1APT.CONF(5) APT APT.CONF(5)
2
6 apt.conf - Configuration file for APT
7
9 /etc/apt/apt.conf is the main configuration file shared by all the
10 tools in the APT suite of tools, though it is by no means the only
11 place options can be set. The suite also shares a common command line
12 parser to provide a uniform environment.
13 When an APT tool starts up it will read the configuration files in the
15 following order:
16 1. the file specified by the APT_CONFIG environment variable (if any)
18 2. all files in Dir::Etc::Parts in alphanumeric ascending order which
20 have either no or "conf" as filename extension and which only
21 contain alphanumeric, hyphen (-), underscore (_) and period (.)
22 characters. Otherwise APT will print a notice that it has ignored a
23 file, unless that file matches a pattern in the
24 Dir::Ignore-Files-Silently configuration list - in which case it
25 will be silently ignored.
26 3. the main configuration file specified by Dir::Etc::main
28 4. all options set in the binary specific configuration subtree are
30 moved into the root of the tree.
31 5. the command line options are applied to override the configuration
33 directives or to load even more configuration files.
34
36 The configuration file is organized in a tree with options organized
37 into functional groups. Option specification is given with a double
38 colon notation; for instance APT::Get::Assume-Yes is an option within
39 the APT tool group, for the Get tool. Options do not inherit from their
40 parent groups.
41 Syntactically the configuration language is modeled after what the ISC
43 tools such as bind and dhcp use. Lines starting with // are treated as
44 comments (ignored), as well as all text between /* and */, just like
45 C/C++ comments. Lines starting with # are also treated as comments.
46 Each line is of the form APT::Get::Assume-Yes "true";. The quotation
47 marks and trailing semicolon are required. The value must be on one
48 line, and there is no kind of string concatenation. Values must not
49 include backslashes or extra quotation marks. Option names are made up
50 of alphanumeric characters and the characters "/-:._+". A new scope can
51 be opened with curly braces, like this:
52 APT {
55 Get {
56 Assume-Yes "true";
57 Fix-Broken "true";
58 };
59 };
60 with newlines placed to make it more readable. Lists can be created by
62 opening a scope and including a single string enclosed in quotes
63 followed by a semicolon. Multiple entries can be included, separated by
64 a semicolon.
65 DPkg::Pre-Install-Pkgs {"/usr/sbin/dpkg-preconfigure --apt";};
68 In general the sample configuration file
70 /usr/share/doc/apt/examples/configure-index.gz is a good guide for how
71 it should look.
72 Case is not significant in names of configuration items, so in the
74 previous example you could use dpkg::pre-install-pkgs.
75 Names for the configuration items are optional if a list is defined as
77 can be seen in the DPkg::Pre-Install-Pkgs example above. If you don't
78 specify a name a new entry will simply add a new option to the list. If
79 you specify a name you can override the option in the same way as any
80 other option by reassigning a new value to the option.
81 Two special commands are defined: #include (which is deprecated and not
83 supported by alternative implementations) and #clear. #include will
84 include the given file, unless the filename ends in a slash, in which
85 case the whole directory is included. #clear is used to erase a part
86 of the configuration tree. The specified element and all its
87 descendants are erased. (Note that these lines also need to end with a
88 semicolon.)
89 The #clear command is the only way to delete a list or a complete
91 scope. Reopening a scope (or using the syntax described below with an
92 appended ::) will not override previously written entries. Options can
93 only be overridden by addressing a new value to them - lists and scopes
94 can't be overridden, only cleared.
95 All of the APT tools take an -o option which allows an arbitrary
97 configuration directive to be specified on the command line. The syntax
98 is a full option name (APT::Get::Assume-Yes for instance) followed by
99 an equals sign then the new value of the option. To append a new
100 element to a list, add a trailing :: to the name of the list. (As you
101 might suspect, the scope syntax can't be used on the command line.)
102 Note that appending items to a list using :: only works for one item
104 per line, and that you should not use it in combination with the scope
105 syntax (which adds :: implicitly). Using both syntaxes together will
106 trigger a bug which some users unfortunately depend on: an option with
107 the unusual name "::" which acts like every other option with a name.
108 This introduces many problems; for one thing, users who write multiple
109 lines in this wrong syntax in the hope of appending to a list will
110 achieve the opposite, as only the last assignment for this option "::"
111 will be used. Future versions of APT will raise errors and stop working
112 if they encounter this misuse, so please correct such statements now
113 while APT doesn't explicitly complain about them.
114
116 This group of options controls general APT behavior as well as holding
117 the options for all of the tools.
118 Architecture
120 System Architecture; sets the architecture to use when fetching
121 files and parsing package lists. The internal default is the
122 architecture apt was compiled for.
123 Architectures
125 All Architectures the system supports. For instance, CPUs
126 implementing the amd64 (also called x86-64) instruction set are
127 also able to execute binaries compiled for the i386 (x86)
128 instruction set. This list is used when fetching files and parsing
129 package lists. The initial default is always the system's native
130 architecture (APT::Architecture), and foreign architectures are
131 added to the default list when they are registered via dpkg
132 --add-architecture.
133 Compressor
135 This scope defines which compression formats are supported, how
136 compression and decompression can be performed if support for this
137 format isn't built into apt directly and a cost-value indicating
138 how costly it is to compress something in this format. As an
139 example the following configuration stanza would allow apt to
140 download and uncompress as well as create and store files with the
141 low-cost .reversed file extension which it will pass to the command
142 rev without additional commandline parameters for compression and
143 uncompression:
144 APT::Compressor::rev {
146 Name "rev";
147 Extension ".reversed";
148 Binary "rev";
149 CompressArg {};
150 UncompressArg {};
151 Cost "10";
152 };
153 Build-Profiles
155 List of all build profiles enabled for build-dependency resolution,
156 without the "profile." namespace prefix. By default this list is
157 empty. The DEB_BUILD_PROFILES as used by dpkg-buildpackage(1)
158 overrides the list notation.
159 Default-Release
161 Default release to install packages from if more than one version
162 is available. Contains release name, codename or release version.
163 Examples: 'stable', 'testing', 'unstable', 'bookworm', 'trixie',
164 '4.0', '5.0*'. See also apt_preferences(5).
165 Snapshot
167 Snapshot to use for all repositories configured with Snapshot: yes.
168 See also sources.list(5), the --snapshot option that sets this
169 value, and Acquire::Snapshots::URI below.
170 Ignore-Hold
172 Ignore held packages; this global option causes the problem
173 resolver to ignore held packages in its decision making.
174 Clean-Installed
176 Defaults to on. When turned on the autoclean feature will remove
177 any packages which can no longer be downloaded from the cache. If
178 turned off then packages that are locally installed are also
179 excluded from cleaning - but note that APT provides no direct means
180 to reinstall them.
181 Immediate-Configure
183 Defaults to on, which will cause APT to install essential and
184 important packages as soon as possible in an install/upgrade
185 operation, in order to limit the effect of a failing dpkg(1) call.
186 If this option is disabled, APT treats an important package in the
187 same way as an extra package: between the unpacking of the package
188 A and its configuration there can be many other unpack or
189 configuration calls for other unrelated packages B, C etc. If these
190 cause the dpkg(1) call to fail (e.g. because package B's maintainer
191 scripts generate an error), this results in a system state in which
192 package A is unpacked but unconfigured - so any package depending
193 on A is now no longer guaranteed to work, as its dependency on A is
194 no longer satisfied.
195 The immediate configuration marker is also applied in the
197 potentially problematic case of circular dependencies, since a
198 dependency with the immediate flag is equivalent to a
199 Pre-Dependency. In theory this allows APT to recognise a situation
200 in which it is unable to perform immediate configuration, abort,
201 and suggest to the user that the option should be temporarily
202 deactivated in order to allow the operation to proceed. Note the
203 use of the word "theory" here; in the real world this problem has
204 rarely been encountered, in non-stable distribution versions, and
205 was caused by wrong dependencies of the package in question or by a
206 system in an already broken state; so you should not blindly
207 disable this option, as the scenario mentioned above is not the
208 only problem it can help to prevent in the first place.
209 Before a big operation like dist-upgrade is run with this option
211 disabled you should try to explicitly install the package APT is
212 unable to configure immediately; but please make sure you also
213 report your problem to your distribution and to the APT team with
214 the bug link below, so they can work on improving or correcting the
215 upgrade process.
216 Force-LoopBreak
218 Never enable this option unless you really know what you are doing.
219 It permits APT to temporarily remove an essential package to break
220 a Conflicts/Conflicts or Conflicts/Pre-Depends loop between two
221 essential packages. Such a loop should never exist and is a grave
222 bug. This option will work if the essential packages are not tar,
223 gzip, libc, dpkg, dash or anything that those packages depend on.
224 Cache-Start, Cache-Grow, Cache-Limit
226 APT uses since version 0.7.26 a resizable memory mapped cache file
227 to store the available information. Cache-Start acts as a hint of
228 the size the cache will grow to, and is therefore the amount of
229 memory APT will request at startup. The default value is 20971520
230 bytes (~20 MB). Note that this amount of space needs to be
231 available for APT; otherwise it will likely fail ungracefully, so
232 for memory restricted devices this value should be lowered while on
233 systems with a lot of configured sources it should be increased.
234 Cache-Grow defines in bytes with the default of 1048576 (~1 MB) how
235 much the cache size will be increased in the event the space
236 defined by Cache-Start is not enough. This value will be applied
237 again and again until either the cache is big enough to store all
238 information or the size of the cache reaches the Cache-Limit. The
239 default of Cache-Limit is 0 which stands for no limit. If
240 Cache-Grow is set to 0 the automatic growth of the cache is
241 disabled.
242 Build-Essential
244 Defines which packages are considered essential build dependencies.
245 Get
247 The Get subsection controls the apt-get(8) tool; please see its
248 documentation for more information about the options here.
249 Cache
251 The Cache subsection controls the apt-cache(8) tool; please see its
252 documentation for more information about the options here.
253 CDROM
255 The CDROM subsection controls the apt-cdrom(8) tool; please see its
256 documentation for more information about the options here.
257
259 The Acquire group of options controls the download of packages as well
260 as the various "acquire methods" responsible for the download itself
261 (see also sources.list(5)).
262 Check-Date
264 Security related option defaulting to true, enabling time-related
265 checks. Disabling it means that the machine's time cannot be
266 trusted, and APT will hence disable all time-related checks, such
267 as Check-Valid-Until and verifying that the Date field of a release
268 file is not in the future.
269 Max-FutureTime
271 Maximum time (in seconds) before its creation (as indicated by the
272 Date header) that the Release file should be considered valid. The
273 default value is 10. Archive specific settings can be made by
274 appending the label of the archive to the option name. Preferably,
275 the same can be achieved for specific sources.list(5) entries by
276 using the Date-Max-Future option there.
277 Check-Valid-Until
279 Security related option defaulting to true, as giving a Release
280 file's validation an expiration date prevents replay attacks over a
281 long timescale, and can also for example help users to identify
282 mirrors that are no longer updated - but the feature depends on the
283 correctness of the clock on the user system. Archive maintainers
284 are encouraged to create Release files with the Valid-Until header,
285 but if they don't or a stricter value is desired the Max-ValidTime
286 option below can be used. The Check-Valid-Until option of
287 sources.list(5) entries should be preferred to disable the check
288 selectively instead of using this global override.
289 Max-ValidTime
291 Maximum time (in seconds) after its creation (as indicated by the
292 Date header) that the Release file should be considered valid. If
293 the Release file itself includes a Valid-Until header the earlier
294 date of the two is used as the expiration date. The default value
295 is 0 which stands for "valid forever". Archive specific settings
296 can be made by appending the label of the archive to the option
297 name. Preferably, the same can be achieved for specific
298 sources.list(5) entries by using the Valid-Until-Max option there.
299 Min-ValidTime
301 Minimum time (in seconds) after its creation (as indicated by the
302 Date header) that the Release file should be considered valid. Use
303 this if you need to use a seldom updated (local) mirror of a more
304 frequently updated archive with a Valid-Until header instead of
305 completely disabling the expiration date checking. Archive specific
306 settings can and should be used by appending the label of the
307 archive to the option name. Preferably, the same can be achieved
308 for specific sources.list(5) entries by using the Valid-Until-Min
309 option there.
310 AllowTLS
312 Allow use of the internal TLS support in the http method. If set to
313 false, this completely disables support for TLS in apt's own
314 methods (excluding the curl-based https method). No TLS-related
315 functions will be called anymore.
316 PDiffs
318 Try to download deltas called PDiffs for indexes (like Packages
319 files) instead of downloading whole ones. True by default.
320 Preferably, this can be set for specific sources.list(5) entries or
321 index files by using the PDiffs option there.
322 Two sub-options to limit the use of PDiffs are also available:
324 FileLimit can be used to specify a maximum number of PDiff files
325 should be downloaded to update a file. SizeLimit on the other hand
326 is the maximum percentage of the size of all patches compared to
327 the size of the targeted file. If one of these limits is exceeded
328 the complete file is downloaded instead of the patches.
329 By-Hash
331 Try to download indexes via an URI constructed from a hashsum of
332 the expected file rather than downloaded via a well-known stable
333 filename. True by default, but automatically disabled if the source
334 indicates no support for it. Usage can be forced with the special
335 value "force". Preferably, this can be set for specific
336 sources.list(5) entries or index files by using the By-Hash option
337 there.
338 Queue-Mode
340 Queuing mode; Queue-Mode can be one of host or access which
341 determines how APT parallelizes outgoing connections. host means
342 that one connection per target host will be opened, access means
343 that one connection per URI type will be opened.
344 Retries
346 Number of retries to perform. If this is non-zero APT will retry
347 failed files the given number of times.
348 Source-Symlinks
350 Use symlinks for source archives. If set to true then source
351 archives will be symlinked when possible instead of copying. True
352 is the default.
353 http https
355 The options in these scopes configure APT's acquire transports for
356 the protocols HTTP and HTTPS and are documented in the apt-
357 transport-http(1) and apt-transport-https(1) manpages respectively.
358 ftp
360 ftp::Proxy sets the default proxy to use for FTP URIs. It is in the
361 standard form of ftp://[[user][:pass]@]host[:port]/. Per host
362 proxies can also be specified by using the form ftp::Proxy::<host>
363 with the special keyword DIRECT meaning to use no proxies. If no
364 one of the above settings is specified, ftp_proxy environment
365 variable will be used. To use an FTP proxy you will have to set the
366 ftp::ProxyLogin script in the configuration file. This entry
367 specifies the commands to send to tell the proxy server what to
368 connect to. Please see
369 /usr/share/doc/apt/examples/configure-index.gz for an example of
370 how to do this. The substitution variables representing the
371 corresponding URI component are $(PROXY_USER), $(PROXY_PASS),
372 $(SITE_USER), $(SITE_PASS), $(SITE) and $(SITE_PORT).
373 The option timeout sets the timeout timer used by the method; this
375 value applies to the connection as well as the data timeout.
376 Several settings are provided to control passive mode. Generally it
378 is safe to leave passive mode on; it works in nearly every
379 environment. However, some situations require that passive mode be
380 disabled and port mode FTP used instead. This can be done globally
381 or for connections that go through a proxy or for a specific host
382 (see the sample config file for examples).
383 It is possible to proxy FTP over HTTP by setting the ftp_proxy
385 environment variable to an HTTP URL - see the discussion of the
386 http method above for syntax. You cannot set this in the
387 configuration file and it is not recommended to use FTP over HTTP
388 due to its low efficiency.
389 The setting ForceExtended controls the use of RFC2428 EPSV and EPRT
391 commands. The default is false, which means these commands are only
392 used if the control connection is IPv6. Setting this to true forces
393 their use even on IPv4 connections. Note that most FTP servers do
394 not support RFC2428.
395 cdrom
397 For URIs using the cdrom method, the only configurable option is
398 the mount point, cdrom::Mount, which must be the mount point for
399 the CD-ROM (or DVD, or whatever) drive as specified in /etc/fstab.
400 It is possible to provide alternate mount and unmount commands if
401 your mount point cannot be listed in the fstab. The syntax is to
402 put
403 /cdrom/::Mount "foo";
405 within the cdrom block. It is important to have the trailing slash.
407 Unmount commands can be specified using UMount.
408 gpgv
410 For GPGV URIs the only configurable option is gpgv::Options, which
411 passes additional parameters to gpgv.
412 CompressionTypes
414 List of compression types which are understood by the acquire
415 methods. Files like Packages can be available in various
416 compression formats. By default the acquire methods can decompress
417 and recompress many common formats like xz and gzip; with this
418 scope the supported formats can be queried, modified as well as
419 support for more formats added (see also APT::Compressor). The
420 syntax for this is:
421 Acquire::CompressionTypes::FileExtension "Methodname";
423 Also, the Order subgroup can be used to define in which order the
425 acquire system will try to download the compressed files. The
426 acquire system will try the first and proceed with the next
427 compression type in this list on error, so to prefer one over the
428 other type simply add the preferred type first - types not already
429 added will be implicitly appended to the end of the list, so e.g.
430 Acquire::CompressionTypes::Order:: "gz";
432 can be used to prefer gzip compressed files over all other
434 compression formats. If xz should be preferred over gzip and bzip2
435 the configure setting should look like this:
436 Acquire::CompressionTypes::Order { "xz"; "gz"; };
438 It is not needed to add bz2 to the list explicitly as it will be
440 added automatically.
441 Note that the Dir::Bin::Methodname will be checked at run time. If
443 this option has been set and support for this format isn't directly
444 built into apt, the method will only be used if this file exists;
445 e.g. for the bzip2 method (the inbuilt) setting is:
446 Dir::Bin::bzip2 "/bin/bzip2";
448 Note also that list entries specified on the command line will be
450 added at the end of the list specified in the configuration files,
451 but before the default entries. To prefer a type in this case over
452 the ones specified in the configuration files you can set the
453 option direct - not in list style. This will not override the
454 defined list; it will only prefix the list with this type.
455 The special type uncompressed can be used to give uncompressed
457 files a preference, but note that most archives don't provide
458 uncompressed files so this is mostly only usable for local mirrors.
459 GzipIndexes
461 When downloading gzip compressed indexes (Packages, Sources, or
462 Translations), keep them gzip compressed locally instead of
463 unpacking them. This saves quite a lot of disk space at the expense
464 of more CPU requirements when building the local package caches.
465 False by default.
466 Languages
468 The Languages subsection controls which Translation files are
469 downloaded and in which order APT tries to display the
470 description-translations. APT will try to display the first
471 available description in the language which is listed first.
472 Languages can be defined with their short or long language codes.
473 Note that not all archives provide Translation files for every
474 language - the long language codes are especially rare.
475 The default list includes "environment" and "en". "environment" has
477 a special meaning here: it will be replaced at runtime with the
478 language codes extracted from the LC_MESSAGES environment variable.
479 It will also ensure that these codes are not included twice in the
480 list. If LC_MESSAGES is set to "C" only the Translation-en file (if
481 available) will be used. To force APT to use no Translation file
482 use the setting Acquire::Languages=none. "none" is another special
483 meaning code which will stop the search for a suitable Translation
484 file. This tells APT to download these translations too, without
485 actually using them unless the environment specifies the languages.
486 So the following example configuration will result in the order
487 "en, de" in an English locale or "de, en" in a German one. Note
488 that "fr" is downloaded, but not used unless APT is used in a
489 French locale (where the order would be "fr, de, en").
490 Acquire::Languages { "environment"; "de"; "en"; "none"; "fr"; };
492 Note: To prevent problems resulting from APT being executed in
494 different environments (e.g. by different users or by other
495 programs) all Translation files which are found in
496 /var/lib/apt/lists/ will be added to the end of the list (after an
497 implicit "none").
498 ForceIPv4
500 When downloading, force to use only the IPv4 protocol.
501 ForceIPv6
503 When downloading, force to use only the IPv6 protocol.
504 MaxReleaseFileSize
506 The maximum file size of Release/Release.gpg/InRelease files. The
507 default is 10MB.
508 EnableSrvRecords
510 This option controls if apt will use the DNS SRV server record as
511 specified in RFC 2782 to select an alternative server to connect
512 to. The default is "true".
513 AllowInsecureRepositories
515 Allow update operations to load data files from repositories
516 without sufficient security information. The default value is
517 "false". Concept, implications as well as alternatives are detailed
518 in apt-secure(8).
519 AllowWeakRepositories
521 Allow update operations to load data files from repositories which
522 provide security information, but these are deemed no longer
523 cryptographically strong enough. The default value is "false".
524 Concept, implications as well as alternatives are detailed in apt-
525 secure(8).
526 AllowDowngradeToInsecureRepositories
528 Allow that a repository that was previously gpg signed to become
529 unsigned during an update operation. When there is no valid
530 signature for a previously trusted repository apt will refuse the
531 update. This option can be used to override this protection. You
532 almost certainly never want to enable this. The default is false.
533 Concept, implications as well as alternatives are detailed in apt-
534 secure(8).
535 Changelogs::URI scope
537 Acquiring changelogs can only be done if an URI is known from where
538 to get them. Preferable the Release file indicates this in a
539 'Changelogs' field. If this isn't available the Label/Origin field
540 of the Release file is used to check if a
541 Acquire::Changelogs::URI::Label::LABEL or
542 Acquire::Changelogs::URI::Origin::ORIGIN option exists and if so
543 this value is taken. The value in the Release file can be
544 overridden with Acquire::Changelogs::URI::Override::Label::LABEL or
545 Acquire::Changelogs::URI::Override::Origin::ORIGIN. The value
546 should be a normal URI to a text file, except that package specific
547 data is replaced with the placeholder @CHANGEPATH@. The value for
548 it is: 1. if the package is from a component (e.g. main) this is
549 the first part otherwise it is omitted, 2. the first letter of
550 source package name, except if the source package name starts with
551 'lib' in which case it will be the first four letters. 3. The
552 complete source package name. 4. the complete name again and 5. the
553 source version. The first (if present), second, third and fourth
554 part are separated by a slash ('/') and between the fourth and
555 fifth part is an underscore ('_'). The special value 'no' is
556 available for this option indicating that this source can't be used
557 to acquire changelog files from. Another source will be tried if
558 available in this case.
559 Snapshots::URI scope
561 Like changelogs, snapshots can only be acquired if an URI is known
562 from where to get them. Preferable the Release file indicates this
563 in a 'Snapshots' field. If this isn't available the Label/Origin
564 field of the Release file is used to check if a
565 Acquire::Snapshots::URI::Label::LABEL or
566 Acquire::Snapshots::URI::Origin::ORIGIN option exists and if so
567 this value is taken. The value in the Release file can be
568 overridden with Acquire::Snapshots::URI::Override::Label::LABEL or
569 Acquire::Snapshots::URI::Override::Origin::ORIGIN. The value should
570 be a normal URI to a directory, except that the snapshot ID
571 replaced with the placeholder @SNAPSHOTID. The special value 'no'
572 is available for this option indicating that this source cannot be
573 used to acquire snapshots from. Another source will be tried if
574 available in this case.
575
577 Especially with the introduction of the apt binary it can be useful to
578 set certain options only for a specific binary as even options which
579 look like they would effect only a certain binary like
580 APT::Get::Show-Versions effect apt-get as well as apt.
581 Setting an option for a specific binary only can be achieved by setting
583 the option inside the Binary::specific-binary scope. Setting the option
584 APT::Get::Show-Versions for the apt only can e.g. by done by setting
585 Binary::apt::APT::Get::Show-Versions instead.
586 Note that as seen in the DESCRIPTION section further above you can't
588 set binary-specific options on the commandline itself nor in
589 configuration files loaded via the commandline.
590
592 The Dir::State section has directories that pertain to local state
593 information. lists is the directory to place downloaded package lists
594 in and status is the name of the dpkg(1) status file. preferences is
595 the name of the APT preferences file. Dir::State contains the default
596 directory to prefix on all sub-items if they do not start with / or ./.
597 Dir::Cache contains locations pertaining to local cache information,
599 such as the two package caches srcpkgcache and pkgcache as well as the
600 location to place downloaded archives, Dir::Cache::archives. Generation
601 of caches can be turned off by setting pkgcache or srcpkgcache to "".
602 This will slow down startup but save disk space. It is probably
603 preferable to turn off the pkgcache rather than the srcpkgcache. Like
604 Dir::State the default directory is contained in Dir::Cache
605 Dir::Etc contains the location of configuration files, sourcelist gives
607 the location of the sourcelist and main is the default configuration
608 file (setting has no effect, unless it is done from the config file
609 specified by APT_CONFIG).
610 The Dir::Parts setting reads in all the config fragments in lexical
612 order from the directory specified. After this is done then the main
613 config file is loaded.
614 Binary programs are pointed to by Dir::Bin. Dir::Bin::Methods
616 specifies the location of the method handlers and gzip, bzip2, lzma,
617 dpkg, apt-get dpkg-source dpkg-buildpackage and apt-cache specify the
618 location of the respective programs.
619 The configuration item RootDir has a special meaning. If set, all paths
621 will be relative to RootDir, even paths that are specified absolutely.
622 So, for instance, if RootDir is set to /tmp/staging and
623 Dir::State::status is set to /var/lib/dpkg/status, then the status file
624 will be looked up in /tmp/staging/var/lib/dpkg/status. If you want to
625 prefix only relative paths, set Dir instead.
626 The Ignore-Files-Silently list can be used to specify which files APT
628 should silently ignore while parsing the files in the fragment
629 directories. Per default a file which ends with .disabled, ~, .bak or
630 .dpkg-[a-z]+ is silently ignored. As seen in the last default value
631 these patterns can use regular expression syntax.
632
634 When APT is used as a dselect(1) method several configuration
635 directives control the default behavior. These are in the DSelect
636 section.
637 Clean
639 Cache Clean mode; this value may be one of always, prompt, auto,
640 pre-auto and never. always and prompt will remove all packages
641 from the cache after upgrading, prompt (the default) does so
642 conditionally. auto removes only those packages which are no
643 longer downloadable (replaced with a new version for instance).
644 pre-auto performs this action before downloading new packages.
645 options
647 The contents of this variable are passed to apt-get(8) as command
648 line options when it is run for the install phase.
649 Updateoptions
651 The contents of this variable are passed to apt-get(8) as command
652 line options when it is run for the update phase.
653 PromptAfterUpdate
655 If true the [U]pdate operation in dselect(1) will always prompt to
656 continue. The default is to prompt only on error.
657
659 Several configuration directives control how APT invokes dpkg(1). These
660 are in the DPkg section.
661 options
663 This is a list of options to pass to dpkg(1). The options must be
664 specified using the list notation and each list item is passed as a
665 single argument to dpkg(1).
666 Path
668 This is a string that defines the PATH environment variable used
669 when running dpkg. It may be set to any valid value of that
670 environment variable; or the empty string, in which case the
671 variable is not changed.
672 Pre-Invoke, Post-Invoke
674 This is a list of shell commands to run before/after invoking
675 dpkg(1). Like options this must be specified in list notation. The
676 commands are invoked in order using /bin/sh; should any fail APT
677 will abort.
678 Pre-Install-Pkgs
680 This is a list of shell commands to run before invoking dpkg(1).
681 Like options this must be specified in list notation. The commands
682 are invoked in order using /bin/sh; should any fail APT will abort.
683 APT will pass the filenames of all .deb files it is going to
684 install to the commands, one per line on the requested file
685 descriptor, defaulting to standard input.
686 Version 2 of this protocol sends more information through the
688 requested file descriptor: a line with the text VERSION 2, the APT
689 configuration space, and a list of package actions with filename
690 and version information.
691 Each configuration directive line has the form key=value. Special
693 characters (equal signs, newlines, nonprintable characters,
694 quotation marks, and percent signs in key and newlines,
695 nonprintable characters, and percent signs in value) are %-encoded.
696 Lists are represented by multiple key::=value lines with the same
697 key. The configuration section ends with a blank line.
698 Package action lines consist of five fields in Version 2: package
700 name (without architecture qualification even if foreign), old
701 version, direction of version change (< for upgrades, > for
702 downgrades, = for no change), new version, action. The version
703 fields are "-" for no version at all (for example when installing a
704 package for the first time; no version is treated as earlier than
705 any real version, so that is an upgrade, indicated as - < 1.23.4).
706 The action field is "**CONFIGURE**" if the package is being
707 configured, "**REMOVE**" if it is being removed, or the filename of
708 a .deb file if it is being unpacked.
709 In Version 3 after each version field follows the architecture of
711 this version, which is "-" if there is no version, and a field
712 showing the MultiArch type "same", "foreign", "allowed" or "none".
713 Note that "none" is an incorrect typename which is just kept to
714 remain compatible, it should be read as "no" and users are
715 encouraged to support both.
716 The version of the protocol to be used for the command cmd can be
718 chosen by setting DPkg::Tools::options::cmd::Version accordingly,
719 the default being version 1. If APT isn't supporting the requested
720 version it will send the information in the highest version it has
721 support for instead.
722 The file descriptor to be used to send the information can be
724 requested with DPkg::Tools::options::cmd::InfoFD which defaults to
725 0 for standard input and is available since version 0.9.11. Support
726 for the option can be detected by looking for the environment
727 variable APT_HOOK_INFO_FD which contains the number of the used
728 file descriptor as a confirmation.
729 Run-Directory
731 APT chdirs to this directory before invoking dpkg(1), the default
732 is /.
733 Build-options
735 These options are passed to dpkg-buildpackage(1) when compiling
736 packages; the default is to disable signing and produce all
737 binaries.
738 DPkg::ConfigurePending
740 If this option is set APT will call dpkg --configure --pending to
741 let dpkg(1) handle all required configurations and triggers. This
742 option is activated by default, but deactivating it could be useful
743 if you want to run APT multiple times in a row - e.g. in an
744 installer. In this scenario you could deactivate this option in all
745 but the last run.
746
748 APT::Periodic and APT::Archives groups of options configure behavior of
749 apt periodic updates, which is done by the
750 /usr/lib/apt/apt.systemd.daily script. See the top of this script for
751 the brief documentation of these options.
752
754 Enabling options in the Debug:: section will cause debugging
755 information to be sent to the standard error stream of the program
756 utilizing the apt libraries, or enable special program modes that are
757 primarily useful for debugging the behavior of apt. Most of these
758 options are not interesting to a normal user, but a few may be:
759 • Debug::pkgProblemResolver enables output about the decisions made
761 by dist-upgrade, upgrade, install, remove, purge.
762 • Debug::NoLocking disables all file locking. This can be used to run
764 some operations (for instance, apt-get -s install) as a non-root
765 user.
766 • Debug::pkgDPkgPM prints out the actual command line each time that
768 apt invokes dpkg(1).
769 • Debug::IdentCdrom disables the inclusion of statfs data in CD-ROM
771 IDs.
772 A full list of debugging options to apt follows.
774 Debug::Acquire::cdrom
776 Print information related to accessing cdrom:// sources.
777 Debug::Acquire::ftp
779 Print information related to downloading packages using FTP.
780 Debug::Acquire::http
782 Print information related to downloading packages using HTTP.
783 Debug::Acquire::https
785 Print information related to downloading packages using HTTPS.
786 Debug::Acquire::gpgv
788 Print information related to verifying cryptographic signatures
789 using gpg.
790 Debug::aptcdrom
792 Output information about the process of accessing collections of
793 packages stored on CD-ROMs.
794 Debug::BuildDeps
796 Describes the process of resolving build-dependencies in apt-
797 get(8).
798 Debug::Hashes
800 Output each cryptographic hash that is generated by the apt
801 libraries.
802 Debug::IdentCDROM
804 Do not include information from statfs, namely the number of used
805 and free blocks on the CD-ROM filesystem, when generating an ID for
806 a CD-ROM.
807 Debug::NoLocking
809 Disable all file locking. For instance, this will allow two
810 instances of “apt-get update” to run at the same time.
811 Debug::pkgAcquire
813 Log when items are added to or removed from the global download
814 queue.
815 Debug::pkgAcquire::Auth
817 Output status messages and errors related to verifying checksums
818 and cryptographic signatures of downloaded files.
819 Debug::pkgAcquire::Diffs
821 Output information about downloading and applying package index
822 list diffs, and errors relating to package index list diffs.
823 Debug::pkgAcquire::RRed
825 Output information related to patching apt package lists when
826 downloading index diffs instead of full indices.
827 Debug::pkgAcquire::Worker
829 Log all interactions with the sub-processes that actually perform
830 downloads.
831 Debug::pkgAutoRemove
833 Log events related to the automatically-installed status of
834 packages and to the removal of unused packages.
835 Debug::pkgDepCache::AutoInstall
837 Generate debug messages describing which packages are being
838 automatically installed to resolve dependencies. This corresponds
839 to the initial auto-install pass performed in, e.g., apt-get
840 install, and not to the full apt dependency resolver; see
841 Debug::pkgProblemResolver for that.
842 Debug::pkgDepCache::Marker
844 Generate debug messages describing which packages are marked as
845 keep/install/remove while the ProblemResolver does his work. Each
846 addition or deletion may trigger additional actions; they are shown
847 indented two additional spaces under the original entry. The format
848 for each line is MarkKeep, MarkDelete or MarkInstall followed by
849 package-name <a.b.c -> d.e.f | x.y.z> (section) where a.b.c is the
850 current version of the package, d.e.f is the version considered for
851 installation and x.y.z is a newer version, but not considered for
852 installation (because of a low pin score). The later two can be
853 omitted if there is none or if it is the same as the installed
854 version. section is the name of the section the package appears
855 in.
856 Debug::pkgDPkgPM
858 When invoking dpkg(1), output the precise command line with which
859 it is being invoked, with arguments separated by a single space
860 character.
861 Debug::pkgDPkgProgressReporting
863 Output all the data received from dpkg(1) on the status file
864 descriptor and any errors encountered while parsing it.
865 Debug::pkgOrderList
867 Generate a trace of the algorithm that decides the order in which
868 apt should pass packages to dpkg(1).
869 Debug::pkgPackageManager
871 Output status messages tracing the steps performed when invoking
872 dpkg(1).
873 Debug::pkgPolicy
875 Output the priority of each package list on startup.
876 Debug::pkgProblemResolver
878 Trace the execution of the dependency resolver (this applies only
879 to what happens when a complex dependency problem is encountered).
880 Debug::pkgProblemResolver::ShowScores
882 Display a list of all installed packages with their calculated
883 score used by the pkgProblemResolver. The description of the
884 package is the same as described in Debug::pkgDepCache::Marker
885 Debug::sourceList
887 Print information about the vendors read from
888 /etc/apt/vendors.list.
889 Debug::RunScripts
891 Display the external commands that are called by apt hooks. This
892 includes e.g. the config options DPkg::{Pre,Post}-Invoke or
893 APT::Update::{Pre,Post}-Invoke.
894
896 /usr/share/doc/apt/examples/configure-index.gz is a configuration file
897 showing example values for all possible options.
898
900 /etc/apt/apt.conf
901 APT configuration file. Configuration Item: Dir::Etc::Main.
902 /etc/apt/apt.conf.d/
904 APT configuration file fragments. Configuration Item:
905 Dir::Etc::Parts.
906
908 apt-cache(8), apt-config(8), apt_preferences(5).
909
911 APT bug page[1]. If you wish to report a bug in APT, please see
912 /usr/share/doc/debian/bug-reporting.txt or the reportbug(1) command.
913
915 Jason Gunthorpe
916 APT team
918 Daniel Burrows <dburrows@debian.org>
920 Initial documentation of Debug::*.
921
923 1. APT bug page
924 http://bugs.debian.org/src:apt
925APT 2.7.6 02 January 2016 APT.CONF(5)