sources.list.5.xml 24 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510
  1. <?xml version="1.0" encoding="utf-8" standalone="no"?>
  2. <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
  3. "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
  4. <!ENTITY % aptent SYSTEM "apt.ent"> %aptent;
  5. <!ENTITY % aptverbatiment SYSTEM "apt-verbatim.ent"> %aptverbatiment;
  6. <!ENTITY % aptvendor SYSTEM "apt-vendor.ent"> %aptvendor;
  7. ]>
  8. <refentry>
  9. <refentryinfo>
  10. &apt-author.jgunthorpe;
  11. &apt-author.team;
  12. &apt-email;
  13. &apt-product;
  14. <!-- The last update date -->
  15. <date>2014-01-18T00:00:00Z</date>
  16. </refentryinfo>
  17. <refmeta>
  18. <refentrytitle>sources.list</refentrytitle>
  19. <manvolnum>5</manvolnum>
  20. <refmiscinfo class="manual">APT</refmiscinfo>
  21. </refmeta>
  22. <!-- Man page title -->
  23. <refnamediv>
  24. <refname>sources.list</refname>
  25. <refpurpose>List of configured APT data sources</refpurpose>
  26. </refnamediv>
  27. <refsect1><title>Description</title>
  28. <para>
  29. The source list <filename>/etc/apt/sources.list</filename> and the
  30. files contained in <filename>/etc/apt/sources.list.d/</filename> are
  31. designed to support any number of active sources and a variety of source
  32. media. The files list one source per line (one-line style) or contain multiline
  33. stanzas defining one or more sources per stanza (deb822 style), with the
  34. most preferred source listed first (in case a single version is
  35. available from more than one source). The information available from the
  36. configured sources is acquired by <command>apt-get update</command> (or
  37. by an equivalent command from another APT front-end).
  38. </para>
  39. </refsect1>
  40. <refsect1><title>sources.list.d</title>
  41. <para>The <filename>/etc/apt/sources.list.d</filename> directory provides
  42. a way to add sources.list entries in separate files.
  43. Two different file formats are allowed as described in the next two sections.
  44. Filenames need to have either the extension <filename>.list</filename> or
  45. <filename>.sources</filename> depending on the contained format.
  46. The filenames may only contain letters (a-z and A-Z),
  47. digits (0-9), underscore (_), hyphen (-) and period (.) characters.
  48. Otherwise APT will print a notice that it has ignored a file, unless that
  49. file matches a pattern in the <literal>Dir::Ignore-Files-Silently</literal>
  50. configuration list - in which case it will be silently ignored.</para>
  51. </refsect1>
  52. <refsect1><title>One-Line-Style Format</title>
  53. <para>
  54. Files in this format have the extension <filename>.list</filename>.
  55. Each line specifying a source starts with a type (e.g. <literal>deb-src</literal>)
  56. followed by options and arguments for this type.
  57. Individual entries cannot be continued onto a following line. Empty lines
  58. are ignored, and a <literal>#</literal> character anywhere on a line marks
  59. the remainder of that line as a comment. Consequently an entry can be
  60. disabled by commenting out the entire line.
  61. If options should be provided they are separated by spaces and all of
  62. them together are enclosed by square brackets (<literal>[]</literal>)
  63. included in the line after the type separated from it with a space.
  64. If an option allows multiple values these are separated from each other
  65. with a comma (<literal>,</literal>). An option name is separated from its
  66. value(s) by an equals sign (<literal>=</literal>). Multivalue options also
  67. have <literal>-=</literal> and <literal>+=</literal> as separators, which
  68. instead of replacing the default with the given value(s) modify the default
  69. value(s) to remove or include the given values.
  70. </para><para>
  71. This is the traditional format and supported by all apt versions.
  72. Note that not all options as described below are supported by all apt versions.
  73. Note also that some older applications parsing this format on their own might not
  74. expect to encounter options as they were uncommon before the introduction of
  75. multi-architecture support.
  76. </para>
  77. </refsect1>
  78. <refsect1><title>deb822-Style Format</title>
  79. <para>
  80. Files in this format have the extension <filename>.sources</filename>.
  81. The format is similar in syntax to other files used by Debian and its
  82. derivatives, such as the metadata files that apt will download from the configured
  83. sources or the <filename>debian/control</filename> file in a Debian source package.
  84. Individual entries are separated by an empty line; additional empty
  85. lines are ignored, and a <literal>#</literal> character at the start of
  86. the line marks the entire line as a comment. An entry can hence be
  87. disabled by commenting out each line belonging to the stanza, but it is
  88. usually easier to add the field "Enabled: no" to the stanza to disable
  89. the entry. Removing the field or setting it to yes reenables it.
  90. Options have the same syntax as every other field: A fieldname separated by
  91. a colon (<literal>:</literal>) and optionally spaces from its value(s).
  92. Note especially that multiple values are separated by spaces, not by
  93. commas as in the one-line format. Multivalue fields like <literal>Architectures</literal>
  94. also have <literal>Architectures-Add</literal> and <literal>Architectures-Remove</literal>
  95. to modify the default value rather than replacing it.
  96. </para><para>
  97. This is a new format supported by apt itself since version 1.1. Previous
  98. versions ignore such files with a notice message as described earlier.
  99. It is intended to make this format gradually the default format,
  100. deprecating the previously described one-line-style format, as it is
  101. easier to create, extend and modify for humans and machines alike
  102. especially if a lot of sources and/or options are involved.
  103. Developers who are working with and/or parsing apt sources are highly
  104. encouraged to add support for this format and to contact the APT team
  105. to coordinate and share this work. Users can freely adopt this format
  106. already, but may encounter problems with software not supporting
  107. the format yet.
  108. </para>
  109. </refsect1>
  110. <refsect1><title>The deb and deb-src Types: General Format</title>
  111. <para>The <literal>deb</literal> type references a typical two-level Debian
  112. archive, <filename>distribution/component</filename>. The
  113. <literal>distribution</literal> is generally a suite name like
  114. <literal>stable</literal> or <literal>testing</literal> or a codename like
  115. <literal>&stable-codename;</literal> or <literal>&testing-codename;</literal>
  116. while component is one of <literal>main</literal>, <literal>contrib</literal> or
  117. <literal>non-free</literal>. The
  118. <literal>deb-src</literal> type references a Debian distribution's source
  119. code in the same form as the <literal>deb</literal> type.
  120. A <literal>deb-src</literal> line is required to fetch source indexes.</para>
  121. <para>The format for two one-line-style entries using the
  122. <literal>deb</literal> and <literal>deb-src</literal> types is:</para>
  123. <literallayout>deb [ option1=value1 option2=value2 ] uri suite [component1] [component2] [...]
  124. deb-src [ option1=value1 option2=value2 ] uri suite [component1] [component2] [...]</literallayout>
  125. <para>Alternatively the equivalent entry in deb822 style looks like this:
  126. <literallayout>
  127. Types: deb deb-src
  128. URIs: uri
  129. Suites: suite
  130. Components: [component1] [component2] [...]
  131. option1: value1
  132. option2: value2
  133. </literallayout>
  134. </para>
  135. <para>The URI for the <literal>deb</literal> type must specify the base of the
  136. Debian distribution, from which APT will find the information it needs.
  137. <literal>suite</literal> can specify an exact path, in which case the
  138. components must be omitted and <literal>suite</literal> must end with
  139. a slash (<literal>/</literal>). This is useful for the case when only a
  140. particular sub-directory of the archive denoted by the URI is of interest.
  141. If <literal>suite</literal> does not specify an exact path, at least
  142. one <literal>component</literal> must be present.</para>
  143. <para><literal>suite</literal> may also contain a variable,
  144. <literal>$(ARCH)</literal>
  145. which expands to the Debian architecture (such as <literal>amd64</literal> or
  146. <literal>armel</literal>) used on the system. This permits architecture-independent
  147. <filename>sources.list</filename> files to be used. In general this is only
  148. of interest when specifying an exact path; <literal>APT</literal> will
  149. automatically generate a URI with the current architecture otherwise.</para>
  150. <para>Especially in the one-line-style format since only one distribution
  151. can be specified per line it may be necessary to have multiple lines for
  152. the same URI, if a subset of all available distributions or components at
  153. that location is desired. APT will sort the URI list after it has
  154. generated a complete set internally, and will collapse multiple
  155. references to the same Internet host, for instance, into a single
  156. connection, so that it does not inefficiently establish a
  157. connection, close it, do something else, and then re-establish a
  158. connection to that same host. APT also parallelizes connections to
  159. different hosts to more effectively deal with sites with low
  160. bandwidth.</para>
  161. <para>It is important to list sources in order of preference, with the most
  162. preferred source listed first. Typically this will result in sorting
  163. by speed from fastest to slowest (CD-ROM followed by hosts on a local
  164. network, followed by distant Internet hosts, for example).</para>
  165. <para>As an example, the sources for your distribution could look like this
  166. in one-line-style format:
  167. <literallayout>&sourceslist-list-format;</literallayout> or like this in
  168. deb822 style format:
  169. <literallayout>&sourceslist-sources-format;</literallayout></para>
  170. </refsect1>
  171. <refsect1><title>The deb and deb-src types: Options</title>
  172. <para>Each source entry can have options specified to modify which source
  173. is accessed and how data is acquired from it. Format, syntax and names
  174. of the options vary between the one-line-style and deb822-style formats
  175. as described, but they both have the same options available. For simplicity
  176. we list the deb822 fieldname and provide the one-line name in brackets.
  177. Remember that besides setting multivalue options explicitly, there is also
  178. the option to modify them based on the default, but we aren't listing those
  179. names explicitly here. Unsupported options are silently ignored by all
  180. APT versions.
  181. <itemizedlist>
  182. <listitem><para><option>Architectures</option>
  183. (<option>arch</option>) is a multivalue option defining for
  184. which architectures information should be downloaded. If this
  185. option isn't set the default is all architectures as defined by
  186. the <option>APT::Architectures</option> config option.
  187. </para></listitem>
  188. <listitem><para><option>Languages</option>
  189. (<option>lang</option>) is a multivalue option defining for
  190. which languages information such as translated package
  191. descriptions should be downloaded. If this option isn't set
  192. the default is all languages as defined by the
  193. <option>Acquire::Languages</option> config option.
  194. </para></listitem>
  195. <listitem><para><option>Targets</option>
  196. (<option>target</option>) is a multivalue option defining
  197. which download targets apt will try to acquire from this
  198. source. If not specified, the default set is defined by the
  199. <option>Acquire::IndexTargets</option> configuration scope.
  200. Additionally, specific targets can be enabled or disabled by
  201. using the identifier as field name instead of using this
  202. multivalue option.
  203. </para></listitem>
  204. <listitem><para><option>PDiffs</option> (<option>pdiffs</option>)
  205. is a yes/no value which controls if APT should try to use PDiffs
  206. to update old indexes instead of downloading the new indexes
  207. entirely. The value of this option is ignored if the repository
  208. doesn't announce the availability of PDiffs. Defaults to the
  209. value of the option with the same name for a specific index file
  210. defined in the <option>Acquire::IndexTargets</option> scope,
  211. which itself defaults to the value of configuration option
  212. <option>Acquire::PDiffs</option> which defaults to
  213. <literal>yes</literal>.
  214. </para></listitem>
  215. <listitem><para><option>By-Hash</option> (<option>by-hash</option>)
  216. can have the value <literal>yes</literal>, <literal>no</literal>
  217. or <literal>force</literal> and controls if APT should try to
  218. acquire indexes via a URI constructed from a hashsum of the
  219. expected file instead of using the well-known stable filename
  220. of the index. Using this can avoid hashsum mismatches, but
  221. requires a supporting mirror. A <literal>yes</literal> or
  222. <literal>no</literal> value activates/disables the use of this
  223. feature if this source indicates support for it, while
  224. <literal>force</literal> will enable the feature regardless of
  225. what the source indicates. Defaults to the value of the option
  226. of the same name for a specific index file defined in the
  227. <option>Acquire::IndexTargets</option> scope, which itself
  228. defaults to the value of configuration option
  229. <option>Acquire::By-Hash</option> which defaults to
  230. <literal>yes</literal>.
  231. </para></listitem>
  232. </itemizedlist>
  233. Furthermore, there are options which if set affect
  234. <emphasis>all</emphasis> sources with the same URI and Suite, so they
  235. have to be set on all such entries and can not be varied between
  236. different components. APT will try to detect and error out on such
  237. anomalies.
  238. <itemizedlist>
  239. <listitem><para><option>Trusted</option> (<option>trusted</option>)
  240. is a tri-state value which defaults to APT deciding if a source
  241. is considered trusted or if warnings should be raised before e.g.
  242. packages are installed from this source. This option can be used
  243. to override this decision either with the value <literal>yes</literal>,
  244. which lets APT consider this source always as a trusted source,
  245. even if it lacks or fails authentication checks, by disabling parts
  246. of &apt-secure;. It should therefore only be used in a local and trusted
  247. context (if at all) as otherwise security is breached. The opposite
  248. can be achieved with the value <literal>no</literal>, which
  249. causes the source to be handled as untrusted even if the
  250. authentication checks passed successfully.
  251. The default value can't be set explicitly.
  252. </para></listitem>
  253. <listitem><para><option>Signed-By</option> (<option>signed-by</option>)
  254. is either an absolute path to a keyring file (has to be
  255. accessible and readable for the <literal>_apt</literal> user,
  256. so ensure everyone has read-permissions on the file) or a
  257. fingerprint of a key either in the
  258. <filename>trusted.gpg</filename> keyring or in one of the
  259. keyrings in the <filename>trusted.gpg.d/</filename> directory
  260. (see <command>apt-key fingerprint</command>). If the option is
  261. set, only the key(s) in this keyring or only the key with this
  262. fingerprint is used for the &apt-secure; verification of this
  263. repository. Otherwise all keys in the trusted keyrings are
  264. considered valid signers for this repository.
  265. </para></listitem>
  266. <listitem><para><option>Check-Valid-Until</option> (<option>check-valid-until</option>)
  267. is a yes/no value which controls if APT should try to detect
  268. replay attacks. A repository creator can declare a time until
  269. which the data provided in the repository should be considered valid,
  270. and if this time is reached, but no new data is provided, the data
  271. is considered expired and an error is raised. Besides
  272. increasing security, as a malicious attacker can't send old data
  273. forever to prevent a user from upgrading to a new version,
  274. this also helps users identify mirrors which are no longer
  275. updated. However, some repositories such as historic archives
  276. are not updated any more by design, so this check can be
  277. disabled by setting this option to <literal>no</literal>.
  278. Defaults to the value of configuration option
  279. <option>Acquire::Check-Valid-Until</option> which itself
  280. defaults to <literal>yes</literal>.
  281. </para></listitem>
  282. <listitem><para><option>Valid-Until-Min</option>
  283. (<option>valid-until-min</option>) and
  284. <option>Valid-Until-Max</option>
  285. (<option>valid-until-max</option>) can be used to raise or
  286. lower the time period in seconds in which the data from this
  287. repository is considered valid. -Max can be especially useful
  288. if the repository provides no Valid-Until field on its Release
  289. file to set your own value, while -Min can be used to increase
  290. the valid time on seldom updated (local) mirrors of a more
  291. frequently updated but less accessible archive (which is in the
  292. sources.list as well) instead of disabling the check entirely.
  293. Default to the value of the configuration options
  294. <option>Acquire::Min-ValidTime</option> and
  295. <option>Acquire::Max-ValidTime</option> which are both unset by
  296. default.
  297. </para></listitem>
  298. </itemizedlist>
  299. </para>
  300. </refsect1>
  301. <refsect1><title>URI Specification</title>
  302. <para>The currently recognized URI types are:
  303. <variablelist>
  304. <varlistentry><term><command>file</command></term>
  305. <listitem><para>
  306. The file scheme allows an arbitrary directory in the file system to be
  307. considered an archive. This is useful for NFS mounts and local mirrors or
  308. archives.</para></listitem>
  309. </varlistentry>
  310. <varlistentry><term><command>cdrom</command></term>
  311. <listitem><para>
  312. The cdrom scheme allows APT to use a local CD-ROM drive with media
  313. swapping. Use the &apt-cdrom; program to create cdrom entries in the
  314. source list.</para></listitem>
  315. </varlistentry>
  316. <varlistentry><term><command>http</command></term>
  317. <listitem><para>
  318. The http scheme specifies an HTTP server for the archive. If an environment
  319. variable <envar>http_proxy</envar> is set with the format
  320. http://server:port/, the proxy server specified in
  321. <envar>http_proxy</envar> will be used. Users of authenticated
  322. HTTP/1.1 proxies may use a string of the format
  323. http://user:pass@server:port/.
  324. Note that this is an insecure method of authentication.</para></listitem>
  325. </varlistentry>
  326. <varlistentry><term><command>ftp</command></term>
  327. <listitem><para>
  328. The ftp scheme specifies an FTP server for the archive. APT's FTP behavior
  329. is highly configurable; for more information see the
  330. &apt-conf; manual page. Please note that an FTP proxy can be specified
  331. by using the <envar>ftp_proxy</envar> environment variable. It is possible
  332. to specify an HTTP proxy (HTTP proxy servers often understand FTP URLs)
  333. using this environment variable and <emphasis>only</emphasis> this
  334. environment variable. Proxies using HTTP specified in
  335. the configuration file will be ignored.</para></listitem>
  336. </varlistentry>
  337. <varlistentry><term><command>copy</command></term>
  338. <listitem><para>
  339. The copy scheme is identical to the file scheme except that packages are
  340. copied into the cache directory instead of used directly at their location.
  341. This is useful for people using removable media to copy files around with APT.</para></listitem>
  342. </varlistentry>
  343. <varlistentry><term><command>rsh</command></term><term><command>ssh</command></term>
  344. <listitem><para>
  345. The rsh/ssh method invokes RSH/SSH to connect to a remote host and
  346. access the files as a given user. Prior configuration of rhosts or RSA keys
  347. is recommended. The standard <command>find</command> and <command>dd</command>
  348. commands are used to perform the file transfers from the remote host.
  349. </para></listitem>
  350. </varlistentry>
  351. <varlistentry><term>adding more recognizable URI types</term>
  352. <listitem><para>
  353. APT can be extended with more methods shipped in other optional packages, which should
  354. follow the naming scheme <package>apt-transport-<replaceable>method</replaceable></package>.
  355. For instance, the APT team also maintains the package <package>apt-transport-https</package>,
  356. which provides access methods for HTTPS URIs with features similar to the http method.
  357. Methods for using e.g. debtorrent are also available - see &apt-transport-debtorrent;.
  358. </para></listitem>
  359. </varlistentry>
  360. </variablelist>
  361. </para>
  362. </refsect1>
  363. <refsect1><title>Examples</title>
  364. <para>Uses the archive stored locally (or NFS mounted) at /home/apt/debian
  365. for stable/main, stable/contrib, and stable/non-free.</para>
  366. <literallayout>deb file:/home/apt/debian stable main contrib non-free</literallayout>
  367. <literallayout>Types: deb
  368. URIs: file:/home/apt/debian
  369. Suites: stable
  370. Components: main contrib non-free</literallayout>
  371. <para>As above, except this uses the unstable (development) distribution.</para>
  372. <literallayout>deb file:/home/apt/debian unstable main contrib non-free</literallayout>
  373. <literallayout>Types: deb
  374. URIs: file:/home/apt/debian
  375. Suites: unstable
  376. Components: main contrib non-free</literallayout>
  377. <para>Sources specification for the above.</para>
  378. <literallayout>deb-src file:/home/apt/debian unstable main contrib non-free</literallayout>
  379. <literallayout>Types: deb-src
  380. URIs: file:/home/apt/debian
  381. Suites: unstable
  382. Components: main contrib non-free</literallayout>
  383. <para>The first line gets package information for the architectures in <literal>APT::Architectures</literal>
  384. while the second always retrieves <literal>amd64</literal> and <literal>armel</literal>.</para>
  385. <literallayout>deb http://httpredir.debian.org/debian &stable-codename; main
  386. deb [ arch=amd64,armel ] http://httpredir.debian.org/debian &stable-codename; main</literallayout>
  387. <literallayout>Types: deb
  388. URIs: http://httpredir.debian.org/debian
  389. Suites: &stable-codename;
  390. Components: main
  391. Types: deb
  392. URIs: http://httpredir.debian.org/debian
  393. Suites: &stable-codename;
  394. Components: main
  395. Architectures: amd64 armel
  396. </literallayout>
  397. <para>Uses HTTP to access the archive at archive.debian.org, and uses only
  398. the hamm/main area.</para>
  399. <literallayout>deb http://archive.debian.org/debian-archive hamm main</literallayout>
  400. <literallayout>Types: deb
  401. URIs: http://archive.debian.org/debian-archive
  402. Suites: hamm
  403. Components: main</literallayout>
  404. <para>Uses FTP to access the archive at ftp.debian.org, under the debian
  405. directory, and uses only the &stable-codename;/contrib area.</para>
  406. <literallayout>deb ftp://ftp.debian.org/debian &stable-codename; contrib</literallayout>
  407. <literallayout>Types: deb
  408. URIs: ftp://ftp.debian.org/debian
  409. Suites: &stable-codename;
  410. Components: contrib</literallayout>
  411. <para>Uses FTP to access the archive at ftp.debian.org, under the debian
  412. directory, and uses only the unstable/contrib area. If this line appears as
  413. well as the one in the previous example in <filename>sources.list</filename>
  414. a single FTP session will be used for both resource lines.</para>
  415. <literallayout>deb ftp://ftp.debian.org/debian unstable contrib</literallayout>
  416. <literallayout>Types: deb
  417. URIs: ftp://ftp.debian.org/debian
  418. Suites: unstable
  419. Components: contrib</literallayout>
  420. <para>Uses HTTP to access the archive at ftp.tlh.debian.org, under the
  421. universe directory, and uses only files found under
  422. <filename>unstable/binary-i386</filename> on i386 machines,
  423. <filename>unstable/binary-amd64</filename> on amd64, and so
  424. forth for other supported architectures. [Note this example only
  425. illustrates how to use the substitution variable; official debian
  426. archives are not structured like this]
  427. <literallayout>deb http://ftp.tlh.debian.org/universe unstable/binary-$(ARCH)/</literallayout>
  428. <literallayout>Types: deb
  429. URIs: http://ftp.tlh.debian.org/universe
  430. Suites: unstable/binary-$(ARCH)/</literallayout>
  431. </para>
  432. <para>Uses HTTP to get binary packages as well as sources from the stable, testing and unstable
  433. suites and the components main and contrib.</para>
  434. <literallayout>deb http://httpredir.debian.org/debian stable main contrib
  435. deb-src http://httpredir.debian.org/debian stable main contrib
  436. deb http://httpredir.debian.org/debian testing main contrib
  437. deb-src http://httpredir.debian.org/debian testing main contrib
  438. deb http://httpredir.debian.org/debian unstable main contrib
  439. deb-src http://httpredir.debian.org/debian unstable main contrib</literallayout>
  440. <literallayout>Types: deb deb-src
  441. URIs: http://httpredir.debian.org/debian
  442. Suites: stable testing unstable
  443. Components: main contrib
  444. </literallayout>
  445. </refsect1>
  446. <refsect1><title>See Also</title>
  447. <para>&apt-get;, &apt-conf;
  448. </para>
  449. </refsect1>
  450. &manbugs;
  451. </refentry>