Projects
This page lists most of the Free Software projects I ever worked on. Some of them where created by me, in others I am just one of the many people who develop them. Some are being actively developed, others have reached a state where further modifications are seldom or not at all required, yet others were discontinued.
To facilitate navigating in this list, projects are categorized by their purpose, authorship, and current state. Each project entry lists the categories it pertains to. Clicking on a category name will bring a listing of all projects in that category.
Additionally, a list of related projects is provided where applicable. Each element in that list is a link to the corresponding project entry.
Clicking on a project's name will bring this project's entry as a separate page (a permalink).
Hovering your mouse over the version information of a project shows the list of changes introduced by that version.
Sort controls below allow you to order the list either lexicographically or by the most recent release date, in both directions.
Using the Search control, you can select projects by name. Shell-style globbing patterns (wildcards) are accepted.
haproxy-bulkredirect
Lua library for handling big amounts of redirect rules in HAProxy.
webtools
A collection of various web-related programs, mostly proof-of-concept ones.
runasimi
A web page offering various resources for learning Quechua, a language spoken in the Andes.
varnishsnmp
A MIB for monitoring and remote management of Varnish Cache.
grecs
Grecs is a library for parsing structured configuration files from C programs. A structured configuration file has hierarchical structure, with block statements enclosing lower-level statements. Such configurations files are used by many programs, such as, e.g. Bind or Dico.
paxutils
Paxutils is intended to provide a set of archiver programs. It will include tar
and cpio
utilities and will provide POSIX pax
program.
imprimatur
Imprimatur provides Texinfo macros for various editing tasks such as adding editor notes and annotations, as well as Makeinfo rules for verifying Texinfo document structure, format, and (to a certain extent) content coverage.
gamma
GAMMA stands for a Guile Archive of Multiple Modules with an A just for the ‘A’ of it. It contains a set of useful Guile modules. In particular, it is used by runasimi.org and ellinika.gnu.org.ua.
mockmta
A simplistic implementation of the SMTP mail transport agent, designed for testing purposes. It behaves almost identically to any real MTA, except that it listens on localhost only and delivers all messages to the given UNIX mailbox file.
mansrv
Formats and returns the requested manpage as HTML. This CGI is specifically designed to help display on-line the documentation in manpage formats for multiple software projects without the need to install these manpages somewhere in the system MANPATH. This is necessary for software forge sites that host a number of projects, such as Puszcza.
slackdesc
Formats a slack-desc file for Slackware package.
xmltools
A set of Guile primitives for parsing and processing XML files.
m4kwargs
Macro package that implements keyword arguments for m4 macros. A keyword argument consists of keyword name and value, separated with a single equals sign. Example of a macro call with single positional and two keyword arguments:
INCR(10, delta=4, sign=neg)
gnulib
Gnulib is a central location for common GNU code, which is shared among many GNU (and non-GNU) packages.
mfmod_pcre
Perl-compatible regular expressions for mailfromd
slogin
A replacement for /bin/login
, intended to be used in system start-up script wherever the root maintenance is needed. It does not update utmp/wtmp and hence is safe to be called when the partition containig these files is not mounted.
acvmod
A framework for creating loadable modules for Varnish Cache (vmods). It provides a set of macros and templates for configuring the module using GNU autotools and includes several auxiliary tools for creating GNU-style ChangeLog, testsuite, etc.
wordsplit
This package provides a set of C functions for parsing input strings. Default parsing rules are are similar to those used in Bourne shell. This includes tilde expansion, variable expansion, quote removal, word splitting, command substitution, and path expansion. Parsing is controlled by a number of settings which allow the caller to alter processing at each of these phases or even to disable any of them. Thus, wordsplit can be used for parsing inputs in different formats, from simple character-delimited entries, as in /etc/passwd
, and up to complex shell statements.
gcide
GNU Collaborative International Dictionary of English, a free dictionary based on Webster’s Revised Unabridged Dictionary Version (published 1913) with additions from WordNet, proof-read and supplemented by volunteers from around the world.
extrans
This is a modified versions of Romuald Texier’s eXtrans. It was used as the underlying mechanism for Ellinika and Runasimi at early stages of their development, before switching to xmltools.
slowo
Słowo (the Polish for a word) is a lexical and grammatical analyzer for Polish language.
wit
A wiki translator, a package that supplies Python classes for translating Wiki Markup into another kind of markup, such as, e.g. plain text and HTML. It has been superseded by wikitrans
.
gint
GINT provides a framework for easy integration of Guile into arbitrary software projects. It includes Autoconf macros for detecting the presence of Guile on the system, detecting its version number and location of its components, a set of Makefile and Automake rules for snarfing C sources, i.e. generating auxiliary files (.x
files, containing symbol information for Guile interpreter, and .doc
files, containing information about Guile primitives, their arguments and docstrings), and a C lexer program for extracting docstrings from a C file.
beam
* New configuration keyword <item>_alldb This keyword is valid for backup items of mysql type. If dumping all databases is requested (i.e. the <item>_database variable is not defined), it configures whether to dump each database into a separate file (named after it), or to dump all databases to a singe file. * Fix restoring from remote archives
A suite of backup programs written in a reasonably portable shell language with the purpose of making backup process as easy as possible. The name is an acronym for “Backup Easy And Manageable”.
runcap
A C module providing an API for running external command and capturing its output.
The function runcap
runs an external command and waits for its termination, capturing its stdout and/or stderr and optionally piping the supplied data to its stdin.
apout
It is a modification of the PDP-11 emulator originally written by Warren Toomey, that allows to run binaries from the earliest UNIX distributions.
lua-idna
Lua library that provides support for punicode (RFC 3492) and IDNA (RFC 3490).
gsc
This project is decommissioned. It’s repository is retained as a historic reference only.
mangemanche
A modular remote management system for Ping903. Allows the user to inspect configuration of the running server, add or remove IP addresses, synchronize the monitored IP list with the Nagios configuration or an SQL database etc.
mix
* Licensed under GPLv3 or later. * mixal ** Location of listing file By default, mixal creates listing file in the current working directory. * mixsim ** The .mixsim file When started in terminal mode, the utility searches for file `.mixsim' in the current working directory and reads it, if present. The file may contain any mixsim commands. ** The set of terminal commands is improved to make it compatible with GDB. ** New command, PASSCOUNT Set the number of crossings after whcih to clear the breakpoint. ** Removed optional second argument to BREAK. The functionality of `BREAK <ADDR> <COUNT>' is now obtained by two commands: BREAK <ADDR> PASSCOUNT <N> <COUNT> ** New command DELETE. An alias to CLEAR. ** New command IGNORE Sets the number of hits to ignore before enabling the breakpoint. ** New commands ENABLE and DISABLE Enable or disable the breakpoint with the given number. ** New command RUN It is an alias for GO. ** New command SOURCE Execute a file of mixsim commands. ** New command ADDRESS. This command takes as its argument a breakpoint manipulation command (DELETE, IGNORE, ENABLE, DISABLE, PASSCOUNT) with arguments appropriate for the associated command. However, the first argument of the corresponding command is treated as MIX address, instead of a breakpoint number. ** New command INFO. An alias to LIST. ** New command SHELL. Executes a subordinate shell or a shell command. Abbreviated to !. ** NEXT and STEP take optional argument. The argument, if given, specifies number of instructions to execute. Default is 1. ** INFO BREAK takes an optional argument specifying breakpoint number to list. If prefixed with ADDRESS, it treats the argument as a MIX location and lists all breakpoints set on that location.
MIX is a set of tools for assembling, running and debugging programs, written in MIXAL, an assembly language for an imaginary computer, MIX, used in The Art of Computer Programming of D. Knuth.
radius
* Configuration file raddb/config The syslog statement takes an optional 4th argument specifying syslog tag to use, e.g.: channel default { syslog local1.info radiusd; }; * New attributes ** GNU-Server-Address Holds IP address of the RADIUS server that recieved the request. Notice, that the value of this attribute is "0.0.0.0" if there are no `listen' statement in your `raddb/config'. ** GNU-Server-Port Holds UDP port number of the RADIUS server that recieved the request. * Automake function AM_GNU_RADIUS is provided, for checking if GNU Radius is installed from configure.ac scripts. * Guile support requires Guile version 1.8 or later. * Bugfixes ** Pass NAS-IP-Address to mlc_stop_query
GNU Radius is an extensible and scalable authentication and accounting server.
grot
Initial release.
Grot rotates MySQL binary log files on replication master server. It works by first determining what slaves are connected to the server. Then it connects to each slave and determines what master log file it currently uses. Finally, it removes those logs on master that are older than the oldest of logs used by slaves.
joh
* Use IPv6 URLs as proposed by RFC 2732 The address part of an IPv6 URL must be either an IPv6 address in numeric notation *enclosed in square brackets* or a host name, e.g.: inet6://[::1]:1100
A Jabber Over HTTP tunnel. It enables access to Jabber servers from behind firewalls which do not allow outgoing sockets on port 5222.
nssync
First actual release.
The nssync utility converts DNS records kept in SQL tables of arbitrary format to BIND zone files.
slb
* Support SNMPv3 * Default SNMP version is 2c * Use newer Grecs * Drop unneeded dependencies * Variable assignments in expressions * Detection of SNMP counter overflows * Comma operator * Support for indexed MIBs This feature allows you to use symbolic names instead of the fixed MIBs for MIBs that are part of SNMP subtrees. For example, to get number of packets sent over eth0 into variable "out", you would do the following: table iftable IF-MIB::ifDescr; variable out "IF-MIB::ifOutUcastPkts.$iftable[eth1]"; The first statement converts the subtree into a "table" named "iftable". The second statement references an entry in this table that has the value "eth1". For example, if the SNMP tree has the following MIB IF-MIB::ifDescr.10: eth0 then the expression "$iftable[eth]" yields "10" * Assertion syntax changed. The assertion statement takes a single argument, which must be a string consisting of the following three parts: <oid: string> [!]<opcode>[/i] <value: string> The <opcode> part can be either an arithmetical operator (=, <, <=, >, >=), or any of the following string operators: eq string equality ne string inequality prefix oid value must begin with <value> suffix oid value must end with <value> glob <value> is a glob(7) pattern that oid value must match Each of these can be suffixed with "/i" to request case-insensitive comparison. A "!" in front of opcode reverts its meaning. The <value> part must not include the type prefix.
A simple load balancer. The utility monitors a set of remote servers, obtaining a set of numeric values via SNMP. These values are used to compute a single floating-point number, called a relative load for that server. The servers are then sorted in order of increasing loads and the resulting table is output (using a configurable format string) to a file or pipe.
kbdlock
* The program is installed in /usr/bin Prior versions went to /usr/sbin, you will need to remove them manually. * Print /etc/issue before the prompt * Sleep after incorrect password is input * New options: -i (--issue), -s (--sleep), -c (--clear) * Add a manpage * Improve error checking and reporting
A simple console locker program for GNU/Linux systems.
anubis
** New operation mode: proxy ** Command line option precedence Command line options take precedence over configuration file statements. ** elif statement A familiar `elif' statement is supported, e.g.: if condition-1 action-list-1 elif condition-2 action-list-2 elif condition-3 action-list-3 else action-list-4 fi ** New CONTROL statement esmtp-auth-delayed. When set to `yes', this statement instructs Anubis to postpone ESMTP authentication until MAIL command is issued by the client. This allows to change authentication credentials in the SMTP section (see below). ** SMTP section The new section "SMTP" is invoked each time an SMTP command is received. This section may alter the command's argument, using the "modify command", e.g.: BEGIN SMTP regex :extended modify command [ehlo] "foo.bar.net" if command ["mail from:"] "<(.*)>(.*)" modify command ["mail from:"] "<root@bar.net>\2" fi END It is also allowed to use esmtp-* keywords in this section, provided that `esmtp-auth-delayed yes' is set in the CONTROL section. Changes in the ESMTP authentication credentials take effect if they occur either before receiving MAIL command from the client, or when handling this command, e.g.: BEGIN SMTP if command ["mail from:"] "<smith(\+.*)?@@example.net>" esmtp-auth-id smith esmtp-password guessme else esmtp-auth no fi END ** New keywords: log-facility and log-tag ** Guile output By default Scheme's standard error and output ports are redirected to syslog, using priorities `err' and `warning' correspondingly. ** MySQL options file When using MySQL for Anubis user database, the database parameters and access credentials are read from the file /etc/my.cnf, section "anubis". Additionally, two URL parameters are provided: "options-file", which sets the name of the options file, and "options-group", which sets the name of the group.
An SMTP message submission daemon. It represents an intermediate layer between mail user agent (MUA) and mail transport agent (MTA), receiving messages from the MUA, applying to them a set of predefined changes and finally inserting modified messages into an MTA routing network. The set of changes applied to a message is configurable on a system-wide and per-user basis.
inetutils
* ftp An old inability to allow other names than the canonical name has been corrected. This means that a machine entry in the .netrc file will now be used as expected. Previously any alias name was replaced by the corresponding canonical name, before reading the .netrc file. The internal command `hash' accepts a suffixed letter to the size argument, like `12k', instead of 12288. Made a minor change to the syntax of the command itself, allowing size changes independently of activation of hash markings. After a transfer the summary gives the speed as `Mbytes/s', `kbytes/s', or `bytes/s'. The .netrc file can be overridden by the environment variable NETRC. Of even higher precedence is the new option `-N/--netrc'. The access to the resulting file, whatever method, is now denied unless it is a regular file. * ifconfig Better command line parsing on BSD and Solaris systems. Touch only changeable flags on all systems. * logger The ability to use numerical facilities is restored to full range. * ping, ping6 The ability to specify a pattern as payload is corrected. * syslogd A new switch `-T/--local-time' makes the service ignore a time stamp passed on by the remote host, recording instead the local time at the moment the message was received. As a short form of `--pidfile', the switch `-P' is new. In common with other syslogd implementations, rsyslogd and sysklogd, there has for a long time existed an attack vector based on large facility numbers, made public in CVE-2014-3684. This is now mended in our code base. * telnetd The ability to autologin a client, without using authentication, is now functional in the expected manner, i.e., the prompt for a user name is suppressed in favour of an immediate password prompt. In a setting where the client is using a UTF-8 encoding, it was common to observe strange characters in most responses. This was caused by the server daemon, due to incomplete purging of internal protocol data. The issue should now be resolved. * whois Improved cooperation with servers like `whois.arin.net', `whois.eu', and `whois.ripe.net'.
Inetutils, or GNU Internet Utilities, are the basic internet utilities of the GNU Operating System.
idest
* Convert textual frames to/from the currently used character set The character set is deduced from the locale settings. It can also be set explicitly using the --charset option. * New option --broken-8bit-encoding Use this option for files where textual frames are stored as ISO-8859-1, but are actually using another 8-bit encoding. The argument to this option is the name of the enchoding actually used. In query mode, this option helps display such frames properly. Use it with the --fixup option to fix such frames in the file. * New option --encoding Specifies encoding to store textual frames in ID3 tags. * New option --fixup Modifies the ID3 v2 tag so that it can be understood by most devices. * The --convert option can be used to remove unnecessary ID3 formats. For example, if the file input.mp3 contains both version 1 and 2 tags, the following will remove version 1 tags: idest --convert=2 input.mp3 * Fix processing of unknown frames. * Fix operation of setpic and pic modules with Guile 2.x. * Improve documentation
Idest is an ID3 Edit and Scripting Tool, a command line utility for manipulating ID3 tags. The utility allows to create new tags, to view, modify or delete the existing ones. It also provides a flexible scripting capability.
wikitrans
Don't throw exception on invalid tokens. Fix python 3 compatibility
Provides Python framework for translating WikiMedia articles to various formats. The present version supports conversions to plain text, HTML, and Texinfo. A command line translator utility is included.
jumper
* Implement heartbeat event * Add auxiliary program: ifactive * Fix file descriptor leak
Jumper monitors network interfaces for certain kinds of traffic and starts preconfigured external programs when such traffic is detected. It is designed mainly to bring up network links (such as VPN and the like) on demand.
releaselogparser
Convert byte-like objects to UTF-8 strings.
Software packages usually include textual files describing noteworthy changes in each subsequent release. There exist several formats of such files. This package provides Python framework for parsing the most often used formats of such release log files. Support for any new format can be easily added.
sargon
A Docker authorization plugin that controls container creation. It enables the administrator to excercise control over the containers that users are allowed to create and decide whether to permit creation of privileged containers, what parts of the host file system can be visible to containers via bind or volume mechanism, what memory limits to apply, etc.
varnish-mib
Rewrite as a stand-alone snmpd agent.
Dynamically loadable object module for net-snmp snmpd that provides access to Varnish Cache statistics.
fileserv
* Bugfixes and organizational changes
Simple HTTP server for static files.
addts
Initial release.
UNIX filter for marking each line of input with the timestamp (useful with Apache ForensicLog).
swu
Initial release.
Displays the amount of swap space used by each running program. The utility is Linux-specific.
mbar
Initial release. ========================================================================= Copyright information: Copyright (C) 2016-2019 Sergey Poznyakoff Permission is granted to anyone to make or distribute verbatim copies of this document as received, in any medium, provided that the copyright notice and this permission notice are preserved, thus giving the recipient permission to redistribute in turn. Permission is granted to distribute modified versions of this document, or of portions of it, under the above conditions, provided also that they carry prominent notices stating who last changed them. Local variables: mode: outline paragraph-separate: "[ ]*$" eval: (add-hook 'write-file-hooks 'time-stamp) time-stamp-start: "changes. " time-stamp-format: "%:y-%02m-%02d" time-stamp-end: "\n" end:
A flexible mailbox archiver program based on GNU mailutils.
mbar scans the given mailbox folder for mailboxes matching a supplied pattern. For each mailbox found, a set of criteria is applied to its messages. All messages that matched the criteria are then picked and moved to the mailbox of the same name, located in the backup folder. If the destination mailbox doesn’t exist, it is created with the necessary intermediate directories.
certmon
Initial release.
A tool for monitoring the expiration times of remote SSL certificates via HTTPS. Can be used either as a Nagios plugin or as a standalone tool.
cpio
* Fix CVE-2015-1197 * Fix CVE-2016-2037 * Fix CVE-2019-14866
GNU cpio copies files into or out of a cpio or tar archive. The archive can be another file on the disk, a magnetic tape, or a pipe. GNU cpio supports a wide variety of archive formats.
mysqlstat
* Minor fixes in mysqlstat-setup * Provide default values for NULL columns
NetSNMP module that provides access to process list statistics and replication status of the mysqld server.
vmod-dict
* Drop support for Varnish versions prior to 6.0.0
This module for Varnish Cache adds to it the ability to look up values in a textual dictionary. A dictionary is a disk file containing on each line a keyword-value pair, separated by arbitrary amount of whitespace. Leading and trailing whitespace is ignored. Empty lines and comments (beginning with ‘#’ as the first non-whitespace character) are allowed. Two functions are provided: dict.load loads the dictionary from a disk file into hash table, and dict.lookup retrieves value for a given key.
wydawca
Fix handling of archivation requests.
An automatic release submission daemon. It implements the GNU automatic upload procedure, and supports upload directive files of version 1.1.
cfpeek
* New command line option --done (-d) This option is a counterpart of --init and supplies a cleanup expression, i.e. an expression that will be evaluated when the main loop has iterated over all nodes in the tree. * New parser: DHCPD A parser for dhcpd.conf file. * Drop support for Guile versions prior to 2.2.0
Parses a structured configuration file and retrieves values specified by keyword pathnames or globbing patterns.
Config::Parser
- Change bugtracker address.
Config::Parser
provides a framework for writing configuration file parsers. It is an intermediate layer between the abstract syntax tree (Config::AST) and implementation of a parser for a particular configuration file format. The package provides also Config::Parser::Ini
– a configuration file parser for ini-style files.
wyslij-po
* Fix parsing of po header fields * Use the Language header instead of Language-Team. Support for Language-Team and language tables is retained for backward compatibility. * Organizational change: repository moved to git The repository along with links for cloning can be viewed online at http://git.gnu.org.ua/cgit/wyslij-po.git. See https://puszcza.gnu.org.ua/git/?group=wyslij-po for instructions.
Wyslij-po runs basic checking on PO files given in the command line and submits them to the Translation Project robot.
Apache::Config::Preproc
* Change bugtracker address.
This Perl module reads and parses Apache configuration file, expanding constructs like Include
, IncludeOptional
, IfModule
, IfDefine
, Use
, etc.
Config::AST
- Change bugtracker address.
This perl module aims to provide a generalized implementation of parse tree for various configuration files. It does not implement parser for any existing configuration file format. Instead, it provides an API that can be used by parser implementors to build internal representation for the particular configuration file format.
Apache::Defaults
- Change bugtracker address.
This Perl module provides a mechanism for detecting version, default settings, and the preloaded modules of the Apache httpd server. It does so by locating the server binary, invoking it with appropriate options and analyzing the output it produces.
Mojo::Log::Syslog
- Change bugtracker address.
Syslog logging for Mojo applications
File::BackupCopy
- Change bugtracker address.
Perl extension for creating backup file copies. Three backup naming schemes are supported: simple backup creates backup file name by appending single tilde character to the original file name, numbered backup creates backup name by suffixing the original file name with .~N~
, where N is a decimal number. Finally, automatic backup selects numbered scheme if at least one numbered backup file already exists and falls back to the simple backup otherwise.
NetSNMP::Sendmail
* Change bugtracker address.
A perl plugin for NetSNMP that provides access to Sendmail statistics information obtained by mailq
and mailstats
.
Config::Parser::ldap
- Change bugtracker address
A Perl module for parsing the ldap.conf
configuration file.
tar
* Fix extraction over pipe (savannah bug #60002) * Fix memory leak in read_header (savannah bug #59897) * Fix extraction when . and .. are unreadable See https://lists.gnu.org/archive/html/bug-tar/2021-01/msg00012.html * Gracefully handle duplicate symlinks when extracting See https://lists.gnu.org/archive/html/bug-tar/2021-01/msg00026.html * Re-initialize supplementary groups when switching to user privileges
GNU tar is an archiver program. It is used to create and manipulate files that are actually collections of many other files; the program provides users with an organized and systematic method of controlling a large amount of data.
List::Regexp
* Change bugtracker address.
Perl module that, given a list of strings, produces a regular expression that matches any of the input strings
Text::Locus
- Change bugtracker address
A Perl class for representing locations in text files. A location in its simplest form consists of file name and line number. In more complex forms, location represents a text fragment spanning several (perhaps not contiguous) lines, or even files.
vcsync
* New configuration statement: sentinel The "sentinel" statement declares the name of a file which, when present in the destination directory, informs vcsync that this directory is exempt from the normal synchronization process. The presense of the sentinel file is an indication that the destination directory is updated by other means. * Full documentation added
Vcsync synchronizes files on the file system with the corresponding repository after each commit. It is normally configured as a hook, using the mechanism provided by the version control system of choice (loginfo
in CVS, post-commit
in SVN, or post-receive
in GIT).
POSIX::Run::Capture
- Fix packaging
A Perl module for running external commands and capturing their output. It prefers performance and effectiveness over portability. As its name suggests, it can be used only on POSIX systems.
glacier
* Use explicit DESTROY with AUTOLOADs
Command line tool for managing AWS Glacier
dico
* Bugfixes in the gcide module * Fix searches in the gcider utility * Support for Python 2 has been withdrawn
GNU Dico provides a flexible modular implementation of dictionary server, a number of modules for it, and a console based dictionary lookup utility. A Web interface is also available.
rpipe
* Syslog support New option '-S FACILITY' switches diagnostic output to the given syslog facility.
A simple tool for forwarding content of a local file to the stdin of a program running on a remote host via TCP. The tool was created when I needed to run GNU Mailman in a docker container without MTA in it. It implements a slightly modified version of TCPMUX protocol. The same binary (rpipe
) serves both as a server (on the remote end) and as a client (on the local end).
smap
* Support for Guile 2.2 * Bugfixes * Improved testsuite
An extendable socket map server with a set of modules and framework for writing new socket maps and testing them.
genrc
* Fix the --timeout option
Generic helper program for writing system initialization scripts. Depending on the operation mode, it starts, stops, reconfigures or displays the status of a specific program. Primary audience is Slackware system administrators. However, the tool is generic enough to be used on any other Linux (and not only) distribution. In the contrast to another similar programs (e.g. start-stop-daemon
), it is designed so that the entire rc
file can consist of only one line, invoking (or exec’ing) genrc
with the right set of arguments.
tpnotify
- Fix operation without -d option
Notifies the Translation Project about new POT files
micron
* Appending cronjob output to a file Output of a cronjob can be captured and appended to a disk file, instead of sending it via email or logging it using syslog. This is controlled by the _MICRON_OUTFILE (global) and _JOB_OUTFILE (per-job) built-in variables. * New option -P FILE Writes PID of the running process to FILE. The file will be removed when the program terminates. * Option -v replaces -o To set initial value of a built-in variable, use the "-v NAME=VALUE" option. * The -V option To obtain the micrond version, use the -V option. * Bugfixes ** Fix allocation of environment and built-in variables defined in crontabs.
An enhanced implementation of UNIX cron daemon.
tallyman
* tallyman: if passed empty service ID, don't attempt to contact the collector
Monitors state of running docker containers via SNMP. The package provides two utilities:
tallyman
A health state collector to be run inside the container.
stevedore
A container state collector and SNMP agent daemon.
Each container is supposed to run the tallyman
command as part of its HEALTHCHECK configuration. This tool takes as its argument the command line that does the actual checking, collects its return and sends it over to the stevedore
daemon that acts as a collector and simultaneously as a SNMP subagent, delivering the collected information to the snmpd
daemon.
cflow
* Multiple start functions are allowed The '--main' option can be given multiple times. A separate graph will be drawn for each function given as its argument. * New option --target=FUNCTION If this option is given, the produced graph will contain only paths leading from start function (or functions) to the given FUNCTION. Multiple '--target' options are allowed. * New output format: dot The '-f dot' (or '--format=dot') option instructs cflow to output graph as a description in DOT language, suitable as input to graphviz programs. * cflow-mode: new commands for navigating in the graph: c go to the calling function n go to the next function at the same nesting level p go to the previous function at the same nesting level * Bugfixes: ** CVE-2019-16165 ** CVE-2019-16166 ** Fix parsing of K&R style function declarations ** Improve parsing of typecasts ** Fix recursive call detection
This tool analyzes a collection of C source files and prints a graph charting control flow within the program.
direvent
* Introduce compound events The "change" event is implemented on GNU/Linux and FreeBSD. This event is delivered when a file was modified and closed. * New configuration statement for manipulating the environment. The "environ" statement is now a compound statement. It can contain five kinds of substatements: "clear" to clear the environment, "keep" to retain certain variables while clearing the environment, "set" to set a variable, "unset" to unset a variable or variables, and "eval" to evaluate a variable reference for side effects. Both "keep" and "unset" can take globbing pattern as their argument, in which case they affect all variables matching that pattern. The value part in the "set" statement is subject to variable expansion. The "environ" block can appear in global context as well. In this case it applies to all watchers. The support for the old one-line "environ" syntax is retained for backward compatibility. * Variable expansion in arguments to some configuration statements. Both macro and environment variables are expanded in arguments to all substatements of the new "environ" block statement and in the argument to the "command" statement. In the latter case, expansion of the environment variables is controlled by the "shell" option. If the option is set, the variable will be expanded by the shell. Otherwise, they are expanded by direvent prior to invoking the command. * Rewrite the recursive watching support In particular, this fixes the bug where recursive watchers silently assumed that the "create" generic event was configured for the watcher. * Change interface for bulk closing of file descriptors To speed up launching of the user commands, system-dependent interfaces for closing the file descriptors above the given one are used, if available.
GNU Direvent monitors a set of directories on the file system and reacts when their content changes. When a change is detected, the program invokes an external command configured for that kind of change.
gdbm
* Bucket cache switched from balanced tree to hash table Change suggested by Terence Kelly. * Speed up flushing the changed buckets on disk * New option codes for gdbm_setopt ** GDBM_GETDBFORMAT Return the database format. ** GDBM_GETDIRDEPTH Return the directory depth, i.e. the number of initial (most significant) bits in hash value that are interpreted as index to the directory. ** GDBM_GETBUCKETSIZE Return maximum number of keys per bucket. ** GDBM_GETCACHEAUTO Return the status of the automatic cache adjustment. ** GDBM_SETCACHEAUTO Enable or disable automatic cache adjustment.
GNU dbm is a library of database functions that use extendible hashing and works similar to the standard UNIX dbm functions. These routines are provided to a programmer needing to create and manipulate a hashed database.
eclat
* Implement the terminate-instances command. * Implement MoveAddressToVpc (addr2vpc) and RestoreAddressToClassic (addr2ec2). * Fix rmaddr -v. * Document chvol and lschvol commands. * Implement ModifyVolume and DescribeVolumesModifications.
Eclat stands for EC2 Command Line Administrator Tool. It allows you to manage Amazon EC2 services from the command line, fast and easy. Eclat does not require any resource-consuming libraries. It is written in plain C, depends only on libraries which are always installed on any decent system, and has a tiny memory footprint.
rex
* Hostgroup stack Rex now maintains a stack of hostgroups. Once you push a hostgroup name on stack, that hostgroup will be used by any subsequent rex command, unless it is given the -g option. The new command "group" (see below) provides ways to pop items off the stack, swap arbitrary element with the top of stack, select new hostgroups on the fly, etc. * New command: rex group The "rex group" command has the following forms: rex group push GROUP Push GROUP on stack. rex group pop Pop the topmost group off the stack. rex group swap N Exchange top of the stack with the Nth element (0-based). rex group drop N Remove Nth element from the stack. rex group select COMMAND ARGS... Create on top of the stack a temporary group that contains those hosts from the current hostgroup where the supplied shell command returns success, i.e. exits with code 0. rex group show List the contents of the hostgroup stack. * Add configuration function for overriding PTR records from rc files
Rex is a remote execution utility that runs a supplied command on a set of remote hosts. Arbitrary data can be supplied to the command in the form of local files, which will be transferred to each remote host prior to running the command and removed afterwards. Both parallel and sequential execution is supported.
Special mode exists to distribute a file or files to several hosts.
Rex is written in TCL and has extensive scripting facilities. It provides a convenient way to administrate multiple servers.
The program is designed to operate in a minimalistic environment. It is self-contained and does not need any external libraries.
mailutils
* mbox format: don't count terminating empty line as part of the message * Improve performance of the Sieve fileinto action * Improve efficiency of operations on flat mailboxes in append mode * Bugfixes in quoted-printable and fromrd filters * Variois fixes in mbox and dotmail format libraries * Fix compilation with flex version 2.6.1
GNU Mailutils is a swiss army knife of electronic mail handling. It contains a rich set of mail-related utilities and daemons, including pop3d
, imap4d
, sieve
and several domain-specific mail delivery agents.
slackupgrade
* Support for Slackware 15.0
Upgrades the Slackware installation to a new release. Two upgrade types are supported. In normal upgrade only packages already installed on the system are upgraded. In full upgrade, all packages from the new release are installed. A combination of the two can be achieved by supplying a list of additional Slackware series when running the normal upgrade.
pam-modules
* pam_fshadow: skip-password option Based on the proposal of Mirsad Goran Todorovac, the new option skip-password instructs pam_fshadow to check whether the user being authenticated is present in the passwd and/or shadow files, without verifying his password. This way pam_fshadow can be used as an auxiliary module in the stack, actual authentication being performed by one of the modules before it.
A collection of useful PAM modules plus a command line utility for checking PAM authentication and other management groups.
Config::HAProxy
- Handle the 'resolvers' section. - New class methods for declaring (and undeclaring) sections. - Fix changing the argv of a Node.
A perl module supplying a parser that converts the HAProxy configuration file to a parse tree and provides methods for various operations on this tree, such as: searching, modifying and saving it to a file.
vmod-basicauth
* Support for Varnish 7.1
This Varnish Cache module implements basic HTTP authentication against password files created with the Apache htpasswd utility.
rush
* Fix invalid memory addressing in remopt command * Fix building with flex >= 2.6.1 (EOF check)
GNU Rush is a Restricted User Shell. It is intended for use with ssh, rsh and similar remote access programs. Using a sophisticated configuration file, Rush gives you complete control over the command lines users can execute, system resources they can use, etc. In particular, it allows to run remote programs in a chrooted environment.
pies
* New configuration keywords ** sigterm SIG Available for use in "component" sections. This statement defines signal which pies should send to the running component instance in order to terminate it. Defaults to SIGTERM. * Fix the component shutdown sequence The shutdown sequence is determined taking into account dependencies between components, so that all dependent components are stopped before their prerequisite components. * Fallback log file Fallback log file is a place where pies writes out of band log messages, i.e. messages about not being able to open syslog socket or send logs to it. Regular log messages are diverted to this file if syslog was requested, but cannot be used because of a permanent error. * Bugfixes ** Fix piesctl config reload ** Fix configuration preprocessing. ** Varios fixes in REST API server.
GNU pies (pronounced p-yes) is a program invocation and execution supervisor. This utility allows to execute usual foreground-mode applications in detached mode, as if they were daemons. It combines the fucntionality of init
and inetd
programs. It can be used to control complex multi-component software.
vmod-geoip
* Support for Varnish 7.1 * Drop support for Varnish versions prior to 6.0.0
A module for Varnish Cache that provides API for using geolocation functions in VCL scripts.
vmod-tbf
* Support for Varnish 7.1
This module implements token bucket filtering for Varnish Cache.
vmod-binlog
* Support for Varnish 7.1
This module provides API for writing binary log files from Varnish VCL scripts and the utilities for listing and searching in such files.
vmod-remoteip
* Support for Varnish 7.1
This module is for Varnish Cache what mod_remoteip is for Apache. It determines the actual client IP address for the connection, using the useragent IP address list presented by a proxy or load balancer via the request headers and a preconfigred list of trusted IP addresses.
vmod-dbrw
* Support for Varnish 7.1
A Varnish Cache module implementing database-driven rewrite rules. Intended for use with web sites that need an exceedingly big number of redirect and/or rewrite rules, Vmod-dbrw allows the administrator to keep all rules in an SQL database of arbitrary structure, thereby considerably speeding up their handling. Another advantage of this approach is that rewrite rules stored in a database are easier to maintain.
vmod-sql
* Support for Varnish 7.1 * Drop support for Varnish versions prior to 6.0.0.
This module provides SQL interface for Varnish Cache. Both MySQL and PostgreSQL are supported.
vmod-variable
* Support for Varnish 7.1
Extended variable support for VCL
podiff
* Fix https://puszcza.gnu.org.ua/bugs/?562
This tool finds differences in translatable strings and translations between two PO files or between two revisions of the same file. It ignores any differences in comments, entry ordering and spacing.
hostproc
Fix deadlock.
Hostproc provides detailed information about processes running on a host over SNMP. The information is grouped in a way similar to the ps(1) output. Additional aggregating features allow the administrator to provide summary statistics for processes matching some criteria and to exclude such processes from the detailed output. The latter feature can be used, in particular, to separate statistics for processes running on the host from those that are run within docker containers. The program is built as a sub-agent for Net-SNMP snmpd and is Linux-specific.
mfmod_ldap
Initial release. ========================================================================= Copyright information: Copyright (C) 2022 Sergey Poznyakoff Permission is granted to anyone to make or distribute verbatim copies of this document as received, in any medium, provided that the copyright notice and this permission notice are preserved, thus giving the recipient permission to redistribute in turn. Permission is granted to distribute modified versions of this document, or of portions of it, under the above conditions, provided also that they carry prominent notices stating who last changed them. Local variables: mode: outline paragraph-separate: "[ ]*$" eval: (add-hook 'write-file-hooks 'time-stamp) time-stamp-start: "changes. " time-stamp-format: "%:y-%02m-%02d" time-stamp-end: "\n" end:
LDAP searches for mailfromd
mailfromd
* Default MFL source file suffix The default suffix for MFL files is changed to '.mfl'. In particular, the master script file is now "mailfromd.mfl". This change is intended to avoid confusion with Metafont files, which have suffix '.mf'. As of this version, the new suffix is recommended, but not obligatory: the legacy '.mf' suffix is still supported. If a file 'X.mfl' is not found, mailfromd will look for 'X.mf'. * MFL module search path MFL modules loaded using the "require" or "import" statements are looked up in module search path. Previously, they were searched for in include search path, which created confusion, since include search path is intended for use by preprocessor. To maintain backward compatibility, if mailfromd is unable to find a module in module search path, it will retry the search using include path. This behavior will be maintained during a transitional period (a couple of releases), after which searches in include search path will be discontinued. * Preprocessor configuration Use of preprocessor is configured by the following statement in the main configuration file: preprocessor { # Enable preprocessor. enable yes; # Preprocessor command line stub. command "m4 -s"; # Pass current include path to the preprocessor via -I options. pass-includes false; # Pass to the preprocessor the feature definitions via -D options # as well as any -D/-U options from the command line. pass-defines true; # Name of the preprocessor setup file. Unless absolute, it is # looked up in the include path. setup-file "pp-setup"; } If preprocessor.pass-includes is true, the preprocessor.command setting is augmented by zero or more -I options, thereby supplying it the mailfromd include path. Furthermore, if preprocessor.pass-defines is set, zero or more -D options defining optional features are passed to it (e.g. -DWITH_DKIM) as well as any -D and -U options from the mailfromd command line. Unless the value of preprocessor.setup-file begins with a slash, the file with this name is looked up in the current include search path. If found, its absolute name is passed to the preprocessor as first argument. If the value begins with a slash, it is passed to the preprocessor as is. * New MFL operator: $@ The $@ operator can be used as the last argument in a call to variadic function from another variadic function. It passes all variable arguments supplied to the calling function on to the function being called. E.g.: func x(...) do # do something done func y(string x, ...) do x($@) done In this example, if "y" is called as y("text", 1, 2, 3) it will call "x" as x(1, 2, 3). This operator can also be used with a numeric argument: $@(N). In this case, it will remove first N elements from the argument list and push remaining ones on stack. This is similar to the 'shift' operator in other programming languages, e.g.: x($@(2)) * Data types in variadic function declaration The ellipsis in a variadic function declaration can be preceded by the data type, e.g.: func sum (number ...) returns number For compatibility with previous versions, if the type is omitted, string is assumed. * The void() type cast The void() type cast can be used around a function call to indicate that its return value is ignored deliberately. * mfmod: dynamically loaded modules This new type of mailfromd modules uses dynamically loaded libraries to extend the program functionality without having to modify its code. For a detailed discussion see the manual, section 4.22, "Dynamically Loaded Modules". Three mfmods exist at the time of this writing: - https://www.gnu.org.ua/software/mfmod_ldap/ LDAP searches. - https://www.gnu.org.ua/software/mfmod_openmetrics Open metrics support. - https://www.gnu.org.ua/software/mfmod_prce/ Support for Perl-comparible regular expressions. * Syntax of special handler definitions Special handlers ("begin" and "end", in particular) are now defined using the standard "prog" keyword (similar to milter state handlers): prog begin do ... done prog end do ... done Old syntax is supported for backward compatibility, but causes a deprecation warning. Application writers are advised to update their code. * New special handlers: startup and shutdown These two handlers provide global initialization and cleanup routines. The "startup" handler is run by the master mailfromd process as part of the startup sequence, before the program starts to serve any milter requests. The "shutdown" handler is run when mailfromd is about to terminate. Notice an important differences between "startup"/"shutdown" and "begin"/"end" special handlers. The latter are session specific: they are run at the start and end of a milter session. The former are global: they are run at the program startup and shutdown. The "startup" handler is normally used by mfmod interface modules to load the corresponding shared library. * Use of STARTTLS in callout If TLS is supported by libmailutils, the SMTP callout code will use STARTTLS when offered by the remote server. This is controlled by the smtp-starttls configuration statement. Its possible values are: never Never use STARTTLS. always Always use STARTTLS if offered by the server. ondemand Use STARTTLS only if MAIL FROM: command failed with the code 530 (Authorization required). The default is "ondemand". * Qualified DBM file names in database configuration Argument to database.file statement can be prefixed with "database scheme" to select alternative DBM implementation. For example: database rate { file "gdbm://rate.db"; } See the manual, section 7.11 "Database Configuration" for details. * New command line option: --echo The --echo option allows you to control where the output of the "echo" statement goes in "run" and "test" modes. When used without argument it directs the output to the standard output stream. If an argument is supplied (as in: --echo=FILE), the output goes to the named file. The file will be created if it doesn't exist. Notice, that in the latter case, the use of '=' is compulsory (--echo FILE won't work). * Deprecated configuration statements removed Deprecated configuration statements `lock-retry-count' and `lock-retry-timeout' were removed in this version. Use the `locking' statement instead, e.g. instead of lock-retry-count 10; lock-retry-timeout 1; write locking { retry-count 10; retry-sleep 1; } * Removed support for obsolete features: legacy GeoIP and DSPAM
Mailfromd is a general-purpose mail filtering daemon for Sendmail, Postfix and MeTA1. It is able to filter both incoming and outgoing messages using criteria of arbitrary complexity, supplied by the administrator in the form of a script file. The daemon interfaces with the MTA using Milter or PMilter protocols.
syslogrelay
* Handling of control characters in syslog messages If the message text contains ASCII control characters (ASCII 0 to 31), these are replaced with their "caret notation", i.e. a caret character followed by the character value XORed with 0100. Thus, horizontal tabulation (ASCII 9) becomes ^I, carriage return (ASCII 13) becomes ^M, etc. By default the newline character is exempt from this translation. Instead, it is substituted with horizontal space (ASCII 32). The "-Wcontrol_chars=MODE" option can be used to alter this processing. Possible values for MODE are: caret Replace all control characters with their caret notation. The newline character is represented as ^J. caretnl The default algorithm as described above. octal Replace control characters with their octal representation. raw Reproduce control characters verbatim. * New option -s: set input buffer size The -s option changes the default input buffer size. Its argument is the desired size in bytes. For UDP input, values of up to 4096 are allowed. The default is 1024. * New output channel: pri:///DIR Distributes messages to two disk files located in directory DIR. The name of the file to write to is selected depending on the message severity. Messages with severity greater than LOG_ERR are directed to file "1" ("out" file), messages with severity less than or equal to LOG_ERR are directed to file "2" ("err" file). This channel understands the following parameters: severity=SEVERITY Gives name of the delimiter severity. Messages with severity less than or equal to that value will be directed to "err" file. (DIR/2, by default). errfile=NAME Sets the name of the "err" file. outfile=NAME Sets the name of the "out" file. prio=none|keep|decode Controls whether and how the message priority is reflected on the output. See the channel "file:" for details. Default settings correspond to: -Wseverity=err -Werrfile=2 -Woutfile=1 -Wprio=none
This program provides system log forwarding facility for confined environments, such as docker containers. It listens for incoming system log messages on the UNIX socket file /dev/log
and forwards them to the specified remote server.
Relayed messages are normalized to make sure they comply with the RFC 3164. In particular, hostname is added if necessary. This is important in docker environments, since otherwise the collector would insert the IP address of the container or gateway in place of the missing hostname, and neither IP is informative enough to identify the container where the message originated.
texinfo
This is a bug-fix release with minimal changes. * texi2any . do not distribute architecture-dependent files . build fixed on OpenIndiana 11 * info . further fix of recoding of UTF-8 files to ASCII . fix check for presence of man pages on Solaris * install-info . fix build by avoiding function name clash on some platforms . compiler warning re strncat silenced
Texinfo is the official documentation format of the GNU project. It uses a single source file to produce output in a number of formats, both online and printed (dvi, html, info, pdf, xml, etc.).
acmeman
- New domain source: pound.
A tool for automatic creation and renewal of ACME (LetsEncrypt) SSL certificates. The list of domains to handle can be obtained from acmeman or apache configuration files, or from both. If the default acmeman configuration file doesn’t exist, the program scans apache configuration files for a list of domains.
mfmod_openmetrics
* http server: fix the Connection: header in HTTP response
Openmetrics support for mailfromd.
ping903
* Fix handing of the Connection: HTTP handler (both server and client)
Ping903 is designed to periodically monitor a very large number of remote hosts using ICMP ECHO packets. The package is built using the client-server architecture. The main component (ping903) is a daemon that sits in memory and wakes up periodically to send certain number of ICMP echo packets to a preconfigured number of hosts and to collect replies. The resulting round-trip statistics is made available via REST API.
xenv
* Diagnostic directives: $$warning and $$error The $$warning directive emits warning message. It does not alter exit status in any way. The $$error directive reports a fatal error and sets exit status to 65. After both directives, processing is resumed at the next line. * $$exit New directive $$exit causes immediate termination of the program. Decimal exit code may be supplied as argument. * New directive: $$eval The text between $$eval and $$end is expanded and the resulting expansion is scanned again, producing the actual output. This makes it possible to create variable names on the fly and get their values. Useful in loops, e.g.: $$loop I 0 1 2 3 4 5 6 7 $$ eval \$\$ ifset VAR_$I Expand \$VAR_$I; \$\$ endif $$ end $$end * Bugfixes ** Fix closing the $$range loop.
Xenv is a text preprocessor. It reads input from files (or the standard input, if none are supplied) and prints it on the standard output, replacing references to environment variables with their actual values. Variables are referenced using POSIX-compatible shell syntax: $NAME
, ${NAME}
, ${NAME:-word}
, ${NAME+=word}
, ${NAME:=word}
, ${NAME:?word}
. A special ternary construct is provided: ${NAME:|word1|word2}
, which substitutes the expansion of word1 if NAME is set and the expansion of word2 otherwise. Preprocessor directives provide support for inclusion of external files, conditional text expansion (depending on the value of an environment variable or exit code of an external command), diversions, for and foreach loops etc.
pound
* Load-balancing strategies A load balancing strategy defines algorithm used to distribute incoming requests between multiple regular backends. This version of pound implements two such strategies: ** Weighted Random Balancing This is the default strategy and the one implemented by prior versions of pound. Each backend is assigned a numeric priority between 0 and 9 (inclusive). The backend to use for each request is determined at random taking into account backend priorities, so that backends with numerically greater priorities have proportionally greater chances of being selected than the ones with lesser priorities. ** Interleaved Weighted Round Robin Balancing Requests are assigned to each backend in turn. Backend priorities, or weigths, are used to control the share of requests handled by each backend. The greater the weight, the more requests will be sent to this backend. * New statement: Balancer The Balancer statement can appear in global and in Service scope. It defines the load balancer to use. Possible arguments are: random, to use weighted random balancing (default), and iwrr to use interleaved weighted round robin balancing. * Backreferences Up to eight most recent matches are saved. They can be referenced as $N(M), where N is number of the parenthesized subexpression, and M is number of the match. Matches are numbered in reverse chronological order with the most recent one being at index 0. The (0) can be omitted ($1 is the same as $1(0)). For example, given the following statements: Host -re "www\\.(.+)" Header -re -icase "^Content-Type: *(.*)" Path "^/static(/.*)?" "$1" refers to the subgroup of Path, "$1(1)" - to that of Header, and "$1(2)" - to that of Host. Curly braces may be used to delimit reference from the text that follows it. This is useful if the reference is immediately followed by a decimal digit or opening parenthesis, as in: "${1}(text)". * Request matching directives In addition to "URL" and "Header", the following matching directives are provided Path [options] "value" Match path. Query [options] "value" Match query. QueryParam "name" [options] "value" Match query parameter. * Request modification directives Request modification directives apply changes to the incoming request before passing it on to the service or backend. They can be used both in ListenHTTP (ListenHTTPS) and Service sections. The following directives are provided: DeleteHeader "header: pattern" Remove matching headers from the incoming requests. SetHeader "header: to add" Add the defined header to the request passed. If the header already exists, change its value. SetURL "value" Sets the URL part of the request. SetPath "value" Sets the path part. SetQuery "value" Sets the query part. SetQueryParam "name" "value" Sets the query parameter "name" to "value". Rewrite ... [ Else ... ] End Conditionally apply request modification depending on whether request matches certain conditions, e.g.: Rewrite Path "\\.(jpg|gif)$" SetPath "/images$0" Else Match AND Host "example.org" Path "\\.[^.]+$" End SetPath "/static$0" Else Path "\\.[^.]+$" SetPath "/assets$0" End * Request accessors These are special constructs that, when used in string values, are replaced with the corresponding parts of the incoming request. The supported accessors are: %[url] The URL of the request. %[path] The path part of the request. %[query] The query part of the request. %[param NAME] The value of the query parameter NAME. %[header NAME] The value of the request header NAME. Request accessor can be used in all strings where the use of backreferences is allowed: i.e. arguments to Redirect, ACME, Error directives, and to all request modification directives described above. * Listener labels Listeners can be assigned symbolic labels. The syntax is: ListenHTTP "name" or ListenHTTPS "name" The "name" must be unique among all listeners defined in the configuration. This symbolic name can be used to identify listener in poundctl requests (see below). * Service labels Service labels must be unique among all services within the listener (or in the configuration file, for global ones). * Use of listener and service labels in poundctl Listeners and services can be identified both by their numbers and labels. For example: poundctl list /main/static/1 * Use of multiple redirects in single service Use of multiple redirect backends in single service, as well as mixing them with regular backends is deprecated and causes a warning message.
Pound is a reverse proxy, load balancer and HTTPS front-end for Web servers. It was developed to enable distributing load among several Web-servers and to allow for a convenient SSL wrapper for those Web servers that do not offer it natively.
Pound was originally developed by Robert Segall at Apsis GmbH. I took over its development when Robert announced that he abandons it.