A release of a specialized command shell, GNU Rush 2.2 (Restricted User Shell), has been published, designed for use in systems with reduced remote access that require restricting user actions. Rush makes it possible to determine which command line functions the user can use and what resources are provided to him (memory size, processor time, etc.). For example, Rush can be used to remotely run programs in a chrooted environment, which helps increase security when granting access through programs such as sftp-server or scp, which by default have access to the entire file system.
The new release provides the ability to use status checks for files and directories in the file system (for example, rules can now check file types, access rights, and owners). The format of the options for checking is similar to working with the βtestβ command. For example, to check that the path exists and points to a directory, you can use the βmatch -d /var/lock/sdβ construction.
In addition, the release of the GNU pies 1.7 utility has been published, designed to coordinate the launch and execution of applications. Based on the given configuration, the program runs executable files in the background, monitors their execution and allows you to bind handlers for various states, for example, it can restart the program in case of an abnormal termination, execute another program or send a notification to the administrator. Including GNU pies can be used as an init process, launched first during system boot, and supports the /etc/inittab format.
The new version of GNU Pies has changed the way it works with configuration files. The built-in preprocessor has been removed and each file specified in the expressions "#include" and "#include_once" is now processed separately using an external preprocessor (previously, the built-in preprocessor first expanded all "#include" substitutions, and then the result was processed by the external m4 preprocessor as one whole). Added new diagnostic expressions '#warning "TEXT"', '#error "TEXT"' and '#abend "TEXT"' to generate warnings and display errors.
You can also note the release of the GNU mailutils 3.14 suite, which offers libraries and utilities for performing various tasks related to email, such as parsing fields in messages, working with mail databases (mailbox, maildrop, maildir), filtering messages, highlighting email addresses, and URL, processing MIME blocks, retrieving emails from external servers using IMAP4 and POP3 protocols and sending emails via SMTP, including using TLS, SASL and GSSAPI.
The new version of GNU mailutils has completely rewritten TLS support. Added tls.handshake-timeout setting to set a timeout for TLS. Added mu_mailbox_append_message_ext function for adding a message to a mailbox. The unread (U) command has been added to the mail utility to remove the message reading mark, and state saving (read or unread) is ensured in the copying commands to another mailbox. The code of parsers and scanners has been rewritten; GNU bison and flex are now required for assembly. Added the ability to include mime types in the libmailutils library. Maildir and MH no longer display the sender information sent in the MAIL FROM command during an SMTP session in the X-Envelope-Sender and X-Envelope-Date headers, instead storing this information in the Return-Path and Received headers.
Source: opennet.ru