acquire-additional-files.txt 11 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234
  1. # Acquire additional files in 'update' operations
  2. The download and verification of data from multiple sources in different
  3. compression formats, with partial downloads and patches is an involved
  4. process which is hard to implement correctly and securely.
  5. APT frontends share the code and binaries to make this happen in libapt
  6. with the Acquire system, supported by helpers shipped in the apt package
  7. itself and additional transports in individual packages like
  8. apt-transport-https.
  9. For its own operation libapt needs or can make use of Packages, Sources
  10. and Translation-* files, which it will acquire by default, but
  11. a repository might contain more data files (e.g. Contents) a frontend
  12. might want to use and would therefore need to be downloaded as well
  13. (e.g. apt-file).
  14. This file describes the configuration scheme such a frontend can use to
  15. instruct the Acquire system to download those additional files.
  16. # The Configuration Stanza
  17. The Acquire system uses the same configuration settings to implement the
  18. files it downloads by default. These settings are the default, but if
  19. they would be written in a configuration file the configuration
  20. instructing the Acquire system to download the Packages files would look
  21. like this (see also apt.conf(5) manpage for configuration file syntax):
  22. Acquire::IndexTargets::deb::Packages {
  23. MetaKey "$(COMPONENT)/binary-$(ARCHITECTURE)/Packages";
  24. ShortDescription "Packages";
  25. Description "$(SITE) $(RELEASE)/$(COMPONENT) $(ARCHITECTURE) Packages";
  26. flatMetaKey "Packages";
  27. flatDescription "$(SITE) $(RELEASE) Packages";
  28. Optional "false";
  29. };
  30. All files which should be downloaded (nicknamed 'Targets') are mentioned
  31. below the Acquire::IndexTargets scope. 'deb' is here the type of the
  32. sources.list entry the file should be acquired for. The only other
  33. supported value is hence 'deb-src'. Beware: You can't specify multiple
  34. types here and you can't download the same (evaluated) MetaKey from
  35. multiple types!
  36. After the type you can pick any valid and unique string which preferable
  37. refers to the file it downloads (In the example we picked 'Packages').
  38. This string is used as identifier for the target class and accessible as
  39. 'Created-By' e.g. in the "apt-get indextargets" output as detailed below.
  40. All targets have three main properties you can define:
  41. * MetaKey: The identifier of the file to be downloaded as used in the
  42. Release file. It is also the relative location of the file from the
  43. Release file. You can neither download from a different server
  44. entirely (absolute URI) nor access directories above the Release file
  45. (e.g. "../../").
  46. * ShortDescription: Very short string intended to be displayed to the
  47. user e.g. while reporting progress. apt will e.g. use this string in
  48. the last line to indicate progress of e.g. the download of a specific
  49. item.
  50. * Description: A preferable human understandable and readable identifier
  51. of which file is acquired exactly. Mainly used for progress reporting
  52. and error messages. apt will e.g. use this string in the Get/Hit/Err
  53. progress lines.
  54. Additional optional properties:
  55. * flat{MetaKey,Description}: APT supports two types of repositories:
  56. dists-style repositories which are the default and by far the most
  57. common which are named after the fact that the files are in an
  58. elaborated directory structure. In contrast a flat-style repositories
  59. lumps all files together in one directory. Support for these flat
  60. repositories exists mainly for legacy purposes only. It is therefore
  61. recommend to not set these values.
  62. * Optional: The default value is 'true' and should be kept at this
  63. value. If enabled the acquire system will skip the download if the
  64. file isn't mentioned in the Release file. Otherwise this is treated as
  65. a hard error and the update process fails. Note that failures while
  66. downloading (e.g. 404 or hash verification errors) are failures,
  67. regardless of this setting.
  68. The acquire system will automatically choose to download a compressed
  69. file if it is available and uncompress it for you, just as it will also
  70. use pdiff patching if provided by the repository and enabled by the
  71. user. You only have to ensure that the Release file contains the
  72. information about the compressed files/pdiffs to make this happen.
  73. NO properties have to be set to enable this.
  74. # More examples
  75. The stanzas for Translation-* files as well as for Sources files would
  76. look like this:
  77. Acquire::IndexTargets {
  78. deb::Translations {
  79. MetaKey "$(COMPONENT)/i18n/Translation-$(LANGUAGE)";
  80. ShortDescription "Translation-$(LANGUAGE)";
  81. Description "$(SITE) $(RELEASE)/$(COMPONENT) Translation-$(LANGUAGE)";
  82. flatMetaKey "$(LANGUAGE)";
  83. flatDescription "$(SITE) $(RELEASE) Translation-$(LANGUAGE)";
  84. };
  85. deb-src::Sources {
  86. MetaKey "$(COMPONENT)/source/Sources";
  87. ShortDescription "Sources";
  88. Description "$(SITE) $(RELEASE)/$(COMPONENT) Sources";
  89. flatMetaKey "Sources";
  90. flatDescription "$(SITE) $(RELEASE) Sources";
  91. Optional "false";
  92. };
  93. };
  94. # Substitution variables
  95. As seen in the examples, properties can contain placeholders filled in
  96. by the acquire system. The following variables are known; note that
  97. unknown variables have no default value nor are they touched: They are
  98. printed as-is.
  99. * $(SITE): An identifier of the site we access as seen in sources.list,
  100. e.g. "http://example.org/debian" or "file:/path/to/a/repository". You
  101. can't use this field in {,flat}MetaKey, it is for description proposes
  102. only.
  103. * $(RELEASE): This is usually an archive- or codename, e.g. "stable" or
  104. "stretch". Note that flat-style repositories do not have a archive-
  105. or codename per-se, so the value might very well be just "/" or so.
  106. Again, as seen in the sources.list.
  107. * $(COMPONENT): as given in the sources.list, e.g. "main", "non-free" or
  108. "universe". Note that flat-style repositories again do not really
  109. have a meaningful value here.
  110. * $(LANGUAGE): Values are all entries (expect "none") of configuration
  111. option Acquire::Languages, e.g. "en", "de" or "de_AT".
  112. * $(ARCHITECTURE): Values are all entries of configuration option
  113. APT::Architectures (potentially modified by sources.list options),
  114. e.g. "amd64", "i386" or "armel" for the 'deb' type. In type 'deb-src'
  115. this variable has the value "source".
  116. Note that while more variables might exist in the implementation, these
  117. are to be considered undefined and their usage strongly discouraged. If
  118. you have a need for other variables contact us.
  119. # Accessing files
  120. Do NOT hardcode specific file locations, names or compression types in
  121. your application! You will notice that the configuration options give
  122. you no choice over where the downloaded files will be stored. This is by
  123. design so multiple applications can download and use the same file
  124. rather than each and every one of them potentially downloads and uses
  125. its own copy somewhere on disk.
  126. "apt-get indextargets" can be used to get the location as well as other
  127. information about all files downloaded (aka: you will see Packages,
  128. Sources and Translation-* files here as well). Provide a line of the
  129. default output format as parameter to filter out all entries which do
  130. not have such a line. With --format, you can further more define your
  131. own output style. The variables are what you see in the output, just all
  132. uppercase and wrapped in $(), as in the configuration file.
  133. To get all the filenames of all Translation-en files you can e.g. call:
  134. apt-get indextargets --format '$(FILENAME)' "Created-By: Translations" "Language: en"
  135. The line-based filtering and the formating is rather crude and feature-
  136. less by design, so it is recommend to use dedicated and more powerful
  137. tools like 'grep-dctrl'.
  138. Accessing this information via libapt is done by reading the
  139. sources.lists (pkgSourceList), iterating over the metaIndex objects this
  140. creates and calling GetIndexTargets() on them. See the sourcecode of
  141. "apt-get indextargets" for a complete example.
  142. Note that by default targets are not listed if they weren't downloaded.
  143. If you want to see all targets, you can use the --no-release-info, which
  144. also removes the Codename, Suite, Version, Origin, Label and Trusted
  145. fields from the output as these also display data which needs to be
  146. downloaded first and could hence be inaccurate [on the pro-side: This
  147. mode is faster as it doesn't require a valid binary cache to operate].
  148. The most notable difference perhaps is in the Filename field through: By
  149. default it indicates an existing file, potentially compressed (Hint:
  150. libapt users can use FileFd to open compressed files transparently). In
  151. the --no-release-info mode the indicated file doesn't need to exist and
  152. it will always refer to an uncompressed file, even if the index would be
  153. (or is) stored compressed.
  154. Remarks on fields only available in (default) --release-info mode:
  155. * Trusted: Denotes with a 'yes' or 'no' if the data in this file is
  156. authenticated by a trustchain rooted in a trusted gpg key. You should
  157. be careful with untrusted data and warn the user if you use it.
  158. * Codename, Suite, Version, Origin and Label are fields from the Release
  159. file, are only present if they are present in the Release file and
  160. contain the same data.
  161. Remarks on other available fields:
  162. * MetaKey, ShortDesc, Description, Site, Release: as defined
  163. by the configuration and described further above.
  164. * Created-By: configuration entity responsible for this target
  165. * Target-Of: type of the sources.list entry
  166. * URI, Repo-URI: avoid using. Contains potentially username/password.
  167. Prefer 'Site', especially for display.
  168. * Optional: Decodes the option of the same name from the configuration.
  169. Note that it is using 'yes' and 'no' instead of 'true' and 'false'.
  170. * Language, Architecture, Component: as defined further above, but with
  171. the catch that they might be missing if they don't effect the target
  172. (aka: They weren't used while evaluating the MetaKey template).
  173. Again, additional fields might be visible in certain implementations,
  174. but you should avoid using them and instead talk to us about a portable
  175. implementation.
  176. # Multiple application requiring the same files
  177. It is highly encouraged that applications talk to each other and to us
  178. about which files they require. It is usually best to have a common
  179. package ship the configuration needed to get the files, but specific
  180. needs might require specific solutions. Again: talk to us.
  181. # Acquiring files not mentioned in the Release file
  182. You can't. This is by design as these files couldn't be verified to not
  183. be modified in transit, corrupted by the download process or simple if
  184. they are present at all on the server, which would require apt to probe
  185. for them. APT did this in the past for legacy reasons, we do not intend
  186. to go back to these dark times.
  187. This is also why you can't request files from a different server. It
  188. would have the additional problem that this server might not even be
  189. accessible (e.g. proxy settings) or that local sources (file:/, cdrom:/)
  190. start requesting online files…
  191. In other words: We would be opening Pandora's box.