Thanks! Unfortunately, this doesn't fully solve my problem: using "force:
yes" will disable useful apt security checks. For example, with "force:
yes" Ansible will install packages that cannot be authenticated - I don't
want that.
Is there a better way?
best,
Jan
On Thursday, March 3, 2016 at 7:35:05 AM UTC+1, Alexey Vazhnov wrote:
>
> Your playbook gave me an error too:
>
> fatal: [localhost]: FAILED! => {"cache_update_time": 0, "cache_updated":
> false, "changed": false, "failed": true, "msg": "'/usr/bin/apt-get -y -o
> \"Dpkg::Options::=--force-downgrade\" install 'haproxy=1.4.24-2'' failed:
> E: There are problems and -y was used without --force-yes\n", "stderr": "E:
> There are problems and -y was used without --force-yes\n", "stdout": "Reading
> package lists...\nBuilding dependency tree...\nReading state
> information...\nSuggested packages:\n vim-haproxy\nThe following packages
> will be DOWNGRADED:\n haproxy\n0 upgraded, 0 newly installed, 1
> downgraded, 0 to remove and 0 not upgraded.\nNeed to get 453 kB of
> archives.\nAfter this operation, 403 kB disk space will be freed.\n",
> "stdout_lines": ["Reading package lists...", "Building dependency tree..."
> , "Reading state information...", "Suggested packages:", " vim-haproxy",
> "The
> following packages will be DOWNGRADED:", " haproxy", "0 upgraded, 0
> newly installed, 1 downgraded, 0 to remove and 0 not upgraded.", "Need to
> get 453 kB of archives.", "After this operation, 403 kB disk space will
> be freed."]}
>
> But I added parameter "force: yes" and package downgraded successfully.
> Resulted playbook:
>
> ---
> - hosts: all
> tasks:
> - name: install haproxy
> apt:
> name: haproxy=1.4.24-2
> force: yes
> dpkg_options: force-downgrade
> sudo: yes
>
> I used Ansible v. 2.0.1.0 on Ubuntu 14.04 amd64. I tested with this
> command:
> ansible-playbook -s --ask-sudo-pass -i inventory/testing/localhost --limit
> =localhost --connection=local downgrading.yml
>
> On Wednesday, March 2, 2016 at 9:27:24 PM UTC+5, [email protected]
> wrote:
>>
>> Hello,
>>
>> in my ansible playbook I want to ensure a specific version of a package
>> is installed, even if that would mean downgrading it. I know that I can
>> specify version together with package name, like this: haproxy=1.4.24-2.
>> However, this is not enough in case of downgrading: this playbook
>>
>> - hosts: all
>> tasks:
>> - name: install haproxy
>> apt:
>> name: haproxy=1.4.24-2
>> sudo: yes
>>
>> will fail if a newer version of haproxy is installed. I know that I can
>> use "force" attribute, but that would also disable some useful security
>> checks - for example, with force=yes Ansible would install a package even
>> if it couldn't be authenticated. Is there a better way?
>>
>> I thought that "dpkg_options" may help me, but this playbook also fails
>> on downgrade:
>>
>> - hosts: all
>> tasks:
>> - name: install haproxy
>> apt:
>> name: haproxy=1.4.24-2
>> dpkg_options: force-downgrade
>> sudo: yes
>>
>> Is this a bug?
>> Maybe I should approach this problem in an altogether different way?
>>
>> best,
>> Jan
>>
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/361245e4-46b3-46d9-814c-79e95f97eec1%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
