Synaptic "override" of latest installed Kernel with lower version during update

Almost forgot to raise this important question. I find what happened puzzling!

When I did an update through Synaptic last month, it installed version 5.15.0-133-generic of the Kernel, even though I was already operating using the 6.8.0-45-generic Kernel, which was installed manually from the download from the Kernel Releases site.

Here are my installed files:

-rw------- 1 root root 14911880 Sep 11 09:59 /boot/vmlinuz-6.8.0-45-generic
-rw------- 1 root root 11711400 Feb  7 13:12 /boot/vmlinuz-5.15.0-133-generic

My question is ... if 6.8.0-45-generic was installed and running, why did it install 5.15.0-133-generic, set that up as the primary boot, and re-reference the 6.8.0-45-generic as vmlinuz-old ?

Naturally, I have since swapped the two symlink references but, since I was doing a "Mark all upgrades", I want to know why it didn't simply

• keep things as they were and ignore the install of "5.15.0-133-generic",           or
• only install "5.15.0-133-generic" as the replacement binary for vmlinuz-old, rather than bump version 6 Kernel to that reference?

Visibility of 6.8 Kernel in Synaptic:

Kernel_6.8.0-45-generic1018×146 27.1 KB

Visibility of 5.15.0-133 Kernel in Synaptic:

Kernel_5.15.0-133-generic1013×151 24.5 KB

AFAIK

• synaptic "Package > Lock version" flag
• apt-mark hold <package> command
• apt command

are not well aware of each other.

That is it well may be that the older 'generic' kernel version is locked within synaptic and is installed/restored/activated through synaptic update session.

Next to that, manually downloaded and installed kernel version might not supplant/suppress the work of linux-generic package which "always depend on the latest complete generic Linux kernel and headers."

The following link has more interesting details:

Correct. Synaptic can not read apt pinning.
The following command will fix that:

sudo ln -s /var/lib/synaptic/preferences /etc/apt/preferences.d/locked_in_synaptic

Because linux-image-generic package in Ubuntu 22.04 currently depends on it.

I doubt it. Did it actually boot your system with kernel 5.15 on reboot?

It looks like vmlinuz and vmlinuz.old are just compatibility artifacts, and the actual grub menu is regenerated every time the kernel is updated. Check your /boot/grub/grub.cfg file.

You have your primary GA kernel (currently 5.15.0-133). Plus you have a manually installed kernel 6.8.0-45. Nothing is on hold.

Yes!

As I said the symlinks which I have now repaired to show as

-rw------- 1 root root 11711400 Feb  7 13:12 vmlinuz-5.15.0-133-generic
-rw------- 1 root root 14911880 Sep 11 09:59 vmlinuz-6.8.0-45-generic

lrwxrwxrwx 1 root root       24 Feb 20 13:06 vmlinuz -> vmlinuz-6.8.0-45-generic
lrwxrwxrwx 1 root root       26 Feb 19 20:00 vmlinuz.old -> vmlinuz-5.15.0-133-generic

were showing as

lrwxrwxrwx 1 root root       24 Sep 11 09:59 vmlinuz.old -> vmlinuz-6.8.0-45-generic
lrwxrwxrwx 1 root root       26 Feb 19 20:00 vmlinuz -> vmlinuz-5.15.0-133-generic

The system will always boot with whichever version vmlinuz is pointing at, and that was the v5 Kernel, because updates include the call to update-grub to ensure that all is in sync with the latest changes.

After I renamed the vmlinuz/vmlinuz.old symlinks, I re-ran update-grub, and I currently boot as desired with the v6 Kernel:

I also confirmed that the /boot/grub/grub.cfg file is now reflecting my preferred "precedence list", although, after the upgrade that installed the newer v5 Kernel, it did not reflect that, instead showing the reverse.

I did not place any manual "freeze" or "hold" on version updates, because I thought there would have been "smarts" to prevent an "automated" process from overriding an administrator's "manual" (override) install (of the v6 Kernel).

Maybe ... given what happened, my expectation on this last point was unrealistic ... but ... based on the clear visibility of the versions involved on this very key core component ... not invalid !!!

Grub is huge and has tons of settings, but by default it is supposed to boot the first boot entry from the /boot/grub/grub.cfg config file.

Update-grub is not supposed to use your vmlinuz/vmlinuz.old symlinks at all. It should parse your boot directory, find your kernels and sort them by version.

I can only tell you what I discovered, to my great surprise, when I entered the uname -a, only to have the v5 Kernel reported, and not the v6 !!! Which is why my manual "repair" was required.

That's weird. Anyway, if you don't specifically need kernel 6.8.0-45, I recommend you install the HWE kernel and keep it updated automatically.

The current HWE kernel in Ubuntu 22.04 is 6.8.0-52.

Thank you, @ironfoot. But your answer raises a whole new question (keeping in mind that I did perform a package list update a that time):

• if, on Feb 7, the HWE kernel was 6.8.0-52 (which I would have liked), why did it identify and install 5.15.0-133-generic ???

My /etc/apt/sources.list file:

deb cdrom:[Ubuntu-MATE 22.04.4 LTS _Jammy Jellyfish_ - Release amd64 (20240216.1)]/ jammy main multiverse restricted universe
# deb cdrom:[Ubuntu-MATE 20.04 LTS _Focal Fossa_ - Release amd64 (20200423)]/ focal main multiverse restricted universe
# deb cdrom:[Ubuntu-MATE 20.04 LTS _Focal Fossa_ - Release amd64 (20200423)]/ focal main multiverse restricted universe

# See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to
# newer versions of the distribution.
deb http://ca.archive.ubuntu.com/ubuntu/ jammy main restricted
deb-src http://ca.archive.ubuntu.com/ubuntu/ focal main restricted

## Major bug fix updates produced after the final release of the
## distribution.
deb http://ca.archive.ubuntu.com/ubuntu/ jammy-updates restricted main
# deb-src http://ca.archive.ubuntu.com/ubuntu/ focal-updates main restricted

## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team. Also, please note that software in universe WILL NOT receive any
## review or updates from the Ubuntu security team.
deb http://ca.archive.ubuntu.com/ubuntu/ jammy universe
deb-src http://ca.archive.ubuntu.com/ubuntu/ focal universe
deb http://ca.archive.ubuntu.com/ubuntu/ jammy-updates universe
# deb-src http://ca.archive.ubuntu.com/ubuntu/ focal-updates universe

## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu 
## team, and may not be under a free licence. Please satisfy yourself as to 
## your rights to use the software. Also, please note that software in 
## multiverse WILL NOT receive any review or updates from the Ubuntu
## security team.
deb http://ca.archive.ubuntu.com/ubuntu/ jammy multiverse
deb-src http://ca.archive.ubuntu.com/ubuntu/ focal multiverse
deb http://ca.archive.ubuntu.com/ubuntu/ jammy-updates multiverse
# deb-src http://ca.archive.ubuntu.com/ubuntu/ focal-updates multiverse

## N.B. software from this repository may not have been tested as
## extensively as that contained in the main release, although it includes
## newer versions of some applications which may provide useful features.
## Also, please note that software in backports WILL NOT receive any review
## or updates from the Ubuntu security team.
# deb-src http://ca.archive.ubuntu.com/ubuntu/ focal-backports main restricted universe multiverse


deb http://ca.archive.ubuntu.com/ubuntu/ jammy-security restricted main
# deb-src http://security.ubuntu.com/ubuntu focal-security main restricted
deb http://ca.archive.ubuntu.com/ubuntu/ jammy-security universe
deb-src http://security.ubuntu.com/ubuntu focal-security universe
deb http://ca.archive.ubuntu.com/ubuntu/ jammy-security multiverse
deb-src http://security.ubuntu.com/ubuntu focal-security multiverse

# This system was installed using small removable media
# (e.g. netinst, live or single CD). The matching "deb cdrom"
# entries were disabled at the end of the installation process.
# For information about how to configure apt package sources,
# see the sources.list(5) manual.
deb http://ca.archive.ubuntu.com/ubuntu/ jammy-backports universe restricted multiverse main