1PACMAN.CONF(5)                   Pacman Manual                  PACMAN.CONF(5)
2
3
4

NAME

6       pacman.conf - pacman package manager configuration file
7

SYNOPSIS

9       /etc/pacman.conf
10

DESCRIPTION

12       Pacman, using libalpm(3), will attempt to read pacman.conf each time it
13       is invoked. This configuration file is divided into sections or
14       repositories. Each section defines a package repository that pacman can
15       use when searching for packages in --sync mode. The exception to this
16       is the options section, which defines global options.
17
18       Comments are only supported by beginning a line with the hash (#)
19       symbol. Comments cannot begin in the middle of a line.
20

EXAMPLE

22           #
23           # pacman.conf
24           #
25           [options]
26           NoUpgrade = etc/passwd etc/group etc/shadow
27           NoUpgrade = etc/fstab
28
29           [core]
30           Include = /etc/pacman.d/core
31
32           [custom]
33           Server = file:///home/pkgs
34
35           Note
36           Each directive must be in CamelCase. If the case isn’t respected,
37           the directive won’t be recognized. For example. noupgrade or
38           NOUPGRADE will not work.
39

OPTIONS

41       RootDir = /path/to/root/dir
42           Set the default root directory for pacman to install to. This
43           option is used if you want to install a package on a temporary
44           mounted partition which is "owned" by another system, or for a
45           chroot install.  NOTE: If database path or log file are not
46           specified on either the command line or in pacman.conf(5), their
47           default location will be inside this root path.
48
49       DBPath = /path/to/db/dir
50           Overrides the default location of the toplevel database directory.
51           The default is /var/lib/pacman/. Most users will not need to set
52           this option.  NOTE: if specified, this is an absolute path and the
53           root path is not automatically prepended.
54
55       CacheDir = /path/to/cache/dir
56           Overrides the default location of the package cache directory. The
57           default is /var/cache/pacman/pkg/. Multiple cache directories can
58           be specified, and they are tried in the order they are listed in
59           the config file. If a file is not found in any cache directory, it
60           will be downloaded to the first cache directory with write access.
61           NOTE: this is an absolute path, the root path is not automatically
62           prepended.
63
64       HookDir = /path/to/hook/dir
65           Add directories to search for alpm hooks in addition to the system
66           hook directory (/usr/share/libalpm/hooks/). The default is
67           /etc/pacman.d/hooks. Multiple directories can be specified with
68           hooks in later directories taking precedence over hooks in earlier
69           directories.  NOTE: this is an absolute path, the root path is not
70           automatically prepended. For more information on the alpm hooks,
71           see alpm-hooks(5).
72
73       GPGDir = /path/to/gpg/dir
74           Overrides the default location of the directory containing
75           configuration files for GnuPG. The default is /etc/pacman.d/gnupg/.
76           This directory should contain two files: pubring.gpg and
77           trustdb.gpg.  pubring.gpg holds the public keys of all packagers.
78           trustdb.gpg contains a so-called trust database, which specifies
79           that the keys are authentic and trusted.  NOTE: this is an absolute
80           path, the root path is not automatically prepended.
81
82       LogFile = /path/to/log/file
83           Overrides the default location of the pacman log file. The default
84           is /var/log/pacman.log. This is an absolute path and the root
85           directory is not prepended.
86
87       HoldPkg = package ...
88           If a user tries to --remove a package that’s listed in HoldPkg,
89           pacman will ask for confirmation before proceeding. Shell-style
90           glob patterns are allowed.
91
92       IgnorePkg = package ...
93           Instructs pacman to ignore any upgrades for this package when
94           performing a --sysupgrade. Shell-style glob patterns are allowed.
95
96       IgnoreGroup = group ...
97           Instructs pacman to ignore any upgrades for all packages in this
98           group when performing a --sysupgrade. Shell-style glob patterns are
99           allowed.
100
101       Include = /path/to/config/file
102           Include another configuration file. This file can include
103           repositories or general configuration options. Wildcards in the
104           specified paths will get expanded based on glob(7) rules.
105
106       Architecture = auto &| i686 &| x86_64 | ...
107           If set, pacman will only allow installation of packages with the
108           given architectures (e.g.  i686, x86_64, etc). The special value
109           auto will use the system architecture, provided via “uname -m”. If
110           unset, no architecture checks are made.  NOTE: Packages with the
111           special architecture any can always be installed, as they are meant
112           to be architecture independent.
113
114       XferCommand = /path/to/command %u
115           If set, an external program will be used to download all remote
116           files. All instances of %u will be replaced with the download URL.
117           If present, instances of %o will be replaced with the local
118           filename, plus a “.part” extension, which allows programs like wget
119           to do file resumes properly.
120
121           This option is useful for users who experience problems with
122           built-in HTTP/FTP support, or need the more advanced proxy support
123           that comes with utilities like wget.
124
125       NoUpgrade = file ...
126           All files listed with a NoUpgrade directive will never be touched
127           during a package install/upgrade, and the new files will be
128           installed with a .pacnew extension. These files refer to files in
129           the package archive, so do not include the leading slash (the
130           RootDir) when specifying them. Shell-style glob patterns are
131           allowed. It is possible to invert matches by prepending a file with
132           an exclamation mark. Inverted files will result in previously
133           blacklisted files being whitelisted again. Subsequent matches will
134           override previous ones. A leading literal exclamation mark or
135           backslash needs to be escaped.
136
137       NoExtract = file ...
138           All files listed with a NoExtract directive will never be extracted
139           from a package into the filesystem. This can be useful when you
140           don’t want part of a package to be installed. For example, if your
141           httpd root uses an index.php, then you would not want the
142           index.html file to be extracted from the apache package. These
143           files refer to files in the package archive, so do not include the
144           leading slash (the RootDir) when specifying them. Shell-style glob
145           patterns are allowed. It is possible to invert matches by
146           prepending a file with an exclamation mark. Inverted files will
147           result in previously blacklisted files being whitelisted again.
148           Subsequent matches will override previous ones. A leading literal
149           exclamation mark or backslash needs to be escaped.
150
151       CleanMethod = KeepInstalled &| KeepCurrent
152           If set to KeepInstalled (the default), the -Sc operation will clean
153           packages that are no longer installed (not present in the local
154           database). If set to KeepCurrent, -Sc will clean outdated packages
155           (not present in any sync database). The second behavior is useful
156           when the package cache is shared among multiple machines, where the
157           local databases are usually different, but the sync databases in
158           use could be the same. If both values are specified, packages are
159           only cleaned if not installed locally and not present in any known
160           sync database.
161
162       SigLevel = ...
163           Set the default signature verification level. For more information,
164           see Package and Database Signature Checking below.
165
166       LocalFileSigLevel = ...
167           Set the signature verification level for installing packages using
168           the "-U" operation on a local file. Uses the value from SigLevel as
169           the default.
170
171       RemoteFileSigLevel = ...
172           Set the signature verification level for installing packages using
173           the "-U" operation on a remote file URL. Uses the value from
174           SigLevel as the default.
175
176       UseSyslog
177           Log action messages through syslog(). This will insert log entries
178           into /var/log/messages or equivalent.
179
180       Color
181           Automatically enable colors only when pacman’s output is on a tty.
182
183       NoProgressBar
184           Disables progress bars. This is useful for terminals which do not
185           support escape characters.
186
187       CheckSpace
188           Performs an approximate check for adequate available disk space
189           before installing packages.
190
191       VerbosePkgLists
192           Displays name, version and size of target packages formatted as a
193           table for upgrade, sync and remove operations.
194
195       DisableDownloadTimeout
196           Disable defaults for low speed limit and timeout on downloads. Use
197           this if you have issues downloading files with proxy and/or
198           security gateway.
199
200       ParallelDownloads = ...
201           Specifies number of concurrent download streams. The value needs to
202           be a positive integer. If this config option is not set then only
203           one download stream is used (i.e. downloads happen sequentially).
204

REPOSITORY SECTIONS

206       Each repository section defines a section name and at least one
207       location where the packages can be found. The section name is defined
208       by the string within square brackets (the two above are core and
209       custom). Repository names must be unique and the name local is reserved
210       for the database of installed packages. Locations are defined with the
211       Server directive and follow a URL naming structure. If you want to use
212       a local directory, you can specify the full path with a “file://”
213       prefix, as shown above.
214
215       A common way to define DB locations utilizes the Include directive. For
216       each repository defined in the configuration file, a single Include
217       directive can contain a file that lists the servers for that
218       repository.
219
220           [core]
221           # use this server first
222           Server = ftp://ftp.archlinux.org/$repo/os/$arch
223           # next use servers as defined in the mirrorlist below
224           Include = {sysconfdir}/pacman.d/mirrorlist
225
226       The order of repositories in the configuration files matters;
227       repositories listed first will take precedence over those listed later
228       in the file when packages in two repositories have identical names,
229       regardless of version number.
230
231       Include = path
232           Include another config file. This file can include repositories or
233           general configuration options. Wildcards in the specified paths
234           will get expanded based on glob(7) rules.
235
236       Server = url
237           A full URL to a location where the database, packages, and
238           signatures (if available) for this repository can be found.
239
240           During parsing, pacman will define the $repo variable to the name
241           of the current section. This is often utilized in files specified
242           using the Include directive so all repositories can use the same
243           mirrorfile. pacman also defines the $arch variable to the first (or
244           only) value of the Architecture option, so the same mirrorfile can
245           even be used for different architectures.
246
247       SigLevel = ...
248           Set the signature verification level for this repository. For more
249           information, see Package and Database Signature Checking below.
250
251       Usage = ...
252           Set the usage level for this repository. This option takes a list
253           of tokens which must be at least one of the following:
254
255           Sync
256               Enables refreshes for this repository.
257
258           Search
259               Enables searching for this repository.
260
261           Install
262               Enables installation of packages from this repository during a
263               --sync operation.
264
265           Upgrade
266               Allows this repository to be a valid source of packages when
267               performing a --sysupgrade.
268
269           All
270               Enables all of the above features for the repository. This is
271               the default if not specified.
272
273               Note that an enabled repository can be operated on explicitly,
274               regardless of the Usage level set.
275

PACKAGE AND DATABASE SIGNATURE CHECKING

277       The SigLevel directive is valid in both the [options] and repository
278       sections. If used in [options], it sets a default value for any
279       repository that does not provide the setting.
280
281       •   If set to Never, no signature checking will take place.
282
283       •   If set to Optional , signatures will be checked when present, but
284           unsigned databases and packages will also be accepted.
285
286       •   If set to Required, signatures will be required on all packages and
287           databases.
288
289       Alternatively, you can get more fine-grained control by combining some
290       of the options and prefixes described below. All options in a config
291       file are processed in top-to-bottom, left-to-right fashion, where later
292       options override and/or supplement earlier ones. If SigLevel is
293       specified in a repository section, the starting value is that from the
294       [options] section, or the built-in system default as shown below if not
295       specified.
296
297       The options are split into two main groups, described below. Terms used
298       such as “marginally trusted” are terms used by GnuPG, for more
299       information please consult gpg(1).
300
301       When to Check
302           These options control if and when signature checks should take
303           place.
304
305           Never
306               All signature checking is suppressed, even if signatures are
307               present.
308
309           Optional (default)
310               Signatures are checked if present; absence of a signature is
311               not an error. An invalid signature is a fatal error, as is a
312               signature from a key not in the keyring.
313
314           Required
315               Signatures are required; absence of a signature or an invalid
316               signature is a fatal error, as is a signature from a key not in
317               the keyring.
318
319       What is Allowed
320           These options control what signatures are viewed as permissible.
321           Note that neither of these options allows acceptance of invalid or
322           expired signatures, or those from revoked keys.
323
324           TrustedOnly (default)
325               If a signature is checked, it must be in the keyring and fully
326               trusted; marginal trust does not meet this criteria.
327
328           TrustAll
329               If a signature is checked, it must be in the keyring, but is
330               not required to be assigned a trust level (e.g., unknown or
331               marginal trust).
332
333       Options in both groups can additionally be prefixed with either Package
334       or Database, which will cause it to only take effect on the specified
335       object type. For example, PackageTrustAll would allow marginal and
336       unknown trust level signatures for packages.
337
338       The built-in default is the following:
339
340           SigLevel = Optional TrustedOnly
341

USING YOUR OWN REPOSITORY

343       If you have numerous custom packages of your own, it is often easier to
344       generate your own custom local repository than install them all with
345       the --upgrade option. All you need to do is generate a compressed
346       package database in the directory with these packages so pacman can
347       find it when run with --refresh.
348
349           repo-add /home/pkgs/custom.db.tar.gz /home/pkgs/*.pkg.tar.gz
350
351       The above command will generate a compressed database named
352       /home/pkgs/custom.db.tar.gz. Note that the database must be of the form
353       defined in the configuration file and {ext} is a valid compression type
354       as documented in repo-add(8). That’s it! Now configure your custom
355       section in the configuration file as shown in the config example above.
356       Pacman will now use your package repository. If you add new packages to
357       the repository, remember to re-generate the database and use pacman’s
358       --refresh option.
359
360       For more information on the repo-add command, see “repo-add --help” or
361       repo-add(8).
362

SEE ALSO

364       pacman(8), libalpm(3)
365
366       See the pacman website at https://archlinux.org/pacman/ for current
367       information on pacman and its related tools.
368

BUGS

370       Bugs? You must be kidding; there are no bugs in this software. But if
371       we happen to be wrong, submit a bug report with as much detail as
372       possible at the Arch Linux Bug Tracker in the Pacman section.
373

AUTHORS

375       Current maintainers:
376
377       •   Allan McRae <allan@archlinux.org>
378
379       •   Andrew Gregory <andrew.gregory.8@gmail.com>
380
381       •   Eli Schwartz <eschwartz@archlinux.org>
382
383       •   Morgan Adamiec <morganamilo@archlinux.org>
384
385       Past major contributors:
386
387       •   Judd Vinet <jvinet@zeroflux.org>
388
389       •   Aurelien Foret <aurelien@archlinux.org>
390
391       •   Aaron Griffin <aaron@archlinux.org>
392
393       •   Dan McGee <dan@archlinux.org>
394
395       •   Xavier Chantry <shiningxc@gmail.com>
396
397       •   Nagy Gabor <ngaba@bibl.u-szeged.hu>
398
399       •   Dave Reisner <dreisner@archlinux.org>
400
401       For additional contributors, use git shortlog -s on the pacman.git
402       repository.
403
404
405
406Pacman 6.0.1                      2022-01-20                    PACMAN.CONF(5)
Impressum