Oracle linux kernel version

Manage the Boot Kernel for Oracle Linux 8

Introduction

This tutorial describes how to set the default kernel of an Oracle Linux system from the command line. This tutorial is targeted at Oracle Linux 8 users, but the grubby command is also available on Oracle Linux 6 and Oracle Linux 7.

Background

By default, Oracle Linux systems are configured to boot the most recent kernel version first. In most cases, changing the default kernel is unnecessary.

However, the default kernel might not be the correct version to use in certain scenarios, such as the following:

• The current kernel version might be incompatible with a particular hardware you are using.
• Cases involving Unbreakable Enterprise Kernel (UEK) releases on the system
• UEK releases are typically based on kernel versions that are newer than the Red Hat Compatible Kernel (RHCK) version on which an Oracle Linux release is based. Thus, the new UEK version becomes the default kernel, which is not the same as the Oracle Linux kernel.
• If a UEK beta or technical preview release is installed on the system, the UEK kernel needs to be demoted to ensure that the kernel is used only if intentionally and manually selected as the boot kernel by an administrator.
• A UEK kernel might need to be promoted because a specific software depends on it.

These examples and other similar cases would necessitate that you switch between kernel types.

In previous releases, setting the default kernel was performed by configuring the GRUB boot loader or by using other alternative commands. Now, however, you should preferrably use the grubby command to control and manage all of your boot requirements. This tool offers the benefit of being scriptable and can abstract bootloader configuration from the user.

Objectives

In this lab, you’ll learn how to:

• determine the current loaded kernel
• determine the default kernel
• determine which kernel versions are available on the system
• how to use grubby to manage kernels

What Do You Need?

• Any Oracle Linux system that has the grubby package installed

(Hands-on Lab) Connect to the Compute Instance

Note: This step is specific to the Oracle provided free lab environment.

The Desktop environment will display before the instance(s) are ready. Deployment of this environment can take two to five minutes, depending on the number of resources and provisioning steps needed.

First, to access the lab compute instance(s), connect to the Oracle Cloud Console and copy the compute instance Public IP address.

1. Sign in to Oracle Cloud Console, and select your Compartment.
2. Click Instances.

Copy the Public IP to a temporary location (such as a text file) on your computer.

To copy, highlight the IP address with the mouse and press Ctrl+C.

Connect to the instance.

Where is the IP address copied from the Oracle Cloud Console.

Accept the ECDSA key fingerprint by typing yes at the prompt.

You are now connected to the compute instance for this lab.

If the connection fails with the Permission denied (publickey,gssapi-keyex,gssapi-with-mic) message, wait a bit longer for the provisioning process to complete and try making the ssh connection again.

Check available kernels

Several methods are available for checking which kernels are available on a system.

Using the rpm command

Note that the command output also includes other kernel related packages and can therefore be confusing.

Listing the kernels in the /boot directory

The command produces an accurate list of kernels available on the system. However, due to the way kernels are named, the kernel version that the system currently uses is not easily identifiable.

Using the grubby command on specific kernels or using the ALL option:

The command provides fuller information about the boot configuration associated with each kernel in the system’s /boot directory. The details are based on the GRUB title configuration.

In general, kernels are named to include the upstream version number and the distribution build numbering. The kernel names on Oracle Linux also include indications of whether or not they are standard RHCK or whether they are UEK based. Additionally, the names also identify their system architecture. For example, the el8 suffix would indicate an RHCK, while el8uek would indicate a UEK.

Check the current default kernel

To check which kernel is already configured as the current default kernel to use at boot, run:

To check which kernel is currently running on a system, run:

If the default kernel and the currently running kernel are not identical, the underlying reasons might be one of the following:

• A newer kernel is installed, but the system has not been rebooted.
• During a system reboot, an alternative kernel was manually selected to be the operative kernel.
• The default kernel was manually updated but the system has not been rebooted after the update.

Change the default kernel

To switch to a different default kernel, run the following command. Make sure to specify the full path to the designated default kernel.

The change takes effect immediately and persists across system reboots.

The grubby command has additional boot arguments for configuring kernel and boot operations. Refer to the documentation for more information.

Change kernel command line boot parameters

Use the —update-kernel option to update a kenel entry in combination with —args to add new arguments or —remove-arguments to remove existing arguments. Multiple arguments can be specified for each option in a quoted space-separated list. You can add and remove arguments in the same operation.

To update a specific kernel, provide the —update-kernel option with the full path to the kernel that you wish to update. To update all kernel entries to use a specific kernel boot argument, you can set —update-kernel=ALL .

For the purpose of this tutorial you can update all kernel entries to change the loglevel and LANG arguments:

Use the grubby info=ALL command to check that the change is implemented across kernels:

Video Demonstrations

An introductory video that provides an overview of the kernel and underlying system architecture and which demonstrates switching kernel using the grubby command is provided at https://www.youtube.com/watch?v=a0zXGhzPRp8.

A more advanced video demonstration and tutorial is provided at https://www.youtube.com/watch?v=0dv87RFGcKI if you need more information on working with GRUB2 on Oracle Linux 8.

Note that this tutorial does not describe use of the grubby command and explains the underlying components that grubby interacts with. For most kernel management requirements on Oracle Linux, the grubby tool is sufficient.

Additional Information

More Learning Resources

Explore other labs on docs.oracle.com/learn or access more free learning content on the Oracle Learning YouTube channel. Additionally, visit education.oracle.com/learning-explorer to become an Oracle Learning Explorer.

For product documentation, visit Oracle Help Center.

Manage the Boot Kernel for Oracle Linux 8

Copyright © 2021, Oracle and/or its affiliates.

Источник

OS Kernel Updates

Note

This topic applies only to Linux instances that were launched before February 15, 2017. Linux instances launched on or after February 15, 2017 boot directly from the image and do not require further action for kernel updates.

Oracle Cloud Infrastructure boots each instance from a network drive. This configuration requires additional actions when you update the OS kernel.

Oracle Cloud Infrastructure uses Unified Extensible Firmware Interface (UEFI) firmware and a Preboot eXecution Environment (PXE) interface on the host server to load iPXE from a Trivial File Transfer Protocol (TFTP) server. The iPXE implementation runs a script to boot Oracle Linux. During the boot process, the system downloads the kernel, the initrd file, and the kernel boot parameters from the network. The instance does not use the host’s GRUB boot loader.

Normally, the yum update kernel-uek command edits the GRUB configuration file, either grub.cfg or grub.conf , to configure the next boot. Since bare metal instances do not use the GRUB boot loader, changes to the GRUB configuration file are not implemented. When you update the kernel on your instance, you also must upload the update to the network to ensure a successful boot process. The following approaches address this need:

• Instances launched from platform images include an Oracle yum plug-in that seamlessly handles the upload when you run the yum update kernel-uek command.
• If you use a custom image based on a platform image, the included yum plug-in will continue to work, barring extraordinary changes.
• If you install your own package manager, you must either write your own plug-in or upload the kernel, initrd, and kernel boot parameters manually.

Oracle Yum Plug-in

On instances launched with a platform image, you can find the Oracle yum plug-in at:

The plug-in configuration is at:

The plug-in looks for two variables in the /etc/sysconfig/kernel file, UPDATEDEFAULT and DEFAULTKERNEL . It picks up the updates only when the first variable is set to «yes» and the DEFAULTKERNEL value matches the kernel being updated. For example:

Platform images incorporate the Unbreakable Enterprise Kernel (UEK). If you want to switch to a non-UEK kernel, you must update the DEFAULTKERNEL value to «kernel» before you run yum update kernel .

Manual Updates

Tip

Oracle recommends using the Oracle yum plug-in to update the kernel.

If you manually upload the updates, there are four relevant URLs:

The first three URLs are for uploading files (HTTPВ request type PUT). The fourth URL is for activating the uploaded files (HTTP request type POST). The system discards the uploaded files if they are not activated before the host restarts.

The kernel and initrd are simple file uploads. The cmdline upload must contain the kernel boot parameters found in the grub.cfg or grub.conf file, depending on the Linux version. The following example is an entry from the /boot/efi/EFI/redhat/grub.cfg file in Red Hat Linux 7. The highlighted text represents the parameters to upload.

The following command returns what is being uploaded to the cmdline file.

A typical response resembles the following.

The following commands update the cmdline and initrd files, and then activate the changes.

Источник

How to see the version of Oracle Linux

Determine Oracle Linux version

Oracle Linux is based on Red Hat Enterprise Linux. At first, it may be confusing to determine what specific operating system is running. This is because both have the /etc/redhat-release file.

If that file exists, use the cat command to display the contents. Next step is to determine if there is a /etc/oracle-release file as well. If so, then you can be sure that Oracle Linux is running.

Sample output might be: Oracle Linux Server release 6.7

Other options

Next time when you are on a system and not sure what it is running, use this:

This shows you any files that might give a hint on the operating system version.

Related files

• /etc/enterprise-release (older versions of OEL)
• /etc/issue
• /etc/issue.net
• /etc/lsb-release

Keep learning

So you are interested in Linux security? Join the Linux Security Expert training program, a practical and lab-based training ground. For those who want to become (or stay) a Linux security expert.

Run automated security scans and increase your defenses. Lynis is an open source security tool to perform in-depth audits. It helps with system hardening, vulnerability discovery, and compliance.

Continue reading

Livepatch: Linux kernel updates without rebooting

How to secure a Linux system

The state of Linux security in 2017

Linux security myths

Leave a Reply Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About Linux Audit

This blog is part of our mission: help individuals and companies, to scan and secure their systems. We simply love Linux security, system hardening, and questions regarding compliance.

Besides the blog, we have our security auditing tool Lynis. Open source, GPL, and free to use.

For those with enterprise needs, or want to audit multiple systems, there is an Enterprise version.

«One security solution to audit, harden, and secure your Linux/UNIX systems.»

Benefits:

• Perform audits within a few minutes
• Central management
• Powerful reporting
• Compliance checks (e.g. PCI DSS)
• Additional plugins and more tests

Enjoy the articles!

Linux and UNIX security automation

Lynis is a free and open source security scanner. It helps with testing the defenses of your Linux, macOS, and Unix systems. Typical use-cases for this software include system hardening, vulnerability scanning, and checking compliance with security standards (PCI-DSS, ISO27001, etc).

Recent Posts

Contact

This blog is part of our mission to share valuable tips about Linux security. We are reachable via @linuxaudit

Company details

CISOfy
De Klok 28,
5251 DN, Vlijmen, The Netherlands
+31-20-2260055

Источник

Oracle Linux — How to Change Default Kernel

Oracle Linux comes with a choice of two kernels, the Unbreakable Enterprise Kernel (UEK), which is installed and enabled by default, and the Red Hat Compatible Kernel (RHCK).

In this tutorial, we use Oracle Linux instances in Oracle Cloud Infrastructure to illustrate how you change the default kernel (UEK) and boot into an old kernel such as RHCK. To launch an Oracle Linux instance in Oracle Cloud Infrastructure, please follow Getting Started Guide.

Change Default Kernel in Oracle Linux 6 and 5

Oracle Linux 6 and 5 use the GRUB boot loader. To change the default boot kernel, you modify the GRUB configuration file, /etc/grub.conf.

The default directive specifies the kernel entry that GRUB should boot by default. GRUB counts the kernel entries in the configuration file starting at 0. The directive default=0 means that GRUB boots the first kernel entry by default, unless you override this action. The UEK is configured as the first entry, and the RHCK is configured as the second entry. Changing the value of default to 1 (other value) would cause GRUB to boot the RHCK (or another kernel) by default.

Here’s an Oracle Linux 6.10 instance in Oracle Cloud Infrastructure. It has the UEK and RHCK installed. The UEK is the default running kernel.

Next you modify the default directive of the GRUB configuration file, /etc/grub.conf.

Then you reboot the instance.

After the instance is up and running, you verify the running kernel which is RHCK.

The same instructions apply to Oracle Linux 5. Or if you are running Red Hat Enterprise Linux / CentOS 6 or 5, you can follow the same method of changing the default kernel by modifying the default directive of the GRUB configuration file, /etc/grub.conf.

Change Default Kernel in Oracle Linux 7

Oracle Linux 7 uses the GRUB 2 boot loader, which is different from the GRUB boot loader in Oracle Linux 6 and 5.

The default menu entry is determined by the value of the GRUB_DEFAULT parameter in /etc/default/grub . The value saved allows you to use the grub2-set-default and grub2-reboot commands to specify the default entry. grub2-set-default sets the default entry for all subsequent reboots and grub2-reboot sets the default entry for the next reboot only.

The instance below is running Oracle Linux 7.5 which was upgraded from an Oracle Linux 7.4 image in Oracle Cloud Infrastructure. The OS has multiple UEK and RHCK installed. The UEK Release 5 is the default running kernel.

Generate the GRUB 2 configuration file (/boot/grub2/grub.cfg) if it has never been created.

Display the menu entries that are defined in the configuration file, for example:

Pick the kernel you want to run at the next reboot. For example, I’m choosing the RHCK 3.10.0-862.9.1.el7.x86_64 as the kernel to run at the next reboot.

After the OS instance rebooted and comes back, it’s running the kernel that you just picked.

Change Default Kernel in Oracle Linux 8

In Oracle Linux 8, you can use the grubby command to manage your boot requirements.

The instance below is running Oracle Linux 8.1 and it has the UEK and RHCK installed.

Use the grubby —default-kernel command to view the current default kernel. In this case, the RHCK is the default running kernel.

The grubby —set-default command can be used to change the default kernel to the one you specify. Here, the default kernel is being changed to UEK Release 6.

Your changes are immediately reflected and after rebooting your instance will be running the kernel you chose.

References

• Oracle Linux for Oracle Cloud Infrastructure: Getting Started Guide
• Oracle Linux 8 Documentation: Boot Loader and Boot Services Configuration
• Oracle Linux 7 Administrator’s Guide: Boot and Service Configuration
• Oracle Linux 6 Administrator’s Guide: Boot Configuration

Источник