summaryrefslogtreecommitdiff
path: root/doc/sources.list.5.xml
AgeCommit message (Collapse)Author
2018-04-07mention mirror method in sources.listDavid Kalnischkies
Closes: 679580
2018-02-26Release 1.6~beta11.6_beta1Julian Andres Klode
2018-02-19Check that Date of Release file is not in the futureJulian Andres Klode
By restricting the Date field to be in the past, an attacker cannot just create a repository from the future that would be accepted as a valid update for a repository. This check can be disabled by Acquire::Check-Date set to false. This will also disable Check-Valid-Until and any future date related checking, if any - the option means: "my computers date cannot be trusted." Modify the tests to allow repositories to be up to 10 hours in the future, so we can keep using hours there to simulate time changes.
2018-01-18Release 1.6~alpha71.6_alpha7Julian Andres Klode
2018-01-17Introduce inrelease-path option for sources.listJulian Andres Klode
Allow specifying an alternative path to the InRelease file, so you can have multiple versions of a repository, for example. Enabling this option disables fallback to Release and Release.gpg, so setting it to InRelease can be used to ensure that only that will be tried. We add two test cases: One for checking that it works, and another for checking that the fallback does not happen. Closes: #886745
2018-01-03Release 1.6~alpha61.6_alpha6Julian Andres Klode
2018-01-03document https options in new apt-transport-https manpageDavid Kalnischkies
Same reasoning as with the previous commit for http with the added benefit of moving the hard to discover and untranslated example config into a manpage which could be translated.
2018-01-03document http options in new apt-transport-http manpageDavid Kalnischkies
We had documentation for the http transport in our "catch-all" apt.conf manpage, but it seems benefitial to document transports in their own manpage instead of pushing them all into one.
2017-11-19allow multivalue fields in deb822 sources to be foldedDavid Kalnischkies
The documentation said "spaces", but there is no real reason to be so strict and only allow spaces to separate values as that only leads to very long lines if e.g. multiple URIs are specified which are again hard to deal with from a user PoV which the deb822 format is supposed to avoid. It also deals with multiple consecutive spaces and strange things like tabs users will surely end up using in the real world. The old behviour on encountering folded lines is the generation of URIs which end up containing all these whitespace characters which tends to mess really bad with output and further processing. Closes: 881875
2017-09-10Release 1.5~rc31.5_rc3Julian Andres Klode
2017-09-09Release 1.5~rc21.5_rc2Julian Andres Klode
2017-08-24Release 1.5~rc11.5_rc1Julian Andres Klode
2017-08-17Release 1.5~beta21.5_beta2Julian Andres Klode
2017-07-26update URI scheme descriptions in sources.list(5)David Kalnischkies
2016-11-25Release 1.4~beta11.4_beta1Julian Andres Klode
2016-10-04Release 1.3.11.3.1Julian Andres Klode
2016-09-20Release 1.31.3Julian Andres Klode
2016-09-02Release 1.3~rc41.3_rc4Julian Andres Klode
2016-08-30Release 1.3~rc31.3_rc3Julian Andres Klode
2016-08-29Switch documentation from httpredir.d.o to deb.d.oJulian Andres Klode
The CDN service deb.d.o is more reliable than the http redirector, so switch to it for our examples.
2016-08-06releasing package apt version 1.3~pre3+cmake21.3_pre3+cmake2Julian Andres Klode
2016-08-06releasing package apt version 1.3~pre3+cmake11.3_pre3+cmake1Julian Andres Klode
2016-08-04Release 1.3~pre31.3_pre3Julian Andres Klode
2016-07-08Release 1.3~pre21.3_pre2Julian Andres Klode
Yes, we might still add new features to 1.3 or break some more stuff. Stay tuned!
2016-07-07Release 1.3~pre11.3_pre1Julian Andres Klode
2016-06-22Release 1.3~exp31.3_exp3Julian Andres Klode
Quite a huge churn of new strings.
2016-06-22add insecure (and weak) allow-options for sources.listDavid Kalnischkies
Weak had no dedicated option before and Insecure and Downgrade were both global options, which given the effect they all have on security is rather bad. Setting them for individual repositories only isn't great but at least slightly better and also more consistent with other settings for repositories.
2016-06-11Release 1.3~exp21.3_exp2Julian Andres Klode
2016-05-11Release 1.3~exp11.3_exp1Julian Andres Klode
2016-05-08implement Identifier field for IndexTargetsDavid Kalnischkies
A frontend like apt-file is only interested in a specific set of files and selects those easily via "Created-By". If it supports two locations for those files through it would need to select both and a user would need to know that implementation detail for sources.list configuration. The "Identifier" field is hence introduced which by default has the same value as "Created-By", but can be freely configured – especially it can be used to give two indexes the same identifier.
2016-05-01support Signed-By in Release files as a sort of HPKPDavid Kalnischkies
Users have the option since apt >= 1.1 to enforce that a Release file is signed with specific key(s) either via keyring filename or fingerprints. This commit adds an entry with the same name and value (except that it doesn't accept filenames for obvious reasons) to the Release file so that the repository owner can set a default value for this setting effecting the *next* Release file, not the current one, which provides a functionality similar "HTTP Public Key Pinning". The pinning is in effect as long as the (then old) Release file is considered valid, but it is also ignored if the Release file has no Valid-Until at all.
2016-05-01support multiple fingerprints in signed-byDavid Kalnischkies
A keyring file can include multiple keys, so its only fair for transitions and such to support multiple fingerprints as well.
2016-01-14change debian related entities to a more explicit nameDavid Kalnischkies
Git-Dch: Ignore
2015-11-26release apt 1.11.1Michael Vogt
2015-11-26Fix missing </literal> in sources.list.5.xml pageMichael Vogt
Git-Dch: ignore
2015-11-26reword Trusted paragraph in sources.list(5)Justin B Rye
Git-Dch: Ignore
2015-11-25update manpage last-modified from git via pre-export hookDavid Kalnischkies
Never updating this information is wrong, updating it automatically isn't super correct either, but it seems conventional to have it and updating it more often than needed seems better than updating it never. Git-Dch: Ignore
2015-11-25review sources.list(5) manpageJustin B Rye
2015-11-04revert accidental removal of documentation for trusted option in sources.listDavid Kalnischkies
In b0d408547734100bf86781615f546487ecf390d9 I accidently removed the documentation for Trusted and replaced it with Signed-By instead of adding it. Git-Dch: Ignore
2015-09-14add by-hash sources.list option and document all of by-hashDavid Kalnischkies
This changes the semantics of the option (which is renamed too) to be a yes/no value with the special additional value "force" as this allows by-hash to be disabled even if the repository indicates it would be supported and is more in line with our other yes/no options like pdiff which disable themselves if no support can be detected. The feature wasn't documented so far and hasn't reached a (un)stable release yet, so changing it without trying too hard to keep compatibility seems okay.
2015-08-31fix valid-until-min typo in sources.list(5)David Kalnischkies
Git-Dch: Ignore
2015-08-27sources.list and indextargets option for pdiffsDavid Kalnischkies
Disabling pdiffs can be useful occasionally, like if you have a fast local mirror where the download doesn't matter, but still want to use it for non-local mirrors. Also, some users might prefer it to only use it for very big indextargets like Contents.
2015-08-27allow explicit dis/enable of IndexTargets in sources optionsDavid Kalnischkies
While Target{,-Add,-Remove} is available for configuring IndexTargets already, allow Targets to be mentioned explicitely as yes/no options as well, so that the Target 'Contents' can be disabled via 'Contents: no' as well as 'Target-Remove: Contents'.
2015-08-27fix various typos reported by codespellDavid Kalnischkies
Reported-By: codespell
2015-08-14Mention that source order only matter per versionJulian Andres Klode
Closes: #617445
2015-08-10rename 'apt-get files' to 'apt-get indextargets'David Kalnischkies
'files' is a bit too generic as a name for a command usually only used programmatically (if at all) by developers, so instead of "wasting" this generic name for this we use "indextargets" which is actually the name of the datastructure the displayed data is stored in. Along with this rename the config options are renamed accordingly.
2015-08-10implement Signed-By option for sources.listDavid Kalnischkies
Limits which key(s) can be used to sign a repository. Not immensely useful from a security perspective all by itself, but if the user has additional measures in place to confine a repository (like pinning) an attacker who gets the key for such a repository is limited to its potential and can't use the key to sign its attacks for an other (maybe less limited) repository… (yes, this is as weak as it sounds, but having the capability might come in handy for implementing other stuff later).
2015-08-10add sources.list Check-Valid-Until and Valid-Until-{Max,Min} optionsDavid Kalnischkies
These options could be set via configuration before, but the connection to the actual sources is so strong that they should really be set in the sources.list instead – especially as this can be done a lot more specific rather than e.g. disabling Valid-Until for all sources at once. Valid-Until-* names are chosen instead of the Min/Max-ValidTime as this seems like a better name and their use in the wild is probably low enough that this isn't going to confuse anyone if we have to names for the same thing in different areas. In the longrun, the config options should be removed, but for now documentation hinting at the new options is good enough as these are the kind of options you set once across many systems with different apt versions, so the new way should work everywhere first before we deprecate the old way.
2015-08-10detect and error out on conflicting Trusted settingsDavid Kalnischkies
A specific trust state can be enforced via a sources.list option, but it effects all entries handled by the same Release file, not just the entry it was given on so we enforce acknowledgement of this by requiring the same value to be (not) set on all such entries.
2015-08-10bring back deb822 sources.list entries as .sourcesDavid Kalnischkies
Having two different formats in the same file is very dirty and causes external tools to fail hard trying to parse them. It is probably not a good idea for them to parse them in the first place, but they do and we shouldn't break them if there is a better way. So we solve this issue for now by giving our deb822 format a new filename extension ".sources" which unsupporting applications are likely to ignore an can begin gradually moving forward rather than waiting for the unknown applications to catch up. Currently and for the forseeable future apt is going to support both with the same feature set as documented in the manpage, with the longtime plan of adopting the 'new' format as default, but that is a long way to go and might get going more from having an easier time setting options than from us pushing it explicitely.