purge-kernels does not remove some kernel-files for systemd boot

Question

purge-kernels does not remove some kernel-files for systemd boot

Closed this issue 3 months ago · 4 comments

Problem as explained in description.

OS: openSUSE Tumbleweed
Bootloader: systemd boot
Other info: encrypted filesystem
Does this always happened? At least I can confirm it for the last two kernel updates.
Which files are the ones I'm reporting as not having been deleted as expected? They're under /boot/efi/bad01a2647cb4fef8827293b9d389245 (obviously the last directory has some random string related to systemd boot). There's a kernel directory for each installed version there, containing the kernel itself and at least one initrd (more if dracut has been called several times).
Why am I reporting this? The default size for /boot/efi defaults to half a GB, which seems to be enough... Well, I'm definitely going to double that in my next installation, but even with the default 2 kernels, this is easy to fill if calling dracut for whatever reasons (and sometimes, scripts are the ones calling it). If one of the kernels to be purged is not actually purged there, the partition gets filled very easily.

I'm attaching some output to illustrate it. Let me know if you need anything else. Please also let me know if this is not zypper purge-kernels's fault (and if possible, point me to where to report this).

mordor:~ # rpm -qa | grep -i kernel-default
kernel-default-6.10.3-1.1.x86_64
kernel-default-6.10.4-1.1.x86_64

mordor:~ # uname -a
Linux mordor.arkayate.org 6.10.4-1-default #1 SMP PREEMPT_DYNAMIC Mon Aug 12 05:49:20 UTC 2024 (0363a35) x86_64 x86_64 x86_64 GNU/Linux

mordor:~ # ls -l /boot/efi/bad01a2647cb4fef8827293b9d389245/
total 12
drwxr-x--- 2 root root 4096 Aug 16 22:55 6.10.2-1-default
drwxr-x--- 2 root root 4096 Aug 16 22:55 6.10.3-1-default
drwxr-x--- 2 root root 4096 Aug 16 22:55 6.10.4-1-default

mordor:~ # du -sh /boot/efi/bad01a2647cb4fef8827293b9d389245/*
175M    /boot/efi/bad01a2647cb4fef8827293b9d389245/6.10.2-1-default
95M     /boot/efi/bad01a2647cb4fef8827293b9d389245/6.10.3-1-default
175M    /boot/efi/bad01a2647cb4fef8827293b9d389245/6.10.4-1-default

mordor:~ # df -h /boot/efi/
Filesystem      Size  Used Avail Use% Mounted on
/dev/nvme0n1p1  511M  449M   63M  88% /boot/efi

mordor:~ # zypper purge-kernels -D
Reading installed packages...

Preparing to purge obsolete kernels...
Configuration: latest,latest-1,running
Running kernel release: 6.10.4-1-default
Running kernel arch: x86_64

Resolving package dependencies...
Nothing to do.

In the output above, the directory /boot/efi/bad01a2647cb4fef8827293b9d389245/6.10.2-1-default should get deleted (I believe that by zypper purge-kernels, but not 100% sure).

P.S.: Completely unrelated, but I'm happy to have seen that my FDE encryption with TPM chip as decryption key now survives kernel updates, this was also broken and got fixed recently, even before I could report this.

Answer 1 · 2024-08-19T10:44:24.000Z

@raulillo82 purge-kernels determines the kernel and associated packages to be deleted.
The packages themselves are responsible for removing their disk content.

So the first question is which packages own the directories and the content within?
find /boot/efi/bad01a2647cb4fef8827293b9d389245/6.10.2-1-default | rpm -qf
can help answering this.

Files associated with a package are removed when the package gets removed. Files not owned by any package would stay on disk, so they need to be removed by some packages uninstall script, if the content is no longer needed. Ideally the package clams to own the directory then. Unlike files, directories can be associated with multiple packages. If the last package owning a directory is removed and the directory is empty, rpm removes it together with the package.

Once we know which packages claim to own the content, we can judge whether the package should have been removed too, or some package fails to clean up it's content.

Answer 2 · 2024-08-19T10:51:26.000Z

There was a kernel update and I had already manually removed the oldest directory, but anyway, I can still show that info:

mordor:~ # rpm -qf /boot/efi/bad01a2647cb4fef8827293b9d389245/6.10*
file /boot/efi/bad01a2647cb4fef8827293b9d389245/6.10.3-1-default is not owned by any package
file /boot/efi/bad01a2647cb4fef8827293b9d389245/6.10.4-1-default is not owned by any package
file /boot/efi/bad01a2647cb4fef8827293b9d389245/6.10.5-1-default is not owned by any package

mordor:~ # rpm -qa|grep -i kernel-default
kernel-default-6.10.4-1.1.x86_64
kernel-default-6.10.5-1.1.x86_64

(So the one that does not belong any more is the related to 6.10.3-1 version).

Edit: also adding the output of the package ownership for the files in the directory:

mordor:~ # rpm -qf /boot/efi/bad01a2647cb4fef8827293b9d389245/6.10.3-1-default/*
file /boot/efi/bad01a2647cb4fef8827293b9d389245/6.10.3-1-default/initrd-1301f6c454e0b7afe7cf087cd47264e311eec231 is not owned by any package
file /boot/efi/bad01a2647cb4fef8827293b9d389245/6.10.3-1-default/initrd-275e7a8032f3e95eca949f85fe21169fc9cb0d9a is not owned by any package
file /boot/efi/bad01a2647cb4fef8827293b9d389245/6.10.3-1-default/linux-f431a68473f70f7db938d56c1a4f039aa439998e is not owned by any package

Answer 3 · 2024-08-19T11:10:34.000Z

So maybe this should be reported at https://bugzilla.suse.com for component kernel or bootloader. Whatever creates the files should take care they get removed when they are no longer needed.

Answer 4 · 2024-08-19T11:21:33.000Z

https://bugzilla.opensuse.org/show_bug.cgi?id=1229396
I guess you can close this issue then. Thanks a lot!