X-Git-Url: https://git.saurik.com/apt.git/blobdiff_plain/b43af876ed0901eabfb7fe93276eb9272cacf22d..3184b4cf2e8e2009ce62b8f66c666ae7da67e378:/doc/apt.conf.5.xml
diff --git a/doc/apt.conf.5.xml b/doc/apt.conf.5.xml
index e0ce0db40..e37456d73 100644
--- a/doc/apt.conf.5.xml
+++ b/doc/apt.conf.5.xml
@@ -21,7 +21,7 @@
&apt-email;
&apt-product;
- 10 December 2008
+ 16 January 2010
@@ -37,20 +37,31 @@
Description
- apt.conf is the main configuration file for the APT suite of
- tools, all tools make use of the configuration file and a common command line
- parser to provide a uniform environment. When an APT tool starts up it will
- read the configuration specified by the APT_CONFIG environment
- variable (if any) and then read the files in Dir::Etc::Parts
- then read the main configuration file specified by
- Dir::Etc::main then finally apply the
- command line options to override the configuration directives, possibly
- loading even more config files.
-
+ apt.conf is the main configuration file for
+ the APT suite of tools, but by far not the only place changes to options
+ can be made. All tools therefore share the configuration files and also
+ use a common command line parser to provide a uniform environment.
+
+ When an APT tool starts up it will read the configuration files
+ in the following order:
+ the file specified by the APT_CONFIG
+ environment variable (if any)
+ all files in Dir::Etc::Parts in
+ alphanumeric ascending order which have no or "conf"
+ as filename extension and which only contain alphanumeric,
+ hyphen (-), underscore (_) and period (.) characters -
+ otherwise they will be silently ignored.
+ the main configuration file specified by
+ Dir::Etc::main
+ the command line options are applied to override the
+ configuration directives or to load even more configuration files.
+
+
+ Syntax
The configuration file is organized in a tree with options organized into
- functional groups. option specification is given with a double colon
+ functional groups. Option specification is given with a double colon
notation, for instance APT::Get::Assume-Yes is an option within
- the APT tool group, for the Get tool. options do not inherit from their
+ the APT tool group, for the Get tool. Options do not inherit from their
parent groups.
Syntactically the configuration language is modeled after what the ISC tools
@@ -58,9 +69,13 @@
// are treated as comments (ignored), as well as all text
between /* and */, just like C/C++ comments.
Each line is of the form
- APT::Get::Assume-Yes "true"; The trailing
- semicolon is required and the quotes are optional. A new scope can be
- opened with curly braces, like:
+ APT::Get::Assume-Yes "true";. The trailing
+ semicolon and the quotes are required. The value must be on one line, and
+ there is no kind of string concatenation. It must not include inside quotes.
+ The behavior of the backslash "\" and escaped characters inside a value is
+ undefined and it should not be used. An option name may include
+ alphanumerical characters and the "/-:._+" characters. A new scope can
+ be opened with curly braces, like:
APT {
@@ -86,17 +101,41 @@ DPkg::Pre-Install-Pkgs {"/usr/sbin/dpkg-preconfigure --apt";};
The names of the configuration items are not case-sensitive. So in the previous example
you could use dpkg::pre-install-pkgs.
- Two specials are allowed, #include and #clear
+ Names for the configuration items are optional if a list is defined as it can be see in
+ the DPkg::Pre-Install-Pkgs example above. If you don't specify a name a
+ new entry will simply add a new option to the list. If you specify a name you can override
+ the option as every other option by reassigning a new value to the option.
+
+ Two specials are allowed, #include (which is deprecated
+ and not supported by alternative implementations) and #clear:
#include will include the given file, unless the filename
ends in a slash, then the whole directory is included.
#clear is used to erase a part of the configuration tree. The
- specified element and all its descendents are erased.
+ specified element and all its descendants are erased.
+ (Note that these lines also need to end with a semicolon.)
+
+ The #clear command is the only way to delete a list or a complete scope.
+ Reopening a scope or the ::-style described below will not
+ override previously written entries. Only options can be overridden by addressing a new
+ value to it - lists and scopes can't be overridden, only cleared.
All of the APT tools take a -o option which allows an arbitrary configuration
directive to be specified on the command line. The syntax is a full option
name (APT::Get::Assume-Yes for instance) followed by an equals
sign then the new value of the option. Lists can be appended too by adding
- a trailing :: to the list name.
+ a trailing :: to the list name. (As you might suspect: The scope syntax can't be used
+ on the command line.)
+
+ Note that you can use :: only for appending one item per line to a list and
+ that you should not use it in combination with the scope syntax.
+ (The scope syntax implicit insert ::) Using both syntaxes together will trigger a bug
+ which some users unfortunately relay on: An option with the unusual name "::"
+ which acts like every other option with a name. These introduces many problems
+ including that a user who writes multiple lines in this wrong syntax in
+ the hope to append to a list will gain the opposite as only the last assignment for this option
+ "::" will be used. Upcoming APT versions will raise errors and
+ will stop working if they encounter this misuse, so please correct such statements now
+ as long as APT doesn't complain explicit about them.
The APT Group
@@ -111,10 +150,11 @@ DPkg::Pre-Install-Pkgs {"/usr/sbin/dpkg-preconfigure --apt";};
Default-Release
- Default release to install packages from if more than one
- version available. Contains release name, codename or release version. Examples: 'stable', 'testing', 'unstable', 'lenny', 'squeeze', '4.0', '5.0*'. See also &apt-preferences;.
+ Default release to install packages from if more than one
+ version available. Contains release name, codename or release version. Examples: 'stable', 'testing',
+ 'unstable', '&stable-codename;', '&testing-codename;', '4.0', '5.0*'. See also &apt-preferences;.
-
+
Ignore-Hold
Ignore Held packages; This global option causes the problem resolver to
ignore held packages in its decision making.
@@ -128,11 +168,26 @@ DPkg::Pre-Install-Pkgs {"/usr/sbin/dpkg-preconfigure --apt";};
Immediate-Configure
- Disable Immediate Configuration; This dangerous option disables some
- of APT's ordering code to cause it to make fewer dpkg calls. Doing
- so may be necessary on some extremely slow single user systems but
- is very dangerous and may cause package install scripts to fail or worse.
- Use at your own risk.
+ Defaults to on which will cause APT to install essential and important packages
+ as fast as possible in the install/upgrade operation. This is done to limit the effect of a failing
+ &dpkg; call: If this option is disabled APT does treat an important package in the same way as
+ an extra package: Between the unpacking of the important package A and his configuration can then
+ be many other unpack or configuration calls, e.g. for package B which has no relation to A, but
+ causes the dpkg call to fail (e.g. because maintainer script of package B generates an error) which results
+ in a system state in which package A is unpacked but unconfigured - each package depending on A is now no
+ longer guaranteed to work as their dependency on A is not longer satisfied. The immediate configuration marker
+ is also applied to all dependencies which can generate a problem if the dependencies e.g. form a circle
+ as a dependency with the immediate flag is comparable with a Pre-Dependency. So in theory it is possible
+ that APT encounters a situation in which it is unable to perform immediate configuration, errors out and
+ refers to this option so the user can deactivate the immediate configuration temporarily to be able to perform
+ an install/upgrade again. Note the use of the word "theory" here as this problem was only encountered by now
+ in real world a few times in non-stable distribution versions and was caused by wrong dependencies of the package
+ in question or by a system in an already broken state, so you should not blindly disable this option as
+ the mentioned scenario above is not the only problem immediate configuration can help to prevent in the first place.
+ Before a big operation like dist-upgrade is run with this option disabled it should be tried to
+ explicitly install the package APT is unable to configure immediately, but please make sure to
+ report your problem also to your distribution and to the APT team with the buglink below so they can work on
+ improving or correcting the upgrade process.
Force-LoopBreak
@@ -144,9 +199,20 @@ DPkg::Pre-Install-Pkgs {"/usr/sbin/dpkg-preconfigure --apt";};
anything that those packages depend on.
- Cache-Limit
- APT uses a fixed size memory mapped cache file to store the 'available'
- information. This sets the size of that cache (in bytes).
+ Cache-Start, Cache-Grow and Cache-Limit
+ APT uses since version 0.7.26 a resizable memory mapped cache file to store the 'available'
+ information. Cache-Start acts as a hint to which size the Cache will grow
+ and is therefore the amount of memory APT will request at startup. The default value is
+ 20971520 bytes (~20 MB). Note that these amount of space need to be available for APT
+ otherwise it will likely fail ungracefully, so for memory restricted devices these value should
+ be lowered while on systems with a lot of configured sources this might be increased.
+ Cache-Grow defines in byte with the default of 1048576 (~1 MB) how much
+ the Cache size will be increased in the event the space defined by Cache-Start
+ is not enough. These value will be applied again and again until either the cache is big
+ enough to store all information or the size of the cache reaches the Cache-Limit.
+ The default of Cache-Limit is 0 which stands for no limit.
+ If Cache-Grow is set to 0 the automatic grow of the cache is disabled.
+
Build-Essential
@@ -175,10 +241,41 @@ DPkg::Pre-Install-Pkgs {"/usr/sbin/dpkg-preconfigure --apt";};
and the URI handlers.
+ Check-Valid-Until
+ Security related option defaulting to true as an
+ expiring validation for a Release file prevents longtime replay attacks
+ and can e.g. also help users to identify no longer updated mirrors -
+ but the feature depends on the correctness of the time on the user system.
+ Archive maintainers are encouraged to create Release files with the
+ Valid-Until header, but if they don't or a stricter value
+ is volitional the following Max-ValidTime option can be used.
+
+
+
+ Max-ValidTime
+ Seconds the Release file should be considered valid after
+ it was created. The default is "for ever" (0) if the Release file of the
+ archive doesn't include a Valid-Until header.
+ If it does then this date is the default. The date from the Release file or
+ the date specified by the creation time of the Release file
+ (Date header) plus the seconds specified with this
+ options are used to check if the validation of a file has expired by using
+ the earlier date of the two. Archive specific settings can be made by
+ appending the label of the archive to the option name.
+
+
+
PDiffs
Try to download deltas called PDiffs for
Packages or Sources files instead of downloading whole ones. True
- by default.
+ by default.
+ Two sub-options to limit the use of PDiffs are also available:
+ With FileLimit can be specified how many PDiff files
+ are downloaded at most to patch a file. SizeLimit
+ on the other hand is the maximum precentage of the size of all patches
+ compared to the size of the targeted file. If one of these limits is
+ exceeded the complete file is downloaded instead of the patches.
+
Queue-Mode
@@ -222,18 +319,30 @@ DPkg::Pre-Install-Pkgs {"/usr/sbin/dpkg-preconfigure --apt";};
this applies to all things including connection timeout and data timeout.
One setting is provided to control the pipeline depth in cases where the
- remote server is not RFC conforming or buggy (such as Squid 2.0.2)
+ remote server is not RFC conforming or buggy (such as Squid 2.0.2).
Acquire::http::Pipeline-Depth can be a value from 0 to 5
indicating how many outstanding requests APT should send. A value of
zero MUST be specified if the remote host does not properly linger
on TCP connections - otherwise data corruption will occur. Hosts which
- require this are in violation of RFC 2068.
+ require this are in violation of RFC 2068.
+
+ The used bandwidth can be limited with Acquire::http::Dl-Limit
+ which accepts integer values in kilobyte. The default value is 0 which deactivates
+ the limit and tries uses as much as possible of the bandwidth (Note that this option implicit
+ deactivates the download from multiple servers at the same time.)
+
+ Acquire::http::User-Agent can be used to set a different
+ User-Agent for the http download method as some proxies allow access for clients
+ only if the client uses a known identifier.
+
https
- HTTPS URIs. Cache-control and proxy options are the same as for
- http method.
- Pipeline-Depth option is not supported yet.
+ HTTPS URIs. Cache-control, Timeout, AllowRedirect, Dl-Limit and
+ proxy options are the same as for http method and will also
+ default to the options from the http method if they are not
+ explicitly set for https. Pipeline-Depth option is not
+ supported yet.
CaInfo suboption specifies place of file that
holds info about trusted certificates.
@@ -298,7 +407,7 @@ DPkg::Pre-Install-Pkgs {"/usr/sbin/dpkg-preconfigure --apt";};
as specified in /etc/fstab. It is possible to provide
alternate mount and unmount commands if your mount point cannot be listed
in the fstab (such as an SMB mount and old mount packages). The syntax
- is to put "/cdrom/"::Mount "foo"; within
+ is to put /cdrom/::Mount "foo"; within
the cdrom block. It is important to have the trailing slash. Unmount
commands can be specified using UMount.
@@ -312,17 +421,61 @@ DPkg::Pre-Install-Pkgs {"/usr/sbin/dpkg-preconfigure --apt";};
CompressionTypes
List of compression types which are understood by the acquire methods.
Files like Packages can be available in various compression formats.
- This list defines in which order the acquire methods will try to download these files.
- Per default bzip2 compressed files will be prefered over
- lzma, gzip and uncompressed files. The syntax for
- the configuration fileentry is
+ Per default the acquire methods can decompress bzip2, lzma
+ and gzip compressed files, with this setting more formats can be added
+ on the fly or the used method can be changed. The syntax for this is:
Acquire::CompressionTypes::FileExtension "Methodname";
- e.g. Acquire::CompressionTypes::bz2 "bzip2";
- Note that at runtime the Dir::Bin::Methodname will
+ Also the Order subgroup can be used to define in which order
+ the acquire system will try to download the compressed files. The acquire system will try the first
+ and proceed with the next compression type in this list on error, so to prefer one over the other type
+ simple add the preferred type at first - not already added default types will be added at run time
+ to the end of the list, so e.g. Acquire::CompressionTypes::Order:: "gz"; can
+ be used to prefer gzip compressed files over bzip2 and lzma.
+ If lzma should be preferred over gzip and bzip2 the
+ configure setting should look like this Acquire::CompressionTypes::Order { "lzma"; "gz"; };
+ It is not needed to add bz2 explicit to the list as it will be added automatic.
+ Note that at run time the Dir::Bin::Methodname will
be checked: If this setting exists the method will only be used if this file exists, e.g. for
- the bzip2 method above (the inbuilt) setting is Dir::Bin::bzip2 "/bin/bzip2";
-
+ the bzip2 method (the inbuilt) setting is Dir::Bin::bzip2 "/bin/bzip2";
+ Note also that list entries specified on the command line will be added at the end of the list
+ specified in the configuration files, but before the default entries. To prefer a type in this case
+ over the ones specified in in the configuration files you can set the option direct - not in list style.
+ This will not override the defined list, it will only prefix the list with this type.
+ While it is possible to add an empty compression type to the order list, but APT in its current
+ version doesn't understand it correctly and will display many warnings about not downloaded files -
+ these warnings are most of the time false negatives. Future versions will maybe include a way to
+ really prefer uncompressed files to support the usage of local mirrors.
+
+
+ GzipIndexes
+
+ When downloading gzip compressed indexes (Packages, Sources, or
+ Translations), keep them gzip compressed locally instead of unpacking
+ them. This saves quite a lot of disk space at the expense of more CPU
+ requirements when building the local package caches. False by default.
+
+
+ Languages
+ The Languages subsection controls which Translation files are downloaded
+ and in which order APT tries to display the Description-Translations. APT will try to display the first
+ available Description in the Language which is listed at first. Languages can be defined with their
+ short or long Languagecodes. Note that not all archives provide Translation
+ files for every Language - especially the long Languagecodes are rare, so please
+ inform you which ones are available before you set here impossible values.
+ The default list includes "environment" and "en". "environment" has a special meaning here:
+ It will be replaced at runtime with the languagecodes extracted from the LC_MESSAGES environment variable.
+ It will also ensure that these codes are not included twice in the list. If LC_MESSAGES
+ is set to "C" only the Translation-en file (if available) will be used.
+ To force apt to use no Translation file use the setting Acquire::Languages=none. "none"
+ is another special meaning code which will stop the search for a fitting Translation file.
+ This can be used by the system administrator to let APT know that it should download also this files without
+ actually use them if the environment doesn't specify this languages. So the following example configuration will
+ result in the order "en, de" in an english and in "de, en" in a german localization. Note that "fr" is downloaded,
+ but not used if APT is not used in a french localization, in such an environment the order would be "fr, de, en".
+ Acquire::Languages { "environment"; "de"; "en"; "none"; "fr"; };
+
+
@@ -374,6 +527,15 @@ DPkg::Pre-Install-Pkgs {"/usr/sbin/dpkg-preconfigure --apt";};
will be looked up in
/tmp/staging/var/lib/dpkg/status.
+
+
+ The Ignore-Files-Silently list can be used to specify
+ which files APT should silently ignore while parsing the files in the
+ fragment directories. Per default a file which end with .disabled,
+ ~, .bak or .dpkg-[a-z]+
+ is silently ignored. As seen in the last default value these patterns can use regular
+ expression syntax.
+
APT in DSelect
@@ -450,6 +612,87 @@ DPkg::Pre-Install-Pkgs {"/usr/sbin/dpkg-preconfigure --apt";};
the default is to disable signing and produce all binaries.
+
+ dpkg trigger usage (and related options)
+ APT can call dpkg in a way so it can make aggressive use of triggers over
+ multiply calls of dpkg. Without further options dpkg will use triggers only in between his
+ own run. Activating these options can therefore decrease the time needed to perform the
+ install / upgrade. Note that it is intended to activate these options per default in the
+ future, but as it changes the way APT calling dpkg drastically it needs a lot more testing.
+ These options are therefore currently experimental and should not be used in
+ productive environments. Also it breaks the progress reporting so all frontends will
+ currently stay around half (or more) of the time in the 100% state while it actually configures
+ all packages.
+ Note that it is not guaranteed that APT will support these options or that these options will
+ not cause (big) trouble in the future. If you have understand the current risks and problems with
+ these options, but are brave enough to help testing them create a new configuration file and test a
+ combination of options. Please report any bugs, problems and improvements you encounter and make sure
+ to note which options you have used in your reports. Asking dpkg for help could also be useful for
+ debugging proposes, see e.g. dpkg --audit. A defensive option combination would be
+DPkg::NoTriggers "true";
+PackageManager::Configure "smart";
+DPkg::ConfigurePending "true";
+DPkg::TriggersPending "true";
+
+
+ DPkg::NoTriggers
+ Add the no triggers flag to all dpkg calls (except the ConfigurePending call).
+ See &dpkg; if you are interested in what this actually means. In short: dpkg will not run the
+ triggers when this flag is present unless it is explicitly called to do so in an extra call.
+ Note that this option exists (undocumented) also in older apt versions with a slightly different
+ meaning: Previously these option only append --no-triggers to the configure calls to dpkg -
+ now apt will add these flag also to the unpack and remove calls.
+
+ PackageManager::Configure
+ Valid values are "all", "smart" and "no".
+ "all" is the default value and causes APT to configure all packages explicit.
+ The "smart" way is it to configure only packages which need to be configured before
+ another package can be unpacked (Pre-Depends) and let the rest configure by dpkg with a call generated
+ by the next option. "no" on the other hand will not configure anything and totally
+ rely on dpkg for configuration (which will at the moment fail if a Pre-Depends is encountered).
+ Setting this option to another than the all value will implicitly activate also the next option per
+ default as otherwise the system could end in an unconfigured status which could be unbootable!
+
+
+ DPkg::ConfigurePending
+ If this option is set apt will call dpkg --configure --pending
+ to let dpkg handle all required configurations and triggers. This option is activated automatic
+ per default if the previous option is not set to all, but deactivating could be useful
+ if you want to run APT multiple times in a row - e.g. in an installer. In these sceneries you could
+ deactivate this option in all but the last run.
+
+ DPkg::TriggersPending
+ Useful for smart configuration as a package which has pending
+ triggers is not considered as installed and dpkg treats them as unpacked
+ currently which is a dealbreaker for Pre-Dependencies (see debbugs #526774). Note that this will
+ process all triggers, not only the triggers needed to configure this package.
+
+ PackageManager::UnpackAll
+ As the configuration can be deferred to be done at the end by dpkg it can be
+ tried to order the unpack series only by critical needs, e.g. by Pre-Depends. Default is true
+ and therefore the "old" method of ordering in various steps by everything. While both method
+ were present in earlier APT versions the OrderCritical method was unused, so
+ this method is very experimental and needs further improvements before becoming really useful.
+
+
+ OrderList::Score::Immediate
+ Essential packages (and there dependencies) should be configured immediately
+ after unpacking. It will be a good idea to do this quite early in the upgrade process as these
+ these configure calls require currently also DPkg::TriggersPending which
+ will run quite a few triggers (which maybe not needed). Essentials get per default a high score
+ but the immediate flag is relatively low (a package which has a Pre-Depends is higher rated).
+ These option and the others in the same group can be used to change the scoring. The following
+ example shows the settings with there default values.
+ OrderList::Score {
+ Delete 500;
+ Essential 200;
+ Immediate 10;
+ PreDepends 50;
+};
+
+
+
+
@@ -833,6 +1076,7 @@ is commented.
-->
+
@@ -844,15 +1088,7 @@ is commented.
Files
- /etc/apt/apt.conf
- APT configuration file.
- Configuration Item: Dir::Etc::Main.
-
-
- /etc/apt/apt.conf.d/
- APT configuration file fragments.
- Configuration Item: Dir::Etc::Parts.
-
+ &file-aptconf;