summaryrefslogtreecommitdiff
path: root/doc/apt.conf.5.xml
AgeCommit message (Collapse)Author
2016-06-22add insecure (and weak) allow-options for sources.listDavid Kalnischkies
Weak had no dedicated option before and Insecure and Downgrade were both global options, which given the effect they all have on security is rather bad. Setting them for individual repositories only isn't great but at least slightly better and also more consistent with other settings for repositories.
2016-06-22forbid insecure repositories by default expect in apt-getDavid Kalnischkies
With this commit all APT-based clients default to refusing to work with unsigned or otherwise insufficently secured repositories. In terms of apt and apt-get this changes nothing, but it effects all tools using libapt like aptitude, synaptic or packagekit. The exception remains apt-get for stretch for now as this might break too many scripts/usecases too quickly. The documentation is updated and extended to reflect how to opt out or in on this behaviour change. Closes: 808367
2016-06-20implement and document DIRECT for auto-detect-proxyDavid Kalnischkies
There is a subtile difference between an empty setting and "DIRECT" in the configuration as the later overrides the generic settings while the earlier does not. Also, non-zero exitcodes should really be reported as an error rather than silently discarded.
2016-06-11Release 1.3~exp21.3_exp2Julian Andres Klode
2016-05-27fix and document on the fly compressor configDavid Kalnischkies
libapt allows to configure compressors to be used by its system via configuration implemented in 03bef78461c6f443187b60799402624326843396, but that was never really documented and also only partly working, which also explains why the tests weren't using it…
2016-05-24fix two typos in apt.conf & apt-cache manpageDavid Kalnischkies
Reported-By: lintian: spelling-error-in-manpage Git-Dch: Ignore
2016-01-14change debian related entities to a more explicit nameDavid Kalnischkies
Git-Dch: Ignore
2015-12-27fix 3 typos/omissions in apt.conf(5)Beatrice Torracca
Closes: 809160
2015-12-241.1.6 Christmas releaseJulian Andres Klode
2015-12-14Release 1.1.51.1.5Julian Andres Klode
2015-12-07Release 1.1.41.1.4Julian Andres Klode
2015-12-02use @CHANGEPATH@ as placeholder in changelog URI templatesDavid Kalnischkies
This should make it more obvious that CHANGEPATH is a placeholder which apt will replace with a package specific path rather than a string constant. Mail-Reference: <87d1upgvaf.fsf@deep-thought.43-1.org> Mail-Archive: https://lists.debian.org/debian-dak/2015/12/msg00005.html
2015-11-25update manpage last-modified from git via pre-export hookDavid Kalnischkies
Never updating this information is wrong, updating it automatically isn't super correct either, but it seems conventional to have it and updating it more often than needed seems better than updating it never. Git-Dch: Ignore
2015-11-04add binary-specific options via Binary scopeDavid Kalnischkies
Especially with apt now, it can be useful to set an option only for apt and not for apt-get. Using a binary-specific subtree which is merged into the root seems like a simple enough trick to achieve this.
2015-09-14add by-hash sources.list option and document all of by-hashDavid Kalnischkies
This changes the semantics of the option (which is renamed too) to be a yes/no value with the special additional value "force" as this allows by-hash to be disabled even if the repository indicates it would be supported and is more in line with our other yes/no options like pdiff which disable themselves if no support can be detected. The feature wasn't documented so far and hasn't reached a (un)stable release yet, so changing it without trying too hard to keep compatibility seems okay.
2015-08-27sources.list and indextargets option for pdiffsDavid Kalnischkies
Disabling pdiffs can be useful occasionally, like if you have a fast local mirror where the download doesn't matter, but still want to use it for non-local mirrors. Also, some users might prefer it to only use it for very big indextargets like Contents.
2015-08-24Fix typoMichael Vogt
Thanks: Julian Andres Klode Git-Dch: ignore
2015-08-21doc/apt.conf.5.xml: document Acquire::EnableSrvRecodsMichael Vogt
Git-Dch: ignore
2015-08-12document VERSION 2 (and 3) pre-install-pkgs hook interfaceJonathan Nieder
[Commiter: Patch adapted to apply to current version of the manpage and added/moved a few words about Version 3 to make it fit better] Closes: 627188
2015-08-12remove Dir:: scope limit of RootDir in the documentationDavid Kalnischkies
RootDir doesn't only effect Dir-scope but all FindDir directories, so document it accordingly. Closes: 659387
2015-08-10add sources.list Check-Valid-Until and Valid-Until-{Max,Min} optionsDavid Kalnischkies
These options could be set via configuration before, but the connection to the actual sources is so strong that they should really be set in the sources.list instead – especially as this can be done a lot more specific rather than e.g. disabling Valid-Until for all sources at once. Valid-Until-* names are chosen instead of the Min/Max-ValidTime as this seems like a better name and their use in the wild is probably low enough that this isn't going to confuse anyone if we have to names for the same thing in different areas. In the longrun, the config options should be removed, but for now documentation hinting at the new options is good enough as these are the kind of options you set once across many systems with different apt versions, so the new way should work everywhere first before we deprecate the old way.
2015-06-15provide a public interface for acquiring changelogsDavid Kalnischkies
Provided is a specialized acquire item which given a version can figure out the correct URI to try by itself and if not provides an error message alongside with static methods to get just the URI it would try to download if it should just be displayed or similar such. The URI is constructed as follows: Release files can provide an URI template in the "Changelogs" field, otherwise we lookup a configuration item based on the "Label" or "Origin" of the Release file to get a (hopefully known) default value for now. This template should contain the string CHANGEPATH which is replaced with the information about the version we want the changelog for (e.g. main/a/apt/apt_1.1). This middleway was choosen as this path part was consistent over the three known implementations (+1 defunct), while the rest of the URI varies widely between them. The benefit of this construct is that it is now easy to get changelogs for Debian packages on Ubuntu and vice versa – even at the moment where the Changelogs field is present nowhere. Strictly better than what apt-get had before as it would even fail to get changelogs from security… Now it will notice that security identifies as Origin: Debian and pick this setting (assuming again that no Changelogs field exists). If on the other hand security would ship its changelogs in a different location we could set it via the Label option overruling Origin. Closes: 687147, 739854, 784027, 787190
2014-10-13Document ↵Michael Vogt
Acquire{MaxReleaseFileSize,AllowInsecureRepositories,AllowDowngradeToInsecureRepositories} and --no-allow-insecure-repositories Document the new options to restrict loading unauthenticated data into our parsers.
2014-09-05Merge branch 'debian/sid' into debian/experimentalMichael Vogt
Conflicts: apt-pkg/acquire-item.cc configure.ac debian/changelog doc/apt-verbatim.ent doc/po/apt-doc.pot doc/po/de.po doc/po/es.po doc/po/fr.po doc/po/it.po doc/po/ja.po doc/po/pt.po po/ar.po po/ast.po po/bg.po po/bs.po po/ca.po po/cs.po po/cy.po po/da.po po/de.po po/dz.po po/el.po po/es.po po/eu.po po/fi.po po/fr.po po/gl.po po/hu.po po/it.po po/ja.po po/km.po po/ko.po po/ku.po po/lt.po po/mr.po po/nb.po po/ne.po po/nl.po po/nn.po po/pl.po po/pt.po po/pt_BR.po po/ro.po po/ru.po po/sk.po po/sl.po po/sv.po po/th.po po/tl.po po/tr.po po/uk.po po/vi.po po/zh_CN.po po/zh_TW.po test/integration/test-ubuntu-bug-346386-apt-get-update-paywall
2014-08-26ensure that all docs use all entities filesDavid Kalnischkies
Not all are needed for all files at the moment, but the new docbook building hadn't available some of the entities it used as the files weren't correctly copied around in all cases and having the same across the bord makes working with all of them a little easier. Git-Dch: Ignore
2014-07-08Merge branch 'debian/sid' into debian/experimentalMichael Vogt
Conflicts: apt-pkg/deb/deblistparser.cc doc/po/apt-doc.pot doc/po/de.po doc/po/es.po doc/po/fr.po doc/po/it.po doc/po/ja.po doc/po/pl.po doc/po/pt.po doc/po/pt_BR.po po/da.po po/mr.po po/vi.po
2014-07-08Improve description how to turn off the cachesCédric Barboiron
Closes: #753531
2014-05-09reenable pipelining via hashsum reordering supportDavid Kalnischkies
Now that methods have the expected hashes available they can check if the response from the server is what they expected. Pipelining is one of those areas in which servers can mess up by not supporting it properly, which forced us to disable it for the time being. Now, we check if we got a response out of order, which we can not only use to disable pipelining automatically for the next requests, but we can fix it up just like the server responded in proper order for the current requests. To ensure that this little trick works pipelining is only attempt if we have hashsums for all the files in the chain which in theory reduces the use of pipelining usage even on the many servers which work properly, but in practice only the InRelease file (or similar such) will be requested without a hashsum – and as it is the only file requested in that stage it can't be pipelined even if we wanted to. Some minor annoyances remain: The display of the progress we have doesn't reflect this change, so it looks like the same package gets downloaded multiple times while others aren't at all. Further more, partial files are not supported in this recovery as the received data was appended to the wrong file, so the hashsum doesn't match. Both seem to be minor enough to reenable pipelining by default until further notice through to test if it really solves the problem. This therefore reverts commit 8221431757c775ee875a061b184b5f6f2330f928.
2014-04-01Add new Debug::RunScripts optionMichael Vogt
This debug option will display all scripts that are run by apts RunScripts and RunScriptsWithPkgs helpers.
2014-03-13support DEB_BUILD_PROFILES and -P for build profilesDavid Kalnischkies
Inspired by the rest of the patch in 661537, but abstract the parsing of various ways of setting the build profiles more so it can potentially be reused and all apt parts have the same behaviour. Especially config options, cmdline options and environment will not be combined as proposed as this isn't APTs usual behaviour and dpkg doesn't do it either, so one overrides the other as it normally does.
2013-11-30add a vendor specific file to have configurable entitiesDavid Kalnischkies
manpages sometimes refer to distro-specific things like the name of the package providing the achive-keyring. Having a central place to configure this helps in having it consistent in the manpages and allows to load this info from other places in the buildsystem as well later.
2013-10-25improve documentation for Acquire::http::Proxy-Auto-Detect (thanks to ↵Michael Vogt
Francesco Poli)
2013-10-22add Acquire::http::Proxy-Auto-Detect to the apt.conf.5 manpage (closes: 726597)Michael Vogt
2013-08-16allow Pre-Install-Pkgs hooks to get info over an FD != stdinDavid Kalnischkies
This adds ::InfoFD option alongside the ::Version one to request sending the information to the specified FD, by default it is STDIN as it was the case before. The environment variable APT_HOOK_INFO_FD contains the FD the data is on as a confirmation that the APT version used understood the request. Allowing the hook to choose the FD is needed/helpful e.g. for shellscripts which have a hard time accessing FDs above 9 (as >= 10 are usually used internally by them) Closes: #671728
2013-08-15merge patch from Daniel Hartwig to Clarify units of Acquire::http::Dl-Limit ↵Michael Vogt
(closes: #705445) Conflicts: debian/changelog
2013-07-11Version 3 for DPkg::Pre-Install-Pkgs with MultiArch infoDavid Kalnischkies
Adds on top of Version 2 to all displayed version numbers the architecture as well as the MultiArch flag for consumption by the hooks. Most of the time the architecture will be the same for both versions displayed, but packages might change from "all" to "any" (or back) between versions so we can't display the architecture for packages. Pseudo-Format for Version 3: <name> <version> <arch> <m-a-flag> <compare> <version> <arch> <m-a-flag> Examples: stuff - - none < 1 amd64 none **CONFIGURE** libsame 1 i386 same < 2 i386 same **CONFIGURE** stuff 2 i386 none > 1 i386 none **CONFIGURE** libsame 2 i386 same > - - none **REMOVE** toolkit 1 all foreign > - - none **REMOVE** Closes: #712116
2013-06-13fix file location for configure-index.gz in apt.conf(5)David Kalnischkies
Closes: #711921
2013-03-25* doc/apt.conf.5.xml:Michael Vogt
- document Acquire::ForceIPv{4,6}
2012-06-09updating <date> tags and the po files for the manpagesDavid Kalnischkies
2012-06-09* doc/apt.conf.5.xml:Justin B Rye
- review and fix typo, grammar and style issues - rephrase APT::Immediate-Configuration and many others
2012-06-06* doc/apt-key.8.xml, doc/apt-mark.8.xml,Justin B Rye
doc/apt_preferences.5.xml: - review and fix spelling issues
2012-05-25* doc/apt-cdrom.8.xml:Justin B Rye
- replace CDROM with the proper CD-ROM in text
2012-05-23use docbook DTD 4.5 instead of 4.2 to have valid docsDavid Kalnischkies
2012-05-21merge fix from david for warning during xml buildMichael Vogt
2012-05-21add also <refentryinfo> to the list of unstranslated tags for po4aDavid Kalnischkies
2012-05-21auto-generate the correct <date> translationDavid Kalnischkies
2012-05-21in <term> mark all options with <option> and mark <term><option>David Kalnischkies
as untranslated for po4a removing ~200 unless "translateable" strings
2012-05-20* doc/*.xml:David Kalnischkies
- add a few translator notes and reword some paragraphs to ensure that translators and users alike can better understand them (Closes: #669409)
2012-05-15* methods/http.cc:David Kalnischkies
- after many years of pointless discussions disable http/1.1 pipelining by default as many webservers and proxies seem to be unable to conform to specification must's (rfc2616 section 8.1.2.2) (LP: #996151)
2011-11-20* German manpage translation updateChris Leick
* doc/*.xml: - find and fix a bunch of misspellings