&apt-email;
&apt-product;
<!-- The last update date -->
- <date>2014-01-18T00:00:00Z</date>
+ <date>2016-11-25T00:00:00Z</date>
</refentryinfo>
<refmeta>
archive, <filename>distribution/component</filename>. The
<literal>distribution</literal> is generally a suite name like
<literal>stable</literal> or <literal>testing</literal> or a codename like
- <literal>&stable-codename;</literal> or <literal>&testing-codename;</literal>
+ <literal>&debian-stable-codename;</literal> or <literal>&debian-testing-codename;</literal>
while component is one of <literal>main</literal>, <literal>contrib</literal> or
<literal>non-free</literal>. The
<literal>deb-src</literal> type references a Debian distribution's source
(<option>target</option>) is a multivalue option defining
which download targets apt will try to acquire from this
source. If not specified, the default set is defined by the
- <option>Acquire::IndexTargets</option> configuration scope.
- Additionally, specific targets can be enabled or disabled by
- using the identifier as field name instead of using this
- multivalue option.
+ <option>Acquire::IndexTargets</option> configuration scope
+ (targets are specified by their name in the
+ <literal>Created-By</literal> field).
+ Additionally, targets can be enabled or disabled by using the
+ <literal>Identifier</literal> field as an option with a boolean
+ value instead of using this multivalue option.
</para></listitem>
<listitem><para><option>PDiffs</option> (<option>pdiffs</option>)
anomalies.
<itemizedlist>
+ <listitem><para><option>Allow-Insecure</option> (<option>allow-insecure</option>),
+ <option>Allow-Weak</option> (<option>allow-weak</option>) and
+ <option>Allow-Downgrade-To-Insecure</option> (<option>allow-downgrade-to-insecure</option>)
+ are boolean values which all default to <literal>no</literal>.
+ If set to <literal>yes</literal> they circumvent parts of &apt-secure;
+ and should therefore not be used lightly!
+ </para></listitem>
+
<listitem><para><option>Trusted</option> (<option>trusted</option>)
is a tri-state value which defaults to APT deciding if a source
is considered trusted or if warnings should be raised before e.g.
packages are installed from this source. This option can be used
- to override this decision either with the value <literal>yes</literal>,
- which lets APT consider this source always as a trusted source,
- even if it lacks or fails authentication checks, by disabling parts
- of &apt-secure;. It should therefore only be used in a local and trusted
- context (if at all) as otherwise security is breached. The opposite
- can be achieved with the value <literal>no</literal>, which
- causes the source to be handled as untrusted even if the
- authentication checks passed successfully.
- The default value can't be set explicitly.
+ to override that decision. The value <literal>yes</literal> tells APT
+ always to consider this source as trusted, even if it doesn't pass
+ authentication checks. It disables parts of &apt-secure;, and should
+ therefore only be used in a local and trusted context (if at all) as
+ otherwise security is breached. The value <literal>no</literal> does
+ the opposite, causing the source to be handled as untrusted even if
+ the authentication checks passed successfully. The default value can't
+ be set explicitly.
</para></listitem>
<listitem><para><option>Signed-By</option> (<option>signed-by</option>)
is either an absolute path to a keyring file (has to be
accessible and readable for the <literal>_apt</literal> user,
- so ensure everyone has read-permissions on the file) or a
- fingerprint of a key either in the
- <filename>trusted.gpg</filename> keyring or in one of the
+ so ensure everyone has read-permissions on the file) or one or
+ more fingerprints of keys either in the
+ <filename>trusted.gpg</filename> keyring or in the
keyrings in the <filename>trusted.gpg.d/</filename> directory
(see <command>apt-key fingerprint</command>). If the option is
- set, only the key(s) in this keyring or only the key with this
- fingerprint is used for the &apt-secure; verification of this
- repository. Otherwise all keys in the trusted keyrings are
- considered valid signers for this repository.
+ set, only the key(s) in this keyring or only the keys with these
+ fingerprints are used for the &apt-secure; verification of this
+ repository. Defaults to the value of the option with the same name
+ if set in the previously acquired <filename>Release</filename> file.
+ Otherwise all keys in the trusted keyrings are considered valid
+ signers for this repository.
</para></listitem>
<listitem><para><option>Check-Valid-Until</option> (<option>check-valid-until</option>)
<para>The first line gets package information for the architectures in <literal>APT::Architectures</literal>
while the second always retrieves <literal>amd64</literal> and <literal>armel</literal>.</para>
- <literallayout>deb http://httpredir.debian.org/debian &stable-codename; main
-deb [ arch=amd64,armel ] http://httpredir.debian.org/debian &stable-codename; main</literallayout>
+ <literallayout>deb http://deb.debian.org/debian &debian-stable-codename; main
+deb [ arch=amd64,armel ] http://deb.debian.org/debian &debian-stable-codename; main</literallayout>
<literallayout>Types: deb
-URIs: http://httpredir.debian.org/debian
-Suites: &stable-codename;
+URIs: http://deb.debian.org/debian
+Suites: &debian-stable-codename;
Components: main
Types: deb
-URIs: http://httpredir.debian.org/debian
-Suites: &stable-codename;
+URIs: http://deb.debian.org/debian
+Suites: &debian-stable-codename;
Components: main
Architectures: amd64 armel
</literallayout>
Components: main</literallayout>
<para>Uses FTP to access the archive at ftp.debian.org, under the debian
- directory, and uses only the &stable-codename;/contrib area.</para>
- <literallayout>deb ftp://ftp.debian.org/debian &stable-codename; contrib</literallayout>
+ directory, and uses only the &debian-stable-codename;/contrib area.</para>
+ <literallayout>deb ftp://ftp.debian.org/debian &debian-stable-codename; contrib</literallayout>
<literallayout>Types: deb
URIs: ftp://ftp.debian.org/debian
-Suites: &stable-codename;
+Suites: &debian-stable-codename;
Components: contrib</literallayout>
<para>Uses FTP to access the archive at ftp.debian.org, under the debian
<para>Uses HTTP to get binary packages as well as sources from the stable, testing and unstable
suites and the components main and contrib.</para>
- <literallayout>deb http://httpredir.debian.org/debian stable main contrib
-deb-src http://httpredir.debian.org/debian stable main contrib
-deb http://httpredir.debian.org/debian testing main contrib
-deb-src http://httpredir.debian.org/debian testing main contrib
-deb http://httpredir.debian.org/debian unstable main contrib
-deb-src http://httpredir.debian.org/debian unstable main contrib</literallayout>
+ <literallayout>deb http://deb.debian.org/debian stable main contrib
+deb-src http://deb.debian.org/debian stable main contrib
+deb http://deb.debian.org/debian testing main contrib
+deb-src http://deb.debian.org/debian testing main contrib
+deb http://deb.debian.org/debian unstable main contrib
+deb-src http://deb.debian.org/debian unstable main contrib</literallayout>
<literallayout>Types: deb deb-src
-URIs: http://httpredir.debian.org/debian
+URIs: http://deb.debian.org/debian
Suites: stable testing unstable
Components: main contrib
</literallayout>
</refsect1>
<refsect1><title>See Also</title>
- <para>&apt-get;, &apt-conf;
- </para>
+ <para>&apt-get;, &apt-conf;, &apt-acquire-additional-files;</para>
</refsect1>
&manbugs;