sources.list.5.xml 25 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511
  1. <?xml version="1.0" encoding="utf-8" standalone="no"?>
  2. <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
  3. "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
  4. <!ENTITY % aptent SYSTEM "apt.ent"> %aptent;
  5. <!ENTITY % aptverbatiment SYSTEM "apt-verbatim.ent"> %aptverbatiment;
  6. <!ENTITY % aptvendor SYSTEM "apt-vendor.ent"> %aptvendor;
  7. ]>
  8. <refentry>
  9. <refentryinfo>
  10. &apt-author.jgunthorpe;
  11. &apt-author.team;
  12. &apt-email;
  13. &apt-product;
  14. <!-- The last update date -->
  15. <date>2015-11-26T00:00:00Z</date>
  16. </refentryinfo>
  17. <refmeta>
  18. <refentrytitle>sources.list</refentrytitle>
  19. <manvolnum>5</manvolnum>
  20. <refmiscinfo class="manual">APT</refmiscinfo>
  21. </refmeta>
  22. <!-- Man page title -->
  23. <refnamediv>
  24. <refname>sources.list</refname>
  25. <refpurpose>List of configured APT data sources</refpurpose>
  26. </refnamediv>
  27. <refsect1><title>Description</title>
  28. <para>
  29. The source list <filename>/etc/apt/sources.list</filename> and the
  30. files contained in <filename>/etc/apt/sources.list.d/</filename> are
  31. designed to support any number of active sources and a variety of source
  32. media. The files list one source per line (one-line style) or contain multiline
  33. stanzas defining one or more sources per stanza (deb822 style), with the
  34. most preferred source listed first (in case a single version is
  35. available from more than one source). The information available from the
  36. configured sources is acquired by <command>apt-get update</command> (or
  37. by an equivalent command from another APT front-end).
  38. </para>
  39. </refsect1>
  40. <refsect1><title>sources.list.d</title>
  41. <para>The <filename>/etc/apt/sources.list.d</filename> directory provides
  42. a way to add sources.list entries in separate files.
  43. Two different file formats are allowed as described in the next two sections.
  44. Filenames need to have either the extension <filename>.list</filename> or
  45. <filename>.sources</filename> depending on the contained format.
  46. The filenames may only contain letters (a-z and A-Z),
  47. digits (0-9), underscore (_), hyphen (-) and period (.) characters.
  48. Otherwise APT will print a notice that it has ignored a file, unless that
  49. file matches a pattern in the <literal>Dir::Ignore-Files-Silently</literal>
  50. configuration list - in which case it will be silently ignored.</para>
  51. </refsect1>
  52. <refsect1><title>One-Line-Style Format</title>
  53. <para>
  54. Files in this format have the extension <filename>.list</filename>.
  55. Each line specifying a source starts with a type (e.g. <literal>deb-src</literal>)
  56. followed by options and arguments for this type.
  57. Individual entries cannot be continued onto a following line. Empty lines
  58. are ignored, and a <literal>#</literal> character anywhere on a line marks
  59. the remainder of that line as a comment. Consequently an entry can be
  60. disabled by commenting out the entire line.
  61. If options should be provided they are separated by spaces and all of
  62. them together are enclosed by square brackets (<literal>[]</literal>)
  63. included in the line after the type separated from it with a space.
  64. If an option allows multiple values these are separated from each other
  65. with a comma (<literal>,</literal>). An option name is separated from its
  66. value(s) by an equals sign (<literal>=</literal>). Multivalue options also
  67. have <literal>-=</literal> and <literal>+=</literal> as separators, which
  68. instead of replacing the default with the given value(s) modify the default
  69. value(s) to remove or include the given values.
  70. </para><para>
  71. This is the traditional format and supported by all apt versions.
  72. Note that not all options as described below are supported by all apt versions.
  73. Note also that some older applications parsing this format on their own might not
  74. expect to encounter options as they were uncommon before the introduction of
  75. multi-architecture support.
  76. </para>
  77. </refsect1>
  78. <refsect1><title>deb822-Style Format</title>
  79. <para>
  80. Files in this format have the extension <filename>.sources</filename>.
  81. The format is similar in syntax to other files used by Debian and its
  82. derivatives, such as the metadata files that apt will download from the configured
  83. sources or the <filename>debian/control</filename> file in a Debian source package.
  84. Individual entries are separated by an empty line; additional empty
  85. lines are ignored, and a <literal>#</literal> character at the start of
  86. the line marks the entire line as a comment. An entry can hence be
  87. disabled by commenting out each line belonging to the stanza, but it is
  88. usually easier to add the field "Enabled: no" to the stanza to disable
  89. the entry. Removing the field or setting it to yes reenables it.
  90. Options have the same syntax as every other field: A fieldname separated by
  91. a colon (<literal>:</literal>) and optionally spaces from its value(s).
  92. Note especially that multiple values are separated by spaces, not by
  93. commas as in the one-line format. Multivalue fields like <literal>Architectures</literal>
  94. also have <literal>Architectures-Add</literal> and <literal>Architectures-Remove</literal>
  95. to modify the default value rather than replacing it.
  96. </para><para>
  97. This is a new format supported by apt itself since version 1.1. Previous
  98. versions ignore such files with a notice message as described earlier.
  99. It is intended to make this format gradually the default format,
  100. deprecating the previously described one-line-style format, as it is
  101. easier to create, extend and modify for humans and machines alike
  102. especially if a lot of sources and/or options are involved.
  103. Developers who are working with and/or parsing apt sources are highly
  104. encouraged to add support for this format and to contact the APT team
  105. to coordinate and share this work. Users can freely adopt this format
  106. already, but may encounter problems with software not supporting
  107. the format yet.
  108. </para>
  109. </refsect1>
  110. <refsect1><title>The deb and deb-src Types: General Format</title>
  111. <para>The <literal>deb</literal> type references a typical two-level Debian
  112. archive, <filename>distribution/component</filename>. The
  113. <literal>distribution</literal> is generally a suite name like
  114. <literal>stable</literal> or <literal>testing</literal> or a codename like
  115. <literal>&debian-stable-codename;</literal> or <literal>&debian-testing-codename;</literal>
  116. while component is one of <literal>main</literal>, <literal>contrib</literal> or
  117. <literal>non-free</literal>. The
  118. <literal>deb-src</literal> type references a Debian distribution's source
  119. code in the same form as the <literal>deb</literal> type.
  120. A <literal>deb-src</literal> line is required to fetch source indexes.</para>
  121. <para>The format for two one-line-style entries using the
  122. <literal>deb</literal> and <literal>deb-src</literal> types is:</para>
  123. <literallayout>deb [ option1=value1 option2=value2 ] uri suite [component1] [component2] [...]
  124. deb-src [ option1=value1 option2=value2 ] uri suite [component1] [component2] [...]</literallayout>
  125. <para>Alternatively the equivalent entry in deb822 style looks like this:
  126. <literallayout>
  127. Types: deb deb-src
  128. URIs: uri
  129. Suites: suite
  130. Components: [component1] [component2] [...]
  131. option1: value1
  132. option2: value2
  133. </literallayout>
  134. </para>
  135. <para>The URI for the <literal>deb</literal> type must specify the base of the
  136. Debian distribution, from which APT will find the information it needs.
  137. <literal>suite</literal> can specify an exact path, in which case the
  138. components must be omitted and <literal>suite</literal> must end with
  139. a slash (<literal>/</literal>). This is useful for the case when only a
  140. particular sub-directory of the archive denoted by the URI is of interest.
  141. If <literal>suite</literal> does not specify an exact path, at least
  142. one <literal>component</literal> must be present.</para>
  143. <para><literal>suite</literal> may also contain a variable,
  144. <literal>$(ARCH)</literal>
  145. which expands to the Debian architecture (such as <literal>amd64</literal> or
  146. <literal>armel</literal>) used on the system. This permits architecture-independent
  147. <filename>sources.list</filename> files to be used. In general this is only
  148. of interest when specifying an exact path; <literal>APT</literal> will
  149. automatically generate a URI with the current architecture otherwise.</para>
  150. <para>Especially in the one-line-style format since only one distribution
  151. can be specified per line it may be necessary to have multiple lines for
  152. the same URI, if a subset of all available distributions or components at
  153. that location is desired. APT will sort the URI list after it has
  154. generated a complete set internally, and will collapse multiple
  155. references to the same Internet host, for instance, into a single
  156. connection, so that it does not inefficiently establish a
  157. connection, close it, do something else, and then re-establish a
  158. connection to that same host. APT also parallelizes connections to
  159. different hosts to more effectively deal with sites with low
  160. bandwidth.</para>
  161. <para>It is important to list sources in order of preference, with the most
  162. preferred source listed first. Typically this will result in sorting
  163. by speed from fastest to slowest (CD-ROM followed by hosts on a local
  164. network, followed by distant Internet hosts, for example).</para>
  165. <para>As an example, the sources for your distribution could look like this
  166. in one-line-style format:
  167. <literallayout>&sourceslist-list-format;</literallayout> or like this in
  168. deb822 style format:
  169. <literallayout>&sourceslist-sources-format;</literallayout></para>
  170. </refsect1>
  171. <refsect1><title>The deb and deb-src types: Options</title>
  172. <para>Each source entry can have options specified to modify which source
  173. is accessed and how data is acquired from it. Format, syntax and names
  174. of the options vary between the one-line-style and deb822-style formats
  175. as described, but they both have the same options available. For simplicity
  176. we list the deb822 fieldname and provide the one-line name in brackets.
  177. Remember that besides setting multivalue options explicitly, there is also
  178. the option to modify them based on the default, but we aren't listing those
  179. names explicitly here. Unsupported options are silently ignored by all
  180. APT versions.
  181. <itemizedlist>
  182. <listitem><para><option>Architectures</option>
  183. (<option>arch</option>) is a multivalue option defining for
  184. which architectures information should be downloaded. If this
  185. option isn't set the default is all architectures as defined by
  186. the <option>APT::Architectures</option> config option.
  187. </para></listitem>
  188. <listitem><para><option>Languages</option>
  189. (<option>lang</option>) is a multivalue option defining for
  190. which languages information such as translated package
  191. descriptions should be downloaded. If this option isn't set
  192. the default is all languages as defined by the
  193. <option>Acquire::Languages</option> config option.
  194. </para></listitem>
  195. <listitem><para><option>Targets</option>
  196. (<option>target</option>) is a multivalue option defining
  197. which download targets apt will try to acquire from this
  198. source. If not specified, the default set is defined by the
  199. <option>Acquire::IndexTargets</option> configuration scope.
  200. Additionally, specific targets can be enabled or disabled by
  201. using the identifier as field name instead of using this
  202. multivalue option.
  203. </para></listitem>
  204. <listitem><para><option>PDiffs</option> (<option>pdiffs</option>)
  205. is a yes/no value which controls if APT should try to use PDiffs
  206. to update old indexes instead of downloading the new indexes
  207. entirely. The value of this option is ignored if the repository
  208. doesn't announce the availability of PDiffs. Defaults to the
  209. value of the option with the same name for a specific index file
  210. defined in the <option>Acquire::IndexTargets</option> scope,
  211. which itself defaults to the value of configuration option
  212. <option>Acquire::PDiffs</option> which defaults to
  213. <literal>yes</literal>.
  214. </para></listitem>
  215. <listitem><para><option>By-Hash</option> (<option>by-hash</option>)
  216. can have the value <literal>yes</literal>, <literal>no</literal>
  217. or <literal>force</literal> and controls if APT should try to
  218. acquire indexes via a URI constructed from a hashsum of the
  219. expected file instead of using the well-known stable filename
  220. of the index. Using this can avoid hashsum mismatches, but
  221. requires a supporting mirror. A <literal>yes</literal> or
  222. <literal>no</literal> value activates/disables the use of this
  223. feature if this source indicates support for it, while
  224. <literal>force</literal> will enable the feature regardless of
  225. what the source indicates. Defaults to the value of the option
  226. of the same name for a specific index file defined in the
  227. <option>Acquire::IndexTargets</option> scope, which itself
  228. defaults to the value of configuration option
  229. <option>Acquire::By-Hash</option> which defaults to
  230. <literal>yes</literal>.
  231. </para></listitem>
  232. </itemizedlist>
  233. Furthermore, there are options which if set affect
  234. <emphasis>all</emphasis> sources with the same URI and Suite, so they
  235. have to be set on all such entries and can not be varied between
  236. different components. APT will try to detect and error out on such
  237. anomalies.
  238. <itemizedlist>
  239. <listitem><para><option>Trusted</option> (<option>trusted</option>)
  240. is a tri-state value which defaults to APT deciding if a source
  241. is considered trusted or if warnings should be raised before e.g.
  242. packages are installed from this source. This option can be used
  243. to override that decision. The value <literal>yes</literal> tells APT
  244. always to consider this source as trusted, even if it doesn't pass
  245. authentication checks. It disables parts of &apt-secure;, and should
  246. therefore only be used in a local and trusted context (if at all) as
  247. otherwise security is breached. The value <literal>no</literal> does
  248. the opposite, causing the source to be handled as untrusted even if
  249. the authentication checks passed successfully. The default value can't
  250. be set explicitly.
  251. </para></listitem>
  252. <listitem><para><option>Signed-By</option> (<option>signed-by</option>)
  253. is either an absolute path to a keyring file (has to be
  254. accessible and readable for the <literal>_apt</literal> user,
  255. so ensure everyone has read-permissions on the file) or one or
  256. more fingerprints of keys either in the
  257. <filename>trusted.gpg</filename> keyring or in the
  258. keyrings in the <filename>trusted.gpg.d/</filename> directory
  259. (see <command>apt-key fingerprint</command>). If the option is
  260. set, only the key(s) in this keyring or only the keys with these
  261. fingerprints are used for the &apt-secure; verification of this
  262. repository. Defaults to the value of the option with the same name
  263. if set in the previously acquired <filename>Release</filename> file.
  264. Otherwise all keys in the trusted keyrings are considered valid
  265. signers for this repository.
  266. </para></listitem>
  267. <listitem><para><option>Check-Valid-Until</option> (<option>check-valid-until</option>)
  268. is a yes/no value which controls if APT should try to detect
  269. replay attacks. A repository creator can declare a time until
  270. which the data provided in the repository should be considered valid,
  271. and if this time is reached, but no new data is provided, the data
  272. is considered expired and an error is raised. Besides
  273. increasing security, as a malicious attacker can't send old data
  274. forever to prevent a user from upgrading to a new version,
  275. this also helps users identify mirrors which are no longer
  276. updated. However, some repositories such as historic archives
  277. are not updated any more by design, so this check can be
  278. disabled by setting this option to <literal>no</literal>.
  279. Defaults to the value of configuration option
  280. <option>Acquire::Check-Valid-Until</option> which itself
  281. defaults to <literal>yes</literal>.
  282. </para></listitem>
  283. <listitem><para><option>Valid-Until-Min</option>
  284. (<option>valid-until-min</option>) and
  285. <option>Valid-Until-Max</option>
  286. (<option>valid-until-max</option>) can be used to raise or
  287. lower the time period in seconds in which the data from this
  288. repository is considered valid. -Max can be especially useful
  289. if the repository provides no Valid-Until field on its Release
  290. file to set your own value, while -Min can be used to increase
  291. the valid time on seldom updated (local) mirrors of a more
  292. frequently updated but less accessible archive (which is in the
  293. sources.list as well) instead of disabling the check entirely.
  294. Default to the value of the configuration options
  295. <option>Acquire::Min-ValidTime</option> and
  296. <option>Acquire::Max-ValidTime</option> which are both unset by
  297. default.
  298. </para></listitem>
  299. </itemizedlist>
  300. </para>
  301. </refsect1>
  302. <refsect1><title>URI Specification</title>
  303. <para>The currently recognized URI types are:
  304. <variablelist>
  305. <varlistentry><term><command>file</command></term>
  306. <listitem><para>
  307. The file scheme allows an arbitrary directory in the file system to be
  308. considered an archive. This is useful for NFS mounts and local mirrors or
  309. archives.</para></listitem>
  310. </varlistentry>
  311. <varlistentry><term><command>cdrom</command></term>
  312. <listitem><para>
  313. The cdrom scheme allows APT to use a local CD-ROM drive with media
  314. swapping. Use the &apt-cdrom; program to create cdrom entries in the
  315. source list.</para></listitem>
  316. </varlistentry>
  317. <varlistentry><term><command>http</command></term>
  318. <listitem><para>
  319. The http scheme specifies an HTTP server for the archive. If an environment
  320. variable <envar>http_proxy</envar> is set with the format
  321. http://server:port/, the proxy server specified in
  322. <envar>http_proxy</envar> will be used. Users of authenticated
  323. HTTP/1.1 proxies may use a string of the format
  324. http://user:pass@server:port/.
  325. Note that this is an insecure method of authentication.</para></listitem>
  326. </varlistentry>
  327. <varlistentry><term><command>ftp</command></term>
  328. <listitem><para>
  329. The ftp scheme specifies an FTP server for the archive. APT's FTP behavior
  330. is highly configurable; for more information see the
  331. &apt-conf; manual page. Please note that an FTP proxy can be specified
  332. by using the <envar>ftp_proxy</envar> environment variable. It is possible
  333. to specify an HTTP proxy (HTTP proxy servers often understand FTP URLs)
  334. using this environment variable and <emphasis>only</emphasis> this
  335. environment variable. Proxies using HTTP specified in
  336. the configuration file will be ignored.</para></listitem>
  337. </varlistentry>
  338. <varlistentry><term><command>copy</command></term>
  339. <listitem><para>
  340. The copy scheme is identical to the file scheme except that packages are
  341. copied into the cache directory instead of used directly at their location.
  342. This is useful for people using removable media to copy files around with APT.</para></listitem>
  343. </varlistentry>
  344. <varlistentry><term><command>rsh</command></term><term><command>ssh</command></term>
  345. <listitem><para>
  346. The rsh/ssh method invokes RSH/SSH to connect to a remote host and
  347. access the files as a given user. Prior configuration of rhosts or RSA keys
  348. is recommended. The standard <command>find</command> and <command>dd</command>
  349. commands are used to perform the file transfers from the remote host.
  350. </para></listitem>
  351. </varlistentry>
  352. <varlistentry><term>adding more recognizable URI types</term>
  353. <listitem><para>
  354. APT can be extended with more methods shipped in other optional packages, which should
  355. follow the naming scheme <package>apt-transport-<replaceable>method</replaceable></package>.
  356. For instance, the APT team also maintains the package <package>apt-transport-https</package>,
  357. which provides access methods for HTTPS URIs with features similar to the http method.
  358. Methods for using e.g. debtorrent are also available - see &apt-transport-debtorrent;.
  359. </para></listitem>
  360. </varlistentry>
  361. </variablelist>
  362. </para>
  363. </refsect1>
  364. <refsect1><title>Examples</title>
  365. <para>Uses the archive stored locally (or NFS mounted) at /home/apt/debian
  366. for stable/main, stable/contrib, and stable/non-free.</para>
  367. <literallayout>deb file:/home/apt/debian stable main contrib non-free</literallayout>
  368. <literallayout>Types: deb
  369. URIs: file:/home/apt/debian
  370. Suites: stable
  371. Components: main contrib non-free</literallayout>
  372. <para>As above, except this uses the unstable (development) distribution.</para>
  373. <literallayout>deb file:/home/apt/debian unstable main contrib non-free</literallayout>
  374. <literallayout>Types: deb
  375. URIs: file:/home/apt/debian
  376. Suites: unstable
  377. Components: main contrib non-free</literallayout>
  378. <para>Sources specification for the above.</para>
  379. <literallayout>deb-src file:/home/apt/debian unstable main contrib non-free</literallayout>
  380. <literallayout>Types: deb-src
  381. URIs: file:/home/apt/debian
  382. Suites: unstable
  383. Components: main contrib non-free</literallayout>
  384. <para>The first line gets package information for the architectures in <literal>APT::Architectures</literal>
  385. while the second always retrieves <literal>amd64</literal> and <literal>armel</literal>.</para>
  386. <literallayout>deb http://httpredir.debian.org/debian &debian-stable-codename; main
  387. deb [ arch=amd64,armel ] http://httpredir.debian.org/debian &debian-stable-codename; main</literallayout>
  388. <literallayout>Types: deb
  389. URIs: http://httpredir.debian.org/debian
  390. Suites: &debian-stable-codename;
  391. Components: main
  392. Types: deb
  393. URIs: http://httpredir.debian.org/debian
  394. Suites: &debian-stable-codename;
  395. Components: main
  396. Architectures: amd64 armel
  397. </literallayout>
  398. <para>Uses HTTP to access the archive at archive.debian.org, and uses only
  399. the hamm/main area.</para>
  400. <literallayout>deb http://archive.debian.org/debian-archive hamm main</literallayout>
  401. <literallayout>Types: deb
  402. URIs: http://archive.debian.org/debian-archive
  403. Suites: hamm
  404. Components: main</literallayout>
  405. <para>Uses FTP to access the archive at ftp.debian.org, under the debian
  406. directory, and uses only the &debian-stable-codename;/contrib area.</para>
  407. <literallayout>deb ftp://ftp.debian.org/debian &debian-stable-codename; contrib</literallayout>
  408. <literallayout>Types: deb
  409. URIs: ftp://ftp.debian.org/debian
  410. Suites: &debian-stable-codename;
  411. Components: contrib</literallayout>
  412. <para>Uses FTP to access the archive at ftp.debian.org, under the debian
  413. directory, and uses only the unstable/contrib area. If this line appears as
  414. well as the one in the previous example in <filename>sources.list</filename>
  415. a single FTP session will be used for both resource lines.</para>
  416. <literallayout>deb ftp://ftp.debian.org/debian unstable contrib</literallayout>
  417. <literallayout>Types: deb
  418. URIs: ftp://ftp.debian.org/debian
  419. Suites: unstable
  420. Components: contrib</literallayout>
  421. <para>Uses HTTP to access the archive at ftp.tlh.debian.org, under the
  422. universe directory, and uses only files found under
  423. <filename>unstable/binary-i386</filename> on i386 machines,
  424. <filename>unstable/binary-amd64</filename> on amd64, and so
  425. forth for other supported architectures. [Note this example only
  426. illustrates how to use the substitution variable; official debian
  427. archives are not structured like this]
  428. <literallayout>deb http://ftp.tlh.debian.org/universe unstable/binary-$(ARCH)/</literallayout>
  429. <literallayout>Types: deb
  430. URIs: http://ftp.tlh.debian.org/universe
  431. Suites: unstable/binary-$(ARCH)/</literallayout>
  432. </para>
  433. <para>Uses HTTP to get binary packages as well as sources from the stable, testing and unstable
  434. suites and the components main and contrib.</para>
  435. <literallayout>deb http://httpredir.debian.org/debian stable main contrib
  436. deb-src http://httpredir.debian.org/debian stable main contrib
  437. deb http://httpredir.debian.org/debian testing main contrib
  438. deb-src http://httpredir.debian.org/debian testing main contrib
  439. deb http://httpredir.debian.org/debian unstable main contrib
  440. deb-src http://httpredir.debian.org/debian unstable main contrib</literallayout>
  441. <literallayout>Types: deb deb-src
  442. URIs: http://httpredir.debian.org/debian
  443. Suites: stable testing unstable
  444. Components: main contrib
  445. </literallayout>
  446. </refsect1>
  447. <refsect1><title>See Also</title>
  448. <para>&apt-get;, &apt-conf;
  449. </para>
  450. </refsect1>
  451. &manbugs;
  452. </refentry>