-
Notifications
You must be signed in to change notification settings - Fork 43
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unused kernels can fill up template disk - distro equivalent of autoremove should be applied automatically. #653
Comments
@marmarek Disk space inflation inside templates is biting both developers and end users on a regular basis; as noted above, |
This is a very good point indeed. I think it should be easy enough to add autoremove call to |
Observed this in the wild today, recommended as a workaround: |
And another one! Same resolution. We should definitely set 15G by default as part of the dom0 state—similar to what we already do for the sd-app private volume. Anecdotally, @creviera ran |
@conorsch @creviera I'm wondering if we can do more in terms of how we ship the grsec package(s) and declare their dependencies to clean up old kernels after each update. At least in anecdotal observations, most of the |
See also #442 |
Flagging for @deeplow - if this functionality is available in the new Qubes updater we can close this, if not it might make sense to raise it upstream again. Fallback would be to do it ourselves after the updater run finishes. |
Took a peek at the code. It seems that the updater runs @legoktm debian question: can you confirm if |
That's not entirely right place - if python3-apt is installed, the API version is used: https://github.com/QubesOS/qubes-core-admin-linux/blob/a954e6595948aad7cf33f450d6144da40461230e/vmupdate/agent/source/apt/apt_api.py BTW, in bookworm |
Makes sense. Thanks!
Assuming that kernels are indeed the biggest size culprit, then that could be a good approach. However, with this cleanup approach we're relying on the cleanup side-effect of |
@deeplow wrote:
The difference between @marmarek wrote:
Huh. |
Thanks for all the context @legoktm! |
SecureDrop Workstation templates can accumulate a large amount of used diskspace. We should consider if we can run certain maintenance tasks automatically as part of update runs. For example, one one system, just running
sudo apt autoremove
freed up ~3.5 GB of system space (in 3 different templates, each). With a default size of 10GB, that can be the difference between a working template or a broken one.The text was updated successfully, but these errors were encountered: