vendors.list.5.xml 3.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116
  1. <?xml version="1.0" encoding="utf-8" standalone="no"?>
  2. <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
  3. "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
  4. <!ENTITY % aptent SYSTEM "apt.ent">
  5. %aptent;
  6. ]>
  7. <refentry>
  8. <refentryinfo>
  9. &apt-author.jgunthorpe;
  10. &apt-author.team;
  11. &apt-email;
  12. &apt-product;
  13. <!-- The last update date -->
  14. <date>29 February 2004</date>
  15. </refentryinfo>
  16. <refmeta>
  17. <refentrytitle>vendors.list</refentrytitle>
  18. <manvolnum>5</manvolnum>
  19. </refmeta>
  20. <!-- Man page title -->
  21. <refnamediv>
  22. <refname>vendors.list</refname>
  23. <refpurpose>Security key configuration for APT</refpurpose>
  24. </refnamediv>
  25. <refsect1><title>Description</title>
  26. <para>The package vendor list contains a list of all vendors
  27. from whom you wish to authenticate downloaded packages.
  28. For each vendor listed, it must contain the corresponding
  29. PGP key fingerprint, so that APT can perform signature
  30. verification of the release file and subsequent checking
  31. of the checksums of each downloaded package.
  32. To have authentication enabled, you must add the
  33. vendor identification string (see below) enclosed in
  34. square braces to the sources.list line for all sites that mirror
  35. the repository provided by that vendor.</para>
  36. <para>The format of this file is similar to the one used by
  37. apt.conf. It consists of an arbitrary number of blocks of
  38. vendors, where each block starts with a string telling the
  39. <replaceable>key_type</replaceable> and the
  40. <replaceable>vendor_id</replaceable></para>
  41. <para>Some vendors may have multiple blocks that define different
  42. security policies for their distributions. Debian for instance
  43. uses a different signing methodology for stable and unstable releases.</para>
  44. <para><replaceable>key_type</replaceable> is the type of the check required.
  45. Currently, there is only one type available which is
  46. <literal>simple-key</literal>.</para>
  47. <para><replaceable>vendor_id</replaceable> is the vendor identification
  48. string. It is an arbitrary string you must supply to uniquely identifify a
  49. vendor that's listed in this file.
  50. Example:
  51. </para>
  52. <informalexample><programlisting>
  53. simple-key "joe"
  54. {
  55. Fingerprint "0987AB4378FSD872343298787ACC";
  56. Name "Joe Shmoe &lt;joe@shmoe.com&gt;";
  57. }
  58. </programlisting></informalexample>
  59. </refsect1>
  60. <refsect1><title>The simple-key type</title>
  61. <para>This type of verification is used when the vendor has a single
  62. secured key that must be used to sign the Release file. The
  63. following items should be present</para>
  64. <variablelist>
  65. <varlistentry><term>Fingerprint</term>
  66. <listitem><para>
  67. The PGP fingerprint for the key. The fingerprint should be
  68. expressed in the standard notion with or without spaces.
  69. The <option>--fingerprint</option> option for
  70. <citerefentry><refentrytitle><command>gpg</command></refentrytitle><manvolnum>1</manvolnum></citerefentry>
  71. will show the fingerprint for the selected keys(s).
  72. </para>
  73. </listitem>
  74. </varlistentry>
  75. <varlistentry><term>Name</term>
  76. <listitem><para>
  77. A string containing a description of the owner of
  78. the key or vendor. You may put the vendor name and it's
  79. email. The string must be quoted with ".
  80. </para>
  81. </listitem>
  82. </varlistentry>
  83. </variablelist>
  84. </refsect1>
  85. <refsect1><title>Files</title>
  86. <para><filename>/etc/apt/vendors.list</filename></para>
  87. </refsect1>
  88. <refsect1><title>See Also</title>
  89. <para>&sources-list;
  90. </para>
  91. </refsect1>
  92. &manbugs;
  93. </refentry>