add sources.list Check-Valid-Until and Valid-Until-{Max,Min} options

These options could be set via configuration before, but the connection
to the actual sources is so strong that they should really be set in the
sources.list instead – especially as this can be done a lot more
specific rather than e.g. disabling Valid-Until for all sources at once.

Valid-Until-* names are chosen instead of the Min/Max-ValidTime as this
seems like a better name and their use in the wild is probably low
enough that this isn't going to confuse anyone if we have to names for
the same thing in different areas.

In the longrun, the config options should be removed, but for now
documentation hinting at the new options is good enough as these are the
kind of options you set once across many systems with different apt
versions, so the new way should work everywhere first before we
deprecate the old way.

1 files changed, 7 insertions, 3 deletions

diff --git a/doc/apt-get.8.xml b/doc/apt-get.8.xml
index 5b6788ed4..b0fe390df 100644
--- a/doc/apt-get.8.xml
+++ b/doc/apt-get.8.xml
@@ -531,9 +531,13 @@
      </varlistentry>
 
      <varlistentry><term><option>--allow-unauthenticated</option></term>
-     <listitem><para>Ignore if packages can't be authenticated and don't prompt about it.
-     This is useful for tools like pbuilder.
-     Configuration Item: <literal>APT::Get::AllowUnauthenticated</literal>.</para></listitem>
+     <listitem><para>Ignore if packages can't be authenticated and don't prompt
+	   about it.  This can be useful while working with local repositories,
+	   but is a huge security risk if data authenticity isn't ensured in
+	   another way by the user itself.  The usage of the
+	   <option>Trusted</option> option for &sources-list; entries should
+	   usually be preferred over this global override.  Configuration Item:
+	   <literal>APT::Get::AllowUnauthenticated</literal>.</para></listitem>
      </varlistentry>
 
      <varlistentry><term><option>--no-allow-insecure-repositories</option></term>