document/TranslateProject
2
0
Fork 0
mirror of https://github.com/LCTT/TranslateProject.git synced 2024-12-26 21:30:55 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'LCTT/master'

Browse Source
This commit is contained in:
Xingyu Wang 2020-09-29 20:53:04 +08:00
commit 03b9eadc96
16 changed files with 1559 additions and 854 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
translated/tech/20200917 What-s new with rdiff-backup.md → published/20200917 What-s new with rdiff-backup.md
View File

@ -1,34 +1,36 @@
[#]: collector: (lujun9972)
[#]: translator: (geekpi)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: reviewer: (wxy)
[#]: publisher: (wxy)
[#]: url: (https://linux.cn/article-12663-1.html)
[#]: subject: (What's new with rdiff-backup?)
[#]: via: (https://opensource.com/article/20/9/rdiff-backup-linux)
[#]: author: (Patrik Dufresne https://opensource.com/users/patrik-dufresne)
rdiff-backup 有什么新功能?
11 年后重新打造的 rdiff-backup 2.0 有什么新功能?
======
长期的 Linux 备份方案向 Python 3 的迁移为添加许多新功能提供了机会。
![Hand putting a Linux file folder into a drawer][1]
> 这个老牌 Linux 备份方案迁移到了 Python 3 提供了添加许多新功能的机会。
![](https://img.linux.net.cn/data/attachment/album/202009/29/094858pb9pa3sppsq9x5z1.jpg)
2020 年 3 月,[rdiff-backup][2] 升级到了 2.0 版,这距离上一个主要版本已经过去了 11 年。2020 年初 Python 2 的废弃是这次更新的动力,但它为开发团队提供了整合其他功能和优势的机会。
大约二十年来rdiff-backup 帮助 Linux 用户在本地或远程维护他们的数据的完整备份,而无需无谓地消耗资源。这是因为这个开源解决方案可以进行反向增量备份,只备份从上一次备份中改变的文件。
大约二十年来,`rdiff-backup` 帮助 Linux 用户在本地或远程维护他们的数据的完整备份,而无需无谓地消耗资源。这是因为这个开源解决方案可以进行反向增量备份,只备份从上一次备份中改变的文件。
改版(或说,重生)得益于一个新的、自组织的开发团队(由来自 [IKUS Software][3] 的 Eric Zolf 和 Patrik Dufresne 领导,以及来自 [Seravo][4]的 Otto Kekäläinen 领导)的努力,为了所有 rdiff-backup 用户的利益,他们齐心协力。
这次改版(或者说,重生)得益于一个新的、自组织的开发团队(由来自 [IKUS Software][3] 的 Eric Zolf 和 Patrik Dufresne以及来自 [Seravo][4] 的 Otto Kekäläinen 共同领导)的努力,为了所有 `rdiff-backup` 用户的利益,他们齐心协力。
### rdiff-backup 的新功能
在 Eric 的带领下,随着向 Python 3 的迁移,项目被迁移到了一个新的、不受企业限制的[仓库][5],以欢迎贡献。团队还整合了多年来提交的所有补丁,包括稀疏文件支持和硬链接的修复。
在 Eric 的带领下,随着向 Python 3 的迁移,项目被迁移到了一个新的、不受企业限制的[仓库][5],以欢迎贡献。团队还整合了多年来提交的所有补丁,包括稀疏文件支持和硬链接的修复。
#### 用 Travis CI 实现自动化
另一个巨大的改进是增加了一个使用开源 [Travis CI][6] 的持续集成/持续交付 CI/CD 管道。这允许在各种环境下测试 rdiff-backup从而确保变化不会影响方案的稳定性。CI/CD 管道包括集成所有主要平台的构建和二进制发布。
另一个巨大的改进是增加了一个使用开源 [Travis CI][6] 的持续集成/持续交付CI/CD管道。这允许在各种环境下测试 `rdiff-backup`从而确保变化不会影响方案的稳定性。CI/CD 管道包括集成所有主要平台的构建和二进制发布。
#### 使用 yum 和 apt 轻松安装
新的 rdiff-backup 解决方案可以运行在所有主流的 Linux 发行版上,包括 Fedora、Red Hat、Elementary、Debian 等。Frank 和 Otto 付出了艰辛的努力,提供了开放仓库以方便访问和安装。你可以使用你的软件包管理器安装 rdiff-backup或者按照 GitHub 项目页面上的[分步说明][7]进行安装。
新的 `rdiff-backup` 解决方案可以运行在所有主流的 Linux 发行版上,包括 Fedora、Red Hat、Elementary、Debian 等。Frank 和 Otto 付出了艰辛的努力,提供了开放仓库以方便访问和安装。你可以使用你的软件包管理器安装 `rdiff-backup`,或者按照 GitHub 项目页面上的[分步说明][7]进行安装。
#### 新的主页
@ -36,7 +38,7 @@ rdiff-backup 有什么新功能?
### 如何使用 rdiff-backup
如果你是 rdiff-backup 的新手,你可能会对它的易用性感到惊讶。一个备份方案需要让你对备份和恢复过程感到舒适,而不是吓人。
如果你是 `rdiff-backup` 的新手,你可能会对它的易用性感到惊讶。备份方案应该让你对备份和恢复过程感到舒适,而不是吓人。
#### 开始备份
@ -44,61 +46,55 @@ rdiff-backup 有什么新功能?
例如,要备份到名为 `my_backup_drive` 的本地驱动器,请输入:
```
`$ rdiff-backup /home/tux/ /run/media/tux/my_backup_drive/`
$ rdiff-backup /home/tux/ /run/media/tux/my_backup_drive/
```
要将数据备份到异地存储,请使用远程服务器的位置,并在 `::` 后面指向备份驱动器的挂载点:
```
`$ rdiff-backup /home/tux/ tux@example.com::/my_backup_drive/`
$ rdiff-backup /home/tux/ tux@example.com::/my_backup_drive/
```
你可能需要[设置 SSH 密钥][8]来使这个过程不费力
你可能需要[设置 SSH 密钥][8]来使这个过程更轻松
#### 还原文件
做备份的原因是有时文件会丢失。为了使恢复尽可能简单,你甚至不需要 rdiff-backup 来恢复文件(虽然使用 `rdiff-backup` 命令提供了一些方便)。
做备份的原因是有时文件会丢失。为了使恢复尽可能简单,你甚至不需要 `rdiff-backup` 来恢复文件(虽然使用 `rdiff-backup` 命令提供了一些方便)。
如果你需要从备份驱动器中获取一个文件,你可以使用 `cp` 将其从备份驱动器复制到本地系统,或者对于远程驱动器使用 `scp` 命令。
对于本地驱动器,使用:
```
`$ cp _run_media/tux/my_backup_drive/Documents/example.txt \ ~/Documents`
$ cp _run_media/tux/my_backup_drive/Documents/example.txt ~/Documents
```
或者用于远程驱动器:
```
`$ scp tux@example.com::/my_backup_drive/Documents/example.txt \ ~/Documents`
$ scp tux@example.com::/my_backup_drive/Documents/example.txt ~/Documents
```
然而,使用 `rdiff-backup` 命令提供了其他选项,包括 `--restore-as-of`。这允许你指定你要恢复的文件的哪个版本。
例如,假设你想恢复一个文件在四天前的版本:
```
`$ rdiff-backup --restore-as-of 4D \ /run/media/tux/foo.txt ~/foo_4D.txt`
$ rdiff-backup --restore-as-of 4D /run/media/tux/foo.txt ~/foo_4D.txt
```
你也可以用 `rdiff-backup` 来获取最新版本:
```
`$ rdiff-backup --restore-as-of now \ /run/media/tux/foo.txt ~/foo_4D.txt`
$ rdiff-backup --restore-as-of now /run/media/tux/foo.txt ~/foo_4D.txt`
```
就是这么简单。另外rdiff-backup 还有很多其他选项,例如,你可以从列表中排除文件,从一个远程备份到另一个远程等等,这些你可以在[文档][9]中了解。
就是这么简单。另外,`rdiff-backup` 还有很多其他选项,例如,你可以从列表中排除文件,从一个远程备份到另一个远程等等,这些你可以在[文档][9]中了解。
### 总结
我们的开发团队希望用户能够喜欢这个改版后的开源 rdiff-backup 方案,这是我们不断努力的结晶。我们也感谢我们的贡献者,他们真正展示了开源的力量。
我们的开发团队希望用户能够喜欢这个改版后的开源 `rdiff-backup` 方案,这是我们不断努力的结晶。我们也感谢我们的贡献者,他们真正展示了开源的力量。
--------------------------------------------------------------------------------
@ -107,7 +103,7 @@ via: https://opensource.com/article/20/9/rdiff-backup-linux
作者:[Patrik Dufresne][a]
选题:[lujun9972][b]
译者:[geekpi](https://github.com/geekpi)
校对:[校对者ID](https://github.com/校对者ID)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出

117
sources/talk/20200928 5 ways to conduct user research with an open source mindset.md Normal file
View File

@ -0,0 +1,117 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (5 ways to conduct user research with an open source mindset)
[#]: via: (https://opensource.com/article/20/9/open-source-user-research)
[#]: author: (Alana Fialkoff https://opensource.com/users/alana)
5 ways to conduct user research with an open source mindset
======
See how this team elevates their user research experiences and results
with an open source approach.
![Mobile devices are a big part of our daily lives][1]
There are common beliefs about user experiences—the best ones are user-centered, iterative, and intuitive. When user experience (UX) research is conducted, user stories about these experiences are collected—but the research methods chosen inform user experiences, too.
So, what makes for an engaging research experience, and how can methods evolve alongside products to better connect with users?
[Red Hat's User Experience Design (UXD) research team][2] has the answer: a community-centered, open source mindset. 
As a UX writer on Red Hat's UXD team, I create new design documentation, empower team voices, and share Red Hat's open source story. My passion lies in using content to connect and inspire others. On our [Twitter][3] and [Medium][4] channels, we share thought leadership about UX writing, research, development, and design, all to amplify and grow our open source community. This community is at the heart of what we do. So when I learned how the research team centers community throughout their user testing, I leaped at the chance to tell their story.
### Approaching research with an open source mindset
Red Hat's UXD team creates in the open, and this ideology applies to their research, too. Thinking the open source way involves adopting a community-first and community-driven frame of mind. New ideas can come from anywhere, and an open source mindset embraces these varied voices and perspectives.
Structuring research with an open source mindset means each research technique should be driven by two angles—we don't just want to learn about our users; we want to learn from them, too.
To satisfy both of these user-focused objectives, we make research decisions backed by other voices, not just our own. By sourcing input from beyond our team, we design research experiences that are truly tailored to the communities we serve.
Guiding questions help us streamline this process. Some questions the team's researchers use to develop their methods include:
* Does this method amplify user voices?
* Are we facilitating open communication with our users?
* Does this method build a meaningful connection with our user base?
* What kind of experience does this technique build? Is it memorable? Engaging?
Notice a trend? Each question hinges on community.
### Building research experiences like user experiences
Researchers approach their UX research as a user experience, too. We want our research sessions to have the same qualities as our user interfaces:
* Memorable
* Engaging
* Intuitive
* User-centered
Research offers in-depth engagement with our user base, so it's important to tailor our techniques to that community. When we conduct user research, we learn more about how our users engage with our products and use that knowledge to improve them. We can use that same process to shape future research sessions.
Open source, user-centered research—sounds great. But how can we actually achieve it?
Let's take a look at five collaborative techniques we use to design more immersive user research experiences the open source way.
### Evolve research methods to build engaging experiences and strong connections
Tailor research methods to the target audience, with a goal to create a connective experience. The tools at our disposal vary largely depending on our venue (in-person vs. virtual), so this approach lets us get creative.
* **Add dimension**: Are you conducting a survey? Consider appealing your users' senses offscreen. We've expanded our research to the third dimension using strings, LEGOs, and card diagrams to collect data in more tactile ways.
* **Streamline**: Are your research methods efficient and time-conscious? There's only one way to find out. Follow up with users about their experience post-session. If they say a survey or form was cumbersome, consider condensing your longer questions into smaller, more digestible ones.
* **Simplify**: Use what you know about your user base to customize your techniques. A busy community working in enterprise IT, for example, might only have time to fill out a brief form. Structure your methods so that they're navigable and intuitive for your specific audience.
### Guide research with research
Contextualize questions around user's needs. Explore their goals. Identify their cares, difficulties, and thoughts on product performance. Use these findings to design more meaningful research sessions, and check in often. As our products evolve with our users, our research methods do, too.
### Keep an open mind
Work with the community to disprove our own assumptions. Lean into the spirit of open source by engaging with others across the team, company, user base, and industry. Use these communities like a sounding board for ideas and welcome their feedback. Community-centered conversations take place in environments like:
* Team meetings and brainstorms
* Company calls and research shares
* Conferences and industry panels
* Internal and external blogging platforms
* Other thought leadership forums
This means speaking at monthly meetings, messaging across team channels, and presenting ideas at annual thought leadership events, where a multitude of voices meet from across the industry to share their experience and expertise.
### Communicate, communicate, communicate
With an open source mindset comes open communication. Spark meaningful conversations with users and keep those channels open beyond formal research sessions. Community-driven research techniques start with just that: community. Invest in a strong connection with users to invite deeper insights and facilitate more impactful sessions.
### Experiment with new research techniques and take a user-centered, UX approach
Prototype. Test. Iterate. Repeat. The methods will morph as the open source approach takes shape.
That's the magic of conducting research in the open: dynamic change, driven by a deeper connection to the community.
Learn more about how Red Hat's UXD team conducts research by checking out [DevConf.US][5], where individuals across the open source community come together to talk all things tech, open source, and UX.
--------------------------------------------------------------------------------
via: https://opensource.com/article/20/9/open-source-user-research
作者:[Alana Fialkoff][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/alana
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/mobile-demo-device-phone.png?itok=y9cHLI_F (Mobile devices are a big part of our daily lives)
[2]: https://medium.com/patternfly/from-interviewers-to-interviewees-meet-red-hats-ux-research-team-af860a65abc5
[3]: https://twitter.com/RedHatUXD
[4]: https://medium.com/patternfly
[5]: https://www.devconf.info/us/

230
sources/tech/20200810 How to read Lynis reports to improve Linux security.md
View File

@ -1,230 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: (wxy)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (How to read Lynis reports to improve Linux security)
[#]: via: (https://opensource.com/article/20/8/linux-lynis-security)
[#]: author: (Alan Formy-Duval https://opensource.com/users/alanfdoss)
How to read Lynis reports to improve Linux security
======
Use Lynis' scans and reports to find and fix Linux security issues.
![Lock][1]
When I read Gaurav Kamathe's article _[Scan your Linux security with Lynis][2]_, it reminded me of my time as a systems administrator for the US Department of Labor. One of my duties was to keep our Unix servers hardened. Each quarter, an independent verifier came in to review our servers' security status. Each time on the day the verifier was scheduled to arrive, I ran Security Readiness Review (SRR), a scanning tool that used a large set of scripts to identify and report any security findings. SRR was open source, so I could view all the source scripts and their functions. This enabled me to look into the code, determine what specifically was wrong, and quickly fix each problem it found.
### What is Lynis?
[Lynis][3] is an open source security-auditing tool that works much like SRR by scanning a Linux system and providing detailed reports on any weaknesses it finds. Also like SRR, it is made up of a large set of scripts, and each script checks for a specific item, e.g., minimum and maximum password age requirements.
After running Lynis, you can use its report to locate each item's script and learn exactly how Lynis checked for and reported each problem. You can also use the same script code to create new code to automate a resolution.
### How to read Lynis reports
Since Gaurav's article covered Lynis' installation and usage, in this article, I'll show some examples of how you can read and use its reports.
To get started, run an audit:
```
`# lynis audit system --quick`
```
After it completes, the full report will be displayed on your screen. Towards the bottom, the **Suggestions** section lists all the items that may need to be triaged to better harden the system, as well as a TEST-ID for each.
To harden the system and reduce the size of the list, start chasing each item. The description in the **Suggestions** section may be everything you need to know what action to take. If it doesn't, you can use the `show details` command:
```
`# lynis show details TEST-ID`
```
For instance, one of the suggestions on my system is:
> The database required for `locate` could not be found. Run `updatedb` or `locate.updatedb` to create this file. [FILE-6410]
It looks like I just need to run the command `updatedb`, but if I want to be sure, I can use Lynis' `show details` option:
```
# lynis show details FILE-6410
2020-06-16 20:54:33 Performing test ID FILE-6410 (Checking Locate database)
2020-06-16 20:54:33 Test: Checking locate database
2020-06-16 20:54:33 Result: file /var/lib/mlocate/mlocate.db not found
2020-06-16 20:54:33 Result: file /var/lib/locate/locatedb not found
2020-06-16 20:54:33 Result: file /var/lib/locatedb not found
2020-06-16 20:54:33 Result: file /var/lib/slocate/slocate.db not found
2020-06-16 20:54:33 Result: file /var/cache/locate/locatedb not found
2020-06-16 20:54:33 Result: file /var/db/locate.database not found
2020-06-16 20:54:33 Result: database not found
2020-06-16 20:54:33 Suggestion: The database required for 'locate' could not be found. Run 'updatedb' or 'locate.updatedb' to create this file. [test:FILE-6410] [details:-] [solution:-]
2020-06-16 20:54:33 ====
```
These details indicate Lynis was unable to find various files. This case is very clear-cut. I can run the `updatedb` command and recheck this test:
```
# updatedb
# lynis --tests FILE-6410
```
Furthermore, rechecking the details shows which file it found that satisfied the test:
```
# lynis show details FILE-6410
2020-06-16 21:38:40 Performing test ID FILE-6410 (Checking Locate database)
2020-06-16 21:38:40 Test: Checking locate database
2020-06-16 21:38:40 Result: locate database found (/var/lib/mlocate/mlocate.db)
2020-06-16 21:38:40 Result: file /var/lib/locate/locatedb not found
2020-06-16 21:38:40 Result: file /var/lib/locatedb not found
2020-06-16 21:38:40 Result: file /var/lib/slocate/slocate.db not found
2020-06-16 21:38:40 Result: file /var/cache/locate/locatedb not found
2020-06-16 21:38:40 Result: file /var/db/locate.database not found
2020-06-16 21:38:40 ====
```
### Diving deeper
Many of Lynis' suggestions are not as straightforward as this one. If you aren't sure what a finding or a suggestion refers to, it can be difficult to know how to fix the problem. Suppose you run Lynis against a new Linux server, and there are several items pertaining to the secure shell (SSH) daemon, one of which refers to the `MaxAuthTries` setting:
```
* Consider hardening SSH configuration [SSH-7408]
    - Details  : MaxAuthTries (6 --> 3)
      <https://cisofy.com/lynis/controls/SSH-7408/>
```
To resolve this, you need to know the location of the SSH configuration files. A seasoned Linux administrator may already know where to find them, but if you don't, there is a way to see where Lynis found them.
#### Locate Lynis test scripts
Lynis supports many operating systems; therefore, your installation location might vary. On a Red Hat Enterprise Linux or Fedora Linux system, use `rpm` to find the test files:
```
`# rpm -ql lynis`
```
This lists all the test files and reports their location in the `lynis/include` directory. Search this directory for the TEST-ID you want to know about (SSH-7408 in this case):
```
# grep SSH-7408 /usr/share/lynis/include/*
/usr/share/lynis/include/tests_ssh:    # Test        : SSH-7408
```
#### Find SSH issues
The file named `tests_ssh` contains the TEST-ID, and this is where you can find the scan functions related to SSH. Take a look at this file to see the various functions called by the Lynis scanner. The first section defines a list of directories in a variable called `SSH_DAEMON_CONFIG_LOCS`. The following few sections are responsible for checking the SSH daemon status, locating its configuration file, and identifying its version. I found the code that looks for the configuration file in the section for Test SSH-7404, described as "Determine SSH daemon configuration file location". This code contains a **`for`** loop that searches the items in the list for a file called `sshd_config`. I can use this logic to do my own search:
```
# find /etc /etc/ssh /usr/local/etc/ssh /opt/csw/etc/ssh -name sshd_config
/etc/ssh/sshd_config
/etc/ssh/sshd_config
find: /usr/local/etc/ssh: No such file or directory
find: /opt/csw/etc/ssh: No such file or directory
```
Further exploring this file reveals the code related to finding SSH-7408. This test covers `MaxAuthTries` and several other settings. Now I can find the variable in the SSH configuration file:
```
# grep MaxAuthTries /etc/ssh/sshd_config
#MaxAuthTries 6
```
#### Fix legal banner problems
Lynis also reported a finding pertaining to the legal banners shown when you log into a system. On my home desktop system (where I don't expect many other people to log in), I haven't bothered to change the default `issue` files. A corporate or government system is likely required to include a legal banner to warn users that their logins and activity may be recorded and monitored. Lynis reports this with tests BANN-7126 and BANN-7130:
```
* Add a legal banner to /etc/issue, to warn unauthorized users [BANN-7126]
      <https://cisofy.com/lynis/controls/BANN-7126/>
* Add legal banner to /etc/issue.net, to warn unauthorized users [BANN-7130]
      <https://cisofy.com/lynis/controls/BANN-7130/>
```
I don't find much on my system running Fedora 32 Workstation:
```
# cat /etc/issue /etc/issue.net
\S
Kernel \r on an \m (\l)
\S
Kernel \r on an \m (\l)
```
I could add something like "Keep out" or "Don't break anything," but the test's description doesn't provide enough information to resolve the issue, so I took another look at the Lynis scripts. I noticed that the `include` directory contained a file called `tests_banners`; this seemed like a good place to look. With some help from `grep`, I saw the associated tests:
```
# grep -E 'BANN-7126|BANN-7130' /usr/share/lynis/include/tests_banners
    # Test        : BANN-7126
    Register --test-no BANN-7126 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check issue banner file contents"
    # Test        : BANN-7130
    Register --test-no BANN-7130 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check issue.net banner file contents"
```
After examining the associated code in the file for the test, I found out that both of these tests are iterating through some predefined legal terms with a `for` loop:
```
`for ITEM in ${LEGAL_BANNER_STRINGS}; do`
```
These legal terms are stored in the variable `LEGAL_BANNER_STRINGS` defined at the top of the file. Scrolling back to the top shows the full list:
```
`LEGAL_BANNER_STRINGS="audit access authori condition connect consent continu criminal enforce evidence forbidden intrusion law legal legislat log monitor owner penal policy policies privacy private prohibited record restricted secure subject system terms warning"`
```
My initial suggestions ("keep out" and "don't break anything") wouldn't have satisfied the test, because they don't contain any words from this list.
This banner message contains several of the required words, and therefore, it will satisfy this test and prevent Lynis from reporting it:
> Attention, by continuing to connect to this system, you consent to the owner storing a log of all activity. Unauthorized access is prohibited.
Note that this message must be added to both `/etc/issue` and `/etc/issue.net`.
### Making it repeatable
You could make these edits manually, but you may instead want to consider automation. For example, there may be many settings that need to be changed, or you might need to do these edits on a regular basis on many servers. Creating a hardening script would be a great way to streamline this process. For SSH configurations, some `sed` commands in your hardening script will resolve those findings. Or, you might use an echo statement to add the legal banners:
```
sed -i '/MaxAuthTries/s/#MaxAuthTries 6/MaxAuthTries 3/' /etc/ssh/sshd_config
echo "Legal Banner" | tee -a /etc/issue /etc/issue.net
```
Automation enables you to create a repeatable script that can be saved and managed across your infrastructure. You could also incorporate this script in your initial server provisioning.
### Harden your system
This type of exercise can improve your scripting skills both by following along with existing code and by writing your own scripts. Because it is open source, Lynis makes it easy to see under the hood how your system is checked and what its reports mean. The end result will be a well-hardened system that you can show off anytime those auditors come around.
--------------------------------------------------------------------------------
via: https://opensource.com/article/20/8/linux-lynis-security
作者:[Alan Formy-Duval][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/alanfdoss
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/security-lock-password.jpg?itok=KJMdkKum (Lock)
[2]: https://opensource.com/article/20/5/linux-security-lynis
[3]: https://github.com/CISOfy/lynis

239
sources/tech/20200907 Program hardware from the Linux command line.md
View File

@ -1,239 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Program hardware from the Linux command line)
[#]: via: (https://opensource.com/article/20/9/hardware-command-line)
[#]: author: (Alan Smithee https://opensource.com/users/alansmithee)
Program hardware from the Linux command line
======
Programming hardware has become more common thanks to the rise of the
Internet of Things (IoT). RT-Thread lets you contact devices from the
Linux command line with FinSH.
![Command line prompt][1]
RT-Thread is an open source [real-time operating system][2] used for programming Internet of Things (IoT) devices. FinSH is [RT-Thread][3]'s command-line component, and it provides a set of operation interfaces enabling users to contact a device from the command line. It's mainly used to debug or view system information.
Usually, development debugging is displayed using hardware debuggers and `printf` logs. In some cases, however, these two methods are not very useful because it's abstracted from what's running, and they can be difficult to parse. RT-Thread is a multi-thread system, though, which is helpful when you want to know the state of a running thread, or the current state of a manual control system. Because it's multi-threaded, you're able to have an interactive shell, so you can enter commands, call a function directly on the device to get the information you need, or control the program's behavior. This may seem ordinary to you if you're only used to modern operating systems such as Linux or BSD, but for hardware hackers this is a profound luxury, and a far cry from wiring serial cables directly onto boards to get glimpses of errors.
FinSH has two modes:
* A C-language interpreter mode, known as c-style
* A traditional command-line mode, known as `msh` (module shell)
In the C-language interpretation mode, FinSH can parse expressions that execute most of the C language and access functions and global variables on the system using function calls. It can also create variables from the command line.
In `msh` mode, FinSH operates similarly to traditional shells such as Bash.
### The GNU command standard
When we were developing FinSH, we learned that before you can write a command-line application, you need to become familiar with GNU command-line standards. This framework of standard practices helps bring familiarity to an interface, which helps developers feel comfortable and productive when using it.
A complete GNU command consists of four main parts:
1. **Command name (executable):** The name of the command line program
2. **Sub-command:** The sub-function name of the command program
3. **Options:** Configuration options for the sub-command function
4. **Arguments:** The corresponding arguments for the configuration options of the sub-command function
You can see this in action with any command. Taking Git as an example:
```
`git reset --hard HEAD~1`
```
Which breaks down as:
![GNU command line standards][4]
(Cathy, [CC BY-SA 4.0][5])
The executable command is **git**, the sub-command is **reset**, the option used is **\--head**, and the argument is **HEAD~1**.
Another example:
```
`systemctl enable --now firewalld`
```
The executable command is **systemctl**, the sub-command is **enable**, the option is **\--now**, and the argument is **firewalld**.
Imagine you want to write a command-line program that complies with the GNU standards using RT-Thread. FinSH has everything you need, and will run your code as expected. Better still, you can rely on this compliance so you can confidently port your favorite Linux programs.
### Write an elegant command-line program
Here's an example of RT-Thread running a command that RT-Thread developers use every day.
```
usage: env.py package [-h] [--force-update] [--update] [--list] [--wizard]
                      [--upgrade] [--printenv]
optional arguments:
  -h, --help      show this help message and exit
  --force-update  force update and clean packages, install or remove the
                  packages by your settings in menuconfig
  --update        update packages, install or remove the packages by your
                  settings in menuconfig
  --list          list target packages
  --wizard        create a new package with wizard
  --upgrade       upgrade local packages list and ENV scripts from git repo
  --printenv      print environmental variables to check
```
As you can tell, it looks familiar and acts like most POSIX applications that you might already run on Linux or BSD. Help is provided when incorrect or insufficient syntax is used, both long and short options are supported, and the general user interface is familiar to anyone who's used a Unix terminal.
### Kinds of options
There are many different kinds of options, and they can be divided into two main categories by length:
1. **Short options:** Consist of one hyphen plus a single letter, e.g., the `-h` option in `pkgs -h`
2. **Long options:** Consist of two hyphens plus words or letters, e.g., the `--target` option in `scons- --target-mdk5`
You can divide these options into three categories, determined by whether they have arguments:
1. **No arguments:** The option cannot be followed by arguments
2. **Arguments must be included:** The option must be followed by arguments
3. **Arguments optional:** Arguments after the option are allowed but not required
As you'd expect from most Linux commands, FinSH option parsing is pretty flexible. It can distinguish an option from an argument based on a space or equal sign as delimiter, or just by extracting the option itself and assuming that whatever follows is the argument (in other words, no delimiter at all):
* `wavplay -v 50`
* `wavplay -v50`
* `wavplay --vol=50`
### Using optparse
If you've ever written a command-line application, you may know there's generally a library or module for your language of choice called optparse. It's provided to programmers so that options (such as **-v** or **\--verbose**) entered as part of a command can be _parsed_ in relation to the rest of the command. It's what helps your code know an option from a sub-command or argument.
When writing a command for FinSH, the `optparse` package expects this format:
```
`MSH_CMD_EXPORT_ALIAS(pkgs, pkgs, this is test cmd.);`
```
You can implement options using the long or short form, or both. For example:
```
static struct optparse_long long_opts[] =
{
    {"help"        , 'h', OPTPARSE_NONE}, // Long command: help, corresponding to short command h, without arguments.
    {"force-update",  0 , OPTPARSE_NONE}, // Long comman: force-update, without arguments
    {"update"      ,  0 , OPTPARSE_NONE},
    {"list"        ,  0 , OPTPARSE_NONE},
    {"wizard"      ,  0 , OPTPARSE_NONE},
    {"upgrade"     ,  0 , OPTPARSE_NONE},
    {"printenv"    ,  0 , OPTPARSE_NONE},
    { NULL         ,  0 , OPTPARSE_NONE}
};
```
After the options are created, write the command and instructions for each option and its arguments:
```
static void usage(void)
{
    rt_kprintf("usage: env.py package [-h] [--force-update] [--update] [--list] [--wizard]\n");
    rt_kprintf("                      [--upgrade] [--printenv]\n\n");
    rt_kprintf("optional arguments:\n");
    rt_kprintf("  -h, --help      show this help message and exit\n");
    rt_kprintf("  --force-update  force update and clean packages, install or remove the\n");
    rt_kprintf("                  packages by your settings in menuconfig\n");
    rt_kprintf("  --update        update packages, install or remove the packages by your\n");
    rt_kprintf("                  settings in menuconfig\n");
    rt_kprintf("  --list          list target packages\n");
    rt_kprintf("  --wizard        create a new package with wizard\n");
    rt_kprintf("  --upgrade       upgrade local packages list and ENV scripts from git repo\n");
    rt_kprintf("  --printenv      print environmental variables to check\n");
}
```
The next step is parsing. While you can't implement its functions yet, the framework of the parsed code is the same:
```
int pkgs(int argc, char **argv)
{
    int ch;
    int option_index;
    struct optparse options;
    if(argc == 1)
    {
        usage();
        return RT_EOK;
    }
    optparse_init(&amp;options, argv);
    while((ch = optparse_long(&amp;options, long_opts, &amp;option_index)) != -1)
    {
        ch = ch;
        rt_kprintf("\n");
        rt_kprintf("optopt = %c\n", options.optopt);
        rt_kprintf("optarg = %s\n", options.optarg);
        rt_kprintf("optind = %d\n", options.optind);
        rt_kprintf("option_index = %d\n", option_index);
    }
    rt_kprintf("\n");
    return RT_EOK;
}
```
Here is the function head file:
```
#include "optparse.h"
#include "finsh.h"
```
Then, compile and download onto a device.
![Output][6]
(Cathy, [CC BY-SA 4.0][5])
### Hardware hacking
Programming hardware can seem intimidating, but with IoT it's becoming more and more common. Not everything can or should be run on a Raspberry Pi, but with RT-Thread you can maintain a familiar Linux feel, thanks to FinSH.
If you're curious about coding on bare metal, give RT-Thread a try.
--------------------------------------------------------------------------------
via: https://opensource.com/article/20/9/hardware-command-line
作者:[Alan Smithee][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/alansmithee
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/command_line_prompt.png?itok=wbGiJ_yg (Command line prompt)
[2]: https://opensource.com/article/20/6/open-source-rtos
[3]: https://github.com/RT-Thread/rt-thread
[4]: https://opensource.com/sites/default/files/uploads/command-line-apps_2.png (GNU command line standards)
[5]: https://creativecommons.org/licenses/by-sa/4.0/
[6]: https://opensource.com/sites/default/files/uploads/command-line-apps_3.png (Output)

140
sources/tech/20200921 Installing and running Vagrant using qemu-kvm.md
View File

@ -1,140 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: (geekpi)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Installing and running Vagrant using qemu-kvm)
[#]: via: (https://fedoramagazine.org/vagrant-qemukvm-fedora-devops-sysadmin/)
[#]: author: (Andy Mott https://fedoramagazine.org/author/amott/)
Installing and running Vagrant using qemu-kvm
======
![][1]
Vagrant is a brilliant tool, used by DevOps professionals, coders, sysadmins and regular geeks to stand up repeatable infrastructure for development and testing. From their website:
> Vagrant is a tool for building and managing virtual machine environments in a single workflow. With an easy-to-use workflow and focus on automation, Vagrant lowers development environment setup time, increases production parity, and makes the “works on my machine” excuse a relic of the past.
>
> If you are already familiar with the basics of Vagrant, the documentation provides a better reference build for all available features and internals.
>
> Vagrant provides easy to configure, reproducible, and portable work environments built on top of industry-standard technology and controlled by a single consistent workflow to help maximize the productivity and flexibility of you and your team.
>
> <https://www.vagrantup.com/intro>
This guide will walk through the steps necessary to get Vagrant working on a Fedora-based machine.
I started with a minimal install of Fedora Server as this reduces the memory footprint of the host OS, but if you already have a working Fedora machine, either Server or Workstation, then this should still work.
### Check the machine supports virtualisation:
```
$ sudo lscpu | grep Virtualization
Virtualization: VT-x
Virtualization type: full
```
### Install qemu-kvm:
```
sudo dnf install qemu-kvm libvirt libguestfs-tools virt-install rsync
```
### Enable and start the libvirt daemon:
```
sudo systemctl enable --now libvirtd
```
### Install Vagrant:
```
sudo dnf install vagrant
```
### Install the Vagrant libvirtd plugin:
```
sudo vagrant plugin install vagrant-libvirt
```
### Add a box
```
vagrant box add fedora/32-cloud-base --provider=libvirt
```
### Create a minimal Vagrantfile to test
```
$ mkdir vagrant-test
$ cd vagrant-test
$ vi VagrantfileVagrant.configure("2") do |config|
config.vm.box = "fedora/32-cloud-base"
end
```
**Note the capitalisation of the file name and in the file itself.**
### Check the file:
```
vagrant statusCurrent machine states:
default not created (libvirt)
The Libvirt domain is not created. Run 'vagrant up' to create it.
```
### Start the box:
```
vagrant up
```
### Connect to your new machine:
```
vagrant ssh
```
Thats it you now have Vagrant working on your Fedora machine.
To stop the machine, use _vagrant halt_. This simply halts the machine but leaves the VM and disk in place.
To shut it down and delete it use _vagrant destroy_. This will remove the whole machine and any changes youve made in it.
### Next steps
You dont need to download boxes before issuing the _vagrant up_ command you can specify the box and the provider in the Vagrantfile directly and Vagrant will download it if its not already there. Below is an example which also sets the amount memory and number of CPUs:
```
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure("2") do |config|
config.vm.box = "fedora/32-cloud-base"
config.vm.provider :libvirt do |libvirt|
libvirt.cpus = 1
libvirt.memory = 1024
end
end
```
For more information on using Vagrant, creating your own machines and using different boxes, see the official documentation at <https://www.vagrantup.com/docs>
There is a huge repository of boxes ready to download and use, and the official location for these is Vagrant Cloud <https://app.vagrantup.com/boxes/search>. Some are basic operating systems and some offer complete functionality such as databases, web servers etc.
--------------------------------------------------------------------------------
via: https://fedoramagazine.org/vagrant-qemukvm-fedora-devops-sysadmin/
作者:[Andy Mott][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://fedoramagazine.org/author/amott/
[b]: https://github.com/lujun9972
[1]: https://fedoramagazine.org/wp-content/uploads/2020/09/vagrant-beginner-howto-816x346.png

2
sources/tech/20200923 Find security issues in Go code using gosec.md
View File

@ -1,5 +1,5 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: translator: (lxbwolf)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )

214
sources/tech/20200926 10 Open Source Static Site Generators to Create Fast and Resource-Friendly Websites.md
View File

@ -1,214 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: (lxbwolf)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (10 Open Source Static Site Generators to Create Fast and Resource-Friendly Websites)
[#]: via: (https://itsfoss.com/open-source-static-site-generators/)
[#]: author: (Ankush Das https://itsfoss.com/author/ankush/)
10 Open Source Static Site Generators to Create Fast and Resource-Friendly Websites
======
_**Brief: Looking to deploy a static web-page? No need to fiddle with HTML and CSS. These open source static website generators will help you deploy beautiful, functional static websites in no time.**_
### What is a static website?
Technically, a static website means the webpages are not generated on the server dynamically. The HTML, CSS, JavaScript lie on the server in the version the end user receives it. The raw source code files are already prebuilt, the source code doesnt change with the next server request.
Its FOSS is a dynamic website which depends on several databases and the web pages are generated and served when theres a request from your browser. Majority of the web is powered by dynamic sites where you interact with the websites and there are plenty of content that often change.
Static websites give you a few benefits like faster loading times, less server resource requirements, and better security (debatable?).
Traditionally, static websites are more suitable for creating small websites with only a few pages and where the content doesnt change too often.
This, however, is changing thanks to static website generator tools and you can use them to create blogs as well.
I have compiled a list of open source static site generators that can help you build a beautiful website.
### Best Open Source Static Site Generators
Its worth noting that you will not get complex functionality on a static website. In that case, you might want to check out our list of [best open source CMS][1] for dynamic websites.
#### 1\. Jekyll
![][2]
Jekyll is one of the most popular open source static generator built using [Ruby][3]. In fact, Jekyll is the engine behind [GitHub pages][4] which lets you host websites using GitHub for free.
Setting up Jekyll is easy across multiple platforms which includes Ubuntu as well. It utilizes [Markdown][5], [Liquid][5] (for template), HTML, and CSS to generate the static site files. It is also a pretty good option if you want to build a blog without advertisements or a product page to promote your tool or service.
Also, it supports migrating your blog from popular CMSs like Ghost, WordPress, Drupal 7, and more. You get to manage permalinks, categories, pages, posts, and custom layouts, which is nice. So, even if you already have an existing website that you want to convert to a static site, Jekyll should be a perfect solution. You can learn more about it by exploring the [official documentation][6] or its [GitHub page][7].
[Jekyll][8]
#### 2\. Hugo
![][9]
Hugo is yet another popular open source framework for building static sites. Its built using the [Go programming language][10].
It is fast, simple, and reliable. You also get some advanced theming support if you need it. It also offers some useful shortcuts to help you get things done easily. No matter whether its a portfolio site or a blog, Hugo is capable enough to manage a variety of content types.
To get started, you can follow its [official documentation][11] or go through its [GitHub page][12] to install it and learn more about its usage. You can also deploy Hugo on GitHub pages or any CDN if required.
[Hugo][13]
#### 3\. Hexo
![][14]
Hexo is an interesting open-source framework powered by [Node.js][15]. Similar to others, you will end up creating blazing fast websites but you will also get a good collection of themes and plugins.
You do get a powerful API here to extend functionality as per your requirements as well. If you already have a website, you can simply use its [Migrator][16] extension as well.
To get started, you can go through the [official documentation][17] or just explore their [GitHub page][18].
[Hexo][19]
#### 4\. Gatsby
![][20]
Gatsby is an increasingly open-source popular site generator framework. It utilizes [React.js][21] for creating fast and beautiful websites.
I was quite interested to give this a try for some experimental projects a few years back and it is impressive to see the availability thousands of new plugins and themes. Unlike other static site generators, you can use Gatsby to generate a site and get the benefits of static sites without losing any features.
It offers a lot of useful integrations from popular services. Of course, you can keep it simple or use it coupled with a popular CMS of your choice, which should be interesting. You can take a look at their [official documentation][22] and its [GitHub page][23] to find out more on it.
[Gatsby][24]
#### 5\. VuePress
![][25]
VuePress is a static site generator powered by [Vue.js][26] which happens to be an open-source progressive JavaScript framework.
If you know HTML, CSS, and JavaScript, you can easily get started using VuePress. You should find several useful plugins and themes to get a head start on building your site. Also, it seems like Vue.js is being actively improved and has the attention of more developers, which is a good thing.
You can learn more about it through their [official guide][27] and the [GitHub page][28].
[VuePress][29]
#### 6\. Nuxt.js
![][30]
Nuxt.js utilizes Vue.js and Node.js but it focuses on providing modularity and has the ability to rely on the server-side instead of the client-side. Not just that, it aims to provide an intuitive experience to the developers with descriptive errors, and detailed documentations among other things.
As it claims, Nuxt.js should be the best of both world with all of its features and flexibility that you get to build a static website. They also offer a [Nuxt Online sandbox][31] to let you directly test it without a lot of effort.
You can explore its [GitHub page][32] or visit the [official][33] [][33][site][33] to get more details.
#### 7\. Docusaurus
![][34]
Docusaurus is an interesting open-source static site generator tailored for building documentation websites. It happens to be a part of [Facebooks open source initiative][35].
It is built using React. You get all the essential features like document versioning, document search, and translation mostly pre-configured. If youre planning to build a documentation website for any of your products/services, this should be a good start.
You can learn more about it on its [GitHub page][36] and its [official website][37].
[Docusaurus][37]
#### 8\. Eleventy
![][38]
Eleventy describes itself as an alternative to Jekyll and aims for a simpler approach to make faster static websites.
It seems easy to get started and it also offers proper documentation to help you out. If you want a simple static site generator that gets the job done, Eleventy seems to be an interesting choice.
You can explore more about it on its [GitHub page][39] and visit the [official website][40] for more details.
[Eleventy][40]
#### 9\. Publii
![][41]
Publii is an impressive open-source CMS that makes it easy to generate a static site. Its built using [Electron][42] and Vue.js. You can also migrate your posts from a WordPress site if needed. In addition to that, it offers several one-click synchronizations with GitHub Pages, Netlify, and similar services.
You also get a WYSIWYG editor if you utilize Publii to generate a static site. To get started, visit the [official website][43] to download it or explore its [GitHub page][44] for more information.
[Publii][43]
#### 10\. Primo
![][45]
An interesting open-source static site generator which is still in active development. Even though its not a full-fledged solution with all the features compared to other static generators, it is a unique project.
Primo aims to help you build and develop a site using a visual builder which can be easily edited and deployed to any host of your choice.
You can visit the [official website][46] or explore its [GitHub page][47] for more information.
[Primo][46]
### Wrapping Up
There are a lot of other site generators available out there. However, Ive tried to mention the best static generators that gives you the fastest loading times, the best security, and an impressive flexibility.
Did I miss any of your favorites? Let me know in the comments below.
--------------------------------------------------------------------------------
via: https://itsfoss.com/open-source-static-site-generators/
作者:[Ankush Das][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://itsfoss.com/author/ankush/
[b]: https://github.com/lujun9972
[1]: https://itsfoss.com/open-source-cms/
[2]: https://i1.wp.com/itsfoss.com/wp-content/uploads/2018/01/jekyll-screenshot.jpg?resize=800%2C450&ssl=1
[3]: https://www.ruby-lang.org/en/
[4]: https://pages.github.com/
[5]: https://github.com/Shopify/liquid/wiki
[6]: https://jekyllrb.com/docs/
[7]: https://github.com/jekyll/jekyll
[8]: https://jekyllrb.com/
[9]: https://i2.wp.com/itsfoss.com/wp-content/uploads/2020/09/hugo.jpg?resize=800%2C414&ssl=1
[10]: https://golang.org/
[11]: https://gohugo.io/getting-started/
[12]: https://github.com/gohugoio/hugo
[13]: https://gohugo.io/
[14]: https://i2.wp.com/itsfoss.com/wp-content/uploads/2020/09/hexo.jpg?resize=800%2C213&ssl=1
[15]: https://nodejs.org/en/
[16]: https://hexo.io/api/migrator.html
[17]: https://hexo.io/docs/
[18]: https://github.com/hexojs/hexo
[19]: https://hexo.io/
[20]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2020/09/gatsbyjs.png?resize=800%2C388&ssl=1
[21]: https://reactjs.org/
[22]: https://www.gatsbyjs.com/docs/
[23]: https://github.com/gatsbyjs/gatsby
[24]: https://www.gatsbyjs.com/
[25]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2020/09/VuePress.jpg?resize=800%2C498&ssl=1
[26]: https://vuejs.org/
[27]: https://vuepress.vuejs.org/guide/
[28]: https://github.com/vuejs/vuepress
[29]: https://vuepress.vuejs.org/
[30]: https://i2.wp.com/itsfoss.com/wp-content/uploads/2020/09/nuxtjs.jpg?resize=800%2C415&ssl=1
[31]: https://template.nuxtjs.org/
[32]: https://github.com/nuxt/nuxt.js
[33]: https://nuxtjs.org/
[34]: https://i2.wp.com/itsfoss.com/wp-content/uploads/2020/09/docusaurus.jpg?resize=800%2C278&ssl=1
[35]: https://opensource.facebook.com/
[36]: https://github.com/facebook/docusaurus
[37]: https://docusaurus.io/
[38]: https://i1.wp.com/itsfoss.com/wp-content/uploads/2020/09/eleventy.png?resize=800%2C375&ssl=1
[39]: https://github.com/11ty/eleventy/
[40]: https://www.11ty.dev/
[41]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2020/09/publii.jpg?resize=800%2C311&ssl=1
[42]: https://www.electronjs.org
[43]: https://getpublii.com/
[44]: https://github.com/GetPublii/Publii
[45]: https://i1.wp.com/itsfoss.com/wp-content/uploads/2020/09/primo-af.jpg?resize=800%2C394&ssl=1
[46]: https://primo.af/
[47]: https://github.com/primo-app/primo-desktop

166
sources/tech/20200928 Add sound to your Python game.md Normal file
View File

@ -0,0 +1,166 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Add sound to your Python game)
[#]: via: (https://opensource.com/article/20/9/add-sound-python-game)
[#]: author: (Seth Kenlon https://opensource.com/users/seth)
Add sound to your Python game
======
Hear what happens when your hero fights, jumps, collects loot, and more
by adding sounds to your game. Learn how in the 13th article in this
series on creating a platformer in Pygame.
![Colorful sound wave graph][1]
This is part 13 in an ongoing series about creating video games in [Python 3][2] using the [Pygame][3] module. Previous articles are:
1. [Learn how to program in Python by building a simple dice game][4]
2. [Build a game framework with Python using the Pygame module][5]
3. [How to add a player to your Python game][6]
4. [Using Pygame to move your game character around][7]
5. [What's a hero without a villain? How to add one to your Python game][8]
6. [Add platforms to your game][9]
7. [Simulate gravity in your Python game][10]
8. [Add jumping to your Python platformer game][11]
9. [Enable your Python game player to run forward and backward][12]
10. [Using Python to set up loot in Pygame][13]
11. [Add scorekeeping to your Python game][14]
12. [Add throwing mechanics to your Python game][15]
Pygame provides an easy way to integrate sounds into your Python video game. Pygame's [mixer module][16] can play one or more sounds on command, and by mixing those sounds together, you can have, for instance, background music playing at the same time you hear the sounds of your hero collecting loot or jumping over enemies.
It is easy to integrate the mixer module into an existing game, so—rather than giving you code samples showing you exactly where to put them—this article explains the four steps required to get sound in your application.
### Start the mixer
First, in your code's setup section, start the mixer process. Your code already starts Pygame and Pygame fonts, so grouping it together with these is a good idea:
```
pygame.init()
pygame.font.init()
pygame.mixer.init() # add this line
```
### Define the sounds
Next, you must define the sounds you want to use. This requires that you have the sounds on your computer, just as using fonts requires you to have fonts, and using graphics requires you to have graphics.
You also must bundle those sounds with your game so that anyone playing your game has the sound files.
To bundle a sound with your game, first create a new directory in your game folder, right along with the directory you created for your images and fonts. Call it `sound`:
```
`s = 'sound'`
```
Even though there are plenty of sounds on the internet, it's not necessarily _legal_ to download them and give them away with your game. It seems strange because so many sounds from famous video games are such a part of popular culture, but that's how the law works. If you want to ship a sound with your game, you must find an open source or [Creative Commons][17] sound that gives you permission to give the sound away with your game.
There are several sites that specialize in free and legal sounds, including:
* [Freesound][18] hosts sound effects of all sorts.
* [Incompetech][19] hosts background music.
* [Open Game Art][20] hosts some sound effects and music.
Some sound files are free to use only if you give the composer or sound designer credit. Read the conditions of use carefully before bundling any with your game! Musicians and sound designers work just as hard on their sounds as you work on your code, so it's nice to give them credit even when they don't require it.
To give your sound sources credit, list the sounds that you use in a text file called `CREDIT`, and place the text file in your game folder.
You might also try making your own music. The excellent [LMMS][21] audio workstation is easy to use and ships with lots of interesting sounds. It's available on all major platforms and exports to [Ogg Vorbis][22] (OGG) audio format.
### Add sound to Pygame
When you find a sound that you like, download it. If it comes in a ZIP or TAR file, extract it and move the sounds into the `sound` folder in your game directory.
If the sound file has a complicated name with spaces or special characters, rename it. The filename is completely arbitrary, and the simpler it is, the easier it is for you to type into your code.
Most video games use OGG sound files because the format provides high quality in small file sizes. When you download a sound file, it might be an MP3, WAVE, FLAC, or another audio format. To keep your compatibility high and your download size low, convert these to Ogg Vorbis with a tool like [fre:ac][23] or [Miro][24].
For example, assume you have downloaded a sound file called `ouch.ogg`.
In your code's setup section, create a variable representing the sound file you want to use:
```
`ouch = pygame.mixer.Sound(os.path.join(s, 'ouch.ogg'))`
```
### Trigger a sound
To use a sound, all you have to do is call the variable when you want to trigger it. For instance, to trigger the `OUCH` sound effect when your player hits an enemy:
```
for enemy in enemy_hit_list:
    pygame.mixer.Sound.play(ouch)
    score -= 1
```
You can create sounds for all kinds of actions, such as jumping, collecting loot, throwing, colliding, and whatever else you can imagine.
### Add background music
If you have music or atmospheric sound effects you want to play in your game's background, you can use the `music` function of Pygame's mixer module. In your setup section, load the music file:
```
`music = pygame.mixer.music.load(os.path.join(s, 'music.ogg'))`
```
And start the music:
```
`pygame.mixer.music.play(-1)`
```
The `-1` value tells Pygame to loop the music file infinitely. You can set it to anything from `0` and beyond to define how many times the music should loop before stopping.
### Enjoy the soundscapes
Music and sound can add a lot of flavor to your game. Try adding some to your Pygame project!
--------------------------------------------------------------------------------
via: https://opensource.com/article/20/9/add-sound-python-game
作者:[Seth Kenlon][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/seth
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/colorful_sound_wave.png?itok=jlUJG0bM (Colorful sound wave graph)
[2]: https://www.python.org/
[3]: https://www.pygame.org/news
[4]: https://opensource.com/article/17/10/python-101
[5]: https://opensource.com/article/17/12/game-framework-python
[6]: https://opensource.com/article/17/12/game-python-add-a-player
[7]: https://opensource.com/article/17/12/game-python-moving-player
[8]: https://opensource.com/article/18/5/pygame-enemy
[9]: https://opensource.com/article/18/7/put-platforms-python-game
[10]: https://opensource.com/article/19/11/simulate-gravity-python
[11]: https://opensource.com/article/19/12/jumping-python-platformer-game
[12]: https://opensource.com/article/19/12/python-platformer-game-run
[13]: https://opensource.com/article/19/12/loot-python-platformer-game
[14]: https://opensource.com/article/20/1/add-scorekeeping-your-python-game
[15]: https://opensource.com/article/20/9/add-throwing-python-game
[16]: https://www.pygame.org/docs/ref/mixer.html
[17]: https://opensource.com/article/20/1/what-creative-commons
[18]: https://freesound.org
[19]: https://incompetech.filmmusic.io
[20]: https://opengameart.org
[21]: https://opensource.com/life/16/2/linux-multimedia-studio
[22]: https://en.wikipedia.org/wiki/Vorbis
[23]: https://www.freac.org/index.php/en/downloads-mainmenu-330
[24]: http://getmiro.com

77
sources/tech/20200928 Create template files in GNOME.md Normal file
View File

@ -0,0 +1,77 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Create template files in GNOME)
[#]: via: (https://opensource.com/article/20/9/gnome-templates)
[#]: author: (Alan Formy-Duval https://opensource.com/users/alanfdoss)
Create template files in GNOME
======
Make boilerplates so you can get started on a new document faster.
![Digital images of a computer desktop][1]
I just stumbled onto a new (to me) feature of the [GNOME][2] desktop that enables you to create a document template. A template is generally an empty shell of a document with certain things configured and is often referred to as boilerplate. An example might be a letterhead for a law firm, with its corporate title and address at the top. Another might be a bank or insurance carrier letter that contains certain disclaimers in the footer at the bottom of the document. Since this sort of information rarely changes, you can add it to an empty document to use as a template.
I was browsing through files on my Linux system one day and clicked on the **Templates** directory. I just happened to notice a message at the top of the window that stated, "Put files in this folder to use them as templates for new documents." There was also a link to **Learn more…** that opens the [GNOME help][3] for templates.
![Message at top of Templates folder in GNOME Desktop][4]
(Alan Formy-Duval, [CC BY-SA 4.0][5])
### Create a template
Creating a template for the GNOME desktop is quite simple. There are several ways you can place a file into this folder: You can copy or move a file from another location through either the graphical user interface (GUI) or the command-line interface (CLI), or you can create an entirely new file. I chose the latter; actually, I created two files.
![My first two GNOME templates][6]
(Alan Formy-Duval, [CC BY-SA 4.0][5])
The first template I created is for an Opensource.com article. It provides a place to enter a title and several lines for my name and the license terms under which I am providing the content of the article. I use the Markdown document format for my articles, so I create the template as a new Markdown document—**Opensource.com Article.md**:
```
# Title    
```
An article for Opensource.com
by: Alan Formy-Duval
Creative Commons BY-SA 4.0
```
```
I saved this document as a file in `/home/alan/Templates`. Now GNOME recognizes this file as a template and suggests it whenever I want to create a new document.
### Use a template
Whenever I get a spark or epiphany for a new article, I can just right-click in the folder where I plan to organize my content and select the template from the **New Document** list.
![Select the template by name][7]
(Alan Formy-Duval, [CC BY-SA 4.0][5])
You can make a template for all sorts of documents or files. I am writing this article using a template I created for my Opensource.com articles. Programmers might use templates for software code; perhaps you want a template that just contains `main()`.
The GNOME desktop environment provides a very useful, feature-rich user interface for users of Linux and related operating systems. What are your favorite GNOME desktop features, and how do you use them? Please share in the comments!
--------------------------------------------------------------------------------
via: https://opensource.com/article/20/9/gnome-templates
作者:[Alan Formy-Duval][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/alanfdoss
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/computer_desk_home_laptop_browser.png?itok=Y3UVpY0l (Digital images of a computer desktop)
[2]: https://www.gnome.org/
[3]: https://help.gnome.org/users/gnome-help/stable/files-templates.html.en
[4]: https://opensource.com/sites/default/files/uploads/gnome-message_at_top_border.png (Message at top of Templates folder in GNOME Desktop)
[5]: https://creativecommons.org/licenses/by-sa/4.0/
[6]: https://opensource.com/sites/default/files/uploads/gnome-first_two_templates_border.png (My first two GNOME templates)
[7]: https://opensource.com/sites/default/files/uploads/gnome-new_document_menu_border.png (Select the template by name)

2
sources/tech/20200928 How to Use the Firefox Task Manager (to Find and Kill RAM and CPU Eating Tabs and Extensions).md
View File

@ -1,5 +1,5 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: translator: (geekpi)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )

266
sources/tech/20200928 How to view information on your Linux devices with lshw.md Normal file
View File

@ -0,0 +1,266 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (How to view information on your Linux devices with lshw)
[#]: via: (https://www.networkworld.com/article/3583598/how-to-view-information-on-your-linux-devices-with-lshw.html)
[#]: author: (Sandra Henry-Stocker https://www.networkworld.com/author/Sandra-Henry_Stocker/)
How to view information on your Linux devices with lshw
======
The lshw (list hardware) command on Linux systems provides a lot more information on system devices than most of us might imagine is available.
Kali Linux / nevarpp / Getty Images
While far from being one of the first 50 Linux commands anyone learns, the **lshw** command (read as “ls hardware”) can provide a lot of useful details on your systems hardware.
It extracts details—maybe quite a few more than you knew were available—in a format that is reasonably easy to digest. Given descriptions, logical (device) names, sizes, etc., you are likely to appreciate how much detail you can access.
This post examines the information that **lshw** provides with a particular focus on disk and related hardware. Here is some sample **lshw** output:
```
$ sudo lshw -C disk
*-disk:0
description: SCSI Disk
product: Card Reader-1
vendor: JIE LI
physical id: 0.0.0
bus info: scsi@4:0.0.0
logical name: /dev/sdc
version: 1.00
capabilities: removable
configuration: logicalsectorsize=512 sectorsize=512
*-medium
physical id: 0
logical name: /dev/sdc
```
Note that you should run the **lshw** command with **sudo** to ensure that you get all of the available details.
While we asked for “disk” in the above command (the output included shows only the first of five entries displayed), this particular output shows not a hard disk, but a card reader—another member of the disk class. Note that the system knows this device as **/dev/sdc**.
Similar details are provided on the primary disk on the system:
```
*-disk
description: ATA Disk
product: SSD2SC120G1CS175
physical id: 0
bus info: scsi@0:0.0.0
logical name: /dev/sda <==
version: 1101
serial: PNY20150000778410606
size: 111GiB (120GB)
capabilities: partitioned partitioned:dos
configuration: ansiversion=5 logicalsectorsize=512 sectorsize=512 signature=
f63b5929
```
This disk is **/dev/sda**. The hard disks on this system both show up as **ATA** disks. **ATA** is a disk-drive implementation that integrates the controller on the disk drive itself.
To get an abbreviated list of devices in the “disk” class, you can run a command like this one. Notice that two of the devices are listed twice, so we are still seeing five disk devices.
```
$ sudo lshw -short -C disk
H/W path Device Class Description
=============================================================
/0/100/1d/1/1/0.0.0 /dev/sdc disk Card Reader-1
/0/100/1d/1/1/0.0.0/0 /dev/sdc disk
/0/100/1d/1/1/0.0.1 /dev/sdd disk 2
/0/100/1d/1/1/0.0.1/0 /dev/sdd disk
/0/100/1f.2/0 /dev/sda disk 120GB SSD2SC120G1CS175
/0/100/1f.2/1 /dev/cdrom disk DVD+-RW GSA-H73N
/0/100/1f.5/0.0.0 /dev/sdb disk 500GB SAMSUNG HE502HJ
```
Hold onto your seat if you decide you want to see _**all**_ of the devices on a system. You will get a list that includes a lot more things than you probably normally think of as “devices”. Heres an example—and this is the “short” (few details) list:
```
$ sudo lshw -short
[sudo] password for shs:
H/W path Device Class Description
=============================================================
system Inspiron 530s
/0 bus 0RY007
/0/0 memory 128KiB BIOS
/0/4 processor Intel(R) Core(TM)2 Duo CPU
/0/4/a memory 32KiB L1 cache
/0/4/b memory 6MiB L2 cache
/0/24 memory 6GiB System Memory
/0/24/0 memory 2GiB DIMM DDR2 Synchronous 667
/0/24/1 memory 1GiB DIMM DDR2 Synchronous 667
/0/24/2 memory 2GiB DIMM DDR2 Synchronous 667
/0/24/3 memory 1GiB DIMM DDR2 Synchronous 667
/0/1 generic
/0/10 generic
/0/11 generic
/0/12 generic
/0/13 generic
/0/14 generic
/0/15 generic
/0/17 generic
/0/18 generic
/0/19 generic
/0/2 generic
/0/20 generic
/0/100 bridge 82G33/G31/P35/P31 Express DRAM
/0/100/1 bridge 82G33/G31/P35/P31 Express PCI
/0/100/1/0 display Caicos [Radeon HD 6450/7450/84
/0/100/1/0.1 multimedia Caicos HDMI Audio [Radeon HD 6
/0/100/19 enp0s25 network 82562V-2 10/100 Network Connec
/0/100/1a bus 82801I (ICH9 Family) USB UHCI
/0/100/1a/1 usb3 bus UHCI Host Controller
/0/100/1a.1 bus 82801I (ICH9 Family) USB UHCI
/0/100/1a.1/1 usb4 bus UHCI Host Controller
/0/100/1a.1/1/2 input Rock Candy Wireless Keyboard
/0/100/1a.2 bus 82801I (ICH9 Family) USB UHCI
/0/100/1a.2/1 usb5 bus UHCI Host Controller
/0/100/1a.2/1/2 input USB OPTICAL MOUSE
/0/100/1a.7 bus 82801I (ICH9 Family) USB2 EHCI
/0/100/1a.7/1 usb1 bus EHCI Host Controller
/0/100/1b multimedia 82801I (ICH9 Family) HD Audio
/0/100/1d bus 82801I (ICH9 Family) USB UHCI
/0/100/1d/1 usb6 bus UHCI Host Controller
/0/100/1d/1/1 scsi4 storage CD04
/0/100/1d/1/1/0.0.0 /dev/sdc disk Card Reader-1
/0/100/1d/1/1/0.0.0/0 /dev/sdc disk
/0/100/1d/1/1/0.0.1 /dev/sdd disk 2
/0/100/1d/1/1/0.0.1/0 /dev/sdd disk
/0/100/1d.1 bus 82801I (ICH9 Family) USB UHCI
/0/100/1d.1/1 usb7 bus UHCI Host Controller
/0/100/1d.2 bus 82801I (ICH9 Family) USB UHCI
/0/100/1d.2/1 usb8 bus UHCI Host Controller
/0/100/1d.7 bus 82801I (ICH9 Family) USB2 EHCI
/0/100/1d.7/1 usb2 bus EHCI Host Controller
/0/100/1d.7/1/2 multimedia USB Live camera
/0/100/1e bridge 82801 PCI Bridge
/0/100/1e/1 communication HSF 56k Data/Fax Modem
/0/100/1f bridge 82801IR (ICH9R) LPC Interface
/0/100/1f.2 scsi0 storage 82801IR/IO/IH (ICH9R/DO/DH) 4
/0/100/1f.2/0 /dev/sda disk 120GB SSD2SC120G1CS175
/0/100/1f.2/0/1 /dev/sda1 volume 111GiB EXT4 volume
/0/100/1f.2/1 /dev/cdrom disk DVD+-RW GSA-H73N
/0/100/1f.3 bus 82801I (ICH9 Family) SMBus Con
/0/100/1f.5 scsi3 storage 82801I (ICH9 Family) 2 port SA
/0/100/1f.5/0.0.0 /dev/sdb disk 500GB SAMSUNG HE502HJ
/0/100/1f.5/0.0.0/1 /dev/sdb1 volume 433GiB EXT4 volume
/0/3 system PnP device PNP0c02
/0/5 system PnP device PNP0b00
/0/6 storage PnP device PNP0700
/0/7 system PnP device PNP0c02
/0/8 system PnP device PNP0c02
/0/9 system PnP device PNP0c01
```
Run a command like this to list device classes and count how many devices are in each class.
```
$ sudo lshw -short | awk {print substr($0,36,13)} | tail -n +3 | sort | uniq -c
4 bridge
18 bus
1 communication
7 disk
1 display
12 generic
2 input
8 memory
3 multimedia
1 network
1 processor
4 storage
6 system
2 volume
```
**NOTE:** The **awk** command selects the Class column from the **lshw** output using $0 (complete lines), but taking only the substrings that start in the correct place (column 36). None of the class entries have more than 13 letters so the substring ends there. The **tail -n +3** part of the command drops the heading and the “=====” line beneath it, so only the 14 device classes are included in the final listing.
One thing youll notice is that we get approximately 12 lines of output for each device in the disk class when we dont use the **-short** option. We see the logical names, such as **/dev/sda**, disk sizes and types, etc.
```
$ sudo lshw -C disk
[sudo] password for shs:
*-disk:0
description: SCSI Disk
product: Card Reader-1  card reader?
vendor: JIE LI
physical id: 0.0.0
bus info: scsi@4:0.0.0
logical name: /dev/sdc
version: 1.00
capabilities: removable
configuration: logicalsectorsize=512 sectorsize=512
*-medium
physical id: 0
logical name: /dev/sdc
*-disk:1
description: SCSI Disk
product: 2
vendor: AC4100 -
physical id: 0.0.1
bus info: scsi@4:0.0.1
logical name: /dev/sdd
capabilities: removable
configuration: logicalsectorsize=512 sectorsize=512
*-medium
physical id: 0
logical name: /dev/sdd
*-disk
description: ATA Disk
product: SSD2SC120G1CS175
physical id: 0
bus info: scsi@0:0.0.0
logical name: /dev/sda  main system disk
version: 1101
serial: PNY20150000778410606
size: 111GiB (120GB)
capabilities: partitioned partitioned:dos
configuration: ansiversion=5 logicalsectorsize=512 sectorsize=512 signature=f63b5929
*-cdrom  aka /dev/sr0
description: DVD writer
product: DVD+-RW GSA-H73N
vendor: HL-DT-ST
physical id: 1
bus info: scsi@1:0.0.0
logical name: /dev/cdrom
logical name: /dev/cdrw
logical name: /dev/dvd
logical name: /dev/dvdrw
logical name: /dev/sr0
version: B103
serial: [
capabilities: removable audio cd-r cd-rw dvd dvd-r
configuration: ansiversion=5 status=nodisc
*-disk
description: ATA Disk
product: SAMSUNG HE502HJ
physical id: 0.0.0
bus info: scsi@3:0.0.0
logical name: /dev/sdb  secondary disk
version: 0002
serial: S2B6J90B501053
size: 465GiB (500GB)
capabilities: partitioned partitioned:dos
configuration: ansiversion=5 logicalsectorsize=512 sectorsize=512 signature=7e67ccf3
```
### Wrap-up
The **lshw** command provides details that many of us wont normally deal with. Still, its nice to know how much information is available even if you only use a portion of it.
Join the Network World communities on [Facebook][1] and [LinkedIn][2] to comment on topics that are top of mind.
--------------------------------------------------------------------------------
via: https://www.networkworld.com/article/3583598/how-to-view-information-on-your-linux-devices-with-lshw.html
作者:[Sandra Henry-Stocker][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.networkworld.com/author/Sandra-Henry_Stocker/
[b]: https://github.com/lujun9972
[1]: https://www.facebook.com/NetworkWorld/
[2]: https://www.linkedin.com/company/network-world

119
sources/tech/20200929 Drawing is an Open Source MS-Paint Type of App for Linux Desktop.md Normal file
View File

@ -0,0 +1,119 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Drawing is an Open Source MS-Paint Type of App for Linux Desktop)
[#]: via: (https://itsfoss.com/drawing-app/)
[#]: author: (Abhishek Prakash https://itsfoss.com/author/abhishek/)
Drawing is an Open Source MS-Paint Type of App for Linux Desktop
======
_**Brief: Drawing is a basic image editor like Microsoft Paint. With this open source application, you can draw arrows, lines, geometrical shapes, add colors and other stuff you expect to do in a regular drawing application.**_
### Drawing: A simple drawing application for Linux
![][1]
For people introduced to computers with Windows XP (or earlier version), MS Paint was an amusing application from sketching random stuff. In a world dominated with Photoshop and GIMP, the paint applications still hold some relevance.
There are several [painting applications available for Linux][2], and I am going to add one more to this list.
The app is unsurprisingly called [Drawing][3] and you can use it on both Linux desktop and Linux smartphones.
### Features of Drawing app
![][4]
Drawing has all the features you expect from a drawing application. You can
* Create new drawings from scratch
* Edit an existing image in PNG, JPEG or BMP file
* Add geometrical shapes, lines, arrows etc
* Dashed
* Use pencil tool for free-hand drawing
* Use curve and shape tool
* Crop images
* Scale images to different pixel size
* Add text
* Select part of image (rectangle, freehand and color selection)
* Rotate images
* Add images copied to clipboard
* Eraser, Highlighter, Paint, Color Selection, Color Picker tools are available in preferences
* Unlimited undo
* Filters to add blur, pixelisation, transparency etc
### My experience with Drawing
![][5]
The application is new and has a decent user interface. It comes with all the basic features you expect to find in a standard paint app.
It has some additional tools like color selection and color picker but it might be confusing to use them. There is no documentation available to describe the use of these tools to you are on your own here.
The experience is smooth and I feel that this tool has good potential to replace Shutter as image editing tool (yes, I [use Shutter for editing screenshots][6]).
The thing that I find most bothersome is that it is not possible to edit/modify an element after adding it. You have the undo and redo options but if you want to modify a text you added 12 steps back, youll have to redo all the steps. This is something the developer may look into it in the future releases.
### Installing Drawing on Linux
This is a Linux exclusive app. It is also available for Linux-based smartphones like [PinePhone][7].
There are various ways you can install Drawing app. It is available in the repositories of many major Linux distributions.
#### Ubuntu-based distributions
Drawing is included in the universe repository in Ubuntu. Which means you can install it from the Ubuntu Software Center.
However, if you want the latest version, there is a [PPA available][8] for easily installing Drawing on Ubuntu. Linux Mint and other Ubuntu-based distributions.
Use the following command:
```
sudo add-apt-repository ppa:cartes/drawing
sudo apt update
sudo apt install drawing
```
If you want to remove it, you can use the following commands:
```
sudo apt remove drawing
sudo add-apt-repository -r ppa:cartes/drawing
```
#### Other Linux distributions
Check your distributions package manager for Drawing and install it from there. If you want the latest version, you may use the Flatpak version of the app.
[Drawing Flatpak][9]
**Conclusion**
Do you still use a paint application? Which one do you use? If you have tried Drawing app already, how is your experience with it?
--------------------------------------------------------------------------------
via: https://itsfoss.com/drawing-app/
作者:[Abhishek Prakash][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://itsfoss.com/author/abhishek/
[b]: https://github.com/lujun9972
[1]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2020/09/drawing-app-interface.jpg?resize=789%2C449&ssl=1
[2]: https://itsfoss.com/open-source-paint-apps/
[3]: https://maoschanz.github.io/drawing/
[4]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2020/09/drawing-screenshot.jpg?resize=800%2C489&ssl=1
[5]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2020/09/using-drawing-app-linux.png?resize=787%2C473&ssl=1
[6]: https://itsfoss.com/install-shutter-ubuntu/
[7]: https://itsfoss.com/pinephone/
[8]: https://launchpad.net/~cartes/+archive/ubuntu/drawing
[9]: https://flathub.org/apps/details/com.github.maoschanz.drawing

216
translated/tech/20200810 How to read Lynis reports to improve Linux security.md Normal file
View File

@ -0,0 +1,216 @@
[#]: collector: (lujun9972)
[#]: translator: (wxy)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (How to read Lynis reports to improve Linux security)
[#]: via: (https://opensource.com/article/20/8/linux-lynis-security)
[#]: author: (Alan Formy-Duval https://opensource.com/users/alanfdoss)
如何阅读 Lynis 报告提高 Linux 安全性
======
> 使用 Lynis 的扫描和报告来发现和修复 Linux 安全问题。
![锁定][1]
当我读到 Gaurav Kamathe 的文章《[用 Lynis 扫描你的 Linux 安全性][2]>时,让我想起了我在美国劳工部担任系统管理员的日子。我的职责之一是保证我们的 Unix 服务器的安全。每个季度,都会有一个独立的核查员来审查我们服务器的安全状态。每次在核查员预定到达的那一天,我都会运行 Security Readiness ReviewSRR这是一个扫描工具它使用一大套脚本来识别和报告任何安全线索。SRR 是开源的,因此我可以查看所有源码脚本及其功能。这使我能够查看代码,确定具体是什么问题,并迅速修复它发现的每个问题。
### 什么是 Lynis
[Lynis][3] 是一个开源的安全审计工具,它的工作原理和 SRR 很像,它会扫描 Linux 系统,并提供关于它发现的任何弱点的详细报告。同样和 SRR 一样,它也是由一大套脚本组成的,每个脚本都会检查一个特定的项目,例如,最小和最大密码时间要求。
运行 Lynis 后,你可以使用它的报告来定位每个项目的脚本,并了解 Lynis 是如何检查和报告每个问题的。你也可以使用相同的脚本代码来创建新的代码来自动解决。
### 如何阅读 Lynis 报告
由于 Gaurav 的文章介绍了 Lynis 的安装和使用,在本文中,我将展示一些如何阅读和使用其报告的例子。
请从运行一次审计开始:
```
# lynis audit system --quick
```
完成后完整的报告将显示在你的屏幕上。在底部“Suggestions” 部分列出了所有可能需要修复以更好地加固系统的项目,以及每个项目的 TEST-ID。
要想加固系统并减少列表的大小,请开始解决每个项目。在 “Suggestions” 部分的描述可能包含了你需要采取的全部行动。如果没有,你可以使用 `show details` 命令。
```
# lynis show details TEST-ID
```
例如,在我的系统中,有一条建议是:
> 找不到 `locate` 所需的数据库,运行 `updatedb``locate.updatedb` 来创建这个文件。[FILE-6410]
看起来我只需要运行 `updatedb` 命令就行,但如果我想确定一下,我可以使用 Lynis 的 `show details` 选项。
```
# lynis show details FILE-6410
2020-06-16 20:54:33 Performing test ID FILE-6410 (Checking Locate database)
2020-06-16 20:54:33 Test: Checking locate database
2020-06-16 20:54:33 Result: file /var/lib/mlocate/mlocate.db not found
2020-06-16 20:54:33 Result: file /var/lib/locate/locatedb not found
2020-06-16 20:54:33 Result: file /var/lib/locatedb not found
2020-06-16 20:54:33 Result: file /var/lib/slocate/slocate.db not found
2020-06-16 20:54:33 Result: file /var/cache/locate/locatedb not found
2020-06-16 20:54:33 Result: file /var/db/locate.database not found
2020-06-16 20:54:33 Result: database not found
2020-06-16 20:54:33 Suggestion: The database required for 'locate' could not be found. Run 'updatedb' or 'locate.updatedb' to create this file. [test:FILE-6410] [details:-] [solution:-]
2020-06-16 20:54:33 ====
```
这些细节表明 Lynis 无法找到各种文件。这个情况非常清楚。我可以运行 `updatedb` 命令,重新检查这个测试。
```
# updatedb
# lynis --tests FILE-6410
```
然后,重新检查细节时,会显示它发现哪个文件满足了测试:
```
# lynis show details FILE-6410
2020-06-16 21:38:40 Performing test ID FILE-6410 (Checking Locate database)
2020-06-16 21:38:40 Test: Checking locate database
2020-06-16 21:38:40 Result: locate database found (/var/lib/mlocate/mlocate.db)
2020-06-16 21:38:40 Result: file /var/lib/locate/locatedb not found
2020-06-16 21:38:40 Result: file /var/lib/locatedb not found
2020-06-16 21:38:40 Result: file /var/lib/slocate/slocate.db not found
2020-06-16 21:38:40 Result: file /var/cache/locate/locatedb not found
2020-06-16 21:38:40 Result: file /var/db/locate.database not found
2020-06-16 21:38:40 ====
```
### 深入挖掘
Lynis 的许多建议并不像这个建议那样直接。如果你不确定某个发现或建议指的是什么,就很难知道如何解决问题。假设你在一个新的 Linux 服务器上运行 Lynis有几项与 SSH 守护进程有关的内容,其中一项是关于 `MaxAuthTries` 的设置:
```
* Consider hardening SSH configuration [SSH-7408]
    - Details  : MaxAuthTries (6 --&gt; 3)
      <https://cisofy.com/lynis/controls/SSH-7408/>
```
要解决这个问题,你需要知道 SSH 配置文件的位置。一个经验丰富的 Linux 管理员可能已经知道在哪里找到它们,但如果你不知道,有一个方法可以看到 Lynis 在哪里找到它们。
#### 定位 Lynis 测试脚本
Lynis 支持多种操作系统,因此你的安装位置可能有所不同。在 Red Hat Enterprise Linux 或 Fedora Linux 系统中,使用 `rpm` 命令来查找测试文件:
```
# rpm -ql lynis
```
这将列出所有测试文件,并报告它们在 `lynis/include` 目录下的位置。在这个目录下搜索你想知道的 TEST-ID本例中为 SSH-7408
```
# grep SSH-7408 /usr/share/lynis/include/*
/usr/share/lynis/include/tests_ssh:    # Test        : SSH-7408
```
#### 查找 SSH 问题
名为 `tests_ssh` 的文件中包含了 TEST-ID在这里可以找到与 SSH 相关的扫描函数。看看这个文件,就可以看到 Lynis 扫描器调用的各种函数。第一部分在一个名为 `SSH_DAEMON_CONFIG_LOCS` 的变量中定义了一个目录列表。下面几节负责检查 SSH 守护进程的状态、定位它的配置文件,并识别它的版本。我在 SSH-7404 测试中找到了查找配置文件的代码,描述为 “确定 SSH 守护进程配置文件位置”。这段代码包含一个 `for` 循环,在列表中的项目中搜索一个名为 `sshd_config` 的文件。我可以用这个逻辑来做自己的搜索:
```
# find /etc /etc/ssh /usr/local/etc/ssh /opt/csw/etc/ssh -name sshd_config
/etc/ssh/sshd_config
/etc/ssh/sshd_config
find: /usr/local/etc/ssh: No such file or directory
find: /opt/csw/etc/ssh: No such file or directory
```
进一步探索这个文件,就会发现寻找 SSH-7408 的相关代码。这个测试涵盖了 `MaxAuthTries` 和其他一些设置。现在我可以在 SSH 配置文件中找到该变量:
```
# grep MaxAuthTries /etc/ssh/sshd_config
#MaxAuthTries 6
```
#### 修复法律横幅问题
Lynis 还报告了一个与登录系统时显示的法律横幅有关的发现。在我的家庭桌面系统上(我不希望有很多其他人登录),我没有去改变默认的 `issue` 文件。企业或政府的系统很可能被要求包含一个法律横幅以警告用户他们的登录和活动可能被记录和监控。Lynis 用 BANN-7126 测试和 BANN-7130 测试报告了这一点:
```
* Add a legal banner to /etc/issue, to warn unauthorized users [BANN-7126]
https://cisofy.com/lynis/controls/BANN-7126/
* Add legal banner to /etc/issue.net, to warn unauthorized users [BANN-7130]
https://cisofy.com/lynis/controls/BANN-7130/
```
我在运行 Fedora 32 工作站的系统上没有发现什么:
```
# cat /etc/issue /etc/issue.net
\S
Kernel \r on an \m (\l)
\S
Kernel \r on an \m (\l)
```
我可以添加一些诸如 “keep out” 或 “don't break anything” 之类的内容,但测试的描述并没有提供足够的信息来解决这个问题,所以我又看了看 Lynis 的脚本。我注意到 `include` 目录下有一个叫 `tests_banners` 的文件;这似乎是一个很好的地方。在 `grep` 的帮助下,我看到了相关的测试:
```
# grep -E 'BANN-7126|BANN-7130' /usr/share/lynis/include/tests_banners
    # Test        : BANN-7126
    Register --test-no BANN-7126 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check issue banner file contents"
    # Test        : BANN-7130
    Register --test-no BANN-7130 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check issue.net banner file contents"
```
在检查了测试文件中的相关代码后,我发现这两个测试都是通过一个 `for` 循环来迭代一些预定义的法律术语:
```
for ITEM in ${LEGAL_BANNER_STRINGS}; do
```
这些法律术语存储在文件顶部定义的变量 `LEGAL_BANNER_STRINGS` 中。向后滚动到顶部可以看到完整的清单:”
```
LEGAL_BANNER_STRINGS="audit access authori condition connect consent continu criminal enforce evidence forbidden intrusion law legal legislat log monitor owner penal policy policies privacy private prohibited record restricted secure subject system terms warning"
```
我最初的建议“keep out” 或 “don't break anything”不会满足这个测试因为它们不包含这个列表中的任何单词。
下面这条横幅信息包含了几个必要的词,因此,它将满足这个测试,并防止 Lynis 报告它:
> Attention, by continuing to connect to this system, you consent to the owner storing a log of all activity. Unauthorized access is prohibited.
请注意,这条信息必须被添加到 `/etc/issue``/etc/issue.net` 中。
### 使其可重复
你可以手动进行这些编辑,但你可能要考虑自动化。例如,可能有许多设置需要更改,或者你可能需要在许多服务器上定期进行这些编辑。创建一个加固脚本将是简化这个过程的好方法。对于 SSH 配置,在你的加固脚本中的一些 `sed` 命令可以解决这些发现。或者,你可以使用 `echo` 语句来添加合法的横幅。
```
sed -i '/MaxAuthTries/s/#MaxAuthTries 6/MaxAuthTries 3/' /etc/ssh/sshd_config
echo "Legal Banner" | tee -a /etc/issue /etc/issue.net
```
自动化使你能够创建一个可重复的脚本,可以在你的基础设施中保存和管理。你也可以在你的初始服务器配置中加入这个脚本。
### 加固你的系统
这种类型的练习可以提高你的脚本技能,既可以跟着现有的代码走,也可以写自己的脚本。因为 Lynis 是开源的,所以你可以很容易地看到你的系统是如何被检查的,以及它的报告意味着什么。最终的结果将是一个完善的系统,你可以在审计人员来的时候随时向他们炫耀。
--------------------------------------------------------------------------------
via: https://opensource.com/article/20/8/linux-lynis-security
作者:[Alan Formy-Duval][a]
选题:[lujun9972][b]
译者:[wxy](https://github.com/wxy)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/alanfdoss
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/security-lock-password.jpg?itok=KJMdkKum (Lock)
[2]: https://opensource.com/article/20/5/linux-security-lynis
[3]: https://github.com/CISOfy/lynis

217
translated/tech/20200907 Program hardware from the Linux command line.md Normal file
View File

@ -0,0 +1,217 @@
[#]: collector: (lujun9972)
[#]: translator: (wxy)
[#]: reviewer: (wxy)
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Program hardware from the Linux command line)
[#]: via: (https://opensource.com/article/20/9/hardware-command-line)
[#]: author: (Alan Smithee https://opensource.com/users/alansmithee)
使用 RT-Thread 的 FinSH 对硬件进行编程
======
> 由于物联网IoT的兴起对硬件进行编程变得越来越普遍。RT-Thread 可以让你可以用 FinSH 从 Linux 命令行与设备进行沟通、
![命令行提示][1]
RT-Thread 是一个开源的[实时操作系统][2]用于对物联网IoT设备进行编程。FinSH 是 [RT-Thread][3] 的命令行组件,它提供了一套操作界面,使用户可以从命令行与设备进行沟通。它主要用于调试或查看系统信息。
通常情况下,开发调试使用硬件调试器和 `printf` 日志来显示。但在某些情况下,这两种方法并不是很有用,因为它是从运行的内容中抽象出来的,而且它们可能很难解析。不过 RT-Thread 是一个多线程系统,当你想知道一个正在运行的线程的状态,或者手动控制系统的当前状态时,这很有帮助。因为它是多线程的,所以你能够拥有一个交互式的 shell你可以直接在设备上输入命令、调用函数来获取你需要的信息或者控制程序的行为。如果你只习惯于 Linux 或 BSD 等现代操作系统,这在你看来可能很普通,但对于硬件黑客来说,这是极其奢侈的,远超将串行电缆直接连线到电路板上以获取一丝错误的做法。
FinSH 有两种模式。
* C 语言解释器模式,称为 c-style。
* 传统的命令行模式,称为 msh模块 shell
在 C 语言解释器模式下FinSH 可以解析执行大部分 C 语言的表达式,并使用函数调用访问系统上的函数和全局变量。它还可以从命令行创建变量。
在 msh 模式下FinSH 的操作与 Bash 等传统 shell 类似。
### GNU 命令标准
当我们在开发 FinSH 时,我们了解到,在编写命令行应用程序之前,你需要熟悉 GNU 命令行标准。这个标准实践的框架有助于给界面带入熟悉感,这有助于开发人员在使用时感到舒适和高效。
一个完整的 GNU 命令主要由四个部分组成。
1. 命令名(可执行文件):命令行程序的名称;
2. 子命令:命令程序的子函数名称。
3. 选项:子命令函数的配置选项。
4. 参数:子命令函数配置选项的相应参数。
你可以在任何命令中看到这一点。以 Git 为例:
```
git reset --hard HEAD~1
```
这一点可以分解为:
![GNU command line standards][4]
可执行的命令是 `git`,子命令是 `reset`,使用的选项是 `--head`,参数是 `HEAD~1`
再举个例子:
```
systemctl enable --now firewalld
```
可执行的命令是 `systemctl`,子命令是 `enable`,选项是 `--now`,参数是 `firewalld`
想象一下,你想用 RT-Thread 编写一个符合 GNU 标准的命令行程序。FinSH 拥有你所需要的一切,并且会按照预期运行你的代码。更棒的是,你可以依靠这种合规性,让你可以自信地移植你最喜欢的 Linux 程序。
### 编写一个优雅的命令行程序
下面是一个 RT-Thread 运行命令的例子RT-Thread 开发人员每天都在使用这个命令:
```
usage: env.py package [-h] [--force-update] [--update] [--list] [--wizard]
                      [--upgrade] [--printenv]
optional arguments:
  -h, --help      show this help message and exit
  --force-update  force update and clean packages, install or remove the
                  packages by your settings in menuconfig
  --update        update packages, install or remove the packages by your
                  settings in menuconfig
  --list          list target packages
  --wizard        create a new package with wizard
  --upgrade       upgrade local packages list and ENV scripts from git repo
  --printenv      print environmental variables to check
```
正如你所看到的那样,它看起来很熟悉,行为就像你可能已经在 Linux 或 BSD 上运行的大多数 POSIX 应用程序一样。当使用不正确或不充分的语法时,它会提供帮助,它支持长选项和短选项。这种通用的用户界面对于任何使用过 Unix 终端的人来说都是熟悉的。
### 选项种类
选项的种类很多,按长短可分为两大类。
1. 短选项:由一个连字符加一个字母组成,如 `pkgs -h` 中的 `-h` 选项。
2. 长选项:由两个连字符加上单词或字母组成,例如,`scons- --target-mdk5` 中的 `--target` 选项。
你可以把这些选项分为三类,由它们是否有参数来决定。
1. 没有参数:该选项后面不能有参数。
2. 参数必选:选项后面必须有参数。
3. 参数可选:选项后可以有参数,但不是必需的。
正如你对大多数 Linux 命令的期望FinSH 的选项解析非常灵活。它可以根据空格或等号作为定界符来区分一个选项和一个参数,或者仅仅通过提取选项本身并假设后面的内容是参数(换句话说,完全没有定界符)。
* `wavplay -v 50`
* `wavplay -v50`
* `wavplay --vol=50`
### 使用 optparse
如果你曾经写过命令行程序,你可能会知道,一般来说,你所选择的语言有一个叫做 optparse 的库或模块。它是提供给程序员的,所以作为命令的一部分输入的选项(比如 `-v``--verbose`)可以与命令的其他部分进行*解析*。这可以帮助你的代码从一个子命令或参数中获取一个选项。
当为 FinSH 编写一个命令时,`optparse` 包希望使用这种格式:
```
MSH_CMD_EXPORT_ALIAS(pkgs, pkgs, this is test cmd.);
```
你可以使用长形式或短形式,或者同时使用两种形式来实现选项。例如:
```
static struct optparse_long long_opts[] =
{
    {"help"        , 'h', OPTPARSE_NONE}, // Long command: help, corresponding to short command h, without arguments.
    {"force-update",  0 , OPTPARSE_NONE}, // Long comman: force-update, without arguments
    {"update"      ,  0 , OPTPARSE_NONE},
    {"list"        ,  0 , OPTPARSE_NONE},
    {"wizard"      ,  0 , OPTPARSE_NONE},
    {"upgrade"     ,  0 , OPTPARSE_NONE},
    {"printenv"    ,  0 , OPTPARSE_NONE},
    { NULL         ,  0 , OPTPARSE_NONE}
};
```
创建完选项后,写出每个选项及其参数的命令和说明:
```
static void usage(void)
{
    rt_kprintf("usage: env.py package [-h] [--force-update] [--update] [--list] [--wizard]\n");
    rt_kprintf("                      [--upgrade] [--printenv]\n\n");
    rt_kprintf("optional arguments:\n");
    rt_kprintf("  -h, --help      show this help message and exit\n");
    rt_kprintf("  --force-update  force update and clean packages, install or remove the\n");
    rt_kprintf("                  packages by your settings in menuconfig\n");
    rt_kprintf("  --update        update packages, install or remove the packages by your\n");
    rt_kprintf("                  settings in menuconfig\n");
    rt_kprintf("  --list          list target packages\n");
    rt_kprintf("  --wizard        create a new package with wizard\n");
    rt_kprintf("  --upgrade       upgrade local packages list and ENV scripts from git repo\n");
    rt_kprintf("  --printenv      print environmental variables to check\n");
}
```
下一步是解析。虽然你还没有实现它的功能,但解析后的代码框架是一样的:
```
int pkgs(int argc, char **argv)
{
int ch;
int option_index;
struct optparse options;
if(argc == 1)
{
usage();
return RT_EOK;
}
optparse_init(&options, argv);
while((ch = optparse_long(&options, long_opts, &option_index)) != -1)
{
ch = ch;
rt_kprintf("\n");
rt_kprintf("optopt = %c\n", options.optopt);
rt_kprintf("optarg = %s\n", options.optarg);
rt_kprintf("optind = %d\n", options.optind);
rt_kprintf("option_index = %d\n", option_index);
}
rt_kprintf("\n");
return RT_EOK;
}
```
这里是函数头文件:
```
#include "optparse.h"
#include "finsh.h"
```
然后,编译并下载到设备上。
![Output][6]
### 硬件黑客
对硬件进行编程似乎很吓人,但随着物联网的发展,它变得越来越普遍。并不是所有的东西都可以或者应该在树莓派上运行,但在 RT-ThreadFinSH 可以让你保持熟悉的 Linux 感觉。
如果你对在裸机上编码感到好奇,不妨试试 RT-Thread。
--------------------------------------------------------------------------------
via: https://opensource.com/article/20/9/hardware-command-line
作者:[Alan Smithee][a]
选题:[lujun9972][b]
译者:[wxy](https://github.com/wxy)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/alansmithee
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/command_line_prompt.png?itok=wbGiJ_yg (Command line prompt)
[2]: https://opensource.com/article/20/6/open-source-rtos
[3]: https://github.com/RT-Thread/rt-thread
[4]: https://opensource.com/sites/default/files/uploads/command-line-apps_2.png (GNU command line standards)
[5]: https://creativecommons.org/licenses/by-sa/4.0/
[6]: https://opensource.com/sites/default/files/uploads/command-line-apps_3.png (Output)

140
translated/tech/20200921 Installing and running Vagrant using qemu-kvm.md Normal file
View File

@ -0,0 +1,140 @@
[#]: collector: (lujun9972)
[#]: translator: (geekpi)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Installing and running Vagrant using qemu-kvm)
[#]: via: (https://fedoramagazine.org/vagrant-qemukvm-fedora-devops-sysadmin/)
[#]: author: (Andy Mott https://fedoramagazine.org/author/amott/)
使用 qemu-kvm 安装和运行 Vagrant
======
![][1]
Vagrant 是一个出色的工具,被 DevOps 专业人员、程序员、系统管理员和普通极客来使用它来建立可复制的基础架构来进行开发和测试。来自它们的网站:
> Vagrant 是用于在单工作流程中构建和管理虚拟机环境的工具。凭借简单易用的工作流程和对自动化的关注Vagrant 降低了开发环境的设置时间,提高了生产效率,并使”在我的机器上工作“的借口成为过去。
>
> 如果你已经熟悉 Vagrant 的基础知识,那么文档为所有的功能和内部结构提供了更好的参考。
>
> Vagrant 提供了易于配置、可复制、可移植的工作环境,它建立在行业标准技术之上,并由一个统一的工作流程控制,帮助你和你的团队最大限度地提高生产力和灵活性。
>
> <https://www.vagrantup.com/intro>
本指南将通过必要的步骤,让 Vagrant 在基于 Fedora 的机器上工作。
我从最小化安装 Fedora Server 开始,因为这样可以减少主机操作系统的内存占用,但如果你已经有一台可以使用的 Fedora 机器,无论是服务器还是工作站,那么也没问题。
### 检查机器是否支持虚拟化:
```
$ sudo lscpu | grep Virtualization
Virtualization: VT-x
Virtualization type: full
```
### 安装 qemu-kvm
```
sudo dnf install qemu-kvm libvirt libguestfs-tools virt-install rsync
```
### 启用并启动 libvirt 守护进程:
```
sudo systemctl enable --now libvirtd
```
### 安装 Vagrant
```
sudo dnf install vagrant
```
### 安装 Vagrant libvirtd 插件:
```
sudo vagrant plugin install vagrant-libvirt
```
### 添加一个 box
```
vagrant box add fedora/32-cloud-base --provider=libvirt
```
### 创建一个最小的 Vagrantfile 来测试:
```
$ mkdir vagrant-test
$ cd vagrant-test
$ vi VagrantfileVagrant.configure("2") do |config|
config.vm.box = "fedora/32-cloud-base"
end
```
**注意文件名和文件内容的大写。**
### 检查文件:
```
vagrant statusCurrent machine states:
default not created (libvirt)
The Libvirt domain is not created. Run 'vagrant up' to create it.
```
### 启动 box
```
vagrant up
```
### 连接到你的新机器:
```
vagrant ssh
```
完成了。现在你的 Fedora 机器上有 Vagrant 在工作。
要停止机器,请使用 _vagrant halt_。这只是简单地停止机器,但保留虚拟机和磁盘。
要关闭并删除它,请使用 _vagrant destroy_。这将删除整个机器和你在其中所做的任何更改。
### 接下来的步骤
在运行 _vagrant up_ 命令之前,你不需要下载 box。你可以直接在 Vagrantfile 中指定 box 和提供者如果还没有的话Vagrant 会下载它。下面是一个例子,它还设置了内存量和 CPU 数量:
```
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure("2") do |config|
config.vm.box = "fedora/32-cloud-base"
config.vm.provider :libvirt do |libvirt|
libvirt.cpus = 1
libvirt.memory = 1024
end
end
```
关于使用 Vagrant、创建你自己的机器和使用不同 box 的更多信息,请参见官方文档 <https://www.vagrantup.com/docs>
有一个庞大的仓库,你可以随时下载使用这些 box它们的的官方仓库是 Vagrant Cloud - <https://app.vagrantup.com/boxes/search>。这里有些是基本的操作系统,有些提供完整的功能,如数据库、网络服务器等。
--------------------------------------------------------------------------------
via: https://fedoramagazine.org/vagrant-qemukvm-fedora-devops-sysadmin/
作者:[Andy Mott][a]
选题:[lujun9972][b]
译者:[geekpi](https://github.com/geekpi)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://fedoramagazine.org/author/amott/
[b]: https://github.com/lujun9972
[1]: https://fedoramagazine.org/wp-content/uploads/2020/09/vagrant-beginner-howto-816x346.png

214
translated/tech/20200926 10 Open Source Static Site Generators to Create Fast and Resource-Friendly Websites.md Normal file
View File

@ -0,0 +1,214 @@
[#]: collector: "lujun9972"
[#]: translator: "lxbwolf"
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
[#]: subject: "10 Open Source Static Site Generators to Create Fast and Resource-Friendly Websites"
[#]: via: "https://itsfoss.com/open-source-static-site-generators/"
[#]: author: "Ankush Das https://itsfoss.com/author/ankush/"
10 个用来创建快速和资源友好网站的静态网站生成工具
======
_**摘要:在寻找部署静态网页的方法吗?这几个开源的静态网站生成工具可以帮你迅速部署界面优美、功能强大的静态网站,无需掌握复杂的 HTML 和 CSS 技能。**_
### 静态网站是什么?
技术上来讲一个静态网站的网页不是由服务器动态生成的。HTML、CSS 和 JavaScript 文件就静静地躺在服务器的某个路径下,它们的内容与终端用户接收到时看到的是一样的。源码文件已经提前编译好了,源码在每次请求后都不会变化。
Its FOSS 是一个依赖多个数据库的动态网站,网页是在你的浏览器发出请求时即时生成和服务的。大部分网站是动态的,你与这些网站互动时,会有大量的内容在变化。
静态网站有一些好处,比如加载时间更短,请求的服务器资源更少,更安全(有争议?)。
传统意义上,静态网站更适合于创建只有少量网页、内容变化不频繁的小网站。
然而,当静态网站生成工具出现后,静态网站的适用范围越来越大。你还可以使用这些工具搭建博客网站。
我列出了几个开源的静态网站生成工具,这些工具可以帮你搭建界面优美的网站。
### 最好的开源静态网站生成工具
请注意,静态网站不会提供很复杂的功能。如果你需要复杂的功能,那么你可以参考适用于动态网站的[最好的开源 CMS][1]列表
#### 1\. Jekyll
![][2]
Jekyll 是用 [Ruby][3] 写的最受欢迎的开源静态生成工具之一。实际上Jekyll 是 [GitHub 页面][4] 的引擎,它可以让你免费用 GitHub 维护自己的网站。
你可以很轻松地跨平台配置 Jekyll包括 Ubuntu。它利用 [Markdown][5]、[Liquid][5]模板语言、HTML 和 CSS 来生成静态的网页文件。如果你要搭建一个没有广告或推广自己工具或服务的产品页的博客网站,它是个不错的选择。
它还支持从常见的 CMS<ruby>内容管理系统<rt>Content management system</rt></ruby>)如 Ghost、WordPress、Drupal 7 迁移你的博客。你可以管理永久链接、类别、页面、文章还可以自定义布局这些功能都很强大。因此即使你已经有了一个网站如果你想转成静态网站Jekyll 会是一个完美的解决方案。你可以参考[官方文档][6]或 [GitHub 页面][7]了解更多内容。
[Jekyll][8]
#### 2\. Hugo
![][9]
Hugo 是另一个很受欢迎的用于搭建静态网站的开源框架。它是用 [Go 语言][10]写的。
它运行速度快使用简单可靠性高。如果你需要它也可以提供更高级的主题。它还提供了能提高你效率的实用快捷键。无论是组合展示网站还是博客网站Hogo 都有能力管理大量的内容类型。
如果你想使用 Hugo你可以参照它的[官方文档][11]或它的 [GitHub 页面][12]来安装以及了解更多相关的使用方法。你还可以用 Hugo 在 GitHub 页面或 CDN如果有需要部署网站。
[Hugo][13]
#### 3\. Hexo
![][14]
Hexo 基于 [Node.js][15] 的一个有趣的开源框架。像其他的工具一样,你可以用它搭建相当快速的网站,不仅如此,它还提供了丰富的主题和插件。
它还根据用户的每个需求提供了强大的 API 来扩展功能。如果你已经有一个网站,你可以用它的[迁移][16]扩展轻松完成迁移工作。
你可以参照[官方文档][17]或 [GitHub 页面][18] 来使用 Hexo。
[Hexo][19]
#### 4\. Gatsby
![][20]
Gatsby 是一个不断发展的流行开源网站生成框架。它使用 [React.js][21] 来生成快速、界面优美的网站。
几年前在一个实验性的项目中,我曾经非常想尝试一下这个工具,它提供的成千上万的新插件和主题的能力让我印象深刻。与其他静态网站生成工具不同的是,你可以用 Gatsby 在不损失任何功能的前提下来生成静态网站。
它提供了与很多流行的服务的整合功能。当然,你可以不使用它的复杂的功能,或选择一个流行的 CMS 与它配合使用,这也会很有趣。你可以查看他们的[官方文档][22]或它的 [GitHub 页面][23]了解更多内容。
[Gatsby][24]
#### 5\. VuePress
![][25]
VuePress 是基于 [Vue.js][26] 的静态网站生成工具,同时也是开源的渐进式 JavaScript 框架。
如果你了解 HTML、CSS 和 JavaScript那么你可以无压力地使用 VuePress。如果你想在搭建网站时抢先别人一步那么你应该找几个有用的插件和主题。此外看起来 Vue.js 更新地一直很活跃,很多开发者都在关注 Vue.js这是一件好事。
你可以参照他们的[官方文档][27]和 [GitHub 页面][28]了解更多。
[VuePress][29]
#### 6\. Nuxt.js
![][30]
Nuxt.js 使用 Vue.js 和 Node.js但它致力于模块化并且有能力依赖服务端而非客户端。不仅如此它还志在通过描述详尽的错误和其他方面更详细的文档来为开发者提供直观的体验。
正如它声称的那样在你用来搭建静态网站的所有工具中Nuxt.js 在功能和灵活性两个方面都是佼佼者。他们还提供了一个 [Nuxt 线上沙盒][31]让你直接测试。
你可以查看它的 [GitHub 页面][32]和[官方网站][33]了解更多。
#### 7\. Docusaurus
![][34]
Docusaurus 是一个为搭建文档类网站量身定制的有趣的开源静态网站生成工具。它还是 [Facebook 开源计划][35]的一个项目。
Docusaurus 是用 React 构建的。你可以使用所有必要的功能,像文档版本管理、文档搜索,还有大部分已经预先配置好的翻译。如果你想为你的产品或服务搭建一个文档网站,那么可以试试 Docusaurus。
你可以从它的 [GitHub 页面][36]和它的[官网][37]获取更多信息。
[Docusaurus][37]
#### 8\. Eleventy
![][38]
Eleventy 自称是 Jekyll 的替代品,志在为创建更快的静态网站提供更简单的方式。
使用 Eleventy 看起来很简单它也提供了能解决你的问题的文档。如果你想找一个简单的静态网站生成工具Eleventy 似乎会是一个有趣的选择。
你可以参照它的 [GitHub 页面][39]和[官网][40]来了解更多的细节。
[Eleventy][40]
#### 9\. Publii
![][41]
Publii 是一个令人印象深刻的开源 CMS它能使生成一个静态网站变得很容易。它是用 [Electron][42] 和 Vue.js 构建的。如果有需要,你也可以把你的文章从 WorkPress 网站迁移过来。此外,它还提供了与 GitHub 页面、Netlify 及其它类似服务的一键同步功能。
利用 Publii 生成的静态网站,自带所见即所得编辑器。你可以从[官网][43]下载它,或者从它的 [GitHub 页面][44]了解更多信息。
[Publii][43]
#### 10\. Primo
![][45]
一个有趣的开源静态网站生成工具,目前开发工作仍很活跃。虽然与其他的静态生成工具相比,它还不是一个成熟的解决方案,有些功能还不完善,但它是一个独一无二的项目。
Primo 志在使用可视化的构建器帮你构建和搭建网站,这样你就可以轻松编辑和部署到任意主机上。
你可以参照[官网][46]或查看它的 [GitHub 页面][47]了解更多信息。
[Primo][46]
### 结语
还有很多文章中没有列出的网站生成工具。然而,我已经尽力写出了能提供最快的加载速度、最好的安全性和令人印象最深刻的灵活性的最好的静态生成工具了。
列表中没有你最喜欢的工具?在下面的评论中告诉我。
--------------------------------------------------------------------------------
via: https://itsfoss.com/open-source-static-site-generators/
作者:[Ankush Das][a]
选题:[lujun9972][b]
译者:[lxbwolf](https://github.com/lxbwolf)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://itsfoss.com/author/ankush/
[b]: https://github.com/lujun9972
[1]: https://itsfoss.com/open-source-cms/
[2]: https://i1.wp.com/itsfoss.com/wp-content/uploads/2018/01/jekyll-screenshot.jpg?resize=800%2C450&ssl=1
[3]: https://www.ruby-lang.org/en/
[4]: https://pages.github.com/
[5]: https://github.com/Shopify/liquid/wiki
[6]: https://jekyllrb.com/docs/
[7]: https://github.com/jekyll/jekyll
[8]: https://jekyllrb.com/
[9]: https://i2.wp.com/itsfoss.com/wp-content/uploads/2020/09/hugo.jpg?resize=800%2C414&ssl=1
[10]: https://golang.org/
[11]: https://gohugo.io/getting-started/
[12]: https://github.com/gohugoio/hugo
[13]: https://gohugo.io/
[14]: https://i2.wp.com/itsfoss.com/wp-content/uploads/2020/09/hexo.jpg?resize=800%2C213&ssl=1
[15]: https://nodejs.org/en/
[16]: https://hexo.io/api/migrator.html
[17]: https://hexo.io/docs/
[18]: https://github.com/hexojs/hexo
[19]: https://hexo.io/
[20]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2020/09/gatsbyjs.png?resize=800%2C388&ssl=1
[21]: https://reactjs.org/
[22]: https://www.gatsbyjs.com/docs/
[23]: https://github.com/gatsbyjs/gatsby
[24]: https://www.gatsbyjs.com/
[25]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2020/09/VuePress.jpg?resize=800%2C498&ssl=1
[26]: https://vuejs.org/
[27]: https://vuepress.vuejs.org/guide/
[28]: https://github.com/vuejs/vuepress
[29]: https://vuepress.vuejs.org/
[30]: https://i2.wp.com/itsfoss.com/wp-content/uploads/2020/09/nuxtjs.jpg?resize=800%2C415&ssl=1
[31]: https://template.nuxtjs.org/
[32]: https://github.com/nuxt/nuxt.js
[33]: https://nuxtjs.org/
[34]: https://i2.wp.com/itsfoss.com/wp-content/uploads/2020/09/docusaurus.jpg?resize=800%2C278&ssl=1
[35]: https://opensource.facebook.com/
[36]: https://github.com/facebook/docusaurus
[37]: https://docusaurus.io/
[38]: https://i1.wp.com/itsfoss.com/wp-content/uploads/2020/09/eleventy.png?resize=800%2C375&ssl=1
[39]: https://github.com/11ty/eleventy/
[40]: https://www.11ty.dev/
[41]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2020/09/publii.jpg?resize=800%2C311&ssl=1
[42]: https://www.electronjs.org
[43]: https://getpublii.com/
[44]: https://github.com/GetPublii/Publii
[45]: https://i1.wp.com/itsfoss.com/wp-content/uploads/2020/09/primo-af.jpg?resize=800%2C394&ssl=1
[46]: https://primo.af/
[47]: https://github.com/primo-app/primo-desktop