#!/bin/sh
-
set -e
-
-# Author: Steve Langasek <steve.langasek@canonical.com>
-#
# Mark as not-for-autoremoval those kernel packages that are:
# - the currently booted version
# - the kernel version we've been called for
-# - the latest kernel version (determined using rules copied from the grub
-# package for deciding which kernel to boot)
-# - the second-latest kernel version, if the booted kernel version is
-# already the latest and this script is called for that same version,
-# to ensure a fallback remains available in the event the newly-installed
-# kernel at this ABI fails to boot
-# In the common case, this results in exactly two kernels saved, but it can
-# result in three kernels being saved. It's better to err on the side of
-# saving too many kernels than saving too few.
+# - the latest kernel version (as determined by debian version number)
+# - the second-latest kernel version
#
-# We generate this list and save it to /etc/apt/apt.conf.d instead of marking
-# packages in the database because this runs from a postinst script, and apt
-# will overwrite the db when it exits.
-
-config_file=/etc/apt/apt.conf.d/01autoremove-kernels
+# In the common case this results in two kernels saved (booted into the
+# second-latest kernel, we install the latest kernel in an upgrade), but
+# can save up to four. Kernel refers here to a distinct release, which can
+# potentially be installed in multiple flavours counting as one kernel.
-installed_version="$1"
-running_version="$(uname -r)"
+eval $(apt-config shell APT_CONF_D Dir::Etc::parts/d)
+test -n "${APT_CONF_D}" || APT_CONF_D="/etc/apt/apt.conf.d"
+config_file="${APT_CONF_D}/01autoremove-kernels"
+eval $(apt-config shell DPKG Dir::bin::dpkg/f)
+test -n "$DPKG" || DPKG="/usr/bin/dpkg"
-version_test_gt ()
-{
- local version_test_gt_sedexp="s/[._-]\(pre\|rc\|test\|git\|old\|trunk\)/~\1/g"
- local version_a="`echo "$1" | sed -e "$version_test_gt_sedexp"`"
- local version_b="`echo "$2" | sed -e "$version_test_gt_sedexp"`"
- dpkg --compare-versions "$version_a" gt "$version_b"
- return "$?"
-}
-
-list=$(dpkg -l 'linux-image-[0-9]*'|awk '/^ii/ { print $2 }' | sed -e's/linux-image-//')
+list="$("${DPKG}" -l | awk '/^[ih][^nc][ ]+(linux|kfreebsd|gnumach)-image-[0-9]+\./ && $2 !~ /-dbg(:.*)?$/ && $2 !~ /-dbgsym(:.*)?$/ { print $2,$3; }' \
+ | sed -e 's#^\(linux\|kfreebsd\|gnumach\)-image-##' -e 's#:[^:]\+ # #')"
+debverlist="$(echo "$list" | cut -d' ' -f 2 | sort --unique --reverse --version-sort)"
-latest_version=""
-previous_version=""
-for i in $list; do
- if version_test_gt "$i" "$latest_version"; then
- previous_version="$latest_version"
- latest_version="$i"
- elif version_test_gt "$i" "$previous_version"; then
- previous_version="$i"
- fi
-done
-
-if [ "$latest_version" != "$installed_version" ] \
- || [ "$latest_version" != "$running_version" ] \
- || [ "$installed_version" != "$running_version" ]
-then
- # We have at least two kernels that we have reason to think the
- # user wants, so don't save the second-newest version.
- previous_version=
+if [ -n "$1" ]; then
+ installed_version="$(echo "$list" | awk "\$1 == \"$1\" { print \$2;exit; }")"
+fi
+unamer="$(uname -r)"
+if [ -n "$unamer" ]; then
+ running_version="$(echo "$list" | awk "\$1 == \"$unamer\" { print \$2;exit; }")"
fi
+latest_version="$(echo "$debverlist" | sed -n 1p)"
+previous_version="$(echo "$debverlist" | sed -n 2p)"
-kernels=$(sort -u <<EOF
-$latest_version
+debkernels="$(echo "$latest_version
$installed_version
$running_version
-$previous_version
-EOF
-)
+$previous_version" | sort -u | sed -e '/^$/ d')"
+kernels="$( (echo "$1
+$unamer"; for deb in $debkernels; do echo "$list" | awk "\$2 == \"$deb\" { print \$1; }"; done; ) \
+ | sed -e 's#\([\.\+]\)#\\\1#g' -e '/^$/ d' | sort -u)"
-cat > "$config_file".dpkg-new <<EOF
-# File autogenerated by $0, do not edit
-APT
+generateconfig() {
+ cat <<EOF
+// DO NOT EDIT! File autogenerated by $0
+APT::NeverAutoRemove
{
- NeverAutoRemove
- {
EOF
-for kernel in $kernels; do
- echo " \"^linux-image-$kernel.*\";" >> "$config_file".dpkg-new
- echo " \"^linux-image-extra-$kernel.*\";" >> "$config_file".dpkg-new
- echo " \"^linux-signed-image-$kernel.*\";" >> "$config_file".dpkg-new
-done
-cat >> "$config_file".dpkg-new <<EOF
- };
-};
+ for package in $(apt-config dump --no-empty --format '%v%n' 'APT::VersionedKernelPackages'); do
+ for kernel in $kernels; do
+ echo " \"^${package}-${kernel}$\";"
+ done
+ done
+ echo '};'
+ if [ "${APT_AUTO_REMOVAL_KERNELS_DEBUG:-true}" = 'true' ]; then
+ cat <<EOF
+/* Debug information:
+# dpkg list:
+$(dpkg -l | grep '\(linux\|kfreebsd\|gnumach\)-image-')
+# list of installed kernel packages:
+$list
+# list of different kernel versions:
+$debverlist
+# Installing kernel: $installed_version ($1)
+# Running kernel: $running_version ($unamer)
+# Last kernel: $latest_version
+# Previous kernel: $previous_version
+# Kernel versions list to keep:
+$debkernels
+# Kernel packages (version part) to protect:
+$kernels
+*/
EOF
-mv "$config_file".dpkg-new "$config_file"
+ fi
+}
+generateconfig "$@" > "${config_file}.dpkg-new"
+mv -f "${config_file}.dpkg-new" "$config_file"
+chmod 444 "$config_file"