Package immune to --yes --force-yes when deployed with chef
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| sudo (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
Bug Description
The sudo package exists in every server base in our infrastructure. For security reasons we want to keep it updated. By default the Chef resource that handles apt-get installs has -y. The sudo package still failed to install asking for a decision on the keeping or replacing of the /etc/sudoers file. It fails even if --force-yes is specified. I did not manage to find a way to automatically answer on this process, even though there is a default action - No, it still spits out the lovely:
Configuration file '/etc/sudoers'
==> Modified (by you or by a script) since installation.
==> Package distributor has shipped an updated version.
What would you like to do about it ? Your options are:
Y or I : install the package maintainer's version
N or O : keep your currently-installed version
D : show the differences between the versions
Z : start a shell to examine the situation
The default action is to keep your current version.
*** sudoers (Y/I/N/O/D/Z) [default=N] ? dpkg: error processing package sudo (--configure):
This caused massive issues in our infrastructure as all the deploys failed the first time when they hit the sudo package upgrade. A second deploy magically fixes the problem.
