On Fri, Oct 22, 2021 at 01:58:34PM +0000, Kodiak Firesmith wrote: > So I figured out how to change the origin via reprepro and got the new > distribution data published, but then discovered that on the whole fleet > we'd need to manually / explicitly accept the origin change: > > N: This must be accepted explicitly before updates for this > repository can be applied. See apt-secure(8) manpage for details. > > The only way I've found to deal with this is to delete the old repository > data files from /var/lib/apt/lists/, but that feels a bit clunky. Both > --assume-yes and the dreaded/deprecated --force-yes fail to overcome the > explicit prompt to approve the origin change. Technically I can automate The apt-get manpage has a (group of) options just for that: ``` --allow-releaseinfo-change Allow the update command to continue downloading data from a repository which changed its information of the release contained in the repository indicating e.g a new major release. APT will fail at the update command for such repositories until the change is confirmed to ensure the user is prepared for the change. See also apt-secure(8) for details on the concept and configuration. Specialist options (--allow-releaseinfo-change-field) exist to allow changes only for certain fields like origin, label, codename, suite, version and defaultpin. See also apt_preferences(5). Configuration Item: Acquire::AllowReleaseInfoChange. ``` So --allow-releaseinfo-change-origin demotes the error to a notice. Alternatively you could temporarily serve a config file containing `Acquire::AllowReleaseInfoChange::Origin "true";` to your fleet with your Ansible or what not. Best regards David Kalnischkies
Attachment:
signature.asc
Description: PGP signature