suppression des noyaux linux inutilisés et encombrants sous debian et ubuntu. Ménage dans /boot

removal of unused linux kernels in debian and ubuntu. /boot cleaning.

On pourrait croire que le problème est réglé depuis longtemps, mais, de temps en temps pour des raisons bizarres, je tombe toujours sur des ordinaeurs dont les noyaux ne sont jamais désinstallés par apt ou unattended-upgrades.

Le script ci dessous est très simple, mais aussi très efficace. il considère que tous les noyaux installés sont effaçables sauf :

  • le noyaux utilisé
  • les noyaux provenant de paquet on hold
  • le dernier
  • l'avant dernier si on tourne en ce moment sur le dernier
  • les noyaux à moitié installé ou cassés

Il conservera donc au moins deux noyaux, dont le dernier et celui en cours.

One might think this problem has been solved long ago. But for some weird and unknown reasons, I still meet people whose computers are cluttered whith old kernels. What is unattended-upgrade doing ? mystery.

The script below is very simple but also very effective. The idea is that all kernels can be removed but :

  • the current one
  • kernels explicitely on hold
  • the most recent one
  • the last but one when the current kernel is the most recent one
  • half installed or broken kernels

It keeps at least two kernels : the running one and, apart from this, the most recent.

#! /bin/sh
# encoding: utf-8
# vim: se ts=2 sw=2 et:
# menageatator: Remove unneeded linux kernel from debuntu systems
# Yeah I know. Could use ruby/perl/ocam/lua/go/python and less pipes.
# Could use array, associative arrays etc... Just prefering simplicity
# clarity and possibility to run with dumb^Wsimple shells. 
# Whatever happens :
#   keep the current kernel
#   keep the most recent kernel correctly installed
#   keep all kernels that are on hold
# if current = most recent, keep the next most recent kernel
# remove anything else.
IFS="$(printf ' \t')
set -e # Stop on any error.
version() {
  sed -e "s/${1}-//"           # remove prefix
no_suffix() {
  sed -e 's/-[a-zA-Z_]*$//'    # remove suffix. (-generic, -lowlatency etc...)
dpkg_query() {
# dpkg sorts alphabetically. to avoid problematic order, explicitly sort
# on version number.
#            before sorting          |           After sorting
# ii  linux-image-3.13.0-100-generic | ii  linux-image-3.13.0-95-generic
# ii  linux-image-3.13.0-101-generic | ii  linux-image-3.13.0-98-generic
# ii  linux-image-3.13.0-95-generic  | ii  linux-image-3.13.0-100-generic
# ii  linux-image-3.13.0-98-generic  | ii  linux-image-3.13.0-101-generic
# old dpkg-query (from ubuntu 12.04 lucid for example) don't support
# ${db:Status-Abbrev}. We have to use ${Status} that's a real pain.
# We have to convert things like "deinstall ok config-files" to
# "rc "
# examples :
#     install ok installed linux-image-3.2.0-23-generic
#     unknown ok not-installed linux-image-3.2.0-23-generic
#     deinstall ok config-files linux-image-3.2.0-23-generic
#     hold ok installed linux-image-3.2.0-23-generic
# The sed script does this :
#   1) rewrite deinstall to removed
#   2) replace the first 3 word by their initials in changing order
#      fe "unknown ok not-installed" becomes "uno" (2 and 3 are swapped)
#   3) in 3rd column, replace "o" by " " 
# Also we are not interested in uninstalled kernels, so we filter
# out the kernels that dpkg has never touched : /^un /
  dpkg-query -W -f '${Status} ${package}\n' "$@" |
    sed -e 's/^deinstall/removed/
            s/^\(.\)[^ ]* *\(.\)[^ ]* *\(.\)[^ ]* */\1\3\2 /
            s/\(..\)o/\1 /
           ' |
    grep -v '^un ' |
    sort -k 2,2V # always return list sorted by version number
reject() {
  grep -v "$@"
_apt_get() {
  # args >&2 apt-get "$@"
  apt-get "$@"
# list of all linux-image packages dpkg is aware of
linux_img=$( dpkg_query "$linux_images_tpl" )
# Get the list of packages NOT to remove :
# onhold, current, latest, almost_latest
onhold= current= latest= almost_latest=
current=$(                        # This one is easy.
  uname -r |                      # get current version
  no_suffix                       # just the version, not the kind
  echo "$linux_img" |             # list linux images
  grep ^h |                       # keep only those on hold
  awk '{ print $2 }' |            # keep package name only
  version linux-image |           # just need the version part of the name
  no_suffix                       # just the version, not the kind
  echo "$linux_img" |             # list linux images
  grep ^.i |                      # only consider correctly installed packages
  tail -1  |                      # keep last one
  awk '{ print $2 }' |            # keep package name only
  version linux-image |           # just need the version part of the name
  no_suffix                       # just the version, not the kind
if test "$latest" = "$current"
    echo "$linux_img" |           # list linux images
    grep ^.i |                    # only consider correctly installed packages
    tail -2  |                    # keep last two
    head -1  |                    # keep first one (that is the 2nd most recent)
    awk '{ print $2 }' |          # keep package name only
    version linux-image |         # just need the version part of the name
    no_suffix                     # just the version, not the kind
# build list and (grep -e args) of kernels to keep
set -- 
for version in $onhold $current $latest $almost_latest
  set -- ${1+"$@"} -e "$version"
# build list of kernels to remove
set -- $(
  dpkg_query \
    "$linux_images_tpl" \
    "$linux_images_extra_tpl" \
    "$linux_headers_tpl" |        # list linux images, images-extra, headers
  grep -v '^h' |                  # filter out packages on hold
  reject "$@" |                   # filter out those we keep
  awk '{ print $2 }'              # just keep name
# If there are kernels to remove, remove them
{ test $# -gt 0 && _apt_get purge "$@" ; } || :
# Given this list of kernel,
# ii  linux-image-3.13.0-93-generic
# ii  linux-image-3.13.0-95-generic
# ii  linux-image-3.13.0-96-generic
# ii  linux-image-3.13.0-98-generic
# ii  linux-image-3.13.0-100-generic
# ii  linux-image-3.13.0-101-generic
# ii  linux-image-3.13.0-103-generic
# and if we are running 3.13.0-95, this script
# performs these removal :
# apt-get purge linux-image-3.13.0-93-generic linux-image-3.13.0-96-generic linux-image-3.13.0-98-generic linux-image-3.13.0-100-generic linux-image-3.13.0-101-generic