How to bypass the user confirmation when installing packages on linux - bash

I'm writing a basic script in bash to automatically install a few packages on new machines (basically, the first script to run on a new machine before doing anything else). I'm downloading openssh-server and python for example.
My goal is just to launch the script in sudo mode, wait a few minutes and get started. The only problem I'm facing is the machine requires the user to input "y" when needed and I can't find a way to bypass this.
This is just a sample of my script :
#!/bin/bash
sudo apt update
sudo apt install openssh-server
sudo apt-get install python3
what I expect is just run this command and let it roll without the user to have and put "y" when needed
sudo bash start-script.sh

Use the -y option of apt-get. From the apt-get man page:
-y, --yes, --assume-yes
Automatic yes to prompts; assume "yes" as answer to all prompts and
run non-interactively. If an undesirable situation, such as
changing a held package, trying to install a unauthenticated
package or removing an essential package occurs then apt-get will
abort. Configuration Item: APT::Get::Assume-Yes.

Related

Automate installation of package maintainer's version during Elasticsearch upgrade

I am running a shell script that installs elasticsearch. I was previously running 7.x on the ec2 instance and I'm upgrading to version 8.
When I run the script, I get the message that a configuration file has changed with the below instructions.
Since I can't select anything, it defaults to keeping my current version and that's not what I want.
I want to install the package maintainer's version.How can I run my script to automate the process?
Instruction that pops up during installation
==> Modified (by you or by a script) since installation.
==> Package distributor has shipped an updated version.
What would you like to do about it ? Your options are:
Y or I : install the package maintainer's version
N or O : keep your currently-installed version
D : show the differences between the versions
Z : start a shell to examine the situation
The default action is to keep your current version.
**deployment script that handles elasticsearch installation **
Yes | Sudo DEBIAN_FRONTEND=noninteractive apt-get install elasticsearch
Yes|Sudo apt-get
I tried adding a yes to my sudo apt-get hoping to automate every interaction. I also turned off Debian interaction.
Yes | Sudo DEBIAN_FRONTEND=noninteractive apt-get install elasticsearch

Ubuntu unattended upgrades conflict with startup script on google cloud compute engine

Using a GCP Ubuntu 18.04 image, plain.
I use startup scripts on vm to automate the deployment of features and changes to the base image. I have one that start with the following :
#! /bin/bash
add-apt-repository 'deb https://cloud.r-project.org/bin/linux/ubuntu bionic-cran35/'
apt update
apt -y upgrade
export DEBIAN_FRONTEND=noninteractive
apt -y install libpam-dev libpam-ldap r-base
Unfortunatly on some machine that haven't ran in a while, I get the following error:
From /var/log/syslog :
startup-script: INFO startup-script: dpkg: error: dpkg frontend is locked by another process
From my investigation I can see that the process unattended upgrades is locking the file because it is doing the automatic security updates to the system. If I let the automatic upgrades complete and launch the script manually, everything runs just fine.
Is there a way to delay the execution of the startup script so that it starts after unattended upgrades is done? I mean, something that is more reliable than a simple wait command.
The startup script is configured via the metadata of the vm per GCP documentation.
Thanks a lot and have a great day.
You can have your script wait until the dpkg lock is no longer held. This AskUbuntu answer suggests a solution using fuser to see if the lock file is in use by another process:
#!/bin/bash
while fuser /var/lib/dpkg/lock >& /dev/null; do
echo "waiting for other package installs to complete..."
sleep 1
done
add-apt-repository 'deb https://cloud.r-project.org/bin/linux/ubuntu bionic-cran35/'
apt update
apt -y upgrade
export DEBIAN_FRONTEND=noninteractive
apt -y install libpam-dev libpam-ldap r-base

Avoid yum error when a package is already installed

I am using AWS Elastic Beanstalk on a Linux machine and need to install some fonts in .ebextensions:
container_commands:
01_getfont:
command: sudo yum -y install http://somesite.com/rpm/webcore-fonts-3.0-1.noarch.rpm
That works well the 1st time, with the fonts installed.
The 2nd time when I deploy the EB again, it now gave me this error:
Application update failed at 2019-01-28T23:44:14Z with exit status 1 and error: container_command 01_getfont in .ebextensions/fonts.config failed.
Loaded plugins: priorities, update-motd, upgrade-helper
Examining /var/tmp/yum-root-0Yx1DY/webcore-fonts-3.0-1.noarch.rpm: webcore-fonts-3.0-1.noarch
/var/tmp/yum-root-0Yx1DY/webcore-fonts-3.0-1.noarch.rpm: does not update installed package.
Error: Nothing to do.
How do I avoid getting that errors when that package has been installed on the same EC2 instance the 2nd time?
I found out the answer to this problem later, posting it here for the benefits of others with similar issue.
I use reinstall instead:
sudo yum -y reinstall http://somesite.com/rpm/webcore-fonts-3.0-1.noarch.rpm
This will work the 1st time and all other times of deployment.
Edit:
The above does not work as well as reinstall will fail if package is not installed. I ended up detecting if the package has been installed, if not, install it else re-install:
command: sudo yum -q list installed webcore-fonts.noarch &>/dev/null && sudo yum -y reinstall http://somesite.com/rpm/webcore-fonts-3.0-1.noarch.rpm || sudo yum -y install http://somesite.com/rpm/webcore-fonts-3.0-1.noarch.rpm
Use the packages directive:
packages:
rpm:
webcore-fonts: http://somesite.com/rpm/webcore-fonts-3.0-1.noarch.rpm
This will handle not installed and already installed scenarios.
Yum can return a non-zero exit status for things that are not really errors, causing higher-level systems such as Elastic Beanstalk to think the script has failed.
In particular, yum sometimes says "Nothing to do" with exit status of 1 - this can mean various things but includes the case where required packages are already installed.
The way I work around this for scripts using yum is:
yum -y install somepackage
if [ $? -ne 1 ]; then # Exit on any any error except 'nothing to do'
exit 0
fi
A simpler way is just to ignore all errors by appending a true or exit 0 command - however, this is eventually going to bite you when the Yum repo is unreachable, or Yum has out of date metadata, etc.
Advanced tip
If you have several yum commands, or more error codes to handle, you might want to read up on the shell trap command, specifically on EXIT or ERR which lets you handle these cases in a single place, and potentially not exit on unwanted errors. See this stack for more on this.
Alternative for local installs
See this answer for more, including a simple alternative when installing RPMs that you have downloaded.

How can I check for daily updates for Ubuntu 16.04 via command line?

I do not know how to check for this via command line. I do know that you can do this for through the GUI; however, I want to implement this in my script. Anyone know how to do this? (I haven't found anything about this).
Ubuntu updates are managed through the apt package manager.
If you're looking to run daily updates you'll want to do something like:
sudo apt update # updates apt packages index
sudo apt upgrade # runs upgrades on all packages

Bash command for automatically confirm option during installation

Whenever you're installing a package, it usually prompts for y/n confirmation, is there a way to automate this?
You might try
yes | install-package.sh
on debian based distros you can run:
apt-get -y install <package_to_install>
to further automate it (in case of installing packages that asks some questions - for example mysql-server asks for db root password) run:
DEBIAN_FRONTEND=noninteractive apt-get -y install <package_to_install>
Try the -f switch. It probably depends on which package manager you have, so you should check the man-page for your package manager to confirm.

Resources