1PACMAN.CONF(5) Pacman Manual PACMAN.CONF(5)
2
3
4
6 pacman.conf - pacman package manager configuration file
7
9 /etc/pacman.conf
10
12 Pacman, using libalpm(3), will attempt to read pacman.conf each time it
13 is invoked. This configuration file is divided into sections or
14 repositories. Each section defines a package repository that pacman can
15 use when searching for packages in --sync mode. The exception to this
16 is the options section, which defines global options.
17
18 Comments are only supported by beginning a line with the hash (#)
19 symbol. Comments cannot begin in the middle of a line.
20
22 #
23 # pacman.conf
24 #
25 [options]
26 NoUpgrade = etc/passwd etc/group etc/shadow
27 NoUpgrade = etc/fstab
28
29 [core]
30 Include = /etc/pacman.d/core
31
32 [custom]
33 Server = file:///home/pkgs
34
35 Note
36 Each directive must be in CamelCase. If the case isn’t respected,
37 the directive won’t be recognized. For example. noupgrade or
38 NOUPGRADE will not work.
39
41 RootDir = /path/to/root/dir
42 Set the default root directory for pacman to install to. This
43 option is used if you want to install a package on a temporary
44 mounted partition which is "owned" by another system, or for a
45 chroot install. NOTE: If database path or log file are not
46 specified on either the command line or in pacman.conf(5), their
47 default location will be inside this root path.
48
49 DBPath = /path/to/db/dir
50 Overrides the default location of the toplevel database directory.
51 The default is /var/lib/pacman/. Most users will not need to set
52 this option. NOTE: if specified, this is an absolute path and the
53 root path is not automatically prepended.
54
55 CacheDir = /path/to/cache/dir
56 Overrides the default location of the package cache directory. The
57 default is /var/cache/pacman/pkg/. Multiple cache directories can
58 be specified, and they are tried in the order they are listed in
59 the config file. If a file is not found in any cache directory, it
60 will be downloaded to the first cache directory with write access.
61 NOTE: this is an absolute path, the root path is not automatically
62 prepended.
63
64 HookDir = /path/to/hook/dir
65 Add directories to search for alpm hooks in addition to the system
66 hook directory (/usr/share/libalpm/hooks/). The default is
67 /etc/pacman.d/hooks. Multiple directories can be specified with
68 hooks in later directories taking precedence over hooks in earlier
69 directories. NOTE: this is an absolute path, the root path is not
70 automatically prepended. For more information on the alpm hooks,
71 see alpm-hooks(5).
72
73 GPGDir = /path/to/gpg/dir
74 Overrides the default location of the directory containing
75 configuration files for GnuPG. The default is /etc/pacman.d/gnupg/.
76 This directory should contain two files: pubring.gpg and
77 trustdb.gpg. pubring.gpg holds the public keys of all packagers.
78 trustdb.gpg contains a so-called trust database, which specifies
79 that the keys are authentic and trusted. NOTE: this is an absolute
80 path, the root path is not automatically prepended.
81
82 LogFile = /path/to/log/file
83 Overrides the default location of the pacman log file. The default
84 is /var/log/pacman.log. This is an absolute path and the root
85 directory is not prepended.
86
87 HoldPkg = package ...
88 If a user tries to --remove a package that’s listed in HoldPkg,
89 pacman will ask for confirmation before proceeding. Shell-style
90 glob patterns are allowed.
91
92 IgnorePkg = package ...
93 Instructs pacman to ignore any upgrades for this package when
94 performing a --sysupgrade. Shell-style glob patterns are allowed.
95
96 IgnoreGroup = group ...
97 Instructs pacman to ignore any upgrades for all packages in this
98 group when performing a --sysupgrade. Shell-style glob patterns are
99 allowed.
100
101 Include = /path/to/config/file
102 Include another configuration file. This file can include
103 repositories or general configuration options. Wildcards in the
104 specified paths will get expanded based on glob(7) rules.
105
106 Architecture = auto &| i686 &| x86_64 | ...
107 If set, pacman will only allow installation of packages with the
108 given architectures (e.g. i686, x86_64, etc). The special value
109 auto will use the system architecture, provided via “uname -m”. If
110 unset, no architecture checks are made. NOTE: Packages with the
111 special architecture any can always be installed, as they are meant
112 to be architecture independent.
113
114 XferCommand = /path/to/command %u
115 If set, an external program will be used to download all remote
116 files. All instances of %u will be replaced with the download URL.
117 If present, instances of %o will be replaced with the local
118 filename, plus a “.part” extension, which allows programs like wget
119 to do file resumes properly.
120
121 This option is useful for users who experience problems with
122 built-in HTTP/FTP support, or need the more advanced proxy support
123 that comes with utilities like wget.
124
125 NoUpgrade = file ...
126 All files listed with a NoUpgrade directive will never be touched
127 during a package install/upgrade, and the new files will be
128 installed with a .pacnew extension. These files refer to files in
129 the package archive, so do not include the leading slash (the
130 RootDir) when specifying them. Shell-style glob patterns are
131 allowed. It is possible to invert matches by prepending a file with
132 an exclamation mark. Inverted files will result in previously
133 blacklisted files being whitelisted again. Subsequent matches will
134 override previous ones. A leading literal exclamation mark or
135 backslash needs to be escaped.
136
137 NoExtract = file ...
138 All files listed with a NoExtract directive will never be extracted
139 from a package into the filesystem. This can be useful when you
140 don’t want part of a package to be installed. For example, if your
141 httpd root uses an index.php, then you would not want the
142 index.html file to be extracted from the apache package. These
143 files refer to files in the package archive, so do not include the
144 leading slash (the RootDir) when specifying them. Shell-style glob
145 patterns are allowed. It is possible to invert matches by
146 prepending a file with an exclamation mark. Inverted files will
147 result in previously blacklisted files being whitelisted again.
148 Subsequent matches will override previous ones. A leading literal
149 exclamation mark or backslash needs to be escaped.
150
151 CleanMethod = KeepInstalled &| KeepCurrent
152 If set to KeepInstalled (the default), the -Sc operation will clean
153 packages that are no longer installed (not present in the local
154 database). If set to KeepCurrent, -Sc will clean outdated packages
155 (not present in any sync database). The second behavior is useful
156 when the package cache is shared among multiple machines, where the
157 local databases are usually different, but the sync databases in
158 use could be the same. If both values are specified, packages are
159 only cleaned if not installed locally and not present in any known
160 sync database.
161
162 SigLevel = ...
163 Set the default signature verification level. For more information,
164 see Package and Database Signature Checking below.
165
166 LocalFileSigLevel = ...
167 Set the signature verification level for installing packages using
168 the "-U" operation on a local file. Uses the value from SigLevel as
169 the default.
170
171 RemoteFileSigLevel = ...
172 Set the signature verification level for installing packages using
173 the "-U" operation on a remote file URL. Uses the value from
174 SigLevel as the default.
175
176 UseSyslog
177 Log action messages through syslog(). This will insert log entries
178 into /var/log/messages or equivalent.
179
180 Color
181 Automatically enable colors only when pacman’s output is on a tty.
182
183 NoProgressBar
184 Disables progress bars. This is useful for terminals which do not
185 support escape characters.
186
187 CheckSpace
188 Performs an approximate check for adequate available disk space
189 before installing packages.
190
191 VerbosePkgLists
192 Displays name, version and size of target packages formatted as a
193 table for upgrade, sync and remove operations.
194
195 DisableDownloadTimeout
196 Disable defaults for low speed limit and timeout on downloads. Use
197 this if you have issues downloading files with proxy and/or
198 security gateway.
199
200 ParallelDownloads = ...
201 Specifies number of concurrent download streams. The value needs to
202 be a positive integer. If this config option is not set then only
203 one download stream is used (i.e. downloads happen sequentially).
204
206 Each repository section defines a section name and at least one
207 location where the packages can be found. The section name is defined
208 by the string within square brackets (the two above are core and
209 custom). Repository names must be unique and the name local is reserved
210 for the database of installed packages. Locations are defined with the
211 Server directive and follow a URL naming structure. If you want to use
212 a local directory, you can specify the full path with a “file://”
213 prefix, as shown above.
214
215 A common way to define DB locations utilizes the Include directive. For
216 each repository defined in the configuration file, a single Include
217 directive can contain a file that lists the servers for that
218 repository.
219
220 [core]
221 # use this server first
222 Server = ftp://ftp.archlinux.org/$repo/os/$arch
223 # next use servers as defined in the mirrorlist below
224 Include = {sysconfdir}/pacman.d/mirrorlist
225
226 The order of repositories in the configuration files matters;
227 repositories listed first will take precedence over those listed later
228 in the file when packages in two repositories have identical names,
229 regardless of version number.
230
231 Include = path
232 Include another config file. This file can include repositories or
233 general configuration options. Wildcards in the specified paths
234 will get expanded based on glob(7) rules.
235
236 Server = url
237 A full URL to a location where the database, packages, and
238 signatures (if available) for this repository can be found.
239
240 During parsing, pacman will define the $repo variable to the name
241 of the current section. This is often utilized in files specified
242 using the Include directive so all repositories can use the same
243 mirrorfile. pacman also defines the $arch variable to the first (or
244 only) value of the Architecture option, so the same mirrorfile can
245 even be used for different architectures.
246
247 SigLevel = ...
248 Set the signature verification level for this repository. For more
249 information, see Package and Database Signature Checking below.
250
251 Usage = ...
252 Set the usage level for this repository. This option takes a list
253 of tokens which must be at least one of the following:
254
255 Sync
256 Enables refreshes for this repository.
257
258 Search
259 Enables searching for this repository.
260
261 Install
262 Enables installation of packages from this repository during a
263 --sync operation.
264
265 Upgrade
266 Allows this repository to be a valid source of packages when
267 performing a --sysupgrade.
268
269 All
270 Enables all of the above features for the repository. This is
271 the default if not specified.
272
273 Note that an enabled repository can be operated on explicitly,
274 regardless of the Usage level set.
275
277 The SigLevel directive is valid in both the [options] and repository
278 sections. If used in [options], it sets a default value for any
279 repository that does not provide the setting.
280
281 • If set to Never, no signature checking will take place.
282
283 • If set to Optional , signatures will be checked when present, but
284 unsigned databases and packages will also be accepted.
285
286 • If set to Required, signatures will be required on all packages and
287 databases.
288
289 Alternatively, you can get more fine-grained control by combining some
290 of the options and prefixes described below. All options in a config
291 file are processed in top-to-bottom, left-to-right fashion, where later
292 options override and/or supplement earlier ones. If SigLevel is
293 specified in a repository section, the starting value is that from the
294 [options] section, or the built-in system default as shown below if not
295 specified.
296
297 The options are split into two main groups, described below. Terms used
298 such as “marginally trusted” are terms used by GnuPG, for more
299 information please consult gpg(1).
300
301 When to Check
302 These options control if and when signature checks should take
303 place.
304
305 Never
306 All signature checking is suppressed, even if signatures are
307 present.
308
309 Optional (default)
310 Signatures are checked if present; absence of a signature is
311 not an error. An invalid signature is a fatal error, as is a
312 signature from a key not in the keyring.
313
314 Required
315 Signatures are required; absence of a signature or an invalid
316 signature is a fatal error, as is a signature from a key not in
317 the keyring.
318
319 What is Allowed
320 These options control what signatures are viewed as permissible.
321 Note that neither of these options allows acceptance of invalid or
322 expired signatures, or those from revoked keys.
323
324 TrustedOnly (default)
325 If a signature is checked, it must be in the keyring and fully
326 trusted; marginal trust does not meet this criteria.
327
328 TrustAll
329 If a signature is checked, it must be in the keyring, but is
330 not required to be assigned a trust level (e.g., unknown or
331 marginal trust).
332
333 Options in both groups can additionally be prefixed with either Package
334 or Database, which will cause it to only take effect on the specified
335 object type. For example, PackageTrustAll would allow marginal and
336 unknown trust level signatures for packages.
337
338 The built-in default is the following:
339
340 SigLevel = Optional TrustedOnly
341
343 If you have numerous custom packages of your own, it is often easier to
344 generate your own custom local repository than install them all with
345 the --upgrade option. All you need to do is generate a compressed
346 package database in the directory with these packages so pacman can
347 find it when run with --refresh.
348
349 repo-add /home/pkgs/custom.db.tar.gz /home/pkgs/*.pkg.tar.gz
350
351 The above command will generate a compressed database named
352 /home/pkgs/custom.db.tar.gz. Note that the database must be of the form
353 defined in the configuration file and {ext} is a valid compression type
354 as documented in repo-add(8). That’s it! Now configure your custom
355 section in the configuration file as shown in the config example above.
356 Pacman will now use your package repository. If you add new packages to
357 the repository, remember to re-generate the database and use pacman’s
358 --refresh option.
359
360 For more information on the repo-add command, see “repo-add --help” or
361 repo-add(8).
362
364 pacman(8), libalpm(3)
365
366 See the pacman website at https://archlinux.org/pacman/ for current
367 information on pacman and its related tools.
368
370 Bugs? You must be kidding; there are no bugs in this software. But if
371 we happen to be wrong, submit a bug report with as much detail as
372 possible at the Arch Linux Bug Tracker in the Pacman section.
373
375 Current maintainers:
376
377 • Allan McRae <allan@archlinux.org>
378
379 • Andrew Gregory <andrew.gregory.8@gmail.com>
380
381 • Eli Schwartz <eschwartz@archlinux.org>
382
383 • Morgan Adamiec <morganamilo@archlinux.org>
384
385 Past major contributors:
386
387 • Judd Vinet <jvinet@zeroflux.org>
388
389 • Aurelien Foret <aurelien@archlinux.org>
390
391 • Aaron Griffin <aaron@archlinux.org>
392
393 • Dan McGee <dan@archlinux.org>
394
395 • Xavier Chantry <shiningxc@gmail.com>
396
397 • Nagy Gabor <ngaba@bibl.u-szeged.hu>
398
399 • Dave Reisner <dreisner@archlinux.org>
400
401 For additional contributors, use git shortlog -s on the pacman.git
402 repository.
403
404
405
406Pacman 6.0.1 2022-01-20 PACMAN.CONF(5)