diff options
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 16 |
1 files changed, 16 insertions, 0 deletions
@@ -78,6 +78,22 @@ via the following configuration options to fail for non-tor-http(s) sources: Dir::Bin::Methods::http "false"; Dir::Bin::Methods::https "false"; +### Downloading changelogs + +The locations of changelogs is independent of repository. The Release file can +and should include the URI changelogs can be found on, which tends to be an http +URI of a central service. + +You can override the value from the Release file to use Tor here as well, or if +you happen to know an onion address use this one instead. the following listing +gives three valid configurations for Debian where the first one is the default, +the second uses the default via Tor and the third uses an onion service address. + + Acquire::Changelogs::URI::Override::Origin::Debian "http://metadata.ftp-master.debian.org/changelogs/@CHANGEPATH@_changelog"; + Acquire::Changelogs::URI::Override::Origin::Debian "tor+http://metadata.ftp-master.debian.org/changelogs/@CHANGEPATH@_changelog"; + Acquire::Changelogs::URI::Override::Origin::Debian "tor+http://cmgvqnxjoiqthvrc.onion/changelogs/@CHANGEPATH@_changelog"; + + ## Caveats Downloading your Debian packages over Tor prevents an attacker who is |