&apt-email;
&apt-product;
<!-- The last update date -->
- <date>2016-05-27T00:00:00Z</date>
+ <date>2016-07-08T00:00:00Z</date>
</refentryinfo>
<refmeta>
only if the client uses a known identifier.</para>
<para><literal>Acquire::http::Proxy-Auto-Detect</literal> can be used to
- specify an external command to discover the http proxy to use. Apt expects
- the command to output the proxy on stdout in the style
- <literal>http://proxy:port/</literal>. This will override the
- generic <literal>Acquire::http::Proxy</literal> but not any specific
- host proxy configuration set via
- <literal>Acquire::http::Proxy::$HOST</literal>.
+ specify an external command to discover the http proxy to use. The first
+ and only parameter is an URI denoting the host to be contacted to allow
+ for host-specific configuration. APT expects the command to output the
+ proxy on stdout as a single line in the style <literal>http://proxy:port/</literal>
+ or the word <literal>DIRECT</literal> if no proxy should be used. No output
+ indicates that the generic proxy settings should be used.
+
+ Note that auto-detection will not be used for a host if a host-specific proxy
+ configuration is already set via <literal>Acquire::http::Proxy::<replaceable>HOST</replaceable></literal>.
See the &squid-deb-proxy-client; package for an example implementation that
- uses avahi. This option takes precedence over the legacy option name
+ uses avahi.
+
+ This option takes precedence over the legacy option name
<literal>ProxyAutoDetect</literal>.
</para>
<varlistentry><term><option>AllowInsecureRepositories</option></term>
<listitem><para>
- Allow the update operation to load data files from
- a repository without a trusted signature. If enabled this
- option no data files will be loaded and the update
- operation fails with a error for this source. The default
- is false for backward compatibility. This will be changed
- in the future.
+ Allow update operations to load data files from
+ repositories without sufficient security information.
+ The default value is "<literal>false</literal>".
+ Concept, implications as well as alternatives are detailed in &apt-secure;.
</para></listitem>
</varlistentry>
- <varlistentry><term><option>AllowDowngradeToInsecureRepositories</option></term>
+ <varlistentry><term><option>AllowWeakRepositories</option></term>
<listitem><para>
- Allow that a repository that was previously gpg signed to become
- unsigned durign a update operation. When there is no valid signature
- of a previously trusted repository apt will refuse the update. This
- option can be used to override this protection. You almost certainly
- never want to enable this. The default is false.
+ Allow update operations to load data files from
+ repositories which provide security information, but these
+ are deemed no longer cryptographically strong enough.
+ The default value is "<literal>false</literal>".
+ Concept, implications as well as alternatives are detailed in &apt-secure;.
+ </para></listitem>
+ </varlistentry>
- Note that apt will still consider packages from this source
- untrusted and warn about them if you try to install
- them.
- </para></listitem>
+ <varlistentry><term><option>AllowDowngradeToInsecureRepositories</option></term>
+ <listitem><para>
+ Allow that a repository that was previously gpg signed to become
+ unsigned during an update operation. When there is no valid signature
+ for a previously trusted repository apt will refuse the update. This
+ option can be used to override this protection. You almost certainly
+ never want to enable this. The default is <literal>false</literal>.
+ Concept, implications as well as alternatives are detailed in &apt-secure;.
+ </para></listitem>
</varlistentry>
<varlistentry><term><option>Changelogs::URI</option> scope</term>
<title>Periodic and Archives options</title>
<para><literal>APT::Periodic</literal> and <literal>APT::Archives</literal>
groups of options configure behavior of apt periodic updates, which is
- done by the <literal>/etc/cron.daily/apt</literal> script. See the top of
+ done by the <literal>/usr/lib/apt/apt.systemd.daily</literal> script. See the top of
this script for the brief documentation of these options.
</para>
</refsect1>
projects / apt.git / blobdiff