-   Debian (
-   -   Grub - fallback option? (

coralsaw 12-19-2005 04:34 AM

Grub - fallback option?
Hello all,

Debian newbie here, long-time Gentoo user.

I'm having this following problem, while setting up a machine that will be administered remotely. The basic requirement is to have a stable minimal complete fallback system that gives me ssh access, no matter what.

So far I've installed 3.1 stable (sarge) with X11 and KDE for the full installation and a minimal sarge installation on a different partition. So far so good, both work as designed.

What I'm now trying to do is to have grub fallback to the minimal installation, and here lies the problem. In another distribution, I'd have used the 'fallback' mechanism of grub to always boot the minimal installation, even if by mistake I screw up the full system. Not so in Debian, I believe, since the 'update-grub' script automagically creates new kernel entries after each patch, so I'm worried my hand-crafted grub menu.lst will be overwritten. I don't want to hack the script (don't know enough about Debian yet).

What are my options? Is there a standard solution for a bullet-proof fallback system that only offers remote access?

My last option is to create a grub floppy and use that to boot the minimal install, but I'd rather not do that.

Any ideas?



m_yates 12-19-2005 11:24 AM

If you want to prevent grub from being changed when a kernel is upgraded, then set apt so that the kernel is never upgraded. Create a preferences file:

nano /etc/apt/preferences
and put your kernel at a priority of 1001, so that it is never upgraded. For example, my preferences file has:

Package: xserver-xorg-driver-via
Pin: version 0.1.32-1
Pin-Priority: 1001

to prevent my via driver from being upgraded because upgrading breaks my display. You would need to do the same thing for your specific kernel version. More details on pinning packages here:

coralsaw 12-20-2005 03:58 AM

Thx m_yates, that's quite useful. One followup question, if I may.

If I pin the kernel, I suspect that any security updates won't be applied when apt-get upgrading. Am I correct? If so, how do I update the kernel without grub configuration being overwritten, manually with apt-get?


nx5000 12-20-2005 07:46 AM

You could modify /etc/kernel-img.conf by removing the call to update-grub.
Update-grub should not be called anymore

coralsaw 12-20-2005 08:29 AM

Is it safe to do so? When does this file get updated?

nx5000 12-20-2005 08:55 AM

Is it safe?

Well, it's just removing a post-inst script after all :)
update-grub will not be launched...
To be honest, I've not yet tried it but the line is empty now because I don't like what update-grub is doing everytime and I wan't to control it for my next install

When is it updated?

It is part of kernel-package so everytime this will be updated and you ask to take the file of the maintainer then this file will be overwritten to its default content.. you can restrict to never install update of this package or ask to keep this file intact

You can do a lot of things with this entry, have a look at /usr/share/doc/kernel-package/examples

m_yates 12-20-2005 09:15 AM


Originally Posted by nx5000
You could modify /etc/kernel-img.conf by removing the call to update-grub.
Update-grub should not be called anymore

Thanks! I learn something new every day. I hate the way grub is automatically overwritten and manually go in and change it any time the kernel is updated or installed. I'll give your suggestion a try.

nx5000 12-21-2005 03:24 AM

Funny the kernel-package has been updated today on unstable...

Ruben2 12-21-2005 06:45 AM

As far as I know update-grub only affects a small part of the menu.lst file. I can safly install new kernels and run update-grub without affecting my personal changes to the file (WinXP was added during install, and I set it as default boot system)
If I remember correct (I'm not at home now so I can't check) menu.lst contains lines that are something like

#Start of Debian generated menu
#end of Debian generated menu

It's not exactly that but something in that direction.
If you add/remove/edit thing that are not between those lines, nothing will be changed when running update-grub :)

nx5000 12-21-2005 07:07 AM

Yes thats right, you could have :

default                0

title                Debian GNU/Linux, kernel latest
root                (hd0,2)
kernel                /boot/vmlinuz-last root=/dev/hda3 ro
initrd                /boot/initrd.img-last


blablah generated by update-grub


Then the vmlinuz-last would never been touched, and with default set to 0 , you would always boot on vmlinuz-last ( which could be linked to the last vmlinuz , done in a script in kernel-img.conf)

But for my machine, it still puts a lot of useless things between ###BEGIN ###END
Like recovery blocks (as I have 5 different kernels, it makes me 10 lines!) I don't need this recovery ones, if something goes wrong , I edit the line and boot . For this problem I maybe have to configure something in menu.lst but have not really searched..
Also in my previous example, it would still add /boot/vmlinuz-last between the ### marks, the result is I have 2 identical blocks.
At least, it should look for the user-defined blocks and not regenerate a block for the same kernel..

All times are GMT -5. The time now is 11:29 AM.