[Bug 1642286] [NEW] Package immune to --yes --force-yes when deployed with chef

Stoyan Ivanov 1642286 at bugs.launchpad.net
Wed Nov 16 14:51:52 UTC 2016 

Public bug reported:

The sudo package exists in every server base in our infrastructure. For security reasons we want to keep it updated. By default the Chef resource that handles apt-get installs has -y. The sudo package still failed to install asking for a decision on the keeping or replacing of the /etc/sudoers file. It fails even if --force-yes is specified. I did not manage to find a way to automatically answer on this process, even though there is a default action - No, it still spits out the lovely:
Configuration file '/etc/sudoers'
 ==> Modified (by you or by a script) since installation.
 ==> Package distributor has shipped an updated version.
   What would you like to do about it ?  Your options are:
    Y or I  : install the package maintainer's version
    N or O  : keep your currently-installed version
      D     : show the differences between the versions
      Z     : start a shell to examine the situation
 The default action is to keep your current version.
*** sudoers (Y/I/N/O/D/Z) [default=N] ? dpkg: error processing package sudo (--configure):
This caused massive issues in our infrastructure as all the deploys failed the first time when they hit the sudo package upgrade. A second deploy magically fixes the problem.

** Affects: sudo (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to sudo in Ubuntu.
https://bugs.launchpad.net/bugs/1642286

Title:
  Package immune to --yes --force-yes when deployed with chef

Status in sudo package in Ubuntu:
  New

Bug description:
  The sudo package exists in every server base in our infrastructure. For security reasons we want to keep it updated. By default the Chef resource that handles apt-get installs has -y. The sudo package still failed to install asking for a decision on the keeping or replacing of the /etc/sudoers file. It fails even if --force-yes is specified. I did not manage to find a way to automatically answer on this process, even though there is a default action - No, it still spits out the lovely:
  Configuration file '/etc/sudoers'
   ==> Modified (by you or by a script) since installation.
   ==> Package distributor has shipped an updated version.
     What would you like to do about it ?  Your options are:
      Y or I  : install the package maintainer's version
      N or O  : keep your currently-installed version
        D     : show the differences between the versions
        Z     : start a shell to examine the situation
   The default action is to keep your current version.
  *** sudoers (Y/I/N/O/D/Z) [default=N] ? dpkg: error processing package sudo (--configure):
  This caused massive issues in our infrastructure as all the deploys failed the first time when they hit the sudo package upgrade. A second deploy magically fixes the problem.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1642286/+subscriptions

More information about the foundations-bugs mailing list