David Kalnischkies wrote:
> Justin B Rye wrote:
>>> "It provides the same functionality as the specialized APT tools,\n"
>>> "like apt-get and apt-cache, but enables options more suitable for\n"
>>> "interactive use by default.\n"
>>> msgstr ""
>>
>> Which specialised APT tools are like apt-get and apt-cache? apt
>> doesn't provide the same functionality as apt-mark, for instance, does
>> it? If it's intended as an exhaustive list I would recommend just
>>
>> "[...] the specialized APT tools\n"
>> "apt-get and apt-cache, [...]
>>
>> If we're allowing for the possibility that it *will* swallow apt-mark,
>> then I suppose that's
>>
>> "[...] the specialized APT tools,\n"
>> "such as apt-get and apt-cache, [...]
>
> apt is probably not going to swallow apt-mark as such, but it is also
> likely to not stop with just apt-get and -cache, so I am opting for
> possibilities as an exhausting list would eventually annoy translators.
(Correcting "like" to "such as" is a bit pedantic, and rarely
necessary to avoid misunderstanding. Here in theory somebody might
read it as "It [i.e. apt], like apt-get and apt-cache, provides the
same functionality as the specialized APT tools [meaning some *other*
set of commands]". But if rephrasing it is at all difficult then it
isn't really worth worrying about.)
[...]
>>> "Updating such a repository securily is impossible and therefore disabled by "
>>> "default."
[...]
> So, what it is trying to say is: APT wanted to update this repository, but it
(You mean "update (itself) from" or "update its cache for" this
repository; I don't have the privileges to update ftp.debian.org!)
> couldn't in a secure way, so we ignore whatever we got from this repository and
> use the data we already have on disk for this repository. There is an option to
> allow apt to get the updates anyway ignoring the security aspect (which for
> backward compatibility reasons is enabled by default for apt-get – at least for
> stretch it will be that way) turning this error into a warning:
>
> # apt-get update
> [… many Ign/Get/Hit/Err lines …]
> W: The repository '$APTARCHIVE' does not have a Release file.
> N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
> N: See apt-secure(8) manpage for repository creation and user configuration details.
>
> The matter is rather technical and complicated, but the general takeaway should
> be that this is superbad and if someone really wants details go read the manpage.
>
> I would take your last suggestion, but with all these options now I am not even
> sure anymore if such a line wouldn't suggest that the repository is disabled
> (forever), rather than apt just ignoring its existence for self-protection as
> long as it isn't behaving as apt expects it.
Yes; I was hoping that "Updating [...] is disabled [...]" would be
clear enough, but it would be safer to stick to something like
"Updating from such a repository cannot be done securely, and is therefore "
"disabled by default."
Okay, now onward through a commented diff of the XML files:
> diff -ru pristine/apt.8.xml modified/apt.8.xml
> --- pristine/apt.8.xml 2015-11-21 16:06:47.000000000 +0000
> +++ modified/apt.8.xml 2015-11-21 16:40:48.824899321 +0000
> @@ -72,7 +72,7 @@
> <varlistentry><term><option>install</option>, <option>remove</option>, <option>purge</option> (&apt-get;)</term>
> <listitem><para>Performs the requested action on one or more packages
> specified via ®ex;, &glob; or exact match. The requested action
> - can be overidden for specific packages by append a plus (+) to the
> + can be overridden for specific packages by appending a plus (+) to the
> package name to install this package or a minus (-) to remove it.
> </para><para>
> A specific version of a package can be selected for installation by
Simple grammar fix. Oh, wait, nearly missed the typo in "overidden".
(I'm always surprised that this doesn't cause problems for people
trying to switch from memtest86+ to memtest86...)
> @@ -85,11 +85,11 @@
> </para><para>
> Removing a package removes all packaged data, but leaves usually
> small (modified) user configuration files behind, in case the
> - remove was an accident. Just issuing an installtion request for the
> - accidentally removed package will restore it funcation as before in
> - that case. On the other hand you can get right of these leftovers
> - via calling <command>purge</command> even on already removed
> - packages. Note that this does not effect any data or configuration
> + remove was an accident. Just issuing an installation request for the
> + accidentally removed package will restore its function as before in
> + that case. On the other hand you can get rid of these leftovers
> + by calling <command>purge</command> even on already removed
> + packages. Note that this does not affect any data or configuration
> stored in your home directory.
> </para></listitem>
> </varlistentry>
An outbreak of typos. "Via" isn't really an error, but if I was
changing every other line I might as well tweak that word choice too.
> @@ -101,17 +101,17 @@
> and are now no longer needed as dependencies changed or the package(s)
> needing them were removed in the meantime.
> </para><para>
> - Try to ensure that the list does not include applications you have
> - grown to like even through they there once installed just as a
> + You should check that the list does not include applications you have
> + grown to like even though they were once installed just as a
Given that we're addressing the user as "you" we might as well have a
"you should" instead of a bare imperative. Oh, and an ough-word typo.
> dependency of another package. You can mark such a package as manually
> installed by using &apt-mark;. Packages which you have installed explicitly
> - via <command>install</command> are never proposed for automatic removal as well.
> + via <command>install</command> are also never proposed for automatic removal.
> </para></listitem>
> </varlistentry>
"As well" makes me think "removal as well as what?".
> <varlistentry><term><option>search</option> (&apt-cache;)</term>
> <listitem><para><option>search</option> can be used to search for the given
> - ®ex; term(s) in the list of the available packages and display
> + ®ex; term(s) in the list of available packages and display
> matches. This can e.g. be useful if you are looking for packages
> having a specific feature. If you are looking for a package
> including a specific file try &apt-file;.
Surplus article.
> @@ -122,7 +122,7 @@
> <listitem><para>Show information about the given package(s) including
> its dependencies, installation and download size, sources the
> package is available from, the description of the packages content
> - and many more. It can e.g. be helpful to look at this information
> + and much more. It can e.g. be helpful to look at this information
> before allowing &apt; to remove a package or while searching for
> new packages to install.
> </para></listitem>
Information is a non-count noun ("stuff" rather than "things"), so you
can't have many of it.
> @@ -149,18 +149,18 @@
> </variablelist>
> </refsect1>
>
> - <refsect1><title>Script usage and Differences to other APT tools</title>
> + <refsect1><title>Script Usage and Differences from Other APT Tools</title>
I'm imposing titlecase on the titles. I'm not sure if there's any
point (after all, manpages just uppercase the whole thing), and I
personally find the anglophone titlecase rules annoying, but just for
consistency with the "See Also"s...
> <para>
> - The &apt; commandline is designed as a end-user tool and it may
> - change behaviour between versions. While it tries to not break
> - backward compatibility there is no guarantee for it either if it
> - seems benefitial for interactive use.
> + The &apt; commandline is designed as an end-user tool and it may
> + change behavior between versions. While it tries not to break
> + backward compatibility this is not guaranteed either if a change
> + seems beneficial for interactive use.
Several typos and a case of en_US standardization, so while I was
changing everything else I rephrased the second sentence.
> </para><para>
> All features of &apt; are available in dedicated APT tools like &apt-get;
> and &apt-cache; as well. &apt; just changes the default value of some
> - options (see &apt-conf; and specifically the Binary scope). So prefer using
> - these commands (potentially with some additional options enabled) in your
> - scripts as they keep backward compatibility as much as possible.
> + options (see &apt-conf; and specifically the Binary scope). So you should
> + prefer using these commands (potentially with some additional options
> + enabled) in your scripts as they keep backward compatibility as much as possible.
> </para>
> </refsect1>
Again preferring a "should" to a command. Next file:
> diff -ru pristine/apt-mark.8.xml modified/apt-mark.8.xml
> --- pristine/apt-mark.8.xml 2015-11-21 16:07:15.000000000 +0000
> +++ modified/apt-mark.8.xml 2015-11-21 17:45:43.689755629 +0000
> @@ -32,19 +32,19 @@
> &synopsis-command-apt-mark;
>
> <refsect1><title>Description</title>
> - <para><command>apt-mark</command> can be used as a unified frontend to set
> - various settings for a package like marking a package as being
> + <para><command>apt-mark</command> can be used as a unified front-end to set
> + various settings for a package, such as marking a package as being
> automatically/manually installed or changing <command>dpkg</command>
> selections such as hold, install, deinstall and purge which are respected
> e.g. by <command>apt-get dselect-upgrade</command> or <command>aptitude</command>.
> </para>
Standardising towards hyphenated "-end"s, and rephrasing for clarity
at the start of a rather complicated compound sentence.
> - </refsect1><refsect1><title>Automatically and manually installed packages</title>
> + </refsect1><refsect1><title>Automatically and Manually Installed Packages</title>
Titlecase.
> <para>
> When you request that a package is installed, and as a result
> other packages are installed to satisfy its dependencies, the
> - dependencies are marked as being automatically installed, while
> - package you installed explicitely is marked as manually installed.
> - Once a automatically installed package is no longer depended on
> + dependencies are marked as being automatically installed, while the
> + package you installed explicitly is marked as manually installed.
> + Once an automatically installed package is no longer depended on
> by any manually installed package it is considered no longer needed
> and e.g. <command>apt-get</command> or <command>aptitude</command>
> will at least suggest removing them.
Again one per line: extra article, recurring typo, morphophonology.
> @@ -97,7 +97,7 @@
> </variablelist>
> </refsect2>
>
> - </refsect1><refsect1><title>Prevent changes for a package</title>
> + </refsect1><refsect1><title>Prevent Changes for a Package</title>
> <variablelist>
> <varlistentry><term><option>hold</option></term>
> <listitem><para><literal>hold</literal> is used to mark a
More titlecasing, and again:
> @@ -118,11 +118,11 @@
> </para></listitem>
> </varlistentry>
> </variablelist>
> - </refsect1><refsect1><title>Shedule packages for install, remove and purge</title>
> + </refsect1><refsect1><title>Schedule Packages for Install, Remove and Purge</title>
> <para>
> - Some frontends like <command>apt-get dselect-upgrade</command> can be used to
> - apply previously sheduled changes to the install state of packages. Such changes
> - can be sheduled with the <option>install</option>, <option>remove</option>
> + Some front-ends like <command>apt-get dselect-upgrade</command> can be used to
> + apply previously scheduled changes to the install state of packages. Such changes
> + can be scheduled with the <option>install</option>, <option>remove</option>
> (also known as <option>deinstall</option>) and <option>purge</option> commands.
All those sheds need to be scheds, and hyphenate the -end. Next file:
> diff -ru pristine/apt-secure.8.xml modified/apt-secure.8.xml
> --- pristine/apt-secure.8.xml 2015-11-21 16:07:02.000000000 +0000
> +++ modified/apt-secure.8.xml 2015-11-21 17:45:46.865660688 +0000
> @@ -52,9 +52,9 @@
> </para>
>
> <para>
> - If an archive doesn't have a signed Release file or no Release file at all
> + If an archive has an unsigned Release file or no Release file at all
Unknot the nots.
> current APT versions will raise a warning in <command>update</command>
> - operations and frontends like <command>apt-get</command> will require
> + operations and front-ends like <command>apt-get</command> will require
> explicit confirmation if an installation request includes a package from
> such an unauthenticated archive.
> </para>
Hyphenating -ends, and again:
> @@ -67,13 +67,13 @@
> </para>
>
> <para>
> - Note: All APT-based package management frontends like &apt-get;, &aptitude;
> + Note: All APT-based package management front-ends like &apt-get;, &aptitude;
> and &synaptic; support this authentication feature, so this manpage uses
> <literal>APT</literal> to refer to them all for simplicity only.
> </para>
> </refsect1>
>
> - <refsect1><title>Trusted repositories</title>
> + <refsect1><title>Trusted Repositories</title>
Titlecase.
> <para>
> The chain of trust from an APT archive to the end user is made up of
> @@ -91,10 +91,10 @@
> devscripts packages respectively).</para>
>
> <para>
> - The chain of trust in Debian e.g. starts when a maintainer uploads a new
> + The chain of trust in Debian starts (e.g.) when a maintainer uploads a new
Examples imply the existence of alternatives, and saying "e.g. starts"
suggests that the chain of trust might equally well *end* like that.
> package or a new version of a package to the Debian archive. In
> order to become effective, this upload needs to be signed by a key
> - contained in one of the Debian package maintainers keyrings (available in
> + contained in one of the Debian package maintainer keyrings (available in
> the debian-keyring package). Maintainers' keys are signed by
> other maintainers following pre-established procedures to
> ensure the identity of the key holder. Similar procedures exist in all
If the keyrings belong to maintainers, there needs to be an
apostrophe, and then it might be saying "one of the keyrings of one of
the maintainers". I've avoided the issue by turning it into an
uninflected noun-stack.
> @@ -144,14 +144,14 @@
> this mechanism can complement a per-package signature.</para>
> </refsect1>
>
> - <refsect1><title>User configuration</title>
> + <refsect1><title>User Configuration</title>
Titlecase.
> <para>
> <command>apt-key</command> is the program that manages the list of keys used
> by APT to trust repositories. It can be used to add or remove keys as well
> as list the trusted keys. Limiting which key(s) are able to sign which archive
> is possible via the <option>Signed-By</option> in &sources-list;.
> </para><para>
> - Note that a default installation already contains all keys to securily
> + Note that a default installation already contains all keys to securely
> acquire packages from the default repositories, so fiddling with
> <command>apt-key</command> is only needed if third-party repositories are
> added.
Recurring typo.
> @@ -165,7 +165,7 @@
> </para>
> </refsect1>
>
> -<refsect1><title>Archive configuration</title>
> +<refsect1><title>Archive Configuration</title>
> <para>
> If you want to provide archive signatures in an archive under your
> maintenance you have to:
Titlecase.
> @@ -182,7 +182,7 @@
> <command>gpg -abs -o Release.gpg Release</command>.</para></listitem>
>
> <listitem><para>
> - <emphasis>Publish the key fingerprint</emphasis>, that way your users
> + <emphasis>Publish the key fingerprint</emphasis>, so that your users
> will know what key they need to import in order to authenticate the files
> in the archive. It is best to ship your key in its own keyring package
> like &keyring-distro; does with &keyring-package; to be able to
Avoid comma-splice.
> @@ -191,10 +191,10 @@
>
> <listitem><para>
> <emphasis>Provide instructions on how to add your archive and key</emphasis>.
> - If your users can't acquire your key securily the chain of trust described above is broken.
> + If your users can't acquire your key securely the chain of trust described above is broken.
That typo again.
> How you can help users add your key depends on your archive and target audience ranging
> from having your keyring package included in another archive users already have configured
> - (like the default repositories of their distribution) to leverage the web of trust.
> + (like the default repositories of their distribution) to leveraging the web of trust.
> </para></listitem>
Ranging from havING one thing done to doING something else.
> </itemizedlist>
> @@ -215,7 +215,7 @@
> <ulink
> url="https://www.debian.org/doc/manuals/securing-debian-howto/ch7";>Debian
> Security Infrastructure</ulink> chapter of the Securing Debian Manual
> -(available also in the harden-doc package) and the
> +(also available in the harden-doc package) and the
> <ulink url="http://www.cryptnet.net/fdp/crypto/strong_distro.html";
> >Strong Distribution HOWTO</ulink> by V. Alex Brennen. </para>
(harden-doc missed Jessie, but it seems to be alive.)
Next the big one:
> diff -ru pristine/sources.list.5.xml modified/sources.list.5.xml
> --- pristine/sources.list.5.xml 2015-11-21 16:07:08.000000000 +0000
> +++ modified/sources.list.5.xml 2015-11-21 18:50:58.813232004 +0000
> @@ -31,12 +31,13 @@
>
> <refsect1><title>Description</title>
> <para>
> - The source list <filename>/etc/apt/sources.list</filename> and the the
> + The source list <filename>/etc/apt/sources.list</filename> and the
Avoid eighties pop reference.
> files contained in <filename>/etc/apt/sources.list.d/</filename> are
> designed to support any number of active sources and a variety of source
> - media. The files list one source per line (one line style) or contain multiline
> + media. The files list one source per line (one-line style) or contain multiline
I'm consistently hyphenating "one-line" when it's a compound preposed
modifier, and then adding an extra hyphen when the whole phrase
"one-line-style" is used that way. Here it's just one-hyphen style...
> stanzas defining one or more sources per stanza (deb822 style), with the
> - most preferred source listed first (in case a single version is available from more than one source). The information available from the
> + most preferred source listed first (in case a single version is
> + available from more than one source). The information available from the
> configured sources is acquired by <command>apt-get update</command> (or
> by an equivalent command from another APT front-end).
> </para>
Oh! That was an accident, but keep it.
> @@ -55,7 +56,7 @@
> configuration list - in which case it will be silently ignored.</para>
> </refsect1>
>
> - <refsect1><title>one line style format</title>
> + <refsect1><title>One-Line-Style Format</title>
Hyphenation and titlecasing.
> <para>
> Files in this format have the extension <filename>.list</filename>.
> Each line specifying a source starts with a type (e.g. <literal>deb-src</literal>)
> @@ -71,27 +72,27 @@
> included in the line after the type separated from it with a space.
> If an option allows multiple values these are separated from each other
> with a comma (<literal>,</literal>). An option name is separated from its
> - value(s) by a equal sign (<literal>=</literal>). Multivalue options have
> - also <literal>-=</literal> and <literal>+=</literal> as separator which
> + value(s) by an equals sign (<literal>=</literal>). Multivalue options also
> + have <literal>-=</literal> and <literal>+=</literal> as separators, which
> instead of replacing the default with the given value(s) modify the default
> value(s) to remove or include the given values.
"An" before a vowel, shifting "also", and multiple separators.
> </para><para>
> This is the traditional format and supported by all apt versions.
> Note that not all options as described below are supported by all apt versions.
> - Note also that some older applications parsing this format on its own might not
> + Note also that some older applications parsing this format on their own might not
> expect to encounter options as they were uncommon before the introduction of
> multi-architecture support.
> </para>
> </refsect1>
Plural apps, so plural pronoun. Perhaps it should be something like
"for themselves"?
> - <refsect1><title>deb822 style format</title>
> + <refsect1><title>deb822-Style Format</title>
Again hyphenating "foo-style" where it's modifying a following noun.
> <para>
> Files in this format have the extension <filename>.sources</filename>.
> The format is similar in syntax to other files used by Debian and its
> - derivatives, like the metadata itself apt will download from the configured
> + derivatives, such as the metadata files that apt will download from the configured
> sources or the <filename>debian/control</filename> file in a Debian source package.
Here there's some risk people might read "like" as "resembling but not
including". The "itself" didn't really fit either.
>
> - Individual entries are separated by an empty line, additional empty
> + Individual entries are separated by an empty line; additional empty
> lines are ignored, and a <literal>#</literal> character at the start of
> the line marks the entire line as a comment. An entry can hence be
> disabled by commenting out each line belonging to the stanza, but it is
Comma-splice fixed the lazy way.
> @@ -101,26 +102,26 @@
> Options have the same syntax as every other field: A fieldname separated by
> a colon (<literal>:</literal>) and optionally spaces from its value(s).
> Note especially that multiple values are separated by spaces, not by
> - commas as in the one line format. Multivalue fields like <literal>Architectures</literal>
> + commas as in the one-line format. Multivalue fields like <literal>Architectures</literal>
> also have <literal>Architectures-Add</literal> and <literal>Architectures-Remove</literal>
> to modify the default value rather than replacing it.
Hyphenification.
> </para><para>
> This is a new format supported by apt itself since version 1.1. Previous
> versions ignore such files with a notice message as described earlier.
> - It is intended to make this format gradually the default format and
> - deprecating the previously described one line style format as it is
> - easier to create, extend and modify by humans and machines alike
> + It is intended to make this format gradually the default format,
> + deprecating the previously described one-line-style format, as it is
> easier to create, extend and modify for humans and machines alike
> especially if a lot of sources and/or options are involved.
Extra commas to mark out the part that forms a parenthetical clause,
s/by/for/ because it's "easier to [do] for [them]".
>
> Developers who are working with and/or parsing apt sources are highly
> encouraged to add support for this format and to contact the APT team
> to coordinate and share this work. Users can freely adopt this format
> - already, but could encounter problems with software not supporting
> + already, but may encounter problems with software not supporting
> the format yet.
> </para>
> </refsect1>
Again, risks are usually things that "may" rather than "can" happen.
>
> - <refsect1><title>The deb and deb-src types: General Format</title>
> + <refsect1><title>The deb and deb-src Types: General Format</title>
> <para>The <literal>deb</literal> type references a typical two-level Debian
> archive, <filename>distribution/component</filename>. The
> <literal>distribution</literal> is generally a suite name like
Titlecase...
> @@ -132,7 +133,7 @@
> code in the same form as the <literal>deb</literal> type.
> A <literal>deb-src</literal> line is required to fetch source indexes.</para>
>
> - <para>The format for two one line style entries using the
> + <para>The format for two one-line-style entries using the
> <literal>deb</literal> and <literal>deb-src</literal> types is:</para>
> <literallayout>deb [ option1=value1 option2=value2 ] uri suite [component1] [component2] [...]
Here's where that hyphenation starts to pay off...
> @@ -163,10 +164,10 @@
> which expands to the Debian architecture (such as <literal>amd64</literal> or
> <literal>armel</literal>) used on the system. This permits architecture-independent
> <filename>sources.list</filename> files to be used. In general this is only
> - of interest when specifying an exact path, <literal>APT</literal> will
> + of interest when specifying an exact path; <literal>APT</literal> will
> automatically generate a URI with the current architecture otherwise.</para>
Avoiding a comma-splice.
>
> - <para>Especially in the one line style format since only one distribution
> + <para>Especially in the one-line-style format, since only one distribution
> can be specified per line it may be necessary to have multiple lines for
> the same URI, if a subset of all available distributions or components at
> that location is desired. APT will sort the URI list after it has
> @@ -184,19 +185,19 @@
> network, followed by distant Internet hosts, for example).</para>
>
> <para>As an example, the sources for your distribution could look like this
> - in one line style format:
> + in one-line-style format:
> <literallayout>&sourceslist-list-format;</literallayout> or like this in
> deb822 style format:
> <literallayout>&sourceslist-sources-format;</literallayout></para>
> </refsect1>
Hyphenification.
> <refsect1><title>The deb and deb-src types: Options</title>
> - <para>Each source entry can have options specified modifying which and how
> - the source is accessed and data acquired from it. Format, syntax and names
> - of the options varies between the two formats one line and deb822 style
> - as described, but they have both the same options available. For simplicity
> - we list the deb822 fieldname and provide the one line name in brackets.
> - Remember that beside setting multivalue options explicitly, there is also
> + <para>Each source entry can have options specified to modify which source
> + is accessed and how data is acquired from it. Format, syntax and names
> + of the options vary between the one-line-style and deb822-style formats
> + as described, but they both have the same options available. For simplicity
> + we list the deb822 fieldname and provide the one-line name in brackets.
> + Remember that besides setting multivalue options explicitly, there is also
> the option to modify them based on the default, but we aren't listing those
> names explicitly here. Unsupported options are silently ignored by all
> APT versions.
That first sentence made my head hurt - I hope I've interpreted it
correctly. Then the underhyphenated appositional phrase was pretty
tricky too. Oh, and the adverb is "besides".
I would complain about the repeated "explicitly", but I'm just glad to
see it spelled correctly.
> @@ -211,7 +212,7 @@
>
> <listitem><para><option>Languages</option>
> (<option>lang</option>) is a multivalue option defining for
> - which languages information like translated package
> + which languages information such as translated package
> descriptions should be downloaded. If this option isn't set
> the default is all languages as defined by the
> <option>Acquire::Languages</option> config option.
Another slightly confusing use of "like".
> @@ -222,7 +223,7 @@
> which download targets apt will try to acquire from this
> source. If not specified, the default set is defined by the
> <option>Acquire::IndexTargets</option> configuration scope.
> - Aditionally, specific targets can be enabled or disabled by
> + Additionally, specific targets can be enabled or disabled by
> using the identifier as field name instead of using this
> multivalue option.
> </para></listitem>
Trivial typo.
> @@ -234,19 +235,22 @@
> doesn't announce the availability of PDiffs. Defaults to the
> value of the option with the same name for a specific index file
> defined in the <option>Acquire::IndexTargets</option> scope,
> - which itself default to the value of configuration option
> + which itself defaults to the value of configuration option
> <option>Acquire::PDiffs</option> which defaults to
> <literal>yes</literal>.
> </para></listitem>
Agreement error.
> <listitem><para><option>By-Hash</option> (<option>by-hash</option>)
> - can have the value "yes", "no" or "force" and controls if APT
> - should try to acquire indexes via an URI constructed from a
> + can have the value <literal>yes</literal>, <literal>no</literal>
> + or <literal>force</literal> and controls if APT
> + should try to acquire indexes via a URI constructed from a
The following paragraph wraps its values in <literal> tags, so I'm
assuming that's standard. And it's "a you are eye".
> hashsum of the expected file instead of using the well-known
> stable filename of the index. Using this can avoid hashsum
> - mismatches, but requires a supporting mirror. The value
> - "yes"/"no" activates/disables the use of this feature if this
> - source indicates support for it, while "force" will enable the
> + mismatches, but requires a supporting mirror. A
> + <literal>yes</literal> or <literal>no</literal>
> + value activates/disables the use of this feature if this
> + source indicates support for it, while
> + <literal>force</literal> will enable the
> feature regardless of what the source indicates.
> Defaults to the value of the option of the same name for a
> specific index file defined in the
Avoid calling "yes"/"no" a single value, and wrap them in <literal>
tags.
> @@ -258,7 +262,7 @@
>
> </itemizedlist>
>
> - Further more, there are options which if set effect
> + Furthermore, there are options which if set affect
> <emphasis>all</emphasis> sources with the same URI and Suite, so they
> have to be set on all such entries and can not be varied between
> different components. APT will try to detect and error out on such
Two typos on one line.
> @@ -270,11 +274,11 @@
> is considered trusted or if warnings should be raised before e.g.
> packages are installed from this source. This option can be used
> to override this decision either with the value <literal>yes</literal>,
> - which lets APT consider this source always as a trusted source
> - even if it has no or fails authentication checks by disabling parts
> - of &apt-secure; and should therefore only be used in a local and trusted
> + which lets APT consider this source always as a trusted source,
> + even if it lacks or fails authentication checks, by disabling parts
> + of &apt-secure;. It should therefore only be used in a local and trusted
Needs heavier punctuation. "Has no or fails" is just confusing.
> context (if at all) as otherwise security is breached. The opposite
> - can be achieved with the value no, which causes the source to be handled
> + can be achieved with the value <literal>no<literal>, which causes the source to be handled
> as untrusted even if the authentication checks passed successfully.
> The default value can't be set explicitly.
> </para></listitem>
Literal tags.
> @@ -283,11 +287,11 @@
> is either an absolute path to a keyring file (has to be
> accessible and readable for the <literal>_apt</literal> user,
> so ensure everyone has read-permissions on the file) or a
> - fingerprint of a key in either the
> + fingerprint of a key either in the
> <filename>trusted.gpg</filename> keyring or in one of the
"Either in X or in Y", not "in either X or in Y".
> keyrings in the <filename>trusted.gpg.d/</filename> directory
> (see <command>apt-key fingerprint</command>). If the option is
> - set only the key(s) in this keyring or only the key with this
> + set, only the key(s) in this keyring or only the key with this
> fingerprint is used for the &apt-secure; verification of this
> repository. Otherwise all keys in the trusted keyrings are
> considered valid signers for this repository.
Slightly more punctuation.
> @@ -295,15 +299,15 @@
>
> <listitem><para><option>Check-Valid-Until</option> (<option>check-valid-until</option>)
> is a yes/no value which controls if APT should try to detect
> - replay attacks. A repository creator can declare until then the
It's a time "until when" (or here it works better with "which").
> - data provided in the repository should be considered valid and
> - if this time is reached, but no new data is provided the data
Needs more punctuation.
> - is considered expired and an error is raised. Beside
> - increasing security as a malicious attacker can't sent old data
Ditto, and a typo: s/sent/send/
> - forever denying a user to be able to upgrade to a new version,
> + replay attacks. A repository creator can declare a time until
> + which the data provided in the repository should be considered valid,
> + and if this time is reached, but no new data is provided, the data
> + is considered expired and an error is raised. Besides
> + increasing security, as a malicious attacker can't send old data
> + forever to prevent a user from upgrading to a new version,
That last part needed some rephrasing too.
> this also helps users identify mirrors which are no longer
> - updated. Some repositories like historic archives aren't
> - updated anymore by design through, so this check can be
> + updated. However, some repositories such as historic archives
> + are not updated any more by design, so this check can be
> disabled by setting this option to <literal>no</literal>.
> Defaults to the value of configuration option
> <option>Acquire::Check-Valid-Until</option> which itself
Typo (s/through/though/), and in fact replace it with a word that
gives better advance warning of which way the sentence is going.
> @@ -332,7 +336,7 @@
> </para>
> </refsect1>
>
> - <refsect1><title>URI specification</title>
> + <refsect1><title>URI Specification</title>
Titlecase.
>
> <para>The currently recognized URI types are:
> <variablelist>
> @@ -418,14 +422,13 @@
> Suites: unstable
> Components: main contrib non-free</literallayout>
>
> - <para>Source line for the above</para>
> + <para>Sources specification for the above.</para>
Because this isn't (all) in "line" format.
> <literallayout>deb-src file:/home/apt/debian unstable main contrib non-free</literallayout>
> <literallayout>Types: deb-src
> URIs: file:/home/apt/debian
> Suites: unstable
> Components: main contrib non-free</literallayout>
>
> -
> <para>The first line gets package information for the architectures in <literal>APT::Architectures</literal>
> while the second always retrieves <literal>amd64</literal> and <literal>armel</literal>.</para>
> <literallayout>deb http://httpredir.debian.org/debian &stable-codename; main
> @@ -434,7 +437,6 @@
> URIs: http://httpredir.debian.org/debian
> Suites: &stable-codename;
> Components: main
> -
> Types: deb
> URIs: http://httpredir.debian.org/debian
> Suites: &stable-codename;
Oh, accidentally squeezing blanks. Okay, done.
Thankyou, I've been short of things to proofread this month!
--
JBR with qualifications in linguistics, experience as a Debian
sysadmin, and probably no clue about this particular package
diff -ru pristine/apt.8.xml modified/apt.8.xml
--- pristine/apt.8.xml 2015-11-21 16:06:47.000000000 +0000
+++ modified/apt.8.xml 2015-11-21 21:46:36.929185657 +0000
@@ -72,7 +72,7 @@
<varlistentry><term><option>install</option>, <option>remove</option>, <option>purge</option> (&apt-get;)</term>
<listitem><para>Performs the requested action on one or more packages
specified via ®ex;, &glob; or exact match. The requested action
- can be overidden for specific packages by append a plus (+) to the
+ can be overridden for specific packages by appending a plus (+) to the
package name to install this package or a minus (-) to remove it.
</para><para>
A specific version of a package can be selected for installation by
@@ -85,11 +85,11 @@
</para><para>
Removing a package removes all packaged data, but leaves usually
small (modified) user configuration files behind, in case the
- remove was an accident. Just issuing an installtion request for the
- accidentally removed package will restore it funcation as before in
- that case. On the other hand you can get right of these leftovers
- via calling <command>purge</command> even on already removed
- packages. Note that this does not effect any data or configuration
+ remove was an accident. Just issuing an installation request for the
+ accidentally removed package will restore its function as before in
+ that case. On the other hand you can get rid of these leftovers
+ by calling <command>purge</command> even on already removed
+ packages. Note that this does not affect any data or configuration
stored in your home directory.
</para></listitem>
</varlistentry>
@@ -101,17 +101,17 @@
and are now no longer needed as dependencies changed or the package(s)
needing them were removed in the meantime.
</para><para>
- Try to ensure that the list does not include applications you have
- grown to like even through they there once installed just as a
+ You should check that the list does not include applications you have
+ grown to like even though they were once installed just as a
dependency of another package. You can mark such a package as manually
installed by using &apt-mark;. Packages which you have installed explicitly
- via <command>install</command> are never proposed for automatic removal as well.
+ via <command>install</command> are also never proposed for automatic removal.
</para></listitem>
</varlistentry>
<varlistentry><term><option>search</option> (&apt-cache;)</term>
<listitem><para><option>search</option> can be used to search for the given
- ®ex; term(s) in the list of the available packages and display
+ ®ex; term(s) in the list of available packages and display
matches. This can e.g. be useful if you are looking for packages
having a specific feature. If you are looking for a package
including a specific file try &apt-file;.
@@ -122,7 +122,7 @@
<listitem><para>Show information about the given package(s) including
its dependencies, installation and download size, sources the
package is available from, the description of the packages content
- and many more. It can e.g. be helpful to look at this information
+ and much more. It can e.g. be helpful to look at this information
before allowing &apt; to remove a package or while searching for
new packages to install.
</para></listitem>
@@ -149,18 +149,18 @@
</variablelist>
</refsect1>
- <refsect1><title>Script usage and Differences to other APT tools</title>
+ <refsect1><title>Script Usage and Differences from Other APT Tools</title>
<para>
- The &apt; commandline is designed as a end-user tool and it may
- change behaviour between versions. While it tries to not break
- backward compatibility there is no guarantee for it either if it
- seems benefitial for interactive use.
+ The &apt; commandline is designed as an end-user tool and it may
+ change behavior between versions. While it tries not to break
+ backward compatibility this is not guaranteed either if a change
+ seems beneficial for interactive use.
</para><para>
All features of &apt; are available in dedicated APT tools like &apt-get;
and &apt-cache; as well. &apt; just changes the default value of some
- options (see &apt-conf; and specifically the Binary scope). So prefer using
- these commands (potentially with some additional options enabled) in your
- scripts as they keep backward compatibility as much as possible.
+ options (see &apt-conf; and specifically the Binary scope). So you should
+ prefer using these commands (potentially with some additional options
+ enabled) in your scripts as they keep backward compatibility as much as possible.
</para>
</refsect1>
diff -ru pristine/apt-mark.8.xml modified/apt-mark.8.xml
--- pristine/apt-mark.8.xml 2015-11-21 16:07:15.000000000 +0000
+++ modified/apt-mark.8.xml 2015-11-21 20:38:35.001744810 +0000
@@ -32,19 +32,19 @@
&synopsis-command-apt-mark;
<refsect1><title>Description</title>
- <para><command>apt-mark</command> can be used as a unified frontend to set
- various settings for a package like marking a package as being
+ <para><command>apt-mark</command> can be used as a unified front-end to set
+ various settings for a package, such as marking a package as being
automatically/manually installed or changing <command>dpkg</command>
selections such as hold, install, deinstall and purge which are respected
e.g. by <command>apt-get dselect-upgrade</command> or <command>aptitude</command>.
</para>
- </refsect1><refsect1><title>Automatically and manually installed packages</title>
+ </refsect1><refsect1><title>Automatically and Manually Installed Packages</title>
<para>
When you request that a package is installed, and as a result
other packages are installed to satisfy its dependencies, the
- dependencies are marked as being automatically installed, while
- package you installed explicitely is marked as manually installed.
- Once a automatically installed package is no longer depended on
+ dependencies are marked as being automatically installed, while the
+ package you installed explicitly is marked as manually installed.
+ Once an automatically installed package is no longer depended on
by any manually installed package it is considered no longer needed
and e.g. <command>apt-get</command> or <command>aptitude</command>
will at least suggest removing them.
@@ -97,7 +97,7 @@
</variablelist>
</refsect2>
- </refsect1><refsect1><title>Prevent changes for a package</title>
+ </refsect1><refsect1><title>Prevent Changes for a Package</title>
<variablelist>
<varlistentry><term><option>hold</option></term>
<listitem><para><literal>hold</literal> is used to mark a
@@ -118,11 +118,11 @@
</para></listitem>
</varlistentry>
</variablelist>
- </refsect1><refsect1><title>Shedule packages for install, remove and purge</title>
+ </refsect1><refsect1><title>Schedule Packages for Install, Remove and Purge</title>
<para>
- Some frontends like <command>apt-get dselect-upgrade</command> can be used to
- apply previously sheduled changes to the install state of packages. Such changes
- can be sheduled with the <option>install</option>, <option>remove</option>
+ Some front-ends like <command>apt-get dselect-upgrade</command> can be used to
+ apply previously scheduled changes to the install state of packages. Such changes
+ can be scheduled with the <option>install</option>, <option>remove</option>
(also known as <option>deinstall</option>) and <option>purge</option> commands.
Packages with a specific selection can be displayed with <option>showinstall</option>,
<option>showremove</option> and <option>showpurge</option> respectively.
diff -ru pristine/apt-secure.8.xml modified/apt-secure.8.xml
--- pristine/apt-secure.8.xml 2015-11-21 16:07:02.000000000 +0000
+++ modified/apt-secure.8.xml 2015-11-21 17:45:46.865660688 +0000
@@ -52,9 +52,9 @@
</para>
<para>
- If an archive doesn't have a signed Release file or no Release file at all
+ If an archive has an unsigned Release file or no Release file at all
current APT versions will raise a warning in <command>update</command>
- operations and frontends like <command>apt-get</command> will require
+ operations and front-ends like <command>apt-get</command> will require
explicit confirmation if an installation request includes a package from
such an unauthenticated archive.
</para>
@@ -67,13 +67,13 @@
</para>
<para>
- Note: All APT-based package management frontends like &apt-get;, &aptitude;
+ Note: All APT-based package management front-ends like &apt-get;, &aptitude;
and &synaptic; support this authentication feature, so this manpage uses
<literal>APT</literal> to refer to them all for simplicity only.
</para>
</refsect1>
- <refsect1><title>Trusted repositories</title>
+ <refsect1><title>Trusted Repositories</title>
<para>
The chain of trust from an APT archive to the end user is made up of
@@ -91,10 +91,10 @@
devscripts packages respectively).</para>
<para>
- The chain of trust in Debian e.g. starts when a maintainer uploads a new
+ The chain of trust in Debian starts (e.g.) when a maintainer uploads a new
package or a new version of a package to the Debian archive. In
order to become effective, this upload needs to be signed by a key
- contained in one of the Debian package maintainers keyrings (available in
+ contained in one of the Debian package maintainer keyrings (available in
the debian-keyring package). Maintainers' keys are signed by
other maintainers following pre-established procedures to
ensure the identity of the key holder. Similar procedures exist in all
@@ -144,14 +144,14 @@
this mechanism can complement a per-package signature.</para>
</refsect1>
- <refsect1><title>User configuration</title>
+ <refsect1><title>User Configuration</title>
<para>
<command>apt-key</command> is the program that manages the list of keys used
by APT to trust repositories. It can be used to add or remove keys as well
as list the trusted keys. Limiting which key(s) are able to sign which archive
is possible via the <option>Signed-By</option> in &sources-list;.
</para><para>
- Note that a default installation already contains all keys to securily
+ Note that a default installation already contains all keys to securely
acquire packages from the default repositories, so fiddling with
<command>apt-key</command> is only needed if third-party repositories are
added.
@@ -165,7 +165,7 @@
</para>
</refsect1>
-<refsect1><title>Archive configuration</title>
+<refsect1><title>Archive Configuration</title>
<para>
If you want to provide archive signatures in an archive under your
maintenance you have to:
@@ -182,7 +182,7 @@
<command>gpg -abs -o Release.gpg Release</command>.</para></listitem>
<listitem><para>
- <emphasis>Publish the key fingerprint</emphasis>, that way your users
+ <emphasis>Publish the key fingerprint</emphasis>, so that your users
will know what key they need to import in order to authenticate the files
in the archive. It is best to ship your key in its own keyring package
like &keyring-distro; does with &keyring-package; to be able to
@@ -191,10 +191,10 @@
<listitem><para>
<emphasis>Provide instructions on how to add your archive and key</emphasis>.
- If your users can't acquire your key securily the chain of trust described above is broken.
+ If your users can't acquire your key securely the chain of trust described above is broken.
How you can help users add your key depends on your archive and target audience ranging
from having your keyring package included in another archive users already have configured
- (like the default repositories of their distribution) to leverage the web of trust.
+ (like the default repositories of their distribution) to leveraging the web of trust.
</para></listitem>
</itemizedlist>
@@ -215,7 +215,7 @@
<ulink
url="https://www.debian.org/doc/manuals/securing-debian-howto/ch7";>Debian
Security Infrastructure</ulink> chapter of the Securing Debian Manual
-(available also in the harden-doc package) and the
+(also available in the harden-doc package) and the
<ulink url="http://www.cryptnet.net/fdp/crypto/strong_distro.html";
>Strong Distribution HOWTO</ulink> by V. Alex Brennen. </para>
diff -ru pristine/sources.list.5.xml modified/sources.list.5.xml
--- pristine/sources.list.5.xml 2015-11-21 16:07:08.000000000 +0000
+++ modified/sources.list.5.xml 2015-11-21 21:33:13.540920959 +0000
@@ -31,12 +31,13 @@
<refsect1><title>Description</title>
<para>
- The source list <filename>/etc/apt/sources.list</filename> and the the
+ The source list <filename>/etc/apt/sources.list</filename> and the
files contained in <filename>/etc/apt/sources.list.d/</filename> are
designed to support any number of active sources and a variety of source
- media. The files list one source per line (one line style) or contain multiline
+ media. The files list one source per line (one-line style) or contain multiline
stanzas defining one or more sources per stanza (deb822 style), with the
- most preferred source listed first (in case a single version is available from more than one source). The information available from the
+ most preferred source listed first (in case a single version is
+ available from more than one source). The information available from the
configured sources is acquired by <command>apt-get update</command> (or
by an equivalent command from another APT front-end).
</para>
@@ -55,7 +56,7 @@
configuration list - in which case it will be silently ignored.</para>
</refsect1>
- <refsect1><title>one line style format</title>
+ <refsect1><title>One-Line-Style Format</title>
<para>
Files in this format have the extension <filename>.list</filename>.
Each line specifying a source starts with a type (e.g. <literal>deb-src</literal>)
@@ -71,27 +72,27 @@
included in the line after the type separated from it with a space.
If an option allows multiple values these are separated from each other
with a comma (<literal>,</literal>). An option name is separated from its
- value(s) by a equal sign (<literal>=</literal>). Multivalue options have
- also <literal>-=</literal> and <literal>+=</literal> as separator which
+ value(s) by an equals sign (<literal>=</literal>). Multivalue options also
+ have <literal>-=</literal> and <literal>+=</literal> as separators, which
instead of replacing the default with the given value(s) modify the default
value(s) to remove or include the given values.
</para><para>
This is the traditional format and supported by all apt versions.
Note that not all options as described below are supported by all apt versions.
- Note also that some older applications parsing this format on its own might not
+ Note also that some older applications parsing this format on their own might not
expect to encounter options as they were uncommon before the introduction of
multi-architecture support.
</para>
</refsect1>
- <refsect1><title>deb822 style format</title>
+ <refsect1><title>deb822-Style Format</title>
<para>
Files in this format have the extension <filename>.sources</filename>.
The format is similar in syntax to other files used by Debian and its
- derivatives, like the metadata itself apt will download from the configured
+ derivatives, such as the metadata files that apt will download from the configured
sources or the <filename>debian/control</filename> file in a Debian source package.
- Individual entries are separated by an empty line, additional empty
+ Individual entries are separated by an empty line; additional empty
lines are ignored, and a <literal>#</literal> character at the start of
the line marks the entire line as a comment. An entry can hence be
disabled by commenting out each line belonging to the stanza, but it is
@@ -101,26 +102,26 @@
Options have the same syntax as every other field: A fieldname separated by
a colon (<literal>:</literal>) and optionally spaces from its value(s).
Note especially that multiple values are separated by spaces, not by
- commas as in the one line format. Multivalue fields like <literal>Architectures</literal>
+ commas as in the one-line format. Multivalue fields like <literal>Architectures</literal>
also have <literal>Architectures-Add</literal> and <literal>Architectures-Remove</literal>
to modify the default value rather than replacing it.
</para><para>
This is a new format supported by apt itself since version 1.1. Previous
versions ignore such files with a notice message as described earlier.
- It is intended to make this format gradually the default format and
- deprecating the previously described one line style format as it is
- easier to create, extend and modify by humans and machines alike
+ It is intended to make this format gradually the default format,
+ deprecating the previously described one-line-style format, as it is
+ easier to create, extend and modify for humans and machines alike
especially if a lot of sources and/or options are involved.
Developers who are working with and/or parsing apt sources are highly
encouraged to add support for this format and to contact the APT team
to coordinate and share this work. Users can freely adopt this format
- already, but could encounter problems with software not supporting
+ already, but may encounter problems with software not supporting
the format yet.
</para>
</refsect1>
- <refsect1><title>The deb and deb-src types: General Format</title>
+ <refsect1><title>The deb and deb-src Types: General Format</title>
<para>The <literal>deb</literal> type references a typical two-level Debian
archive, <filename>distribution/component</filename>. The
<literal>distribution</literal> is generally a suite name like
@@ -132,7 +133,7 @@
code in the same form as the <literal>deb</literal> type.
A <literal>deb-src</literal> line is required to fetch source indexes.</para>
- <para>The format for two one line style entries using the
+ <para>The format for two one-line-style entries using the
<literal>deb</literal> and <literal>deb-src</literal> types is:</para>
<literallayout>deb [ option1=value1 option2=value2 ] uri suite [component1] [component2] [...]
@@ -163,10 +164,10 @@
which expands to the Debian architecture (such as <literal>amd64</literal> or
<literal>armel</literal>) used on the system. This permits architecture-independent
<filename>sources.list</filename> files to be used. In general this is only
- of interest when specifying an exact path, <literal>APT</literal> will
+ of interest when specifying an exact path; <literal>APT</literal> will
automatically generate a URI with the current architecture otherwise.</para>
- <para>Especially in the one line style format since only one distribution
+ <para>Especially in the one-line-style format, since only one distribution
can be specified per line it may be necessary to have multiple lines for
the same URI, if a subset of all available distributions or components at
that location is desired. APT will sort the URI list after it has
@@ -184,19 +185,19 @@
network, followed by distant Internet hosts, for example).</para>
<para>As an example, the sources for your distribution could look like this
- in one line style format:
+ in one-line-style format:
<literallayout>&sourceslist-list-format;</literallayout> or like this in
- deb822 style format:
+ deb822-style format:
<literallayout>&sourceslist-sources-format;</literallayout></para>
</refsect1>
<refsect1><title>The deb and deb-src types: Options</title>
- <para>Each source entry can have options specified modifying which and how
- the source is accessed and data acquired from it. Format, syntax and names
- of the options varies between the two formats one line and deb822 style
- as described, but they have both the same options available. For simplicity
- we list the deb822 fieldname and provide the one line name in brackets.
- Remember that beside setting multivalue options explicitly, there is also
+ <para>Each source entry can have options specified to modify which source
+ is accessed and how data is acquired from it. Format, syntax and names
+ of the options vary between the one-line-style and deb822-style formats
+ as described, but they both have the same options available. For simplicity
+ we list the deb822 fieldname and provide the one-line name in brackets.
+ Remember that besides setting multivalue options explicitly, there is also
the option to modify them based on the default, but we aren't listing those
names explicitly here. Unsupported options are silently ignored by all
APT versions.
@@ -211,7 +212,7 @@
<listitem><para><option>Languages</option>
(<option>lang</option>) is a multivalue option defining for
- which languages information like translated package
+ which languages information such as translated package
descriptions should be downloaded. If this option isn't set
the default is all languages as defined by the
<option>Acquire::Languages</option> config option.
@@ -222,7 +223,7 @@
which download targets apt will try to acquire from this
source. If not specified, the default set is defined by the
<option>Acquire::IndexTargets</option> configuration scope.
- Aditionally, specific targets can be enabled or disabled by
+ Additionally, specific targets can be enabled or disabled by
using the identifier as field name instead of using this
multivalue option.
</para></listitem>
@@ -234,19 +235,22 @@
doesn't announce the availability of PDiffs. Defaults to the
value of the option with the same name for a specific index file
defined in the <option>Acquire::IndexTargets</option> scope,
- which itself default to the value of configuration option
+ which itself defaults to the value of configuration option
<option>Acquire::PDiffs</option> which defaults to
<literal>yes</literal>.
</para></listitem>
<listitem><para><option>By-Hash</option> (<option>by-hash</option>)
- can have the value "yes", "no" or "force" and controls if APT
- should try to acquire indexes via an URI constructed from a
+ can have the value <literal>yes</literal>, <literal>no</literal>
+ or <literal>force</literal> and controls if APT
+ should try to acquire indexes via a URI constructed from a
hashsum of the expected file instead of using the well-known
stable filename of the index. Using this can avoid hashsum
- mismatches, but requires a supporting mirror. The value
- "yes"/"no" activates/disables the use of this feature if this
- source indicates support for it, while "force" will enable the
+ mismatches, but requires a supporting mirror. A
+ <literal>yes</literal> or <literal>no</literal>
+ value activates/disables the use of this feature if this
+ source indicates support for it, while
+ <literal>force</literal> will enable the
feature regardless of what the source indicates.
Defaults to the value of the option of the same name for a
specific index file defined in the
@@ -258,7 +262,7 @@
</itemizedlist>
- Further more, there are options which if set effect
+ Furthermore, there are options which if set affect
<emphasis>all</emphasis> sources with the same URI and Suite, so they
have to be set on all such entries and can not be varied between
different components. APT will try to detect and error out on such
@@ -270,11 +274,11 @@
is considered trusted or if warnings should be raised before e.g.
packages are installed from this source. This option can be used
to override this decision either with the value <literal>yes</literal>,
- which lets APT consider this source always as a trusted source
- even if it has no or fails authentication checks by disabling parts
- of &apt-secure; and should therefore only be used in a local and trusted
+ which lets APT consider this source always as a trusted source,
+ even if it lacks or fails authentication checks, by disabling parts
+ of &apt-secure;. It should therefore only be used in a local and trusted
context (if at all) as otherwise security is breached. The opposite
- can be achieved with the value no, which causes the source to be handled
+ can be achieved with the value <literal>no<literal>, which causes the source to be handled
as untrusted even if the authentication checks passed successfully.
The default value can't be set explicitly.
</para></listitem>
@@ -283,11 +287,11 @@
is either an absolute path to a keyring file (has to be
accessible and readable for the <literal>_apt</literal> user,
so ensure everyone has read-permissions on the file) or a
- fingerprint of a key in either the
+ fingerprint of a key either in the
<filename>trusted.gpg</filename> keyring or in one of the
keyrings in the <filename>trusted.gpg.d/</filename> directory
(see <command>apt-key fingerprint</command>). If the option is
- set only the key(s) in this keyring or only the key with this
+ set, only the key(s) in this keyring or only the key with this
fingerprint is used for the &apt-secure; verification of this
repository. Otherwise all keys in the trusted keyrings are
considered valid signers for this repository.
@@ -295,15 +299,15 @@
<listitem><para><option>Check-Valid-Until</option> (<option>check-valid-until</option>)
is a yes/no value which controls if APT should try to detect
- replay attacks. A repository creator can declare until then the
- data provided in the repository should be considered valid and
- if this time is reached, but no new data is provided the data
- is considered expired and an error is raised. Beside
- increasing security as a malicious attacker can't sent old data
- forever denying a user to be able to upgrade to a new version,
+ replay attacks. A repository creator can declare a time until
+ which the data provided in the repository should be considered valid,
+ and if this time is reached, but no new data is provided, the data
+ is considered expired and an error is raised. Besides
+ increasing security, as a malicious attacker can't send old data
+ forever to prevent a user from upgrading to a new version,
this also helps users identify mirrors which are no longer
- updated. Some repositories like historic archives aren't
- updated anymore by design through, so this check can be
+ updated. However, some repositories such as historic archives
+ are not updated any more by design, so this check can be
disabled by setting this option to <literal>no</literal>.
Defaults to the value of configuration option
<option>Acquire::Check-Valid-Until</option> which itself
@@ -332,7 +336,7 @@
</para>
</refsect1>
- <refsect1><title>URI specification</title>
+ <refsect1><title>URI Specification</title>
<para>The currently recognized URI types are:
<variablelist>
@@ -418,14 +422,13 @@
Suites: unstable
Components: main contrib non-free</literallayout>
- <para>Source line for the above</para>
+ <para>Sources specification for the above.</para>
<literallayout>deb-src file:/home/apt/debian unstable main contrib non-free</literallayout>
<literallayout>Types: deb-src
URIs: file:/home/apt/debian
Suites: unstable
Components: main contrib non-free</literallayout>
-
<para>The first line gets package information for the architectures in <literal>APT::Architectures</literal>
while the second always retrieves <literal>amd64</literal> and <literal>armel</literal>.</para>
<literallayout>deb http://httpredir.debian.org/debian &stable-codename; main
@@ -434,7 +437,6 @@
URIs: http://httpredir.debian.org/debian
Suites: &stable-codename;
Components: main
-
Types: deb
URIs: http://httpredir.debian.org/debian
Suites: &stable-codename;
Attachment:
apt.8.xml
Description: XML document
Attachment:
apt-mark.8.xml
Description: XML document
Attachment:
apt-secure.8.xml
Description: XML document
Attachment:
sources.list.5.xml
Description: XML document