atool: handling archives without headaches

December 28th, 2008 edited by Vicho

Article submitted by Paulus Esterhazy. Last article of 2008! We hope 2009 will be full of good articles about Debian and Ubuntu packages. But we can’t do it without your help, please submit good articles about software you like!

Have you ever wrestled with tar(1) and other Unix archive tools? Wondered why every tool has its own arcane syntax and nonstandard behavior? And why on earth is it impossible to use unzip(1) to unpack multiple archive files?

The good news is that, in the Unix universe, you can be sure that someone else has asked himself the same question before and, perhaps, solved it. And so it is. The atool package supplies a set of commands that hide the complexities and lets you work with compressed file archives in a sensible manner.

Arguably the most useful commands included are apack, aunpack and als which as their names suggest create an archive, and extract or list its contents. In addition, acat uncompresses an archive file and outputs the file contents to standard output, whereas adiff compares two archives and shows the differences between their contents. These commands work as you would expect them to, and the author has stuck to the Unix conventions where possible.

The details, however, are worth a look. Some examples:

  • aunpack archive.tgz Unpacks all the files in the archive. If the author of the archive was so inconsiderate as to put multiple files in the archive’s root, the command automatically creates a directory and moves the files inside.
  • aunpack -e archive1.tgz Unpacks each archive.
  • apack archive.tar.bz2 *.txt Creates a new compressed archive containing all text files in the current working directory.
  • als archive.rar Shows the names of the files contained in the archive.

Note that for each atool command the archive file name precedes the names of the files to add or extract on the command line. Compare aunpack -e archive1.tgz archive2.tgz and aunpack archive1.tgz file.txt.

As you can see, atool commands automatically determine the file type by looking at the extension, but they resort to using file(1) if the simpler heuristic fails (you can override the guess using the -F switch). Most commonly used archive types are supported, including tar+gzip, tar+bzip2, zip and rar; a notable omission in the version available in Debian Sarge and Ubuntu 8.04 is the relatively new LZMA compression format (lzma(1)), but the active upstream author has already added support for it. You can also extract a .deb package by forcing the ar archiving method using the switch -F a.

Atool is blessed with the virtue of simplicity and its options are explained in the helpful manpage, which thankfully doesn’t follow the Unix convention of leaving out examples. Here’s one last gem from the documentation. If you frequently work with archives you get from the internet, you probably follow this procedure: Check archive type, check that the archive contains a top-level directory, unpack the archive, change to the directory extracted. These steps can be combined by adding the following function definition to your $HOME/.bashrc or $HOME/.zshrc:

aunpack () {
  TMP=$(mktemp /tmp/aunpack.XXXXXXXXXX)
  atool -x --save-outdir=$TMP "$@"
  DIR="$(cat $TMP)"
  [ "$DIR" != "" -a -d "$DIR" ] && cd “$DIR”
  rm $TMP

After adding these lines, you can “reload” the configuration file in your shell using source ~/.bashrc or source ~/.zshrc. Now running aunpack automatically changes the current directory to the one just extracted. Note that adding this snippet is necessary to achieve the desired behavior becausing a directory change is effectively useless unless it is performed in the context of the running shell.

Atool was written in perl by Oskar Liljeblad. It is available in all current Debian and Ubuntu releases. Besides atool, there are a few other tools that aspire to be the Swiss army knife of archivers, for example deco. These programs, however, are not as full-featured and mature as atool.

Posted in Debian, Ubuntu | 8 Comments »

watch (from procps): execute a program at regular intervals, and show the output

December 21st, 2008 edited by Vicho

Article submitted by Kris Marsh. If you celebrate Christmas, you can give to Debian Package of the Day a nice present: a good article! :-)

Ever wanted to monitor a directory every second and see differences in filesizes per second? Or for that matter, run any program once a second and highlight differences in time? Well you can, and you have been able to since forever as it’s installed by default on the majority of Linux distributions. watch is part of the procps package, available in Debian and Ubuntu.

Here is an example for checking a directory:

watch ls -l

To highlight changes in each program run, you can use the -d flag:

watch -d ls -l

And to run the command every N seconds, use -nN (by default, watch runs every 2 seconds):

watch -n1 -d ls -l

Finally, to make the diff highlighting “sticky” (i.e. stay on permanently after a change is detected), use: -d=cumulative

Other examples:

  • Watch your log directory for changes
    watch -d=cumulative -n1 ls -lt /var/log
  • Watch for new email
    watch -n60 from
  • Monitor free memory
    watch -n10 free -m
  • Monitor established connections
    watch -n1 -d 'netstat -an | grep ESTABLISHED'

… you get the point. If you’re a system administrator, or just maintain Linux machines in general you’ll probably spot a bunch of places where you can use this straight away.

Posted in Debian, Ubuntu | 6 Comments »

ferm: a straightforward firewall configuration tool

December 14th, 2008 edited by Tincho

Article submitted by David A. Thompson. We’re running out of articles! If you like Debian Package of the Day please submit good articles about software you like!

Grumble… a postgresql server on an old Sun workstation isn’t visible to another old Sun workstation which (in theory…) is storing data on the postgresql server. The culprit was a misconfigured firewall. Rather than wading through a bunch of iptables commands, it seemed time to revisit the world of iptables front-ends on the off-chance there was an undiscovered treasure I’d missed on earlier visits. It turns out that there was one: ferm.

A revisit to firestarter, a straightforward GUI interface, ended when firestarter segfaulted and then, when started again, automatically started its firewall. Fortunately, I had altered the firestarter rule set and opened port 22 before firestarter segfaulted. Otherwise I would have been hundreds of miles away from an inaccessible server. After firestarter crashed again with a memory error, I decided to move on…

Like several other firewall front-ends, ferm is aware of the issues associated with working on servers hundreds of miles away from one’s physical location. Ferm starts with a default configuration which leaves the default SSH port open. Even better, ferm has a ‘try-before-you-buy’ feature (shared with a few other packages such as firehol): ferm --interactive activates a specific ruleset and, if a user response isn’t given within 30 sec, the system reverts to the previous ruleset.

Rather than using a GUI interface (e.g., firestarter, gnome lokkit, guarddog, kmyfirewall, knetfilter, …), ferm is configured via a text configuration file and can be controlled in a straightforward manner from the console. This may be a desirable feature for running on a box with limited disk space as GUI interfaces generally require the presence of X windows-related packages, often along with several KDE- or Gnome-related packages.

My main concern wasn’t with whether the application had a GUI or console interface but was with whether the application facilitated straightforward configuration of an iptables ruleset (translation: it shouldn’t take 20 min of reading documentation to get a simple firewall up). Other front-ends (e.g., shorewall and firewall builder) appear to be designed for complex rule-sets and require a substantial investment of effort to learn the syntax of configuration files or a ‘rule-making language’.

Along with ferm, another front-end, firehol seemed to also hit the mark with respect to having a straightforward syntax. Unfortunately, I found that firehol ended up being a time-consumer. In my experience, preparing a firehol configuration file which didn’t trigger multiple errors from firehol/iptables did not prove to be straightforward. In contrast, ferm gave me no such problems. A few tweaks of the default system configuration file —primarily opening a few ports—:

  proto tcp dport ssh ACCEPT;
  proto tcp dport http ACCEPT;
  proto tcp dport https ACCEPT;
  proto tcp dport postgres ACCEPT;

A simple /etc/init.d/ferm restart and things were running smoothly. Minimal effort, satisfying results…

The bottom line is that, for simple rulesets, using ferm is definitely easier than preparing iptables rules by hand. However, ferm can also be used to put together more complex firewall rulesets. It uses a reasonably powerful configuration language (including support for variables, function definitions, and arrays) which facilitates addressing more complex situations than the one I faced. To top it off, ferm seems to be under active development with bugs being squashed and features being added relatively regularly.

ferm has been available in Debian since Etch and in Ubuntu since Dapper.

Update, editor’s note: I’d like to add to this article my personal experience with ferm. Being a SysAdmin, I’ve been using netfilter/iptables for many years, after migrating away from ipchains; and the day I’ve found ferm my work changed completely. To me, being able to write your rules in clean structures, with blocks, variables and ‘functions’ is, by far, the most important feature of ferm. Thanks to this, I was able to write very complicated rule-sets, which were still readable to the point that the more junior SysAdmins, with little exprience on netfilter, have no difficult modifying it to open up ports or creating a new NAT rule.

Having said that, a warning to the newcomers to netfilter: there’s no tool that will magically allow you to write non-trivial rule-sets if you don’t understand the underlying stuff. You will be able to manage your home server, but if you want to do more serious work, you’ll need to really understand how TCP/IP works, and after that, read a lot about the details of routing and packet filtering in Linux. Having seen many people get frustrated by this, is better for you to know that this beast is quite tricky.

Posted in Debian, Ubuntu | 13 Comments »

gcompris: educational suite for children

December 7th, 2008 edited by Vicho

Article submitted by Raman Pandarinathan. We’re running out of articles! If you like Debian Package of the Day please submit good articles about software you like!

As a parent, have you ever wondered if kids can use FOSS to have fun and learn at the same time? As a teacher, have you ever wondered how to teach using a computer and FOSS tools? The answer is gcompris.

Gcompris combines fun and learning. Each activity is designed and developed with creativity in mind, and it has a nice interface for children.

My children have learned some computer basics like mouse usage, it has also helped them to understand basic arithmetic, colour identification and many other things. Tuxpaint is also included, so children can draw to their imagination.

Gcompris is a collection of over 90 educational activities for children. The activities are classified into mathematics, computer discovery, puzzles, strategy games, amusement activities, experimental activities and reading activities.


This has more than 20 activities classified into calculations, geometry and numeration. The activities are planned to teach basic arithmetic, geometry, money usage, etc.

For example, below you can see a screen shot of an activity that consist in finding series of numerical operations. Here the final answer is 15 and should be derived in two steps. The child has to select the numbers and operators from the top and form equations to get the final answer.

numerical operations


The puzzle activities include: drag and drop pieces to rebuild paintings, build a given shape with seven pieces, drive the crane and copy the model, tower of Hanoi, sudoku and the fifteen game.

Below is a screen shot of the Crane activity. The objects in the left grid should be placed in the same position as in the right side grid. The crane can be operated by clicking on the four arrows at the bottom.


Computer discovery

These activities help children learn basic skills of computers. Bellow is a screen shot of the keyboard activity in which the child has to push the ball to Tux. In order to do it, both shift keys should be pressed simultaneously, as if pushing the ball with the hands. If they are pressed simultaneously the ball will travel in a straight line and reach Tux, if not the ball will drift and fall into the sea.

keyboard activity

Strategy Games

Some of them are chess, arranging four coins in a row, bar game (don’t use the last ball), and oware (shown below).


Amusement Activities

The amusement activities include Tuxpaint, a simple football game, and an animation creator.

Below is a screen shot of the animation creator. If you want to create an animation, you first select an image and put it somewhere. Then take a snapshot using the camera icon. Now move it to the next position and take another snapshot. Repeat until you reach the desired position. Finally click on the film icon and you’ll see the animation.

Animation creation

Experimental activities

This section lets the children learn various things which require thinking in a series of steps. Things like the water cycle and operating canal lock lets the child learn systemic thinking.

Below is a screen shot of the activity about the water cycle. First the sun raises, water evaporates and clouds are formed. When you click on the cloud it starts raining and the rain fills the water tank. Operating the water inlet gives Tux a shower.

An example of the water cycle


This section is about learning several common things like colour names, clock reading, symmetry, etc. The activity shown in the screen shot is about identifying colours: you must identify the colour from the name displayed.

Identifying colors

Reading Activities

These are activities about learning the letters, words and matching them with images. Reading can be practised both horizontal and vertical.

Below is a screen shot where the child has to drag and drop the image onto the correct name.

Reading activity

As part of my Linux Users Group activity, I give talks and demos about FOSS frequently. Whenever I see kids and parents among the audience, the first thing I do is to demonstrate gcompris, and it’s a sure hit. The kids love it and parents realize its educational value.

Here are some photos of one such event held in a public park at Chennai, India.

gcompris grabs the attention of everyone   Kids playing gcompris   Kids love it. And parents too!

Pros and cons

  • Pros
  • Cons
    • It requires more local language and sound support, especially for several Indian languages. At present for Indian Languages the sounds and reading practices are not well developed. Though gcompris is well structured to support translations, it lacks volunteers.

There is another similar package named childsplay - also available in Debian.


gcompris was a part of Debian even in the Sarge days and it’s been in Ubuntu since Dapper (if not before!).

Posted in Debian, Ubuntu | 1 Comment »