diff options
author | Arch Librarian <arch@canonical.com> | 2004-09-20 16:57:20 +0000 |
---|---|---|
committer | Arch Librarian <arch@canonical.com> | 2004-09-20 16:57:20 +0000 |
commit | a7c835af20feeb470238ead3bda36af978c2600f (patch) | |
tree | fc85aa957eeba8b21c7a9c18bc8efb126c94d222 /doc/vendors.list.5.sgml | |
parent | 36803406d195dba90a418bb858ebf65033867aba (diff) |
Alfredo's vendor stuff
Author: jgg
Date: 2001-03-13 06:51:46 GMT
Alfredo's vendor stuff
Diffstat (limited to 'doc/vendors.list.5.sgml')
-rw-r--r-- | doc/vendors.list.5.sgml | 104 |
1 files changed, 104 insertions, 0 deletions
diff --git a/doc/vendors.list.5.sgml b/doc/vendors.list.5.sgml new file mode 100644 index 000000000..b9ef9aa56 --- /dev/null +++ b/doc/vendors.list.5.sgml @@ -0,0 +1,104 @@ +<!-- -*- mode: sgml; mode: fold -*- --> +<!doctype refentry PUBLIC "-//OASIS//DTD DocBook V3.1//EN" [ + +<!ENTITY % aptent SYSTEM "apt.ent"> +%aptent; + +]> + +<refentry> + &apt-docinfo; + + <refmeta> + <refentrytitle>vendors.list</> + <manvolnum>5</> + </refmeta> + + <!-- Man page title --> + <refnamediv> + <refname>vendors.list</> + <refpurpose>Security key configuration for APT</> + </refnamediv> + + <RefSect1><Title>Description</> + <para> + The package vendor list contains a list of all vendors + from whom you wish to authenticate downloaded packages. + For each vendor listed, it must contain the corresponding + PGP key fingerprint, so that APT can perform signature + verification of the release file and subsequent checking + of the checksums of each downloaded package. + To have authentication enabled, you must add the + vendor identification string (see below) enclosed in + square braces to the sources.list line for all sites that mirror + the repository provided by that vendor. + <para> + The format of this file is similar to the one used by + apt.conf. It consists of an arbitrary number of blocks of + vendors, where each block starts with a string telling the + <replaceable/key_type/ and the <replaceable/vendor_id/. + <para> + Some vendors may have multiple blocks that define different + security policies for their distributions. Debian for instance + uses a different signing methodology for stable and unstable releases. + <para> + <replaceable/key_type/ is the type of the check required. + Currently, there is only one type available which is + <literal/simple-key/. + <para> + <replaceable/vendor_id/ is the vendor identification string. It is an + arbitrary string you must supply to uniquely identifify a + vendor that's listed in this file. + + Example: +<informalexample><programlisting> +single_key "joe" +{ + Fingerprint "0987AB4378FSD872343298787ACC"; + Name "Joe Shmoe <joe@shmoe.com>"; +} +</programlisting></informalexample> + + </RefSect1> + + <RefSect1><Title>The simple-key type</> + <para> + This type of verification is used when the vendor has a single + secured key that must be used to sign the Release file. The + following items should be present + + <VariableList> + <VarListEntry><Term>Fingerprint</Term> + <ListItem><Para> + The PGP fingerprint for the key. The fingerprint should be + expressed in the standard notion with or without spaces. + The <option/--fingerprint/ option for + <CiteRefEntry><RefEntryTitle><command/gpg/</RefEntryTitle><ManVolNum/1/</CiteRefEntry> + will show the fingerprint for the selected keys(s). + </VarListEntry> + + <VarListEntry><Term>Name</Term> + <ListItem><Para> + A string containing a description of the owner of + the key or vendor. You may put the vendor name and it's + email. The string must be quoted with ". + </VarListEntry> + + </VariableList> + </RefSect1> + + <RefSect1><Title>Files</> + <para> + <filename>/etc/apt/vendors.list</> + </RefSect1> + + <RefSect1><Title>See Also</> + <para> + &sources-list; + </RefSect1> + + &manbugs; + &manauthor; + +</refentry> + |