]> git.saurik.com Git - apt.git/blob - doc/acquire-additional-files.txt
move gnupg|gnupg2 from apt Depends to Recommends
[apt.git] / doc / acquire-additional-files.txt
1 # Acquire additional files in 'update' operations
2
3 The download and verification of data from multiple sources in different
4 compression formats, with partial downloads and patches is an involved
5 process which is hard to implement correctly and securely.
6
7 APT front-ends share the code and binaries to make this happen in libapt
8 with the Acquire system, supported by helpers shipped in the apt package
9 itself and additional transports in individual packages like
10 apt-transport-https.
11
12 For its own operation libapt needs or can make use of Packages, Sources
13 and Translation-* files, which it will acquire by default, but
14 a repository might contain more data files (e.g. Contents) a front-end
15 (e.g. apt-file) might want to use and would therefore need to be
16 downloaded as well.
17
18 This file describes the configuration scheme such a front-end can use to
19 instruct the Acquire system to download those additional files.
20
21 # The Configuration Stanza
22
23 The Acquire system uses the same configuration settings to implement the
24 files it downloads by default. These settings are the default, but if
25 they would be written in a configuration file the configuration
26 instructing the Acquire system to download the Packages files would look
27 like this (see also apt.conf(5) manpage for configuration file syntax):
28
29 Acquire::IndexTargets::deb::Packages {
30 MetaKey "$(COMPONENT)/binary-$(ARCHITECTURE)/Packages";
31 ShortDescription "Packages";
32 Description "$(RELEASE)/$(COMPONENT) $(ARCHITECTURE) Packages";
33
34 flatMetaKey "Packages";
35 flatDescription "$(RELEASE) Packages";
36
37 Optional "no";
38 };
39
40 All files which should be downloaded (nicknamed 'Targets') are mentioned
41 below the Acquire::IndexTargets scope. 'deb' is here the type of the
42 sources.list entry the file should be acquired for. The only other
43 supported value is hence 'deb-src'. Beware: You can't specify multiple
44 types here and you can't download the same (evaluated) MetaKey from
45 multiple types!
46
47 After the type you can pick any valid and unique string which preferable
48 refers to the file it downloads (In the example we picked 'Packages').
49 This string is used as identifier for the target class and accessible as
50 'Created-By' e.g. in the "apt-get indextargets" output as detailed
51 below. It is also used to allow user to enable/disable targets per
52 sources.list entry.
53
54 All targets have three main properties you can define:
55 * MetaKey: The identifier of the file to be downloaded as used in the
56 Release file. It is also the relative location of the file from the
57 Release file. You can neither download from a different server
58 entirely (absolute URI) nor access directories above the Release file
59 (e.g. "../../").
60 * ShortDescription: Very short string intended to be displayed to the
61 user e.g. while reporting progress. apt will e.g. use this string in
62 the last line to indicate progress of e.g. the download of a specific
63 item.
64 * Description: A preferable human understandable and readable identifier
65 of which file is acquired exactly. Mainly used for progress reporting
66 and error messages. apt will e.g. use this string in the Get/Hit/Err
67 progress lines.
68 An identifier of the site accessed as seen in the sources.list (e.g.
69 "http://example.org/debian" or "file:/path/to/a/repository") is
70 automatically prefixed for this property.
71
72
73 Additional optional properties:
74 * DefaultEnabled: The default value is 'yes' which means that apt will
75 try to acquire this target from all sources. If set to 'no' the user
76 has to explicitly enable this target in the sources.list file with the
77 Targets option(s) – or override this value in a config file.
78 * Optional: The default value is 'yes' and should be kept at this value.
79 If enabled the acquire system will skip the download if the file isn't
80 mentioned in the Release file. Otherwise this is treated as a hard
81 error and the update process fails. Note that failures while
82 downloading (e.g. 404 or hash verification errors) are failures,
83 regardless of this setting.
84 * KeepCompressed: The default is the value of Acquire::GzipIndexes,
85 which defaults to false. If true, the acquire system will keep the
86 file compressed on disk rather than extract it. If your front-end can't
87 deal with compressed files transparently you have to explicitly set
88 this option to false to avoid problems with users setting the option
89 globally. On the other hand, if you set it to true or don't set it you
90 have to ensure your front-end can deal with all compressed fileformats
91 supported by apt (libapt users can e.g. use FileFd, others can use
92 the cat-file command of /usr/lib/apt/apt-helper).
93 * flat{MetaKey,Description}: APT supports two types of repositories:
94 dists-style repositories which are the default and by far the most
95 common which are named after the fact that the files are in an
96 elaborated directory structure. In contrast a flat-style repository
97 lumps all files together in one directory. Support for these flat
98 repositories exists mainly for legacy purposes only. It is therefore
99 recommend to not set these values.
100
101
102 The acquire system will automatically choose to download a compressed
103 file if it is available and uncompress it for you, just as it will also
104 use PDiff patching if provided by the repository and enabled by the
105 user. You only have to ensure that the Release file contains the
106 information about the compressed files/PDiffs to make this happen.
107 *NO* properties have to be set to enable this!
108
109
110 More properties exist, but these should *NOT* be set by front-ends
111 requesting files. They exist for internal and end-user usage only.
112 Some of these are – which are documented here only to ensure that they
113 aren't accidentally used by front-ends:
114 * PDiffs: controls if apt will try to use PDiffs for this target.
115 Defaults to the value of Acquire::PDiffs which is true by default.
116 Can be overridden per-source by the sources.list option of the same
117 name. See the documentation for both of these for details.
118 * By-Hash: controls if apt will try to use an URI constructed from
119 a hashsum of the file to download. See the documentation for config
120 option Acquire::By-Hash and sources.list option By-Hash for details.
121 * CompressionTypes: The default value is a space separated list of
122 compression types supported by apt (see Acquire::CompressionTypes).
123 You can set this option to prevent apt from downloading a compression
124 type a front-end can't open transparently. This should always be
125 a temporary workaround through and a bug should be reported against
126 the front-end in question.
127 * KeepCompressedAs: The default value is a space separated list of
128 compression types supported by apt (see previous option) which is
129 sorted by the cost-value of the compression in ascending order,
130 except that cost=0 "compressions" (like uncompressed) are listed last.
131
132
133 # More examples
134
135 The stanzas for Translation-* files as well as for Sources files would
136 look like this:
137
138 Acquire::IndexTargets {
139 deb::Translations {
140 MetaKey "$(COMPONENT)/i18n/Translation-$(LANGUAGE)";
141 ShortDescription "Translation-$(LANGUAGE)";
142 Description "$(RELEASE)/$(COMPONENT) Translation-$(LANGUAGE)";
143
144 flatMetaKey "$(LANGUAGE)";
145 flatDescription "$(RELEASE) Translation-$(LANGUAGE)";
146 };
147
148 deb-src::Sources {
149 MetaKey "$(COMPONENT)/source/Sources";
150 ShortDescription "Sources";
151 Description "$(RELEASE)/$(COMPONENT) Sources";
152
153 flatMetaKey "Sources";
154 flatDescription "$(RELEASE) Sources";
155
156 Optional "no";
157 };
158 };
159
160 # Substitution variables
161
162 As seen in the examples, properties can contain placeholders filled in
163 by the acquire system. The following variables are known; note that
164 unknown variables have no default value nor are they touched: They are
165 printed as-is.
166
167 * $(RELEASE): This is usually an archive- or codename, e.g. "stable" or
168 "stretch". Note that flat-style repositories do not have an archive-
169 or codename per-se, so the value might very well be just "/" or so.
170 * $(COMPONENT): as given in the sources.list, e.g. "main", "non-free" or
171 "universe". Note that flat-style repositories again do not really
172 have a meaningful value here.
173 * $(LANGUAGE): Values are all entries (expect "none") of configuration
174 option Acquire::Languages, e.g. "en", "de" or "de_AT".
175 * $(ARCHITECTURE): Values are all entries of configuration option
176 APT::Architectures (potentially modified by sources.list options),
177 e.g. "amd64", "i386" or "armel" for the 'deb' type. In type 'deb-src'
178 this variable has the value "source".
179 * $(NATIVE_ARCHITECTURE): The architecture apt treats as the native
180 architecture for this system configured as APT::Architecture
181 defaulting to the architecture apt itself was built for.
182
183 Note that while more variables might exist in the implementation, these
184 are to be considered undefined and their usage strongly discouraged. If
185 you have a need for other variables contact us.
186
187 # Accessing files
188
189 Do NOT hardcode specific file locations, names or compression types in
190 your application! You will notice that the configuration options give
191 you no choice over where the downloaded files will be stored. This is by
192 design so multiple applications can download and use the same file
193 rather than each and every one of them potentially downloads and uses
194 its own copy somewhere on disk.
195
196 "apt-get indextargets" can be used to get the location as well as other
197 information about all files downloaded (aka: you will see Packages,
198 Sources and Translation-* files here as well). Provide a line of the
199 default output format as parameter to filter out all entries which do
200 not have such a line. With --format, you can further more define your
201 own output style. The variables are what you see in the output, just all
202 uppercase and wrapped in $(), as in the configuration file.
203
204 To get all the filenames of all Translation-en files you can e.g. call:
205 apt-get indextargets --format '$(FILENAME)' "Created-By: Translations" "Language: en"
206
207 The line-based filtering and the formating is rather crude and feature-
208 less by design: The default format is Debians standard format deb822 (in
209 particular: Field names are case-insensitive and the order of fields in
210 the stanza is undefined), so instead of apt reimplementing powerful
211 filters and formating for this command, it is recommend to use piping
212 and dedicated tools like 'grep-dctrl' if you need more than the basics
213 provided.
214
215 Accessing this information via libapt is done by reading the
216 sources.lists (pkgSourceList), iterating over the metaIndex objects this
217 creates and calling GetIndexTargets() on them. See the source code of
218 "apt-get indextargets" for a complete example.
219
220 Note that by default targets are not listed if they weren't downloaded.
221 If you want to see all targets, you can use the --no-release-info, which
222 also removes the Codename, Suite, Version, Origin, Label and Trusted
223 fields from the output as these also display data which needs to be
224 downloaded first and could hence be inaccurate [on the pro-side: This
225 mode is faster as it doesn't require a valid binary cache to operate].
226 The most notable difference perhaps is in the Filename field through: By
227 default it indicates an existing file, potentially compressed (Hint:
228 libapt users can use FileFd to open compressed files transparently). In
229 the --no-release-info mode the indicated file doesn't need to exist and
230 it will always refer to an uncompressed file, even if the index would be
231 (or is) stored compressed.
232
233 Remarks on fields only available in (default) --release-info mode:
234 * Trusted: Denotes with a 'yes' or 'no' if the data in this file is
235 authenticated by a trust chain rooted in a trusted gpg key. You should
236 be careful with untrusted data and warn the user if you use it.
237 * Codename, Suite, Version, Origin and Label are fields from the Release
238 file, are only present if they are present in the Release file and
239 contain the same data.
240
241 Remarks on other available fields:
242 * MetaKey, ShortDesc, Description, Site, Release: as defined
243 by the configuration and described further above.
244 * Created-By: configuration entity responsible for this target
245 * Target-Of: type of the sources.list entry
246 * URI, Repo-URI: avoid using. Contains potentially username/password.
247 Prefer 'Site', especially for display.
248 * Optional, DefaultEnabled, KeepCompressed: Decode the options of the
249 same name from the configuration.
250 * Language, Architecture, Component: as defined further above, but with
251 the catch that they might be missing if they don't effect the target
252 (aka: They weren't used while evaluating the MetaKey template).
253
254 Again, additional fields might be visible in certain implementations,
255 but you should avoid using them and instead talk to us about a portable
256 implementation.
257
258 # Multiple applications requiring the same files
259
260 It is highly encouraged that applications talk to each other and to us
261 about which files they require. It is usually best to have a common
262 package ship the configuration needed to get the files, but specific
263 needs might require specific solutions. Again: talk to us.
264
265 Bad things will happen if multiple front-ends request the same file(s)
266 via different targets, which is another reason why coordination is very
267 important!
268
269 # Acquiring files not mentioned in the Release file
270
271 You can't. This is by design as these files couldn't be verified to not
272 be modified in transit, corrupted by the download process or simple if
273 they are present at all on the server, which would require apt to probe
274 for them. APT did this in the past for legacy reasons, we do not intend
275 to go back to these dark times.
276
277 This is also why you can't request files from a different server. It
278 would have the additional problem that this server might not even be
279 accessible (e.g. proxy settings) or that local sources (file:/, cdrom:/)
280 start requesting online files…
281
282 In other words: We would be opening Pandora's box.
283
284 # Acquiring files to a specific location on disk
285
286 You can't by design to avoid multiple front-ends requesting the same file
287 to be downloaded to multiple different places on (different) disks
288 (among other reasons). See the next point for a solution if you really
289 have to force a specific location by creating symlinks.
290
291 # Post processing the acquired files
292
293 You can't modify the files apt has downloaded as apt keeps state with
294 e.g. the modification times of the files and advanced features like
295 PDiffs break.
296
297 You can however install an APT::Update::Post-Invoke{-Success,} hook
298 script and use them to copy (modified) files to a different location.
299 Use 'apt-get indextargets' (or similar) to get the filenames – do not
300 look into /var/lib/apt/lists directly!
301
302 Please avoid time consuming calculations in the scripts and instead just
303 trigger a background task as there is little to no feedback for the user
304 while hook scripts run.