X-Git-Url: https://git.saurik.com/apt.git/blobdiff_plain/49ee5fa71d7df209a411db228a7532c4c56a28d0..923c592ceb6014b31ec751b97b3ed659fa3e88ae:/doc/apt.conf.5.xml
diff --git a/doc/apt.conf.5.xml b/doc/apt.conf.5.xml
index d71f99c0a..380371230 100644
--- a/doc/apt.conf.5.xml
+++ b/doc/apt.conf.5.xml
@@ -19,7 +19,7 @@
&apt-email;
&apt-product;
- 2016-05-27T00:00:00Z
+ 2016-08-17T00:00:00Z
@@ -650,27 +650,32 @@ APT::Compressor::rev {
- Allow the update operation to load data files from
- a repository without a trusted signature. If enabled this
- option no data files will be loaded and the update
- operation fails with a error for this source. The default
- is false for backward compatibility. This will be changed
- in the future.
+ Allow update operations to load data files from
+ repositories without sufficient security information.
+ The default value is "false".
+ Concept, implications as well as alternatives are detailed in &apt-secure;.
-
+
- Allow that a repository that was previously gpg signed to become
- unsigned durign a update operation. When there is no valid signature
- of a previously trusted repository apt will refuse the update. This
- option can be used to override this protection. You almost certainly
- never want to enable this. The default is false.
+ Allow update operations to load data files from
+ repositories which provide security information, but these
+ are deemed no longer cryptographically strong enough.
+ The default value is "false".
+ Concept, implications as well as alternatives are detailed in &apt-secure;.
+
+
- Note that apt will still consider packages from this source
- untrusted and warn about them if you try to install
- them.
-
+
+
+ Allow that a repository that was previously gpg signed to become
+ unsigned during an update operation. When there is no valid signature
+ for a previously trusted repository apt will refuse the update. This
+ option can be used to override this protection. You almost certainly
+ never want to enable this. The default is false.
+ Concept, implications as well as alternatives are detailed in &apt-secure;.
+ scope
@@ -899,91 +904,21 @@ APT::Compressor::rev {
These options are passed to &dpkg-buildpackage; when compiling packages;
the default is to disable signing and produce all binaries.
-
- dpkg trigger usage (and related options)
- APT can call &dpkg; in such a way as to let it make aggressive use of triggers over
- multiple calls of &dpkg;. Without further options &dpkg; will use triggers once each time it runs.
- Activating these options can therefore decrease the time needed to perform the
- install or upgrade. Note that it is intended to activate these options per default in the
- future, but as it drastically changes the way APT calls &dpkg; it needs a lot more testing.
- These options are therefore currently experimental and should not be used in
- production environments. It also breaks progress reporting such that all front-ends will
- currently stay around half (or more) of the time in the 100% state while it actually configures
- all packages.
- Note that it is not guaranteed that APT will support these options or that these options will
- not cause (big) trouble in the future. If you have understand the current risks and problems with
- these options, but are brave enough to help testing them, create a new configuration file and test a
- combination of options. Please report any bugs, problems and improvements you encounter and make sure
- to note which options you have used in your reports. Asking &dpkg; for help could also be useful for
- debugging proposes, see e.g. dpkg --audit. A defensive option combination would be
-DPkg::NoTriggers "true";
-PackageManager::Configure "smart";
-DPkg::ConfigurePending "true";
-DPkg::TriggersPending "true";
-
-
-
- Add the no triggers flag to all &dpkg; calls (except the ConfigurePending call).
- See &dpkg; if you are interested in what this actually means. In short: &dpkg; will not run the
- triggers when this flag is present unless it is explicitly called to do so in an extra call.
- Note that this option exists (undocumented) also in older APT versions with a slightly different
- meaning: Previously these option only append --no-triggers to the configure calls to &dpkg; -
- now APT will also add this flag to the unpack and remove calls.
-
-
- Valid values are "all",
- "smart" and "no".
- The default value is "all", which causes APT to
- configure all packages. The "smart" way is to
- configure only packages which need to be configured before another
- package can be unpacked (Pre-Depends), and let the rest be configured
- by &dpkg; with a call generated by the ConfigurePending option (see
- below). On the other hand, "no" will not configure
- anything, and totally relies on &dpkg; for configuration (which at the
- moment will fail if a Pre-Depends is encountered). Setting this option
- to any value other than all will implicitly also
- activate the next option by default, as otherwise the system could end
- in an unconfigured and potentially unbootable state.
-
-
- If this option is set APT will call dpkg --configure --pending
- to let &dpkg; handle all required configurations and triggers. This option is activated automatically
- per default if the previous option is not set to all, but deactivating it could be useful
- if you want to run APT multiple times in a row - e.g. in an installer. In these sceneries you could
- deactivate this option in all but the last run.
-
-
- Useful for the smart configuration as a package which has pending
- triggers is not considered as installed, and &dpkg; treats them as unpacked
- currently which is a showstopper for Pre-Dependencies (see debbugs #526774). Note that this will
- process all triggers, not only the triggers needed to configure this package.
-
-
- Essential packages (and their dependencies) should be configured immediately
- after unpacking. It is a good idea to do this quite early in the upgrade process as these
- configure calls also currently require DPkg::TriggersPending which
- will run quite a few triggers (which may not be needed). Essentials get per default a high score
- but the immediate flag is relatively low (a package which has a Pre-Depends is rated higher).
- These option and the others in the same group can be used to change the scoring. The following
- example shows the settings with their default values.
- OrderList::Score {
- Delete 500;
- Essential 200;
- Immediate 10;
- PreDepends 50;
-};
-
-
-
-
+
+ If this option is set APT will call dpkg --configure --pending
+ to let &dpkg; handle all required configurations and triggers. This option is activated by default,
+ but deactivating it could be useful if you want to run APT multiple times in a row - e.g. in an installer.
+ In this scenario you could deactivate this option in all but the last run.
+
+
Periodic and Archives optionsAPT::Periodic and APT::Archives
groups of options configure behavior of apt periodic updates, which is
- done by the /etc/cron.daily/apt script. See the top of
+ done by the /usr/lib/apt/apt.systemd.daily script. See the top of
this script for the brief documentation of these options.