summaryrefslogtreecommitdiff
path: root/doc
AgeCommit message (Collapse)Author
2018-02-19Merge branch 'pu/not-valid-before' into 'master'Julian Andres Klode
Check that Date of Release file is not in the future See merge request apt-team/apt!3
2018-02-19Check that Date of Release file is not in the futureJulian Andres Klode
By restricting the Date field to be in the past, an attacker cannot just create a repository from the future that would be accepted as a valid update for a repository. This check can be disabled by Acquire::Check-Date set to false. This will also disable Check-Valid-Until and any future date related checking, if any - the option means: "my computers date cannot be trusted." Modify the tests to allow repositories to be up to 10 hours in the future, so we can keep using hours there to simulate time changes.
2018-02-19German manpage translation updateChris Leick
2018-02-19ensure correct file permissions for auxfilesDavid Kalnischkies
The interesting takeaway here is perhaps that 'chmod +w' is effected by the umask – obvious in hindsight of course. The usual setup helps with hiding that applying that recursively on all directories (and files) isn't correct. Ensuring files will not be stored with the wrong permissions even if in strange umask contexts is trivial in comparison. Fixing the test also highlighted that it wasn't bulletproof as apt will automatically fix the permissions of the directories it works with, so for this test we actually need to introduce a shortcut in the code. Reported-By: Ubuntu autopkgtest CI
2018-02-19add apt-helper drop-privs command…David Kalnischkies
2018-01-18Release 1.6~alpha71.6_alpha7Julian Andres Klode
2018-01-18review and fix the three new apt-transport- manpagesJustin B Rye
References: https://lists.debian.org/debian-l10n-english/2018/01/msg00002.html
2018-01-17Introduce inrelease-path option for sources.listJulian Andres Klode
Allow specifying an alternative path to the InRelease file, so you can have multiple versions of a repository, for example. Enabling this option disables fallback to Release and Release.gpg, so setting it to InRelease can be used to ensure that only that will be tried. We add two test cases: One for checking that it works, and another for checking that the fallback does not happen. Closes: #886745
2018-01-04simplify translating "lists directory missing" msgDavid Kalnischkies
The appended "partial" should not be translated, but some translations got this wrong and now that there is also "auxfiles" we can just fix that problem by hiding these untranslatables from the translators. Gbp-Dch: Ignore
2018-01-03Release 1.6~alpha61.6_alpha6Julian Andres Klode
2018-01-03add apt-transport-mirror manpageDavid Kalnischkies
The mirror method is undocumented since 0.7.24, now with the reimplementation it is high time to get something written about it.
2018-01-03allow a method to request auxiliary filesDavid Kalnischkies
If a method needs a file to operate like e.g. mirror needs to get a list of mirrors before it can redirect the the actual requests to them. That could easily be solved by moving the logic into libapt directly, but by allowing a method to request other methods to do something we can keep this logic contained in the method and allow e.g. also methods which perform binary patching or similar things. Previously they would need to implement their own acquire system inside the existing one which in all likelyhood will not support the same features and methods nor operate with similar security compared to what we have already running 'above' the requesting method. That said, to avoid methods producing conflicts with "proper" files we are downloading a new directory is introduced to keep the auxiliary files in. [The message magic number 351 is a tribute to the german Grundgesetz article 35 paragraph 1 which defines that all authorities of the state(s) help each other on request.]
2018-01-03document https options in new apt-transport-https manpageDavid Kalnischkies
Same reasoning as with the previous commit for http with the added benefit of moving the hard to discover and untranslated example config into a manpage which could be translated.
2018-01-03document http options in new apt-transport-http manpageDavid Kalnischkies
We had documentation for the http transport in our "catch-all" apt.conf manpage, but it seems benefitial to document transports in their own manpage instead of pushing them all into one.
2018-01-03Add rapid "happy eyeballs" connection fallback (RFC 8305)Julian Andres Klode
Try establishing connections in alternating address families in rapid intervals of 250 ms, adding more connections to the wait list until one succeeds (RFC 8305, happy eyeballs 2). It is important that WaitAndCheckErrors() waits until it has a successful connection, a time out, or all connections failed - otherwise the timing between tries might be wrong, and the final long wait might exit early because one connection failed without trying the others. Timing wise, this only works correctly on Linux, as select() counts down there. But we rely on that in some other places too, so this is not the time to fix that. Timeouts are only reported in the final long wait - the short inner waits are expected to time out more often, and multiple times, we do not want to report them. Closes: #668948 LP: #1308200 Gbp-Dch: paragraph
2017-11-20Translate shared documentation parts againJulian Andres Klode
We accidentally did not translate the entity file, but should have. This makes apt.ent translatable again. This generates the target multiple times, but surprisingly, that works just fine, so let's just keep it that way, as it's clean code otherwise.
2017-11-20allow apt_auth.conf(5) to be translatedDavid Kalnischkies
Adding manpages is really hard it seems. References: ea408c560ed85bb4ef7cf8f72f8463653501332c, ea7581c9aaaaebf844d00935a1cdf8c8fee7f7f3, 90bfc5b057d3f9136ffe34089b6e56d59593797c
2017-11-19allow multivalue fields in deb822 sources to be foldedDavid Kalnischkies
The documentation said "spaces", but there is no real reason to be so strict and only allow spaces to separate values as that only leads to very long lines if e.g. multiple URIs are specified which are again hard to deal with from a user PoV which the deb822 format is supposed to avoid. It also deals with multiple consecutive spaces and strange things like tabs users will surely end up using in the real world. The old behviour on encountering folded lines is the generation of URIs which end up containing all these whitespace characters which tends to mess really bad with output and further processing. Closes: 881875
2017-11-12Release 1.6~alpha51.6_alpha5Julian Andres Klode
2017-11-12Dutch manpage translation updateFrans Spiesschaert
Closes: #881402
2017-11-05Release 1.6~alpha4Julian Andres Klode
2017-10-28Release 1.6~alpha31.6_alpha3Julian Andres Klode
2017-10-26Release 1.6~alpha21.6_alpha2Julian Andres Klode
2017-10-26Print syscall number and arch to stderr when trapped by seccompJulian Andres Klode
This should help debugging crashes. The signal handler is a C++11 lambda, yay! Special care has been taken to only use signal handler -safe functions inside there.
2017-10-23Release 1.6~alpha11.6_alpha1Julian Andres Klode
2017-10-22Sandbox methods with seccomp-BPF; except cdrom, gpgv, rshJulian Andres Klode
This reduces the number of syscalls to about 140 from about 350 or so, significantly reducing security risks. Also change prepare-release to ignore the architecture lists in the build dependencies when generating the build-depends package for travis. We might want to clean up things a bit more and/or move it somewhere else.
2017-09-24Release 1.51.5Julian Andres Klode
2017-09-13Release 1.5~rc41.5_rc4Julian Andres Klode
2017-09-10Release 1.5~rc31.5_rc3Julian Andres Klode
2017-09-09Release 1.5~rc21.5_rc2Julian Andres Klode
2017-09-04Dutch manpage translation updateFrans Spiesschaert
Closes: #874293
2017-09-01doc: correct '--allow-releaseinfo-change-*' typosChristos Trochalakis
Closes: #873914
2017-08-24Release 1.5~rc11.5_rc1Julian Andres Klode
2017-08-17Release 1.5~beta21.5_beta2Julian Andres Klode
2017-08-17doc: Fix validity error in apt_auth.conf.5.xmlJulian Andres Klode
It contained raw text inside a refsect1 Gbp-Dch: ignore
2017-07-27doc: Add '--allow-unauthenticated' to '--force-yes'Dominik
2017-07-26show a warning for Debian shutting down FTP servicesDavid Kalnischkies
We detect the effected sources by matching Release info – that has potential by-catch of repositories which have incorrect field values, but those are better fixed now anyhow. The bigger incorrectness is that this message will not only be printed for the Debian services itself but also for all mirrors not under Debian control but serving Debian like more local/private mirrors which will not (directly) shutdown. It is likely through that many of them will follow suite with less visible announcements or break downright if their upstream source disappears, so having false-positives here seems benefitial for the user in the end.
2017-07-26update URI scheme descriptions in sources.list(5)David Kalnischkies
2017-07-26reimplement and document auth.confDavid Kalnischkies
We have support for an netrc-like auth.conf file since 0.7.25 (closing 518473), but it was never documented in apt that it even exists and netrc seems to have fallen out of usage as a manpage for it no longer exists making the feature even more arcane. On top of that the code was a bit of a mess (as it is written in c-style) and as a result the matching of machine tokens to URIs also a bit strange by checking for less specific matches (= without path) first. We now do a single pass over the stanzas. In practice early adopters of the undocumented implementation will not really notice the differences and the 'new' behaviour is simpler to document and more usual for an apt user. Closes: #811181
2017-07-12Switch from /org to /srv in example apt-ftparchive configurationPaul Wise
/org has been obsoleted by /srv for many years on debian.org hosts.
2017-07-08fix various typos reported by codespell & spellintianDavid Kalnischkies
Reported-By: codespell & spellintian Gbp-Dch: Ignore
2017-07-08Italian manpage translation updateBeatrice Torracca
Closes: 858877
2017-07-03Release 1.5~beta11.5_beta1Julian Andres Klode
2017-06-30Upload 1.5~alpha4 to experimental1.5_alpha4Julian Andres Klode
2017-06-30Upload 1.5~alpha3 to experimental1.5_alpha3Julian Andres Klode
2017-06-29Upload 1.5~alpha2 to experimental1.5_alpha2Julian Andres Klode
2017-06-28Upload 1.5~alpha1 to experimental1.5_alpha1Julian Andres Klode
2017-06-28ask for releaseinfo change interactively in aptDavid Kalnischkies
If we have a user sitting around we can let 'apt' ask the user for a confirmation rather than print errors at the end and require the user to figure out which commandline flags are needed to confirm the changes non-interactively.
2017-06-28error in update on Release information changesDavid Kalnischkies
The value of Origin, Label, Codename and co can be used in user configuration from apts own pinning to unattended upgrades. A repository changing this values can therefore have serious effects on the behaviour of apt and other tools using these values. In a first step we will generate error messages for these changes now explaining the need for explicit confirmation and provide config options and commandline flags to accept them.
2017-06-28fail instead of warn on insecure repositories in apt-getDavid Kalnischkies
The exception was made to give (script) users a one-release grace period to adapt their setup to deal with apt enforcing signing of repositories. As we are now at the start of a new release cycle its as good a time as any to lift it now. Removes-Exception: 952ee63b0af14a534c0aca00c11d1a99be6b22b2