On Sun, Nov 13, 2016 at 10:56:32PM +0200, Yuri Kanivetsky wrote: > # sudo debconf-set-selections <<< "mysql-community-server > mysql-community-server/remove-data-dir boolean true" > > # echo GET mysql-community-server/remove-data-dir | debconf-communicate > 0 true > > # apt purge mysql-* > ... > > # echo GET mysql-community-server/remove-data-dir | debconf-communicate > 10 mysql-community-server/remove-data-dir doesn't exist
This happens because packages generally purge questions owned by them from the debconf database when they themselves are purged. This is up to each package, but debhelper's standard debconf integration code gets it right and packages generally don't deviate from that unless they have some particularly good reason. > # sudo debconf-set-selections <<< "mysql-server > mysql-server/root_password password 123456" > > # sudo debconf-set-selections <<< "mysql-server > mysql-server/root_password_again password 123456" > > # echo GET mysql-server/root_password | debconf-communicate > 0 123456 > > # apt install mysql-server-5.6 > ... > > # echo GET mysql-server/root_password | debconf-communicate > 0 This happens because mysql-server-5.6's postinst script explicitly clears the password from the debconf database in order to avoid it staying around on disk. > Why I can set a value when the package is not installed yet, but > getting it after removing the package triggers an error? These are consistent. You can always set a question's value using debconf-set-selections (it registers the question if it doesn't exist yet, because debconf-set-selections is intended to be used for preseeding). Your first GET above succeeded because you'd preseeded the value yourself; the second failed because when you purged the package it removed the preseeded question. > And more importantly, is the password still in debconf database after > installing the package? You were right to check, since it's possible for packages to get this wrong, but no, it's not. Also, by default, questions of "password" type go into a separate debconf database which is only readable by root. This isn't great protection and packages should still ensure that passwords aren't left there long-term, but it's better than nothing. -- Colin Watson [cjwat...@debian.org]