Bug #10241
closed"Package management" technique missing "allow untrusted" switch
Description
The deprecated "Package management for Debian / Ubuntu / APT systems" technique had "Allow untrusted package installation" ("APT_PACKAGE_ALLOW_UNTRUSTED") switch to produce appropriate apt call.
As far as I view, the new "Package management" technique has no.
It is bad practice to turn off key validation global, while sometimes there is real need in installation of local built package (e.g. "testing"/"staging" deployment steps).
In rpm-based (RH, SUSE) it can be tuned repo-wide, while deb-based with apt must be hinted on each call.
So, at this moment "Package management" in not valid replace for "Package management for Debian / Ubuntu / APT systems".
Updated by Alexis Mousset almost 8 years ago
- Related to User story #9817: Synchronize package modules from masterfiles added
Updated by Alexis Mousset almost 8 years ago
- Assignee set to Alexis Mousset
This can be implemented using options passed directly to the package manager (which are now usable in the apt_get module).
Updated by Benoît PECCATTE almost 8 years ago
- Found in version(s) old deleted (
4.0.3)
Updated by François ARMAND almost 8 years ago
- Related to User story #9125: Add a technique using new package promises added
Updated by Benoît PECCATTE almost 8 years ago
- Tracker changed from Bug to User story
Updated by Jonathan CLARKE almost 8 years ago
- Tracker changed from User story to Bug
- Subject changed from "Package management" technique must have "allow untrusted" switch to "Package management" technique missing "allow untrusted" switch
- Reproduced set to No
- Severity set to Major - prevents use of part of Rudder | no simple workaround
- User visibility set to Getting started - demo | first install | level 1 Techniques
This is clearly high priority - we are replacing old package Techniques with this new one. If it is missing a feature, this is something we have overlooked, since the new Package Techniques are designed to replace the old ones. Moving this to bug and setting high priority.
Please work on a fix.
Updated by Alexis Mousset almost 8 years ago
- Related to User story #10388: Add a generic method that handles using options in package actions added
Updated by Alexis Mousset almost 8 years ago
As I wrote in the previous comment, we can quite easily implement it for apt/dpkg.
We need to:
- Synchronize package modules from masterfiles (as the feature we need was not implemented when adding new package methods in Rudder)
- Add a new method to allow using options
- Find a way to add this option to the technique (but only for apt/dpkg for now)
For other package managers, if possible, it would require adding options handling to the package modules.
Updated by François ARMAND over 7 years ago
- Related to Bug #5071: Debian package management: can't specify a repository (ex: "-t wheezy-backports") added
Updated by Vincent MEMBRÉ over 7 years ago
- Target version changed from 4.0.4 to 4.0.5
- Priority changed from 54 to 53
Updated by Alexis Mousset over 7 years ago
- Status changed from New to In progress
Updated by Vincent MEMBRÉ over 7 years ago
- Target version changed from 4.0.5 to 4.0.6
- Priority changed from 53 to 52
Updated by Vincent MEMBRÉ over 7 years ago
- Target version changed from 4.0.6 to 4.0.7
Updated by Dmitry Svyatogorov over 7 years ago
Hi! Since Rudder 4.1, no means left to install unsigned .deb. (Except of NCF-scenario, that is not yet covered with API, but API is needed to work around the absence of granular RBAC).
Therefore, 4.1.x is now (out-of-the-box) unsuitable for deb-based testing environments.
Updated by Alexis Mousset over 7 years ago
We now have access to package manager options through package_state_options
in ncf, but we still need to define the new option(s) and create the 1.1 version of the technique.
Updated by Vincent MEMBRÉ over 7 years ago
- Target version changed from 4.0.7 to 357
Updated by Benoît PECCATTE over 7 years ago
It is ok to have options that only work on specific package managers as along as it's properly indicated.
Updated by Alexis Mousset over 7 years ago
- Target version changed from 357 to 4.1.6
Updated by Alexis Mousset over 7 years ago
- Status changed from In progress to Pending technical review
- Assignee changed from Alexis Mousset to Benoît PECCATTE
- Pull Request set to https://github.com/Normation/rudder-techniques/pull/1182
Updated by Alexis Mousset over 7 years ago
- Status changed from Pending technical review to Pending release
Applied in changeset rudder-techniques|d9c2d014a6b5a8769893e43b677ac914cff02b4e.
Updated by Dmitry Svyatogorov over 7 years ago
Please, look at http://www.rudder-project.org/redmine/issues/11207 before release.
"apt_get repo-install" instead of "apt_get install" makes technique unusable for debian|ubuntu.
Updated by Vincent MEMBRÉ over 7 years ago
- Status changed from Pending release to Released
This bug has been fixed in Rudder 4.1.6 and 4.2.0~beta3 which were released today.
- 4.1.6: Announce Changelog
- 4.2.0~beta3: Announce Changelog
- Download: https://www.rudder-project.org/site/get-rudder/downloads/