FedoraThis forum is for the discussion of the Fedora Project.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I've been trying to research on the Internet how to install an updated Linux kernel, leaving the old one intact.
Yes there are lots of advice out there. But I have a sense that I'm missing some fundamental steps in doing this.
So....dumb question... Should I be downloading all kernel*.rpm packages and just install them like any other RPM? I know that the kernel is different from the other modules.
I have a "possible LKM rootkit" on my FC6 notebook, says chkrootkit.
When you reboot you will get the little screen that says booting in X seconds. That is where you choose which kernel to boot to. The default is to boot to the newest kernel.
The only 100% way to be sure of a secure system after a breach is to do a fresh install. Other words you have no way of knowing what files the intruder could have changed. About 99% if Linux breaches occur becuase of weak passwords.
Rootkits are normally hidden in slack space.
Changing kernel probably won't remove it, as it can be anywhere in the file system. With forensics tools you can locate and remove it, possibly Sleuthkit.
I don't have a direct internet connection to this box. I'd have to download the RPMs and update. What I don't understand is what packages I need to download. In other words, I need to update almost manually.
Quote:
Originally Posted by lazlow
The only 100% way to be sure of a secure system after a breach is to do a fresh install. Other words you have no way of knowing what files the intruder could have changed. About 99% if Linux breaches occur becuase of weak passwords.
You're probably right. I haven't seen anything suspicious in the user log but that wouldn't mean anything either.
You can probably google the newest kernel. For F8 it's 2.6.23-107 or something like that. All you need is the RPM for it and install it with rpm -ivh kernel-2.6.23-107.rpm (use whatever the actual name of the RPM is there). Then it should uninstall the previous kernel and install the new one. Refer to the manual just make sure you use the correct switches.
There shouldn't be any dependencies for a new kernel, but generally you want to update everything when updating the kernel.
.....Then it should uninstall the previous kernel and install the new one. Refer to the manual just make sure you use the correct switches.
One thing I want to do is to preserve the old kernel and be able to revert back to it if the new kernel barfs for some reason. I don't want to overwrite my old kernel. How would I accomplish this?
My understanding is either kernel can be launched just by selection from LILO or GRUB.
Is there a web page anywhere that contains this procedure? I tried looking for it but I probably didn't use the right keywords on Google. At least I would think this would be a common reference.
Is there a special reason for installing specific kernels from RPM?
In a normal I would use yum to install the current kernel package and in case of need kernel-devel as well. Yum will always keep the previous kernel available within /boot, and if you want to keep even older kernels, than backup your /boot directory before updating kernels.
You also might want to have a look at /boot/grub/grub.conf to adjust the settings - most likely to define which kernel to startup at default.
Is there a special reason for installing specific kernels from RPM?
In a normal I would use yum to install the current kernel package and in case of need kernel-devel as well. Yum will always keep the previous kernel available within /boot, and if you want to keep even older kernels, than backup your /boot directory before updating kernels.
Well, I need specific RPM files because none of my Linux boxes have direct Internet access. Yum wouldn't do anything for me. I'd have to download the files of interest to my WinXP machine, transfer them to the Linux boxes via LAN, and run RPM manually.
You must find the appropriate place to download new kernel packages from. Maybe you have already done so, otherwise the homepage of your distribution is where you should start. Or search on sites like rpmfind.net, rpm.pbone.net, etc.
Installing with RPM will not remove previous kernel versions when installing new ones, you can as such have all versions you want to keep.
Install like this (as root):
# rpm -Uvh <kernelpackage>
On RedHat/Fedora systems, and probably other distributions as well, a 'firstboot' flag is set after installing a kernel: if your new kernel fails to boot properly, than your next boot will use the previous kernel again.
This is done by switching the 'default=' value in /boot/grub/grub.conf between the index number of the new kernel and the previous one. Index numbering starts from 0 and refers to the list of kernels in the same file, which is something like:
Well, I need specific RPM files because none of my Linux boxes have direct Internet access. Yum wouldn't do anything for me. I'd have to download the files of interest to my WinXP machine, transfer them to the Linux boxes via LAN, and run RPM manually.
Tom D.
Just an off beat question but why can't you just connect your Linux box to the internet?
You can use the " yum localinstall" command. Have a look at "man yum".
Save yourself a lot of headaches and pick up a cheap router and just hook your linux boxes to the internet. Even if it is just plugged in for the updates (and unplugged otherwise), it will be well worth the $20 you will spend on the router.
Just an off beat question but why can't you just connect your Linux box to the internet?
I use dial-up with Netscape. They have ISP software for Windows but not Linux. (Hmmm -- I haven't checked lately -- perhaps I should take another glance at their website.)
However I am looking at cable Internet down the road when I get the LAN and WLAN security nailed down.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.