How to make apt-get accept new config files in an unattended install of debian from Repo

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
16
down vote

favorite
3












I am writing a script for a unattended install of a package that is in our repo, it is a software package with one of Debian's marked config files.
Is there any option that I can pass to apt-get/aptitude so that it accepts the new config files?



Basically I need an apt/aptitude equivalent of dpkg --force-confnew



I need to answer the following question posed while apt-get is installing with a Y




Configuration file ``/opt/application/conf/XXX.conf`'



==> File on system created by you or by a script.
==> File also in package provided by package maintainer.

What would you like to do about it ? Your options are:
Y or I : install the package maintainer's version
N or O : keep your currently-installed version
D : show the differences between the versions
Z : background this process to examine the

The default action is to keep your current version.



Additional Info:



Also, I am passing the sudo password in a pipe to execute the command



echo "mysudopass"|sudo -S apt-get mypackage


This is flagging an error in installation when the installation is at the config interactive phase.



I am on Ubuntu 10.04

apt version: apt 0.7.25.3



Why I cannot use dpkg: These Debians are to be installed from Repo and I don't have local Debians on my machine










share|improve this question























  • serverfault.com/questions/48724/…
    – Alastair Irvine
    Mar 2 '16 at 6:59














up vote
16
down vote

favorite
3












I am writing a script for a unattended install of a package that is in our repo, it is a software package with one of Debian's marked config files.
Is there any option that I can pass to apt-get/aptitude so that it accepts the new config files?



Basically I need an apt/aptitude equivalent of dpkg --force-confnew



I need to answer the following question posed while apt-get is installing with a Y




Configuration file ``/opt/application/conf/XXX.conf`'



==> File on system created by you or by a script.
==> File also in package provided by package maintainer.

What would you like to do about it ? Your options are:
Y or I : install the package maintainer's version
N or O : keep your currently-installed version
D : show the differences between the versions
Z : background this process to examine the

The default action is to keep your current version.



Additional Info:



Also, I am passing the sudo password in a pipe to execute the command



echo "mysudopass"|sudo -S apt-get mypackage


This is flagging an error in installation when the installation is at the config interactive phase.



I am on Ubuntu 10.04

apt version: apt 0.7.25.3



Why I cannot use dpkg: These Debians are to be installed from Repo and I don't have local Debians on my machine










share|improve this question























  • serverfault.com/questions/48724/…
    – Alastair Irvine
    Mar 2 '16 at 6:59












up vote
16
down vote

favorite
3









up vote
16
down vote

favorite
3






3





I am writing a script for a unattended install of a package that is in our repo, it is a software package with one of Debian's marked config files.
Is there any option that I can pass to apt-get/aptitude so that it accepts the new config files?



Basically I need an apt/aptitude equivalent of dpkg --force-confnew



I need to answer the following question posed while apt-get is installing with a Y




Configuration file ``/opt/application/conf/XXX.conf`'



==> File on system created by you or by a script.
==> File also in package provided by package maintainer.

What would you like to do about it ? Your options are:
Y or I : install the package maintainer's version
N or O : keep your currently-installed version
D : show the differences between the versions
Z : background this process to examine the

The default action is to keep your current version.



Additional Info:



Also, I am passing the sudo password in a pipe to execute the command



echo "mysudopass"|sudo -S apt-get mypackage


This is flagging an error in installation when the installation is at the config interactive phase.



I am on Ubuntu 10.04

apt version: apt 0.7.25.3



Why I cannot use dpkg: These Debians are to be installed from Repo and I don't have local Debians on my machine










share|improve this question















I am writing a script for a unattended install of a package that is in our repo, it is a software package with one of Debian's marked config files.
Is there any option that I can pass to apt-get/aptitude so that it accepts the new config files?



Basically I need an apt/aptitude equivalent of dpkg --force-confnew



I need to answer the following question posed while apt-get is installing with a Y




Configuration file ``/opt/application/conf/XXX.conf`'



==> File on system created by you or by a script.
==> File also in package provided by package maintainer.

What would you like to do about it ? Your options are:
Y or I : install the package maintainer's version
N or O : keep your currently-installed version
D : show the differences between the versions
Z : background this process to examine the

The default action is to keep your current version.



Additional Info:



Also, I am passing the sudo password in a pipe to execute the command



echo "mysudopass"|sudo -S apt-get mypackage


This is flagging an error in installation when the installation is at the config interactive phase.



I am on Ubuntu 10.04

apt version: apt 0.7.25.3



Why I cannot use dpkg: These Debians are to be installed from Repo and I don't have local Debians on my machine







software-installation apt aptitude






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Sep 3 '16 at 21:44









Jeff Schaller

34.6k952115




34.6k952115










asked Oct 18 '11 at 2:23









Raman

18114




18114











  • serverfault.com/questions/48724/…
    – Alastair Irvine
    Mar 2 '16 at 6:59
















  • serverfault.com/questions/48724/…
    – Alastair Irvine
    Mar 2 '16 at 6:59















serverfault.com/questions/48724/…
– Alastair Irvine
Mar 2 '16 at 6:59




serverfault.com/questions/48724/…
– Alastair Irvine
Mar 2 '16 at 6:59










4 Answers
4






active

oldest

votes

















up vote
19
down vote













You can pass dpkg parameters to apt-get like this



apt-get -y -o Dpkg::Options::=--force-confdef -o Dpkg::Options::=--force-confnew install pkgname1 pkgname2 ...


With --force-confdef if old config files still exist, they won't get overridden. So you probably won't use it, I'm just documenting it for others.



sudo will not ask for a password if you negate the authenticate option for the user or add the NOPASSWD tag in the specific entry. e.g.



someuser ALL = NOPASSWD: /usr/bin/apt-get





share|improve this answer





























    up vote
    6
    down vote













    You could try the following:



    export DEBIAN_FRONTEND=noninteractive
    apt-get -q -y install whatever-2


    But note that this has implications, like empty default passwords (maybe you'd like some deployment/config tool like puppet, chef, fabric...?).



    See sudoers(5) about how to allow password-less sudo invocations.






    share|improve this answer



























      up vote
      1
      down vote













      Alternatively to what forcefsck suggested I suggest you add this into APT settings so you are not required to add these hard-to-write options all the time. Also, this would be helpful for unattended upgrades if you have these setup.



      Create /etc/apt/apt.conf.d/71debconf file to have the following content:



      Dpkg::Options 
      "--force-confnew";
      ;





      share|improve this answer






















      • This may be a good option, however it's important to note that this would be a GLOBAL change. If you have other packages on the system that you want to get unattended upgrades but have also configured, this would not be the appropriate solution.
        – Geoff
        Oct 17 at 1:45

















      up vote
      0
      down vote













      In addition to the other answers, you may also have to set the environment UCF_FORCE_CONFFNEW=1.



      E.g. openssh in debian stretch uses ucf (not debconf) in it's openssh-server/openssh-7.4p1/debian/openssh-server.postinst to ask about the config file. (You can see the openssh-server.postinst by using dget against http://security.debian.org/debian-security/pool/updates/main/o/openssh/openssh_7.4p1-10+deb9u4.dsc)



      We've had to use all the tricks on this page in addition to being liberal users of debconf preseeding.



      We did however stop just short of export DEBIAN_FRONTEND=noninteractive because we want to know if we missed something (that could be important). Our use case is an operator starting the operation. The upgrade is expected to be non-interactive, but the operator is present if something goes wrong and a dialog presents itself. Your situation may be different.



      But export DEBIAN_FRONTEND=noninteractive is your proverbial sledgehammer.



      Just beware: Setting -o Dpkg::Options::=--force-confnew and/or UCF_FORCE_CONFFNEW=1 means that all config files from installed packages revert to the upstream ones. So e.g. in the case of openssh-server, your /etc/ssh/sshd_config will be reset to factory settings. And e.g. PermitRootLogin=yes will be removed. But of course you don't use that, so you'll be fine! ;-)






      share|improve this answer




















        Your Answer







        StackExchange.ready(function()
        var channelOptions =
        tags: "".split(" "),
        id: "106"
        ;
        initTagRenderer("".split(" "), "".split(" "), channelOptions);

        StackExchange.using("externalEditor", function()
        // Have to fire editor after snippets, if snippets enabled
        if (StackExchange.settings.snippets.snippetsEnabled)
        StackExchange.using("snippets", function()
        createEditor();
        );

        else
        createEditor();

        );

        function createEditor()
        StackExchange.prepareEditor(
        heartbeatType: 'answer',
        convertImagesToLinks: false,
        noModals: false,
        showLowRepImageUploadWarning: true,
        reputationToPostImages: null,
        bindNavPrevention: true,
        postfix: "",
        onDemand: true,
        discardSelector: ".discard-answer"
        ,immediatelyShowMarkdownHelp:true
        );



        );













         

        draft saved


        draft discarded


















        StackExchange.ready(
        function ()
        StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f22820%2fhow-to-make-apt-get-accept-new-config-files-in-an-unattended-install-of-debian-f%23new-answer', 'question_page');

        );

        Post as a guest






























        4 Answers
        4






        active

        oldest

        votes








        4 Answers
        4






        active

        oldest

        votes









        active

        oldest

        votes






        active

        oldest

        votes








        up vote
        19
        down vote













        You can pass dpkg parameters to apt-get like this



        apt-get -y -o Dpkg::Options::=--force-confdef -o Dpkg::Options::=--force-confnew install pkgname1 pkgname2 ...


        With --force-confdef if old config files still exist, they won't get overridden. So you probably won't use it, I'm just documenting it for others.



        sudo will not ask for a password if you negate the authenticate option for the user or add the NOPASSWD tag in the specific entry. e.g.



        someuser ALL = NOPASSWD: /usr/bin/apt-get





        share|improve this answer


























          up vote
          19
          down vote













          You can pass dpkg parameters to apt-get like this



          apt-get -y -o Dpkg::Options::=--force-confdef -o Dpkg::Options::=--force-confnew install pkgname1 pkgname2 ...


          With --force-confdef if old config files still exist, they won't get overridden. So you probably won't use it, I'm just documenting it for others.



          sudo will not ask for a password if you negate the authenticate option for the user or add the NOPASSWD tag in the specific entry. e.g.



          someuser ALL = NOPASSWD: /usr/bin/apt-get





          share|improve this answer
























            up vote
            19
            down vote










            up vote
            19
            down vote









            You can pass dpkg parameters to apt-get like this



            apt-get -y -o Dpkg::Options::=--force-confdef -o Dpkg::Options::=--force-confnew install pkgname1 pkgname2 ...


            With --force-confdef if old config files still exist, they won't get overridden. So you probably won't use it, I'm just documenting it for others.



            sudo will not ask for a password if you negate the authenticate option for the user or add the NOPASSWD tag in the specific entry. e.g.



            someuser ALL = NOPASSWD: /usr/bin/apt-get





            share|improve this answer














            You can pass dpkg parameters to apt-get like this



            apt-get -y -o Dpkg::Options::=--force-confdef -o Dpkg::Options::=--force-confnew install pkgname1 pkgname2 ...


            With --force-confdef if old config files still exist, they won't get overridden. So you probably won't use it, I'm just documenting it for others.



            sudo will not ask for a password if you negate the authenticate option for the user or add the NOPASSWD tag in the specific entry. e.g.



            someuser ALL = NOPASSWD: /usr/bin/apt-get






            share|improve this answer














            share|improve this answer



            share|improve this answer








            edited Dec 18 '11 at 1:22









            Kevin

            26.4k106098




            26.4k106098










            answered Oct 18 '11 at 20:34









            forcefsck

            5,5461931




            5,5461931






















                up vote
                6
                down vote













                You could try the following:



                export DEBIAN_FRONTEND=noninteractive
                apt-get -q -y install whatever-2


                But note that this has implications, like empty default passwords (maybe you'd like some deployment/config tool like puppet, chef, fabric...?).



                See sudoers(5) about how to allow password-less sudo invocations.






                share|improve this answer
























                  up vote
                  6
                  down vote













                  You could try the following:



                  export DEBIAN_FRONTEND=noninteractive
                  apt-get -q -y install whatever-2


                  But note that this has implications, like empty default passwords (maybe you'd like some deployment/config tool like puppet, chef, fabric...?).



                  See sudoers(5) about how to allow password-less sudo invocations.






                  share|improve this answer






















                    up vote
                    6
                    down vote










                    up vote
                    6
                    down vote









                    You could try the following:



                    export DEBIAN_FRONTEND=noninteractive
                    apt-get -q -y install whatever-2


                    But note that this has implications, like empty default passwords (maybe you'd like some deployment/config tool like puppet, chef, fabric...?).



                    See sudoers(5) about how to allow password-less sudo invocations.






                    share|improve this answer












                    You could try the following:



                    export DEBIAN_FRONTEND=noninteractive
                    apt-get -q -y install whatever-2


                    But note that this has implications, like empty default passwords (maybe you'd like some deployment/config tool like puppet, chef, fabric...?).



                    See sudoers(5) about how to allow password-less sudo invocations.







                    share|improve this answer












                    share|improve this answer



                    share|improve this answer










                    answered Oct 18 '11 at 8:08









                    sr_

                    12.8k3142




                    12.8k3142




















                        up vote
                        1
                        down vote













                        Alternatively to what forcefsck suggested I suggest you add this into APT settings so you are not required to add these hard-to-write options all the time. Also, this would be helpful for unattended upgrades if you have these setup.



                        Create /etc/apt/apt.conf.d/71debconf file to have the following content:



                        Dpkg::Options 
                        "--force-confnew";
                        ;





                        share|improve this answer






















                        • This may be a good option, however it's important to note that this would be a GLOBAL change. If you have other packages on the system that you want to get unattended upgrades but have also configured, this would not be the appropriate solution.
                          – Geoff
                          Oct 17 at 1:45














                        up vote
                        1
                        down vote













                        Alternatively to what forcefsck suggested I suggest you add this into APT settings so you are not required to add these hard-to-write options all the time. Also, this would be helpful for unattended upgrades if you have these setup.



                        Create /etc/apt/apt.conf.d/71debconf file to have the following content:



                        Dpkg::Options 
                        "--force-confnew";
                        ;





                        share|improve this answer






















                        • This may be a good option, however it's important to note that this would be a GLOBAL change. If you have other packages on the system that you want to get unattended upgrades but have also configured, this would not be the appropriate solution.
                          – Geoff
                          Oct 17 at 1:45












                        up vote
                        1
                        down vote










                        up vote
                        1
                        down vote









                        Alternatively to what forcefsck suggested I suggest you add this into APT settings so you are not required to add these hard-to-write options all the time. Also, this would be helpful for unattended upgrades if you have these setup.



                        Create /etc/apt/apt.conf.d/71debconf file to have the following content:



                        Dpkg::Options 
                        "--force-confnew";
                        ;





                        share|improve this answer














                        Alternatively to what forcefsck suggested I suggest you add this into APT settings so you are not required to add these hard-to-write options all the time. Also, this would be helpful for unattended upgrades if you have these setup.



                        Create /etc/apt/apt.conf.d/71debconf file to have the following content:



                        Dpkg::Options 
                        "--force-confnew";
                        ;






                        share|improve this answer














                        share|improve this answer



                        share|improve this answer








                        edited Jan 10 at 14:37

























                        answered Jan 10 at 14:32









                        Te Ri

                        1245




                        1245











                        • This may be a good option, however it's important to note that this would be a GLOBAL change. If you have other packages on the system that you want to get unattended upgrades but have also configured, this would not be the appropriate solution.
                          – Geoff
                          Oct 17 at 1:45
















                        • This may be a good option, however it's important to note that this would be a GLOBAL change. If you have other packages on the system that you want to get unattended upgrades but have also configured, this would not be the appropriate solution.
                          – Geoff
                          Oct 17 at 1:45















                        This may be a good option, however it's important to note that this would be a GLOBAL change. If you have other packages on the system that you want to get unattended upgrades but have also configured, this would not be the appropriate solution.
                        – Geoff
                        Oct 17 at 1:45




                        This may be a good option, however it's important to note that this would be a GLOBAL change. If you have other packages on the system that you want to get unattended upgrades but have also configured, this would not be the appropriate solution.
                        – Geoff
                        Oct 17 at 1:45










                        up vote
                        0
                        down vote













                        In addition to the other answers, you may also have to set the environment UCF_FORCE_CONFFNEW=1.



                        E.g. openssh in debian stretch uses ucf (not debconf) in it's openssh-server/openssh-7.4p1/debian/openssh-server.postinst to ask about the config file. (You can see the openssh-server.postinst by using dget against http://security.debian.org/debian-security/pool/updates/main/o/openssh/openssh_7.4p1-10+deb9u4.dsc)



                        We've had to use all the tricks on this page in addition to being liberal users of debconf preseeding.



                        We did however stop just short of export DEBIAN_FRONTEND=noninteractive because we want to know if we missed something (that could be important). Our use case is an operator starting the operation. The upgrade is expected to be non-interactive, but the operator is present if something goes wrong and a dialog presents itself. Your situation may be different.



                        But export DEBIAN_FRONTEND=noninteractive is your proverbial sledgehammer.



                        Just beware: Setting -o Dpkg::Options::=--force-confnew and/or UCF_FORCE_CONFFNEW=1 means that all config files from installed packages revert to the upstream ones. So e.g. in the case of openssh-server, your /etc/ssh/sshd_config will be reset to factory settings. And e.g. PermitRootLogin=yes will be removed. But of course you don't use that, so you'll be fine! ;-)






                        share|improve this answer
























                          up vote
                          0
                          down vote













                          In addition to the other answers, you may also have to set the environment UCF_FORCE_CONFFNEW=1.



                          E.g. openssh in debian stretch uses ucf (not debconf) in it's openssh-server/openssh-7.4p1/debian/openssh-server.postinst to ask about the config file. (You can see the openssh-server.postinst by using dget against http://security.debian.org/debian-security/pool/updates/main/o/openssh/openssh_7.4p1-10+deb9u4.dsc)



                          We've had to use all the tricks on this page in addition to being liberal users of debconf preseeding.



                          We did however stop just short of export DEBIAN_FRONTEND=noninteractive because we want to know if we missed something (that could be important). Our use case is an operator starting the operation. The upgrade is expected to be non-interactive, but the operator is present if something goes wrong and a dialog presents itself. Your situation may be different.



                          But export DEBIAN_FRONTEND=noninteractive is your proverbial sledgehammer.



                          Just beware: Setting -o Dpkg::Options::=--force-confnew and/or UCF_FORCE_CONFFNEW=1 means that all config files from installed packages revert to the upstream ones. So e.g. in the case of openssh-server, your /etc/ssh/sshd_config will be reset to factory settings. And e.g. PermitRootLogin=yes will be removed. But of course you don't use that, so you'll be fine! ;-)






                          share|improve this answer






















                            up vote
                            0
                            down vote










                            up vote
                            0
                            down vote









                            In addition to the other answers, you may also have to set the environment UCF_FORCE_CONFFNEW=1.



                            E.g. openssh in debian stretch uses ucf (not debconf) in it's openssh-server/openssh-7.4p1/debian/openssh-server.postinst to ask about the config file. (You can see the openssh-server.postinst by using dget against http://security.debian.org/debian-security/pool/updates/main/o/openssh/openssh_7.4p1-10+deb9u4.dsc)



                            We've had to use all the tricks on this page in addition to being liberal users of debconf preseeding.



                            We did however stop just short of export DEBIAN_FRONTEND=noninteractive because we want to know if we missed something (that could be important). Our use case is an operator starting the operation. The upgrade is expected to be non-interactive, but the operator is present if something goes wrong and a dialog presents itself. Your situation may be different.



                            But export DEBIAN_FRONTEND=noninteractive is your proverbial sledgehammer.



                            Just beware: Setting -o Dpkg::Options::=--force-confnew and/or UCF_FORCE_CONFFNEW=1 means that all config files from installed packages revert to the upstream ones. So e.g. in the case of openssh-server, your /etc/ssh/sshd_config will be reset to factory settings. And e.g. PermitRootLogin=yes will be removed. But of course you don't use that, so you'll be fine! ;-)






                            share|improve this answer












                            In addition to the other answers, you may also have to set the environment UCF_FORCE_CONFFNEW=1.



                            E.g. openssh in debian stretch uses ucf (not debconf) in it's openssh-server/openssh-7.4p1/debian/openssh-server.postinst to ask about the config file. (You can see the openssh-server.postinst by using dget against http://security.debian.org/debian-security/pool/updates/main/o/openssh/openssh_7.4p1-10+deb9u4.dsc)



                            We've had to use all the tricks on this page in addition to being liberal users of debconf preseeding.



                            We did however stop just short of export DEBIAN_FRONTEND=noninteractive because we want to know if we missed something (that could be important). Our use case is an operator starting the operation. The upgrade is expected to be non-interactive, but the operator is present if something goes wrong and a dialog presents itself. Your situation may be different.



                            But export DEBIAN_FRONTEND=noninteractive is your proverbial sledgehammer.



                            Just beware: Setting -o Dpkg::Options::=--force-confnew and/or UCF_FORCE_CONFFNEW=1 means that all config files from installed packages revert to the upstream ones. So e.g. in the case of openssh-server, your /etc/ssh/sshd_config will be reset to factory settings. And e.g. PermitRootLogin=yes will be removed. But of course you don't use that, so you'll be fine! ;-)







                            share|improve this answer












                            share|improve this answer



                            share|improve this answer










                            answered 31 mins ago









                            Peter V. Mørch

                            26515




                            26515



























                                 

                                draft saved


                                draft discarded















































                                 


                                draft saved


                                draft discarded














                                StackExchange.ready(
                                function ()
                                StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f22820%2fhow-to-make-apt-get-accept-new-config-files-in-an-unattended-install-of-debian-f%23new-answer', 'question_page');

                                );

                                Post as a guest













































































                                Popular posts from this blog

                                How to check contact read email or not when send email to Individual?

                                Displaying single band from multi-band raster using QGIS

                                How many registers does an x86_64 CPU actually have?