[BlueOnyx:21648] Re: Aventurin{e} 6108R & BlueOnyx: Sceptre / Meltdown and Kernels
Simone Capra
capra at erweb.it
Sun Jan 7 18:27:52 -05 2018
Thank you Michael!
I am having a problem with three boxes that are 6106R upgraded to 6108R.
I cannot see the updated kernel even after a complete yum clean/update!
When i do:
# cat /boot/grub/grub.conf|grep title
title OpenVZ (2.6.32-042stab127.2)
title OpenVZ (2.6.32-042stab126.2)
title OpenVZ (2.6.32-042stab123.3)
# cat /etc/build
build 20170225 for a 6108R in en_US
# yum clean all
Loaded plugins: blueonyx, protectbase, security
Cleaning repos: Aventurine OS-Templates OS-Updates openvz-kernel-rhel6
openvz-utils sl sl-security
Cleaning up Everything
# yum update
Loaded plugins: blueonyx, protectbase, security
Setting up Update Process
Aventurine | 3.1 kB 00:00
Aventurine/primary_db | 443 kB 00:00
OS-Templates | 2.5 kB 00:00
OS-Templates/primary_db | 13 kB 00:00
OS-Updates | 2.5 kB 00:00
OS-Updates/primary_db | 9.5 kB 00:00
openvz-kernel-rhel6 | 2.8 kB 00:00
openvz-kernel-rhel6/primary_db | 9.1 kB 00:00
openvz-utils | 2.5 kB 00:00
openvz-utils/primary_db | 27 kB 00:00
sl | 3.7 kB 00:00
sl/primary_db | 4.4 MB 00:03
sl-security | 2.9 kB 00:00
sl-security/primary_db | 5.5 MB 00:04
56 packages excluded due to repository protections
No Packages marked for Update
# yum list installed | grep kernel
dracut-kernel.noarch 004-409.el6_8.2 @sl-security/6.3
kernel-headers.x86_64 2.6.32-696.18.7.el6 @sl-security/6.3
vzkernel.x86_64 2.6.32-042stab123.3
@openvz-kernel-rhel6/6.3
vzkernel.x86_64 2.6.32-042stab126.2
@openvz-kernel-rhel6/6.3
vzkernel.x86_64 2.6.32-042stab127.2
@openvz-kernel-rhel6/6.3
vzkernel-firmware.noarch 2.6.32-042stab127.2
@openvz-kernel-rhel6/6.3
I do not find the new kernel ... Maybe i'm getting this problem for the
stab127.2 installed?
THANKS in advance
Simone Capra
Il 06/01/2018 02.46, Michael Stauber ha scritto:
> Hi all,
>
> As you all might be aware from the news of the last few days: Major
> flaws have been uncovered in Intel CPUs and to some degree also in CPUs
> from other manufacturers such as AMD.
>
> All OS vendors and maintainers have rushed to kick Updates out of the
> door that address these vulnerabilities. By this time CentOS and
> Scientific Linux kernel updates are out.
>
> Please make sure that your BlueOnyx servers are fully updated and *also*
> make sure that they are now actually running the latest kernel. This
> might require a reboot so that the updated kernel installed via the last
> YUM update gets put into effect.
>
> You can check this way which kernel you are currently running and what
> the latest kernel used upon boot is:
>
> Current Kernel:
>
> uname -r
>
> Newest installed Kernel:
>
> cat /boot/grub/grub.conf|grep title
>
>
> Aventurin{e} 6108R:
> ====================
>
> Parallels is giving the EL7 kernel a higher priority than the EL6
> kernel. And neither of them is (so far) available to the public. Which
> is far from being ideal.
>
> However: A third party has taken the latest OpenVZ EL6 kernel
> (2.6.32-042stab126.2) and has patched it with the security updates from
> the RedHat 2.6.32-696-18.7 kernel.
>
> I took the SRPM of that third party OpenVZ kernel, examined it and the
> patches and although I am no kernel expert I think this might be OK. At
> least until the time that OpenVZ releases an official OpenVZ 6 kernel
> that fixes the issues in a way that they deem best.
>
> I am running several nodes with the new kernel myself and so far I
> encountered no problems aside from the expected performance impact that
> all of these fixes introduce.
>
> The fixed (unofficial) OpenVZ 6 kernel for Aventurin{e} 6108R is now in
> the OS-Updates YUM repository and has the version number
> 2.6.32-042stab126.666. The latest "bad" kernel (with the security flaws)
> is named 2.6.32-042stab126.2.
>
> As noted above: After the updated Kernel has been installed via "yum
> update" you do need to reboot in order for the new kernel to be put into
> effect.
>
More information about the Blueonyx
mailing list