Update kernel with system encryption, issues?
Where there is a system encrypted setup, i.e. a seperate /boot and the remainder under an encrypted LVM _or_ ordinary luks, what issues or steps need to be addressed when doing a kernel update?
That is, the distro packager finds an updated kernel for the installation. Some distros use an 'initrd'/'initramfs' for the initial bootstrap, so would it just be the case of manually using the tool(s) to re-build those? Would some distros do this automatically? I know I've kept this distro-neutral but I'd like to know what general hints there are with this, thanks. |
It is all automatic... if you use the package manager in *buntu, Fedora, Debian, Sabayon, Mandriva, OpenSuse, Mint ...or any other distro
|
If you're updating your kernel from the distribution, definitely no additional actions.
If you're updating on your own, IMO there shouldn't be any, either. |
ok thanks both
|
Let me put it a little bit more drastically: do not seek to "update the kernel" apart from the published package-updates provided by your chosen distro. Determine what paths are made available to you by the distro, and choose one. Do not deviate in any way from their proscribed paths.
|
Hi, about:
sundialsvcs "Let me put it a little bit more drastically: do not seek to "update the kernel" apart from the published package-updates provided by your chosen distro. Determine what paths are made available to you by the distro, and choose one. Do not deviate in any way from their proscribed paths." I was going to post a new thread about a different update query that did _not_ involve encryption, so in light of your "drastic"... :) If a distro moves onto the next major version and no longer provides updates particularly for the kernel, what can one do if one wants to keep the older version for a while but some programs or feature or security needs a later kernel? I know it might depend on the actual distro but what about getting the kernel source from the repo of the newer version? I ask that because the distros tweak the code relevant to their own M.O. (modus operandi) and yes I know about libraries, but there would still be underlying specifics wrt the older version I imagine. I take from your post that just getting a fresh recent kernel source from kernel.org is a no-no |
All times are GMT -5. The time now is 12:56 AM. |