Manual browser: pkg_install.conf(5)
PKG_INSTALL.CONF(5) | File Formats Manual | PKG_INSTALL.CONF(5) |
NAME
pkg_install.conf — configuration file for package installation toolsDESCRIPTION
The file pkg_install.conf contains system defaults for the package installation tools as a list of variable-value pairs. Each line has the format VARIABLE=VALUE. If the value consists of more than one line, each line is prefixed with VARIABLE=.The current value of a variable can be checked by running
pkg_admin config-var VARIABLE
Some variables are overriden by environmental variables of the same name. Those are marked by (*).
The following variables are supported:
- ACCEPTABLE_LICENSES
- Space-separated list of licenses packages are allowed to carry. License names are case-sensitive.
- ACTIVE_FTP
- Force the use of active FTP.
- CACHE_INDEX
- Cache directory listenings in memory. This avoids retransfers of the large directory index for HTTP and is enabled by default.
- CERTIFICATE_ANCHOR_PKGS
- Path to the file containing the certificates used for validating binary packages. A package is trusted when a certificate chain ends in one of the certificates contained in this file. The certificates must be PEM-encoded.
- CERTIFICATE_ANCHOR_PKGVULN
- Analogous to CERTIFICATE_ANCHOR_PKGS. The pkg-vulnerabilities is trusted when a certificate chain ends in one of the certificates contained in this file.
- CERTIFICATE_CHAIN
- Path to a file containing additional certificates that can be used for completing certificate chains when validating binary packages or pkg-vulnerabilities files.
- CHECK_LICENSE
-
Check the license conditions of packages before installing them. Supported values are:
- no
- The check is not performed.
- yes
- The check is performed if the package has license conditions set.
- always
- Passing the license check is required. Missing license conditions are considered an error.
- CHECK_END_OF_LIFE
- During vulnerability checks, consider packages that have reached end-of-life as vulnerable. This option is enabled by default.
- CHECK_VULNERABILITIES
-
Check for vulnerabilities when installing packages. Supported values are:
- never
- No check is performed.
- always
- Passing the vulnerability check is required. A missing pkg-vulnerabilities file is considered an error.
- interactive
- The user is always asked to confirm installation of vulnerable packages.
- CONFIG_CACHE_CONNECTIONS
- Limit the global connection cache to this value. For FTP, this is the number of sessions without active command. For HTTP, this is the number of connections open with keep-alive.
- CONFIG_CACHE_CONNECTIONS_HOST
- Like CONFIG_CACHE_CONNECTIONS, but limit the number of connections to the host as well. See fetch(3) for further details
- DEFAULT_ACCEPTABLE_LICENSES
- Space-separated list of common Free and Open Source licenses packages are allowed to carry. The default value contains all OSI approved licenses in pkgsrc on the date pkg_install was released. License names are case-sensitive.
- GPG
-
Path to gpg(1), which can be used to verify the signature in the pkg-vulnerabilities file when running
pkg_admin check-pkg-vulnerabilities -s
pkg_admin fetch-pkg-vulnerabilities -s
- GPG_KEYRING_PKGVULN
- Non-default keyring to use for verifying GPG signatures of pkg-vulnerabilities.
- GPG_KEYRING_SIGN
- Non-default keyring to use for signing packages with GPG.
- GPG_KEYRING_VERIFY
- Non-default keyring to use for verifying GPG signature of packages.
- GPG_SIGN_AS
- User-id to use for signing packages.
- IGNORE_PROXY
- Use direct connections and ignore FTP_PROXY and HTTP_PROXY.
- IGNORE_URL
-
One line per advisory which should be ignored when running
pkg_admin audit
- PKG_DBDIR (*)
- Location of the packages database. This option is always overriden by the argument of the -K option.
- PKG_PATH (*)
- Search path for packages. The entries are separated by semicolon. Each entry specifies a directory or URL to search for packages.
- PKG_REFCOUNT_DBDIR (*)
- Location of the package reference counts database directory. The default value is ${PKG_DBDIR}.refcount.
- PKGVULNDIR
- Directory name in which the pkg-vulnerabilities file resides. Default is ${PKG_DBDIR}.
- PKGVULNURL
-
URL which is used for updating the local pkg-vulnerabilities file when running
pkg_admin fetch-pkg-vulnerabilities
- VERBOSE_NETIO
- Log details of network IO to stderr.
- VERIFIED_INSTALLATION
-
Set trust level used when installation. Supported values are:
- never
- No signature checks are performed.
- always
- A valid signature is required. If the binary package can not be verified, the installation is terminated
- trusted
- A valid signature is required. If the binary package can not be verified, the user is asked interactively.
- interactive
- The user is always asked interactively when installing a package.
FILES
- /etc/pkg_install.conf
- Default location for the file described in this manual page.
February 22, 2012 | NetBSD 7.0 |