mirror of
https://github.com/moparisthebest/pacman
synced 2024-10-31 15:45:03 -04:00
dfcea1456d
It is now possible to invert patterns in NoExtract and NoUpgrade. This feature allows users to whitelist certain files that were previously blacklisted by another entry. Signed-off-by: Allan McRae <allan@archlinux.org>
336 lines
14 KiB
Plaintext
336 lines
14 KiB
Plaintext
/////
|
|
vim:set ts=4 sw=4 syntax=asciidoc noet spell spelllang=en_us:
|
|
/////
|
|
pacman.conf(5)
|
|
==============
|
|
|
|
Name
|
|
----
|
|
pacman.conf - pacman package manager configuration file
|
|
|
|
|
|
Synopsis
|
|
--------
|
|
{sysconfdir}/pacman.conf
|
|
|
|
|
|
Description
|
|
-----------
|
|
Pacman, using linkman:libalpm[3], will attempt to read pacman.conf each time it
|
|
is invoked. This configuration file is divided into sections or repositories.
|
|
Each section defines a package repository that pacman can use when searching
|
|
for packages in '\--sync' mode. The exception to this is the options section,
|
|
which defines global options.
|
|
|
|
|
|
Example
|
|
-------
|
|
|
|
--------
|
|
#
|
|
# pacman.conf
|
|
#
|
|
[options]
|
|
NoUpgrade = etc/passwd etc/group etc/shadow
|
|
NoUpgrade = etc/fstab
|
|
|
|
[core]
|
|
Include = /etc/pacman.d/core
|
|
|
|
[custom]
|
|
Server = file:///home/pkgs
|
|
--------
|
|
|
|
NOTE: Each directive must be in CamelCase. If the case isn't respected, the
|
|
directive won't be recognized. For example. noupgrade or NOUPGRADE will not
|
|
work.
|
|
|
|
Options
|
|
-------
|
|
*RootDir =* path/to/root::
|
|
Set the default root directory for pacman to install to. This option is
|
|
used if you want to install a package on a temporary mounted partition
|
|
which is "owned" by another system, or for a chroot install.
|
|
*NOTE*: If database path or logfile are not specified on either the
|
|
command line or in linkman:pacman.conf[5], their default location will
|
|
be inside this root path.
|
|
|
|
*DBPath =* path/to/db/dir::
|
|
Overrides the default location of the toplevel database directory. A
|
|
typical default is +{localstatedir}/lib/pacman/+. Most users will not need to set
|
|
this option. *NOTE*: if specified, this is an absolute path and the root
|
|
path is not automatically prepended.
|
|
|
|
*CacheDir =* path/to/cache/dir::
|
|
Overrides the default location of the package cache directory. A typical
|
|
default is +{localstatedir}/cache/pacman/pkg/+. Multiple cache directories can be
|
|
specified, and they are tried in the order they are listed in the config
|
|
file. If a file is not found in any cache directory, it will be downloaded
|
|
to the first cache directory with write access. *NOTE*: this is an absolute
|
|
path, the root path is not automatically prepended.
|
|
|
|
*GPGDir =* path/to/gpg/dir::
|
|
Overrides the default location of the directory containing configuration
|
|
files for GnuPG. A typical default is +{sysconfdir}/pacman.d/gnupg/+.
|
|
This directory should contain two files: `pubring.gpg` and `trustdb.gpg`.
|
|
`pubring.gpg` holds the public keys of all packagers. `trustdb.gpg`
|
|
contains a so-called trust database, which specifies that the keys are
|
|
authentic and trusted.
|
|
*NOTE*: this is an absolute path, the root path is not automatically
|
|
prepended.
|
|
|
|
*LogFile =* /path/to/file::
|
|
Overrides the default location of the pacman log file. A typical default
|
|
is +{localstatedir}/log/pacman.log+. This is an absolute path and the root directory
|
|
is not prepended.
|
|
|
|
*HoldPkg =* package ...::
|
|
If a user tries to '\--remove' a package that's listed in `HoldPkg`,
|
|
pacman will ask for confirmation before proceeding. Shell-style glob
|
|
patterns are allowed.
|
|
|
|
*IgnorePkg =* package ...::
|
|
Instructs pacman to ignore any upgrades for this package when performing
|
|
a '\--sysupgrade'. Shell-style glob patterns are allowed.
|
|
|
|
*IgnoreGroup =* group ...::
|
|
Instructs pacman to ignore any upgrades for all packages in this
|
|
group when performing a '\--sysupgrade'. Shell-style glob patterns are
|
|
allowed.
|
|
|
|
*Include =* path::
|
|
Include another config file. This file can include repositories or
|
|
general configuration options. Wildcards in the specified paths will get
|
|
expanded based on linkman:glob[7] rules.
|
|
|
|
*Architecture =* auto | i686 | x86_64 | ...::
|
|
If set, pacman will only allow installation of packages of the given
|
|
architecture (e.g. 'i686', 'x86_64', etc). The special value 'auto' will
|
|
use the system architecture, provided by in ``uname -m''. If unset, no
|
|
architecture checks are made. *NOTE*: packages with the special
|
|
architecture 'any' can always be installed, as they are meant to be
|
|
architecture independent.
|
|
|
|
*XferCommand =* /path/to/command %u::
|
|
If set, an external program will be used to download all remote files.
|
|
All instances of `%u` will be replaced with the download URL. If present,
|
|
instances of `%o` will be replaced with the local filename, plus a
|
|
``.part'' extension, which allows programs like wget to do file resumes
|
|
properly.
|
|
+
|
|
This option is useful for users who experience problems with built-in
|
|
http/ftp support, or need the more advanced proxy support that comes with
|
|
utilities like wget.
|
|
|
|
*NoUpgrade =* file ...::
|
|
All files listed with a `NoUpgrade` directive will never be touched during
|
|
a package install/upgrade, and the new files will be installed with a
|
|
'.pacnew' extension.
|
|
These files refer to files in the package archive, so do not include the
|
|
leading slash (the RootDir) when specifying them. Shell-style glob patterns
|
|
are allowed. It is possible to invert matches by prepending a file with
|
|
an exclamation mark. Inverted files will result in previously blacklisted
|
|
files being whitelisted again. Subsequent matches will override previous
|
|
ones. A leading literal exclamation mark or backslash needs to be escaped.
|
|
|
|
*NoExtract =* file ...::
|
|
All files listed with a `NoExtract` directive will never be extracted from
|
|
a package into the filesystem. This can be useful when you don't want part
|
|
of a package to be installed. For example, if your httpd root uses an
|
|
'index.php', then you would not want the 'index.html' file to be extracted
|
|
from the 'apache' package.
|
|
These files refer to files in the package archive, so do not include the
|
|
leading slash (the RootDir) when specifying them. Shell-style glob patterns
|
|
are allowed. It is possible to invert matches by prepending a file with
|
|
an exclamation mark. Inverted files will result in previously blacklisted
|
|
files being whitelisted again. Subsequent matches will override previous
|
|
ones. A leading literal exclamation mark or backslash needs to be escaped.
|
|
|
|
*CleanMethod =* KeepInstalled &| KeepCurrent::
|
|
If set to `KeepInstalled` (the default), the '-Sc' operation will clean
|
|
packages that are no longer installed (not present in the local database).
|
|
If set to `KeepCurrent`, '-Sc' will clean outdated packages (not present in
|
|
any sync database).
|
|
The second behavior is useful when the package cache is shared among
|
|
multiple machines, where the local databases are usually different, but the
|
|
sync databases in use could be the same. If both values are specified,
|
|
packages are only cleaned if not installed locally and not present in any
|
|
known sync database.
|
|
|
|
*SigLevel =* ...::
|
|
Set the default signature verification level. For more information, see
|
|
<<SC,Package and Database Signature Checking>> below.
|
|
|
|
*LocalFileSigLevel =* ...::
|
|
Set the signature verification level for installing packages using the "-U"
|
|
operation on a local file. Uses the value from SigLevel as the default.
|
|
|
|
*RemoteFileSigLevel =* ...::
|
|
Set the signature verification level for installing packages using the "-U"
|
|
operation on a remote file URL. Uses the value from SigLevel as the default.
|
|
|
|
*UseSyslog*::
|
|
Log action messages through syslog(). This will insert log entries into
|
|
+{localstatedir}/log/messages+ or equivalent.
|
|
|
|
*Color*::
|
|
Automatically enable colors only when pacman's output is on a tty.
|
|
|
|
*UseDelta* [= ratio]::
|
|
Download delta files instead of complete packages if possible. Requires
|
|
the `xdelta3` program to be installed. If a ratio is specified (e.g.,
|
|
`0.5`), then it is used as a cutoff for determining whether to use deltas.
|
|
Allowed values are between `0.0` and `2.0`; sensible values are between
|
|
`0.2` and `0.9`. Using a value above `1.0` is not recommended. The
|
|
default is `0.7` if left unspecified.
|
|
|
|
*TotalDownload*::
|
|
When downloading, display the amount downloaded, download rate, ETA,
|
|
and completed percentage of the entire download list rather
|
|
than the percent of each individual download target. The progress
|
|
bar is still based solely on the current file download.
|
|
|
|
*CheckSpace*::
|
|
Performs an approximate check for adequate available disk space before
|
|
installing packages.
|
|
|
|
*VerbosePkgLists*::
|
|
Displays name, version and size of target packages formatted
|
|
as a table for upgrade, sync and remove operations.
|
|
|
|
Repository Sections
|
|
-------------------
|
|
Each repository section defines a section name and at least one location where
|
|
the packages can be found. The section name is defined by the string within
|
|
square brackets (the two above are 'current' and 'custom'). Locations are
|
|
defined with the 'Server' directive and follow a URL naming structure. If you
|
|
want to use a local directory, you can specify the full path with a ``file://''
|
|
prefix, as shown above.
|
|
|
|
A common way to define DB locations utilizes the 'Include' directive. For each
|
|
repository defined in the configuration file, a single 'Include' directive can
|
|
contain a file that lists the servers for that repository.
|
|
|
|
--------
|
|
[core]
|
|
# use this server first
|
|
Server = ftp://ftp.archlinux.org/$repo/os/$arch
|
|
# next use servers as defined in the mirrorlist below
|
|
Include = {sysconfdir}/pacman.d/mirrorlist
|
|
--------
|
|
|
|
The order of repositories in the configuration files matters; repositories
|
|
listed first will take precedence over those listed later in the file when
|
|
packages in two repositories have identical names, regardless of version
|
|
number.
|
|
|
|
*Include =* path::
|
|
Include another config file. This file can include repositories or
|
|
general configuration options. Wildcards in the specified paths will get
|
|
expanded based on linkman:glob[7] rules.
|
|
|
|
*Server =* url::
|
|
A full URL to a location where the database, packages, and signatures (if
|
|
available) for this repository can be found.
|
|
+
|
|
During parsing, pacman will define the `$repo` variable to the name of the
|
|
current section. This is often utilized in files specified using the 'Include'
|
|
directive so all repositories can use the same mirrorfile. pacman also defines
|
|
the `$arch` variable to the value of `Architecture`, so the same mirrorfile can
|
|
even be used for different architectures.
|
|
|
|
*SigLevel =* ...::
|
|
Set the signature verification level for this repository. For more
|
|
information, see <<SC,Package and Database Signature Checking>> below.
|
|
|
|
Package and Database Signature Checking[[SC]]
|
|
---------------------------------------------
|
|
The 'SigLevel' directive is valid in both the `[options]` and repository
|
|
sections. If used in `[options]`, it sets a default value for any repository
|
|
that does not provide the setting.
|
|
|
|
* If set to *Never*, no signature checking will take place.
|
|
* If set to *Optional* , signatures will be checked when present, but unsigned
|
|
databases and packages will also be accepted.
|
|
* If set to *Required*, signatures will be required on all packages and
|
|
databases.
|
|
|
|
Alternatively, you can get more fine-grained control by combining some of
|
|
the options and prefixes described below. All options in a config file are
|
|
processed in top-to-bottom, left-to-right fashion, where later options override
|
|
and/or supplement earlier ones. If 'SigLevel' is specified in a repository
|
|
section, the starting value is that from the `[options]` section, or the
|
|
built-in system default as shown below if not specified.
|
|
|
|
The options are split into two main groups, described below. Terms used such as
|
|
``marginally trusted'' are terms used by GnuPG, for more information please
|
|
consult linkman:gpg[1].
|
|
|
|
When to Check::
|
|
These options control if and when signature checks should take place.
|
|
|
|
*Never*;;
|
|
All signature checking is suppressed, even if signatures are present.
|
|
|
|
*Optional* (default);;
|
|
Signatures are checked if present; absence of a signature is not an
|
|
error. An invalid signature is a fatal error, as is a signature from a
|
|
key not in the keyring.
|
|
|
|
*Required*;;
|
|
Signatures are required; absence of a signature or an invalid signature
|
|
is a fatal error, as is a signature from a key not in the keyring.
|
|
|
|
What is Allowed::
|
|
These options control what signatures are viewed as permissible. Note that
|
|
neither of these options allows acceptance of invalid or expired
|
|
signatures, or those from revoked keys.
|
|
|
|
*TrustedOnly* (default);;
|
|
If a signature is checked, it must be in the keyring and fully trusted;
|
|
marginal trust does not meet this criteria.
|
|
|
|
*TrustAll*;;
|
|
If a signature is checked, it must be in the keyring, but is not
|
|
required to be assigned a trust level (e.g., unknown or marginal
|
|
trust).
|
|
|
|
Options in both groups can additionally be prefixed with either *Package* or
|
|
*Database*, which will cause it to only take effect on the specified object
|
|
type. For example, `PackageTrustAll` would allow marginal and unknown trust
|
|
level signatures for packages.
|
|
|
|
The built-in default is the following:
|
|
|
|
--------
|
|
SigLevel = Optional TrustedOnly
|
|
--------
|
|
|
|
Using Your Own Repository
|
|
-------------------------
|
|
If you have numerous custom packages of your own, it is often easier to generate
|
|
your own custom local repository than install them all with the '\--upgrade'
|
|
option. All you need to do is generate a compressed package database in the
|
|
directory with these packages so pacman can find it when run with '\--refresh'.
|
|
|
|
repo-add /home/pkgs/custom.db.tar.gz /home/pkgs/*.pkg.tar.gz
|
|
|
|
The above command will generate a compressed database named
|
|
'/home/pkgs/custom.db.tar.gz'. Note that the database must be of the form
|
|
'\{treename\}.db.tar.{ext}', where '\{treename\}' is the name of the section
|
|
defined in the configuration file and '\{ext\}' is a valid compression type as
|
|
documented in linkman:repo-add[8]. That's it! Now configure your custom section
|
|
in the configuration file as shown in the config example above. Pacman will now
|
|
use your package repository. If you add new packages to the repository,
|
|
remember to re-generate the database and use pacman's '\--refresh' option.
|
|
|
|
For more information on the repo-add command, see ``repo-add \--help'' or
|
|
linkman:repo-add[8].
|
|
|
|
|
|
See Also
|
|
--------
|
|
linkman:pacman[8], linkman:libalpm[3]
|
|
|
|
include::footer.txt[]
|