enterprise-ubuntu team mailing list archive

[David Burke <dmbst32@xxxxxxxxx>]

I just got around to playing with this. These changes help is most
situations.

unattended-upgrades was able to upgrade grub without any prompt! I also
tried hard shutting down in the middle of an upgrade - it seemed to recover
fine. So I'm going to start using it.

pam-auth-update - I've seen it silently nuke pam.d confs :( I solved it by
ensuring pam-auth-update works when run with defaults. ie not just hacking
pam.d files.

Thanks Ballock for the advice.


On Wed, Jun 26, 2013 at 4:11 AM, Bolesław Tokarski <
boleslaw.tokarski@xxxxxxxxx> wrote:

>  Hello,
>
> Personally, I am using unattended-upgrades. This one rarely produces any
> pop-up. Can't say I solved the problem, though.
>
> At one point I had a problem with cloned USB sticks containing the OS.
> These were the LiveCD-kind, but grub was configured to install in the MBR
> using the /dev/disk/by-id/ -style ID. Of course it turned out that every
> USB stick has a different ID, but not until there was a grub update did we
> notice that there is a problem. As the grub package did not know where to
> put the updated version, it prompted with a question, where the default
> answer was to put on every MBR. That of course included the physical hard
> drive, where people were running Windows. So that was a question that had a
> high chance of breaking the machine.
>
> I would suggest you to check the force-confold option to dpkg. You can put
> it to dpkg.conf, so thus system-wide. This should dismiss all or most of
> the configuration merge requests. Then, some packages have a debconf-style
> question and configure the package depending on the answers from those
> questions. Hopefully most can be preseeded to hold the answer that debconf
> should not manage the configuration of the package (I guess a good example
> is samba). For now I still can't work around pam-auth-update, but I focused
> on different things...
>
> Cheers,
> Ballock
>
>
> On 25/06/13 20:05, David Burke wrote:
>
> Hey folks,
>
>  I wonder how people handle this. A good number of updates show prompts
> to the user asking questions beyond their understanding. For example grub
> or lightdm. In an enterprise these configurations might be managed. Because
> these conf files are different, I get many more of these questions than a
> stock Ubuntu install where it's much less of a problem.
>
>  My users are non technical and tend to click anything on prompts
> (including non default options). This can do damage from breaking
> authentication to just users getting worried and contacting IT (which adds
> to costs)
>
>  Fully automated updates done like this<http://askubuntu.com/questions/146921/how-do-i-apt-get-y-dist-upgrade-without-a-grub-config-prompt>won't ask questions - but cause instability if the user powers down during
> an update. If a user is aware of the update they (hopefully) won't turn the
> computer off suddenly.
>
>  Puppet mitigates some pain by ensuring configurations are changed back
> but users still get prompts that might worry them.
>
>  Ideally I'd like update manager to never ask questions under any
> circumstance and always use defaults.
>
>  Best,
> David Burke
>
>
>
>
> --
> Mailing list: https://launchpad.net/~enterprise-ubuntu
> Post to     : enterprise-ubuntu@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~enterprise-ubuntu
> More help   : https://help.launchpad.net/ListHelp
>
>