Daniel J. Bernstein's softwares all in one

Well, if not all, quite a few of them.

The original toolsets

Bernstein's toolsets:

clockspeed: A suite of SNTP clients/servers and some RTC maintenance utilities
daemontools: A suite of tools for dæmon management
djbdns: A suite of DNS clients/servers and ancillary utilities
ptyget: A suite of pseudo-terminal management tools for shell script use
publicfile: A suite of FTP/HTTP clients/servers and ancillary utilities
ucspi-tcp: A toolset for constructing TCP clients/servers with ordinary Unix semantics of passing environment variables and file descriptors
libtai: A library for calculating time in TAI-10

Other people's stuff that might or might not be useful:

the pty tools from djbwares packaged for Arch Linux by Pierre Killy

Over the years, Daniel J. Bernstein has released several toolsets, as in the infobox. As of 2016 there were, and still are, some problems with this.

They aren't conveniently packaged for some of us. The nosh package replaces most of daemontools, ucspi-tcp, and ptyget. But some things are outwith its remit, and most is not all. One still needs publicfile's httpd and ftpd, as they are not within the remit of the nosh toolset. One might really need multilog, where cyclog simply doesn't satisfy the use case.
People like Gerrit Pape and Paul Jarc have packaged these toolsets much as they originally came from Bernstein, dividing the binaries up as he divided the sources. With their packages: Pulling in publicfile's httpd and ftpd also pulls in publicfile's configure, that conflicts with other programs named configure (and that isn't necessary given that nosh has service bundles for publicfile's HTTP and FTP servers). One cannot just pull in the Pape daemontools package for multilog, as that pulls in conflicting tools named svstat, svscan, and so forth.
There's a lot of partial duplication. Many of these toolsets use the same Bernstein libraries, such as his TAI library, internally; but the libraries were evolving as the packages were written. Newer packages have newer and better versions of the libraries than the older packages.
This is exemplified by publicfile's TODO list, which contains a note to migrate things like timeoutread() to the iopause library. This was actually done for later toolsets; and this consolidation thus directly addresses a publicfile TODO item.
It's all a bit haphazard. ptyget comes with redo scripts, but the other packages do not. daemontools comes with slashpackage scripts, but the other packages do not. Only ptyget and clockspeed have manual pages in the package. (Gerrit Pape has added manual pages for ucspi-tcp and daemontools; although, bizarrely, they are buried in a separate area as if they were specific to Debian Linux.) djbdns servers aren't really designed to inherit open sockets, UCSPI style.
There are some bugs that never got fixed. The Bernstein-published packages still try to declare errno themselves. Bernstein-published ptyget still relies upon an ioctl, TIOCREMOTE, that has long since been consigned to the dustbin (except by OpenBSD). There are a large number of implicit function declarations, void main()s, clashes in const-ness, non-standard K&R declarations, and other things that C1999, C2011, and C2023 compilers gravely dislike.

What this is

This is a consolidation of all of these packages. (For a short while, until I ported nosh to OpenBSD, my WWW site was the various Bernstein tools from this consolidated package built and running on OpenBSD.) All of the manual pages, Bernstein's originals and Pape's additions, are included; various Bernstein library overlaps have been merged; and the build system of ptyget has been extended to everything.

It has a djbwares Guide packaged and available for reading off-line. The Guide includes information about what commands the toolset contains, building it from source, changes from the original Bernstein softwares over the years, and guidance on how to run and maintain DNS and publicfile servers.

Amongst the modernizations listed in the Guide are: a simple host command, relieving one of the need for the ISC tools; some IPv6 support; removal of ANY support in DNS, as employed in amplificiation attacks (that tinydns did not amplify to begin with, and now diminishes even further); and many C modernizations for C1999 and C2023. publicfile has been extended to serving up the same static content over GOPHER, GEMINI, NICNAME/WHOIS, and FINGER. (In particular, this permits simple static NICNAME and FINGER servers that reveal nothing of the contents of the system account database.)

The toolset is not a improvement along the lines of nosh, s6, daemontools-encore, and so forth, and of ucspi-ssl and so forth.

The often-overlooked (but documented in the original Bernstein manuals and README) requirement to only use the Olson "right" timezones is still there.
tcpserver is still insecure by default, with secure mode (where we do not trust DNS and IDENT data that attackers have control over) being the non-default setting.
The problem where dnscache looks up stuff again that it has already just looked up, is still there.
ftpd still does not support IPv6. axfrdns, tinydns, tinydns-get, and tinydns-data still do not support IPv6 location tagging. dnscache still does not look up IPv6 addresses for content DNS servers, although it will now use them if it is told them.
dnscache still has problems with back-end transactions for looking up content DNS servers, and with duplicate back-end transactions.

No; qmail, fastforward, and ezmlm are not included. They're a project in their own rights. In fact, other people have already taken them on. I suggest looking at netqmail.

Obtaining it

Download source archive:

You can obtain it in two ways.

It is available in source form. You can build it yourself, or someone can add it to your operating system's ports tree or package build system.
It is distributed as a slashpackage-style package. That's a whole subject in itself. The djbwares Guide has a chapter on building from source that has the details.

Pre-built binary packages are available, that install the toolset under /usr/local. (If your operating system has this in ports, or its packages collection, and as long as it is up-to-date with version 10, and the post-Brexit URLs, using that is usually simpler.)

You can configure your machine to use the package repository, and simply update using your package manager.

What binary packages are available, for what architectures and platforms, depends from what resources are available for building. I am not made of money, and all build machines and their running costs are paid for by me. Pre-built packages currently include:

FreeBSD 10 and PC-BSD 10 amd64	NetBSD 10 evbarm	Debian Linux 12 amd64	OpenBSD
`djbwares-guide-10.txz` `clockspeed-10.txz` `daemontools-10.txz` `djbdns-10,1.txz` `djbdns-host-10.txz` `multilog-10.txz` `ptyget-10.txz` `publicfile-10.txz` `ucspi-tcp-10.txz` `leapsecs-10.txz` `libtai-10.txz`	`djbwares-guide-10.tgz` `clockspeed-10.tgz` `daemontools-10.tgz` `djbdns-10.tgz` `djbdns-host-10.tgz` `multilog-10.tgz` `ptyget-10.tgz` `publicfile-10.tgz` `ucspi-tcp-10.tgz` `leapsecs-10.tgz` `libtai-10.tgz`	`djbwares-guide_10_amd64.deb` `clockspeed_10_amd64.deb` `daemontools_10_amd64.deb` `djbdns_10_amd64.deb` `djbdns-host_10_amd64.deb` `multilog_10_amd64.deb` `ptyget_10_amd64.deb` `publicfile_10_amd64.deb` `ucspi-tcp_10_amd64.deb` `leapsecs_10_amd64.deb` `libtai_10_amd64.deb`	Because the third-party-supplied OpenBSD build system has gone away, and the OpenBSD installer failed to install on the build hardware available, pre-built OpenBSD packages are not currently available.

Bonus GOPHER content

People knowledgeable enough to use GOPHER (and savvy enough to read to the bottoms of WWW pages) can obtain bonus development-tracking content.

© Copyright 2016,2025 Jonathan de Boyne Pollard. "Moral" rights asserted.
Permission is hereby granted to copy and to distribute this web page in its original, unmodified form as long as its last modification datestamp information is preserved.