Hello,
some time ago I wanted to install a kernel update on my NAS (Netgear
ReadyNAS 104/armhf). However that failed with:
...
update-initramfs: Generating /boot/initrd.img-4.19.0-5-armmp
Using DTB: armada-370-netgear-rn104.dtb
Installing /usr/lib/linux-image-4.19.0-5-armmp/armada-370-netgear-rn104.dtb into /boot/dtbs/4.19.0-5-armmp/./armada-370-netgear-rn104.dtb
Taking backup of armada-370-netgear-rn104.dtb.
Installing new armada-370-netgear-rn104.dtb.
Installing /usr/lib/linux-image-4.19.0-5-armmp/armada-370-netgear-rn104.dtb into /boot/dtbs/4.19.0-5-armmp/./armada-370-netgear-rn104.dtb
Taking backup of armada-370-netgear-rn104.dtb.
Installing new armada-370-netgear-rn104.dtb.
flash-kernel: installing version 4.19.0-5-armmp
The initial ramdisk is too large. This is often due to the unnecessary inclusion
of all kernel modules in the image. To fix this set MODULES=dep in one or both
/etc/initramfs-tools/conf.d/driver-policy (if it exists) and
/etc/initramfs-tools/initramfs.conf and then run 'update-initramfs -u -k 4.19.0-5-armmp'
Not enough space for initrd in MTD 'minirootfs' (need 4821508 but is actually 4194304).
run-parts: /etc/initramfs/post-update.d//flash-kernel exited with return code 1
dpkg: error processing package initramfs-tools (--configure):
installed initramfs-tools package post-installation script subprocess returned error exit status 1
Errors were encountered while processing:
initramfs-tools
E: Sub-process /usr/bin/dpkg returned an error code (1)
Looking at the difference between the working initrd for 4.19.0-4 and
the to big one for 4.19.0-5:
$ diff -u <(lsinitramfs /boot/initrd.img-4.19.0-4-armmp | sed s/4.19.0-4-armmp/uname-r/ | sort) <(lsinitramfs /boot/initrd.img-4.19.0-5-armmp | sed s/4.19.0-5-armmp/uname-r/ | sort) | grep ^[-+]
--- /dev/fd/63 2019-06-19 22:22:31.764750895 +0200
+++ /dev/fd/62 2019-06-19 22:22:31.764750895 +0200
+usr/bin/arch
+usr/bin/bc
+usr/bin/svok
-usr/lib/arm-linux-gnueabihf/libacl.so.1.1.0
+usr/lib/arm-linux-gnueabihf/libacl.so.1.1.2253
-usr/lib/arm-linux-gnueabihf/libattr.so.1.1.0
+usr/lib/arm-linux-gnueabihf/libattr.so.1.1.2448
+usr/lib/arm-linux-gnueabihf/libcrypto.so.1.1
-usr/lib/arm-linux-gnueabihf/libkmod.so.2.3.3
+usr/lib/arm-linux-gnueabihf/libkmod.so.2.3.4
-usr/lib/arm-linux-gnueabihf/liblzma.so.5.2.2
+usr/lib/arm-linux-gnueabihf/liblzma.so.5.2.4
+usr/lib/arm-linux-gnueabihf/libresolv-2.28.so
+usr/lib/arm-linux-gnueabihf/libresolv.so.2
+usr/lib/arm-linux-gnueabihf/libssl.so.1.1
-usr/lib/arm-linux-gnueabihf/libudev.so.1.6.12
+usr/lib/arm-linux-gnueabihf/libudev.so.1.6.13
-usr/lib/klibc-COogfK2xWPg3hPxojsQE86cGErM.so
+usr/lib/klibc-Tm5Kcygh62Zsrgmh7J5q50y2Vn8.so
+usr/sbin/nologin
+usr/sbin/run-init
Looking at the differences in more detail, the files only in the old initrd are:
$ lsinitramfs -l /boot/initrd.img-4.19.0-4-armmp | grep -E 'usr/lib/arm-linux-gnueabihf/lib(acl.so.1.1.0|attr.so.1.1.0|kmod.so.2.3.3|lzma.so.5.2.2|udev.so.1.6.12)|usr/lib/klibc-COogfK2xWPg3hPxojsQE86cGErM.so'
-rw-r--r-- 1 root root 22220 Feb 6 2016 usr/lib/arm-linux-gnueabihf/libacl.so.1.1.0
-rw-r--r-- 1 root root 13884 Sep 8 2014 usr/lib/arm-linux-gnueabihf/libattr.so.1.1.0
-rw-r--r-- 1 root root 62904 Nov 17 2018 usr/lib/arm-linux-gnueabihf/libkmod.so.2.3.3
-rw-r--r-- 1 root root 104260 Jun 28 2017 usr/lib/arm-linux-gnueabihf/liblzma.so.5.2.2
-rw-r--r-- 1 root root 95828 Jan 12 21:49 usr/lib/arm-linux-gnueabihf/libudev.so.1.6.12
-rwxr-xr-x 1 root root 53812 Jan 6 20:33 usr/lib/klibc-COogfK2xWPg3hPxojsQE86cGErM.so
And the files only in the new are:
$ lsinitramfs -l /boot/initrd.img-4.19.0-5-armmp | grep -E 'usr/bin/(arch|bc|svok)|usr/lib/arm-linux-gnueabihf/lib(acl.so.1.1.2253|attr.so.1.1.2448|crypto.so.1.1|kmod.so.2.3.4|lzma.so.5.2.4|resolv-2.28.so|resolv.so.2|ssl.so.1.1|udev.so.1.6.13)|usr/lib/klibc-Tm5Kcygh62Zsrgmh7J5q50y2Vn8.so|usr/sbin/(nologin|run-init)'
-rw-r--r-- 1 root root 21864 Mar 1 23:22 usr/lib/arm-linux-gnueabihf/libacl.so.1.1.2253
-rw-r--r-- 1 root root 13632 Mar 1 23:03 usr/lib/arm-linux-gnueabihf/libattr.so.1.1.2448
-rw-r--r-- 1 root root 1708448 Apr 16 21:31 usr/lib/arm-linux-gnueabihf/libcrypto.so.1.1
-rw-r--r-- 1 root root 62904 Feb 10 00:00 usr/lib/arm-linux-gnueabihf/libkmod.so.2.3.4
-rw-r--r-- 1 root root 104220 Jan 28 02:09 usr/lib/arm-linux-gnueabihf/liblzma.so.5.2.4
-rw-r--r-- 1 root root 55092 May 1 19:24 usr/lib/arm-linux-gnueabihf/libresolv-2.28.so
lrwxrwxrwx 1 root root 17 Jun 19 22:16 usr/lib/arm-linux-gnueabihf/libresolv.so.2 -> libresolv-2.28.so
-rw-r--r-- 1 root root 340240 Apr 16 21:31 usr/lib/arm-linux-gnueabihf/libssl.so.1.1
-rw-r--r-- 1 root root 95828 Apr 8 12:59 usr/lib/arm-linux-gnueabihf/libudev.so.1.6.13
-rwxr-xr-x 1 root root 53324 Feb 1 06:00 usr/lib/klibc-Tm5Kcygh62Zsrgmh7J5q50y2Vn8.so
-rwxr-xr-x 247 root root 0 Apr 1 07:17 usr/sbin/run-init
-rwxr-xr-x 247 root root 0 Apr 1 07:17 usr/sbin/nologin
-rwxr-xr-x 247 root root 0 Apr 1 07:17 usr/bin/svok
-rwxr-xr-x 247 root root 0 Apr 1 07:17 usr/bin/bc
-rwxr-xr-x 247 root root 0 Apr 1 07:17 usr/bin/arch
The biggest problem is the addition of libssl and libcrypto. These are
pulled in since version 26-1 when kmod started linking with OpenSSL.
While the motivation to link with OpenSSL is fine for sure, for me it
means I cannot install new kernels any more :-| (The suggestions don't
apply, I already use MODULES=dep.)
I'm not sure what to do about this (apart from sharing my pain by
reporting this bug). Also I'm unsure about the severity, the description
for critical ("makes unrelated software on the system (or the whole
system) break, or causes serious data loss, or introduces a security
hole on systems where you install the package.") isn't completely wrong,
YMMV.
I could work around that by changing the partitioning of the flash that
holds kernel and initrd, but this is painful as I have to change the
device tree that ships with the kernel.
Best regards
Uwe