1PACMAN.CONF(5) Pacman Manual PACMAN.CONF(5)
2
6 pacman.conf - pacman package manager configuration file
7
9 /etc/pacman.conf
10
12 Pacman, using libalpm(3), will attempt to read pacman.conf each time it
13 is invoked. This configuration file is divided into sections or
14 repositories. Each section defines a package repository that pacman can
15 use when searching for packages in --sync mode. The exception to this
16 is the options section, which defines global options.
17 Comments are only supported by beginning a line with the hash (#)
19 symbol. Comments cannot begin in the middle of a line.
20
22 #
23 # pacman.conf
24 #
25 [options]
26 NoUpgrade = etc/passwd etc/group etc/shadow
27 NoUpgrade = etc/fstab
28 [core]
30 Include = /etc/pacman.d/core
31 [custom]
33 Server = file:///home/pkgs
34 Note
36 Each directive must be in CamelCase. If the case isn’t respected,
37 the directive won’t be recognized. For example. noupgrade or
38 NOUPGRADE will not work.
39
41 RootDir = /path/to/root/dir
42 Set the default root directory for pacman to install to. This
43 option is used if you want to install a package on a temporary
44 mounted partition which is "owned" by another system, or for a
45 chroot install. NOTE: If database path or log file are not
46 specified on either the command line or in pacman.conf(5), their
47 default location will be inside this root path.
48 DBPath = /path/to/db/dir
50 Overrides the default location of the toplevel database directory.
51 The default is /var/lib/pacman/. Most users will not need to set
52 this option. NOTE: if specified, this is an absolute path and the
53 root path is not automatically prepended.
54 CacheDir = /path/to/cache/dir
56 Overrides the default location of the package cache directory. The
57 default is /var/cache/pacman/pkg/. Multiple cache directories can
58 be specified, and they are tried in the order they are listed in
59 the config file. If a file is not found in any cache directory, it
60 will be downloaded to the first cache directory with write access.
61 NOTE: this is an absolute path, the root path is not automatically
62 prepended.
63 HookDir = /path/to/hook/dir
65 Add directories to search for alpm hooks in addition to the system
66 hook directory (/usr/share/libalpm/hooks/). The default is
67 /etc/pacman.d/hooks. Multiple directories can be specified with
68 hooks in later directories taking precedence over hooks in earlier
69 directories. NOTE: this is an absolute path, the root path is not
70 automatically prepended. For more information on the alpm hooks,
71 see alpm-hooks(5).
72 GPGDir = /path/to/gpg/dir
74 Overrides the default location of the directory containing
75 configuration files for GnuPG. The default is /etc/pacman.d/gnupg/.
76 This directory should contain two files: pubring.gpg and
77 trustdb.gpg. pubring.gpg holds the public keys of all packagers.
78 trustdb.gpg contains a so-called trust database, which specifies
79 that the keys are authentic and trusted. NOTE: this is an absolute
80 path, the root path is not automatically prepended.
81 LogFile = /path/to/log/file
83 Overrides the default location of the pacman log file. The default
84 is /var/log/pacman.log. This is an absolute path and the root
85 directory is not prepended.
86 HoldPkg = package ...
88 If a user tries to --remove a package that’s listed in HoldPkg,
89 pacman will ask for confirmation before proceeding. Shell-style
90 glob patterns are allowed.
91 IgnorePkg = package ...
93 Instructs pacman to ignore any upgrades for this package when
94 performing a --sysupgrade. Shell-style glob patterns are allowed.
95 IgnoreGroup = group ...
97 Instructs pacman to ignore any upgrades for all packages in this
98 group when performing a --sysupgrade. Shell-style glob patterns are
99 allowed.
100 Include = /path/to/config/file
102 Include another configuration file. This file can include
103 repositories or general configuration options. Wildcards in the
104 specified paths will get expanded based on glob(7) rules.
105 Architecture = auto | i686 | x86_64 | ...
107 If set, pacman will only allow installation of packages of the
108 given architecture (e.g. i686, x86_64, etc). The special value
109 auto will use the system architecture, provided via “uname -m”. If
110 unset, no architecture checks are made. NOTE: Packages with the
111 special architecture any can always be installed, as they are meant
112 to be architecture independent.
113 XferCommand = /path/to/command %u
115 If set, an external program will be used to download all remote
116 files. All instances of %u will be replaced with the download URL.
117 If present, instances of %o will be replaced with the local
118 filename, plus a “.part” extension, which allows programs like wget
119 to do file resumes properly.
120 This option is useful for users who experience problems with
122 built-in HTTP/FTP support, or need the more advanced proxy support
123 that comes with utilities like wget.
124 NoUpgrade = file ...
126 All files listed with a NoUpgrade directive will never be touched
127 during a package install/upgrade, and the new files will be
128 installed with a .pacnew extension. These files refer to files in
129 the package archive, so do not include the leading slash (the
130 RootDir) when specifying them. Shell-style glob patterns are
131 allowed. It is possible to invert matches by prepending a file with
132 an exclamation mark. Inverted files will result in previously
133 blacklisted files being whitelisted again. Subsequent matches will
134 override previous ones. A leading literal exclamation mark or
135 backslash needs to be escaped.
136 NoExtract = file ...
138 All files listed with a NoExtract directive will never be extracted
139 from a package into the filesystem. This can be useful when you
140 don’t want part of a package to be installed. For example, if your
141 httpd root uses an index.php, then you would not want the
142 index.html file to be extracted from the apache package. These
143 files refer to files in the package archive, so do not include the
144 leading slash (the RootDir) when specifying them. Shell-style glob
145 patterns are allowed. It is possible to invert matches by
146 prepending a file with an exclamation mark. Inverted files will
147 result in previously blacklisted files being whitelisted again.
148 Subsequent matches will override previous ones. A leading literal
149 exclamation mark or backslash needs to be escaped.
150 CleanMethod = KeepInstalled &| KeepCurrent
152 If set to KeepInstalled (the default), the -Sc operation will clean
153 packages that are no longer installed (not present in the local
154 database). If set to KeepCurrent, -Sc will clean outdated packages
155 (not present in any sync database). The second behavior is useful
156 when the package cache is shared among multiple machines, where the
157 local databases are usually different, but the sync databases in
158 use could be the same. If both values are specified, packages are
159 only cleaned if not installed locally and not present in any known
160 sync database.
161 SigLevel = ...
163 Set the default signature verification level. For more information,
164 see Package and Database Signature Checking below.
165 LocalFileSigLevel = ...
167 Set the signature verification level for installing packages using
168 the "-U" operation on a local file. Uses the value from SigLevel as
169 the default.
170 RemoteFileSigLevel = ...
172 Set the signature verification level for installing packages using
173 the "-U" operation on a remote file URL. Uses the value from
174 SigLevel as the default.
175 UseSyslog
177 Log action messages through syslog(). This will insert log entries
178 into /var/log/messages or equivalent.
179 Color
181 Automatically enable colors only when pacman’s output is on a tty.
182 TotalDownload
184 When downloading, display the amount downloaded, download rate,
185 ETA, and completed percentage of the entire download list rather
186 than the percent of each individual download target. The progress
187 bar is still based solely on the current file download. This option
188 won’t work if XferCommand is used.
189 CheckSpace
191 Performs an approximate check for adequate available disk space
192 before installing packages.
193 VerbosePkgLists
195 Displays name, version and size of target packages formatted as a
196 table for upgrade, sync and remove operations.
197 DisableDownloadTimeout
199 Disable defaults for low speed limit and timeout on downloads. Use
200 this if you have issues downloading files with proxy and/or
201 security gateway.
202
204 Each repository section defines a section name and at least one
205 location where the packages can be found. The section name is defined
206 by the string within square brackets (the two above are core and
207 custom). Repository names must be unique and the name local is reserved
208 for the database of installed packages. Locations are defined with the
209 Server directive and follow a URL naming structure. If you want to use
210 a local directory, you can specify the full path with a “file://”
211 prefix, as shown above.
212 A common way to define DB locations utilizes the Include directive. For
214 each repository defined in the configuration file, a single Include
215 directive can contain a file that lists the servers for that
216 repository.
217 [core]
219 # use this server first
220 Server = ftp://ftp.archlinux.org/$repo/os/$arch
221 # next use servers as defined in the mirrorlist below
222 Include = {sysconfdir}/pacman.d/mirrorlist
223 The order of repositories in the configuration files matters;
225 repositories listed first will take precedence over those listed later
226 in the file when packages in two repositories have identical names,
227 regardless of version number.
228 Include = path
230 Include another config file. This file can include repositories or
231 general configuration options. Wildcards in the specified paths
232 will get expanded based on glob(7) rules.
233 Server = url
235 A full URL to a location where the database, packages, and
236 signatures (if available) for this repository can be found.
237 During parsing, pacman will define the $repo variable to the name
239 of the current section. This is often utilized in files specified
240 using the Include directive so all repositories can use the same
241 mirrorfile. pacman also defines the $arch variable to the value of
242 Architecture, so the same mirrorfile can even be used for different
243 architectures.
244 SigLevel = ...
246 Set the signature verification level for this repository. For more
247 information, see Package and Database Signature Checking below.
248 Usage = ...
250 Set the usage level for this repository. This option takes a list
251 of tokens which must be at least one of the following:
252 Sync
254 Enables refreshes for this repository.
255 Search
257 Enables searching for this repository.
258 Install
260 Enables installation of packages from this repository during a
261 --sync operation.
262 Upgrade
264 Allows this repository to be a valid source of packages when
265 performing a --sysupgrade.
266 All
268 Enables all of the above features for the repository. This is
269 the default if not specified.
270 Note that an enabled repository can be operated on explicitly,
272 regardless of the Usage level set.
273
275 The SigLevel directive is valid in both the [options] and repository
276 sections. If used in [options], it sets a default value for any
277 repository that does not provide the setting.
278 • If set to Never, no signature checking will take place.
280 • If set to Optional , signatures will be checked when present, but
282 unsigned databases and packages will also be accepted.
283 • If set to Required, signatures will be required on all packages and
285 databases.
286 Alternatively, you can get more fine-grained control by combining some
288 of the options and prefixes described below. All options in a config
289 file are processed in top-to-bottom, left-to-right fashion, where later
290 options override and/or supplement earlier ones. If SigLevel is
291 specified in a repository section, the starting value is that from the
292 [options] section, or the built-in system default as shown below if not
293 specified.
294 The options are split into two main groups, described below. Terms used
296 such as “marginally trusted” are terms used by GnuPG, for more
297 information please consult gpg(1).
298 When to Check
300 These options control if and when signature checks should take
301 place.
302 Never
304 All signature checking is suppressed, even if signatures are
305 present.
306 Optional (default)
308 Signatures are checked if present; absence of a signature is
309 not an error. An invalid signature is a fatal error, as is a
310 signature from a key not in the keyring.
311 Required
313 Signatures are required; absence of a signature or an invalid
314 signature is a fatal error, as is a signature from a key not in
315 the keyring.
316 What is Allowed
318 These options control what signatures are viewed as permissible.
319 Note that neither of these options allows acceptance of invalid or
320 expired signatures, or those from revoked keys.
321 TrustedOnly (default)
323 If a signature is checked, it must be in the keyring and fully
324 trusted; marginal trust does not meet this criteria.
325 TrustAll
327 If a signature is checked, it must be in the keyring, but is
328 not required to be assigned a trust level (e.g., unknown or
329 marginal trust).
330 Options in both groups can additionally be prefixed with either Package
332 or Database, which will cause it to only take effect on the specified
333 object type. For example, PackageTrustAll would allow marginal and
334 unknown trust level signatures for packages.
335 The built-in default is the following:
337 SigLevel = Optional TrustedOnly
339
341 If you have numerous custom packages of your own, it is often easier to
342 generate your own custom local repository than install them all with
343 the --upgrade option. All you need to do is generate a compressed
344 package database in the directory with these packages so pacman can
345 find it when run with --refresh.
346 repo-add /home/pkgs/custom.db.tar.gz /home/pkgs/*.pkg.tar.gz
348 The above command will generate a compressed database named
350 /home/pkgs/custom.db.tar.gz. Note that the database must be of the form
351 defined in the configuration file and {ext} is a valid compression type
352 as documented in repo-add(8). That’s it! Now configure your custom
353 section in the configuration file as shown in the config example above.
354 Pacman will now use your package repository. If you add new packages to
355 the repository, remember to re-generate the database and use pacman’s
356 --refresh option.
357 For more information on the repo-add command, see “repo-add --help” or
359 repo-add(8).
360
362 pacman(8), libalpm(3)
363 See the pacman website at https://www.archlinux.org/pacman/ for current
365 information on pacman and its related tools.
366
368 Bugs? You must be kidding; there are no bugs in this software. But if
369 we happen to be wrong, submit a bug report with as much detail as
370 possible at the Arch Linux Bug Tracker in the Pacman section.
371
373 Current maintainers:
374 • Allan McRae <allan@archlinux.org>
376 • Andrew Gregory <andrew.gregory.8@gmail.com>
378 • Dan McGee <dan@archlinux.org>
380 • Dave Reisner <dreisner@archlinux.org>
382 Past major contributors:
384 • Judd Vinet <jvinet@zeroflux.org>
386 • Aurelien Foret <aurelien@archlinux.org>
388 • Aaron Griffin <aaron@archlinux.org>
390 • Xavier Chantry <shiningxc@gmail.com>
392 • Nagy Gabor <ngaba@bibl.u-szeged.hu>
394 For additional contributors, use git shortlog -s on the pacman.git
396 repository.
397Pacman 5.2.1 2021-01-27 PACMAN.CONF(5)