20 Sep 2009 neurogato   » (Journeyer)

Revert to Standard Ubuntu Kernel on OVH or Kimsufi Servers

I have a cheap dedicated server running Ubuntu Linux with Kimsufi, the budget arm of French hosting company OVH. All their Linux servers (and FreeBSD servers too, I think) are provisioned with their own custom, static kernel. This, they say, makes it “secure”. It also makes it a pain in the ass to use, since you lose kernel module functionality. So I went through this scary, but straightforward process to put the standard Ubuntu kernel back. Note that I did this procedure on their entry level C-05G server, and your mileage may vary dependent on which server you lease from them, and what hardware specification you have (and ergo what kernel drivers you’ll need). Stuff you should type below is in bold type.

First, let’s check what kernel we’re running:


neuro@hera:~$ uname -a
Linux hera 2.6.27.10-grsec-xxxx-grs-ipv4-64 #6 SMP Fri Aug 14 10:29:05 UTC 2009 x86_64 GNU/Linux

Yup, some scary, weird kernel that OVH have compiled and installed themselves — although to be fair, they do provide kernel configs to compile a different variant yourself, but I wanted to use the stock Ubuntu 64-bit kernel.

So after doing sudo apt-get update && sudo apt-get upgrade to make sure everything else is up to date, let’s install the GRUB boot loader, and the stock Ubuntu Server kernel image.


neuro@hera:~$ sudo apt-get install linux-server grub
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following extra packages will be installed:
linux-image-2.6.24-24-server linux-image-server
linux-ubuntu-modules-2.6.24-24-server
Suggested packages:
grub-doc mdadm linux-doc-2.6.24 linux-source-2.6.24
The following NEW packages will be installed
grub linux-image-2.6.24-24-server linux-image-server linux-server
linux-ubuntu-modules-2.6.24-24-server
0 upgraded, 5 newly installed, 0 to remove and 0 not upgraded.
Need to get 24.4MB of archives.
After this operation, 111MB of additional disk space will be used.
Do you want to continue [Y/n]?
Get: 1 ftp://mir1.ovh.net hardy-updates/main grub 0.97-29ubuntu21.1 [871kB]
Get: 2 http://security.ubuntu.com hardy-security/main linux-image-2.6.24-24-server 2.6.24-24.59 [17.8MB]
Get: 3 http://security.ubuntu.com hardy-security/main linux-ubuntu-modules-2.6.24-24-server 2.6.24-24.39 [5671kB]
Get: 4 http://security.ubuntu.com hardy-security/main linux-image-server 2.6.24.24.26 [26.6kB]
Get: 5 http://security.ubuntu.com hardy-security/restricted linux-server 2.6.24.24.26 [26.6kB]
Fetched 24.4MB in 2s (9414kB/s)
Preconfiguring packages ...
Selecting previously deselected package linux-image-2.6.24-24-server.
(Reading database ... 38251 files and directories currently installed.)
Unpacking linux-image-2.6.24-24-server (from .../linux-image-2.6.24-24-server_2.6.24-24.59_amd64.deb) ...
Done.
Selecting previously deselected package linux-ubuntu-modules-2.6.24-24-server.
Unpacking linux-ubuntu-modules-2.6.24-24-server (from .../linux-ubuntu-modules-2.6.24-24-server_2.6.24-24.39_amd64.deb) ...
Selecting previously deselected package grub.
Unpacking grub (from .../grub_0.97-29ubuntu21.1_amd64.deb) ...
Selecting previously deselected package linux-image-server.
Unpacking linux-image-server (from .../linux-image-server_2.6.24.24.26_amd64.deb) ...
Selecting previously deselected package linux-server.
Unpacking linux-server (from .../linux-server_2.6.24.24.26_amd64.deb) ...
Setting up linux-image-2.6.24-24-server (2.6.24-24.59) ...
Running depmod.
update-initramfs: Generating /boot/initrd.img-2.6.24-24-server
Running postinst hook script /sbin/update-grub.
Searching for GRUB installation directory ...
No GRUB directory found. To create a template run 'mkdir /boot/grub' first. To install grub, install it manually or try the 'grub-install' command. ### Warning, grub-install is used to change your MBR. ###

User postinst hook script [/sbin/update-grub] exited with value 1
dpkg: error processing linux-image-2.6.24-24-server (--configure):
subprocess post-installation script returned error exit status 1
dpkg: dependency problems prevent configuration of linux-ubuntu-modules-2.6.24-24-server:
linux-ubuntu-modules-2.6.24-24-server depends on linux-image-2.6.24-24-server; however:
Package linux-image-2.6.24-24-server is not configured yet.
dpkg: error processing linux-ubuntu-modules-2.6.24-24-server (--configure):
dependency problems - leaving unconfigured
Setting up grub (0.97-29ubuntu21.1) ...

dpkg: dependency problems prevent configuration of linux-image-server:
linux-image-server depends on linux-image-2.6.24-24-server; however:
Package linux-image-2.6.24-24-server is not configured yet.
linux-image-server depends on linux-ubuntu-modules-2.6.24-24-server; however:
Package linux-ubuntu-modules-2.6.24-24-server is not configured yet.
dpkg: error processing linux-image-server (--configure):
dependency problems - leaving unconfigured
dpkg: dependency problems prevent configuration of linux-server:
linux-server depends on linux-image-server (= 2.6.24.24.26); however:
Package linux-image-server is not configured yet.
dpkg: error processing linux-server (--configure):
dependency problems - leaving unconfigured
Errors were encountered while processing:
linux-image-2.6.24-24-server
linux-ubuntu-modules-2.6.24-24-server
linux-image-server
linux-server
E: Sub-process /usr/bin/dpkg returned an error code (1)

OK, that didn’t look so good, but it’s all right. Now, we’ll fix the problem that GRUB was complaining about, then complete the install.


neuro@hera:~$ sudo mkdir /boot/grub
neuro@hera:~$ sudo apt-get install grub
Reading package lists... Done
Building dependency tree
Reading state information... Done
grub is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
4 not fully installed or removed.
After this operation, 0B of additional disk space will be used.
Setting up linux-image-2.6.24-24-server (2.6.24-24.59) ...
Running depmod.
update-initramfs: Generating /boot/initrd.img-2.6.24-24-server
Running postinst hook script /sbin/update-grub.
Searching for GRUB installation directory ... found: /boot/grub
Searching for default file ... Generating /boot/grub/default file and setting the default boot entry to 0
Searching for GRUB installation directory ... found: /boot/grub
Testing for an existing GRUB menu.lst file ...

Could not find /boot/grub/menu.lst file. Would you like /boot/grub/menu.lst generated for you? (y/N) y
Searching for splash image ... none found, skipping ...
Found kernel: /boot/vmlinuz-2.6.24-24-server
Updating /boot/grub/menu.lst ... done

Setting up linux-ubuntu-modules-2.6.24-24-server (2.6.24-24.39) ...
update-initramfs: Generating /boot/initrd.img-2.6.24-24-server

Setting up linux-image-server (2.6.24.24.26) ...
Setting up linux-server (2.6.24.24.26) ...

And that’s that part fixed! Now we just need to configure GRUB to point in the right direction, and install it to the MBR (Master Boot Record).


neuro@hera:~$ sudo grub-install --recheck --root-directory=/ /dev/sda
Probing devices to guess BIOS drives. This may take a long time.
Installing GRUB to /dev/sda as (hd0)...
Installation finished. No error reported.
This is the contents of the device map //boot/grub/device.map.
Check if this is correct or not. If any of the lines is incorrect,
fix it and re-run the script `grub-install'.

(fd0) /dev/fd0
(hd0) /dev/sda
neuro@hera:~$ sudo grub
Probing devices to guess BIOS drives. This may take a long time.

[ Minimal BASH-like line editing is supported. For
the first word, TAB lists possible command
completions. Anywhere else TAB lists the possible
completions of a device/filename. ]
grub> root (hd0,0)
root (hd0,0)
grub> find /boot/grub/stage2
find /boot/grub/stage2
(hd0,0)
grub> setup (hd0)
setup (hd0)
Checking if "/boot/grub/stage1" exists... yes
Checking if "/boot/grub/stage2" exists... yes
Checking if "/boot/grub/e2fs_stage1_5" exists... yes
Running "embed /boot/grub/e2fs_stage1_5 (hd0)"... 16 sectors are embedded.
succeeded
Running "install /boot/grub/stage1 (hd0) (hd0)1+16 p (hd0,0)/boot/grub/stage2 /boot/grub/menu.lst"... succeeded
Done.
grub> quit
quit

… and now both kernel and bootloader are installed. Time for the scary part. From another machine, ping the server (if you’re running Windows, and pinging from the command prompt, use ping -t instead of just ping to continuously ping rather than just try 5 times; press Ctrl+C to cancel the ping at any time). Now that we’re monitoring whether the server is up or not, we can reboot it to use the new kernel …


neuro@hera:~$ sudo shutdown -r -f now

Broadcast message from neuro@hera
(/dev/pts/1) at 10:14 ...

The system is going down for reboot NOW!
neuro@hera:~$ logout
Connection to hera closed.

You should see the server stop responding to pings, then a minute or so later, start responding again.

If it doesn’t respond after a few minutes, don’t panic, use the Netboot mode to reboot your server, using a network-boot kernel. Once there, you can simply do sudo lilo -v which will re-install the original LILO bootloader, using the OVH-installed kernel, or stick with the netboot kernel if you like.

However, if the server does start responding to pings again (and it should), you can now ssh back in and check things out …


$ ssh hera
Linux hera 2.6.24-24-server #1 SMP Tue Aug 18 16:51:43 UTC 2009 x86_64

The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.

To access official Ubuntu documentation, please visit:
http://help.ubuntu.com/
Last login: Sun Sep 20 06:43:01 2009
neuro@hera:~$ uname -a
Linux hera 2.6.24-24-server #1 SMP Tue Aug 18 16:51:43 UTC 2009 x86_64 GNU/Linux

Woo hoo. A standard Ubuntu kernel, that can take kernel modules, and be updated regularly using apt-get, aptitude, etc. Of course, you can mix this up using other packaged kernels, such as the -rt real time kernel, or the -xen kernel to use Xen virtual machines. Go nuts, because at least now you can use your server as Shuttleworth and co intended!

Note: this procedure worked perfectly for me, but as mentioned at the start, YMMV: I can’t be held responsible if it all goes tango uniform, and Bad Things Happen. Proceed at your own risk, and good luck!

Syndicated 2009-09-20 10:59:22 from neuro.me.uk » open source

Latest blog entries     Older blog entries

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!