I am trying to build a custom image using diskimage-builder, and amongst other things, that tool updates all the packages within the image to the latest version, including the kernel. It also uses package-cleanup to remove any old kernels.
However, package-cleanup has logic to prevent you uninstalling the current kernel; this makes sense on a regular host, but when you are operating inside a chroot to build a filesystem, it doesn't.
Temporarily patching package-cleanup to disable this logic reveals that yum has the same logic, and I believe rpm does too!
Relevant distro/package info:
- Host: CentOS 7 (built from Minimal-1810, with some updates)
- diskimage-builder-2.16.0-1
- yum-utils-1.1.31-50
- kernel-3.10.0-957.12.2
- Image: CentOS 7 (GenericCloud-1905)
- kernel-3.10.0-957.12.2 (from source image)
- kernel-3.10.0-957.27.2 (added by diskimage-builder)
Now, obviously, if I update the build host to the latest kernel, this problem goes away... but only until the kernel version on the host and in the source image are the same again and a more recent kernel is released that diskimage-builder then adds.
To complicate this further, when diskimage-builder installs the newer kernel, grubby is run to build the relevant grub configuration, but this fails for related reasons; it pays attention to the currently running kernel, even though that's irrelevant. This means that not only is an old kernel left on the new image, but it remains the default. And as it happens, 3.10.0-957.12.2 doesn't boot on one of my target systems (VMware), which is why this is such a problem for me.
Is there a better solution here? Can I force package-cleanup, yum, or rpm to remove the older kernel package somehow? (Ideally package-cleanup, as it already contains the logic to dynamically work out which kernels to keep/remove.)
(Tools that try and protect you from doing the wrong thing really should allow you to override them when you know what you're doing. Also, package management tools shouldn't refer to the currently running environment, as that may not be the eventual target.)
