starred/hardening
1
0
Fork 0
mirror of https://github.com/konstruktoid/hardening.git synced 2026-04-26 01:05:56 +03:00
Code Issues 6 Projects Releases 4 Packages Wiki Activity

[GH-ISSUE #101] Question: how do you update the kernel after hardening? #52

New issue
Closed
opened 2026-03-03 13:58:44 +03:00 by kerem · 4 comments
kerem commented 2026-03-03 13:58:44 +03:00
Owner
Copy link

Originally created by @Thumpermat on GitHub (Oct 22, 2021).
Original GitHub issue: https://github.com/konstruktoid/hardening/issues/101

I used your packer to create a hardened ubuntu server. Now there is a linux kernel update, but because of the hardening the server doesn't get updated with the new kernel.

Which steps should I do in order to update the linux kernel and then harden the system again?

Looking forward to your reply.

Originally created by @Thumpermat on GitHub (Oct 22, 2021). Original GitHub issue: https://github.com/konstruktoid/hardening/issues/101 I used your packer to create a hardened ubuntu server. Now there is a linux kernel update, but because of the hardening the server doesn't get updated with the new kernel. Which steps should I do in order to update the linux kernel and then harden the system again? Looking forward to your reply.
kerem closed this issue 2026-03-03 13:58:44 +03:00
kerem commented 2026-03-03 13:58:45 +03:00
Author
Owner
Copy link

@konstruktoid commented on GitHub (Oct 22, 2021):

Hi again @Thumpermat,
See https://github.com/konstruktoid/hardening-geniso/issues/3 regarding a possible workaround for the kernel installation issue.

My workflow is basically:

  • Create initial image (using the Packer code) and use that as a template
  • Install and configure wanted services on the server generated from the above template
  • Maintain and update the server using e.g Ansible
<!-- gh-comment-id:949938153 --> @konstruktoid commented on GitHub (Oct 22, 2021): Hi again @Thumpermat, See https://github.com/konstruktoid/hardening-geniso/issues/3 regarding a possible workaround for the kernel installation issue. My workflow is basically: - Create initial image (using the Packer code) and use that as a template - Install and configure wanted services on the server generated from the above template - Maintain and update the server using e.g Ansible
kerem commented 2026-03-03 13:58:45 +03:00
Author
Owner
Copy link

@Thumpermat commented on GitHub (Oct 22, 2021):

So you mean that by adding the /boot/grub/grub.cfg and updating grub, it will also update the kernel?

<!-- gh-comment-id:949959825 --> @Thumpermat commented on GitHub (Oct 22, 2021): So you mean that by adding the `/boot/grub/grub.cfg` and updating grub, it will also update the kernel?
kerem commented 2026-03-03 13:58:45 +03:00
Author
Owner
Copy link

@konstruktoid commented on GitHub (Oct 22, 2021):

Create /boot/grub/ if missing and then run update-grub.
There should the be no issues upgrading the kernel after that.

<!-- gh-comment-id:949962993 --> @konstruktoid commented on GitHub (Oct 22, 2021): Create `/boot/grub/` if missing and then run `update-grub`. There should the be no issues upgrading the kernel after that.
kerem commented 2026-03-03 13:58:45 +03:00
Author
Owner
Copy link

@Thumpermat commented on GitHub (Oct 22, 2021):

Thank you very much.

<!-- gh-comment-id:949971940 --> @Thumpermat commented on GitHub (Oct 22, 2021): Thank you very much.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
renovate/github-codeql-action-4.x
v2.2.0
v2.1.0
v2.0.0
v1.0.0
v1.0
Labels
Clear labels   
Stale

   
bug

   
bug

   
bug

   
pull-request

Mirrored from GitHub Pull Request

No labels
Stale
bug
bug
bug
pull-request
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/hardening#52
No description provided.