&apt-email;
&apt-product;
<!-- The last update date -->
- <date>2015-12-14T00:00:00Z</date>
+ <date>2016-07-07T00:00:00Z</date>
</refentryinfo>
<refmeta>
only if the client uses a known identifier.</para>
<para><literal>Acquire::http::Proxy-Auto-Detect</literal> can be used to
- specify an external command to discover the http proxy to use. Apt expects
- the command to output the proxy on stdout in the style
- <literal>http://proxy:port/</literal>. This will override the
- generic <literal>Acquire::http::Proxy</literal> but not any specific
- host proxy configuration set via
- <literal>Acquire::http::Proxy::$HOST</literal>.
+ specify an external command to discover the http proxy to use. The first
+ and only parameter is an URI denoting the host to be contacted to allow
+ for host-specific configuration. APT expects the command to output the
+ proxy on stdout as a single line in the style <literal>http://proxy:port/</literal>
+ or the word <literal>DIRECT</literal> if no proxy should be used. No output
+ indicates that the generic proxy settings should be used.
+
+ Note that auto-detection will not be used for a host if a host-specific proxy
+ configuration is already set via <literal>Acquire::http::Proxy::<replaceable>HOST</replaceable></literal>.
See the &squid-deb-proxy-client; package for an example implementation that
- uses avahi. This option takes precedence over the legacy option name
+ uses avahi.
+
+ This option takes precedence over the legacy option name
<literal>ProxyAutoDetect</literal>.
</para>
<varlistentry><term><option>AllowInsecureRepositories</option></term>
<listitem><para>
- Allow the update operation to load data files from
- a repository without a trusted signature. If enabled this
- option no data files will be loaded and the update
- operation fails with a error for this source. The default
- is false for backward compatibility. This will be changed
- in the future.
+ Allow update operations to load data files from
+ repositories without sufficient security information.
+ The default value is "<literal>false</literal>".
+ Concept, implications as well as alternatives are detailed in &apt-secure;.
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry><term><option>AllowWeakRepositories</option></term>
+ <listitem><para>
+ Allow update operations to load data files from
+ repositories which provide security information, but these
+ are deemed no longer cryptographically strong enough.
+ The default value is "<literal>false</literal>".
+ Concept, implications as well as alternatives are detailed in &apt-secure;.
</para></listitem>
</varlistentry>
<varlistentry><term><option>AllowDowngradeToInsecureRepositories</option></term>
<listitem><para>
- Allow that a repository that was previously gpg signed to become
- unsigned durign a update operation. When there is no valid signature
- of a previously trusted repository apt will refuse the update. This
- option can be used to override this protection. You almost certainly
- never want to enable this. The default is false.
-
- Note that apt will still consider packages from this source
- untrusted and warn about them if you try to install
- them.
- </para></listitem>
+ Allow that a repository that was previously gpg signed to become
+ unsigned during an update operation. When there is no valid signature
+ for a previously trusted repository apt will refuse the update. This
+ option can be used to override this protection. You almost certainly
+ never want to enable this. The default is <literal>false</literal>.
+ Concept, implications as well as alternatives are detailed in &apt-secure;.
+ </para></listitem>
</varlistentry>
<varlistentry><term><option>Changelogs::URI</option> scope</term>