** New operation mode: proxy ** Command line option precedence Command line options take precedence over configuration file statements. ** elif statement A familiar `elif' statement is supported, e.g.: if condition-1 action-list-1 elif condition-2 action-list-2 elif condition-3 action-list-3 else action-list-4 fi ** New CONTROL statement esmtp-auth-delayed. When set to `yes', this statement instructs Anubis to postpone ESMTP authentication until MAIL command is issued by the client. This allows to change authentication credentials in the SMTP section (see below). ** SMTP section The new section "SMTP" is invoked each time an SMTP command is received. This section may alter the command's argument, using the "modify command", e.g.: BEGIN SMTP regex :extended modify command [ehlo] "foo.bar.net" if command ["mail from:"] "<(.*)>(.*)" modify command ["mail from:"] "<root@bar.net>\2" fi END It is also allowed to use esmtp-* keywords in this section, provided that `esmtp-auth-delayed yes' is set in the CONTROL section. Changes in the ESMTP authentication credentials take effect if they occur either before receiving MAIL command from the client, or when handling this command, e.g.: BEGIN SMTP if command ["mail from:"] "<smith(\+.*)?@@example.net>" esmtp-auth-id smith esmtp-password guessme else esmtp-auth no fi END ** New keywords: log-facility and log-tag ** Guile output By default Scheme's standard error and output ports are redirected to syslog, using priorities `err' and `warning' correspondingly. ** MySQL options file When using MySQL for Anubis user database, the database parameters and access credentials are read from the file /etc/my.cnf, section "anubis". Additionally, two URL parameters are provided: "options-file", which sets the name of the options file, and "options-group", which sets the name of the group.
Description:
GNU Anubis is an SMTP message submission daemon. It represents an intermediate layer between mail user agent (MUA) and mail transport agent (MTA), receiving messages from the MUA, applying to them a set of predefined changes and finally inserting modified messages into an MTA routing network. The set of changes applied to a message is configurable on a system-wide and per-user basis.
* Fix threshold calculation in the cleaner module. * Refuse to start if another copy is already running.
Description:
Beam is a suite of backup programs written in a reasonably portable shell language with the purpose of making backup process as easy as possible. The name is an acronym for "Backup Easy And Manageable".
* New command line option --init (-i) * New format flags: down=N, child=S, sibling=S * New guile primitives: - (grecs-node-ident-locus node [full]) Returns the location of the node's identifier. See below for the meaning of [full]. - (grecs-node-value-locus node [full]) Returns the location of the node's value. * Full vs. simplified locations. There are two flavors of source locations: simplified and full ones. A simplified location consists of a file name and line number. When returned from a Guile primitive, they are packed in a cons. A simplified location shows an approximate location of the object in the configuration file. A full location provides the exact location of the object. It consists of a pair of triplets, which mark the beginning and end of the object. Each triplet consists of a file name, line number and column number. When returned from a Guile primitive, each triplet is represented as a list of three elements and both triplets are packed in a cons, the start location being its car, and the end location being its cdr. The three functions that return node locations, grecs-node-locus, grecs-node-ident-locus and grecs-node-value-locus, return simplified locations by default. If #t is supplied as the optional second argument, these functions return full locations.
dnstools, gint, grecs, nssync, wordsplit
Description:
Cfpeek parses a structured configuration file and retrieves values specified by keyword pathnames or globbing patterns.
* Fix CVE-2015-1197 * Fix CVE-2016-2037 * Fix CVE-2019-14866
Description:
GNU cpio copies files into or out of a cpio or tar archive. The archive can be another file on the disk, a magnetic tape, or a pipe. GNU cpio supports a wide variety of archive formats.
* New configuration variable DEFAULT_PIDFILE_NAME Use it to alter the default pidfile location, e.g.: ./configure DEFAULT_PIDFILE_NAME=/var/dico/dicod.pid * Fix compilation on 32-bit systems
Description:
GNU Dico provides a flexible modular implementation of dictionary server, a number of modules for it, and a console based dictionary lookup utility. A Web interface is also available.
* The path statement can refer to a regular file. Prior versions of direvent required the argument to the "path" statement to refer to an existing directory. This requirement is now lifted. The pathname can refer to any type of file (not only a directory). Moreover, the file is not required to exist. If it does not exist, direvent will set up an auxiliary watcher (called a "sentinel"), that will wake up upon creation of the file with that pathname and will set up the configured watcher once it is created. The process is reversed when the file referred to by the "path" statement is deleted. In that case, the configured watcher is deactivated and a sentinel is set up which will bring it back when the destination file or directory is created. This mode of operation ensures that the configured watcher will always be operational. * Fix watcher removal on BSD-like systems. * Configuration changes ** multiple environ statements Multiple environ statements can be used within a single watcher block. Such statements accumulate.
Description:
GNU Direvent monitors a set of directories on the file system and reacts when their content changes. When a change is detected, the program invokes an external command configured for that kind of change.
Description:
A set of tools for DNS management.
* Exponential backoff with jitter If AWS responds with a RequestLimitExceeded code, eclat retries the request using exponential backoff with jitter algorithm. The algorithm is controlled by two values: max-retry-interval and total-retry-timeout. When the RequestLimitExceeded error is returned, eclat will sleep for 2 seconds and then retry the request. For each subsequent RequestLimitExceeded error, it will calculate the timeout using the following formula: t = rand(0, min(M, 2 ** N)) + 1 where N is the attempt number, M is the value of max-retry-interval parameter, 'rand(a,b)' selects the integer random number X such that 0 <= X <= b, and '**' denotes the power operator. The attempts to resend the request will continue until either a response other than RequestLimitExceeded is received (be it a response to the query or another error response), or the total time spent in the retry loop becomes equal to or greater than total-retry-timeout, whichever occurs first. * VPC Support The following new commands provide full support for manipulating the EC2 VPC objects: lsvpc describe-vpcs lsvpcattr describe-vpc-attribute mkvpc create-vpc setvpcattr modify-vpc-attribute rmvpc delete-vpc * Route table support The following new commands provide full support for manipulating the EC2 Route Table objects: assocrtab AssociateRouteTable mkrtab CreateRouteTable rmrtab DeleteRouteTable lsrtab DescribeRouteTables disasrtab DisassociateRouteTable * Route support The route subcommand allows you to add, delete and modify routes in route tables. ** Create route: eclat route rtb-12345678 add CIDR gw ID ** Delete route: eclat route rtb-12345678 del CIDR ** ReplaceRoute eclat route rtb-12345678 repl CIDR gw ID * Subnet support The following new commands provide full support for manipulating the EC2 Subnet objects: mksubnet create-subnet rmsubnet delete-subnet lssubnet describe-subnets setsubnetattr modify-subnet-attribute * Internet Gateway support The following new commands provide full support for manipulating the EC2 Internet Gateway objects: lsigw describe-internet-gateways mkigw create-internet-gateway rmigw delete-internet-gateway atigw attach-internet-gateway deigw detach-internet-gateway
Description:
Eclat stands for EC2 Command Line Administrator Tool. It allows you to manage Amazon EC2 services from the command line, fast and easy. Eclat does not require any resource-consuming libraries. It is written in plain C, depends only on libraries which are always installed on any decent system, and has a tiny memory footprint.
Initial release.
Description:
Grot rotates MySQL binary log files on replication master server. It works by first determining what slaves are connected to the server. Then it connects to each slave and determines what master log file it currently uses. Finally, it removes those logs on master that are older than the oldest of logs used by slaves.
Description:
This project is decommissioned. It's repository is retained as a historic reference only.
Description:
Inetutils, or GNU Internet Utilities, are the basic internet utilities of the GNU Operating System.
Description:
Decomissioned.
* Implement heartbeat event * Add auxiliary program: ifactive * Fix file descriptor leak
Description:
Jumper monitors network interfaces for certain kinds of traffic and starts preconfigured external programs when such traffic is detected. It is designed mainly to bring up network links (such as VPN and the like) on demand.
* The program is installed in /usr/bin Prior versions went to /usr/sbin, you will need to remove them manually. * Print /etc/issue before the prompt * Sleep after incorrect password is input * New options: -i (--issue), -s (--sleep), -c (--clear) * Add a manpage * Improve error checking and reporting
Description:
A simple console locker program for GNU/Linux systems.
* The --callout-socket option New option --callout-socket=URL instructs mailfromd to use URL to pass callout requests to the callout server listening on URL. It is equivalent to the callout-url configuration statement, which it overrides. This option is used by mtasim to avoid clobbering the existing callout sockets when starting new mailfromd instance. * NS lookup NFL functions This release implements the following new MFL functions: number primitive_hasns (string DOM) Returns 1 if the domain DOM has at least one NS record and 0 otherwise. Throws an error if DNS lookup fails. require 'dns' number hasns (string DOM) Same as above, but returns 0 on DNS lookup failures. string getns (string DOM ; number RESOLVE, number SORT) Returns a whitespace-separated list of all the NS records for the domain DOM. If optional parameter RESOLVE is 1, the returned list contains IP addresses. Optional SORT controls whether the entries are sorted. * Bugfixes ** Callout functions return true on checking the null return address (<>) ** Arguments in transaction between mailfromd and calloutd are quoted ** Avoid false failures in testsuite due to libadns warnings ** configure --with-dbm=T accepts any T supported by mailutils ** The 'dbdel' built-in silently ignores non-existing keys
Description:
Mailfromd is a general-purpose mail filtering daemon for Sendmail, Postfix and MeTA1. It is able to filter both incoming and outgoing messages using criteria of arbitrary complexity, supplied by the administrator in the form of a script file. The daemon interfaces with the MTA using Milter or PMilter protocols.
* The maidag utility is withdrawn
The main purpose of this utility was to work as local mail delivery
agent (MDA), a program responsible for final delivery of email messages
to the recipient's mailbox. As such it required suid privileges.
In parallel with its main purpose, it also was able to work in two
other modes: the 'url' mode, designed to deliver mails to arbitrary
mailbox URLs, and 'lmtp' mode, in which it acted as local mail
transport daemon. Neither of these needed suid privileges.
The unfortunate design decision to combine the three modes in a single
versatile tool resulted in local privilege escalation threat in 'url'
mode.
To fix this, maidag has been replaced by three different utilities,
each one with a precisely defined purpose and carefully designed
privileges: mda, lmtpd, and putmail.
* mda
GNU Mail Delivery Agent, the program used by mail transport agent for
local mail delivery. MTA starts it with non-root privileges, so it
needs the setuid bit in order to be able to assume the recipient's
identity when delivering mail. User input is limited to the actual
message, which is read from the standard input. The usual flexible
mailutils configuration subsystem is disabled in this utility, all
settings being read from the main configuration file only. This file
is writable only for root. Configuration settings cannot be altered
from the command line.
The command line usage is mostly compatible with the maidag, which
facilitates transition to mda.
* lmtpd
GNU Local Mail Transfer Protocol daemon. Normally it is started by
root and remains in the background serving LMTP connections from the
MTA.
* putmail
A user tool for delivering messages to the specified mailbox URL.
Runs with user privileges. This provides the functionality of 'maidag
--url', without any security implications.
* Use of TLS in pop3d run from inetd
New global configuration statement "tls-mode" configures the TLS for
use in inetd mode.
The certificate and key files are configured by the global "tls"
compound statement.
Example configuration (pop3s server):
mode inetd;
tls-mode connection;
tls {
ssl-key-file /etc/ssl/key.pem;
ssl-certificate-file /etc/ssl/cert.pem;
}
* comsatd --test
The --test option takes optional argument: name of the tty or file to
use for reporting.
* mail
** fix the semantics of 'hold' and 'keepsave' variables
** New message type specification ":s"
Selects messages in state 'saved'.
Description:
GNU Mailutils is a swiss army knife of electronic mail handling. It contains a rich set of mail-related utilities and daemons, including pop3d, imap4d, sieve and a universal mail delivery agent, called maidag.
Initial release.
Description:
NetSNMP module that provides access to process list statistics and replication status of the mysqld server.
* Add README, improve meta-data
Description:
A perl plugin for NetSNMP that provides access to Sendmail statistics information obtained by mailq and mailstats.
First actual release.
Description:
The nssync utility converts DNS records kept in SQL tables of arbitrary format to BIND zone files.
* Add missing symbol pam_innetgr lacked pam_sm_setcred
Description:
PAM-modules is a collection of useful PAM modules plus a command line utility for checking PAM authentication and other management groups.
* New option --no-init
The --no-init option instructs pies not to switch to init mode if its
PID is 1. Use this option if you run pies as a process manager in a
docker container.
* New component modes: startup and shutdown
Startup components are run right after pies startup. Any other
components start running only after last startup component has terminated.
Shutdown components are executed at program shutdown, after
all other components have been terminated.
Any number of startup or shutdwon components can be defined in the
configuration file. Such multiple components are run simultaneously,
unless required otherwise by their "prerequisites" and "dependents"
statements.
* New component flag: shell
The 'shell' flag instructs pies to run the component via "/bin/sh -c
$command". Use it if the command should undergo variable expansion,
contains redirections, pipes, etc. E.g.
component X {
flags shell;
command "if [ -n \"$X\" ]; then foo; else bar; fi"
}
* Improved cyclic dependency diagnostics
* New 'env' statement
The 'env' statement has been re-implemented as a compound statement.
It can contain the following sub-statements:
** clear
Clears the environment
** keep NAME
Keeps the variable NAME when clearing the environment. Implies
"clear". NAME can be a globbing pattern, in which case all
variables matching the pattern are retained.
** set "NAME=VALUE"
Sets the environment variable for the component. VALUE is subject
to variable expansion.
** eval "VALUE"
Perform variable expansion on VALUE and discard the result (similar
to the shell ":" command). Useful for side effects, e.g.:
eval ${HOME:=/home/t}
** unset NAME
Unsets the variable. NAME can be a globbing pattern, in which case all
variables matching the pattern are unset.
Example:
env {
clear;
keep PATH;
keep MANPATH;
keep "LC_*";
set "MANPATH=$MANPATH${MANPATH:+:}/usr/local/man";
}
* Legacy 'env' statement.
Support for the old one-line syntax of "env" is retained for
backward compatibility.
Previous versions applied unnecessary word splitting if given a
single argument. This is now fixed, so that e.g. the following
statement is processed correctly and defines a single variable
X to have the value "foo bar":
env "X=foo bar"
* New environment variable available for commands started from return-code
Programs started via "exec" statement in the "return-code" block
obtain the PID of the master pies process in environment variable
PIES_MASTER_PID.
* Improved testsuite
Description:
GNU Pies (pronounced "p-yes") is a Program Invocation and Execution Supervisor. This utility allows to execute usual foreground-mode applications in detached mode, as if they were daemons. It combines in itself the fucntionality of init and inetd programs. It can be used to control complex multi-component software, such as jabberd2 or MeTA1.
* Configuration file raddb/config
The syslog statement takes an optional 4th argument specifying syslog
tag to use, e.g.:
channel default {
syslog local1.info radiusd;
};
* New attributes
** GNU-Server-Address
Holds IP address of the RADIUS server that recieved the
request. Notice, that the value of this attribute is "0.0.0.0" if
there are no `listen' statement in your `raddb/config'.
** GNU-Server-Port
Holds UDP port number of the RADIUS server that recieved the request.
* Automake function AM_GNU_RADIUS is provided, for checking if
GNU Radius is installed from configure.ac scripts.
* Guile support requires Gule version 1.8 or later.
* Bugfixes
** Pass NAS-IP-Address to mlc_stop_query
auth, gnu, gray, network, system
http://www.gnu.org/software/radius/Description:
GNU Radius is an extensible and scalable authentication and accounting server.
* Include updated wordsplit version (v1.0-7-g6ccb9ad) * Allow for multiple EOLs and comments after the preface statement. * Bugfix in the testcase 20.
auth, gnu, gray, network, system
http://rush.software.gnu.org.uaDescription:
GNU Rush is a Restricted User Shell. It is intended for use with ssh, rsh and similar remote access programs. Using a sophisticated configuration file, Rush gives you complete control over the command lines that users execute, usage of system resources, such as virtual memory, CPU time, etc. In particular, it allows to run remote programs in a chrooted environment.
* Support SNMPv3
* Default SNMP version is 2c
* Use newer Grecs
* Drop unneeded dependencies
* Variable assignments in expressions
* Detection of SNMP counter overflows
* Comma operator
* Support for indexed MIBs
This feature allows you to use symbolic names instead of the fixed MIBs
for MIBs that are part of SNMP subtrees. For example, to get number of
packets sent over eth0 into variable "out", you would do the following:
table iftable IF-MIB::ifDescr;
variable out "IF-MIB::ifOutUcastPkts.$iftable[eth1]";
The first statement converts the subtree into a "table" named "iftable".
The second statement references an entry in this table that has
the value "eth1". For example, if the SNMP tree has the following MIB
IF-MIB::ifDescr.10: eth0
then the expression "$iftable[eth]" yields "10"
* Assertion syntax changed.
The assertion statement takes a single argument, which must be a
string consisting of the following three parts:
<oid: string> [!]<opcode>[/i] <value: string>
The <opcode> part can be either an arithmetical operator (=, <, <=, >,
>=), or any of the following string operators:
eq string equality
ne string inequality
prefix oid value must begin with <value>
suffix oid value must end with <value>
glob <value> is a glob(7) pattern that oid value must match
Each of these can be suffixed with "/i" to request case-insensitive comparison.
A "!" in front of opcode reverts its meaning.
The <value> part must not include the type prefix.
Description:
SLB is a Simple Load Balancer. The utility monitors a set of remote servers, obtaining a set of numeric values via SNMP. These values are used to compute a single floating-point number, called a relative load for that server. The servers are then sorted in order of increasing loads and the resulting table is output (using a configurable format string) to a file or pipe.
Description:
Slogin is a replacement for /bin/login, intended to be used in system start-up script wherever the root maintenance is needed. It does not update utmp/wtmp and hence is safe to be called when the partition containig these files is not mounted.
* new module: ldap * mailutils: Requires 2.99.98 or later
mailfromd, mailutils, wordsplit
Description:
An extendable socket map server with a set of modules and framework for writing new socket maps and testing them.
decom, gray, network, system, web
http://tagr.software.gnu.org.uaDescription:
Decomissioned.
* Fix the use of --checkpoint without explicit --checkpoint-action * Fix extraction with the -U option See http://lists.gnu.org/archive/html/bug-tar/2019-01/msg00015.html, for details * Fix iconv usage on BSD-based systems * Fix possible NULL dereference (savannah bug #55369) * Improve the testsuite
Description:
GNU Tar is an archiver program. It is used to create and manipulate files that are actually collections of many other files; the program provides users with an organized and systematic method of controlling a large amount of data.
Rewrite as a stand-alone snmpd agent.
gray, netsnmp, system, varnish
http://www.gnu.org.ua/software/varnish-mibDescription:
Dynamically loadable object module for net-snmp snmpd that provides access to Varnish Cache statistics.
Description:
A MIB for monitoring and remote management of Varnish Cache.
* Automatic VCS detection. * Don't descend into internal VCS directories during the scan.
Description:
Vcsync synchronizes files on the file system with the corresponding repository after each commit. It is normally configured as a hook, using the mechanism provided by the version control system of choice (loginfo in CVS, post-commit in SVN, or post-receive in GIT).
* Minor change
Description:
This Varnish Cache module implements basic HTTP authentication against password files created with the Apache htpasswd utility.
* Support for Varnish 6.0.2
Description:
This module provides API for writing binary log files from Varnish VCL scripts and the utilities for listing and searching in such files.
* req.http.X-VMOD-DBRW-Error This header is set to 1 by dbrw.rewrite to indicate that an error occurred during the rewrite. * New flags: regex and eq One of this flags can appear in the fourth column of the returned data set. The 'eq' flag instructs dbrw.rewrite to use exact string match, instead of regular expressions. The 'regex' flag instructs it to use regular expression matching. It is the default. * Improve error handling in mysql submodule Previously, error codes ER_PARSE_ERROR and ER_EMPTY_QUERY were treated as permanent conditions, causing mysql connection to be closed and disabled. This is no longer the case, as they both can well mean a transient condition (e.g. ER_PARSE_ERROR returned for the 'Illegal mix of collations' error).
Description:
A Varnish Cache module implementing database-driven rewrite rules. Intended for use with web sites that need an exceedingly big number of redirect and/or rewrite rules, Vmod-dbrw allows the administrator to keep all rules in an SQL database of arbitrary structure, thereby considerably speeding up their handling. Another advantage of this approach is that rewrite rules stored in a database are easier to maintain.
* Support for Varnish 6.0.2
Description:
This module provides SQL interface for Varnish Cache. Both MySQL and PostgreSQL are supported.
* Support for Varnish 6.0.2
Description:
This module implements token bucket filtering for Varnish Cache.
* Support for Varnish 6.0.2
Description:
Extended variable support for VCL
* Introduce loadable modules. Two modules are provided: mailutils, for mail notification using GNU mailutils, and logstat, for logging statistics. * Directory setup The new statement "create-directories" instructs wydawca to create missing source, destination and archive directories. Additional configuration statements are provided to configure ownership and modes of the created directories. * Bugfixes ** Avoid processing same triplet twice. ** Fix memory allocation bugs.
Description:
An automatic release submission daemon. It implements the GNU automatic upload procedure, and supports upload directive files of version 1.1.
* Requires Mailutils 3.4
Description:
Wyslij-po runs basic checking on PO files given in the command line and submits them to the Translation Project robot.
* Bugfixes and organizational changes
Description:
Simple HTTP server for static files
* The "periodic" subcommand The new subcommand "periodic" is responsible for maintaining the job database. It finishes up pending glacier jobs, dowloading the results (both inventory listings and requested files) and removes expired jobs. It should be run as a cronjob. * When run on an EC2 instance, credentials can be obtained from the EC2 metadata * Directory validity is controlled using the LastInventoryDate field
Description:
Command line tool for managing AWS Glacier
Implements restart mode.
The restart mode is a special feature of sentinel mode, controlled by
the new options --restart-on-exit and --restart-on-signal. In this
mode genrc will restart the subsidiary program if it exits with a
predefined status code or terminates on a predefined signal. Use this
feature to ensure the service provided by the program controlled by
genrc won't get terminated because of hitting a bug or encountering an
unforeseen external condition.
For example:
genrc --command=COMMAND \
--sentinel \
--restart-on-exit='!0' --restart-on-signal='!TERM,QUIT' start
This will ensure that the COMMAND will be restarted immediately after
it terminates, unless it exits with the status 0 or terminates on
SIGTERM or SIGQUIT.
Description:
Generic helper program for writing system initialization scripts. Depending on the operation mode, it starts, stops, reconfigures or displays the status of a specific program. Primary audience is Slackware system administrators. However, the tool is generic enough to be used on any other Linux (and not only) distribution. In the contrast to another similar programs like start-stop-daemon, it is designed so that the entire rc file can consist of only one line, invoking (or exec'ing) genrc with the right set of arguments.
- Take into account ServerName if LetsEncryptReference is given.
Description:
A tool for automatic creation and renewal of ACME (LetsEncrypt) SSL certificates. The list of domains to handle can be obtained from acmeman or apache configuration files, or from both. If the default acmeman configuration file doesn't exist, the program scans apache configuration files for a list of domains.
- Make sure constructor never croaks if on_error is set to 'return' Improve diagnostics.
Description:
This Perl module provides a mechanism for detecting version, default settings, and the preloaded modules of the Apache httpd server. It does so by locating the server binary, invoking it with appropriate options and analyzing the output it produces.
* Handle include statements with directory as argument * Fix cyclic inclusion detection on systems with negative device numbers
Description:
This Perl module reads and parses Apache configuration file, expanding constructs like Include, IncludeOptional, IfModule, IfDefine, Use, etc.
Description:
A builder for Slackware packages
Initial release.
Description:
Displays the amount of swap space used by each running program. The utility is Linux-specific.
* Display unterminated lines from the command All data the executed program outputs to the standart output and error are captured and reproduced on the corresponding system streams. The previous release would suppress lines not terminated with a newline character. This is fixed. * Display additional diagnostics if the program fails to run
Description:
Monitors state of running docker containers via SNMP. The package provides two utilities:Each container is supposed to run the tallyman command as part of its HEALTHCHECK configuration. This tool takes as its argument the command line that does the actual checking, collects its return and sends it over to the stevedore daemon that acts as a collector and simultaneously as a SNMP subagent, delivering the collected information to the snmpd daemon.
- tallyman
- health state collector to be run inside the container
- stevedore
- container state collector and SNMP agent daemon
Initial release.
Description:
Upgrades the Slackware installation to a new release. Two upgrade types are supported. In normal upgrade only packages already installed on the system are upgraded. In full upgrade, all packages from the new release are installed. A combination of the two can be achieved by supplying a list of additional Slackware series when running the normal upgrade.
Initial release.
Description:
A tool for monitoring the expiration times of remote SSL certificates via HTTPS. Can be used either as a Nagios plugin or as a standalone tool.