Linux Debian Kernel Cleanup Script

Problem Overview

Over time, Debian-based systems accumulate multiple kernel versions, consuming disk space and cluttering the bootloader. Manually removing old kernels is time-consuming and prone to errors. This script automates kernel cleanup, ensuring system stability while reclaiming storage.

Description

This script identifies the currently running kernel and compiles a list of all installed kernel versions. It then removes all but the two most recent kernels, ensuring that the system maintains stability while reclaiming disk space. Once old kernels are removed, the script performs a cleanup operation using apt-get autoremove to delete any residual dependencies or unused packages. Finally, it provides a summary of how many kernels were removed, ensuring transparency and ease of use.

Script

#!/bin/bash

# This resource is provided as a convenience for Level users. We cannot 
# guarantee it will work in all environments. Please test before deploying 
# to your production environment. We welcome contributions to our community 
# library

# Level Library
# https://level.io/library/script-linux-debian-kernel-cleanup

# Get the current kernel version
current_kernel=$(uname -r)

# List all installed kernels, sorted in version order, and exclude the current kernel
installed_kernels=$(ls /lib/modules | grep -v "$current_kernel" | sort -V)

# Keep the two most recent kernels as backups
kernels_to_keep=$(echo "$installed_kernels" | tail -n 2)

# Create a list of kernels to remove, excluding the kernels to keep
kernels_to_remove=$(comm -23 <(echo "$installed_kernels") <(echo "$kernels_to_keep"))

if [ -n "$kernels_to_remove" ]; then
  # Remove each kernel in the list
  for kernel in $kernels_to_remove
  do
    echo "Removing $kernel"
    sudo apt-get remove -y "linux-image-$kernel"
    sudo apt-get purge -y "linux-image-$kernel"
    sudo rm -rf "/lib/modules/$kernel"
  done

  # Finally, clean up any remaining unused packages
  sudo apt-get autoremove -y
  echo "Kernel cleanup complete!"

  # Count the number of kernels removed
  num_kernels_to_remove=$(echo "$kernels_to_remove" | wc -l)
else
  echo "No kernels to remove."
  num_kernels_to_remove=0
fi

echo "Number of kernels removed: $num_kernels_to_remove"

Use Cases

• Freeing up disk space on Debian-based systems.
• Keeping the bootloader clean by minimizing old kernel entries.
• Automating kernel cleanup on servers and desktops.
• Reducing maintenance effort for IT teams managing multiple Linux devices.

Recommendations

• Test in a non-production environment before deploying widely.
• Ensure system backups exist in case a rollback is required.
• Schedule periodic execution using an automation with scheduled trigger for ongoing cleanup. Alternatively, pair with a monitor and trigger for remediation.
• Verify kernel removal by running ls /lib/modules after execution.

FAQ

• Will this script remove the currently running kernel?
  ‍No, the script explicitly ensures that the active kernel remains untouched, preventing any disruptions to system stability.

• How can I modify it to keep more than two old kernels?
  ‍The script uses tail -n 2 to retain the two most recent kernels. Changing this value to tail -n X will allow you to keep more versions if desired.

• What happens if there are no old kernels to remove?
  ‍If there are no outdated kernels, the script safely exits without making any changes, ensuring that nothing unnecessary is removed.

• Can this script be used on non-Debian-based distributions?
  ‍No, this script is specifically designed for Debian-based systems that use apt-get. If used on Red Hat-based distributions, modifications will be required to use dnf or yum instead.

• How do I schedule this script to run automatically?
  ‍To automate kernel cleanup, create a monitor and trigger this script as part of remediation. Alternatively, create an automation with a scheduled trigger. Then run this script as part of that automation.