Alfredo's vendor stuff

Author: jgg
Date: 2001-03-13 06:51:46 GMT
Alfredo's vendor stuff

3 files changed, 107 insertions, 3 deletions

diff --git a/doc/apt.ent b/doc/apt.ent
index 1c95417b3..b85e05f70 100644
--- a/doc/apt.ent
+++ b/doc/apt.ent
@@ -78,8 +78,8 @@
  <docinfo>
    <address><email>apt@packages.debian.org</></address>
    <author><firstname>Jason</> <surname>Gunthorpe</></>
-   <copyright><year>1998-2000</> <holder>Jason Gunthorpe</></>
-   <date>20 September 2000</>
+   <copyright><year>1998-2001</> <holder>Jason Gunthorpe</></>
+   <date>12 March 2001</>
  </docinfo>
 "> 
 
diff --git a/doc/makefile b/doc/makefile
index 8aeb406fa..2ea37eae7 100644
--- a/doc/makefile
+++ b/doc/makefile
@@ -13,7 +13,7 @@ include $(DEBIANDOC_H)
 # Man pages
 SOURCE = apt-cache.8 apt-get.8 apt-cdrom.8 apt.conf.5 sources.list.5 \
          apt-config.8 apt-sortpkgs.1 apt-ftparchive.1 apt_preferences.5 \
-	 apt-extracttemplates.1
+	 apt-extracttemplates.1 vendors.list.5
 INCLUDES = apt.ent	 
 include $(SGML_MANPAGE_H)
 
diff --git a/doc/vendors.list.5.sgml b/doc/vendors.list.5.sgml
new file mode 100644
index 000000000..b9ef9aa56
--- /dev/null
+++ b/doc/vendors.list.5.sgml
@@ -0,0 +1,104 @@
+<!-- -*- mode: sgml; mode: fold -*- -->
+<!doctype refentry PUBLIC "-//OASIS//DTD DocBook V3.1//EN" [
+
+<!ENTITY % aptent SYSTEM "apt.ent">
+%aptent;
+
+]>
+
+<refentry>
+ &apt-docinfo;
+ 
+ <refmeta>
+   <refentrytitle>vendors.list</>
+   <manvolnum>5</>
+ </refmeta>
+ 
+ <!-- Man page title -->
+ <refnamediv>
+    <refname>vendors.list</>
+    <refpurpose>Security key configuration for APT</>
+ </refnamediv>
+ 
+ <RefSect1><Title>Description</>
+   <para>   
+   The package vendor list contains a list of all vendors
+   from whom you wish to  authenticate  downloaded  packages.
+   For each vendor listed, it must contain the corresponding
+   PGP key fingerprint, so that  APT  can  perform  signature
+   verification  of the release file and subsequent checking
+   of the checksums of each  downloaded  package.
+   To have authentication enabled, you must add the 
+   vendor identification string  (see  below) enclosed in
+   square braces to the sources.list line for all sites that mirror
+   the repository provided by that vendor.
+   <para>
+   The format of this file is similar  to  the  one  used  by
+   apt.conf.  It consists of an arbitrary number of blocks of
+   vendors, where each block starts with a string telling the
+   <replaceable/key_type/ and the <replaceable/vendor_id/.
+   <para>
+   Some vendors may have multiple blocks that define different
+   security policies for their distributions. Debian for instance
+   uses a different signing methodology for stable and unstable releases.
+   <para>
+   <replaceable/key_type/ is the type of the check required.
+   Currently, there is only one type available which is 
+   <literal/simple-key/.
+   <para>
+   <replaceable/vendor_id/ is the vendor identification string. It is an
+   arbitrary string you must supply to uniquely identifify a
+   vendor that's listed in this file.
+   
+   Example:
+<informalexample><programlisting>   
+single_key "joe"
+{
+   Fingerprint "0987AB4378FSD872343298787ACC";
+   Name "Joe Shmoe &lt;joe@shmoe.com&gt;";
+}						    
+</programlisting></informalexample>
+   
+ </RefSect1>
+
+ <RefSect1><Title>The simple-key type</>
+   <para>   
+   This type of verification is used when the vendor has a single
+   secured key that must be used to sign the Release file. The
+   following items should be present
+   
+   <VariableList>
+     <VarListEntry><Term>Fingerprint</Term>
+     <ListItem><Para>
+     The PGP fingerprint for the key. The fingerprint should be
+     expressed in the standard notion with or without spaces.
+     The <option/--fingerprint/ option for 
+     <CiteRefEntry><RefEntryTitle><command/gpg/</RefEntryTitle><ManVolNum/1/</CiteRefEntry>
+     will show the fingerprint for the selected keys(s).
+     </VarListEntry>
+     
+     <VarListEntry><Term>Name</Term>
+     <ListItem><Para>
+     A string containing a description of the owner of
+     the  key  or vendor.  You may put the vendor name and it's
+     email. The string must be quoted with ".
+     </VarListEntry>
+     
+   </VariableList>
+ </RefSect1>
+
+ <RefSect1><Title>Files</>
+   <para>
+   <filename>/etc/apt/vendors.list</>
+ </RefSect1>
+ 
+ <RefSect1><Title>See Also</>
+   <para>
+   &sources-list;
+ </RefSect1>
+
+ &manbugs;
+ &manauthor;
+ 
+</refentry>
+