27-07-2016 | Remy van Elst | Text only version of this article
I'm working on a Nitrokey/SmartCard-HSM cluster article and therefore I needed three identical computers. The current version of Raspbian (2016-05-27) is based on Debian Jessie and comes with a version of OpenSC that is too old (0.14) to work with the Nitrokey/SmartCard-HSM. Since there is no Ubuntu 16.04 official image yet I decided to upgrade Raspbian to Debian Testing. Since I don't want to answer yes to any config file changes or service restarts I figured out how to do an unattended dist-upgrade.
The 3-Pi HSM cluster to be used for the cluster articles
The Nitrokey HSM is an open hardware and open software device. It is a USB version of the SmartCard-HSM. Both the SmartCard-HSM as the Nitrokey HSM have sources available and are fully supported by the OpenSC project.
Since Raspbian is a fork of Debian I first checked if there were any testing
repositories in the mirrors and as it turns
out, there are.
Since the current version ships with
OpenSC 0.14 and there is a
in the repo
suspected that that was the testing package. Installing it on Jessie failed
however, so a
dist-upgrade it was.
A regular repository change in
sources.list and a
dist-upgrade are very
interactive. It involves manual editing and the
apt upgrade asks a lot of
questions, for example, retain a config file, restart services, changelogs, etc.
Since I tend to reinstall Pi SD cards often I don't want to do that manual
process every time. So here are the commands to do an unattended upgrade to
testing. Which in my case works the 7 times I tried now, without asking
questions. Do note that in your case it might hose your Pi and destroy all data
and projects on it, so make sure you have a tested working backup.
Place this in a file named
# vim upgrade.sh # Remove any third party sources rm -rf /etc/apt/sources.list.d/* # Change te repo's sed -i -e 's/jessie/testing/g' /etc/apt/sources.list # Update package lists apt-get update ## UPGRADE ALL THE THINGS!!! DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt-get -q -y -o "Dpkg::Options::=--force-confdef" -o "Dpkg::Options::=--force-confold" dist-upgrade # Remove no longer needed packages DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt-get -q -y -o "Dpkg::Options::=--force-confdef" -o "Dpkg::Options::=--force-confold" autoremove --purge # FINISH HIM reboot
Save it and then run it to start the upgrade:
Debian packages can prompt a user during install to generate custom
configuration, or in the case of MySQL, set a root password. It can also have
messages with different priorities. The
critical priority is (almost) never
used so it won't prompt you. The
noninteractive frontend tells the terminal
that you're not able to answer any questions.
Dpkg::Options mean the following:
--force-confdef: upgrade the configuration file if there are no local changes
--force-confold: otherwise, preserve the existing configuration file
If you supply
--force-confnew instead of
--force-confold it will overwrite
any changes by the new config file.
If you want to install a package unattended you know will ask questions (like
MySQL), then you can use
debconf to set the answer to those questions
beforehand (scriptable, yay). In the case of MySQL on 12.04:
echo mysql-server-5.5 mysql-server/root_password password P@ssw0rd | debconf-set-selections echo mysql-server-5.5 mysql-server/root_password_again password P@ss0wrd | debconf-set-selections
You can view all possible selections (questions) with the
debconf-get-selections | grep mysql-server
mysql-server-5.5 mysql-server/root_password_again password mysql-server-5.5 mysql-server/root_password password mysql-server-5.5 mysql-server/error_setting_password error mysql-server-5.5 mysql-server-5.5/postrm_remove_databases boolean false mysql-server-5.5 mysql-server-5.5/start_on_boot boolean true
debconf is not installed, the package
debconf-utils provides it.