Upgrading kernel in CentOS

A piece of cake for sysadmins. A old tutorial, I wrote, but pasting now, in case it helps someone in any way.

Make sure that you have enough space for your kernel in /boot before you install the new kernel. At least 15 MB!!

Why should I update the kernel ?
================================

Three reasons mainly,

1) For better driver support
2) For better performance, stability and reliability.
3) For security reasons.

The default kernels coming with OS version less than CentOS 4.3 and CentOS 3.7 are exploitable. For the details of CentOS 4 bugs, refer (CentOS = Free RHEL)

https://rhn.redhat.com/errata/RHSA-2006-0617.html
http://www.securityfocus.com/bid/18992/info
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3745

How do I know my current kernel version installed
=================================================

1) Login to server as user root and issue the command `uname -r`

OR

2) `rpm -q kernel` command issued as root, will return all the types and versions of kernels installed on your server.

Which is my boot loader - LILO or GRUB ?
=======================================

How do I know whether my bootloader is grub or lilo ?

Unless you specifically changed the bootloader, it is GRUB by default on most of newer RPM based OS, like CentOS 3.x , CentOS 4.x, RHEL. Though this question was unnecessary since then, for those who have played with installing both lilo and grub on your servers may have some doubt on the present bootloader.

Assuming you installed the bootloader to the MBR and your harddisk is /dev/hda,
you could run (as root):

dd if=/dev/hda bs=512 count=1 2>&1 | grep GRUB
if = Input File (Everything in a UNIX system is a file!!! even harddisk :-), ofcourse with a few exceptions)
bs = bytes
count = 1st block

If this returns:

Binary file (standard input) matches

then you're using GRUB. (Basically you're just searching the MBR to see if the word 'GRUB' shows up inside.) If it doesn't say anything, then you're not using GRUB and instead LILO. You may need to confirm that by 'grep LILO' instead.

You can identify the device name from fdisk -l command. Device name will be /dev/hd[a-h] for IDE disks, /dev/sd[a-p] for SCSI disks. My desktop, shows the fdisk -l output as below, which means my device name would be /dev/hdc and for knowing the bootloader, I would actually issue the command listed below.

Disk /dev/hdc: 60.0 GB, 60011642880 bytes
255 heads, 63 sectors/track, 7296 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes ...o/p continued

dd if=/dev/hdc bs=512 count=1 2>&1 | grep GRUB

Where do I get the latest RedHat kernels ?
===========================================

There are a few places where you can get the later versions.

http://people.redhat.com/~jbaron/rhel4/RPMS.kernel/

The above URL is updated even before, the repositories of CentOS are updated.

http://mirror.centos.org/
http://www.centos.org/modules/tinycontent/index.php?id=13

Before proceeding further, you have to detemine the OS version by login to server via ssh and issuing the command

cat /etc/redhat-release

If the output of command is CentOS release 3.x (Final) , then you have to descend to the directory centos-3 and then the correct 3.x directory. (x can be 5, 6 or 7 depending on the version available at the time of your order)

Again, if the output is CentOS release 4.x (Final), then you have to click the centos-4 directory and once inside, proceed to appropriate versions, depending on value of x in 4.x.

Entering the updates/i386/RPMS/ directory , you will see lots of rpms alphabetically ordered. Look for kernel RPMs and you will see lots of RPMs, as below

for CentOS release 4.x (Final) OSes, inside the http://mirror.centos.org/centos-4/4.3/updates/i386/RPMS/

kernel-2.6.9-34.0.1.EL.i586.rpm 24-May-2006 17:29 10M
kernel-2.6.9-34.0.1.EL.i686.rpm 24-May-2006 17:15 10M
kernel-2.6.9-34.0.2.EL.i586.rpm 07-Jul-2006 22:26 10M
kernel-2.6.9-34.0.2.EL.i686.rpm 07-Jul-2006 22:27 10M
kernel-2.6.9-42.0.2.EL.i586.rpm 23-Aug-2006 05:01 11M
kernel-2.6.9-42.0.2.EL.i686.rpm 23-Aug-2006 05:03 11M
kernel-2.6.9-42.EL.i586.rpm 12-Aug-2006 13:05 11M
kernel-2.6.9-42.EL.i686.rpm 12-Aug-2006 13:06 11M


and it repeats for kernel-devel, kernel-hugemem, kernel-smp and kernel-doc directories.

It is the highest numbered kernel which is of interest to us. You may also look
at the timestamps, the latest kernel in the list is that uploaded on 23-Aug-2006, kernel-2.6.9-42.0.2.EL.i686.rpm.

Now the question which is the architecture, you should choose. 99.99%, it is the i686 rpm. A output of the command 'uname -a' will show the architectures supported like,


Linux cookie.cuckoos.com 2.6.9-34.0.1.EL #1 Wed May 24 07:40:56 CDT 2006 i686 i686 i386 GNU/Linux


Time to Upgrade
==============

I now know which is the RPM to be downloaded (here, kernel-2.6.9-42.0.2.EL.i686.rpm). I have downloaded it using wget using the command

cd /usr/src/redhat
wget -c http://mirror.centos.org/centos-4/4.3/updates/i386/RPMS/kernel-2.6.9-42.0.2.EL.i686.rpm
rpm -ivh kernel-2.6.9-42.0.2.EL.i686.rpm

Use the -i argument with the rpm command to keep the old kernel. If the -U option is used to upgrade the kernel package, it will overwrite the currently installed kernel.

If the system is a multi-processor system, install the kernel-smp packages as well



cd /usr/src/redhat/
wget -c http://mirror.centos.org/centos-4/4.3/updates/i386/RPMS/kernel-smp-2.6.9-42.0.2.EL.i686.rpm
rpm -ivh kernel-smp-2.6.9-42.0.2.EL.i686.rpm


Configuring the BootLoader (GRUB)
================================

On installing the kernel rpm, (using -ivh option), it configures the GRUB boot loader to boot the newly installed kernel. However, it does not configure the boot loader to boot the new kernel by default. If you have used rpm -Uvh, option instead of ivh, it will configure the bootloader config, at /boot/grub/grub.conf (a symlink/shortcut from /etc/grub.conf also exists) to boot the new kernel as well.

Now open up the file /boot/grub/grub.conf in your favorite editor and confirm that it contains a title section with the same version as the kernel package just
installed, like that of below



# Note that you do not have to rerun grub after making changes to this file
# NOTICE: You have a /boot partition. This means that
# all kernel and initrd paths are relative to /boot/, eg.
# root (hd0,0)
# kernel /vmlinuz-version ro root=/dev/sda3
# initrd /initrd-version.img
#boot=/dev/sda
default=1
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title CentOS (2.6.9-42.0.2.EL)
root (hd0,0)
kernel /vmlinuz-2.6.9-42.0.2.EL ro root=LABEL=/
initrd /initrd-2.6.9-42.0.2.EL.img
title CentOS (2.6.9-34.0.2.EL)
root (hd0,0)
kernel /vmlinuz-2.6.9-34.0.2.EL ro root=LABEL=/
initrd /initrd-2.6.9-34.0.2.EL.img



If you don't have a separate /boot partition, the paths to the kernel and initrd image are relative to the / partition, like kernel /boot/vmlinuz-2.6.9-42.0.2.EL ro root=LABEL=/

Notice that the default is not set to the new kernel. To configure GRUB to boot
the new kernel by default, change the value of the default variable to the title section number for the title section that contains the new kernel. The count starts with 0. For example, if the new kernel is the second title section, set default to 1. However in our case, it is the first title and the default must be changed to 0.

Cross your fingers and reboot. If it's all good, it will come back.

FailSafe mode
=============

Since the kernel upgradation is via RPM, you dont have to worry about the boot failure. Still mentioning the grub's failsafe feature. Though Grub don't have a perfect failsafe boot mechanism as lilo, you can use it's 'failsafe' feature for
booting the newly installed kernel for once and editing grub.conf after successful reboot. And in case the newly installed kernel doesn't come back, we can simply remote reboot the server and it will boot back to the default kernel as in grub.conf


[root@server ~]# grub

Screen will get refreshed and you will get grub shell as below



GNU GRUB version 0.95 (640K lower / 3072K upper memory)

[ Minimal BASH-like line editing is supported. For the first word, TAB lists possible command completions. Anywhere else TAB lists the possible completions of a device/filename.]

grub>

In the grub shell, enter these
grub> savedefault --default=0 --once
grub> quit


--default=0 is the first title, default=1 is the second title and so on as explained earlier.

Once the server is successfully rebooted, login and then do a 'uname -a' to make sure that the new kernel is loaded and if it did, edit the grub.conf and make the newly installed kernel as default.