Section: APT (5)
Updated: 18 January 2014
The source list /etc/apt/sources.list is designed to support any number of active sources and a variety of source media. The file lists one source per line, with the most preferred source listed first. The information available from the configured sources is acquired by apt-get update (or by an equivalent command from another APT front-end).
Each line specifying a source starts with type (e.g. deb-src) followed by options and arguments for this type. Individual entries cannot be continued onto a following line. Empty lines are ignored, and a # character anywhere on a line marks the remainder of that line as a comment.
The /etc/apt/sources.list.d directory provides a way to add sources.list entries in separate files. The format is the same as for the regular sources.list file. File names need to end with .list and may only contain letters (a-z and A-Z), digits (0-9), underscore (_), hyphen (-) and period (.) characters. Otherwise APT will print a notice that it has ignored a file, unless that file matches a pattern in the Dir::Ignore-Files-Silently configuration list - in which case it will be silently ignored.
THE DEB AND DEB-SRC TYPES
The deb type references a typical two-level Debian archive, distribution/component. The distribution is generally an archive name like stable or testing or a codename like jessie or stretch while component is one of main, contrib or non-free. The deb-src type references a Debian distribution's source code in the same form as the deb type. A deb-src line is required to fetch source indexes.
The format for a sources.list entry using the deb and deb-src types is:
deb [ options ] uri suite [component1] [component2] [...]
Alternatively a rfc822 style format is also supported:
Types: deb deb-src URIs: http://example.com Suites: stable testing Sections: component1 component2 Description: short long long long [option1]: [option1-value]
Types: deb URIs: http://another.example.com Suites: experimental Sections: component1 component2 Enabled: no Description: short long long long [option1]: [option1-value]
The URI for the deb type must specify the base of the Debian distribution, from which APT will find the information it needs. suite can specify an exact path, in which case the components must be omitted and suite must end with a slash (/). This is useful for the case when only a particular sub-section of the archive denoted by the URI is of interest. If suite does not specify an exact path, at least one component must be present.
suite may also contain a variable, $(ARCH) which expands to the Debian architecture (such as amd64 or armel) used on the system. This permits architecture-independent sources.list files to be used. In general this is only of interest when specifying an exact path, APT will automatically generate a URI with the current architecture otherwise.
In the traditional style sources.list format since only one distribution can be specified per line it may be necessary to have multiple lines for the same URI, if a subset of all available distributions or components at that location is desired. APT will sort the URI list after it has generated a complete set internally, and will collapse multiple references to the same Internet host, for instance, into a single connection, so that it does not inefficiently establish an FTP connection, close it, do something else, and then re-establish a connection to that same host. This feature is useful for accessing busy FTP sites with limits on the number of simultaneous anonymous users. APT also parallelizes connections to different hosts to more effectively deal with sites with low bandwidth.
options is always optional and needs to be surrounded by square brackets. It can consist of multiple settings in the form setting=value. Multiple settings are separated by spaces. The following settings are supported by APT (note however that unsupported settings will be ignored silently):
- • arch=arch1,arch2,... can be used to specify for which architectures information should be downloaded. If this option is not set all architectures defined by the APT
- :Architectures option will be downloaded.:
- • arch+=arch1,arch2,... and arch-=arch1,arch2,... which can be used to add/remove architectures from the set which will be downloaded.
- • trusted=yes can be set to indicate that packages from this source are always authenticated even if the Release file is not signed or the signature can't be checked. This disables parts of apt-secure?(8) and should therefore only be used in a local and trusted context. trusted=no is the opposite which handles even correctly authenticated sources as not authenticated.
It is important to list sources in order of preference, with the most preferred source listed first. Typically this will result in sorting by speed from fastest to slowest (CD-ROM followed by hosts on a local network, followed by distant Internet hosts, for example).
The currently recognized URI types are:
- The file scheme allows an arbitrary directory in the file system to be considered an archive. This is useful for NFS mounts and local mirrors or archives.
- The cdrom scheme allows APT to use a local CD-ROM drive with media swapping. Use the apt-cdrom?(8) program to create cdrom entries in the source list.
- The http scheme specifies an HTTP server for the archive. If an environment variable http_proxy is set with the format http://server:port/, the proxy server specified in http_proxy will be used. Users of authenticated HTTP/1.1 proxies may use a string of the format http://user:[email protected]:port/. Note that this is an insecure method of authentication.
- The ftp scheme specifies an FTP server for the archive. APT's FTP behavior is highly configurable; for more information see the (5) manual page. Please note that an FTP proxy can be specified by using the ftp_proxy environment variable. It is possible to specify an HTTP proxy (HTTP proxy servers often understand FTP URLs) using this environment variable and only this environment variable. Proxies using HTTP specified in the configuration file will be ignored.
- The copy scheme is identical to the file scheme except that packages are copied into the cache directory instead of used directly at their location. This is useful for people using removable media to copy files around with APT.
- The rsh/ssh method invokes RSH/SSH to connect to a remote host and access the files as a given user. Prior configuration of rhosts or RSA keys is recommended. The standard find and dd commands are used to perform the file transfers from the remote host.
adding more recognizable URI types
- APT can be extended with more methods shipped in other optional packages, which should follow the naming scheme apt-transport-method. For instance, the APT team also maintains the package apt-transport-https, which provides access methods for HTTPS URIs with features similar to the http method. Methods for using e.g. debtorrent are also available - see apt-transport-debtorrent?(1).
Uses the archive stored locally (or NFS mounted) at /home/jason/debian for stable/main, stable/contrib, and stable/non-free.
deb file:/home/jason/debian stable main contrib non-free
As above, except this uses the unstable (development) distribution.
deb file:/home/jason/debian unstable main contrib non-free
Source line for the above
deb-src file:/home/jason/debian unstable main contrib non-free
The first line gets package information for the architectures in APT::Architectures while the second always retrieves amd64 and armel.
Uses HTTP to access the archive at archive.debian.org, and uses only the hamm/main area.
deb http://archive.debian.org/debian-archive hamm main
Uses FTP to access the archive at ftp.debian.org, under the debian directory, and uses only the jessie/contrib area.
deb ftp://ftp.debian.org/debian jessie contrib
Uses FTP to access the archive at ftp.debian.org, under the debian directory, and uses only the unstable/contrib area. If this line appears as well as the one in the previous example in sources.list a single FTP session will be used for both resource lines.
deb ftp://ftp.debian.org/debian unstable contrib
Uses HTTP to access the archive at ftp.tlh.debian.org, under the universe directory, and uses only files found under unstable/binary-i386 on i386 machines, unstable/binary-amd64 on amd64, and so forth for other supported architectures. [Note this example only illustrates how to use the substitution variable; official debian archives are not structured like this]
deb http://ftp.tlh.debian.org/universe unstable/binary-$(ARCH)/
- APT bug page