-# install grml keys:
-gpg --keyserver subkeys.pgp.net --recv-keys F61E2E7CECDEA787 || \
-gpg --keyserver blackhole.pca.dfn.de --recv-keys F61E2E7CECDEA787
-gpg --export F61E2E7CECDEA787 > $target/etc/apt/grml.key
-$ROOTCMD apt-key add /etc/apt/grml.key
+ $ROOTCMD apt-get -y install aptitude
+ fi
+
+ # make sure we can upgrade automatically,
+ # even with unsigned repos, but only if user wants it
+ if [ "${FAI_ALLOW_UNSIGNED:-}" = "1" ] ; then
+ APTGET_OPTS="${APTGET_OPTS:-} --allow-unauthenticated"
+ APTITUDE_OPTS="${APTITUDE_OPTS:-} --allow-untrusted"
+ fi
+
+ # make sure we don't fail when configuration files changed
+ APTGET_OPTS="${APTGET_OPTS:-} -o DPkg::Options::=--force-confdef -o DPkg::Options::=--force-confmiss -o DPkg::Options::=--force-confnew"
+ APTITUDE_OPTS="${APTITUDE_OPTS:-} -o DPkg::Options::=--force-confdef -o DPkg::Options::=--force-confmiss -o DPkg::Options::=--force-confnew"
+
+ if $ROOTCMD test -x /usr/bin/aptitude ; then
+ if $ROOTCMD aptitude --help | grep -q safe-upgrade ; then
+ APT_LISTCHANGES_FRONTEND=none APT_LISTBUGS_FRONTEND=none $ROOTCMD aptitude -y $APTITUDE_OPTS safe-upgrade
+ else
+ APT_LISTCHANGES_FRONTEND=none APT_LISTBUGS_FRONTEND=none $ROOTCMD aptitude -y $APTITUDE_OPTS upgrade
+ fi
+ else
+ APT_LISTCHANGES_FRONTEND=none APT_LISTBUGS_FRONTEND=none $ROOTCMD apt-get -y $APTGET_OPTS --force-yes upgrade
+ fi
+
+ exit # make sure we don't continue behind the following "fi"
+fi