Headers of the Linux-Libre kernel.

This package provides boltd, a userspace daemon for Thunderbolt devices, and boltctl, a command-line utility for managing those devices.

The daemon boltd exposes devices via D-Bus to clients. It also stores a database of previously authorized devices and will, depending on the policy set for the individual devices, automatically authorize newly connected devices without user interaction.

The command-line utility boltctl manages Thunderbolt devices via boltd. It can list devices, monitor changes, and initiate authorization of devices.

This package provides a PAM module that hands over your login password to gpg-agent. This can be useful if you are using a GnuPG-based password manager like pass.

Kbd-neo provides the Neo2 keyboard layout for use with loadkeys(1) from kbd(4).

GNU Linux-Libre is a free (as in freedom) variant of the Linux kernel. It has been modified to remove all non-free binary blobs.

fakeroot runs a command in an environment where it appears to have root privileges for file manipulation. This is useful for allowing users to create archives (tar, ar, deb, etc.) with files in them with root permissions and/or ownership.

Without fakeroot, one would have to have root privileges to create the constituent files of the archives with the correct permissions and ownership, and then pack them up, or one would have to construct the archives directly, without using the archiver.

BCC is a toolkit for creating efficient kernel tracing and manipulation programs, and includes several useful tools and examples. It makes use of extended BPF (Berkeley Packet Filters), formally known as eBPF, a new feature that was first added to Linux 3.15. Much of what BCC uses requires Linux 4.1 and above.

mbpfan is a fan control daemon for Apple Macbooks. It uses input from the coretemp module and sets the fan speed using the applesmc module. It can be executed as a daemon or in the foreground with root privileges.

GNU Linux-Libre is a free (as in freedom) variant of the Linux kernel. It has been modified to remove all non-free binary blobs.

The SBC is a digital audio encoder and decoder used to transfer data to Bluetooth audio output devices like headphones or loudspeakers.

GNU Linux-Libre is a free (as in freedom) variant of the Linux kernel. It has been modified to remove all non-free binary blobs.

This package provides a kernel module that is capable of resetting hardware devices into a state where they can be re-initialized or passed through into a virtual machine (VFIO). While it would be great to have these in the kernel as PCI quirks, some of the reset procedures are very complex and would never be accepted as a quirk (ie AMD Vega 10).

haveged generates an unpredictable stream of random numbers for use by Linux's /dev/random and /dev/urandom devices. The kernel's standard mechanisms for filling the entropy pool may not be sufficient for systems with high needs or limited user interaction, such as headless servers.

haveged runs as a privileged daemon, harvesting randomness from the indirect effects of hardware events on hidden processor state using the HAVEGE algorithm. It tunes itself to its environment and provides the same built-in test suite for the output stream as used on certified hardware security devices.

The quality of the randomness produced by this algorithm has not been proven. It is recommended to run it together with another entropy source like rngd, and not as a replacement for it.

libnetfilter_cthelper is a userspace library that provides a programming interface to user-space connection tracking helpers.

1. register new user-space connection tracking helpers

2. unregister user-space connection tracking helpers

3. list existing registered user-space connection tracking helpers

Nvme-cli is a utility to provide standards compliant tooling for NVM-Express drives. It was made specifically for Linux as it relies on the IOCTLs defined by the mainline kernel driver.

GNU Linux-Libre is a free (as in freedom) variant of the Linux kernel. It has been modified to remove all non-free binary blobs.

This package provides many of the missing pieces in GNU libc. Most notably the string functions: strlcpy(3), strlcat(3) and the *BSD sys/queue.h and sys/tree.h API's.

jmtpfs uses FUSE to provide access to data over MTP. Unprivileged users can mount the MTP device as a file system.

Udev is a daemon which dynamically creates and removes device nodes from /dev/, handles hotplug events and loads drivers at boot time.

Libcap2 provides a programming interface to POSIX capabilities on Linux-based operating systems.

These are a set of utilities built upon sysfs, a virtual file system in Linux kernel versions 2.5+ that exposes a system's device tree. The package also contains the libsysfs library.

nftables is the project that aims to replace the existing ip,ip6,arp,ebtables framework. Basically, this project provides a new packet filtering framework, a new userspace utility and also a compatibility layer for ip,ip6tables. nftables is built upon the building blocks of the Netfilter infrastructure such as the existing hooks, the connection tracking system, the userspace queueing component and the logging subsystem.

The Python scripts in this project generate a GTK-UI to change TLP configuration files easily. It aims to protect users from setting bad configuration and to deliver a basic overview of all the valid configuration values.

kernel-hardening-checker is a tool for checking the security hardening options of the Linux kernel. Provided preferences are based on suggestions from various sources, including:

• KSPP recommended settings

• CLIP OS kernel configuration

• Last public grsecurity patch (options which they disable)

• SECURITY_LOCKDOWN_LSM patchset

• Direct feedback from the Linux kernel maintainers

This tool supports checking Kconfig options and kernel cmdline parameters.