Ubuntu: Silent package installation and debconf

If you have worked on deploying packages via apt-get, you are probably familiar with a couple of forms of interruption during the package installation and upgrade process.

The first is the text menu shown during package upgrades that informs you that a new configuration file is available and asks if you want to keep your current one, use the new one from the package maintainer, or show the difference.

The second is the occasional ASCII dialog that interrupts the install/upgrade and ask for essential information before moving forward.  The screenshot below is the dialog you get when installing MySQL or MariaDB, asking to set the initial root password for the database.

The problem, in this age of cloud scale, is that you often need completely silent installations and upgrades that can be pushed out via Configuration Management.  Even if this is a build for an immutable image, you would prefer a completely automated construction process instead of manual intervention each time you build an image.

conffile prompt

Unless you are going through a major upgrade, you usually stick with your older conf file.  When this is the case, you should pass the ‘–force-confold’ option when calling apt-get like below:

export DEBIAN_FRONTEND=noninteractive
apt-get update -q
apt-get install -q -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" apache2 mysql-server

If you wanted the new configuration file, you would set ‘–force-confnew’, and the older conf file would be suffixed with ‘.dpkg-old’.  You would then need to go through a merge process if you wanted to get the older values back in the new working file.

See this great blog entry by Raphael Hertzog to read more.

And if you have Ubuntu unattended upgrades, you can make the confdef settings global defaults by creating ‘/etc/apt/apt.conf.d/local’ with:

Dpkg::Options { "--force-confdef"; "--force-confold"; };

debconf prompt

The second interruption comes when the installer wants key locations, passwords, or value during the installation or upgrade process.  These dialog prompts come up when the debconf database does not have a value to provide.

The good news is that if you insert these values ahead of time into the debconf database, you will not be prompted during the installation process.

There is one catch, though.  You have to know the key names in order to set them, and in order to know the key names, you must install the package first.  What that means, is that if I want to know the key names for Java or MySQL, I first need to install those packages and answer the questions manually.  Then I can query the key names using ‘debconf-get-selections’.  This is where development systems and snapshot rollbacks can assist.

For example, after installing MySQL, I can then get a list of the debconf keys like this:

# apt-get install mysql-server
# apt-get install debconf-utils
# debconf-get-selections | grep mysql-server

Which will return:

mysql-server-5.5 mysql-server/root_password_again     password 
mysql-server-5.5 mysql-server/root_password         password 
mysql-server-5.5 mysql-server-5.5/start_on_boot     boolean true 
mysql-server-5.5 mysql-server-5.5/postrm_remove_databases boolean false 
mysql-server-5.5 mysql-server/no_upgrade_when_using_ndb error 
mysql-server-5.5 mysql-server/password_mismatch     error 
mysql-server-5.5 mysql-server-5.5/nis_warning         note 
mysql-server-5.5 mysql-server-5.5/really_downgrade     boolean false 
mysql-server-5.5 mysql-server/error_setting_password     error

The two values that you are prompted for during the install are the password values.  So now if you go to a fresh machine, you can avoid the prompts during the MySQL install by using the following commands:

# echo mysql-server-5.5 mysql-server/root_password password Myp4ss | debconf-set-selections
# echo mysql-server-5.5 mysql-server/root_password_again password Myp4ss | debconf-set-selections
# apt-get install mysql

 

REFERENCES

http://www.microhowto.info/howto/perform_an_unattended_installation_of_a_debian_package.html

http://unix.stackexchange.com/questions/138751/unattended-upgrades-and-modified-configuration-files

http://unix.stackexchange.com/questions/22820/how-to-make-apt-get-accept-new-config-files-in-an-unattended-install-of-debian-f

Everything you need to know about conffiles: configuration files managed by dpkg

https://serversforhackers.com/video/installing-mysql-with-debconf

http://blog.delgurth.com/2009/01/19/pre-loading-debconf-values-for-easy-installation/

http://askubuntu.com/questions/381593/how-to-use-debcondf-show-results-with-debconf-set-selections

http://serverfault.com/questions/332459/how-do-i-delete-values-from-the-debconf-database

http://www.microhowto.info/howto/perform_an_unattended_installation_of_a_debian_package.html