.2.0-101-generic or whatever the latest-updated kernel is.

The metapackage is version bumped to point to the latest kernel version with each update. By installing a specific kernel, and then not relying on the metapackage for your kernel versions and updates, you get no updates.

Each individual update to the kernel, either a critical bug fix or a security fix, requires a new kernel package to be created, and the metapackage bumped. There is no way to automatically backport 'fixes' to all the older package versions, as the kernels are considered 'different versions' at that point.

If you remove the metapackage and rely only on a specific kernel package, you get no security updates, no bug fixes, and you may actually have difficulty upgrading in the future (if you attempt an in-place upgrade).

You should not remove the metapackage, and should keep it in the system. You also must install new kernel images to get security updates on the kernels.

Thomas Ward
  • 74,764
0

If you remove the meta packages, you will not get any kernel updates.

All kernel updates are considered as security updates.

So this is not a good idea to remove the meta packages.

There is no other way to get a security kernel update, but to install a new kernel image.

You can also remove all old kernel image and headers packages, if they take space. They are not used.

Pilot6
  • 90,100
  • 91
  • 213
  • 324