blog.jphoude.qc.ca

There’s been a local root exploit discovered in the Linux kernel recently, which obliged me to manually compile new kernels on some of my servers. The problem with that : I rarely compile new kernels for these servers, so I’m not sure it will boot at all. Moreover, the servers are located in a datacenter I can’t access easily, so manually choosing the kernel in the grub boot menu is not an option. Fortunately, grub provides a feature to help with that.

The grub manual provides some information about fallback options : http://www.gnu.org/software/grub/manual/html_node/Booting-fallback-systems.html . Unfortunately, I didn’t manage to make this work (one command it refers, grub-set-default, doesn’t even exist in Fedora/CentOS). The options described in the manual are also a bit too complicated for my needs.

What I really need is the ability to boot into a new kernel, and in case it’s doesn’t boot correctly, I should be able to reset the server (using a remote power switch), and the old (working) kernel should come up instead of the new one. Well, the “savedefault” command of grub does just that!

All you have to do is enter the grub console by typing “grub” at the command line. Then enter the following command :

savedefault --default=1 --once
quit

The default option specify which kernel should be loaded (1 is the second kernel listed in grub.conf). The –once parameter is important. It tells grub to use this settings just one time (otherwise, it won’t work, grub will just boot the default kernel from grub.conf).

Be sure to set the “default=0″ option in /etc/grub.conf to a “safe” kernel. (Of course, if your old kernel is not the first entry, change the “0″ accordingly)

That’s it! Just reboot the server, it will boot on kernel “1″ (the one from the savedefault command). If it works, edit grub.conf to set this kernel as the default. If it doesn’t work, reset the server, and grub will boot on the default kernel.

Tags: centos, grub, kernel, linux

This entry was posted on Friday, February 15th, 2008 at 5:15 pm and is filed under sysadmin. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.