How to safely remove old/unused kernels in RHEL/CentOS/Fedora

Kernel is central part of an operating system which act as a bridge between applications and hardware (This enable application to share the hardware effectively).

Every Linux system has a separate small partition for kernel installation, that is called /boot. When you update the system regularly, it will install all the updates including kernel images but it wont remove an old kernels.

After certain time you might have noticed that your /boot partition is running out of disk space which was occupied by lot of old/unused kernels which is kept it back there.

Suggested Read : 6 Methods To Check The Running Linux Kernel Version On System

If the boot partition is full, you can’t perform any upgrade on system level or you can’t even install available kernel too.

Every three months once kernel team releasing new stable kernel which comes with new features, improved hardware & system performance. At least monthly once we will get kernel patch/update from operating system for varies fix. For best practices, I would advice users to install all the updates regularly to make the system up and running without any issue.

We can easily accomplish this on RHEL, CentOS systems by installing system utility called yum-utils package & dnf-plugins-core for Fedora. yum-utils contains package-cleanup binary which allow users to remove the old kernels easily on RHEL & CentOS.

How to install yum-utils package on CentOS/RHEL

yum-utils package is part of yum package manager. It is a collection of utilities and plugins extending and supplementing yum in different ways. Use yum package manager to install yum-utils.

$ sudo yum install yum-utils

Core Plugins for DNF. This package enhances DNF with builddep, config-manager, copr, debuginfo-install, download, needs-restarting, repoquery and reposync commands. Additionally provides generate_completion_cache, noroot and protected_packages passive plugins. Use dnf package manager to install yum-utils.

$ sudo dnf install dnf-plugins-core

Run the following DF (Disk Filesystem) command on terminal to check the /boot partition usage.

$ $ df -h /boot
Filesystem      Size  Used Avail Use% Mounted on
/dev/sda1       497M  278M  220M  56% /boot

Check installed kernels

Run the following rpm command on terminal to check an installed Linux kernels.

$ rpm -q kernel
kernel-4.9.12-200.fc25.x86_64
kernel-4.10.10-200.fc25.x86_64
kernel-4.10.14-200.fc25.x86_64

Check whether the system is running with latest kernel or not by running uname -a command.

$ uname -a
Linux localhost.localdomain 4.10.14-200.fc25.x86_64 #1 SMP Wed May 3 22:52:30 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

Delete/Remove old kernels in CentOS/RHEL

We have done the pre-validation check and ready to go for old/unused kernel removal. Run the following command to remove old kernels. After executing the below command the system will be left with two kernels (One is running kernel and other one is latest old kernel as a backup).

$ sudo package-cleanup --oldkernels --count=1
Loaded plugins: fastestmirror, langpacks
--> Running transaction check
---> Package kernel.x86_64 0:3.10.0-327.el7 will be erased
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
 Package      Arch         Version                Repository               Size
================================================================================
Removing:
 kernel       x86_64       3.10.0-327.el7         @base/$releasever       136 M

Transaction Summary
================================================================================
Remove  1 Package

Installed size: 136 M
Is this ok [y/N]: y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Erasing    : kernel-3.10.0-327.el7.x86_64                                 1/1 
  Verifying  : kernel-3.10.0-327.el7.x86_64                                 1/1 

Removed:
  kernel.x86_64 0:3.10.0-327.el7                                                

Complete!

Details :
package-cleanup : is a command
–oldkernels : Remove old kernel and kernel-devel packages.
–count : Number of duplicate/kernel packages to keep on the system (default 2)

When i try to re-run the command, it’s clearly says there is no old kernels to remove hence we have only two kernels.

$ sudo package-cleanup --oldkernels --count=1
Loaded plugins: fastestmirror, langpacks
No old kernels to remove

Delete/Remove old kernels in Fedora

We have done the per-validation check and ready to go for old/unused kernel removal. DNF working straight forward compare with YUM because, if you want to keep two kernels (One is running kernel and other one is latest old kernel as a backup), you have to run the following command.

$ sudo dnf remove $(dnf repoquery --installonly --latest-limit -2 -q)
Dependencies resolved.
================================================================================
 Package                   Arch        Version              Repository     Size
================================================================================
Removing:
 kernel                    x86_64      4.9.12-200.fc25      @updates        0  
 kernel-core               x86_64      4.9.12-200.fc25      @updates       53 M
 kernel-debug-devel        x86_64      4.9.12-200.fc25      @updates       41 M
 kernel-modules            x86_64      4.9.12-200.fc25      @updates       22 M
 kernel-modules-extra      x86_64      4.9.12-200.fc25      @updates      2.0 M

Transaction Summary
================================================================================
Remove  5 Packages

Installed size: 118 M
Is this ok [y/N]: y
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Erasing     : kernel-4.9.12-200.fc25.x86_64                               1/5 
  Erasing     : kernel-debug-devel-4.9.12-200.fc25.x86_64                   2/5 
  Erasing     : kernel-modules-extra-4.9.12-200.fc25.x86_64                 3/5 
  Erasing     : kernel-modules-4.9.12-200.fc25.x86_64                       4/5 
  Erasing     : kernel-core-4.9.12-200.fc25.x86_64                          5/5 
  Verifying   : kernel-modules-4.9.12-200.fc25.x86_64                       1/5 
  Verifying   : kernel-core-4.9.12-200.fc25.x86_64                          2/5 
  Verifying   : kernel-modules-extra-4.9.12-200.fc25.x86_64                 3/5 
  Verifying   : kernel-debug-devel-4.9.12-200.fc25.x86_64                   4/5 
  Verifying   : kernel-4.9.12-200.fc25.x86_64                               5/5 

Removed:
  kernel.x86_64 4.9.12-200.fc25                                                 
  kernel-core.x86_64 4.9.12-200.fc25                                            
  kernel-debug-devel.x86_64 4.9.12-200.fc25                                     
  kernel-modules.x86_64 4.9.12-200.fc25                                         
  kernel-modules-extra.x86_64 4.9.12-200.fc25                                   

Complete!

When i try to re-run the command, it’s getting failed hence we have only two kernels.

$ sudo dnf remove $(dnf repoquery --installonly --latest-limit -2 -q)
[sudo] password for magi: 
Error: Need to pass a list of pkgs to remove
 Mini usage:

remove PACKAGE...

remove a package or packages from your system
alias: erase

Automatically Delete/Remove old kernels in Fedora/CentOS/RHEL

The above method is manual one, which needs to be take care every time. To automate this, just add the kernels count which you want to keep on /etc/yum.conf file.

$ sudo vi /etc/yum.conf
installonly_limit=3

From your next update, this will remove all old kernels except latest three which includes live one (One is running kernel and other two is latest old kernels as a backup).

6 Comments on “How to safely remove old/unused kernels in RHEL/CentOS/Fedora”

  1. Quote: “[…] it will install all the updates including kernel images but it wont remove an old kernels […]”. That’s not true (and that’s why this whole article is highly misleading). Fedora and RHEL/CentOS since quite a few years already remove old kernels by default; only two (in case of Fedora) or four (CentOS) older ones are left behind as safety net iirc.

  2. fc26 didn’t work for me.
    –old-kernels should be built into dnf!

    # dnf remove $(dnf repoquery –installonly –latest-limit -2 -q)
    usage: dnf remove [-c [config file]] [-q] [-v] [–version]
    [–installroot [path]] [–nodocs] [–noplugins]
    [–enableplugin [plugin]] [–disableplugin [plugin]]
    [–releasever RELEASEVER] [–setopt SETOPTS] [–skip-broken]
    [-h] [–allowerasing] [-b] [-C] [-R [minutes]]
    [-d [debug level]] [–debugsolver] [–showduplicates]
    [-e ERRORLEVEL] [–obsoletes]
    [–rpmverbosity [debug level name]] [-y] [–assumeno]
    [–enablerepo [repo]] [–disablerepo [repo] | –repo [repo]]
    [-x [package]] [–disableexcludes [repo]]
    [–repofrompath [repo,path]] [–nogpgcheck] [–color COLOR]
    [–refresh] [-4] [-6] [–downloadonly] [–bugfix]
    [–enhancement] [–newpackage] [–security]
    [–advisory ADVISORY] [–bzs BUGZILLA] [–cves CVES]
    [–sec-severity {Critical,Important,Moderate,Low}]
    [–duplicates | –oldinstallonly]
    [PACKAGE [PACKAGE …]]
    dnf remove: error: unrecognized arguments: –exactdeps] [–recursive] t t [–resolve] t [–srpm] [–latest-limit LATEST_LIMIT] [-i | -l | -s | –qf QUERYFORMAT | –nevra | –nvr | –envra] [–duplicates | –installonly | –unsatisfied] t [–conflicts | –enhances | –provides | –recommends | –requires | –requires-pre | –suggests | –supplements] [–available] [–installed | –extras | –upgrades | –unneeded | –userinstalled] t [key [key …]]

      1. The proper command is:

        sudo dnf remove $(dnf repoquery –installed –latest-limit=-2 -q)

        “–latest-limit” needs an equals sign when the limit is a negative number.

Leave a Reply

Your email address will not be published. Required fields are marked *