[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Invoking ‘init’ from an init.d script (Wheezy)

On Mon, Jun 08, 2015 at 12:09:37PM +0200, Alexander Thomas wrote:
> On Mon, Jun 8, 2015 at 11:49 AM, Ansgar Burchardt <ansgar@debian.org> wrote:
> > On 06/08/2015 10:29 AM, Alexander Thomas wrote:
> >> We
> >> falsely assumed that setting DEBIAN_FRONTEND=noninteractive
> >> APT_LISTCHANGES_FRONTEND=none, and using the -y and --force-yes
> >> options, would never invoke terminal-related code.
> >
> > Please be aware that --force-yes makes apt ignore invalid signatures for
> > repositories, cf. https://bugs.debian.org/787174. It is a really unsafe
> > option that should probably not be used in any automated way, though I
> > have seen people do so in several places.
> I know, but this is a closed system and nothing is pulled in from
> external repositories during this automated update. The stuff that is
> included in the local patch repository is thoroughly tested before
> release. Still, enforcing proper signing and getting rid of that
> --force-yes is on our TODO list.

Use --allow-unauthenticated in this case. Or better yet, mark the local
source as [trusted=yes] in sources.list to avoid this prompt without
opening the floodgates entirely.

--force-yes e.g. also disables the 'Do as I say' prompt before
destroying your system^W^W^Wremoving (pseudo) essential packages.

It is on my TODO list to drop the --force-yes flag and replace it with
specialised --allow-* flags 'just' to force users to acknowledge what
it is they are saying yes to. Somehow most people are way more willing
to add --allow-everything than --allow-prostate-exam …

Best regards

David Kalnischkies

Attachment: signature.asc
Description: Digital signature

Reply to: