projects / apt.git / blame
| Commit | Line | Data |
|---|---|---|
| a7c835af AL |
1 | <!-- -*- mode: sgml; mode: fold -*- --> |
| 2 | <!doctype refentry PUBLIC "-//OASIS//DTD DocBook V3.1//EN" [ | |
| 3 | ||
| 4 | <!ENTITY % aptent SYSTEM "apt.ent"> | |
| 5 | %aptent; | |
| 6 | ||
| 7 | ]> | |
| 8 | ||
| 9 | <refentry> | |
| 10 | &apt-docinfo; | |
| 11 | ||
| 12 | <refmeta> | |
| 13 | <refentrytitle>vendors.list</> | |
| 14 | <manvolnum>5</> | |
| 15 | </refmeta> | |
| 16 | ||
| 17 | <!-- Man page title --> | |
| 18 | <refnamediv> | |
| 19 | <refname>vendors.list</> | |
| 20 | <refpurpose>Security key configuration for APT</> | |
| 21 | </refnamediv> | |
| 22 | ||
| 23 | <RefSect1><Title>Description</> | |
| 24 | <para> | |
| 25 | The package vendor list contains a list of all vendors | |
| 26 | from whom you wish to authenticate downloaded packages. | |
| 27 | For each vendor listed, it must contain the corresponding | |
| 28 | PGP key fingerprint, so that APT can perform signature | |
| 29 | verification of the release file and subsequent checking | |
| 30 | of the checksums of each downloaded package. | |
| 31 | To have authentication enabled, you must add the | |
| 32 | vendor identification string (see below) enclosed in | |
| 33 | square braces to the sources.list line for all sites that mirror | |
| 34 | the repository provided by that vendor. | |
| 35 | <para> | |
| 36 | The format of this file is similar to the one used by | |
| 37 | apt.conf. It consists of an arbitrary number of blocks of | |
| 38 | vendors, where each block starts with a string telling the | |
| 39 | <replaceable/key_type/ and the <replaceable/vendor_id/. | |
| 40 | <para> | |
| 41 | Some vendors may have multiple blocks that define different | |
| 42 | security policies for their distributions. Debian for instance | |
| 43 | uses a different signing methodology for stable and unstable releases. | |
| 44 | <para> | |
| 45 | <replaceable/key_type/ is the type of the check required. | |
| 46 | Currently, there is only one type available which is | |
| 47 | <literal/simple-key/. | |
| 48 | <para> | |
| 49 | <replaceable/vendor_id/ is the vendor identification string. It is an | |
| 50 | arbitrary string you must supply to uniquely identifify a | |
| 51 | vendor that's listed in this file. | |
| 52 | ||
| 53 | Example: | |
| 54 | <informalexample><programlisting> | |
| 55 | single_key "joe" | |
| 56 | { | |
| 57 | Fingerprint "0987AB4378FSD872343298787ACC"; | |
| 58 | Name "Joe Shmoe <joe@shmoe.com>"; | |
| 59 | } | |
| 60 | </programlisting></informalexample> | |
| 61 | ||
| 62 | </RefSect1> | |
| 63 | ||
| 64 | <RefSect1><Title>The simple-key type</> | |
| 65 | <para> | |
| 66 | This type of verification is used when the vendor has a single | |
| 67 | secured key that must be used to sign the Release file. The | |
| 68 | following items should be present | |
| 69 | ||
| 70 | <VariableList> | |
| 71 | <VarListEntry><Term>Fingerprint</Term> | |
| 72 | <ListItem><Para> | |
| 73 | The PGP fingerprint for the key. The fingerprint should be | |
| 74 | expressed in the standard notion with or without spaces. | |
| 75 | The <option/--fingerprint/ option for | |
| 76 | <CiteRefEntry><RefEntryTitle><command/gpg/</RefEntryTitle><ManVolNum/1/</CiteRefEntry> | |
| 77 | will show the fingerprint for the selected keys(s). | |
| 78 | </VarListEntry> | |
| 79 | ||
| 80 | <VarListEntry><Term>Name</Term> | |
| 81 | <ListItem><Para> | |
| 82 | A string containing a description of the owner of | |
| 83 | the key or vendor. You may put the vendor name and it's | |
| 84 | email. The string must be quoted with ". | |
| 85 | </VarListEntry> | |
| 86 | ||
| 87 | </VariableList> | |
| 88 | </RefSect1> | |
| 89 | ||
| 90 | <RefSect1><Title>Files</> | |
| 91 | <para> | |
| 92 | <filename>/etc/apt/vendors.list</> | |
| 93 | </RefSect1> | |
| 94 | ||
| 95 | <RefSect1><Title>See Also</> | |
| 96 | <para> | |
| 97 | &sources-list; | |
| 98 | </RefSect1> | |
| 99 | ||
| 100 | &manbugs; | |
| 101 | &manauthor; | |
| 102 | ||
| 103 | </refentry> | |
| 104 |