This package provides VFS Capability Utilities.
It enables to setup/confirm file capability.

Authors:
--------
KaiGai Kohei

gwhois is a generic whois client (and server) which strives to know the right
server to query for each and every top level domain and IP address. You can ask
gwhois about a domain or IP address, and it will automatically forward your
query to the appropriate server. It even queries whois servers that can only be
reached by a Web form, and outputs the results as text. It can be used as a
client or as a relaying server, so you can use your normal whois client to ask
gwhois.

Authors:
--------
Michael Holzt

hsetroot is a tool which allows you to compose wallpapers ("root pixmaps") for
X. It has a lot of options like rendering gradients, solids, images but it also
allows you to perform manipulations on those things, or chain them together.
You could use one standard background image for isntance, and using tint to
make it fit your current theme. And yes, of course it is compatible with
semi-translucent applications like aterm and xchat :)

At this time, hsetroot can render: gradients (multi-color with variable
distance), solids (rectangles) and images (centered, tiled, fullscreen, or
maximum aspect). It supports the following manipulations: tinting (overlaying a
color mask), blurring, sharpening, flipping (horizontally, diagonally,
vertically) it also allows you to adjust brightness, contrast and gamma-level.
hsetroot also supports alpha-channels when rendering things.

Authors:
---------
hyriand

inotail is a replacement for the 'tail' program found in the base installation
of every Linux/UNIX system. It makes use of the inotify infrastructure in
recent versions of the Linux kernel to speed up tailing files in the follow
mode (the '-f' option). Standard tail polls the file every second by default
while inotail listens to special events sent by the kernel through the inotify
API to determine whether a file needs to be reread.

Currently inotail is not fully compatible to neither POSIX or GNU tail but
might be in the future.

Authors:
--------
Tobias Klauser

ipsvd is a set of internet protocol service daemons for Unix. It currently
includes a TCP/IP service daemon, an SSLv3 TCP/IP service daemon (Linux and
MacOSX), and an UDP/IP service daemon.

An internet protocol service (ipsv) daemon waits for incoming connections on a
local socket; for new connections, it conditionally runs an arbitrary program
with standard input reading from the socket, and standard output writing to the
socket (if connected), to handle the connection. Standard error is used for
logging.

ipsv daemons can be told to read and follow pre-defined instructions on how to
handle incoming connections; based on the client's IP address or hostname, they
can run different programs, set a different environment, deny a connection, or
set a per host concurrency limit.

Normally the ipsv daemons are run by a supervisor process, such as runsv from
the runit package, or supervise from the daemontools package.

ipsvd can be used to run services normally run by inetd, xinetd, or tcpserver.

Authors:
---------
Gerrit Pape

Kelbt generates backtracking LALR(1) parsers. Standard LALR(1) parser
generators emit an error upon encountering a conflict in the parse tables.
Kelbt forges onward, generating parsers which handle conflicts by backtracking
at runtime. Kelbt is able to generate a parser for any context-free grammar and
therefore implements a generalized parsing method.

Kelbt is different from other backtracking LR systems in two ways. First, it
elevates backtracking to the level of semantic actions by introducing a class
of actions called undo actions. Undo actions are invoked as the backtracker
undoes parsing and allow the user to revert any side effects of forward
semantic actions. This makes it possible to backtrack over language constructs
which must modify global state in preparation for handling context
dependencies.

Second, Kelbt enables a user-controlled parsing strategy which approximates
that of generalized recursive-descent parsing. This makes it easy for the user
to resolve language ambiguities by ordering the grammar productions of a
nonterminal according to their precedence.

Kelbt has been used to write a C++ parser (included) which is composed of
strictly a scanner, a name lookup stage and a grammar with standard semantic
actions and semantic undo actions.

Authors:
--------
Adrian Thurston

The original idea behind this project was to provide a tool to apply the
data-recovery capability concepts of RAID-like systems to the posting and
recovery of multi-part archives on Usenet. We accomplished that goal. Our new
goal with version 2.0 of the specification is to improve. It extends the idea
of version 1.0 and takes the recovery process beyond the file-level barrier.
This allows for more effective protection with less recovery data, and removes
some previous limitations on the number of recoverable parts. See Par1 compared
to Par2 for a more detailed view of the differences.

Because this new approach doesn't benefit from like sized files, it drastically
extends the potiental applications of PAR. Files such as video, music, and
other data can remain in a usable format and still have recovery data
associated with them.

The technology is based on a 'Reed-Solomon Code' implementation that allows for
recovery of any 'X' real data-blocks for 'X' parity data-blocks present.
(Data-blocks referring to files OR much smaller virtual slices of files).

The key to this mission is a clean file format specification which provides all
the necessary capabilities for programs to easily verify and regenerate single
missing parts out of a set of data-blocks.

Authors:
--------
Francois Lesueur
Peter Brian Clements

A Password Safe V3 compatible Password Vault written in Python.
It features a WX python and commandline interface

Computes the MD5, SHA-1, SHA-256, Tiger, or Whirlpool message digest for any
number of files while optionally recursively digging through the directory
structure. Can also match input files against lists of known hashes in a
variety of formats.

nmdb is a network database (dbm-style) for controlled networks that can use
different protocols to to communicate with its clients. It supports TIPC, TCP,
UDP and SCTP.

It consists of an in-memory cache that saves (key, value) pairs, and a
persistent backend that stores the pairs on disk.

Both work combined, but the use of the backend is optional, so you can use the
server only for cache queries, pretty much like memcached.

A library is provided to interact with the database and the cache in a very
simple way. Python, D, NewLISP, Ruby, Bigloo Scheme, and Haskell bindings are
also available and come with the distribution (although except for the Python
bindings, the rest are not widely tested).

Authors:
--------
Alberto Bertogli

nmdb is a network database (dbm-style) for controlled networks that can use
different protocols to to communicate with its clients. It supports TIPC, TCP,
UDP and SCTP.

It consists of an in-memory cache that saves (key, value) pairs, and a
persistent backend that stores the pairs on disk.

Both work combined, but the use of the backend is optional, so you can use the
server only for cache queries, pretty much like memcached.

A library is provided to interact with the database and the cache in a very
simple way. Python, D, NewLISP, Ruby, Bigloo Scheme, and Haskell bindings are
also available and come with the distribution (although except for the Python
bindings, the rest are not widely tested).

Authors:
--------
Alberto Bertogli

Good-old rdate date and time-setting software implementing RFC 868 (inetd time)
and RFC 2030 (SNTP/NTP) protocols. An independent package of the OpenBSD's
rdate program.

Authors:
---------
David Snyder
David Mazieres
Thomas Roessler
N.M. Maclaren
Thorston "mirabile" Glaser
Christos Zoulas

LONG DESCRIPTION
HERE

This is the PRNGD "Pseudo Random Number Generator Daemon". It offers an EGD
compatible interface to obtain random data and is intented to be used as an
entropy source to feed other software, especially software based on OpenSSL.

Like EGD it calls system programs to collect entropy.

Unlike EGD it does not generate a pool of random bits that can be called from
other software. Rather more it feeds the bits gathered into the OpenSSL PRNG
from which the "random bits" are obtained when requested. This way, PRNGD is
never drained and can never block (unlike EGD), so it is also suitable to seed
inetd-started programs. It also features a seed-save file, so that it is
immediately usable after system start.

Authors:
--------
Lutz Jänicke

pws aims to be a fully compatible passwordsafe implementation.
heart of the project is libpws, a general library for reading and
writing passwordsafe compatible files. currently passwordsafe files
format v2 and passwordsafe files format v3.2 are supported.

Authors:
--------
Timo Benk

* Pure command-line operation if desired (good for remote access over ssh)
* or can interact with X11 selection & clipboard.
* Portable, endianess-clean, misaligned-access-free C++. Compiles cleanly on linux, *bsd, macos x, solaris.
* Compatible with CounterPane's PasswordSafe Win32 program versions 1.9.x.
* Funny comments included in source code.

Author:
---------
Nicolas S. Dade

runit is a cross-platform Unix init scheme with service supervision; a
replacement for sysvinit and other init schemes. It runs on GNU/Linux, *BSD,
Mac OS X, and Solaris, and can easily be adapted to other Unix operating
systems. runit implements a simple three-stage concept. Stage 1 performs the
system's one-time initialization tasks. Stage 2 starts the system's uptime
services (via the runsvdir program). Stage 3 handles the tasks necessary to
shutdown and halt or reboot.

Authors:
---------
Gerrit Pape

The seccure toolset implements a selection of asymmetric algorithms based on
elliptic curve cryptography (ECC). In particular it offers public key
encryption / decryption, signature generation / verification and key
establishment.

ECC schemes offer a much better key size to security ratio than classical
systems (RSA, DSA). Keys are short enough to make direct specification of keys
on the command line possible (sometimes this is more convenient than the
management of PGP-like key rings). seccure builds on this feature and therefore
is the tool of choice whenever lightweight asymmetric cryptography --
independent of key servers, revocation certificates, the Web of Trust or even
configuration files -- is required.

Authors:
--------
B. Poettering

LONG DESCRIPTION
HERE

since is a tail(1) work-alike that remembers how much of a file you have viewed
and displays only what's new when you next view that file. Ideal for viewing
log files (it'll only show what's new in the file since the last time it was
run).

socklog, in cooperation with the runit package, is a small and secure
replacement for syslogd. There are three main features syslogd provides:
receiving syslog messages from an unix domain socket ("/dev/log") and writing
them to various files on disk depending on facility and priority. receiving
syslog messages from an udp socket ("0.0.0.0:514") and writing them to various
files on disk depending on facility and priority. writing received syslog
messages to an udp socket ("a.b.c.d:514")

socklog provides these features with the help of runit's runsvdir, runsv, and
svlogd, provides a different network logging concept, and additionally does log
event notification.

svlogd has a built in log file rotation based on file size, so there is no need
for any cron jobs or similar to rotate the logs. Log partitions can be
calculated properly.

Authors:
---------
Gerrit Pape

What is "Secret Sharing"?
Citing from the Wikipedia article about Secret Sharing:

In cryptography, a secret sharing scheme is a method for distributing a secret amongst a group of participants, each of which is allocated a share of the secret. The secret can only be reconstructed when the shares are combined together; individual shares are of no use on their own.

More formally, in a secret sharing scheme there is one dealer and n players. The dealer gives a secret to the players, but only when specific conditions are fulfilled. The dealer accomplishes this by giving each player a share in such a way that any group of t (for threshold) or more players can together reconstruct the secret but no group of less than t players can. Such a system is called a (t,n)-threshold scheme.

A popular technique to implement threshold schemes uses polynomial interpolation ("Lagrange interpolation"). This method was invented by Adi Shamir in 1979. You can play around with a threshold scheme on the demo page.

Note that Shamir's scheme is provable secure, that means: in a (t,n) scheme one can prove that it makes no difference whether an attacker has t-1 valid shares at his disposal or none at all; as long as he has less than t shares, there is no better option than guessing to find out the secret.

Run svscan under supervise, allowing svc -t the parent supervise to kill all of
the children under the sub-supervise

Authors:
--------
http://gpl.internetconnection.net/

Service toolbox for building trigger-launched programs, wrapping TTYs, and
making lockfiles

Authors:
--------
http://gpl.internetconnection.net/

Use daemontools to allow regular users to have ~/.service/ directories
(requires subsvscan and svc)

Authors:
--------
http://gpl.internetconnection.net/