Please note that unattended-upgrades already removes unused kernels

[rbalint]

The unattended-upgrades version found in Xenial and later and Buster and later automatically removes auto-removable kernels (in u-u v1.0 and up).

[tonyskapunk]

Hi @rbalint,

Thanks for pointing that out, I'd like to give accurate information so people that is already using u-u keep using it with this feature (Remove-Unused-Kernel-Packages). Could you help me clarify what's the default value for this setting Remove-Unused-Kernel-Packages ?

I looked at Ubuntu and Debian packages and is not quite clear to me if that functionality is enabled by default or just is available to enable:

• Ubuntu

# source /etc/os-release; echo ${VERSION}
16.04.6 LTS (Xenial Xerus)

# apt-config dump | grep -i unattended-upgrade
APT::Periodic::Unattended-Upgrade "1";
Unattended-Upgrade "";
Unattended-Upgrade::Allowed-Origins "";
Unattended-Upgrade::Allowed-Origins:: "${distro_id}:${distro_codename}";
Unattended-Upgrade::Allowed-Origins:: "${distro_id}:${distro_codename}-security";
Unattended-Upgrade::Allowed-Origins:: "${distro_id}ESM:${distro_codename}";

# grep -ci "unattended-upgrade.*kernel" /etc/apt/apt.conf.d/50unattended-upgrades 
0

###

# source /etc/os-release; echo ${VERSION}
18.04.2 LTS (Bionic Beaver)

# apt-config dump | grep -i unattended-upgrade
APT::Periodic::Unattended-Upgrade "1";
Unattended-Upgrade "";
Unattended-Upgrade::Allowed-Origins "";
Unattended-Upgrade::Allowed-Origins:: "${distro_id}:${distro_codename}";
Unattended-Upgrade::Allowed-Origins:: "${distro_id}:${distro_codename}-security";
Unattended-Upgrade::Allowed-Origins:: "${distro_id}ESM:${distro_codename}";
Unattended-Upgrade::DevRelease "false";

# grep -i "unattended-upgrade.*kernel" /etc/apt/apt.conf.d/50unattended-upgrades
//Unattended-Upgrade::Remove-Unused-Kernel-Packages "false";

• Debian:

# source /etc/os-release; echo ${PRETTY_NAME}
Debian GNU/Linux buster/sid

# apt-config dump | grep -i unattended-upgrade
APT::Periodic::Unattended-Upgrade "1";
Unattended-Upgrade "";
Unattended-Upgrade::Origins-Pattern "";
Unattended-Upgrade::Origins-Pattern:: "origin=Debian,codename=${distro_codename},label=Debian";
Unattended-Upgrade::Origins-Pattern:: "origin=Debian,codename=${distro_codename},label=Debian-Security";

# grep -i "unattended-upgrade.*kernel" /etc/apt/apt.conf.d/50unattended-upgrades
//Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";

Those default configs and the line below makes me think that a user needs to enable it.

https://github.com/mvo5/unattended-upgrades/blob/f0569147f82e088764161d2f06a4bff65536f3af/unattended-upgrade#L2108-L2109

Thanks!

[rbalint]

Hi @tonyskapunk,

Automatic kernel removal is default in the code but it is commented out in the configuration files.
https://github.com/mvo5/unattended-upgrades/blob/1.0/unattended-upgrade#L1688

I see that the shipped configuration file is not clear on this in the older versions, but in the latest versions the commented-out value is the default or the default is explained.