fix(arch): detect pending kernel upgrades before installation (#1372)

On Arch Linux, the script uses `pacman -Syu` which performs a full system upgrade. If a user's system is out of date and has pending kernel updates: 1. Script runs `pacman -Syu` to install OpenVPN 2. Kernel gets upgraded along with other packages 3. The TUN module for the **new** kernel isn't loaded (old kernel still running) 4. OpenVPN fails to start because TUN is unavailable 5. User has to reboot anyway, but now they're confused about why it broke So we check preventively now, and ask them to upgrade & reboot before running the script <img width="1342" height="488" alt="image" src="https://github.com/user-attachments/assets/e9646737-eaf4-4035-b247-20e8f2daea60" />
2025-12-15 16:37:03 +01:00 · 2025-12-13 10:55:36 +01:00
parent 9e1bb4b175
commit e7aa52b51f
1 changed files with 52 additions and 0 deletions
--- a/openvpn-install.sh
+++ b/openvpn-install.sh
@@ -233,6 +233,57 @@ function checkOS() {
 	fi
 }

+function checkArchPendingKernelUpgrade() {
+	if [[ $OS != "arch" ]]; then
+		return 0
+	fi
+
+	# Check if running kernel's modules are available
+	# (detects if kernel was upgraded but system not rebooted)
+	# Skip this check in containers - they share host kernel but have their own /lib/modules
+	if [[ -f /.dockerenv ]] || grep -qE '(docker|lxc|containerd)' /proc/1/cgroup 2>/dev/null; then
+		log_info "Running in container, skipping kernel modules check"
+	else
+		local running_kernel
+		running_kernel=$(uname -r)
+		if [[ ! -d "/lib/modules/${running_kernel}" ]]; then
+			log_error "Kernel modules for running kernel ($running_kernel) not found!"
+			log_info "This usually means the kernel was upgraded but the system wasn't rebooted."
+			log_fatal "Please reboot your system and run this script again."
+		fi
+	fi
+
+	log_info "Checking for pending kernel upgrades on Arch Linux..."
+
+	# Sync package database to check for updates
+	if ! pacman -Sy &>/dev/null; then
+		log_warn "Failed to sync package database, skipping kernel upgrade check"
+		return 0
+	fi
+
+	# Check for pending linux kernel upgrades
+	local pending_kernels
+	pending_kernels=$(pacman -Qu 2>/dev/null | grep -E '^linux' || true)
+
+	if [[ -n "$pending_kernels" ]]; then
+		log_warn "Linux kernel upgrade(s) pending:"
+		echo "$pending_kernels" | while read -r line; do
+			log_info "  $line"
+		done
+		echo ""
+		log_info "This script uses 'pacman -Syu' which will upgrade your kernel."
+		log_info "After a kernel upgrade, the TUN module won't be available until you reboot."
+		echo ""
+		log_info "Please upgrade your system and reboot first:"
+		log_info "  sudo pacman -Syu"
+		log_info "  sudo reboot"
+		echo ""
+		log_fatal "Aborting. Run this script again after upgrading and rebooting."
+	fi
+
+	log_success "No pending kernel upgrades"
+}
+
 function initialCheck() {
 	log_debug "Checking root privileges..."
 	if ! isRoot; then
@@ -249,6 +300,7 @@ function initialCheck() {
 	log_debug "Detecting operating system..."
 	checkOS
 	log_info "Detected OS: $OS (${PRETTY_NAME:-unknown})"
+	checkArchPendingKernelUpgrade
 }

 # Check if OpenVPN version is at least the specified version