Thank you for taking the time to report this bug and helping to make Ubuntu better.
> `apt-get install -y -qq ansible` This does not guarantee a non-interactive run. If you want a non- interactive run, you must use all the necessary parameters. For example: UCF_FORCE_CONFOLD=1 DEBIAN_FRONTEND=noninteractive apt-get -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" -qq -y install ansible See the dpkg and ucf documentation to set the default behaviour as you actually want it. Perhaps this could be better documented in apt-get(8). The -y option there refers to apt-get itself only and does not apply to underlying dpkg behaviour and debconf and ucf calls that might be called from maintainer scripts that need to interact with the user. Unfortunately my example above isn't a complete answer either, since there is no unified "must run non-interactively" directive that individual package maintainer scripts must follow. In general though they tend to use dpkg's built-in handling, debconf and ucf when prompting the user is required, so this should cover most (99%+?) cases. It's valid to say that we could do with a better unified way of achieving non-interactivity. However, in today's current design, if you're not calling apt-get with the appropriate parameters as in my example above, then it's your script that isn't correctly calling for non-interactivity. All configuration management tooling that expects non-interactivity needs to be doing this, and this isn't a workaround - it's the official CLI interface. Bug 1747464 is related, though that relates to the default conffile state in our cloud images, so is a more specific instance of the problem where _interactive_ use causes unnecessary prompts. This bug is not valid for openssl, because it isn't a bug for it to prompt in itself. It is perhaps valid for ansible if ansible itself incorrectly assumes non-interactivity without requesting it correctly - I don't if that's the case specifically with Ubuntu's ansible package; if it is, please describe the detail and change that bug status back to New. It would be a valid feature request for Ubuntu to request a more unified way of requesting non-interactivity, though that would be a major effort as it would require changes across the stack, and wouldn't be of particularly high priority as we have a good enough (if non-obvious) way of achieving the same thing today (my example above). Specific requests to make this clear in documentation would also be valid. Please file separate bugs for those if you wish. I hope though that I've described adequately above why the behaviour you describe isn't itself a bug in the base packages. ** Changed in: openssl (Ubuntu) Status: New => Invalid ** Changed in: ansible (Ubuntu) Status: Confirmed => Incomplete -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/1833013 Title: Interactive prompt during non-interactive install Status in ansible package in Ubuntu: Incomplete Status in openssl package in Ubuntu: Invalid Bug description: `apt-get install -y -qq ansible` runs `whiptail --backtitle Package configuration --title Configuring libssl1.1:amd64 --output-fd 11 --defaultno --yesno -- There are services installed on your system which need to be restarted when certain libraries, such as libpam, libc, and libssl, are upgraded. Since these restarts may cause interruptions of service for the system, you will normally be prompted on each upgrade for the list of services you wish to restart. You can choose this option to avoid being prompted; instead, all necessary restarts will be done for you automatically so you can avoid being asked questions on each library upgrade. Restart services during package upgrades without asking? 16 77`, causing a non-interactive installation to be impossible. Also reported to the Ansible Local Vagrant provisioner because they will probably have to work around this in the short term: https://github.com/hashicorp/vagrant/issues/10914 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ansible/+bug/1833013/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp