summaryrefslogtreecommitdiff
path: root/doc/sources.list.5.xml
blob: c5a012fe4856c333fd1dccc01f4e663b6424f067 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
<?xml version="1.0" encoding="utf-8" standalone="no"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % aptent SYSTEM "apt.ent"> %aptent;
<!ENTITY % aptverbatiment SYSTEM "apt-verbatim.ent"> %aptverbatiment;
<!ENTITY % aptvendor SYSTEM "apt-vendor.ent"> %aptvendor;
]>

<refentry>

 <refentryinfo>
   &apt-author.jgunthorpe;
   &apt-author.team;
   &apt-email;
   &apt-product;
   <!-- The last update date -->
   <date>2022-02-22T00:00:00Z</date>
 </refentryinfo>
 
 <refmeta>
   <refentrytitle>sources.list</refentrytitle>
   <manvolnum>5</manvolnum>
   <refmiscinfo class="manual">APT</refmiscinfo>
 </refmeta>
 
 <!-- Man page title -->
 <refnamediv>
    <refname>sources.list</refname>
    <refpurpose>List of configured APT data sources</refpurpose>
 </refnamediv>
 
 <refsect1><title>Description</title>
   <para>
      The source list <filename>/etc/apt/sources.list</filename> and the
      files contained in <filename>/etc/apt/sources.list.d/</filename> are
      designed to support any number of active sources and a variety of source
      media. The files list one source per line (one-line style) or contain multiline
      stanzas defining one or more sources per stanza (deb822 style), with the
      most preferred source listed first (in case a single version is
      available from more than one source). The information available from the
      configured sources is acquired by <command>apt-get update</command> (or
      by an equivalent command from another APT front-end).
   </para>
 </refsect1>
 
 <refsect1><title>sources.list.d</title>
    <para>The <filename>/etc/apt/sources.list.d</filename> directory provides
       a way to add sources.list entries in separate files.
       Two different file formats are allowed as described in the next two sections.
       Filenames need to have either the extension <filename>.list</filename> or
       <filename>.sources</filename> depending on the contained format.
       The filenames may only contain letters (a-z and A-Z),
       digits (0-9), underscore (_), hyphen (-) and period (.) characters.
       Otherwise APT will print a notice that it has ignored a file, unless that
       file matches a pattern in the <literal>Dir::Ignore-Files-Silently</literal>
       configuration list - in which case it will be silently ignored.</para>
 </refsect1>

 <refsect1><title>One-Line-Style Format</title>
    <para>
       Files in this format have the extension <filename>.list</filename>.
       Each line specifying a source starts with a type (e.g. <literal>deb-src</literal>)
       followed by options and arguments for this type.

       Individual entries cannot be continued onto a following line. Empty lines
       are ignored, and a <literal>#</literal> character anywhere on a line marks
       the remainder of that line as a comment. Consequently an entry can be
       disabled by commenting out the entire line.

       If options should be provided they are separated by spaces and all of
       them together are enclosed by square brackets (<literal>[]</literal>)
       included in the line after the type separated from it with a space.
       If an option allows multiple values these are separated from each other
       with a comma (<literal>,</literal>). An option name is separated from its
       value(s) by an equals sign (<literal>=</literal>). Multivalue options also
       have <literal>-=</literal> and <literal>+=</literal> as separators, which
       instead of replacing the default with the given value(s) modify the default
       value(s) to remove or include the given values.
   </para><para>
       This is the traditional format and supported by all apt versions.
       Note that not all options as described below are supported by all apt versions.
       Note also that some older applications parsing this format on their own might not
       expect to encounter options as they were uncommon before the introduction of
       multi-architecture support.
    </para>
 </refsect1>

 <refsect1><title>deb822-Style Format</title>
    <para>
       Files in this format have the extension <filename>.sources</filename>.
       The format is similar in syntax to other files used by Debian and its
       derivatives, such as the metadata files that apt will download from the configured
       sources or the <filename>debian/control</filename> file in a Debian source package.

       Individual entries are separated by an empty line; additional empty
       lines are ignored, and a <literal>#</literal> character at the start of
       the line marks the entire line as a comment. An entry can hence be
       disabled by commenting out each line belonging to the stanza, but it is
       usually easier to add the field "Enabled: no" to the stanza to disable
       the entry. Removing the field or setting it to yes re-enables it.

       Options have the same syntax as every other field: A field name separated by
       a colon (<literal>:</literal>) and optionally spaces from its value(s).
       Note especially that multiple values are separated by whitespaces (like spaces,
       tabs and newlines), not by commas as in the one-line format.

       Multivalue fields like <literal>Architectures</literal> also have
       <literal>Architectures-Add</literal> and <literal>Architectures-Remove</literal>
       to modify the default value rather than replacing it.
   </para><para>
       This is a new format supported by apt itself since version 1.1. Previous
       versions ignore such files with a notice message as described earlier.
       It is intended to make this format gradually the default format,
       deprecating the previously described one-line-style format, as it is
       easier to create, extend and modify for humans and machines alike
       especially if a lot of sources and/or options are involved.

       Developers who are working with and/or parsing apt sources are highly
       encouraged to add support for this format and to contact the APT team
       to coordinate and share this work. Users can freely adopt this format
       already, but may encounter problems with software not supporting
       the format yet.
    </para>
 </refsect1>

 <refsect1><title>The deb and deb-src Types: General Format</title>
   <para>The <literal>deb</literal> type references a typical two-level Debian
   archive, <filename>distribution/component</filename>. The
   <literal>distribution</literal> is generally a suite name like
   <literal>stable</literal> or <literal>testing</literal> or a codename like
   <literal>&debian-stable-codename;</literal> or <literal>&debian-testing-codename;</literal>
   while component is one of <literal>main</literal>, <literal>contrib</literal>,
   <literal>non-free</literal> or <literal>non-free-firmware</literal>. The
   <literal>deb-src</literal> type references a Debian distribution's source
   code in the same form as the <literal>deb</literal> type.
   A <literal>deb-src</literal> line is required to fetch source indexes.</para>

   <para>The format for two one-line-style entries using the
   <literal>deb</literal> and <literal>deb-src</literal> types is:</para>

   <literallayout>deb [ option1=value1 option2=value2 ] uri suite [component1] [component2] [...]
deb-src [ option1=value1 option2=value2 ] uri suite [component1] [component2] [...]</literallayout>

   <para>Alternatively the equivalent entry in deb822 style looks like this:
   <literallayout>
     Types: deb deb-src
     URIs: uri
     Suites: suite
     Components: [component1] [component2] [...]
     option1: value1
     option2: value2
   </literallayout>
   </para>

   <para>The URI for the <literal>deb</literal> type must specify the base of the
   Debian distribution, from which APT will find the information it needs.
   <literal>suite</literal> can specify an exact path, in which case the
   components must be omitted and <literal>suite</literal> must end with
   a slash (<literal>/</literal>). This is useful for the case when only a
   particular sub-directory of the archive denoted by the URI is of interest.
   If <literal>suite</literal> does not specify an exact path, at least
   one <literal>component</literal> must be present.</para>

   <para><literal>suite</literal> may also contain a variable,
   <literal>$(ARCH)</literal>
   which expands to the Debian architecture (such as <literal>amd64</literal> or
   <literal>armel</literal>) used on the system. This permits architecture-independent
   <filename>sources.list</filename> files to be used. In general this is only
   of interest when specifying an exact path; <literal>APT</literal> will
   automatically generate a URI with the current architecture otherwise.</para>

   <para>Especially in the one-line-style format since only one distribution
      can be specified per line it may be necessary to have multiple lines for
      the same URI, if a subset of all available distributions or components at
      that location is desired.  APT will sort the URI list after it has
      generated a complete set internally, and will collapse multiple
      references to the same Internet host, for instance, into a single
      connection, so that it does not inefficiently establish a
      connection, close it, do something else, and then re-establish a
      connection to that same host. APT also parallelizes connections to
      different hosts to more effectively deal with sites with low
      bandwidth.</para>

   <para>It is important to list sources in order of preference, with the most
   preferred source listed first. Typically this will result in sorting
   by speed from fastest to slowest (CD-ROM followed by hosts on a local
   network, followed by distant Internet hosts, for example).</para>

   <para>As an example, the sources for your distribution could look like this
      in one-line-style format:
      <literallayout>&sourceslist-list-format;</literallayout> or like this in
      deb822 style format:
      <literallayout>&sourceslist-sources-format;</literallayout></para>
 </refsect1>

 <refsect1><title>The deb and deb-src types: Options</title>
    <para>Each source entry can have options specified to modify which source
       is accessed and how data is acquired from it. Format, syntax and names
       of the options vary between the one-line-style and deb822-style formats
       as described, but they both have the same options available. For simplicity
       we list the deb822 field name and provide the one-line name in brackets.
       Remember that besides setting multivalue options explicitly, there is also
       the option to modify them based on the default, but we aren't listing those
       names explicitly here. Unsupported options are silently ignored by all
       APT versions.

       <itemizedlist>
	  <listitem><para><option>Architectures</option>
		(<option>arch</option>) is a multivalue option defining for
		which architectures information should be downloaded. If this
		option isn't set the default is all architectures as defined by
		the <option>APT::Architectures</option> config option.
	  </para></listitem>

	  <listitem><para><option>Languages</option>
		(<option>lang</option>) is a multivalue option defining for
		which languages information such as translated package
		descriptions should be downloaded.  If this option isn't set
		the default is all languages as defined by the
		<option>Acquire::Languages</option> config option.
	  </para></listitem>

	  <listitem><para><option>Targets</option>
		(<option>target</option>) is a multivalue option defining
		which download targets apt will try to acquire from this
		source. If not specified, the default set is defined by the
		<option>Acquire::IndexTargets</option> configuration scope
		(targets are specified by their name in the
		<literal>Created-By</literal> field).
		Additionally, targets can be enabled or disabled by using the
		<literal>Identifier</literal> field as an option with a boolean
		value instead of using this multivalue option.
	  </para></listitem>

	  <listitem><para><option>PDiffs</option> (<option>pdiffs</option>)
		is a yes/no value which controls if APT should try to use PDiffs
		to update old indexes instead of downloading the new indexes
		entirely. The value of this option is ignored if the repository
		doesn't announce the availability of PDiffs.  Defaults to the
		value of the option with the same name for a specific index file
		defined in the <option>Acquire::IndexTargets</option> scope,
		which itself defaults to the value of configuration option
		<option>Acquire::PDiffs</option> which defaults to
		<literal>yes</literal>.
	  </para></listitem>

	  <listitem><para><option>By-Hash</option> (<option>by-hash</option>)
		can have the value <literal>yes</literal>, <literal>no</literal>
		or <literal>force</literal> and controls if APT should try to
		acquire indexes via a URI constructed from a hashsum of the
		expected file instead of using the well-known stable filename
		of the index. Using this can avoid hashsum mismatches, but
		requires a supporting mirror. A <literal>yes</literal> or
		<literal>no</literal> value activates/disables the use of this
		feature if this source indicates support for it, while
		<literal>force</literal> will enable the feature regardless of
		what the source indicates. Defaults to the value of the option
		of the same name for a specific index file defined in the
		<option>Acquire::IndexTargets</option> scope, which itself
		defaults to the value of configuration option
		<option>Acquire::By-Hash</option> which defaults to
		<literal>yes</literal>.
	  </para></listitem>

       </itemizedlist>

       Furthermore, there are options which if set affect
       <emphasis>all</emphasis> sources with the same URI and Suite, so they
       have to be set on all such entries and can not be varied between
       different components. APT will try to detect and error out on such
       anomalies.

       <itemizedlist>
	  <listitem><para><option>Allow-Insecure</option> (<option>allow-insecure</option>),
		<option>Allow-Weak</option> (<option>allow-weak</option>) and
		<option>Allow-Downgrade-To-Insecure</option> (<option>allow-downgrade-to-insecure</option>)
		are boolean values which all default to <literal>no</literal>.
		If set to <literal>yes</literal> they circumvent parts of &apt-secure;
		and should therefore not be used lightly!
	  </para></listitem>

	  <listitem><para><option>Trusted</option> (<option>trusted</option>)
		is a tri-state value which defaults to APT deciding if a source
		is considered trusted or if warnings should be raised before e.g.
		packages are installed from this source. This option can be used
		to override that decision. The value <literal>yes</literal> tells APT
		always to consider this source as trusted, even if it doesn't pass
		authentication checks. It disables parts of &apt-secure;, and should
		therefore only be used in a local and trusted context (if at all) as
		otherwise security is breached. The value <literal>no</literal> does
		the opposite, causing the source to be handled as untrusted even if
		the authentication checks passed successfully. The default value can't
		be set explicitly.
	  </para></listitem>

	  <listitem><para><option>Signed-By</option> (<option>signed-by</option>)
		is an option to require a repository to pass &apt-secure; verification
		with a certain set of keys rather than all trusted keys apt has configured.
		It is specified as a list of absolute paths to keyring files (have to be
		accessible and readable for the <literal>_apt</literal> system user,
		so ensure everyone has read-permissions on the file) and fingerprints
		of keys to select from these keyrings. The recommended locations for keyrings
		are <filename>/usr/share/keyrings</filename> for keyrings managed by packages,
		and <filename>/etc/apt/keyrings</filename> for keyrings managed by the system operator.
		If no keyring files are specified
		the default is the <filename>trusted.gpg</filename> keyring and
		all keyrings in the <filename>trusted.gpg.d/</filename> directory
		(see <command>apt-key fingerprint</command>). If no fingerprint is
		specified all keys in the keyrings are selected. A fingerprint will
		accept also all signatures by a subkey of this key, if this isn't
		desired an exclamation mark (<literal>!</literal>) can be appended to
		the fingerprint to disable this behaviour.
		The option defaults to the value of the option with the same name
		if set in the previously acquired <filename>Release</filename> file
		of this repository (only fingerprints can be specified there through).
		Otherwise all keys in the trusted keyrings are considered valid
		signers for this repository.

		The option may also be set directly to an embedded GPG public key block. Special
		care is needed to encode the empty line with leading spaces and ".":
   <literallayout>Types: deb
URIs: https://deb.debian.org
Suites: stable
Components: main contrib non-free non-free-firmware
Signed-By:
 -----BEGIN PGP PUBLIC KEY BLOCK-----
 .
 mDMEYCQjIxYJKwYBBAHaRw8BAQdAD/P5Nvvnvk66SxBBHDbhRml9ORg1WV5CvzKY
 CuMfoIS0BmFiY2RlZoiQBBMWCgA4FiEErCIG1VhKWMWo2yfAREZd5NfO31cFAmAk
 IyMCGyMFCwkIBwMFFQoJCAsFFgIDAQACHgECF4AACgkQREZd5NfO31fbOwD6ArzS
 dM0Dkd5h2Ujy1b6KcAaVW9FOa5UNfJ9FFBtjLQEBAJ7UyWD3dZzhvlaAwunsk7DG
 3bHcln8DMpIJVXht78sL
 =IE0r
 -----END PGP PUBLIC KEY BLOCK-----</literallayout>
	  </para></listitem>

	  <listitem><para><option>Check-Valid-Until</option> (<option>check-valid-until</option>)
		is a yes/no value which controls if APT should try to detect
		replay attacks. A repository creator can declare a time until
		which the data provided in the repository should be considered valid,
		and if this time is reached, but no new data is provided, the data
		is considered expired and an error is raised.  Besides
		increasing security, as a malicious attacker can't send old data
		forever to prevent a user from upgrading to a new version,
		this also helps users identify mirrors which are no longer
		updated. However, some repositories such as historic archives
		are not updated any more by design, so this check can be
		disabled by setting this option to <literal>no</literal>.
		Defaults to the value of configuration option
		<option>Acquire::Check-Valid-Until</option> which itself
		defaults to <literal>yes</literal>.
	  </para></listitem>

	  <listitem><para><option>Valid-Until-Min</option>
		(<option>valid-until-min</option>) and
		<option>Valid-Until-Max</option>
		(<option>valid-until-max</option>) can be used to raise or
		lower the time period in seconds in which the data from this
		repository is considered valid. -Max can be especially useful
		if the repository provides no Valid-Until field on its Release
		file to set your own value, while -Min can be used to increase
		the valid time on seldom updated (local) mirrors of a more
		frequently updated but less accessible archive (which is in the
		sources.list as well) instead of disabling the check entirely.
		Default to the value of the configuration options
		<option>Acquire::Min-ValidTime</option> and
		<option>Acquire::Max-ValidTime</option> which are both unset by
		default.
	  </para></listitem>

	  <listitem><para><option>Check-Date</option> (<option>check-date</option>)
		is a yes/no value which controls if APT should consider
		the machine's time correct and hence perform time related
		checks, such as verifying that a Release file is not
		from the future. Disabling it also disables the
		<option>Check-Valid-Until</option> option
		mentioned above.
	  </para></listitem>

	  <listitem><para><option>Date-Max-Future</option>
		(<option>date-max-future</option>) controls how far
		from the future a repository may be.
		Default to the value of the configuration option
		<option>Acquire::Max-FutureTime</option> which is
		10 seconds by default.
	  </para></listitem>

	  <listitem><para><option>InRelease-Path</option> (<option>inrelease-path</option>)
		determines the path to the InRelease file, relative
		to the normal position of an <filename>InRelease</filename> file.
		By default, this option is unset and APT will try to fetch an <filename>InRelease</filename>
		or, if that fails, a <filename>Release</filename> file and its associated <filename>Release.gpg</filename> file. By setting this option,
		the specified path will be tried instead of the InRelease file,
		and the fallback to <filename>Release</filename> files will be disabled.
	  </para></listitem>

       </itemizedlist>

    </para>
 </refsect1>

 <refsect1><title>URI Specification</title>

    <para>The currently recognized URI types are:
   <variablelist>
    <varlistentry><term><command>http</command> (&apt-transport-http;)</term>
    <listitem><para>
    The http scheme specifies an HTTP server for an archive and is the most
    commonly used method. The URI can directly include login information if the
    archive requires it, but the use of &apt-authconf; should be preferred.
    The method also supports SOCKS5 and HTTP(S) proxies either configured via
    apt-specific configuration or specified by the environment variable
    <envar>http_proxy</envar> in the format (assuming an HTTP proxy requiring
    authentication) <replaceable>http://user:pass@server:port/</replaceable>.
    The authentication details for proxies can also be supplied via
    &apt-authconf;.</para>
    <para>Note that these forms of authentication are insecure as the whole
    communication with the remote server (or proxy) is not encrypted so a
    sufficiently capable attacker can observe and record login as well as all
    other interactions. The attacker can <emphasis>not</emphasis> modify the
    communication through as APT's data security model is independent of the
    chosen transport method. See &apt-secure; for details.</para></listitem>
    </varlistentry>

    <varlistentry><term><command>https</command> (&apt-transport-https;)</term>
    <listitem><para>
    The https scheme specifies an HTTPS server for an archive and is very
    similar in use and available options to the http scheme. The main
    difference is that the communication between apt and server (or proxy) is
    encrypted. Note that the encryption does not prevent an attacker from
    knowing which server (or proxy) apt is communicating with and deeper
    analysis can potentially still reveal which data was downloaded. If this is
    a concern the Tor-based schemes mentioned further below might be a suitable
    alternative.</para></listitem>
    </varlistentry>

    <varlistentry><term><command>mirror</command>, <command>mirror+<replaceable>scheme</replaceable></command> (&apt-transport-mirror;)</term>
    <listitem><para>
    The mirror scheme specifies the location of a mirrorlist. By default the
    scheme used for the location is <literal>http</literal>, but any other
    scheme can be used via <command>mirror+<replaceable>scheme</replaceable></command>.
    The mirrorlist itself can contain many different URIs for mirrors the APT client
    can transparently pick, choose and fallback between intended to help both
    with distributing the load over the available mirrors and ensuring that
    clients can acquire data even if some configured mirrors are not available.
    </para></listitem>
    </varlistentry>

    <varlistentry><term><command>file</command></term>
    <listitem><para>
    The file scheme allows an arbitrary directory in the file system to be
    considered an archive. This is useful for NFS mounts and local mirrors or
    archives.</para></listitem>
    </varlistentry>
    
    <varlistentry><term><command>cdrom</command></term>
    <listitem><para>
    The cdrom scheme allows APT to use a local CD-ROM, DVD or USB drive with media
    swapping. Use the &apt-cdrom; program to create cdrom entries in the
    source list.</para></listitem>
    </varlistentry>

    <varlistentry><term><command>ftp</command></term>
    <listitem><para>
    The ftp scheme specifies an FTP server for an archive. Use of FTP is on the
    decline in favour of <literal>http</literal> and <literal>https</literal>
    and many archives either never offered or are retiring FTP access. If you
    still need this method many configuration options for it are available in
    the <literal>Acquire::ftp</literal> scope and detailed in &apt-conf;.</para>
    <para>Please note that an FTP proxy can be specified
    by using the <envar>ftp_proxy</envar> environment variable. It is possible
    to specify an HTTP proxy (HTTP proxy servers often understand FTP URLs)
    using this environment variable and <emphasis>only</emphasis> this
    environment variable. Proxies using HTTP specified in
    the configuration file will be ignored.</para></listitem>
    </varlistentry>

    <varlistentry><term><command>copy</command></term>
    <listitem><para>
    The copy scheme is identical to the file scheme except that packages are
    copied into the cache directory instead of used directly at their location.
    This is useful for people using removable media to copy files around with APT.</para></listitem>
    </varlistentry>
    
    <varlistentry><term><command>rsh</command></term><term><command>ssh</command></term>
    <listitem><para>
    The rsh/ssh method invokes RSH/SSH to connect to a remote host and
    access the files as a given user. Prior configuration of rhosts or RSA keys
    is recommended. The standard <command>find</command> and <command>dd</command>
    commands are used to perform the file transfers from the remote host.
    </para></listitem>
    </varlistentry>

    <varlistentry><term>adding more recognizable URI types</term>
    <listitem><para>
    APT can be extended with more methods shipped in other optional packages, which should
    follow the naming scheme <package>apt-transport-<replaceable>method</replaceable></package>.
    For instance, the APT team also maintains the package <package>apt-transport-tor</package>,
    which provides access methods for HTTP and HTTPS URIs routed via the Tor network.
    </para></listitem>
    </varlistentry>
  </variablelist>
 </para>
 </refsect1>

 <refsect1><title>Examples</title>
   <para>Uses the archive stored locally (or NFS mounted) at /home/apt/debian
   for stable/main, stable/contrib, stable/non-free and stable/non-free-firmware.</para>
   <literallayout>deb file:/home/apt/debian stable main contrib non-free non-free-firmware</literallayout>
   <literallayout>Types: deb
URIs: file:/home/apt/debian
Suites: stable
Components: main contrib non-free non-free-firmware</literallayout>

   <para>As above, except this uses the unstable (development) distribution.</para>
   <literallayout>deb file:/home/apt/debian unstable main contrib non-free non-free-firmware</literallayout>
   <literallayout>Types: deb
URIs: file:/home/apt/debian
Suites: unstable
Components: main contrib non-free non-free-firmware</literallayout>

   <para>Sources specification for the above.</para>
   <literallayout>deb-src file:/home/apt/debian unstable main contrib non-free non-free-firmware</literallayout>
   <literallayout>Types: deb-src
URIs: file:/home/apt/debian
Suites: unstable
Components: main contrib non-free non-free-firmware</literallayout>

   <para>The first line gets package information for the architectures in <literal>APT::Architectures</literal>
   while the second always retrieves <literal>amd64</literal> and <literal>armel</literal>.</para>
   <literallayout>deb http://deb.debian.org/debian &debian-stable-codename; main
deb [ arch=amd64,armel ] http://deb.debian.org/debian &debian-stable-codename; main</literallayout>
   <literallayout>Types: deb
URIs: http://deb.debian.org/debian
Suites: &debian-stable-codename;
Components: main

Types: deb
URIs: http://deb.debian.org/debian
Suites: &debian-stable-codename;
Components: main
Architectures: amd64 armel
</literallayout>

   <para>Uses HTTP to access the archive at archive.debian.org, and uses only
   the hamm/main area.</para>
   <literallayout>deb http://archive.debian.org/debian-archive hamm main</literallayout>
   <literallayout>Types: deb
URIs: http://archive.debian.org/debian-archive
Suites: hamm
Components: main</literallayout>

   <para>Uses FTP to access the archive at ftp.debian.org, under the debian
   directory, and uses only the &debian-stable-codename;/contrib area.</para>
   <literallayout>deb ftp://ftp.debian.org/debian &debian-stable-codename; contrib</literallayout>
   <literallayout>Types: deb
URIs: ftp://ftp.debian.org/debian
Suites: &debian-stable-codename;
Components: contrib</literallayout>

   <para>Uses FTP to access the archive at ftp.debian.org, under the debian
   directory, and uses only the unstable/contrib area. If this line appears as
   well as the one in the previous example in <filename>sources.list</filename>
   a single FTP session will be used for both resource lines.</para>
   <literallayout>deb ftp://ftp.debian.org/debian unstable contrib</literallayout>
   <literallayout>Types: deb
URIs: ftp://ftp.debian.org/debian
Suites: unstable
Components: contrib</literallayout>

   <para>Uses HTTP to access the archive at ftp.tlh.debian.org, under the
   universe directory, and uses only files found under
   <filename>unstable/binary-i386</filename> on i386 machines,
   <filename>unstable/binary-amd64</filename> on amd64, and so
   forth for other supported architectures. [Note this example only
   illustrates how to use the substitution variable; official debian
   archives are not structured like this]
   <literallayout>deb http://ftp.tlh.debian.org/universe unstable/binary-$(ARCH)/</literallayout>
   <literallayout>Types: deb
URIs: http://ftp.tlh.debian.org/universe
Suites: unstable/binary-$(ARCH)/</literallayout>
   </para>

   <para>Uses HTTP to get binary packages as well as sources from the stable, testing and unstable
      suites and the components main and contrib.</para>
   <literallayout>deb http://deb.debian.org/debian stable main contrib
deb-src http://deb.debian.org/debian stable main contrib
deb http://deb.debian.org/debian testing main contrib
deb-src http://deb.debian.org/debian testing main contrib
deb http://deb.debian.org/debian unstable main contrib
deb-src http://deb.debian.org/debian unstable main contrib</literallayout>
   <literallayout>Types: deb deb-src
URIs: http://deb.debian.org/debian
Suites: stable testing unstable
Components: main contrib
</literallayout>

 </refsect1>

 <refsect1><title>See Also</title>
   <para>&apt-get;, &apt-conf;, &apt-acquire-additional-files;</para>
 </refsect1>

 &manbugs;

</refentry>