summaryrefslogtreecommitdiff
path: root/apt-pkg/init.cc
diff options
context:
space:
mode:
authorMichael Vogt <mvo@ubuntu.com>2014-10-01 12:21:55 +0200
committerMichael Vogt <mvo@ubuntu.com>2014-10-01 13:05:26 +0200
commitc99fe2e169243fc6e1a3278ce3768f0f521e260b (patch)
tree8b9c5141f4e90a02a1b342692b217c3567684a1d /apt-pkg/init.cc
parent8d266656767f6c7c3946700c7052d0b8b6212742 (diff)
Use Acquire::Allow{InsecureRepositories,DowngradeToInsecureRepositories}
The configuration key Acquire::AllowInsecureRepositories controls if apt allows loading of unsigned repositories at all. The configuration Acquire::AllowDowngradeToInsecureRepositories controls if a signed repository can ever become unsigned. This should really never be needed but we provide it to avoid having to mess around in /var/lib/apt/lists if there is a use-case for this (which I can't think of right now).
Diffstat (limited to 'apt-pkg/init.cc')
-rw-r--r--apt-pkg/init.cc4
1 files changed, 4 insertions, 0 deletions
diff --git a/apt-pkg/init.cc b/apt-pkg/init.cc
index 241628632..82dff4ee8 100644
--- a/apt-pkg/init.cc
+++ b/apt-pkg/init.cc
@@ -88,6 +88,10 @@ bool pkgInitConfig(Configuration &Cnf)
Cnf.Set("Dir::Ignore-Files-Silently::", "\\.orig$");
Cnf.Set("Dir::Ignore-Files-Silently::", "\\.distUpgrade$");
+ // Repository security
+ Cnf.CndSet("Acquire::AllowInsecureRepositories", false);
+ Cnf.CndSet("Acquire::AllowDowngradeToInsecureRepositories", false);
+
// Default cdrom mount point
Cnf.CndSet("Acquire::cdrom::mount", "/media/cdrom/");