LVM installs and encrypted installs use a separate /boot partition. The partition by default is capable of holding only four or five kernels, and can fill to capacity quickly. To prevent your /boot partition from getting full, you need to configure automatic removal of old kernels, or manually remove old kernels regularly.

Changing the kernel providing packages on your system requires commands with root access, so please read RootSudo.

Regular Maintenance

Removing old kernels is easy to do on a system with sufficient free space in your root parition or separate boot partition. You can remove them manually, or configure unattended-upgrades to do it automatically. If you receive or have received an error from a package management tool, manual removal may not work until the problem is fixed. See Problems section.

Manual Maintenance

Using Apt

You can remove old kernels with a simple autoremove command in a terminal:

sudo apt-get autoremove --purge

Note: In Ubuntu 14.04, because of Bug #1439769 this works only, if you have installed security updates automatically, and not manually by e.g. Software Updater, see in this section on how to configure it.

The packages to remove are determined based in part on whether the package is marked as manually or automatically installed. You can check if a kernel providing package is marked as automatically installed using this command in a terminal:

apt-mark showauto | grep linux-image

or to see if it is marked as manually installed:

apt-mark showmanual | grep linux-image

In the event some kernel providing packages are marked as manual (possibly because they were installed via 'apt-get') and you want them autoremoved, you can change the status of the package using apt-mark auto and the package name. Example:

apt-mark auto linux-image-4.12.0-12-generic linux-image-extra-4.12.0-12-generic

Note: apt-get autoremove will not remove all automatically installed old kernel providing packages as fallback versions are kept; the list of kept kernels is maintained and automatically updated in the file /etc/apt/apt.conf.d/01autoremove-kernels as a list of matching regular expressions.

Other Methods

If you want to remove one specific kernel providing package you can do so via the following command in a terminal:

sudo apt-get remove linux-image-4.12.0-12-generic

This will also remove the corresponding linux-image-extra package if it is installed e.g. linux-image-extra-4.12.0-12-generic.

There is an unofficial script for purging kernels; it is called linux-purge.

If you just need to purge kernels selectively, you may benefit from this answer also with unofficial code.

Automatic Maintenance

The unattended-upgrades package, included with the default install of all Ubuntu flavors, includes a feature to remove unused packages automatically. Enabling this feature is a two-step process in Ubuntu 14.04.

Enable Unattended Upgrades (Ubuntu 14.04)

In Ubuntu 16.04 and later unattended-upgrades is enabled by default, however in Ubuntu 14.04 you will need to enable it either via the GUI or a command-line.

GUI Way

Enable unattended upgrades using Software & Updates application's "Updates" tab:

  • Check the box for *-security (and/or any other repositories you wish)
  • Automatically check for updates: Set to any frequency (except 'Never')
  • When there are security updates: Set to Download and Install Automatically

Shell Way

sudo dpkg-reconfigure -plow unattended-upgrades

By default this installs available security updates every day. If you want to change which sort of packages it will upgrade (if any), or how often, see here for details.

Configure Unattended Upgrades to Remove Unneeded Kernels Automatically

Note: The following methods will only remove kernels that are marked as being automatically installed as described above. In Ubuntu 16.04 kernels installed by Software Updater are marked as being automatically installed. In Ubuntu 14.04 only kernels installed by unattended-upgrades are marked as being automatically installed. See bug #1439769 for details.

Note: This way will not remove all automatically installed old kernel providing packages as fallback versions are kept; the list of kept kernels is maintained and automatically updated in the file /etc/apt/apt.conf.d/01autoremove-kernels as a list of matching regular expressions.

The second step is to edit the configuration file /etc/apt/apt.conf.d/50unattended-upgrades to enable automatic removal. It's owned by root, so remember to use sudo!

Option for All Ubuntu Releases

The following setting configures unattended-upgrade to remove unused dependencies after an unattended upgrade.

Make sure /etc/apt/apt.conf.d/50unattended-upgrades contains line

Unattended-Upgrade::Remove-Unused-Dependencies "true";

and that it is not commented out. Comments start with '//' in this file.

Thereafter unattended-upgrades will remove automatically remove packages providing old kernels as part of unattended upgrade. (It does not purge them, however.) It also removes other unneeded packages, as well.

Option for Ubuntu 16.04 and newer

Unattended-upgrades version 0.90 supports a new configuration variable that makes it possible to automatically remove only packages that become excessive during a run of unattended-upgrades. It is enabled i.e. "true" by default, so make sure /etc/apt/apt.conf.d/50unattended-upgrades does not contain:

Unattended-Upgrade::Remove-New-Unused-Dependencies "false"

The way this is designed, it is important that you let unattended-upgrades handle installion of security updates. Otherwise unattended-uprades will not remove old kernels and you may have to do some manual removing of kernels.

Problems

If your package management is broken, or if regular maintenance above is not working, any of several problems may have occurred. You may be out of storage space, or you may have a package version mismatch, or you may have another problem.

Safely Removing Old Kernels

For users of LVM systems, encrypted systems or limited-storage systems, the most frequent problem is that the /boot partition is simply full. The package manager cannot install a pending upgrade due to lack of space. Addiitionally, apt-get can not remove a package due to broken dependency.

This problem can be fixed from the shell: by manually remvoing one or two old kernels, we can provide the package manager enough space to install the queued upgrade.

First remove any leftover temporary files from previous kernel updates.

$ sudo rm -rv ${TMPDIR:-/var/tmp}/mkinitramfs-*

Determine the version number of the currently running kernel, which you DO NOT want to remove.

$ uname -r
4.2.0-21-generic

List all the kernels, including the booted one (4.2.0-21-generic in this example), in the package database and their statuses.

$ dpkg -l | tail -n +6 | grep -E 'linux-image-[0-9]+'

rc  linux-image-4.2.0-14-generic  ## The oldest kernel in the database
                                  ## Status 'rc' means it's already been removed
ii  linux-image-4.2.0-15-generic  ## The oldest installed kernel. Removable.
                                  ## Status 'ii' means Installed.
ii  linux-image-4.2.0-16-generic  ## Another old installed kernel. Removable.
ii  linux-image-4.2.0-18-generic  ## Another old installed kernel. Removalbe.
ii  linux-image-4.2.0-19-generic  ## The previous good kernel. Keep.
ii  linux-image-4.2.0-21-generic  ## Same version as 'uname -r', package for the current kernel. DO NOT REMOVE.
iU  linux-image-4.2.0-22-generic  ## DO NOT REMOVE. Status 'iU' means it's not installed,
                                  ## but queued for install in apt.
                                  ## This is the package we want apt to install.

To free space in /boot we'll remove an initrd.img file for an old kernel manually, this is necessary due to a kenel packaging bug.

$ sudo update-initramfs -d -k 4.2.0-15-generic

Now we'll use dpkg to remove the kernel packages for the old kernel:

$ sudo dpkg --purge linux-image-4.2.0-15-generic linux-image-extra-4.2.0-15-generic
                                  ## If the previous command fails, some installed package
                                  ## depends on the kernel. The output of dpkg displays the name
                                  ## of the package. Purge it first.

Finally, we will fix the package installation process that previously failed.

$ sudo apt-get -f install         ## Try to fix the broken dependency.

If the last command works without an error, continue to chapter Manual Maintenance to remove more kernels. Otherwise, if the last command still failed due to insufficient disk space in /boot, you have to purge another kernel (e.g. linux-image-4.2.0-16-generic) same way.

Unmet Dependency Errors

If you have ignored apt and dpkg errors for a while, then some packages may have upgraded while others did not. This is an expected follow-on effect. You will see mysterious, persistent version errors upon normal upgrades.

The simple way to fix most version mismatch errors is to update the package database, clean out the package cache, and download-and-reinstall the newer version of the offending package.

This is easier than it sounds. For example, if the 'hello' package is one of those unmet dependencies:

$ sudo apt-get update                      ## Update the package database
$ sudo apt-get clean hello                 ## Delete the hello package from the local cache
$ sudo apt-get install --reinstall hello   ## Download and reinstall the latest version of hello

Oops, Removed All Kernels!

If you got a bit carried away and deleted all the kernels, you fall into the "You did WHAT?!?!" class. You will be pleased to know that you are not the first, nor will be the last, person to do this. Get your LiveCD and head over to GRUB reports no operating system.

RemoveOldKernels (last edited 2017-09-29 21:32:28 by brian-murray)