Audit our usage of apt/apt-get's --force-yes option
"This option name doesn't sound very dangerous, but it makes APT assume
the “yes” answer to all questions, including the question about
installing packages that couldn't be authenticated…"
Both the build system and ASP might be impacted.
- Status changed from Confirmed to Resolved
- Assignee deleted (
- % Done changed from 0 to 100
- Private changed from Yes to No
False alarm, I was confusing this option with
-y. I've checked tails.git, our submodules and our Puppet code: we don't use
--force-yes at all.