Preseeding: Cannot Prevent First Time Prompt For Security Updates

Robert Brown's picture

I'm using the VMware image of the Wordpress appliance. I created /etc/inithooks.conf to set my passwords, etc. I did this by mapping the .vmdk file, not by booting the VM, so it's never been run. I want everything to happen automatically during the first boot when I deploy it.

In addition to setting my passwords, I added "SEC_UPDATES=FORCE" to inithooks.conf and my problem is that I am still prompted to install updates during the first boot.

I can see from the logic in /usr/lib/inithooks/firstboot.d/95secupdates that this should prevent the execution of and just do the one-time update. If I manually answer the prompt, I can log on with the password specified in inithooks.conf, so that file was installed correctly.

I found the following statement in a forum post titled "announcing-xen-builds": "You should also make sure that inithooks.conf includes *ALL* of the variables, otherwise the inithook system will turn on interactivity."

I wasn't sure if this applied to my situation, but I made sure I had all the variables listed for the Wordpress appliance in "How to customize appliance initialization (inithooks)", leaving my inithooks.conf looking like this:



Can someone tell me what I'm doing wrong? I would greatly appreciate it.


Alon Swartz's picture

The SEC_UPDATES preseed value needs to be exported into the environment otherwise it won't take affect as the 90delconf which runs before 95secupdates deletes the configuration (for security reasons), and the setting won't be accessible, and will default to interactive mode as you've seen.

So, just add 'export' before any preseed values and everything should work. For example:

export ROOT_PASS=...
export DB_PASS=...
export APP_PASS=...
export APP_EMAIL=...
export APP_DOMAIN=...

Post new comment