This package performs runtime integrity checking of the Linux kernel and detection of security vulnerability exploits against the kernel.

IP sets are a framework inside the Linux 2.4.x and 2.6.x kernel which can be administered by the ipset utility. Depending on the type, currently an IP set may store IP addresses, (TCP/UDP) port numbers or IP addresses with MAC addresses in a way which ensures lightning speed when matching an entry against a set.

If you want to

• store multiple IP addresses or port numbers and match against the entire collection using a single iptables rule.

• dynamically update iptables rules against IP addresses or ports without performance penalty.

• express complex IP address and ports based rulesets with a single iptables rule and benefit from the speed of IP sets.

then IP sets may be the proper tool for you.

kernel-hardening-checker is a tool for checking the security hardening options of the Linux kernel. Provided preferences are based on suggestions from various sources, including:

• KSPP recommended settings

• CLIP OS kernel configuration

• Last public grsecurity patch (options which they disable)

• SECURITY_LOCKDOWN_LSM patchset

• Direct feedback from the Linux kernel maintainers

This tool supports checking Kconfig options and kernel cmdline parameters.

This package provides a PAM interface using ctypes.

Firejail is a SUID sandbox program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces, seccomp-bpf and Linux capabilities. The software includes sandbox profiles for a number of common Linux programs. Firejail should be added to the list of setuid programs in the system configuration to work properly. Builded with --disable-sandbox-check, which is only intended for development.

jmtpfs uses FUSE to provide access to data over MTP. Unprivileged users can mount the MTP device as a file system.

GNU Linux-Libre is a free (as in freedom) variant of the Linux kernel. It has been modified to remove all non-free binary blobs.

The i2c-tools package contains a heterogeneous set of I2C tools for Linux: a bus probing tool, a chip dumper, register-level SMBus access helpers, EEPROM decoding scripts, EEPROM programming tools, and a python module for SMBus access.

The cpufrequtils suite contains utilities to retrieve CPU frequency information, and set the CPU frequency if supported, using the cpufreq capabilities of the Linux kernel.

Libcap2 provides a programming interface to POSIX capabilities on Linux-based operating systems.

This package provides a library and a command line interface to the variable facility of UEFI boot firmware.

cpuid dumps detailed information about the CPU(s) gathered from the CPUID instruction, and also determines the exact model of CPU(s). It supports Intel, AMD, and VIA CPUs, as well as older Transmeta, Cyrix, UMC, NexGen, Rise, and SiS CPUs.

This package provides a Linux Kernel module that controls battery charging of specific ThinkPad laptops. It also includes an improved version of the HDAPS driver. The underlying hardware interfaces are SMAPI and direct access to the embedded controller.

PowerTOP is a Linux tool to diagnose issues with power consumption and power management. In addition to being a diagnostic tool, PowerTOP also has an interactive mode where the user can experiment various power management settings for cases where the operating system has not enabled these settings.

NTFS-3G provides read-write access to NTFS file systems, which are commonly found on Microsoft Windows. It is implemented as a FUSE file system. The package provides additional NTFS tools.

NTFS-3G provides read-write access to NTFS file systems, which are commonly found on Microsoft Windows. It is implemented as a FUSE file system. The package provides additional NTFS tools.

OpenFabrics Interfaces (OFI) is a framework focused on exporting fabric communication services to applications. OFI is best described as a collection of libraries and applications used to export fabric services. The key components of OFI are: application interfaces, provider libraries, kernel services, daemons, and test applications.

Libfabric is a core component of OFI. It is the library that defines and exports the user-space API of OFI, and is typically the only software that applications deal with directly. It works in conjunction with provider libraries, which are often integrated directly into libfabric.

ddate displays the Discordian date and holidays of a given date. The Discordian calendar was made popular by the "Illuminatus!" trilogy by Robert Shea and Robert Anton Wilson.

F2FS, the Flash-Friendly File System, is a modern file system designed to be fast and durable on flash devices such as solid-state disks and SD cards. This package provides the userland utilities.

Powerstat measures and reports your computer's power consumption in real time. On mobile PCs, it uses ACPI battery information to measure the power drain of the entire system.

Powerstat can also report RAPL power domain measurements. These are available only on some hardware such as Intel Sandybridge and newer, and cover only part of the machine's components such as CPU, DRAM, and graphics. However, they provide accurate and immediate readings and don't require a battery at all.

The output is like vmstat but also shows power consumption statistics: at the end of a run, powerstat will calculate the average, standard deviation, and minimum and maximum values. It can show a nice histogram too.

NUMA stands for Non-Uniform Memory Access, in other words a system whose memory is not all in one place. The numactl program allows you to run your application program on specific CPUs and memory nodes. It does this by supplying a NUMA memory policy to the operating system before running your program.

The package contains other commands, such as numastat, memhog, and numademo which provides a quick overview of NUMA performance on your system.

This library parses raw Linux kernel trace event formats.

ipvsadm(8) is used to set up, maintain or inspect the virtual server table in the Linux kernel. The Linux Virtual Server can be used to build scalable network services based on a cluster of two or more nodes.

mdadm is a tool for managing Linux Software RAID arrays. It can create, assemble, report on, and monitor arrays. It can also move spares between raid arrays when needed.