Posted in

AIX Toolbox – What is hidden among the RPM packages for AIX?

Kamil Pytlińskiby Kamil Pytliński0Posted inIBM, IBM POWER, Linux

Most of us working with AIX know the IBM AIX Toolbox for Open Source Software. It’s a repository that gives us access to the open-source world. But have you ever looked closely at what the list of available packages there offers? I decided to do an alphabetical review of the Toolbox. I must admit, it was an interesting experience. I expected routine applications, but I came across quite a few interesting items.

Of course, there were packages I know very well and use regularly, like bash, git, python, or vim. However, among them, I found many items that were completely new to me or whose existence on AIX I had no idea about, for example, atf-tests (a test suite for the Automated Testing Framework – interesting, what exactly do they test?), gnutls (an alternative library to OpenSSL for handling TLS/SSL), or tripwire (an intrusion detection system monitoring file integrity).

A few packages particularly caught my attention, and I definitely want to test them in the near future! I’m thinking of, for example, iftop (a network traffic monitor in the style of top), salt (an alternative to Ansible, Chef, Puppet), mosh (SSH resistant to connection drops?), criwpar (managing WPARs using CRI-compatible tools), duo_unix (easy 2FA for AIX?), or bbcp (super-fast copying of large files?), and that’s just a snippet of what’s there.

I thought browsing hundreds of package names wouldn’t sound exciting, but seriously, it can be absorbing. Initially, I wanted to choose a few of the most interesting ones, but my personal list of potential hits quickly grew to over 100 items! But don’t worry! If you feel weary after the first 10 items on the list, you can stop reading at any time. But honestly? I have a feeling, however, that it might draw you in too. So, let’s begin.

  • ansible (7.2.0): ‘Curated set of Ansible collections included in addition to ansible-core’ – A more complete Ansible package, containing ansible-core plus a curated set of “collections” (ready-made modules and roles) for performing typical tasks.
  • atf-tests (0.21): ‘Automated Testing Framework – Test suite’ – A test suite for (or using) the ATF (Automated Testing Framework), often used for testing system software.
  • autogen (5.18.16): ‘Automated text file generator’ – A tool for generating files (often source code or documentation) based on templates and definitions, simplifying the creation of repetitive code fragments.
  • bash-completion (2.11): ‘Programmable completion for Bash’ – Scripts and mechanisms that add intelligent command and argument completion (suggestion) to the Bash shell using the Tab key.
  • bbcp (15.02.03.01.1): ‘Securely and quickly copy data from source to target’ – A tool for very fast and secure (optionally) copying of large files between systems, often used in HPC (High Performance Computing) environments.
  • calicoctl (3.3.1 (7.2)): ‘Calico CLI tool’ – Command-line tool for managing Calico configuration and resources.
  • cdda2wav (3.01): ‘A utility for sampling/copying .wav files from digital audio CDs.’ – A tool for ripping (extracting) audio tracks from CD-Audio discs directly into WAV format files. Part of the cdrtools package.
  • clamav (1.0.7): ‘Antivirus Toolkit’ – An open-source antivirus engine used for detecting viruses, trojans, malware, and other threats. Includes the clamscan scanner and clamd daemon.
  • cloud-init (22.1): ‘Cloud node initialization tool’ – A tool used primarily in cloud environments for automatic configuration of newly created virtual machines on their first boot (setting hostname, SSH keys, running scripts, etc.).
  • coreutils (9.5): ‘The GNU core utilities’ – A set of basic GNU command-line tools for file and text manipulation and system management (e.g., ls, cp, mv, rm, mkdir, chmod, cat, echo, head, tail, sort).
  • criwpar (0.2.0 (7.2)): ‘Container Runtime Interface for WPARs’ – An implementation of CRI (Container Runtime Interface – Kubernetes standard for communicating with container runtimes) for WPARs (Workload Partitions – AIX virtualization technology). Allows managing WPARs using CRI-compatible tools.
  • dnf-automatic (4.2.17): ‘Package manager – automated upgrades’ – A tool (daemon/service) for automatically checking for and installing updates using DNF.
  • dos2unix (7.4.1): ‘Text file format converters’ – The dos2unix and unix2dos tools for converting end-of-line characters in text files between DOS/Windows (CRLF) and Unix/AIX/Linux (LF) formats.
  • duo_unix (1.12.1): ‘Duo two-factor authentication for UNIX systems’ – Integration with the Duo Security two-factor authentication service for Unix/Linux/AIX systems (e.g., for SSH login via PAM).
  • etcd (3.4.14): ‘Distributed reliable key-value store for the most critical data of a distributed system’ – A distributed, reliable key-value store, often used by distributed systems (like Kubernetes) for storing configuration, service discovery, and coordination.
  • faiss (1.9.0): ‘A library for efficient similarity search and clustering of dense vectors.’ – A library (developed by Facebook AI) for efficient similarity search and clustering in large sets of dense vectors. Used in machine learning and recommendation systems.
  • fdupes (2.3.0): ‘Finds duplicate files in a given set of directories’ – A tool that finds files with identical content within specified directories.
  • filebeat (7.5.2): ‘Filebeat sends log files to Logstash or directly to Elasticsearch.’ – Another agent from the Elastic Stack family (Beats), specializing in monitoring log files, collecting new entries, and sending them to Logstash or Elasticsearch.
  • fio (3.35): ‘Multithreaded IO generation tool’ – A flexible tool for testing the performance of input/output (I/O) operations on storage devices (hard drives, SSDs). Used for benchmarking and stress tests.
  • fswatch (1.17.1): ‘A cross-platform file change monitor’ – A tool that monitors specified files or directories for changes (modification, creation, deletion) and provides notifications. Useful in automation scripts.
  • ganglia-gmetad (3.7.2): ‘Ganglia Meta daemon http’ – The Ganglia Meta daemon (gmetad), which collects data from one or more clusters monitored by gmond, aggregates it, and makes it available (e.g., for the web interface).
  • gitk (2.41.0): ‘Git revision tree visualiser’ – A graphical (Tcl/Tk) visualizer for Git repository history.
  • gitweb (2.41.0): ‘Simple web interface to git repositories’ – A simple web interface (CGI script) for browsing Git repositories.
  • gnutls (3.8.7): ‘A TLS protocol implementation’ – A library implementing the SSL/TLS (Transport Layer Security) protocols. An alternative to OpenSSL.
  • haproxy (2.9.7): ‘HAProxy reverse proxy for high availability environments’ – A high-performance TCP/HTTP proxy server and load balancer, used to distribute network traffic across multiple backend servers, ensuring high availability and scalability of services.
  • harfbuzz (7.1.0): ‘Text shaping library’ – A library for “text shaping”. It transforms a sequence of Unicode characters into correctly positioned glyphs (character shapes from a font), handling complex scripts (e.g., Arabic, Indic), ligatures, and kerning.
  • helm (2.9.1 (7.2)): ‘The Kubernetes Package Manager’ – A tool for managing applications in Kubernetes using “charts” (packages describing an application and its dependencies). Version 2.x is an older branch of Helm.
  • hexedit (1.4.2): ‘A hexadecimal file viewer and editor.’ – A terminal-based file editor that allows viewing and modifying file data at the byte level, displaying it in hexadecimal and as ASCII characters.
  • httpd (2.4.62): ‘Apache HTTP Server’ – The Apache HTTP Server. The main package containing the server daemon (httpd) and basic configuration.
  • iftop (1.0pre4): ‘iftop does for network usage what top(1) does for CPU usage.’ – A terminal tool displaying real-time network bandwidth usage on a given interface, showing active connections and the amount of data transferred, sorted by bandwidth usage.
  • ImageMagick (7.1.1.19): ‘Viewer and Converter for Images’ – A powerful suite of command-line tools (convert, mogrify, identify, display, etc.) for creating, editing, converting, and displaying raster images in many formats.
  • iperf3 (3.16): ‘Measurement tool for TCP/UDP bandwidth performance’ – A newer version (3.x branch) of the iperf tool, with rewritten code and new features.
  • ipmitool (1.8.19): ‘Utility for IPMI control’ – A command-line tool for communicating with a BMC via IPMI. Allows monitoring hardware sensors (temperatures, voltages, fans), managing server power, reading hardware event logs, etc.
  • jq (1.7.1): ‘A utility for determining file types’ – [Note: Original English description seems mismatched. Based on the Polish description ‘Narzędzie przeznaczone do pracy z danymi w formacie JSON’] A tool designed for working with data in JSON format.
  • kubectl (1.12.4 (7.2)): ‘Command-line utility for interacting with a Kubernetes cluster.’ – The command-line tool (kubectl) for managing a Kubernetes cluster (creating and managing resources like pods, services, deployments).
  • lftp (4.9.2): ‘A sophisticated file transfer program’ – An advanced command-line file transfer client supporting multiple protocols (FTP, FTPS, HTTP, HTTPS, SFTP, BitTorrent, and others). Features include directory mirroring, transfer resuming, and parallel downloading.
  • logrotate (3.21.0): ‘Rotates, compresses, removes and mails system log files’ – A standard system utility for managing log files. Automatically rotates (renames, e.g., syslog to syslog.1), compresses old logs, deletes the oldest ones, and optionally emails them to prevent disk space exhaustion.
  • lynx (2.9.0): ‘A text-based Web browser.’ – A classic, text-based web browser that runs in the terminal.
  • lz4 (1.9.4): ‘Extremely fast compression algorithm’ – A library and tool (lz4) implementing the very fast LZ4 compression algorithm. Focuses on speed at the cost of slightly lower compression ratios than, e.g., gzip or zstd.
  • lzo (2.10): ‘A real-time data compression library.’ – A library implementing the LZO (Lempel–Ziv–Oberhumer) compression algorithm, also optimized for speed, especially decompression.
  • mc (4.8.31): ‘User-friendly text console file manager and visual shell.’ – Midnight Commander (mc). A popular, dual-panel file manager operating in text mode, inspired by Norton Commander.
  • metricbeat (7.5.2): ‘Metricbeat is a lightweight shipper for metrics.’ – An agent from the Elastic Stack family (Beats) that periodically collects system metrics (CPU, memory, disk, network) and metrics from various services (Apache, Nginx, MySQL, Redis, etc.) and sends them to Elasticsearch or Logstash.
  • mosh (1.3.2): ‘Mobile shell that supports roaming and intelligent local echo’ – Mosh (Mobile Shell). An alternative to SSH designed for unstable network connections and mobility. It maintains the session even when the IP address changes and improves responsiveness on high-latency links using predictive local echo.
  • ncdu (1.20): ‘Text-based disk usage viewer’ – Ncurses Disk Usage. An interactive text-based tool for analyzing disk space usage, allowing easy navigation through directories and identification of space hogs.
  • ncurses (6.4): ‘A terminal handling library’ – The fundamental library for creating text-based user interfaces (TUI). Provides functions for manipulating the cursor, colors, windows, and handling keyboard input independently of the terminal type.
  • netperf (2.7.0): ‘network performance management tool’ – A tool for testing network performance (throughput, latency) for various protocols (TCP, UDP) and traffic types.
  • nginx (1.27.2): ‘A high performance web server and reverse proxy server’ – A popular, high-performance web server, often also used as a reverse proxy, load balancer, and HTTP cache. Known for its low resource consumption and good scalability.
  • nmap (7.95): ‘Network exploration tool and security scanner’ – A powerful and versatile tool for network scanning. Used for discovering hosts, open ports, running services, operating system versions, and potential security vulnerabilities.
  • nping (0.7.95): ‘Nping packet generator’ – A tool (part of the Nmap suite) for generating and sending arbitrary network packets, useful for testing firewalls, network diagnostics, and stress tests.
  • p7zip (16.02): ‘Very high compression ratio file archiver’ – A port of the 7-Zip tool for Unix/Linux/AIX systems. Supports the 7z format, known for its very high compression ratio, as well as other formats (ZIP, RAR, TAR, GZIP, etc.).
  • parallel (20190622): ‘A shell tool for executing jobs in parallel’ – GNU Parallel. A command-line tool that allows easy parallel execution of shell commands on multiple CPU cores or even multiple machines.
  • pbzip2 (1.1.13): ‘Parallel implementation of bzip2’ – A parallel (multi-threaded) implementation of the bzip2 compressor, similar to lbzip2, speeding up compression/decompression on multi-core systems.
  • perl-Git (2.41.0): ‘Perl interface to Git’ – A Perl module providing an interface for working with Git repositories from within Perl scripts.
  • pigz (2.7): ‘Parallel implementation of gzip’ – A multi-threaded implementation of the gzip compressor, speeding up compression on multi-core systems.
  • postgresql15 (15.10): ‘The shared libraries required for any PostgreSQL clients’ – The base package for PostgreSQL version 15. Contains client libraries (libpq) and likely client tools (psql).
  • prngd (0.9.29): ‘Pseudo Random Number Generator Daemon’ – A pseudo-random number generator daemon. It gathers entropy from various system sources and makes it available to applications (e.g., via the /dev/egd-pool socket) that need random numbers but operate in environments with limited entropy.
  • proftpd (1.3.8): ‘Flexible, stable and highly-configurable FTP server’ – A highly configurable FTP server.
  • pv (1.8.5): ‘A tool for monitoring the progress of data through a pipeline’ – Pipe Viewer. A command-line tool that monitors the flow of data through a pipeline, displaying a progress bar, transfer speed, and estimated time to completion.
  • (There are no packages starting with Q, all IBM i administrators stop reading at this point and get grumpy 🙂 )
  • rkhunter (1.4.6): ‘A host-based tool to scan for rootkits, backdoors and local exploits’ – Rootkit Hunter. A tool that scans the system for signs of rootkits, backdoors, and known local exploits. It compares checksums of system files, checks default rootkit file locations, looks for suspicious permissions, etc.
  • rrdtool (1.8.0): ‘Round Robin Database Tool to store and display time-series data’ – A tool and library for storing and visualizing time-series data (e.g., system performance metrics, network traffic). Uses fixed-size RRDs (Round Robin Databases) that automatically aggregate older data.
  • rsync (3.4.1): ‘A program for synchronizing files over a network.’ – A very popular tool for efficiently synchronizing files and directories, both locally and over a network. It transfers only the changed parts of files, making it very effective for backups and mirroring.
  • ruby (3.3.7): ‘An interpreter of object-oriented scripting language’ – An interpreter for the Ruby programming language. A dynamic, object-oriented scripting language known, among other things, for the Ruby on Rails web framework.
  • salt (3006.2): ‘A parallel remote execution system’ – Salt (or SaltStack). A system for remote configuration management and command execution on multiple systems (called “minions”) simultaneously. An alternative to Ansible, Chef, Puppet. This package is likely a meta-package.
  • salt-ssh (3006.2): ‘Agentless SSH-based version of Salt…’ – A variant of Salt that does not require installing an agent (minion) on managed machines, communicating with them via SSH instead.
  • samba (4.21.2): ‘Server and Client software to interoperate with Windows machines’ – An implementation of the SMB/CIFS protocols (used by Windows for file and printer sharing). Allows Unix/Linux/AIX systems to act as file/print servers for Windows clients or as clients of Windows resources.
  • screen (4.7.0): ‘A screen manager that supports multiple logins on one terminal’ – GNU Screen. A terminal multiplexer. Allows running multiple shell sessions within a single terminal, switching between them, detaching sessions (leaving programs running in the background), and reattaching them later, even from a different location.
  • sshpass (1.10): ‘Non-interactive SSH authentication utility’ – A tool that allows providing an SSH password non-interactively (e.g., in a script) as a command-line argument or environment variable. WARNING: Using sshpass is generally considered insecure because the password is visible in the command line or variables. Methods based on SSH keys are strongly preferred.
  • stunnel (5.70): ‘An SSL-encrypting socket wrapper’ – A program that acts as an SSL/TLS wrapper for any TCP connection. Allows adding encryption to unencrypted protocols (e.g., old versions of POP3, IMAP, LDAP) without modifying the original client and server applications.
  • sudo (1.9.15p5): ‘Allows restricted root access for specified users.’ – A key system tool (sudo) that allows authorized users to execute commands as another user (by default, as root) according to rules defined in the /etc/sudoers file.
  • tcpdump (4.99.3): ‘A tool for network monitoring and data acquisition.’ – A fundamental command-line tool for capturing and analyzing network traffic (packets) on a network interface. Uses the libpcap library.
  • tcping (2.1.0): ‘Check of TCP connection to a given IP/Port’ – A tool similar to ping, but operating at the TCP level. Checks if a TCP connection can be established to a specific host and port, measuring the time required to establish the connection.
  • test-dummy (1.1): ‘Test packages for yum testing’ – An empty package used for testing YUM/DNF package manager functionality.
  • tightvnc (1.3.10): ‘A remote display system.’ – An implementation of the VNC (Virtual Network Computing) protocol, which allows remote access to another computer’s graphical desktop. TightVNC is known for additional optimizations improving performance on slow links.
  • tlog (13): ‘Terminal I/O logger’ – A tool for recording and replaying terminal sessions. Useful for auditing and debugging.
  • tmux (3.3a): ‘A terminal multiplexer’ – A modern terminal multiplexer, similar to GNU Screen, but with different features (e.g., window splitting into panes, more scriptable).
  • tree (2.1.1): ‘File system tree viewer’ – A command-line tool that displays the directory structure as a tree.
  • tripwire (2.4.3.7): ‘IDS (Intrusion Detection System)’ – A Host-based Intrusion Detection System (HIDS). A tool that monitors the integrity of system files. It creates a database of checksums and other attributes of important files and then periodically compares the current state with the database, reporting any changes that might indicate a compromise.
  • unixODBC (2.3.9): ‘ODBC driver manager and drivers for PostgreSQL, MySQL, etc.’ – An implementation of the ODBC (Open Database Connectivity) standard for Unix/Linux/AIX systems. Includes the ODBC driver manager and (as the description suggests, though not always) some drivers for popular databases. ODBC provides an abstraction layer for communicating with various databases.
  • unrar (6.2.12): ‘Extract, test and view RAR archives’ – A command-line tool (free, but not open-source) from RARLAB for unpacking, testing, and listing the contents of RAR archives. Supports newer versions of the RAR format than libunrar or p7zip.
  • vim-minimal (9.1.0946): ‘A minimal version of the VIM editor’ – A basic version of Vim compiled with a minimal set of features, often installed by default on the system as a replacement for vi.
  • wget2 (2.1.0): ‘An advanced file and recursive website downloader’ – A new version of Wget (successor to Wget 1.x), rewritten with support for new standards (HTTP/2, HSTS), better performance, and extensibility in mind.
  • xz (5.4.3): ‘LZMA compression utilities’ – Command-line tools (xz, unxz, xzcat) and library (liblzma) for data compression using the LZMA/LZMA2 algorithm. The xz format typically offers very good compression ratios.
  • zchunk (1.1.4): ‘Compressed file format that allows easy deltas’ – A compression format (.zck) and tool designed to facilitate the creation and downloading of differences (deltas) between files. Each “chunk” is compressed independently and has its own checksum, allowing only changed chunks to be downloaded. Used, for example, in Fedora’s update systems.
  • zeromq (4.3.5): ‘Software library for fast, message-based applications’ – ZeroMQ (ØMQ). A high-performance library for asynchronous message-based communication. It provides sockets that carry messages across various communication patterns (request-reply, publish-subscribe, push-pull). Used for building distributed and concurrent systems.

Leave a Reply

Your email address will not be published. Required fields are marked *