Puppeteers,
I've been using the Debian apt provider for package to help ensure a
specific version of a package is installed such as:
package { "rsyslog": ensure => "5.8.11-1.1" }
However this appears[1] to add --force-yes to the apt command line in
addition to specifying the exact version requirement. The --force-yes
option is considered a dangerous option per the debian manual:
--force-yes
Force yes; This is a dangerous option that will cause apt to
continue without prompting if it is doing something potentially harmful. It
should not be used except in very special situations. Using force-yes can
potentially destroy your system! Configuration Item: APT::Get::force-yes.
Is there a reason puppet shouldn't use another option to explicitly add
--force-yes? Since this option essentially tells apt to ignore everything
it knows, I've run into cases where this can cause package dependencies to
become broken without it being obvious. The force flag is not necessary for
explicitly setting a version number, so it seems like a dangerous option is
not needed for this use case. Ideally there would be a force option to
Package that could set this flag to disregard dependencies.
[1]
https://github.com/puppetlabs/puppet/blob/master/lib/puppet/provider/package/apt.rb#L57-65
-John
--
You received this message because you are subscribed to the Google Groups
"Puppet Developers" group.
To view this discussion on the web visit
https://groups.google.com/d/msg/puppet-dev/-/mN-SAGSjpnwJ.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-dev?hl=en.
