distupgrade: Use new configuration file instead of halting upgrade

Closes: #2509 If the user has changed a configuration file of a package outside of FreedomBox, the distribution upgrade process could face a configuration file prompt and fail midway. When using unattended-upgrades, these packages are not a problem as they would left untouched at an old version and the rest of the system would be upgraded. In case of distribution upgrade, these packages could cause the distribution upgrade to fail and leave the system in an unusable state. Rather than halt distribution upgrade midway due to a configuration file prompt, it is better to overwrite with the new configuration. Backup copy of the old configuration will be available to the user to later merge with the new configuration. For packages managed by FreedomBox, packages with configuration file prompt will be held back during upgrade and later carefully upgraded with merge. These package are not subject to --force-confnew option. Tests: - Install GNOME and edit the configuration file /etc/fwupd/remotes.d/lvfs-testing.conf. Upgrade to Trixie. Distribution upgrade was successful. Notice that the configuration file was force upgraded. Log shows that new configuration file was installed as requested. Running 'apt -f install' shows that there are not apt fixes pending. Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org> Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
2026-01-21 07:55:00 +00:00 · 2025-04-08 19:33:23 -07:00 · 2025-04-08 19:33:23 -07:00 · e9f21b6ae1
commit e9f21b6ae1
parent 4f629a9915
2 changed files with 20 additions and 3 deletions
--- a/plinth/modules/upgrades/distupgrade.py
+++ b/plinth/modules/upgrades/distupgrade.py
@ -336,9 +336,25 @@ def _apt_autoremove():


 def _apt_full_upgrade():
-    """Run and check if apt upgrade was successful."""
+    """Run and check if apt upgrade was successful.
+
+    If the user has changed a configuration file of a package outside of
+    FreedomBox, the distribution upgrade process could face a configuration
+    file prompt and fail midway. When using unattended-upgrades, these packages
+    are not a problem as they would left untouched at an old version and the
+    rest of the system would be upgraded. In case of distribution upgrade,
+    these packages could cause the distribution upgrade to fail and leave the
+    system in an unusable state. Rather than halt distribution upgrade midway
+    due to a configuration file prompt, it is better to overwrite with the new
+    configuration. Backup copy of the old configuration will be available to
+    the user to later merge with the new configuration.
+
+    For packages managed by FreedomBox, packages with configuration file prompt
+    will be held back during upgrade and later carefully upgraded with merge.
+    These package are not subject to --force-confnew option.
+    """
    logger.info('Running apt full-upgrade...')
-    _apt_run(['full-upgrade'])
+    _apt_run(['full-upgrade', '-o', 'Dpkg::Options::=--force-confnew'])


 def _unattended_upgrades_run():
--- a/plinth/modules/upgrades/tests/test_distupgrade.py
+++ b/plinth/modules/upgrades/tests/test_distupgrade.py
@ -394,7 +394,8 @@ def test_apt_full_upgrade(apt_run):
    """Test that apt full upgrade works."""
    apt_run.return_value = 0
    distupgrade._apt_full_upgrade()
-    apt_run.assert_called_with(['full-upgrade'])
+    apt_run.assert_called_with(
+        ['full-upgrade', '-o', 'Dpkg::Options::=--force-confnew'])


@patch('subprocess.run')