document/TranslateProject
2
0
Fork 0
mirror of https://github.com/LCTT/TranslateProject.git synced 2025-03-12 01:40:10 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'LCTT/master'

Browse Source
This commit is contained in:
Xingyu Wang 2019-10-05 10:22:20 +08:00
commit 05a6bbb8d0
20 changed files with 2773 additions and 608 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

619
published/20140510 Managing Digital Files (e.g., Photographs) in Files and Folders.md Normal file
View File

@ -0,0 +1,619 @@
数码文件与文件夹收纳术(以照片为例)
======
![](https://img.linux.net.cn/data/attachment/album/201910/05/000950xsxopomsrs55rrb5.jpg)
- 更新 2014-05-14增加了一些具体实例
- 更新 2015-03-16根据照片的 GPS 坐标过滤图片
- 更新 2016-08-29以新的 `filetags --filter` 替换已经过时的 `show-sel.sh` 脚本
- 更新 2017-08-28: geeqier 视频缩略图的邮件评论
- 更新 2018-03-06增加了 Julian Kahnert 的链接
- 更新 2018-05-06增加了作者在 2018 Linuxtage Graz 大会上 45 分钟演讲的视频
- 更新 2018-06-05关于 metadata 的邮件回复
- 更新 2018-07-22移动文件夹结构的解释到一篇它自己的文章中
- 更新 2019-07-09关于在文件名中避免使用系谱和字符的邮件回复
每当度假或去哪游玩时我就会化身为一个富有激情的摄影师。所以,过去的几年中我积累了许多的 [JPEG][1] 文件。这篇文章中我会介绍我是如何避免 [供应商锁定][2]LCTT 译注:<ruby>供应商锁定<rt>vendor lock-in</rt></ruby>,原为经济学术语,这里引申为避免过于依赖某一服务平台)造成受限于那些临时性的解决方案及数据丢失。相反,我更倾向于使用那些可以让我**投入时间和精力打理,并能长久使用**的解决方案。
这一(相当长的)攻略 **并不仅仅适用于图像文件**:我将进一步阐述像是文件夹结构、文件的命名规则等等许多领域的事情。因此,这些规范适用于我所能接触到的所有类型的文件。
在我开始传授我的方法之前,我们应该先就我将要介绍方法的达成一个共识,那就是我们是否有相同的需求。如果你对 [raw 图像格式][3]十分推崇,将照片存储在云端或其他你信赖的地方(对我而言可能不会),那么你可能不会认同这篇文章将要描述的方式了。请根据你的情况来灵活做出选择。
### 我的需求
对于 **将照片(或视频)从我的数码相机中导出到电脑里**,我只需要将 SD 卡插到我的电脑里并调用 `fetch-workflow` 软件。这一步也完成了**图像软件的预处理**以适用于我的文件命名规范(下文会具体论述),同时也可以将图片旋转至正常的方向(而不是横着)。
这些文件将会被存入到我的摄影收藏文件夹 `$HOME/tmp/digicam/`。在这一文件夹中我希望能**遍历我的图像和视频文件**,以便于**整理/删除、重命名、添加/移除标签,以及将一系列相关的文件移动到相应的文件夹中**。
在完成这些以后,我将会**浏览包含图像/电影文件集的文件夹**。在极少数情况下,我希望**在独立的图像处理工具**(比如 [GIMP][4])中打开一个图像文件。如果仅是为了**旋转 JPEG 文件**,我想找到一个快速的方法,不需要图像处理工具,并且是[以无损的方式][5]旋转 JPEG 图像。
我的数码相机支持用 [GPS][6] 坐标标记图像。因此,我需要一个方法来**对单个文件或一组文件可视化 GPS 坐标**来显示我走过的路径。
我想拥有的另一个好功能是:假设你在威尼斯度假时拍了几百张照片。每一个都很漂亮,所以你每张都舍不得删除。另一方面,你可能想把一组更少的照片送给家里的朋友。而且,在他们嫉妒的爆炸之前,他们可能只希望看到 20 多张照片。因此,我希望能够**定义并显示一组特定的照片子集**。
就独立性和**避免锁定效应**而言,我不想使用那种一旦公司停止产品或服务就无法使用的工具。出于同样的原因,由于我是一个注重隐私的人,**我不想使用任何基于云的服务**。为了让自己对新的可能性保持开放的心态,我不希望只在一个特定的操作系统平台才可行的方案上倾注全部的精力。**基本的东西必须在任何平台上可用**(查看、导航、……),而**全套需求必须可以在 GNU/Linux 上运行**,对我而言,我选择 Debian GNU/Linux。
在我传授当前针对上述大量需求的解决方案之前,我必须解释一下我的一般文件夹结构和文件命名约定,我也使用它来命名数码照片。但首先,你必须认清一个重要的事实:
#### iPhoto、Picasa诸如此类应被认为是有害的
管理照片集的软件工具确实提供了相当酷的功能。它们提供了一个良好的用户界面,并试图为你提供满足各种需求的舒适的工作流程。
对它们我确实遇到了很多大问题。它们几乎对所有东西都使用专有的存储格式:图像文件、元数据等等。当你打算在几年内换一个不同的软件,这是一个大问题。相信我:总有一天你会因为多种原因而**更换软件**。
如果你现在正打算更换相应的工具,你会意识到 iPhoto 或 Picasa 是分别存储原始图像文件和你对它们所做的所有操作的(旋转图像、向图像文件添加描述/标签、裁剪等等)。如果你不能导出并重新导入到新工具,那么**所有的东西都将永远丢失**。而无损的进行转换和迁移几乎是不可能的。
我不想在一个会锁住我工作的工具上投入任何精力。**我也拒绝把自己绑定在任何专有工具上**。我是一个过来人,希望你们吸取我的经验。
这就是我在文件名中保留时间戳、图像描述或标记的原因。文件名是永久性的,除非我手动更改它们。当我把照片备份或复制到 U 盘或其他操作系统时,它们不会丢失。每个人都能读懂。任何未来的系统都能够处理它们。
### 我的文件命名规范
这里有一个我在 [2018 Linuxtage Graz 大会][44]上做的[演讲][45],其中详细阐述了我的在本文中提到的想法和工作流程。
- [Grazer Linuxtage 2018 - The Advantages of File Name Conventions and Tagging](https://youtu.be/rckSVmYCH90)
- [备份视频托管在 media.CCC.de](https://media.ccc.de/v/GLT18_-_321_-_en_-_g_ap147_004_-_201804281550_-_the_advantages_of_file_name_conventions_and_tagging_-_karl_voit)
我所有的文件都与一个特定的日期或时间有关,根据所采用的 [ISO 8601][7] 规范,我采用的是**日期戳**或**时间戳**
带有日期戳和两个标签的示例文件名:`2014-05-09 Budget export for project 42 -- finance company.csv`。
带有时间戳(甚至包括可选秒)和两个标签的示例文件名:`2014-05-09T22.19.58 Susan presenting her new shoes -- family clothing.jpg`。
由于我使用的 ISO 时间戳冒号不适用于 Windows [NTFS 文件系统][8],因此,我用点代替冒号,以便将小时与分钟(以及可选的秒)区别开来。
如果是**持续的一段日期或时间**,我会将两个日期戳或时间戳用两个减号分开:`2014-05-09--2014-05-13 Jazz festival Graz -- folder tourism music.pdf`。
文件名中的时间/日期戳的优点是,除非我手动更改它们,否则它们保持不变。当通过某些不处理这些元数据的软件进行处理时,包含在文件内容本身中的元数据(如 [Exif][9])往往会丢失。此外,使用这样的日期/时间戳开始的文件名可以确保文件按时间顺序显示,而不是按字母顺序显示。字母表是一种[完全人工的排序顺序][10],对于用户定位文件通常不太实用。
当我想将**标签**关联到文件名时,我将它们放在原始文件名和[文件名扩展名][11]之间,中间用空格、两个减号和两端额外的空格分隔 ` -- `。我的标签是小写的英文单词,不包含空格或特殊字符。有时,我可能会使用 `quantifiedself``usergenerated` 这样的连接词。我[倾向于选择一般类别][12],而不是太过具体的描述标签。我在 Twitter [hashtags][13]、文件名、文件夹名、书签、诸如此类的博文等诸如此类地地方重用这些标签。
标签作为文件名的一部分有几个优点。通过使用常用的桌面搜索引擎,你可以在标签的帮助下定位文件。文件名称中的标签不会因为复制到不同的存储介质上而丢失。当系统使用与文件名之外的存储位置(如:元数据数据库、[点文件][14]、[备用数据流][15]等)存储元信息通常会发生丢失。
当然,通常在文件和文件夹名称中,**请避免使用特殊字符**、变音符、冒号等。尤其是在不同操作系统平台之间同步文件时。
我的**文件夹名命名约定**与文件的相应规范相同。
注意:由于 [Memacs][17] 的 [filenametimestamp][16] 模块的聪明之处,所有带有日期/时间戳的文件和文件夹都出现在我的 Org 模式的日历(日程)上的同一天/同一时间。这样,我就能很好地了解当天发生了什么,包括我拍的所有照片。
### 我的一般文件夹结构
在本节中,我将描述我的主文件夹中最重要的文件夹。注意:这可能在将来的被移动到一个独立的页面。或许不是。让我们等着瞧 :-) LCTT 译注:后来这一节已被作者扩展并移动到另外一篇[文章](https://karl-voit.at/folder-hierarchy/)。)
很多东西只有在一定的时间内才会引起人们的兴趣。这些内容包括快速浏览其内容的下载、解压缩文件以检查包含的文件、一些有趣的小内容等等。对于**临时的东西**,我有 `$HOME/tmp/` 子层次结构。新照片放在 `$HOME/tmp/digicam/` 中。我从 CD、DVD 或 USB 记忆棒临时复制的东西放在 `$HOME/tmp/fromcd/` 中。每当软件工具需要用户文件夹层次结构中的临时数据时,我就使用 `$HOME/tmp/Tools/`作为起点。我经常使用的文件夹是 `$HOME/tmp/2del/``2del` 的意思是“随时可以删除”。例如,我所有的浏览器都使用这个文件夹作为默认的下载文件夹。如果我需要在机器上腾出空间,我首先查看这个 `2del` 文件夹,用于删除内容。
与上面描述的临时文件相比,我当然也想将文件**保存更长的时间**。这些文件被移动到我的 `$HOME/archive/` 子层次结构中。它有几个子文件夹用于备份、我想保留的 web 下载类、我要存档的二进制文件、可移动媒体CD、DVD、记忆棒、外部硬盘驱动器的索引文件和一个稍后寻找一个合适的的目标文件夹存档的文件夹。有时我太忙或没有耐心的时候将文件妥善整理。是的那就是我我甚至有一个名为“现在不要烦我”的文件夹。这对你而言是否很怪:-)
我的归档中最重要的子层次结构是 `$HOME/archive/events_memories/` 及其子文件夹 `2014/`、`2013/`、`2012/` 等等。正如你可能已经猜到的,每个年份有一个**子文件夹**。其中每个文件中都有单个文件和文件夹。这些文件是根据我在前一节中描述的文件名约定命名的。文件夹名称以 [ISO 8601][7] 日期标签 “YYYY-MM-DD” 开头,后面跟着一个具有描述性的名称,如 `$HOME/archive/events_memories/2014/2014-05-08 Business marathon with/`。在这些与日期相关的文件夹中我保存着各种与特定事件相关的文件照片、扫描的pdf 文件、文本文件等等。
对于**共享数据**,我设置一个 `$HOME/share/` 子层次结构。这是我的 Dropbox 文件夹,我用各种各样的方法(比如 [unison][18])来分享数据。我也在我的设备之间共享数据:家里的 Mac Mini、家里的 GNU/Linux 笔记本、Android 手机root-server我的个人云工作用的 Windows 笔记本。我不想在这里详细说明我的同步设置。如果你想了解相关的设置,可以参考另一篇相关的文章。:-)
在我的 `$HOME/templates_tags/` 子层次结构中,我保存了各种**模板文件**[LaTeX][19]、脚本、…),插图和**徽标**,等等。
我的 **Org 模式** 文件,主要是保存在 `$HOME/org/`。我练习记忆力,不会解释我有多喜欢 [Emacs/Org 模式][20] 以及我从中获益多少。你可能读过或听过我详细描述我用它做的很棒的事情。具体可以在我的博客上查找 [我的 Emacs 标签][21],在 Twitter 上查找 [hashtag #orgmode][22]。
以上就是我最重要的文件夹子层次结构设置方式。
### 我的工作流程
哒哒哒,在你了解了我的文件夹结构和文件名约定之后,下面是我当前的工作流程和工具,我使用它们来满足我前面描述的需求。
请注意,**你必须知道你在做什么**。我这里的示例及文件夹路径和更多**只适用我的机器或我的环境**。**你必须采用相应的**路径、文件名等来满足你的需求!
#### 工作流程:将文件从 SD 卡移动到笔记本电脑、旋转人像图像,并重命名文件
当我想把数据从我的数码相机移到我的 GNU/Linux 笔记本上时,我拿出它的 mini SD 存储卡,把它放在我的笔记本上。然后它会自动挂载在 `/media/digicam` 上。
然后,调用 [getdigicamdata][23]。它做了如下几件事:它将文件从 SD 卡移动到一个临时文件夹中进行处理。原始文件名会转换为小写字符。所有的人像照片会使用 [jhead][24] 旋转。同样使用 jhead我从 Exif 头的时间戳中生成文件名称中的时间戳。使用 [date2name][25],我也将时间戳添加到电影文件中。处理完所有这些文件后,它们将被移动到新的数码相机文件的目标文件夹: `$HOME/tmp/digicam/tmp/`
#### 工作流程:文件夹索引、查看、重命名、删除图像文件
为了快速浏览我的图像和电影文件,我喜欢使用 GNU/Linux 上的 [geeqie][26]。这是一个相当轻量级的图像浏览器,它具有其他文件浏览器所缺少的一大优势:我可以添加通过键盘快捷方式调用的外部脚本/工具。通过这种方式,我可以通过任意外部命令扩展这个图像浏览器的特性。
基本的图像管理功能是内置在 geeqie浏览我的文件夹层次结构、以窗口模式或全屏查看图像快捷键 `f`)、重命名文件名、删除文件、显示 Exif 元数据(快捷键 `Ctrl-e`)。
在 OS X 上,我使用 [Xee][27]。与 geeqie 不同,它不能通过外部命令进行扩展。不过,基本的浏览、查看和重命名功能也是可用的。
#### 工作流程:添加和删除标签
我创建了一个名为 [filetags][28] 的 Python 脚本,用于向单个文件以及一组文件添加和删除标记。
对于数码照片,我使用标签,例如,`specialL` 用于我认为适合桌面背景的风景图片,`specialP` 用于我想展示给其他人的人像照片,`sel` 用于筛选,等等。
##### 使用 geeqie 初始设置 filetags
向 geeqie 添加 `filetags` 是一个手动步骤“Edit > Preferences > Configure Editors ...”,然后创建一个附加条目 `New`。在这里,你可以定义一个新的桌面文件,如下所示:
```
[Desktop Entry]
Name=filetags
GenericName=filetags
Comment=
Exec=/home/vk/src/misc/vk-filetags-interactive-adding-wrapper-with-gnome-terminal.sh %F
Icon=
Terminal=true
Type=Application
Categories=Application;Graphics;
hidden=false
MimeType=image/*;video/*;image/mpo;image/thm
Categories=X-Geeqie;
```
*add-tags.desktop*
封装脚本 `vk-filetags-interactive-adding-wrapper-with-gnome-terminal.sh` 是必须的,因为我想要弹出一个新的终端,以便添加标签到我的文件:
```
#!/bin/sh
/usr/bin/gnome-terminal \
--geometry=85x15+330+5 \
--tab-with-profile=big \
--hide-menubar \
-x /home/vk/src/filetags/filetags.py --interactive "${@}"
#end
```
*vk-filetags-interactive-adding-wrapper-with-gnome-terminal.sh*
在 geeqie 中,你可以在 “Edit > Preferences > Preferences ... > Keyboard”。我将 `t``filetags` 命令相关联。
这个 `filetags` 脚本还能够从单个文件或一组文件中删除标记。它基本上使用与上面相同的方法。唯一的区别是 `filetags` 脚本额外的 `--remove` 参数:
```
[Desktop Entry]
Name=filetags-remove
GenericName=filetags-remove
Comment=
Exec=/home/vk/src/misc/vk-filetags-interactive-removing-wrapper-with-gnome-terminal.sh %F
Icon=
Terminal=true
Type=Application
Categories=Application;Graphics;
hidden=false
MimeType=image/*;video/*;image/mpo;image/thm
Categories=X-Geeqie;
```
*remove-tags.desktop*
```
#!/bin/sh
/usr/bin/gnome-terminal \
--geometry=85x15+330+5 \
--tab-with-profile=big \
--hide-menubar \
-x /home/vk/src/filetags/filetags.py --interactive --remove "${@}"
#end
```
*vk-filetags-interactive-removing-wrapper-with-gnome-terminal.sh*
为了删除标签,我创建了一个键盘快捷方式 `T`
##### 在 geeqie 中使用 filetags
当我在 geeqie 文件浏览器中浏览图像文件时,我选择要标记的文件(一到多个)并按 `t`。然后,一个小窗口弹出,要求我提供一个或多个标签。用回车确认后,这些标签被添加到文件名中。
删除标签也是一样:选择多个文件,按下 `T`,输入要删除的标签,然后按回车确认。就是这样。几乎没有[给文件添加或删除标签的更简单的方法了][29]。
#### 工作流程:改进的使用 appendfilename 重命名文件
##### 不使用 appendfilename
重命名一组大型文件可能是一个冗长乏味的过程。对于 `2014-04-20T17.09.11_p1100386.jpg` 这样的原始文件名,在文件名中添加描述的过程相当烦人。你将按 `Ctrl-r` (重命名)在 geeqie 中打开文件重命名对话框。默认情况下,原始名称(没有文件扩展名的文件名称)被标记。因此,如果不希望删除/覆盖文件名(但要追加),则必须按下光标键 `→`。然后,光标放在基本名称和扩展名之间。输入你的描述(不要忘记以空格字符开始),并用回车进行确认。
##### 在 geeqie 使中用 appendfilename
使用 [appendfilename][30],我的过程得到了简化,可以获得将文本附加到文件名的最佳用户体验:当我在 geeqie 中按下 `a`(附加)时,会弹出一个对话框窗口,询问文本。在回车确认后,输入的文本将放置在时间戳和可选标记之间。
例如,当我在 `2014-04-20T17.09.11_p1100386.jpg` 上按下 `a`,然后键入`Pick-nick in Graz` 时,文件名变为 `2014-04-20T17.09.11_p1100386 Pick-nick in Graz.jpg`。当我再次按下 `a` 并输入 `with Susan` 时,文件名变为 `2014-04-20T17.09.11_p1100386 Pick-nick in Graz with Susan.jpg`。当文件名添加标记时,附加的文本前将附加标记分隔符。
这样,我就不必担心覆盖时间戳或标记。重命名的过程对我来说变得更加有趣!
最好的部分是:当我想要将相同的文本添加到多个选定的文件中时,也可以使用 `appendfilename`
##### 在 geeqie 中初始设置 appendfilename
添加一个额外的编辑器到 geeqie: “Edit > Preferences > Configure Editors ... > New”。然后输入桌面文件定义
```
[Desktop Entry]
Name=appendfilename
GenericName=appendfilename
Comment=
Exec=/home/vk/src/misc/vk-appendfilename-interactive-wrapper-with-gnome-terminal.sh %F
Icon=
Terminal=true
Type=Application
Categories=Application;Graphics;
hidden=false
MimeType=image/*;video/*;image/mpo;image/thm
Categories=X-Geeqie;
```
*appendfilename.desktop*
同样,我也使用了一个封装脚本,它将为我打开一个新的终端:
```
#!/bin/sh
/usr/bin/gnome-terminal \
--geometry=90x5+330+5 \
--tab-with-profile=big \
--hide-menubar \
-x /home/vk/src/appendfilename/appendfilename.py "${@}"
#end
```
*vk-appendfilename-interactive-wrapper-with-gnome-terminal.sh*
#### 工作流程:播放电影文件
在 GNU/Linux 上,我使用 [mplayer][31] 回放视频文件。由于 geeqie 本身不播放电影文件,所以我必须创建一个设置,以便在 mplayer 中打开电影文件。
##### 在 geeqie 中初始设置 mplayer
我已经使用 [xdg-open][32] 将电影文件扩展名关联到 mplayer。因此我只需要为 geeqie 创建一个通用的“open”命令让它使用 `xdg-open` 打开任何文件及其关联的应用程序。
在 geeqie 中,再次访问 “Edit > Preferences > Configure Editors ...” 添加“open”的条目
```
[Desktop Entry]
Name=open
GenericName=open
Comment=
Exec=/usr/bin/xdg-open %F
Icon=
Terminal=true
Type=Application
hidden=false
NOMimeType=*;
MimeType=image/*;video/*
Categories=X-Geeqie;
```
*open.desktop*
当你也将快捷方式 `o` (见上文)与 geeqie 关联时,你就能够打开与其关联的应用程序的视频文件(和其他文件)。
##### 使用 xdg-open 打开电影文件(和其他文件)
在上面的设置过程之后,当你的 geeqie 光标位于文件上方时,你只需按下 `o` 即可。就是如此简洁。
#### 工作流程:在外部图像编辑器中打开
我不太希望能够在 GIMP 中快速编辑图像文件。因此,我添加了一个快捷方式 `g`,并将其与外部编辑器 “"GNU Image Manipulation Program" (GIMP)” 关联起来geeqie 已经默认创建了该外部编辑器。
这样,只需按下 `g` 就可以在 GIMP 中打开当前图像。
#### 工作流程:移动到存档文件夹
现在我已经在我的文件名中添加了注释,我想将单个文件移动到 `$HOME/archive/events_memories/2014/`,或者将一组文件移动到这个文件夹中的新文件夹中,如 `$HOME/archive/events_memories/2014/2014-05-08 business marathon after show - party`
通常的方法是选择一个或多个文件,并用快捷方式 `Ctrl-m` 将它们移动到文件夹中。
何等繁复无趣之至!
因此,我(再次)编写了一个 Python 脚本,它为我完成了这项工作:[move2archive][33](简写为:` m2a `),需要一个或多个文件作为命令行参数。然后,出现一个对话框,我可以在其中输入一个可选文件夹名。当我不输入任何东西而是按回车,文件被移动到相应年份的文件夹。当我输入一个类似 `Business-Marathon After-Show-Party` 的文件夹名称时,第一个图像文件的日期戳被附加到该文件夹(`$HOME/archive/events_memories/2014/2014-05-08 Business-Marathon After-Show-Party`),然后创建该文件夹,并移动文件。
再一次,我在 geeqie 中选择一个或多个文件,按 `m`(移动),或者只按回车(没有特殊的子文件夹),或者输入一个描述性文本,这是要创建的子文件夹的名称(可选不带日期戳)。
**没有一个图像管理工具像我的带有 appendfilename 和 move2archive 的 geeqie 一样可以通过快捷键快速且有趣的完成工作。**
##### 在 geeqie 里初始化 m2a 的相关设置
同样,向 geeqie 添加 `m2a` 是一个手动步骤“Edit > Preferences > Configure Editors ...”然后创建一个附加条目“New”。在这里你可以定义一个新的桌面文件如下所示:
```
[Desktop Entry]
Name=move2archive
GenericName=move2archive
Comment=Moving one or more files to my archive folder
Exec=/home/vk/src/misc/vk-m2a-interactive-wrapper-with-gnome-terminal.sh %F
Icon=
Terminal=true
Type=Application
Categories=Application;Graphics;
hidden=false
MimeType=image/*;video/*;image/mpo;image/thm
Categories=X-Geeqie;
```
*m2a.desktop*
封装脚本 `vk-m2a-interactive-wrapper-with-gnome-terminal.sh` 是必要的,因为我想要弹出一个新的终端窗口,以便我的文件进入我指定的目标文件夹:
```
#!/bin/sh
/usr/bin/gnome-terminal \
--geometry=157x56+330+5 \
--tab-with-profile=big \
--hide-menubar \
-x /home/vk/src/m2a/m2a.py --pauseonexit "${@}"
#end
```
*vk-m2a-interactive-wrapper-with-gnome-terminal.sh*
在 geeqie 中,你可以在 “Edit > Preferences > Preferences ... > Keyboard” 将 `m``m2a` 命令相关联。
#### 工作流程:旋转图像(无损)
通常,我的数码相机会自动将人像照片标记为人像照片。然而,在某些特定的情况下(比如从装饰图案上方拍照),我的相机会出错。在那些**罕见的情况下**,我必须手动修正方向。
你必须知道JPEG 文件格式是一种有损格式,应该只用于照片,而不是计算机生成的东西,如屏幕截图或图表。以傻瓜方式旋转 JPEG 图像文件通常会解压/可视化图像文件、旋转生成新的图像,然后重新编码结果。这将导致生成的图像[比原始图像质量差得多][5]。
因此,你应该使用无损方法来旋转 JPEG 图像文件。
再一次,我添加了一个“外部编辑器”到 geeqie“Edit > Preferences > Configure Editors ... > New”。在这里我添加了两个条目使用 [exiftran][34],一个用于旋转 270 度(即逆时针旋转 90 度),另一个用于旋转 90 度(顺时针旋转 90 度):
```
[Desktop Entry]
Version=1.0
Type=Application
Name=Losslessly rotate JPEG image counterclockwise
# call the helper script
TryExec=exiftran
Exec=exiftran -p -2 -i -g %f
# Desktop files that are usable only in Geeqie should be marked like this:
Categories=X-Geeqie;
OnlyShowIn=X-Geeqie;
# Show in menu "Edit/Orientation"
X-Geeqie-Menu-Path=EditMenu/OrientationMenu
MimeType=image/jpeg;
```
*rotate-270.desktop*
```
[Desktop Entry]
Version=1.0
Type=Application
Name=Losslessly rotate JPEG image clockwise
# call the helper script
TryExec=exiftran
Exec=exiftran -p -9 -i -g %f
# Desktop files that are usable only in Geeqie should be marked like this:
Categories=X-Geeqie;
OnlyShowIn=X-Geeqie;
# Show in menu "Edit/Orientation"
X-Geeqie-Menu-Path=EditMenu/OrientationMenu
# It can be made verbose
# X-Geeqie-Verbose=true
MimeType=image/jpeg;
```
*rotate-90.desktop*
我创建了 geeqie 快捷键 `[`(逆时针方向)和 `]`(顺时针方向)。
#### 工作流程:可视化 GPS 坐标
我的数码相机有一个 GPS 传感器,它在 JPEG 文件的 Exif 元数据中存储当前的地理位置。位置数据以 [WGS 84][35] 格式存储,如 `47, 58, 26.73; 16, 23, 55.51`(纬度;经度)。这一方式可读性较差,我期望:要么是地图,要么是位置名称。因此,我向 geeqie 添加了一些功能,这样我就可以在 [OpenStreetMap][36] 上看到单个图像文件的位置: `Edit > Preferences > Configure Editors ... > New`
```
[Desktop Entry]
Name=vkphotolocation
GenericName=vkphotolocation
Comment=
Exec=/home/vk/src/misc/vkphotolocation.sh %F
Icon=
Terminal=true
Type=Application
Categories=Application;Graphics;
hidden=false
MimeType=image/bmp;image/gif;image/jpeg;image/jpg;image/pjpeg;image/png;image/tiff;image/x-bmp;image/x-gray;image/x-icb;image/x-ico;image/x-png;image/x-portable-anymap;image/x-portable-bitmap;image/x-portable-graymap;image/x-portable-pixmap;image/x-xbitmap;image/x-xpixmap;image/x-pcx;image/svg+xml;image/svg+xml-compressed;image/vnd.wap.wbmp;
```
*photolocation.desktop*
这调用了我的名为 `vkphotolocation.sh` 的封装脚本,它使用 [ExifTool][37] 以 [Marble][38] 能够读取和可视化的适当格式提取该坐标:
```
#!/bin/sh
IMAGEFILE="${1}"
IMAGEFILEBASENAME=`basename ${IMAGEFILE}`
COORDINATES=`exiftool -c %.6f "${IMAGEFILE}" | awk '/GPS Position/ { print $4 " " $6 }'`
if [ "x${COORDINATES}" = "x" ]; then
zenity --info --title="${IMAGEFILEBASENAME}" --text="No GPS-location found in the image file."
else
/usr/bin/marble --latlon "${COORDINATES}" --distance 0.5
fi
#end
```
*vkphotolocation.sh*
映射到键盘快捷键 `G`,我可以快速地得到**单个图像文件的位置的地图定位**。
当我想将多个 JPEG 图像文件的**位置可视化为路径**时,我使用 [GpsPrune][39]。我无法挖掘出 GpsPrune 将一组文件作为命令行参数的方法。正因为如此,我必须手动启动 GpsPrune用 “File > Add photos”选择一组文件或一个文件夹。
通过这种方式,我可以为每个 JPEG 位置在 OpenStreetMap 地图上获得一个点(如果配置为这样)。通过单击这样一个点,我可以得到相应图像的详细信息。
如果你恰好在国外拍摄照片,可视化 GPS 位置对**在文件名中添加描述**大有帮助!
#### 工作流程:根据 GPS 坐标过滤照片
这并非我的工作流程。为了完整起见,我列出该工作流对应工具的特性。我想做的就是从一大堆图片中寻找那些在一定区域内(范围或点 + 距离)的照片。
到目前为止,我只找到了 [DigiKam][40],它能够[根据矩形区域进行过滤][41]。如果你知道其他工具,请将其添加到下面的评论或给我写一封电子邮件。
#### 工作流程:显示给定集合的子集
如上面的需求所述,我希望能够对一个文件夹中的文件定义一个子集,以便将这个小集合呈现给其他人。
工作流程非常简单:我向选择的文件添加一个标记(通过 `t`/`filetags`)。为此,我使用标记 `sel`,它是 “selection” 的缩写。在标记了一组文件之后,我可以按下 `s`,它与一个脚本相关联,该脚本只显示标记为 `sel` 的文件。
当然,这也适用于任何标签或标签组合。因此,用同样的方法,你可以得到一个适当的概述,你的婚礼上的所有照片都标记着“教堂”和“戒指”。
很棒的功能,不是吗?:-)
##### 初始设置 filetags 以根据标签和 geeqie 过滤
你必须定义一个额外的“外部编辑器”,“ Edit > Preferences > Configure Editors ... > New”
```
[Desktop Entry]
Name=filetag-filter
GenericName=filetag-filter
Comment=
Exec=/home/vk/src/misc/vk-filetag-filter-wrapper-with-gnome-terminal.sh
Icon=
Terminal=true
Type=Application
Categories=Application;Graphics;
hidden=false
MimeType=image/*;video/*;image/mpo;image/thm
Categories=X-Geeqie;
```
*filter-tags.desktop*
再次调用我编写的封装脚本:
```
#!/bin/sh
/usr/bin/gnome-terminal \
--geometry=85x15+330+5 \
--hide-menubar \
-x /home/vk/src/filetags/filetags.py --filter
#end
```
*vk-filetag-filter-wrapper-with-gnome-terminal.sh*
带有参数 `--filter``filetags` 基本上完成的是:用户被要求输入一个或多个标签。然后,当前文件夹中所有匹配的文件都使用[符号链接][42]链接到 `$HOME/.filetags_tagfilter/`。然后,启动了一个新的 geeqie 实例,显示链接的文件。
在退出这个新的 geeqie 实例之后,你会看到进行选择的旧的 geeqie 实例。
#### 用一个真实的案例来总结
哇哦, 这是一篇很长的博客文章。你可能已经忘了之前的概述。总结一下我在(扩展了标准功能集的) geeqie 中可以做的事情,我有一个很酷的总结:
快捷键 | 功能
--- | ---
`m` | 移到归档m2a
`o` | 打开(针对非图像文件)
`a` | 在文件名里添加字段
`t` | 文件标签(添加)
`T` | 文件标签(删除)
`s` | 文件标签(排序)
`g` | gimp
`G` | 显示 GPS 信息
`[` | 无损的逆时针旋转
`]` | 无损的顺时针旋转
`Ctrl-e` | EXIF 图像信息
`f` | 全屏显示
文件名(包括它的路径)的部分及我用来操作该部分的相应工具:
```
/this/is/a/folder/2014-04-20T17.09 Picknick in Graz -- food graz.jpg
[ move2archive ] [ date2name ] [appendfilename] [ filetags ]
```
在实践中,我按照以下步骤将照片从相机保存到存档:我将 SD 存储卡放入计算机的 SD 读卡器中。然后我运行 [getdigicamdata.sh][23]。完成之后,我在 geeqie 中打开 `$HOME/tmp/digicam/tmp/`。我浏览了一下照片,把那些不成功的删除了。如果有一个图像的方向错误,我用 `[``]` 纠正它。
在第二步中,我向我认为值得评论的文件添加描述 `a`)。每当我想添加标签时,我也这样做:我快速地标记所有应该共享相同标签的文件(`Ctrl + 鼠标点击`),并使用 [filetags][28]`t`)进行标记。
要合并来自给定事件的文件,我选中相应的文件,将它们移动到年度归档文件夹中的 `event-folder`,并通过在 [move2archive][33]`m`)中键入事件描述,其余的(非特殊的文件夹)无需声明事件描述由 `move2archive` `m`)直接移动到年度归档中。
结束我的工作流程,我删除了 SD 卡上的所有文件,把它从操作系统上弹出,然后把它放回我的数码相机里。
以上。
因为这种工作流程几乎不需要任何开销,所以评论、标记和归档照片不再是一项乏味的工作。
### 最后
所以,这是一个详细描述我关于照片和电影的工作流程的叙述。你可能已经发现了我可能感兴趣的其他东西。所以请不要犹豫,请使用下面的链接留下评论或电子邮件。
我也希望得到反馈,如果我的工作流程适用于你。并且,如果你已经发布了你的工作流程或者找到了其他人工作流程的描述,也请留下评论!
及时行乐,莫让错误的工具或低效的方法浪费了我们的人生!
### 其他工具
阅读关于[本文中关于 gThumb 的部分][43]。
当你觉得你以上文中所叙述的符合你的需求时,请根据相关的建议来选择对应的工具。
--------------------------------------------------------------------------------
via: http://karl-voit.at/managing-digital-photographs/
作者:[Karl Voit][a]
译者:[qfzy1233](https://github.com/qfzy1233)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:http://karl-voit.at
[1]:https://en.wikipedia.org/wiki/Jpeg
[2]:http://en.wikipedia.org/wiki/Vendor_lock-in
[3]:https://en.wikipedia.org/wiki/Raw_image_format
[4]:http://www.gimp.org/
[5]:http://petapixel.com/2012/08/14/why-you-should-always-rotate-original-jpeg-photos-losslessly/
[6]:https://en.wikipedia.org/wiki/Gps
[7]:https://en.wikipedia.org/wiki/Iso_date
[8]:https://en.wikipedia.org/wiki/Ntfs
[9]:https://en.wikipedia.org/wiki/Exif
[10]:http://www.isisinform.com/reinventing-knowledge-the-medieval-controversy-of-alphabetical-order/
[11]:https://en.wikipedia.org/wiki/File_name_extension
[12]:http://karl-voit.at/tagstore/en/papers.shtml
[13]:https://en.wikipedia.org/wiki/Hashtag
[14]:https://en.wikipedia.org/wiki/Dot-file
[15]:https://en.wikipedia.org/wiki/NTFS#Alternate_data_streams_.28ADS.29
[16]:https://github.com/novoid/Memacs/blob/master/docs/memacs_filenametimestamps.org
[17]:https://github.com/novoid/Memacs
[18]:http://www.cis.upenn.edu/~bcpierce/unison/
[19]:https://github.com/novoid/LaTeX-KOMA-template
[20]:http://orgmode.org/
[21]:http://karl-voit.at/tags/emacs
[22]:https://twitter.com/search?q%3D%2523orgmode&src%3Dtypd
[23]:https://github.com/novoid/getdigicamdata.sh
[24]:http://www.sentex.net/%3Ccode%3Emwandel/jhead/
[25]:https://github.com/novoid/date2name
[26]:http://geeqie.sourceforge.net/
[27]:http://xee.c3.cx/
[28]:https://github.com/novoid/filetag
[29]:http://karl-voit.at/tagstore/
[30]:https://github.com/novoid/appendfilename
[31]:http://www.mplayerhq.hu
[32]:https://wiki.archlinux.org/index.php/xdg-open
[33]:https://github.com/novoid/move2archive
[34]:http://manpages.ubuntu.com/manpages/raring/man1/exiftran.1.html
[35]:https://en.wikipedia.org/wiki/WGS84#A_new_World_Geodetic_System:_WGS_84
[36]:http://www.openstreetmap.org/
[37]:http://www.sno.phy.queensu.ca/~phil/exiftool/
[38]:http://userbase.kde.org/Marble/Tracking
[39]:http://activityworkshop.net/software/gpsprune/
[40]:https://en.wikipedia.org/wiki/DigiKam
[41]:https://docs.kde.org/development/en/extragear-graphics/digikam/using-kapp.html#idp7659904
[42]:https://en.wikipedia.org/wiki/Symbolic_link
[43]:http://karl-voit.at/2017/02/19/gthumb
[44]:https://glt18.linuxtage.at
[45]:https://glt18-programm.linuxtage.at/events/321.html

60
sources/news/20191004 In Fedora 31, 32-bit i686 is 86ed.md Normal file
View File

@ -0,0 +1,60 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (In Fedora 31, 32-bit i686 is 86ed)
[#]: via: (https://fedoramagazine.org/in-fedora-31-32-bit-i686-is-86ed/)
[#]: author: (Justin Forbes https://fedoramagazine.org/author/jforbes/)
In Fedora 31, 32-bit i686 is 86ed
======
![][1]
The release of Fedora 31 [drops][2] the 32-bit i686 kernel, and as a result bootable images. While there may be users out there who still have hardware which will not work with the 64-bit x86_64 kernel, there are very few. However, this article gives you the whole story behind the change, and what 32-bit material youll still find in Fedora 31.
### What is happening?
The i686 architecture essentially entered community support with the [Fedora 27 release][3]. Unfortunately, there are not enough members of the community willing to do the work to maintain the architecture. Dont worry, though — Fedora is not dropping all 32-bit packages. Many i686 packages are still being built to ensure things like multilib, wine, and Steam will continue to work.
While the repositories are no longer being composed and mirrored out, there is a koji i686 repository which works with _mock_ for building 32-bit packages, and in a pinch to install 32-bit versions which are not part of the x86_64 multilib repository. Of course, maintainers expect this will see limited use. Users who simply need to run a 32-bit application should be able to do so with multilib on a 64-bit system.
### What to do if youre running 32-bit
If you still run 32-bit i686 installations, youll continue to receive supported Fedora updates through the Fedora 30 lifecycle. This is until roughly May or June of 2020. At that point, you can either reinstall as 64-bit x86_64 if your hardware supports it, or replace your hardware with 64-bit capable hardware if possible.
There is a user in the community who has done a successful “upgrade” from 32-bit Fedora to 64-bit x86 Fedora. While this is not an intended or supported upgrade path, it should work. The Project hopes to have some documentation for users who have 64-bit capable hardware to explain the process before the Fedora 30 end of life.
If you have a 64-bit capable CPU running 32-bit Fedora due to low memory, try one of the [alternate desktop spins][4]. LXDE and others tend to do fairly well in memory constrained environments. For users running simple servers on old 32-bit hardware that was just lying around, consider one of the newer ARM boards. The power savings alone can more than pay for the new hardware in many instances. And if none of these are on option, [CentOS 7][5] offers a 32-bit image with longer term support for the platform.
### Security and you
While some users may be tempted to keep running an older Fedora release past end of life, this is highly discouraged. People constantly research software for security issues. Often times, they find these issues which have been around for years.
Once Fedora maintainers know about such issues, they typically patch for them, and make updates available to supported releases — but not to end of life releases. And of course, once these vulnerabilities are public, there will be people trying to exploit them. If you run an older release past end of life, your security exposure increases over time as a result, putting your system at ever-growing risk.
* * *
_Photo by _[_Alexandre Debiève_][6]_ on [Unsplash][7]_.
--------------------------------------------------------------------------------
via: https://fedoramagazine.org/in-fedora-31-32-bit-i686-is-86ed/
作者:[Justin Forbes][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://fedoramagazine.org/author/jforbes/
[b]: https://github.com/lujun9972
[1]: https://fedoramagazine.org/wp-content/uploads/2019/09/i686-86-816x345.jpg
[2]: https://fedoraproject.org/wiki/Changes/Stop_Building_i686_Kernels
[3]: https://fedoramagazine.org/announcing-fedora-27/
[4]: https://spins.fedoraproject.org
[5]: https://centos.org
[6]: https://unsplash.com/@alexkixa?utm_source=unsplash&utm_medium=referral&utm_content=creditCopyText
[7]: https://unsplash.com/s/photos/motherboard?utm_source=unsplash&utm_medium=referral&utm_content=creditCopyText

77
sources/talk/20190930 How Open Source Software Lets Us Push It to the Limit.md Normal file
View File

@ -0,0 +1,77 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (How Open Source Software Lets Us Push It to the Limit)
[#]: via: (https://opensourceforu.com/2019/09/how-open-source-software-lets-us-push-it-to-the-limit/)
[#]: author: (Ebbe Kernel https://opensourceforu.com/author/ebbe-kernel/)
How Open Source Software Lets Us Push It to the Limit
======
[![best text editors for web development][1]][2]
_Here is a conversation with Johan, a leading developer of an advanced proxy network. As his team tackles complex load-balancing problems, they are constantly forced to push their solutions beyond what the original developers imagined. He says that the decision to use an open source load-balancer HAProxy has made it possible to do what would not be possible with other solutions._
**Ebbe: Tell us a bit about why you chose HAProxy for load-balancing.**
**Johan: **Even though we use both open source and private source solutions for our network, I am a real ambassador for open source in our team. I think HAProxy is a perfect example of a great solution for a particular problem that can be adapted in unforeseen ways precisely because it is open sourced.
Ever since we started work developing our proxy network, I looked into using an open source solution for load-balancing. We tried Nginx and Squid, but we soon realized that HAProxy is an indisputable industry standard and the only option for our product.
**Ebbe: What made it exemplary?**
**Johan: **What Ive found with great open source software is that it must be constantly evolving, updated and managed. And in the case of HAProxy, we get minor updates every month. At first we liked the quick bug fixes. But now we jumped the waggon on the new major release, as it offered new features we were aching to implement.
Everyone knows that you do not update any working solutions until the last minute to make sure that early bugs are fixed, but good software [_offers features you cant resist_][3]. We trust it because it is transparent and has a strong community that has proven it can tackle most issues quickly.
**Ebbe: You mentioned the community, which often accompanies great open source solutions. Does it really have that much of an impact for your business?**
**Johan:** Of course. In terms of scale, everything pales in comparison to the community that HAProxy has mustered over the years. Every issue we encounter is usually solved or already escalated, and, as more and more companies use HAProxy, the community becomes vaster and more intelligent.
What weve found with other services we use, even enterprise solutions might not offer the freedom and flexibility we need. In our case, an active community is what makes it possible to adapt software in previously untested ways.
**Ebbe: What in particular does it let you do?**
**Johan: **Since we chose HAProxy to use in our network, we found that creating add-ons with Lua let us fully customize it to our own logic and integrate it with all of the other services that make the network work. This was extremely important, as we have a lot of services that need to work together, including some that are not open source.
Another great thing is that the community is always solving problems and bugs, so we do not really encounter stuff we couldnt handle. Over the years, Ive found that this is only possible for open source software.
What makes it a truly exceptional open source solution is the documentation. Even though Ive been working closely with HAProxy for over two years, I still find new things almost every month.
I know it sounds like a lot of praise, but I really love HAProxy for its resilience to our constant attempts to break it.
**Ebbe: What do you mean by break it?**
**Johan: **Originally, HAProxy works great as [_a load balancer for a couple of dozen servers_][4], usually 10 to 20. But, since our network is several orders of magnitude larger, weve constantly pushed it to its limits.
Its not uncommon for our HAProxy instances to load-balance over 10,000 servers, and we are certain that the original developers havent thought about optimizing it for these kind of loads. Due to this, it sometimes fails, but we are constantly optimizing our own solutions to make everything work. And, thanks to HAProxys developers and community, we are able to solve most of the issues we encounter easily.
**Ebbe: Doesnt this downtime impact your product negatively?**
**Johan: **First of all, our product would not work without HAProxy. At least not as successfully as it has over the years. As Ive said, all other solutions on the market are less optimized for what we do than HAProxy.
Also, breaking a service is nothing bad in and of itself. We always have backup services in place to handle the network. Testing in production is what we do for a simple reason: since we break the HAProxy so much, we cannot really test any updates before launching something on our network. We need the full scale of our network to run HAProxy instances and all the millions of servers to be available, and creating such a testing environment seems like a huge waste of resources.
**Ebbe: Do you have anything to add to the community of OpenSourceForU.com?**
**Johan: **My team and I want to thank everyone for supporting open source principles and making the world a better place!
--------------------------------------------------------------------------------
via: https://opensourceforu.com/2019/09/how-open-source-software-lets-us-push-it-to-the-limit/
作者:[Ebbe Kernel][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensourceforu.com/author/ebbe-kernel/
[b]: https://github.com/lujun9972
[1]: https://i2.wp.com/opensourceforu.com/wp-content/uploads/2017/07/developer-blog.jpg?resize=696%2C433&ssl=1 (text editor)
[2]: https://i2.wp.com/opensourceforu.com/wp-content/uploads/2017/07/developer-blog.jpg?fit=750%2C467&ssl=1
[3]: https://smartproxy.com/what-is-a-proxy
[4]: https://opensourceforu.com/2016/09/github-open-sources-internal-load-balancer/

89
sources/talk/20191003 Mobile App Security Tips to Secure Your Mobile Applications.md Normal file
View File

@ -0,0 +1,89 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Mobile App Security Tips to Secure Your Mobile Applications)
[#]: via: (https://opensourceforu.com/2019/10/mobile-app-security-tips-to-secure-your-mobile-applications/)
[#]: author: (Petr Kudlacek https://opensourceforu.com/author/petr-kudlacek/)
Mobile App Security Tips to Secure Your Mobile Applications
======
[![][1]][2]
 
_The world has become a mobile as every new and then the person has a smartphone in the hands with the Internet Connection. By using mobile devices, you can do everything online from the comfort of your home. You are allowed to do banking, tracking your health and control Internet of Things at home._
Today, the use of the mobile application is also increasing constantly as it is completely dominating mobile internet usage. As per the Flurry report, mobile applications account approximately 86% of the average U.S. mobile users time that amounts to more than two hours per day.
Moreover, applications that are obtainable through online app distributors like Google Play Store, Apples App Store and third-party marketplaces, are no doubting the dominant form of delivery value to users across the world.
*[![][3]][4]*Moreover, companies and organizations are embracing mobile applications as a great way to boost employees skills and productivity, agile with their new agile and mobile lifestyle. But do you know that whether these mobile apps are safe and secure and protected from any kind of virus?
**What to do to Secure Your Mobile App?**
If you have decided to develop an application or already have one, there are chances that you may ignore to consider how to secure your mobile application, your data, and your customers data. However, a mobile application comes with a good sanitation to make it work, but there is a software code itself, the business logic on the back-end network and the client side, databases.
Both are playing a significant role in the fabric of the apps security. All those companies that have mobile apps in a packed, competitive market, it is essential for them to have a robust security as it would be a big differentiator. In this post, we are going to mention some of the few tips for you to consider with mobile app security.
**Essential Tips to Secure Your Mobile Apps**
_Ensure that You Secure Your Network Connections On The Back-end_
Servers and cloud servers, which are accessing an apps API, need to have security measures in place in order to protect data and prevent unauthorized access. It is important that APIs and those accessing them need to be verified to prevent snooping on sensitive information passing from the client back to the applications server and database.
* If you want to securely store your data and important documents, containerization is one of the best methods of developing encrypted containers.
* You can get in touch with a professional network security analyst so that he can conduct a penetration testing and susceptibility assessments of your network to make sure that the right data is safe in the right ways.
* Today, the federation is the next-level security measure, which mainly spread resources across servers so that they are not all in one place, and separates main resources from users with encryption measures.
**Make Sure to Secure Transaction Regulate the Implementation of Risky Mobile Transactions**
Today, mobile applications allow users to easily manage with enterprise services on the go, so the risk lenience for transactions will differ. Therefore, it is essential for organizations to adopt an approach of risk-aware transaction execution, which restricts client-side functionality based on different policies that ponder mobile risk factors like user location, device security attributes and the security of the network connection.
Enterprise apps can easily leverage an enterprise mobile risk engine to associate risk factors like IP velocity accessing to the same account from two different locations, which are far apart over a short period even when client transactions are allowed.
It is one such approach that extends the enterprises ability to detect and respond to complex attacks which will span multiple interaction channels and outwardly unrelated security events.
**[![][5]][6]Securing the Data Stopping Data Theft and Leakage**
When mobile applications are accessing enterprise data, documents and unstructured information often stored on the device. Whenever the device is lost or data is shared with non-enterprise apps, the potential for data loss is heightened.
There are various enterprises that are already considering remote wipe capabilities to address taken or lost devices. Mobile data encryption can be easily used to secure data within the app sandbox against malware and other kinds of criminal access. When it comes to controlling the apps data sharing on the device, individual data elements can be encrypted and controlled.
**Testing Your Apps Software &amp; The Test Again**
It is important to test apps code in the app development process. As we all know that applications are being produced so rapidly that it should be an essential step in the process that falls to the wayside to speed up a time to market. At the time of testing functionality and usability, experts recommend testing for security whether their app is a native, hybrid or web app.
You can know the vulnerabilities in the code so that you can correct them before publishing your application on the web. There are some essential tips that you need to consider:
* Make sure to test thoroughly for verification and authorization, data security issues and session management.
* Penetration testing needs purposely searching a network or system for weaknesses.
* Emulators for operating systems, devices and browsers allow you to test how an application can perform in a simulated environment.
Today, mobile and mobile apps are increasingly where most of the users are; however, you will also find most of the hackers also there to seal your important and sensitive data and information. With creative mobile security strategy and an experienced mobile app developer, you can rapidly to threats and keep your app safer. Moreover, you consider above-mentioned tips as well for securing your mobile applications.
--------------------------------------------------------------------------------
via: https://opensourceforu.com/2019/10/mobile-app-security-tips-to-secure-your-mobile-applications/
作者:[Petr Kudlacek][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensourceforu.com/author/petr-kudlacek/
[b]: https://github.com/lujun9972
[1]: https://i0.wp.com/opensourceforu.com/wp-content/uploads/2019/10/MOHD3.png?resize=626%2C419&ssl=1 (MOHD3)
[2]: https://i0.wp.com/opensourceforu.com/wp-content/uploads/2019/10/MOHD3.png?fit=626%2C419&ssl=1
[3]: https://i0.wp.com/opensourceforu.com/wp-content/uploads/2019/10/MOHD1.png?resize=350%2C116&ssl=1
[4]: https://i0.wp.com/opensourceforu.com/wp-content/uploads/2019/10/MOHD1.png?ssl=1
[5]: https://i2.wp.com/opensourceforu.com/wp-content/uploads/2019/10/MOHD2.png?resize=350%2C233&ssl=1
[6]: https://i2.wp.com/opensourceforu.com/wp-content/uploads/2019/10/MOHD2.png?ssl=1

99
sources/talk/20191003 XMPP- A Communication Protocol for the IoT.md Normal file
View File

@ -0,0 +1,99 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (XMPP: A Communication Protocol for the IoT)
[#]: via: (https://opensourceforu.com/2019/10/xmpp-a-communication-protocol-for-the-iot/)
[#]: author: (Neetesh Mehrotra https://opensourceforu.com/author/neetesh-mehrotra/)
XMPP: A Communication Protocol for the IoT
======
[![][1]][2]
_Formerly developed by the Jabber open source community in 1999 (and initially known as Jabber), the Extensible Messaging and Presence Protocol (XMPP) is now widely used as a communication protocol. Based on Extensible Markup Language (XML), XMPP enables fast, near-real-time exchange of data between multiple entities on a network._
In contrast to most direct messaging protocols, XMPP is described in an open standard and uses an open systems approach of development and application, by which anyone may implement an XMPP service and interoperate with other organisations implementations. Since XMPP is an open set of rules, implementations can be developed using any software licence, and many server, client, and library XMPP implementations are distributed as free and open source software. Numerous freeware and commercial software implementations also exist.
**XMPP: An overview**
XMPP is an open set of rules for streaming XML elements in order to swap messages and presence information in close to real-time. The XMPP protocol is based on the typical client server architecture, in which the XMPP client uses the XMPP server with the TCP socket.
XMPP provides a general framework for messaging across a network, offering a multitude of applications beyond traditional instant messaging (IM) and the distribution of presence data. It enables the discovery of services residing locally or across a network, as well as finding out about the availability of these services.
XMPP is well-matched for cloud computing where virtual machines, networks and firewalls would otherwise present obstacles to alternative service discovery and presence-based solutions. Cloud computing and storage systems rely on diverse forms of communication over multiple levels, including not only messaging between systems to relay state but also the migration of the distribution of larger objects, like storage or virtual machines. Along with validation and in-transit data protection, XMPP can be useful at many levels and may prove ideal as an extensible middleware or a message-oriented middleware (MOM) protocol.
![Figure 1: XMPP IM conversation][3]
**Comparisons with MQTT**
Given below are a few comparisons between the XMPP and MQTT protocols.
* MQTT is a lightweight publisher/subscriber protocol, which makes it a clear choice when implementing M2M on memory-constrained devices.
* MQTT does not define a message format; with XMPP you can define the message format and get structured data from devices. The defined structure helps validate messages, making it easier to handle and understand data coming from these connected devices.
* XMPP builds a devices identity (also called a Jabber ID). In MQTT, identities are created and managed separately in broker implementations.
* XMPP supports federation, which means that devices from different manufacturers connected to different platforms can talk to each other with a standard communication protocol.
* MQTT has different levels of quality of service. This flexibility is not available in XMPP.
* MQTT deployments become difficult to manage when the number of devices increases, while XMPP scales very easily.
**The pros and cons of XMPP**
_**Pros**_
* Addressing scheme to recognise devices on the network
* Client-server architecture
* Decentralised
* Flexible
* Open standards and formalised
_**Cons**_
* Text-based messaging and no provision for end-to-end encryption
* No provision for quality of service
* The data flow is usually more than 70 per cent of the XMPP protocol server, of which nearly 60 per cent is repeated; the XMPP protocol has a large overhead of data to multiple recipients
* Absence of binary data
* Limited scope for stability
![Figure 2: XML stream establishment][4]
**How the XMPP protocol manages communication between an XMPP client and server**
The features of the XMPP protocol that impact communication between the XMPP client and the XMPP server are described in Figure 1.
Figure 2 depicts an XML message swap between client Mike and server Ollie.org.
* XMPP uses Port 5222 for the client to server (C2S) communication.
* It utilises Port 5269 for server to server (S2S) communication.
* Discovery and XML streams are used for S2S and C2S communication.
* XMPP uses security mechanisms such as TLS (Transport Layer Security) and SASL (Simple Authentication and Security Layer).
* There are no in-between servers for federation, unlike e-mail.
Direct messaging is used as a method for immediate message transmission to and reception from online users (Figure 3).
![Figure 3: Client server communication][5]
**XMPP via HTTP**
As an alternative to the TCP protocol, XMPP can be used with HTTP in two ways: polling and binding. The polling method, now deprecated, essentially implies that messages stored on a server-side database are acquired by an XMPP client by way of HTTP GET and POST requests. Binding methods are applied using bi-directional streams over synchronous HTTP permit servers to push messages to clients as soon as they are sent. This push model of notification is more efficient than polling, wherein many of the polls return no new data.
XMPP provides a lot of support for communication, making it well suited for use within the realm of the Internet of Things.
--------------------------------------------------------------------------------
via: https://opensourceforu.com/2019/10/xmpp-a-communication-protocol-for-the-iot/
作者:[Neetesh Mehrotra][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensourceforu.com/author/neetesh-mehrotra/
[b]: https://github.com/lujun9972
[1]: https://i2.wp.com/opensourceforu.com/wp-content/uploads/2017/06/IoT-Connecting-all-apps.jpg?resize=696%2C592&ssl=1 (IoT Connecting all apps)
[2]: https://i2.wp.com/opensourceforu.com/wp-content/uploads/2017/06/IoT-Connecting-all-apps.jpg?fit=1675%2C1425&ssl=1
[3]: https://i0.wp.com/opensourceforu.com/wp-content/uploads/2019/10/Figure-1-XMPP-IM-conversation.jpg?resize=261%2C287&ssl=1
[4]: https://i0.wp.com/opensourceforu.com/wp-content/uploads/2019/10/Figure-2-XML-stream-establishment-350x276.jpg?resize=350%2C276&ssl=1
[5]: https://i2.wp.com/opensourceforu.com/wp-content/uploads/2019/10/Figure-3-Client-server-communication.jpg?resize=350%2C146&ssl=1

62
sources/talk/20191004 DARPA looks for new NICs to speed up networks.md Normal file
View File

@ -0,0 +1,62 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (DARPA looks for new NICs to speed up networks)
[#]: via: (https://www.networkworld.com/article/3443046/darpa-looks-for-new-nics-to-speed-up-networks.html)
[#]: author: (Andy Patrizio https://www.networkworld.com/author/Andy-Patrizio/)
DARPA looks for new NICs to speed up networks
======
The creator of the Internet now looks to speed it up by unclogging network bottlenecks.
RVLsoft / Shulz / Getty Images
The government agency that gave us the Internet 50 years ago is now looking to drastically increase network speed to address bottlenecks and chokepoints for compute-intensive applications.
The Defense Advanced Research Projects Agency (DARPA), an arm of the Pentagon, has unveiled a computing initiative, one of many, that will attempt to overhaul the network stack and interfaces that cannot keep up with high-end processors and are often the choke point for data-driven applications.
[[Get regularly scheduled insights by signing up for Network World newsletters. ]][1]
The DARPA initiative, Fast Network Interface Cards, or FastNICs, aims to boost network performance by a factor of 100 through a clean-slate transformation of the network stack from the application to the system software layers running on top of steadily faster hardware. DARPA is soliciting proposals from networking vendors. .
**[ [Get certified as an Apple Technical Coordinator with this seven-part online course from PluralSight.][2] ]**
“The true bottleneck for processor throughput is the network interface used to connect a machine to an external network, such as an Ethernet, therefore severely limiting a processors data ingest capability,” said Dr. Jonathan Smith, a program manager in DARPAs Information Innovation Office (I2O) in a statement.
“Today, network throughput on state-of-the-art technology is about 1014 bits per second (bps) and data is processed in aggregate at about 1014 bps. Current stacks deliver only about 1010 to 1011 bps application throughputs,” he added.
Advertisement
Many other elements of server design have seen leaps in performance, like memory, meshes, NVMe-over-Fabric, and PCI Express, but networking speed has been something of a laggard, getting minor bumps in speed and throughput by comparison. The fact is were still using Ethernet as our network protocol 56 years after Bob Metcalf invented it at Xerox PARC.
So DARPAs program managers are using an approach that reworks existing network architectures. The FastNICs programs will select a challenge application and provide it with the hardware support it needs, operating system software, and application interfaces that will enable an overall system acceleration that comes from having faster NICs.
Researchers will design, implement, and demonstrate 10 Tbps network interface hardware using existing or road-mapped hardware interfaces. The hardware solutions must attach to servers via one or more industry-standard interface points, such as I/O buses, multiprocessor interconnection networks and memory slots to support the rapid transition of FastNICs technology.
“It starts with the hardware; if you cannot get that right, you are stuck. Software cant make things faster than the physical layer will allow so we have to first change the physical layer,” said Smith.
The next step would be developing system software to manage FastNICs hardware. The open-source software based on at least one open-source OS would enable faster, parallel data transfer between network hardware and applications.
Details on the proposal can be found [here][3].
Join the Network World communities on [Facebook][4] and [LinkedIn][5] to comment on topics that are top of mind.
--------------------------------------------------------------------------------
via: https://www.networkworld.com/article/3443046/darpa-looks-for-new-nics-to-speed-up-networks.html
作者:[Andy Patrizio][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.networkworld.com/author/Andy-Patrizio/
[b]: https://github.com/lujun9972
[1]: https://www.networkworld.com/newsletters/signup.html
[2]: https://pluralsight.pxf.io/c/321564/424552/7490?u=https%3A%2F%2Fwww.pluralsight.com%2Fpaths%2Fapple-certified-technical-trainer-10-11
[3]: https://www.fbo.gov/index?s=opportunity&mode=form&id=fb5cfba969669de12025ff1ce2c99935&tab=core&_cview=1
[4]: https://www.facebook.com/NetworkWorld/
[5]: https://www.linkedin.com/company/network-world

62
sources/talk/20191004 Quantum computing, the open source way.md Normal file
View File

@ -0,0 +1,62 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Quantum computing, the open source way)
[#]: via: (https://opensource.com/article/19/10/open-source-quantum-future)
[#]: author: (Jaouhari Youssef https://opensource.com/users/jaouhari)
Quantum computing, the open source way
======
Quantum computing is promising, provided we overcome hurdles preventing
it from moving deeper into the real world.
![A circuit design in lights][1]
The quantum vision of reality is both strange and mesmerizing at the same time. As theoretical physicist [Michio Kaku][2] once said, "Common sense has no place in quantum mechanics."
Knowing this is a new and uncommon place, we can expect quantum innovations to surpass anything we have seen before. The theory behind it will enable as-yet-unseen capabilities, but there are also some hurdles that are slowing it from being unleashed into the real world.
By using the concepts of entanglement and superposition on quantum bits, a quantum computer can solve some problems faster than a classical computer. For example, quantum computers are useful for solving [NP-hard][3] problems, such as the [Boolean satisfiability problem][4], known as the SAT problem. Using [Grover's algorithm][5], the complexity of the evaluation of a boolean proposition of **$n$** variables goes down from **$O(n2^{n})$** to **$O(n2^{n/2})$** by applying its quantum version.
An even more interesting more problem quantum computing can solve is the [BernsteinVazirani problem][6], where given a function **$f$**, such as **$f(x)=x.s=x_{1}s_{1} + x_{2}s_{2} + x_{3}s_{3} + ... x_{n}s_{n}$**, you have to find **$s$**. While the classical solution requires **$n$** queries to find the solution, the quantum version requires only one query.
Quantum computing is very valuable for security issues. One interesting riddle it answers is: How can two communicating parties share a key to encrypt and decrypt their messages without any third party stealing it?
A valid answer would use [quantum key distribution][7], which is a method of communication that implements cryptographic protocols that involve quantum mechanics. This method relies on a quantum principle that "the measurement of a system generally disturbs it." Knowing that a third party measuring the quantum state would disturb the system, the two communicating parties can thereby know if a communication is secure by establishing a threshold for eavesdropping. This method is used for securing bank transfers in China and transferring ballot results in Switzerland.
However, there are some serious hurdles to the progress of quantum computing to meet the requirements for industrial-scale use and deployment. First, quantum computers operate at temperatures near absolute zero since any heat in the system can introduce errors. Second, there is a scalability issue for quantum chipsets. Knowing that there are chips in the order of 1,000 qubits, expanding to millions or billions of qubits for fully fault-tolerant systems, error-corrected algorithms will require significant work.
The best way to tackle real-life problems with quantum solutions is to use a hybridization of classic and quantum algorithms using quantum hardware. This way, the part of the problem that can be solved faster using a quantum algorithm can be transferred to a quantum computer for processing. One example would be using a quantum support vector machine for solving a classification problem, where the matrix-exponentiation task is handled by the quantum computer.
The [Quantum Open Source Foundation][8] is an initiative to support the development of open source tools for quantum computing. Its goal is to expand the role of open source software in quantum computing, focusing on using current or near-term quantum computing technologies. The foundation also offers links to open courses, papers, videos, development tools, and blogs about quantum computing.
The foundation also supports [OQS-OpenSSH][9], an interesting project that concerns quantum cryptography. The project aims to construct a public-key cryptosystem that will be safe even against quantum computing. Since it is still under development, using hybrid-cryptography, with both quantum-safe public key and classic public-key algorithms, is recommended.
A fun way to learn about quantum computing is by playing [Entanglion][10], a two-player game made by IBM Research. The goal is to rebuild a quantum computer from scratch. The game is very instructive and could be a great way to introduce youth to the quantum world.
All in all, the mysteries of the quantum world haven't stopped amazing us, and they will surely continue into the future. The most exciting parts are yet to come!
--------------------------------------------------------------------------------
via: https://opensource.com/article/19/10/open-source-quantum-future
作者:[Jaouhari Youssef][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/jaouhari
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/adi-goldstein-eusvweosble-unsplash.jpg?itok=8shMsRyC (Circuit design)
[2]: https://en.wikipedia.org/wiki/Michio_Kaku
[3]: https://en.wikipedia.org/wiki/NP-hardness
[4]: https://en.wikipedia.org/wiki/Boolean_satisfiability_problem
[5]: https://en.wikipedia.org/wiki/Grover%27s_algorithm
[6]: https://en.wikipedia.org/wiki/Bernstein%E2%80%93Vazirani_algorithm
[7]: https://en.wikipedia.org/wiki/Quantum_key_distribution
[8]: https://qosf.org/
[9]: https://github.com/open-quantum-safe/openssh-portable
[10]: https://github.com/Entanglion/entanglion

130
sources/talk/20191004 Secure Access Service Edge (SASE)- A reflection of our times.md Normal file
View File

@ -0,0 +1,130 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Secure Access Service Edge (SASE): A reflection of our times)
[#]: via: (https://www.networkworld.com/article/3442941/secure-access-service-edge-sase-a-reflection-of-our-times.html)
[#]: author: (Matt Conran https://www.networkworld.com/author/Matt-Conran/)
Secure Access Service Edge (SASE): A reflection of our times
======
Gartner makes the claim that the shift to SASE will make obsolete existing networking and security models.
RVLsoft / Shulz / Getty Images
Theres a buzz in the industry about a new type of product that promises to change the way we secure and network our organizations. It is called the Secure Access Service Edge (SASE). It was first mentioned by Gartner, Inc. in its hype cycle for networking. Since then Barracuda highlighted SASE in a recent [PR update][1] and Zscaler also discussed it in their [earnings call][2]. Most recently, [Cato Networks][3] announced that it was mentioned by Gartner as a “sample vendor” in the hype cycle.
Today, the enterprises have upgraded their portfolio and as a consequence, the ramifications of the network also need to be enhanced. What we are witnessing is cloud, mobility, and edge, which has resulted in increased pressure on the legacy network and security architecture. Enterprises are transitioning all users, applications, and data located on-premise, to a heavy reliance on the cloud, edge applications, and a dispersed mobile workforce.  
### Our technologies must evolve
Digital transformation improves agility and competitiveness. However, at the same time, it impacts the way we connect and secure these connections. Therefore, as the landscape evolves must our technologies. In such a scenario, the introduction of a SASE is a reflection of this change.
[][4]
BrandPost Sponsored by HPE
[Take the Intelligent Route with Consumption-Based Storage][4]
Combine the agility and economics of HPE storage with HPE GreenLake and run your IT department with efficiency.
The new SASE category converges the capabilities of WAN with network security to support the needs of the digital enterprise. Some of these disparate networks and security services include SD-WAN, secure web gateway, CASB, software-defined perimeter, DNS protection, and firewall-as-a-service.
Today, there are a number of devices that should be folded into a converged single software stack. There should be a fabric wherein all the network and security functionality can be controlled centrally.
Advertisement
### SD-WAN forms part of the picture
The hardest thing is to accept what we have been doing in the past is not the best way forward for our organizations. The traditional methods to protect the mobile, cloud assets and sites are no longer the optimum way to support today's digital environment. Gartner claims that the shift to SASE will make the existing networking and security models obsolete.
Essentially, SASE is not just about offering SD-WAN services. SD-WAN is just a part of the much bigger story since it doesn't address all the problems. For this, you need to support a full range of capabilities. This means you must support mobile users and cloud resources (from anywhere), in a way that doesn't require backhauling. 
**[ Related: [MPLS explained What you need to know about multi-protocol label switching][5]**
Security should be embedded into the network which some SD-WAN vendors do not offer. Therefore, I could sense SASE saying that SD-WAN alone is insufficient.
### An overview of the SASE requirements
Primarily, to provide secure access in this new era and to meet the operational requirements will involve relying heavily on cloud-based services. This is contrary to a collection of on-premise network and security devices.
Whereas, to be SASE enabled, the network and security domain should be folded in a cloud-native approach to networking and security. This provides significant support for all types of edges**.**
To offer SASE services you need to fulfill a number of requirements:
1. The convergence of WAN edge and network security models
2. Cloud-native, cloud-based service delivery
3. A network designed for all edges
4. Identity and network location
### 1\. The convergence of WAN edge and network security models
Firstly, it requires the convergence of the WAN edge and network security models. Why? It is because the customer demands simplicity, scalability, low latency and pervasive security which drive the requirement for the convergence of these models.
So, we have a couple of options. One may opt to service the chain appliances; physical or virtual. Although this option does shorten the time to market but it will also result in inconsistent services, poor manageability, and high latency.
Keep in mind the service insertion fragments as it makes two separate domains. There are two different entities that are being managed by limiting visibility. Service chaining solutions for Gartner is not SASE.
The approach is to converge both networking and security into the cloud. This creates a global and cloud-native architecture that connects and secures all the locations, cloud resources, and mobile users everywhere.
SASE offerings will be purpose-built for scale-out, cloud-native, and cloud-based delivery. This will notably optimize the solution to deliver low latency services.
You need a cloud-native architecture to achieve the milestone of economy and agility. To deliver maximum flexibility with the lowest latency and resource requirements, cloud-native single-pass architecture is a very significant advantage.
### 2\. Cloud-native, cloud-based service delivery
Edge applications are latency sensitive. Hence, these require networking and security to be delivered in a distributed manner which is close to the endpoint. Edge is the new cloud that requires a paradigm shift to what cloud-based providers offer with a limited set of PoP.
The geographical footprint is critical and to effectively support these edge applications requires a cloud-delivery-based approach. Such an approach favors providers with many points of presence. Since the users are global, so you must have global operations.
It is not sufficient to offer a SASE service built solely on a hyper-scale. This limits the providers with the number of points of presence. You need to deliver where the customers are and to do this, you need a global footprint and the ability to instantiate a PoP in response to the customer demands.
### 3\. A network designed for all edges
The proliferation of the mobile workforce requires SASE services to connect with more than just sites. For this, you need to have an agent-based capability that should be managed as a cloud service.
In plain words, SASE offerings that rely on the on-premises, box-oriented delivery model, or a limited number of cloud points of presence (without agent-based capability), will be unable to meet the requirements of an increasingly mobile workforce and the emerging latency-sensitive applications.
### 4\. Identity and network location
Lets face it, now there are new demands on networks emerging from a variety of sources. This results in increased pressure on the traditional network and security architectures. Digital transformation and the adoption of mobile, cloud and edge deployment models, accompanied by the change in traffic patterns, make it imperative to rethink the place of legacy enterprise networks. 
To support these changes, we must reassess how we view the traditional data center. We must evaluate the way we use IP addresses as an anchor for the network location and security enforcement. Please keep in mind that anything tied to an IP address is useless as it does not provide a valid hook for network and security policy enforcement. This is often referred to as the IP address conundrum.
SASE is the ability to deliver network experience with the right level of security access. This access is based on the identity and real-time condition that is in accordance with company policy. Fundamentally, the traffic can be routed and prioritized in certain ways. This allows you to customize your level of security. For example, the user will get a different experience from a different location or device type. All policies are tied to the user identity and not based on the IP address. 
Finally, the legacy data center should no longer be considered as the center of network architecture. The new center of secure access networking design is the identity with a policy that follows regardless. Identities can be associated with people, devices, IoT or edge computing locations.
### A new market category
The introduction of the new market category SASE is a reflection of our current times. Technologies have changed considerably. The cloud, mobility, and edge have put increased pressure on the legacy network and network security architectures. Therefore, for some use cases, SASE will make the existing models obsolete.
For me, this is an exciting time to see a new market category and I will track this thoroughly with future posts. As we are in the early stages, there will be a lot of marketing buzz. My recommendation would be to line up who says they are claiming/mentioning SASE against the criteria set out in this post and see who does what.
**This article is published as part of the IDG Contributor Network. [Want to Join?][6]**
Join the Network World communities on [Facebook][7] and [LinkedIn][8] to comment on topics that are top of mind.
--------------------------------------------------------------------------------
via: https://www.networkworld.com/article/3442941/secure-access-service-edge-sase-a-reflection-of-our-times.html
作者:[Matt Conran][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.networkworld.com/author/Matt-Conran/
[b]: https://github.com/lujun9972
[1]: http://www.backupreview.info/2019/09/11/new-release-of-barracuda-cloudgen-firewall-automates-and-secures-enterprise-migrations-to-public-cloud/
[2]: https://seekingalpha.com/article/4290853-zscaler-inc-zs-ceo-jay-chaudhry-q4-2019-results-earnings-call-transcript
[3]: https://www.catonetworks.com/news/cato-networks-listed-for-sase-category-in-the-gartner-hype-cycle-2019
[4]: https://www.networkworld.com/article/3440100/take-the-intelligent-route-with-consumption-based-storage.html?utm_source=IDG&utm_medium=promotions&utm_campaign=HPE20773&utm_content=sidebar ( Take the Intelligent Route with Consumption-Based Storage)
[5]: https://www.networkworld.com/article/2297171/sd-wan/network-security-mpls-explained.html
[6]: https://www.networkworld.com/contributor-network/signup.html
[7]: https://www.facebook.com/NetworkWorld/
[8]: https://www.linkedin.com/company/network-world

198
sources/talk/20191004 What-s in an open source name.md Normal file
View File

@ -0,0 +1,198 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (What's in an open source name?)
[#]: via: (https://opensource.com/article/19/10/open-source-name-origins)
[#]: author: (Joshua Allen Holm https://opensource.com/users/holmja)
What's in an open source name?
======
Ever wonder where the names of your favorite open source projects or
programming languages came from? Get the origin stories behind popular
tech nomenclature from A to Z.
![A person writing.][1]
GNOME, Java, Jupyter, Python. If your friends or family members have ever eavesdropped on your work conversations, they might think you've made a career in Renaissance folklore, coffee roasting, astronomy, or zoology. Where did the names of these open source technologies come from? We asked our writer community for input and rounded up some of our favorite tech name origin stories.
### Ansible
The name "Ansible" is lifted directly from science fiction. Ursula Le Guin's book _Rocannon's World_ had devices allowing instantaneous (faster than light) communication called ansibles (derived, apparently, from the word "answerable"). Ansibles became a staple of science fiction, including in Orson Scott Card's _Ender's Game_ (which later became a popular film), where the device controlled many remote space ships. This seemed to be a good model for software that controls distributed machines, so Michael DeHaan (creator and founder of Ansible) borrowed the name.
### Apache
[Apache][2] is an open source web server that was originally released in 1995. Its name is not related to the famous Native American tribe; it instead refers to the repeated patches to its original software code. Hence, "A-patchy server."
### awk
"awk(1) Stands for Aho, Weinberger, Kernighan (authors)" —Michael Greenberg
### Bash
"The original Unix shell, the Bourne shell, was named after its creator. At the time Bash was being developed, csh (pronounced 'seashell') was actually more popular for interactive user logins. The Bash project aimed to give new life to the Bourne shell by making it more suitable for interactive use, thus it was named the 'Bourne again shell,' a pun on 'born again.'" —Ken Gaillot
### C
"In early days, Ken Thompson and Dennis Ritchie at AT&amp;T found it interesting that you could use a higher-level programming language (instead of low-level and less-portable assembly programming) to write operating systems and tools. There was an early programming system called BCPL (Basic Combined Programming Language), and Thompson created a stripped-down version of BCPL called B. But B wasn't very flexible or fast. Ritchie then took the ideas of B and expanded it into a compiled language called C." —Jim Hall
### dd
"I don't think you can publish such an article without mentioning dd. My nickname is Didi. Correctly pronounced, it sounds like 'dd.' I first learned Unix, and then Linux, in 1993 as a student. Then I went to the army, arrived to one of the very few sections in my unit that used Unix (Ultrix) (the rest were mainly VMS), and one of the people there said: 'So, you are a hacker, right? You think you know Unix? OK, so what's the reason for the name dd?' I had no idea and tried to guess: "Data duplicator?" So he said, 'I'll tell you the story of dd. dd is short for _convert and copy_ (as anyone can still see today on the manpage), but since cc was already taken by the c compiler, it was named dd.' Only years later, I heard the true story about JCL's data definition and the non-uniform, semi-joking syntax for the Unix dd command somewhat being based on it." —Yedidyah Bar David
### Emacs
The classic anti-vi editor, the true etymology of the name is unremarkable, in that it derives from "Editing MACroS." Being an object of great religious opprobrium and worship it has, however, attracted many spoof bacronyms such as "Escape Meta Alt Control Shift" (to spoof its heavy reliance on keystrokes), "Eight Megabytes And Constantly Swapping" (from when that was a lot of memory), "Eventually malloc()s All Computer Storage," and "EMACS Makes A Computer Slow." —Adapted from the Jargon File/Hacker's Dictionary
### Enarx
[Enarx][3] is a new project in the confidential computing space. One of the project's design principles was that it should be "fungible." so an initial name was "psilocybin" (the famed magic mushroom). The general feeling was that manager types would probably be resistant, so new names were considered. The project's two founders, Mike Bursell and Nathaniel McCallum, are both ancient language geeks, so they considered lots of different ideas, including тайна (Tayna—Russian for secret or mystery—although Russian, admittedly, is not ancient, but hey), crypticon (total bastardization of Greek), cryptidion (Greek for small secret place), arcanus (Latin masculine adjective for secret), arcanum (Latin neuter adjective for secret), and ærn (Anglo-Saxon for place, secret place, closet, habitation, house, or cottage). In the end, for various reasons, including the availability of domains and GitHub project names, they settled on enarx, a combination of two Latin roots: en- (meaning within) and -arx (meaning citadel, stronghold, or fortress).
### GIMP
Where would we be without [GIMP][4]? The GNU Image Manipulation Project has been an open source staple for many years. [Wikipedia][5] states, "In 1995, [Spencer Kimball][6] and [Peter Mattis][7] began developing GIMP as a semester-long project at the University of California, Berkeley, for the eXperimental Computing Facility."
### GNOME
Have you ever wondered why GNOME is called GNOME? According to [Wikipedia][8], GNOME was originally an acronym that represented the "GNU Network Object Model Environment." Now that name no longer represents the project and has been dropped, but the name has stayed. [GNOME 3][9] is the default desktop environment for Fedora, Red Hat Enterprise, Ubuntu, Debian, SUSE Linux Enterprise, and more.
### Java
Can you imagine this programming language being named anything else? Java was originally called Oak, but alas, the legal team at Sun Microsystems vetoed that name due to its existing trademark. So it was back to the drawing board for the development team. [Legend has it][10] that a massive brainstorm was held by the language's working group in January 1995. Lots of other names were tossed around including Silk, DNA, WebDancer, and so on. The team did not want the new name to have anything to do with the overused terms, "web" or "net." Instead, they were searching for something more dynamic, fun, and easy to remember. Java met the requirements and miraculously, the team agreed!
### Jupyter
Many of today's data scientists and students use [Jupyter][11] notebooks in their work. The name Jupyter is an amalgamation of three open source computer languages that are used in the notebooks and prominent in data science: [Julia][12], [Python][13], and [R][14].
### Kubernetes
Kubernetes is derived from the Greek word for helmsman. This etymology was corroborated in a [2015 Hacker News][15] response by a Kubernetes project founder, Craig McLuckie. Wanting to stick with the nautical theme, he explained that the technology drives containers, much like a helmsman or pilot drives a container ship. Thus, Kubernetes was the chosen name. Many of us are still trying to get the pronunciation right (koo-bur-NET-eez), so K8s is an acceptable substitute. Interestingly, it shares its etymology with the English word "governor," so has that in common with the mechanical negative-feedback device on steam engines.
### KDE
What about the K desktop? KDE originally represented the "Kool Desktop Environment." It was founded in 1996 by [Matthias Ettrich][16]. According to [Wikipedia][17], the name was a play on the words [Common Desktop Environment][18] (CDE) on Unix.
### Linux
[Linux][19] was named for its inventor, Linus Torvalds. Linus originally wanted to name his creation "Freax" as he thought that naming the creation after himself was too egotistical. According to [Wikipedia][19], "Ari Lemmke, Torvalds' coworker at the Helsinki University of Technology, who was one of the volunteer administrators for the FTP server at the time, did not think that 'Freax' was a good name. So, he named the project 'Linux' on the server without consulting Torvalds."
Following are some of the most popular Linux distributions.
#### CentOS
[CentOS][20] is an acronym for Community Enterprise Operating System. It contains the upstream packages from Red Hat Enterprise Linux.
#### Debian
[Debian][21] Linux, founded in September 1993, is a portmanteau of its founder, Ian Murdock, and his then-girlfriend Debra Lynn.
#### RHEL
[Red Hat Linux][22] got its name from its founder Marc Ewing, who wore a red Cornell University fedora given to him by his grandfather. Red Hat was founded on March 26, 1993. [Fedora Linux][23] began as a volunteer project to provide extra software for the Red Hat distribution and got its name from Red Hat's "Shadowman" logo.
#### Ubuntu
[Ubuntu][24] aims to share open source widely and is named after the African philosophy of ubuntu, which can be translated as "humanity to others" or "I am what I am because of who we all are."
### Moodle
The open source learning platform [Moodle][25] is an acronym for "modular object-oriented dynamic learning environment." Moodle continues to be a leading platform for e-learning. There are nearly 104,000 registered Moodle sites worldwide.
Two other popular open source content management systems are Drupal and Joomla. Drupal's name comes from the Dutch word for "druppel" which means "drop." Joomla is an [anglicized spelling][26] of the Swahili word "jumla," which means "all together" in Arabic, Urdu, and other languages, according to Wikipedia.
### Mozilla
[Mozilla][27] is an open source software community founded in 1998. According to its website, "The Mozilla project was created in 1998 with the release of the Netscape browser suite source code. It was intended to harness the creative power of thousands of programmers on the internet and fuel unprecedented levels of innovation in the browser market." The name was a portmanteau of [Mosaic][28] and Godzilla.
### Nginx
"Many tech people try to be cool and say it 'n' 'g' 'n' 'x'. Few actually did the basic actions of researching a bit more to find out very quickly that the name is actually supposed to be said as 'EngineX,' in reference to the powerful web server, like an engine." —Jean Sebastien Tougne
### Perl
Perl's founder Larry Wall originally named his project "Pearl." According to Wikipedia, Wall wanted to give the language a short name with positive connotations. Wall discovered the existing [PEARL][29] programming language before Perl's official release and changed the spelling of the name.
### Piet and Mondrian
"There are two programming language named after the artist Piet Mondrian. One is called 'Piet' and the other 'Mondrian.' [David Morgan-Mar [writes][30]]: 'Piet is a programming language in which programs look like abstract paintings. The language is named after Piet Mondrian, who pioneered the field of geometric abstract art. I would have liked to call the language Mondrian, but someone beat me to it with a rather mundane-looking scripting language. Oh well, we can't all be esoteric language writers, I suppose.'" —Yuval Lifshitz
### Python
The Python programming language received its unique name from its creator, Guido Van Rossum, who was a fan of the comedy group Monty Python.
### Raspberry Pi
Known for its tiny-but-mighty capabilities and wallet-friendly price tag, the Raspberry Pi is a favorite in the open source community. But where did its endearing (and yummy) name come from? In the '70s and '80s, it was a popular trend to name computers after fruit. Apple, Tangerine, Apricot... anyone getting hungry? According to a [2012 interview][31] with founder Eben Upton, the name "Raspberry Pi" is a nod to that trend. Raspberries are also tiny in size, yet mighty in flavor. The "Pi" in the name alludes to the fact that, originally, the computer could only run Python.
### Samba
[Server Message Block][32] for sharing Windows files on Linux.
### ScummVM
[ScummVM][33] (Script Creation Utility for Maniac Mansion Virtual Machine) is a program that makes it possible to run some classic computer adventure games on a modern computer. Originally, it was designed to play LucasArts adventure games that were built using SCUMM, which was originally used to develop Maniac Mansion before being used to develop most of LucasArts's other adventure games. Currently, ScummVM supports a large number of game engines, including Sierra Online's AGI and SCI, but still retains the name ScummVM. A related project, [ResidualVM][34], got its name because it covers the "residual" LucasArts adventure games not covered by ScummVM. The LucasArts games covered by ResidualVM were developed using GrimE (Grim Engine), which was first used to develop Grim Fandango, so the ResidualVM name is a double pun.
### SQL
"You may know [SQL] stands for Structured Query Language, but do you know why it's often pronounced 'sequel'? It was created as a follow-up (i.e. sequel) to the original 'QUEL' (QUEry Language)." —Ken Gaillot
### XFCE
[XFCE][35] is a popular desktop founded by [Olivier Fourdan][36]. It began as an alternative to CDE in 1996 and its name was originally an acronym for XForms Common Environment.
### Zsh
Zsh is an interactive login shell. In 1990, the first version of the shell was written by Princeton student Paul Falstad. He named it after seeing the login ID of Zhong Sha (zsh), then a teaching assistant at Princeton, and thought that it sounded like a [good name for a shell][37].
There are many more projects and names that we have not included in this list. Be sure to share your favorites in the comments.
--------------------------------------------------------------------------------
via: https://opensource.com/article/19/10/open-source-name-origins
作者:[Joshua Allen Holm][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/holmja
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/rh_003784_02_os.comcareers_resume_rh1x.png?itok=S3HGxi6E (A person writing.)
[2]: https://httpd.apache.org/
[3]: https://enarx.io
[4]: https://www.gimp.org/
[5]: https://en.wikipedia.org/wiki/GIMP
[6]: https://en.wikipedia.org/wiki/Spencer_Kimball_(computer_programmer)
[7]: https://en.wikipedia.org/wiki/Peter_Mattis
[8]: https://en.wikipedia.org/wiki/GNOME
[9]: https://www.gnome.org/gnome-3/
[10]: https://www.javaworld.com/article/2077265/so-why-did-they-decide-to-call-it-java-.html
[11]: https://jupyter.org/
[12]: https://julialang.org/
[13]: https://www.python.org/
[14]: https://www.r-project.org/
[15]: https://news.ycombinator.com/item?id=9653797
[16]: https://en.wikipedia.org/wiki/Matthias_Ettrich
[17]: https://en.wikipedia.org/wiki/KDE
[18]: https://sourceforge.net/projects/cdesktopenv/
[19]: https://en.wikipedia.org/wiki/Linux
[20]: https://www.centos.org/
[21]: https://www.debian.org/
[22]: https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux
[23]: https://getfedora.org/
[24]: https://ubuntu.com/about
[25]: https://moodle.org/
[26]: https://en.wikipedia.org/wiki/Joomla#Historical_background
[27]: https://www.mozilla.org/en-US/
[28]: https://en.wikipedia.org/wiki/Mosaic_(web_browser)
[29]: https://en.wikipedia.org/wiki/PEARL_(programming_language)
[30]: http://www.dangermouse.net/esoteric/piet.html
[31]: https://www.techspot.com/article/531-eben-upton-interview/
[32]: https://www.samba.org/
[33]: https://www.scummvm.org/
[34]: https://www.residualvm.org/
[35]: https://www.xfce.org/
[36]: https://en.wikipedia.org/wiki/Olivier_Fourdan
[37]: http://www.zsh.org/mla/users/2005/msg00951.html

4
sources/tech/20180706 Building a Messenger App- OAuth.md
View File

@ -1,5 +1,5 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: translator: (PsiACE)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
@ -436,7 +436,7 @@ via: https://nicolasparada.netlify.com/posts/go-messenger-oauth/
作者:[Nicolás Parada][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
译者:[PsiACE](https://github.com/PsiACE)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出

2
sources/tech/20190925 Mirror your Android screen on your computer with Guiscrcpy.md
View File

@ -1,5 +1,5 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: translator: (amwps290)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )

72
sources/tech/20190930 Cacoo- A Lightweight Online Tool for Modelling AWS Architecture.md Normal file
View File

@ -0,0 +1,72 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Cacoo: A Lightweight Online Tool for Modelling AWS Architecture)
[#]: via: (https://opensourceforu.com/2019/09/cacoo-a-lightweight-online-tool-for-modelling-aws-architecture/)
[#]: author: (Magesh Kasthuri https://opensourceforu.com/author/magesh-kasthuri/)
Cacoo: A Lightweight Online Tool for Modelling AWS Architecture
======
[![AWS][1]][2]
_Cacoo is a simple and efficient online tool that can be used to model diagrams for AWS architecture. It is not specific to AWS architecture and can be used for UML modelling, cloud architecture for GCP, Azure, network architecture, etc. However, this open source tool is one of the most efficient in architecture modelling for AWS solutions._
For a cloud architect, representing the solutions design as an architecture diagram is much more helpful in explaining the details visually to target audiences like the IT manager, the development team, business stakeholders and the application owner. Though there are many tools like Sparkx Enterprise Architect, Rational Software Modeler and Visual Paradigm, to name a few, these are not so sophisticated and flexible enough for cloud architecture modelling. Cacoo is an advanced and lightweight tool that has many features to support AWS cloud modelling, as can be seen in Figures 1 and 2.
![Figure 1: Template options for AWS architecture diagram][3]
![Figure 2: Sample AWS architecture diagram in Cacoo][4]
![Figure 3: AWS diagram options in Cacoo][5]
Though AWS provides developer tools, there is no built-in tool provided for solution modelling and hence we have to choose an external tool like Cacoo for the design preparation.
We can start with solution modelling in Cacoo either by using the AWS diagram templates, which list pre-built templates for standard architecture diagrams like the network diagram, DevOps solutions, etc. If you want to develop a custom solution from the list of shapes available in the Cacoo online editor, you can choose AWS components like compute, storage, network, analytics, AI tools, etc, and prepare custom architecture to suit your solution, as shown in Figure 2.
There are connectors available to relate the components (for example, how network communication happens, and how ELB or elastic load balancing branches to EC2 storage). Figure 3 lists sample diagram shapes available for AWS architecture diagrams in Cacoo.
![Figure 4: Create an IAM role to connect to Cacoo][6]
![Figure 5: Add the policy to the IAM role to enable Cacoo to import from the AWS account][7]
**Integrating Cacoo with an AWS account to import architecture**
One of the biggest advantages of Cacoo compared to other cloud modelling tools is that it can import architecture from an AWS account. We can connect to an AWS account, and Cacoo selects the services created in the account with the role attached and prepares an architecture diagram, on the fly.
For this, we need to first create an IAM (Identity and Access Management) role in the AWS account with the account ID and external ID as given in the Cacoo Import AWS Architecture account (Figure 4).
Then we need to add a policy to the IAM role in order to access the components attached to this role from Cacoo. For policy creation, we have sample policies available in Cacoos Import AWS Architecture wizard. We just need to copy and paste the policy as shown in Figure 5.
Once this is done, the IAM role is created in the AWS account. Now we need to copy the role ARN (Amazon Resource Name) from the new role created and paste it in Cacoos Import AWS Architecture wizard as shown in Figure 6. This imports the architecture of the services created in the account, which is attached to the IAM role we have created and displays it as an architecture diagram.
![Figure 6: Cacoos AWS Architecture Import wizard][8]
![Figure 7: Cacoo worksheet with AWS imported architecture][9]
Once this is done, we can see the architecture in Cacoos worksheet (Figure 7). We can print or export the architecture diagram into PPT, PNG, SVG, PDF, etc, for an architecture document, or for poster printing and other technical discussion purposes, as needed.
Cacoo is one of the most powerful cloud architecture modelling tools and can be used for visual designs for AWS architecture, on the fly, using online tools without installing any software. The online account is accessible from anywhere and can be used for quick architecture presentation.
--------------------------------------------------------------------------------
via: https://opensourceforu.com/2019/09/cacoo-a-lightweight-online-tool-for-modelling-aws-architecture/
作者:[Magesh Kasthuri][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensourceforu.com/author/magesh-kasthuri/
[b]: https://github.com/lujun9972
[1]: https://i1.wp.com/opensourceforu.com/wp-content/uploads/2017/07/AWS.jpg?resize=696%2C427&ssl=1 (AWS)
[2]: https://i1.wp.com/opensourceforu.com/wp-content/uploads/2017/07/AWS.jpg?fit=750%2C460&ssl=1
[3]: https://i1.wp.com/opensourceforu.com/wp-content/uploads/2019/09/Figure-1-Template-options-for-AWS-architecture-diagram.jpg?resize=350%2C262&ssl=1
[4]: https://i2.wp.com/opensourceforu.com/wp-content/uploads/2019/09/Figure-2-Sample-AWS-architecture-diagram-in-Cacoo.jpg?resize=350%2C186&ssl=1
[5]: https://i0.wp.com/opensourceforu.com/wp-content/uploads/2019/09/Figure-3-AWS-diagram-options-in-Cacoo.jpg?resize=350%2C337&ssl=1
[6]: https://i2.wp.com/opensourceforu.com/wp-content/uploads/2019/09/Figure-4-Create-an-IAM-role-to-connect-to-Cacoo.jpg?resize=350%2C228&ssl=1
[7]: https://i0.wp.com/opensourceforu.com/wp-content/uploads/2019/09/Figure-5-Add-the-policy-to-the-IAM-role-to-enable-Cacoo-to-import-from-the-AWS-account.jpg?resize=350%2C221&ssl=1
[8]: https://i1.wp.com/opensourceforu.com/wp-content/uploads/2019/09/Figure-6-Cacoo%E2%80%99s-AWS-Architecture-Import-wizard.jpg?resize=350%2C353&ssl=1
[9]: https://i0.wp.com/opensourceforu.com/wp-content/uploads/2019/09/Figure-7-Cacoo%E2%80%99s-worksheet-with-AWS-imported-architecture.jpg?resize=350%2C349&ssl=1

119
sources/tech/20190930 How the Linux screen tool can save your tasks - and your sanity - if SSH is interrupted.md Normal file
View File

@ -0,0 +1,119 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (How the Linux screen tool can save your tasks and your sanity if SSH is interrupted)
[#]: via: (https://www.networkworld.com/article/3441777/how-the-linux-screen-tool-can-save-your-tasks-and-your-sanity-if-ssh-is-interrupted.html)
[#]: author: (Sandra Henry-Stocker https://www.networkworld.com/author/Sandra-Henry_Stocker/)
How the Linux screen tool can save your tasks and your sanity if SSH is interrupted
======
The Linux screen command can be a life-saver when you need to ensure long-running tasks don't get killed when an SSH session is interrupted. Here's how to use it.
Sandra Henry-Stocker
If youve ever had to restart a time-consuming process because your SSH session was disconnected, you might be very happy to learn about an interesting tool that you can use to avoid this problem  the **screen** tool.
Screen, which is a terminal multiplexor, allows you to run many terminal sessions within a single ssh session, detaching from them and reattaching them as needed. The process for doing this is surprising simple and involves only a handful of commands.
**[ Two-Minute Linux Tips: [Learn how to master a host of Linux commands in these 2-minute video tutorials][1] ]**
To start a screen session, you simply type **screen** within your ssh session. You then start your long-running process, type **Ctrl+A Ctrl+D** to detach from the session and **screen -r** to reattach when the time is right.
[][2]
BrandPost Sponsored by HPE
[Take the Intelligent Route with Consumption-Based Storage][2]
Combine the agility and economics of HPE storage with HPE GreenLake and run your IT department with efficiency.
If youre going to run more than one screen session, a better option is to give each session a meaningful name that will help you remember what task is being handled in it. Using this approach, you would name each session when you start it by using a command like this:
```
$ screen -S slow-build
```
Once you have multiple sessions running, reattaching to one then requires that you pick it from the list. In the commands below, we list the currently running sessions before reattaching one of them. Notice that initially both sessions are marked as being detached.
Advertisement
```
$ screen -ls
There are screens on:
6617.check-backups (09/26/2019 04:35:30 PM) (Detached)
1946.slow-build (09/26/2019 02:51:50 PM) (Detached)
2 Sockets in /run/screen/S-shs
```
Reattaching to the session then requires that you supply the assigned name. For example:
```
$ screen -r slow-build
```
The process you left running should have continued processing while it was detached and you were doing some other work. If you ask about your screen sessions while using one of them, you should see that the session youre currently reattached to is once again “attached.”
```
$ screen -ls
There are screens on:
6617.check-backups (09/26/2019 04:35:30 PM) (Attached)
1946.slow-build (09/26/2019 02:51:50 PM) (Detached)
2 Sockets in /run/screen/S-shs.
```
You can ask what version of screen youre running with the **-version** option.
```
$ screen -version
Screen version 4.06.02 (GNU) 23-Oct-17
```
### Installing screen
If “which screen” doesnt provide information on screen, it probably isn't installed on your system.
```
$ which screen
/usr/bin/screen
```
If you need to install it, one of the following commands is probably right for your system:
```
sudo apt install screen
sudo yum install screen
```
The screen tool comes in handy whenever you need to run time-consuming processes that could be interrupted if your SSH session for any reason disconnects. And, as you've just seen, its very easy to use and manage.
Here's a recap of the commands used above:
```
screen -S <process description> start a session
Ctrl+A Ctrl+D detach from a session
screen -ls list sessions
screen -r <process description> reattach a session
```
While there is more to know about **screen**, including additional ways that you can maneuver between screen sessions, this should get you started using this handy tool.
Join the Network World communities on [Facebook][3] and [LinkedIn][4] to comment on topics that are top of mind.
--------------------------------------------------------------------------------
via: https://www.networkworld.com/article/3441777/how-the-linux-screen-tool-can-save-your-tasks-and-your-sanity-if-ssh-is-interrupted.html
作者:[Sandra Henry-Stocker][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.networkworld.com/author/Sandra-Henry_Stocker/
[b]: https://github.com/lujun9972
[1]: https://www.youtube.com/playlist?list=PL7D2RMSmRO9J8OTpjFECi8DJiTQdd4hua
[2]: https://www.networkworld.com/article/3440100/take-the-intelligent-route-with-consumption-based-storage.html?utm_source=IDG&utm_medium=promotions&utm_campaign=HPE20773&utm_content=sidebar ( Take the Intelligent Route with Consumption-Based Storage)
[3]: https://www.facebook.com/NetworkWorld/
[4]: https://www.linkedin.com/company/network-world

134
sources/tech/20191001 The Best Android Apps for Protecting Privacy and Keeping Information Secure.md Normal file
View File

@ -0,0 +1,134 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (The Best Android Apps for Protecting Privacy and Keeping Information Secure)
[#]: via: (https://opensourceforu.com/2019/10/the-best-android-apps-for-protecting-privacy-and-keeping-information-secure/)
[#]: author: (Magimai Prakash https://opensourceforu.com/author/magimai-prakash/)
The Best Android Apps for Protecting Privacy and Keeping Information Secure
======
[![][1]][2]
_Privacy violations and data theft occur every day, making it necessary for all of us to safeguard our data. We trust our smartphones way too much and tend to store personal data on them, ignoring the fact that these devices could easily be compromised. However, there are a few open source apps that can ensure the data on your phone is not compromised. This article lists the best ones._
Everyone is becoming aware about information security. There are plenty of privacy and security apps available in the Google Play store too, but it is not easy to select the right one. Most users prefer free apps, but some of these offer only limited functionality and force users to upgrade to a premium membership, which many cannot afford.
This article sheds light on some FOSS Android apps that will really help in safeguarding your privacy.
![Figure 1: Safe Notes][3]
![Figure 2: Exodus Privacy][4]
**Safe Notes**
Safe Notes is a companion app for the Protected Text website (_<https://www.protectedtext.com/>_). It is an online encrypted notepad which offers space on a separate site for users to store their notes. To use this service, you do not need to sign up with the website. Instead, you need to choose a site name and a password to protect it.
You have two options to use Safe Notes — you can either use this app to save your notes locally, or you can import your existing Protected Text site in the app. In the latter case, you can synchronise your notes between the app as well as in the Protected Text website.
By default, all the notes will be in an unlocked state. After you have saved your notes, if you want to encrypt them, click on the key icon beside your note and you will be prompted to give a password. After entering the password of your choice, your note will be encrypted and instead of the key icon, you will see an unlocked icon in its place, which means that your note is not locked. To lock your note, click the Unlocked icon beside your note — your note will get locked and the password will be removed from your device.
Passwords that you are using are not transmitted anywhere. Even if you are using an existing Protected Text site, your passwords are not transmitted. Only your encrypted notes get sent to the Protected Text servers, so you are in total control. But this also means that you cannot recover your password if you lose it.
Your notes are encrypted by the AES algorithm and SHA 12 for hashing, while SSL is used for data transmission.
![Figure 3: Net Guard][5]
**Exodus Privacy**
Have you ever wondered how many permissions you are granting to an Android app? While you can see these in the Google Play store, you may not know that some of those permissions are impacting your privacy more severely than you realise.
While permissions are taking control of your device with or without your knowledge, third party trackers also compromise your privacy by stealthily collecting data without your consent. And the worst part is that you have no clue as to how many trackers you have in your Android app.
To view the permissions for an Android app and the trackers in it, use Exodus Privacy.
Exodus Privacy is an Android app that has been created and maintained by a French non-profit organisation. While the app is not capable of any analysis, it will fetch reports from the Exodus Platform for the apps that are installed in your device.
These reports are auto-generated by using the static analysis method and, currently, the Exodus platform contains 58,392 reports. Each report gives you information about the number of trackers and permissions.
Permissions are evaluated using the three levels of Google Permission Classification. These are Normal, Signature and Dangerous. We should be concerned about the Dangerous level because such permissions can access the users private and other stored sensitive data.
Trackers are also listed in this app. When you click on a tracker, you will be taken to a page which shows you the other Android apps that have that particular tracker. This can be really useful to know if the same tracker has been used in the other apps that you have installed.
In addition, the reports will contain information such as Fingerprint and other geographical details about the app publisher such as Country, State and Locality.
![Figure 4: xBrowserSync][6]
![Figure 5: Scrambled Exif][7]
**Net Guard**
Most Android apps need network access to function properly, but offline apps dont need this to operate. Yet some of these offline apps continue to run in the background and use network access for some reason or the other. As a result, your battery gets drained very quickly and the data plan on your phone gets exhausted faster than you think.
Net Guard solves this problem by blocking the network access to selected apps. Net Guard will only block the outgoing traffic from apps, not whats incoming.
The Net Guard main window displays all the installed apps. For every app you will see the mobile network icon and the Wi-Fi icon. When they are both green, it means that Net Guard will allow the app to have network access via the mobile network and Wi-Fi. Alternatively, you can enable any one of them; for example, you can allow the app to use the Internet only via the mobile network by clicking on the Mobile network icon to turn it green while the Wi-Fi icon is red.
When both the Mobile network and Wi-Fi icons are red, the apps outgoing traffic is blocked.
Also, when Lockdown mode is enabled, it will block the network access for all apps except those that are configured to have network access in the Lockdown mode too. This is useful when you have very little battery and your data plan is about to expire.
Net Guard can also block network access to the system apps, but please be cautious about this because sometimes, when the user blocks Internet access to some critical system apps, it could result in a malfunction of other apps.
**xBrowserSync**
xBrowserSync is a free and open source service that helps to sync bookmarks across your devices. Most of the sync services require you to sign up and keep your data with them.
xBrowserSync is an anonymous and secure service, for which you need not sign up. To use this service you need to know your sync ID and have a strong password for it.
Currently, xBrowserSync supports the Mozilla and Chrome browsers; so if youre using either one of them, you can proceed further. Also, if you have to transfer a huge number of bookmarks from your existing service to xBrowserSync, it is advised that you have a backup of all your bookmarks before you create your first sync.
You can create your first sync by entering a strong password for it. After your sync is created, a unique sync ID will be shown to you, which can be used to sync your bookmarks across your devices.
xBrowserSync encrypts all your data locally before it is synced. It also uses PBKDF2 with 250,000 iterations of SHA-256 for the key derivation to combat brute force attacks. Apart from that, It uses PBKDF2 with 250,000 iterations of SHA-256 for the key derivation to combat brute force attacks. And it uses AES-GCM with a random 16 byte IV (Initialization Vector- a random number that is used with secret key to encrypt the data) with 32-bit char sync ID of the user as a salt value. All of these are in place to ensure that your data cannot be decrypted without your password.
The app provides you with a sleek interface that makes it easy for you to add bookmarks, and share and edit them by adding descriptions and tags to them.
xBrowserSync is currently hosted by four providers, including the official one. So to accommodate all the users, the synced data that isnt accessed for a long time is removed. If you dont want to be dependent on other providers, you can host xBrowserSync for yourself.
![Figure 6: Riseup VPN][8]
**Scrambled Exif**
When we share our photos on social media, sometimes we share the metadata on those photos accidentally. Metadata can be useful for some situations but it can also pose a serious threat to your privacy. A typical photo may consist of the following pieces of data such as date and time, make and model of the camera, phone name and location. When all these pieces of data are put together by a system or by a group of people, they are able to determine your location at that particular time.
So if you want to share your photos with your friends as well as on social media without divulging metadata, you can use Scrambled Exif.
Scrambled Exif is a free and open source tool which removes the Exif data from your photos, after installing the app. So when you want to share a photo, you have to click on the Share button from the photo, and it will show you the available options for sharing — choose Scrambled Exif. Once you have done that, all your metadata is removed from that photo, and you will again be shown the share list. From there on, you can share your photos normally.
**Riseup VPN**
Riseup VPN (Virtual Private Network) is a tool that enables you to protect your identity, as well as bypass the censorship that is imposed on your network and the encryption of your Internet traffic. Some VPN service providers log your IP address and quietly betray your trust.
Riseup VPN is a personal VPN service offered by the Riseup Organization, which is a non-profit that fights for a free Internet by providing tools and other resources for anyone who wants to enjoy the Internet without being restrained.
To use the Riseup VPN, you do not need to register, nor do you need to configure the settings — it is all prepped for you. All you need is to click on the Turn on button and within a few moments, you can see that your traffic is routed through the Riseup networks. By default, Riseup does not log your IP address.
At present, Riseup VPN supports the Riseup networks in Hong Kong and Amsterdam.
![Figure 7: Secure Photo Viewer][9]
**Secure Photo Viewer**
When you want to show a cool picture of yours to your friends by giving your phone to them, some of them may get curious and go to your gallery to view all your photos. Once you unlock the gallery, you cannot control what should be shown and what ought to be hidden, as long as your phone is with them.
Secure Photo Viewer fixes this problem. After installing it, choose the photos or videos you want to show to a friend and click share. This will show Secure Photo Viewer in the available options. Once you click on it, a new window will open and it will instruct you to lock your device. Within a few seconds the photo you have chosen will show up on the screen. Now you can show your friends just that photo, and they cant get into your gallery and view the rest of your private photos.
Most of the apps listed here are available on F-Droid as well as on Google Play. I recommend using F-Droid because every app has been compiled via its source code by F-Droid itself, so it is unlikely to have malicious code injected in it.
--------------------------------------------------------------------------------
via: https://opensourceforu.com/2019/10/the-best-android-apps-for-protecting-privacy-and-keeping-information-secure/
作者:[Magimai Prakash][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensourceforu.com/author/magimai-prakash/
[b]: https://github.com/lujun9972
[1]: https://i2.wp.com/opensourceforu.com/wp-content/uploads/2019/09/Android-Apps-security.jpg?resize=696%2C658&ssl=1 (Android Apps security)
[2]: https://i2.wp.com/opensourceforu.com/wp-content/uploads/2019/09/Android-Apps-security.jpg?fit=890%2C841&ssl=1
[3]: https://i1.wp.com/opensourceforu.com/wp-content/uploads/2019/09/Figure-1-Safe-Notes.jpg?resize=211%2C364&ssl=1
[4]: https://i1.wp.com/opensourceforu.com/wp-content/uploads/2019/09/Figure-2-Exodus-Privacy.jpg?resize=225%2C386&ssl=1
[5]: https://i0.wp.com/opensourceforu.com/wp-content/uploads/2019/09/Figure-3-Net-Guard.jpg?resize=226%2C495&ssl=1
[6]: https://i2.wp.com/opensourceforu.com/wp-content/uploads/2019/09/Figure-4-xBrowserSync.jpg?resize=251%2C555&ssl=1
[7]: https://i1.wp.com/opensourceforu.com/wp-content/uploads/2019/09/Figure-5-Scrambled-Exif-350x535.jpg?resize=235%2C360&ssl=1
[8]: https://i2.wp.com/opensourceforu.com/wp-content/uploads/2019/09/Figure-6-Riseup-VPN.jpg?resize=242%2C536&ssl=1
[9]: https://i2.wp.com/opensourceforu.com/wp-content/uploads/2019/09/Figure-7-Secure-Photo-Viewer.jpg?resize=228%2C504&ssl=1

74
sources/tech/20191003 Creating a perfect landing page for free.md Normal file
View File

@ -0,0 +1,74 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Creating a perfect landing page for free)
[#]: via: (https://opensourceforu.com/2019/10/creating-a-perfect-landing-page-for-free/)
[#]: author: (Jagoda Glowacka https://opensourceforu.com/author/jagoda-glowacka/)
Creating a perfect landing page for free
======
[![][1]][2]
_Nowadays running an online business has become more popular than doing it in a traditional way. Entrepreneurs are lured by the lack of barriers of entry, simplicity of reaching wide ranges of customers and endless possibilities of growing. With Internet and new technologies it is far easier today to become an online businessman than a traditional one. However, one thing is to become an entrepreneur and another is to keep oneself on the market._
Since the digital business world is in constant expansion the competition is getting fiercer and the quality of products and services offered increases. It makes it more troublesome to be noticed in the crowd of alike ambitious online businessmen offering similar products. In order to survive you need to use all the cards you have and even if you have already done that you should always think about improvement and innovation.
One of this card should definitely be a decent nice-looking and attention-grabbing landing page that boosts your conversions and build trust among your potential customers. Since today you can easily [_create landing page_][3] for free you should never deprive your business of one. As it is a highly powerful tool than can move your business off the ground and gain a lot of new leads. However, in order to do all of this it has to be a high quality landing page that will be impeccable for your targeted audience.
**A landing page is a must for every online business**
The concept of landing pages arrived a few years back but these few years were enough to settle down and become the necessity of every online business. At the beginning loads of businessmen decided to ignore their existence and preferred to persuade themselves that a homepage is already enough. Well, sorry to break it for them but its not.
**Homepage should never equal landing page**
Obviously, a homepage is also a must for every online business and without it the business can only exist in entrepreneurs imagination ;-) However, an essence of a homepage is not the same what an essence of a landing page is. And even the most state-of-the-art business website does not replace a good piece of landing page.
Homepages do serve multiple purposes but none of them is focused on attracting new clients as they dont clearly encourage visitors to take an action such as subscribing or filling out a contact form. Homepages primary focus is the company itself its full offer, history or founder and it makes them full of distracting information and links. And last but not least, the information on them is not put in order that would make the visitors desire the product instantly.
**Landing pages impose action**
Landing page is a standalone website and serves as a first-impression maker among the visitors. It is the place where your new potential customers land and in order to keep them you need to show them instantly that your solution is something they need. It should quickly grab attention of the visitors, engage them in an action and make them interested in your product or service. And it should do all of that as quickly as possible.
Therefore, landing pages are a great tool which helps you increase your conversion rate, getting information about your visitors, engage new potential leads into action (such as subscribing for a free trial or a newsletter what provide you with personal information about them) and make them believe your product or service is worthwhile. However, in order to fulfill all these functions it needs to have all the necessary landing page elements and it has to be a landing page of high quality.
**Every landing page needs some core features**
In order to create a perfectly converting landing page you need to plan its structure and put all the essential elements on it that will help you achieve your goals. The core elements that should be placed on every landing page are:
* headlines which should be catchy, keywords focused and eye-catching. It is the first, and sometimes only, element that visitors read so it has to be well-thought and a little intriguing,
* subheadlines which should be completion of headlines, a little bit more descriptive but still keywords focused and catchy,
* benefits of your solution clearly outlined and demonstrating high value and absolute necessity of purchasing it for your potential leads,
* call-to-action in a visible place and allowing the visitors to subscribe for a free trial, coupons, a newsletter or purchase right away.
All of these features put together in a right order enable you to boost your conversions and make your product or service absolutely desirable for your customers. They are all the core elements of every landing page and without any of them there is a higher risk of landing page failure.
However, putting all the elements is one thing but designing a landing page is another. When planning its structure you should always have in mind who your target is and adjust your landing page look accordingly. You should always keep up with landing page trends which make your landing page up-to-date and appealing for the customers.
If it all sounds quite confusing and you are a landing page newbie or still dont really feel confident in landing page creation you may facilitate this task and use a highly powerful tool the landing page savvies have prepared for you. And that is a [_free landing page creator_][4] which help you create a high quality and eye-catching landing page in less than an hour.
**Creating a free landing page is a piece of cake**
Today the digital marketing world is full of bad quality landing pages that dont truly work miracles for businesses. In order to give you all the bonanza the quality of landing page is crucial and choosing a landing page builder designed by landing page experts is one of the most secure options to create a landing page of excellence.
They are online tools which slightly guide you through the whole creation process making it effortless and quick. They are full of pre-installed features such as landing page layouts and templates, drag and drop function, simple copying and moving or tailoring your landing page to every type of device. You can use these builders up to 14 days for free thanks to a free trial period. Quite nice, huh? ;-)
--------------------------------------------------------------------------------
via: https://opensourceforu.com/2019/10/creating-a-perfect-landing-page-for-free/
作者:[Jagoda Glowacka][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensourceforu.com/author/jagoda-glowacka/
[b]: https://github.com/lujun9972
[1]: https://i1.wp.com/opensourceforu.com/wp-content/uploads/2017/09/Long-wait-open-for-webpage-in-broser-using-laptop.jpg?resize=696%2C405&ssl=1 (Long wait open for webpage in broser using laptop)
[2]: https://i1.wp.com/opensourceforu.com/wp-content/uploads/2017/09/Long-wait-open-for-webpage-in-broser-using-laptop.jpg?fit=1996%2C1162&ssl=1
[3]: https://landingi.com/blog/how-to-create-landing-page
[4]: https://landingi.com/free-landing-page

144
sources/tech/20191003 SQL queries don-t start with SELECT.md Normal file
View File

@ -0,0 +1,144 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (SQL queries don't start with SELECT)
[#]: via: (https://jvns.ca/blog/2019/10/03/sql-queries-don-t-start-with-select/)
[#]: author: (Julia Evans https://jvns.ca/)
SQL queries don't start with SELECT
======
Okay, obviously many SQL queries do start with `SELECT` (and actually this post is only about `SELECT` queries, not `INSERT`s or anything).
But! Yesterday I was working on an [explanation of window functions][1], and I found myself googling “can you filter based on the result of a window function”. As in can you filter the result of a window function in a WHERE or HAVING or something?
Eventually I concluded “window functions must run after WHERE and GROUP BY happen, so you cant do it”. But this led me to a bigger question **what order do SQL queries actually run in?**.
This was something that I felt like I knew intuitively (“Ive written at least 10,000 SQL queries, some of them were really complicated! I must know this!“) but I struggled to actually articulate what the order was.
### SQL queries happen in this order
I looked up the order, and here it is! (SELECT isnt the first thing, its like the 5th thing!) ([here it is in a tweet][2]).
(I really want to find a more accurate way of phrasing this than “sql queries happen/run in this order” but I havent figured it out yet)
<https://jvns.ca/images/sql-queries.jpeg>
In a non-image format, the order is:
* `FROM/JOIN` and all the `ON` conditions
* `WHERE`
* `GROUP BY`
* `HAVING`
* `SELECT` (including window functions)
* `ORDER BY`
* `LIMIT`
### questions this diagram helps you answer
This diagram is about the _semantics_ of SQL queries it lets you reason through what a given query will return and answers questions like:
* Can I do `WHERE` on something that came from a `GROUP BY`? (no! WHERE happens before GROUP BY!)
* Can I filter based on the results of a window function? (no! window functions happen in `SELECT`, which happens after both `WHERE` and `GROUP BY`)
* Can I `ORDER BY` based on something I did in GROUP BY? (yes! `ORDER BY` is basically the last thing, you can `ORDER BY` based on anything!)
* When does `LIMIT` happen? (at the very end!)
**Database engines dont actually literally run queries in this order** because they implement a bunch of optimizations to make queries run faster well get to that a little later in the post.
So:
* you can use this diagram when you just want to understand which queries are valid and how to reason about what results of a given query will be
* you _shouldnt_ use this diagram to reason about query performance or anything involving indexes, thats a much more complicated thing with a lot more variables
### confounding factor: column aliases
Someone on Twitter pointed out that many SQL implementations let you use the syntax:
```
SELECT CONCAT(first_name, ' ', last_name) AS full_name, count(*)
FROM table
GROUP BY full_name
```
This query makes it _look_ like GROUP BY happens after SELECT even though GROUP BY is first, because the GROUP BY references an alias from the SELECT. But its not actually necessary for the GROUP BY to run after the SELECT for this to work the database engine can just rewrite the query as
```
SELECT CONCAT(first_name, ' ', last_name) AS full_name, count(*)
FROM table
GROUP BY CONCAT(first_name, ' ', last_name)
```
and run the GROUP BY first.
Your database engine also definitely does a bunch of checks to make sure that what you put in SELECT and GROUP BY makes sense together before it even starts to run the query, so it has to look at the query as a whole anyway before it starts to come up with an execution plan.
### queries arent actually run in this order (optimizations!)
Database engines in practice dont actually run queries by joining, and then filtering, and then grouping, because they implement a bunch of optimizations reorder things to make the query run faster as long as reordering things wont change the results of the query.
One simple example of a reason why need to run queries in a different order to make them fast is that in this query:
```
SELECT * FROM
owners LEFT JOIN cats ON owners.id = cats.owner
WHERE cats.name = 'mr darcy'
```
it would be silly to do the whole left join and match up all the rows in the 2 tables if you just need to look up the 3 cats named mr darcy its way faster to do some filtering first for cats named mr darcy. And in this case filtering first doesnt change the results of the query!
There are lots of other optimizations that database engines implement in practice that might make them run queries in a different order but theres no room for that and honestly its not something Im an expert on.
### LINQ starts queries with `FROM`
LINQ (a querying syntax in C# and VB.NET) uses the order `FROM ... WHERE ... SELECT`. Heres an example of a LINQ query:
```
var teenAgerStudent = from s in studentList
where s.Age > 12 && s.Age < 20
select s;
```
pandas (my [favourite data wrangling tool][3]) also basically works like this, though you dont need to use this exact order Ill often write pandas code like this:
```
df = thing1.join(thing2) # like a JOIN
df = df[df.created_at > 1000] # like a WHERE
df = df.groupby('something', num_yes = ('yes', 'sum')) # like a GROUP BY
df = df[df.num_yes > 2] # like a HAVING, filtering on the result of a GROUP BY
df = df[['num_yes', 'something1', 'something']] # pick the columns I want to display, like a SELECT
df.sort_values('sometthing', ascending=True)[:30] # ORDER BY and LIMIT
df[:30]
```
This isnt because pandas is imposing any specific rule on how you have to write your code, though. Its just that it often makes sense to write code in the order JOIN / WHERE / GROUP BY / HAVING. (Ill often put a `WHERE` first to improve performance though, and I think most database engines will also do a WHERE first in practice)
`dplyr` in R also lets you use a different syntax for querying SQL databases like Postgres, MySQL and SQLite, which is also in a more logical order.
### I was really surprised that I didnt know this
Im writing a blog post about this because when I found out the order I was SO SURPRISED that Id never seen it written down that way before it explains basically everything that I knew intuitively about why some queries are allowed and others arent. So I wanted to write it down in the hopes that it will help other people also understand how to write SQL queries.
--------------------------------------------------------------------------------
via: https://jvns.ca/blog/2019/10/03/sql-queries-don-t-start-with-select/
作者:[Julia Evans][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://jvns.ca/
[b]: https://github.com/lujun9972
[1]: https://twitter.com/b0rk/status/1179419244808851462?s=20
[2]: https://twitter.com/b0rk/status/1179449535938076673
[3]: https://github.com/jvns/pandas-cookbook

428
sources/tech/20191004 9 essential GNU binutils tools.md Normal file
View File

@ -0,0 +1,428 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (9 essential GNU binutils tools)
[#]: via: (https://opensource.com/article/19/10/gnu-binutils)
[#]: author: (Gaurav Kamathe https://opensource.com/users/gkamathe)
9 essential GNU binutils tools
======
Binary analysis is the most underestimated skill in the computer
industry.
![Tools for the sysadmin][1]
Imagine not having access to a software's source code but still being able to understand how the software is implemented, find vulnerabilities in it, and—better yet—fix the bugs. All of this in binary form. It sounds like having superpowers, doesn't it?
You, too, can possess such superpowers, and the GNU binary utilities (binutils) are a good starting point. The [GNU binutils][2] are a collection of binary tools that are installed by default on all Linux distributions.
Binary analysis is the most underestimated skill in the computer industry. It is mostly utilized by malware analysts, reverse engineers, and people
working on low-level software.
This article explores some of the tools available through binutils. I am using RHEL but these examples should run on any Linux distribution.
```
`[~]# cat /etc/redhat-release  Red Hat Enterprise Linux Server release 7.6 (Maipo) [~]#  [~]# uname -r 3.10.0-957.el7.x86_64 [~]# `
```
Note that some packaging commands (like **rpm**) might not be available on Debian-based distributions, so use the equivalent **dpkg** command where applicable.
### Software development 101
In the open source world, many of us are focused on software in source form; when the software's source code is readily available, it is easy to simply get a copy of the source code, open your favorite editor, get a cup of coffee, and start exploring.
But the source code is not what is executed on the CPU; it is the binary or machine language instructions that are executed on the CPU. The binary or executable file is what you get when you compile the source code. People skilled in debugging often get their edge by understanding this difference.
### Compilation 101
Before digging into the binutils package itself, it's good to understand the basics of compilation.
Compilation is the process of converting a program from its source or text form in a certain programming language (C/C++) into machine code.
Machine code is the sequence of 1's and 0's that are understood by a CPU (or hardware in general) and therefore can be executed or run by the CPU. This machine code is saved to a file in a specific format that is often referred to as an executable file or a binary file. On Linux (and BSD, when using [Linux Binary Compatibility][3]), this is called [ELF][4] (Executable and Linkable Format).
The compilation process goes through a series of complicated steps before it presents an executable or binary file for a given source file. Consider this source program (C code) as an example. Open your favorite editor and type out this program:
```
`#include <stdio.h> int main(void) { printf("Hello World\n"); return 0; }`
```
#### Step 1: Preprocessing with cpp
The [C preprocessor (**cpp**)][5] is used to expand all macros and include the header files. In this example, the header file **stdio.h** will be included in the source code. **stdio.h** is a header file that contains information on a **printf** function that is used within the program. **cpp** runs on the source code, and the resulting instructions are saved in a file called **hello.i**. Open the file with a text editor to see its contents. The source code for printing **hello world** is at the bottom of the file.
```
`[testdir]# cat hello.c #include <stdio.h> int main(void) { printf("Hello World\n"); return 0; } [testdir]# [testdir]# cpp hello.c > hello.i [testdir]# [testdir]# ls -lrt total 24 -rw-r--r--. 1 root root 76 Sep 13 03:20 hello.c -rw-r--r--. 1 root root 16877 Sep 13 03:22 hello.i [testdir]#`
```
#### Step 2: Compilation with gcc
This is the stage where preprocessed source code from Step 1 is converted to assembly language instructions without creating an object file. It uses the [GNU Compiler Collection (**gcc**)][6]. After running the **gcc** command with the -**S** option on the **hello.i** file, it creates a new file called **hello.s**. This file contains the assembly language instructions for the C program.
You can view the contents using any editor or the **cat** command.
```
`[testdir]# [testdir]# gcc -Wall -S hello.i [testdir]# [testdir]# ls -l total 28 -rw-r--r--. 1 root root 76 Sep 13 03:20 hello.c -rw-r--r--. 1 root root 16877 Sep 13 03:22 hello.i -rw-r--r--. 1 root root 448 Sep 13 03:25 hello.s [testdir]# [testdir]# cat hello.s .file "hello.c" .section .rodata .LC0: .string "Hello World" .text .globl main .type main, @function main: .LFB0: .cfi_startproc pushq %rbp .cfi_def_cfa_offset 16 .cfi_offset 6, -16 movq %rsp, %rbp .cfi_def_cfa_register 6 movl $.LC0, %edi call puts movl $0, %eax popq %rbp .cfi_def_cfa 7, 8 ret .cfi_endproc .LFE0: .size main, .-main .ident "GCC: (GNU) 4.8.5 20150623 (Red Hat 4.8.5-36)" .section .note.GNU-stack,"",@progbits [testdir]#`
```
#### Step 3: Assembling with as
The purpose of an assembler is to convert assembly language instructions into machine language code and generate an object file that has a **.o** extension. Use the GNU assembler **as** that is available by default on all Linux platforms.
```
`[testdir]# as hello.s -o hello.o [testdir]# [testdir]# ls -l total 32 -rw-r--r--. 1 root root 76 Sep 13 03:20 hello.c -rw-r--r--. 1 root root 16877 Sep 13 03:22 hello.i -rw-r--r--. 1 root root 1496 Sep 13 03:39 hello.o -rw-r--r--. 1 root root 448 Sep 13 03:25 hello.s [testdir]#`
```
You now have your first file in the ELF format; however, you cannot execute it yet. Later, you will see the difference between an **object file** and an **executable file**.
```
`[testdir]# file hello.o hello.o: ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped`
```
#### Step 4: Linking with ld
This is the final stage of compillation, when the object files are linked to create an executable. An executable usually requires external functions that often come from system libraries (**libc**).
You can directly invoke the linker with the **ld** command; however, this command is somewhat complicated. Instead, you can use the **gcc** compiler with the **-v** (verbose) flag to understand how linking happens. (Using the **ld** command for linking is an exercise left for you to explore.)
```
`[testdir]# gcc -v hello.o Using built-in specs. COLLECT_GCC=gcc COLLECT_LTO_WRAPPER=/usr/libexec/gcc/x86_64-redhat-linux/4.8.5/lto-wrapper Target: x86_64-redhat-linux Configured with: ../configure --prefix=/usr --mandir=/usr/share/man [...] --build=x86_64-redhat-linux Thread model: posix gcc version 4.8.5 20150623 (Red Hat 4.8.5-36) (GCC) COMPILER_PATH=/usr/libexec/gcc/x86_64-redhat-linux/4.8.5/:/usr/libexec/gcc/x86_64-redhat-linux/4.8.5/:[...]:/usr/lib/gcc/x86_64-redhat-linux/ LIBRARY_PATH=/usr/lib/gcc/x86_64-redhat-linux/4.8.5/:/usr/lib/gcc/x86_64-redhat-linux/4.8.5/../../../../lib64/:/lib/../lib64/:/usr/lib/../lib64/:/usr/lib/gcc/x86_64-redhat-linux/4.8.5/../../../:/lib/:/usr/lib/ COLLECT_GCC_OPTIONS='-v' '-mtune=generic' '-march=x86-64' /usr/libexec/gcc/x86_64-redhat-linux/4.8.5/collect2 --build-id --no-add-needed --eh-frame-hdr --hash-style=gnu [...]/../../../../lib64/crtn.o [testdir]#`
```
After running this command, you should see an executable file named **a.out**:
```
`[testdir]# ls -l total 44 -rwxr-xr-x. 1 root root 8440 Sep 13 03:45 a.out -rw-r--r--. 1 root root 76 Sep 13 03:20 hello.c -rw-r--r--. 1 root root 16877 Sep 13 03:22 hello.i -rw-r--r--. 1 root root 1496 Sep 13 03:39 hello.o -rw-r--r--. 1 root root 448 Sep 13 03:25 hello.s`
```
Running the **file** command on **a.out** shows that it is indeed an ELF executable:
```
`[testdir]# file a.out a.out: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.32, BuildID[sha1]=48e4c11901d54d4bf1b6e3826baf18215e4255e5, not stripped`
```
Run your executable file to see if it does as the source code instructs:
```
`[testdir]# ./a.out Hello World`
```
It does! So much happens behind the scenes just to print **Hello World** on the screen. Imagine what happens in more complicated programs.
### Explore the binutils tools
This exercise provided a good background for utilizing the tools that are in the binutils package. My system has binutils version 2.27-34; you may have a different version depending on your Linux distribution.
```
`[~]# rpm -qa | grep binutils binutils-2.27-34.base.el7.x86_64`
```
The following tools are available in the binutils packages:
```
`[~]# rpm -ql binutils-2.27-34.base.el7.x86_64 | grep bin/ /usr/bin/addr2line /usr/bin/ar /usr/bin/as /usr/bin/c++filt /usr/bin/dwp /usr/bin/elfedit /usr/bin/gprof /usr/bin/ld /usr/bin/ld.bfd /usr/bin/ld.gold /usr/bin/nm /usr/bin/objcopy /usr/bin/objdump /usr/bin/ranlib /usr/bin/readelf /usr/bin/size /usr/bin/strings /usr/bin/strip`
```
The compilation exercise above already explored two of these tools: the **as** command was used as an assembler, and the **ld** command was used as a linker. Read on to learn about the other seven GNU binutils package tools highlighted in bold above.
#### readelf: Displays information about ELF files
The exercise above mentioned the terms **object file** and **executable file**. Using the files from that exercise, enter **readelf** using the **-h** (header) option to dump the files' ELF header on your screen. Notice that the object file ending with the **.o** extension is shown as **Type: REL (Relocatable file)**:
```
`[testdir]# readelf -h hello.o ELF Header: Magic: 7f 45 4c 46 02 01 01 00 [...] [...] Type: REL (Relocatable file) [...]`
```
If you try to execute this file, you will get an error saying it cannot be executed. This simply means that it doesn't yet have the information that is required for it to be executed on the CPU.
Remember, you need to add the **x** or **executable bit** on the object file first using the **chmod** command or else you will get a **Permission denied** error.
```
`[testdir]# ./hello.o bash: ./hello.o: Permission denied [testdir]# chmod +x ./hello.o [testdir]# [testdir]# ./hello.o bash: ./hello.o: cannot execute binary file`
```
If you try the same command on the **a.out** file, you see that its type is an **EXEC (Executable file)**.
```
`[testdir]# readelf -h a.out ELF Header: Magic: 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00 Class: ELF64 [...] Type: EXEC (Executable file)`
```
As seen before, this file can directly be executed by the CPU:
```
`[testdir]# ./a.out Hello World`
```
The **readelf** command gives a wealth of information about a binary. Here, it tells you that it is in ELF64-bit format, which means it can be executed only on a 64-bit CPU and won't work on a 32-bit CPU. It also tells you that it is meant to be executed on X86-64 (Intel/AMD) architecture. The entry point into the binary is at address 0x400430, which is just the address of the **main** function within the C source program.
Try the **readelf** command on the other system binaries you know, like **ls**. Note that your output (especially **Type:**) might differ on RHEL 8 or Fedora 30 systems and above due to position independent executable ([PIE][7]) changes made for security reasons.
```
`[testdir]# readelf -h /bin/ls ELF Header: Magic: 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00 Class: ELF64 Data: 2's complement, little endian Version: 1 (current) OS/ABI: UNIX - System V ABI Version: 0 Type: EXEC (Executable file)`
```
Learn what **system libraries** the **ls** command is dependant on using the **ldd** command, as follows:
```
`[testdir]# ldd /bin/ls linux-vdso.so.1 => (0x00007ffd7d746000) libselinux.so.1 => /lib64/libselinux.so.1 (0x00007f060daca000) libcap.so.2 => /lib64/libcap.so.2 (0x00007f060d8c5000) libacl.so.1 => /lib64/libacl.so.1 (0x00007f060d6bc000) libc.so.6 => /lib64/libc.so.6 (0x00007f060d2ef000) libpcre.so.1 => /lib64/libpcre.so.1 (0x00007f060d08d000) libdl.so.2 => /lib64/libdl.so.2 (0x00007f060ce89000) /lib64/ld-linux-x86-64.so.2 (0x00007f060dcf1000) libattr.so.1 => /lib64/libattr.so.1 (0x00007f060cc84000) libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f060ca68000)`
```
Run **readelf** on the **libc** library file to see what kind of file it is. As it points out, it is a **DYN (Shared object file)**, which means it can't be directly executed on its own; it must be used by an executable file that internally uses any functions made available by the library.
```
`[testdir]# readelf -h /lib64/libc.so.6 ELF Header: Magic: 7f 45 4c 46 02 01 01 03 00 00 00 00 00 00 00 00 Class: ELF64 Data: 2's complement, little endian Version: 1 (current) OS/ABI: UNIX - GNU ABI Version: 0 Type: DYN (Shared object file)`
```
#### size: Lists section sizes and the total size
The **size** command works only on object and executable files, so if you try running it on a simple ASCII file, it will throw an error saying **File format not recognized**.
```
`[testdir]# echo "test" > file1 [testdir]# cat file1 test [testdir]# file file1 file1: ASCII text [testdir]# size file1 size: file1: File format not recognized`
```
Now, run **size** on the **object file** and the **executable file** from the exercise above. Notice that the executable file (**a.out**) has considerably more information than the object file (**hello.o**), based on the output of size command:
```
`[testdir]# size hello.o text data bss dec hex filename 89 0 0 89 59 hello.o [testdir]# size a.out text data bss dec hex filename 1194 540 4 1738 6ca a.out`
```
But what do the **text**, **data**, and **bss** sections mean?
The **text** sections refer to the code section of the binary, which has all the executable instructions. The **data** sections are where all the initialized data is, and **bss** is where all the uninitialized data is stored.
Compare **size** with some of the other available system binaries.
For the **ls** command:
```
`[testdir]# size /bin/ls text data bss dec hex filename 103119 4768 3360 111247 1b28f /bin/ls`
```
You can see that **gcc** and **gdb** are far bigger programs than **ls** just by looking at the output of the **size** command:
```
`[testdir]# size /bin/gcc text data bss dec hex filename 755549 8464 81856 845869 ce82d /bin/gcc [testdir]# size /bin/gdb text data bss dec hex filename 6650433 90842 152280 6893555 692ff3 /bin/gdb`
```
#### strings: Prints the strings of printable characters in files
It is often useful to add the **-d** flag to the **strings** command to show only the printable characters from the data section.
**hello.o** is an object file that contains instructions to print out the text **Hello World**. Hence, the only output from the **strings** command is **Hello World**.
```
`[testdir]# strings -d hello.o Hello World`
```
Running **strings** on **a.out** (an executable), on the other hand, shows additional information that was included in the binary during the linking phase:
```
`[testdir]# strings -d a.out /lib64/ld-linux-x86-64.so.2 !^BU libc.so.6 puts __libc_start_main __gmon_start__ GLIBC_2.2.5 UH-0 UH-0 =( []A\A]A^A_ Hello World ;*3$"`
```
Recall that compilation is the process of converting source code instructions into machine code. Machine code consists of only 1's and 0's and is difficult for humans to read. Therefore, it helps to present machine code as assembly language instructions. What do assembly languages look like? Remember that assembly language is architecture-specific; since I am using Intel or x86-64 architecture, the instructions will be different if you're using ARM architecture to compile the same programs.
#### objdump: Displays information from object files
Another binutils tool that can dump the machine language instructions from the binary is called **objdump**.
Use the **-d** option, which disassembles all assembly instructions from the binary.
```
`[testdir]# objdump -d hello.o hello.o: file format elf64-x86-64 Disassembly of section .text: 0000000000000000`
`: 0: 55 push %rbp 1: 48 89 e5 mov %rsp,%rbp 4: bf 00 00 00 00 mov $0x0,%edi 9: e8 00 00 00 00 callq e`
` e: b8 00 00 00 00 mov $0x0,%eax 13: 5d pop %rbp 14: c3 retq`
` `
```
This output seems intimidating at first, but take a moment to understand it before moving ahead. Recall that the **.text** section has all the machine code instructions. The assembly instructions can be seen in the fourth column (i.e., **push**, **mov**, **callq**, **pop**, **retq**). These instructions act on registers, which are memory locations built into the CPU. The registers in this example are **rbp**, **rsp**, **edi**, **eax**, etc., and each register has a special meaning.
Now run **objdump** on the executable file (**a.out**) and see what you get. The output of **objdump** on the executable can be large, so I've narrowed it down to the **main** function using the **grep** command:
```
`[testdir]# objdump -d a.out | grep -A 9 main\> 000000000040051d`
`: 40051d: 55 push %rbp 40051e: 48 89 e5 mov %rsp,%rbp 400521: bf d0 05 40 00 mov $0x4005d0,%edi 400526: e8 d5 fe ff ff callq 400400 40052b: b8 00 00 00 00 mov $0x0,%eax 400530: 5d pop %rbp 400531: c3 retq`
` `
```
Notice that the instructions are similar to the object file **hello.o**, but they have some additional information in them:
* The object file **hello.o** has the following instruction: `callq e` ` `
* The executable **a.out** consists of the following instruction with an address and a function:`callq 400400 <puts@plt>`
The above assembly instruction is calling a **puts** function. Remember that you used a **printf** function in the source code. The compiler inserted a call to the **puts** library function to output **Hello World** to the screen.
Look at the instruction for a line above **puts**:
* The object file **hello.o** has the instruction **mov**:`mov $0x0,%edi`
* The instruction **mov** for the executable **a.out** has an actual address (**$0x4005d0**) instead of **$0x0**:`mov $0x4005d0,%edi`
This instruction moves whatever is present at address **$0x4005d0** within the binary to the register named **edi**.
What else could be in the contents of that memory location? Yes, you guessed it right: it is nothing but the text **Hello, World**. How can you be sure?
The **readelf** command enables you to dump any section of the binary file (**a.out**) onto the screen. The following asks it to dump the **.rodata**, which is read-only data, onto the screen:
```
`[testdir]# readelf -x .rodata a.out Hex dump of section '.rodata': 0x004005c0 01000200 00000000 00000000 00000000 .... 0x004005d0 48656c6c 6f20576f 726c6400 Hello World.`
```
You can see the text **Hello World** on the right-hand side and its address in binary on the left-hand side. Does it match the address you saw in the **mov** instruction above? Yes, it does.
#### strip: Discards symbols from object files
This command is often used to reduce the size of the binary before shipping it to customers.
Remember that it hinders the process of debugging since vital information is removed from the binary; nonetheless, the binary executes flawlessly.
Run it on your **a.out** executable and notice what happens. First, ensure the binary is **not stripped** by running the following command:
```
`[testdir]# file a.out a.out: ELF 64-bit LSB executable, x86-64, [......] not stripped`
```
Also, keep track of the number of bytes originally in the binary before running the **strip** command:
```
`[testdir]# du -b a.out 8440 a.out`
```
Now run the **strip** command on your executable and ensure it worked using the **file** command:
```
`[testdir]# strip a.out [testdir]# file a.out a.out: ELF 64-bit LSB executable, x86-64, [......] stripped`
```
After stripping the binary, its size went down to **6296** from the previous **8440** bytes for this small program. With this much savings for a tiny program, no wonder large programs often are stripped.
```
`[testdir]# du -b a.out 6296 a.out`
```
#### addr2line: Converts addresses into file names and line numbers
The **addr2line** tool simply looks up addresses in the binary file and matches them up with lines in the C source code program. Pretty cool, isn't it?
Write another test program for this; only this time ensure you compile it with the **-g** flag for **gcc**, which adds additional debugging information for the binary and also helps by including the line numbers (provided in the source code here):
```
`[testdir]# cat -n atest.c 1 #include <stdio.h> 2 3 int globalvar = 100; 4 5 int function1(void) 6 { 7 printf("Within function1\n"); 8 return 0; 9 } 10 11 int function2(void) 12 { 13 printf("Within function2\n"); 14 return 0; 15 } 16 17 int main(void) 18 { 19 function1(); 20 function2(); 21 printf("Within main\n"); 22 return 0; 23 }`
```
Compile with the **-g** flag and execute it. No surprises here:
```
`[testdir]# gcc -g atest.c [testdir]# ./a.out Within function1 Within function2 Within main`
```
Now use **objdump** to identify memory addresses where your functions begin. You can use the **grep** command to filter out specific lines that you want. The addresses for your functions are highlighted below:
```
`[testdir]# objdump -d a.out | grep -A 2 -E 'main>:|function1>:|function2>:' 000000000040051d : 40051d: 55 push %rbp 40051e: 48 89 e5 mov %rsp,%rbp -- 0000000000400532 : 400532: 55 push %rbp 400533: 48 89 e5 mov %rsp,%rbp -- 0000000000400547`
`: 400547: 55 push %rbp 400548: 48 89 e5 mov %rsp,%rbp`
```
Now use the **addr2line** tool to map these addresses from the binary to match those of the C source code:
```
`[testdir]# addr2line -e a.out 40051d /tmp/testdir/atest.c:6 [testdir]# [testdir]# addr2line -e a.out 400532 /tmp/testdir/atest.c:12 [testdir]# [testdir]# addr2line -e a.out 400547 /tmp/testdir/atest.c:18`
```
It says that **40051d** starts on line number 6 in the source file **atest.c**, which is the line where the starting brace (**{**) for **function1** starts. Match the output for **function2** and **main**.
#### nm: Lists symbols from object files
Use the C program above to test the **nm** tool. Compile it quickly using **gcc** and execute it.
```
`[testdir]# gcc atest.c [testdir]# ./a.out Within function1 Within function2 Within main`
```
Now run **nm** and **grep** for information on your functions and variables:
```
`[testdir]# nm a.out | grep -Ei 'function|main|globalvar' 000000000040051d T function1 0000000000400532 T function2 000000000060102c D globalvar U __libc_start_main@@GLIBC_2.2.5 0000000000400547 T main`
```
You can see that the functions are marked **T**, which stands for symbols in the **text** section, whereas variables are marked as **D**, which stands for symbols in the initialized **data** section.
Imagine how useful it will be to run this command on binaries where you do not have source code? This allows you to peek inside and understand which functions and variables are used. Unless, of course, the binaries have been stripped, in which case they contain no symbols, and therefore the **nm** command wouldn't be very helpful, as you can see here:
```
`[testdir]# strip a.out [testdir]# nm a.out | grep -Ei 'function|main|globalvar' nm: a.out: no symbols`
```
### Conclusion
The GNU binutils tools offer many options for anyone interested in analyzing binaries, and this has only been a glimpse of what they can do for you. Read the man pages for each tool to understand more about them and how to use them.
--------------------------------------------------------------------------------
via: https://opensource.com/article/19/10/gnu-binutils
作者:[Gaurav Kamathe][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/gkamathe
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/tools_sysadmin_cloud.png?itok=sUciG0Cn (Tools for the sysadmin)
[2]: https://en.wikipedia.org/wiki/GNU_Binutils
[3]: https://www.freebsd.org/doc/handbook/linuxemu.html
[4]: https://en.wikipedia.org/wiki/Executable_and_Linkable_Format
[5]: https://en.wikipedia.org/wiki/C_preprocessor
[6]: https://gcc.gnu.org/onlinedocs/gcc/
[7]: https://en.wikipedia.org/wiki/Position-independent_code#Position-independent_executables

242
sources/tech/20191004 All That You Can Do with Google Analytics, and More.md Normal file
View File

@ -0,0 +1,242 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (All That You Can Do with Google Analytics, and More)
[#]: via: (https://opensourceforu.com/2019/10/all-that-you-can-do-with-google-analytics-and-more/)
[#]: author: (Ashwin Sathian https://opensourceforu.com/author/ashwin-sathian/)
All That You Can Do with Google Analytics, and More
======
[![][1]][2]
*We have all heard about or used Google Analytics (GA) the most popular tool to track user activity such as, but not limited to, page visits. Its utility and popularity means that everybody wishes to use it. This article focuses on how to use it correctly in a world where single page Angular and React applications are becoming more popular by the day. *
A pertinent question is how does one track page visits in applications that have just one page?
As always, there are ways around this and we will look at one such option in this article. While we will do the implementation in an Angular application, the usage and concepts arent very different if the app is in React. So, lets get started!
**Getting the application ready**
Getting a tracking ID: Before we write actual code, we need to get a tracking ID, the unique identifier that tells Google Analytics that data like a click or a page view is coming from a particular application.
To get this, we do the following:
1. Go to _<https://analytics.google.com>_.
2. Sign up by entering the required details. Make sure the registration is for the Web ours is a Web application, after all.
3. Agree to the _Terms and Conditions_, and generate your tracking ID.
4. Copy the ID, which will perhaps look something like UA-ID-Y.
Now that the ID is ready, lets write some code.
**Adding _analytics.js_ script**
While the team at Google has done all the hard work to get the Google Analytics tools ready for us to use, this is where we do our part make it available to the application. This is simple all thats to be done is to add the following script to your applications _index.html_:
```
<script>
(function(i,s,o,g,r,a,m){i[GoogleAnalyticsObject]=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,script,https://www.google-analytics.com/analytics.js,ga);
</script>
```
With that out of the way, lets see how we can initialise Google Analytics in the application.
**Creating the tracker**
Lets now set up the tracker for the application. For this, _open app.component.ts_ and perform the following steps:
1. Declare a global variable named ga, of type _any_ (remember, this is Typescript and you need to mention types).
2. Insert the following line of code into _ngOnInit()_ of your component.
```
ga(create, YOUR_TRACKING_ID, auto);
```
Congratulations! You have now successfully initiated a Google Analytics tracker in your application. Since the tracker initiation is made inside the _OnInit_ function, the tracker will get activated every time the application starts up.
**Recording page visits in the single page application**
What we need to do is record route-visits.
Now comes the tricky bit tracking the parts of your application visited by users. From a functional aspect, we know that routes are stand-ins for traditional pages in modern single page Web applications. It means we need to record route-visits. This is not easy, but we can still achieve this.
In the _ngOnInit()_ function inside _app.component.ts_, add the following code snippet:
```
import { Router, NavigationEnd } from @angular/router;
constructor(public router: Router) {}
...
this.router.events.subscribe(
event => {
if (event instanceof NavigationEnd) {
ga(set, page, event.urlAfterRedirects);
ga(send, { hitType: pageview, hitCallback: () => { this.pageViewSent = true; }
});
}
} );
```
Believe it or not, those few lines of code have taken care of the pageview recording issue in the Angular application.
Despite only a few lines of code, a fair bit is happening here:
1. Import Router and NavigationEnd from Angular Router.
2. Add Router to the component through its constructor.
3. Next, subscribe to router events; i.e., all events emitted by the Angular Router.
4. Whenever there is an instance of a NavigationEnd event (emitted whenever the application navigates to a route), we set that destination/ route as a page and this sends a pageview.
Now, every time a routing occurs, a pageview is sent to Google Analytics. You can view this in the online Google Analytics dashboard.
Like pageviews, we can record a lot of other activities like screenview, timing, etc, using the same syntax. We can set the program to react in any way we want to for all such send activities, through the _hitCallback()_, as shown in the code snippet. Here we are setting a variable value to true, but any piece of code can be executed in _hitCallback_.
**Tracking user interactions**
After pageviews, the most commonly tracked activities on Google Analytics are user interactions such as, but not limited to, button clicks. How many times was the _Submit_ button clicked?, How often is the product brochure viewed? These are questions that are often asked in product review meetings for Web applications. In this section, well look at this implementation using Google Analytics in the application.
**Button clicks:** Consider a case for which you wish to track the number of times a certain button/link in the application is clicked a metric that is most associated with sign-ups, call-to-action buttons, etc. Well look at an example for this.
For this purpose, assume that you have a Show Interest button in your application for an upcoming event. The organisers wish to keep track of how many people are interested in the event by tracking those clicking the button. The following code snippet facilitates this:
```
params = {
eventCategory:
Button
,
eventAction:
Click
,
eventLabel:
Show interest
,
eventValue:
1
};
showInterest() {
ga(send, event, this.params);
}
```
Lets look at what is being done here. Google Analytics, as already discussed, records activities when we send the data to it. It is the parameters that we pass to this send method that distinguish between various events like tracking clicks on two separate buttons.
1\. First, we define a params object that should have the following fields:
1. _eventCategory_ An object with which interaction happens; in this case, a button.
2. _eventAction_ The type of interaction; in our case, a click.
3. _eventLabel_ An identifier for the interaction. In this case, we could call it Show Interest.
4. _eventValue_ Basically, the value you wish to associate with each instance of this event.
Since this example is measuring the number of people showing interest, we can set this value to 1.
2\. After constructing this object, the next part is pretty simple and one of the most commonly used methods as far as Google Analytics tracking goes sending the event, with the params object as a payload. We do this by using event binding on the button and attaching the _showInterest()_ button to it.
Thats it! Google Analytics (GA) will now track data of people expressing interest by clicking the button.
**Tracking social engagements:** Google Analytics also lets you track peoples interactions on social media through the application. One such case would be a Facebook-type Like button for our brands page that we place in the application. Lets look at how we can do this tracking using GA.
```
fbLikeParams = {
socialNetwork:
'Facebook',
socialAction:
'Like',
socialTarget:
'https://facebook.com/mypage'
};
fbLike() {
ga('send', 'social', this.fbLikeParams);
}
```
If that code looks familiar, its because it is very similar to the method by which we track button clicks. Lets look at the steps:
1\. Construct the payload for sending data. This payload should have the following fields:
1. _socialNetwork_ The network the interaction is happening with, e.g., Facebook, Twitter, etc.
2. _socialAction_ What sort of interaction is happening, e.g., Like, Tweet, Share, etc.
3. _socialTarget_ What URL is being targeted by using the interaction. This could be the URL of the social media profile/page.
2\. The next method is, of course, to add a function to report this activity. Unlike a button click, we dont use the _send_ method here, but the social method. Also, after this function is written, we bind it to the Like button we have in place.
Theres more that can be done with GA as far as tracking user interactions go, one of the top items being exception tracking. This allows us to track errors and exceptions occurring in the application using GA. We wont delve deeper into it in this article; however, the reader is encouraged to explore this.
**User identity**
**Privacy is a right, not a luxury:** While Google Analytics can record a lot of activities as well as user interactions, there is one comparatively less known aspect, which we will look at in this section. Theres a lot of control we can place over tracking (and not tracking) user identity.
**Cookies:** GA uses cookies as a means to track a users activity. But we can define what these cookies are named and a couple of other aspects about them, as shown in the code snippet below:
```
trackingID =
UA-139883813-1
;
cookieParams = {
cookieName: myGACookie,
cookieDomain: window.location.hostname,
cookieExpires: 604800
};
ngOnInit() {
ga(create, this.trackingID, this.cookieParams);
...
}
```
Here, we are setting the GA cookies name, domain and cookie expiration date, which allows us to distinguish cookies set by our GA tracker from those set by GA trackers from other websites/Web applications. Rather than a cryptic auto-generated identity, well be able to set custom identities for our applications GA tracker cookies.
**IP anonymisation:** There may be cases when we do not want to know where the traffic to our application is coming from. For instance, consider a button click activity tracker we do not necessarily need to know the geographical source of that interaction, so long as the number of hits is tracked. In such situations, GA allows us to track users activity without them having to reveal their IP address.
```
ipParams = {
anonymizeIp: true
};
ngOnInit() {
ga('set', this.ipParams);
...
}
```
Here, we are setting the parameters of the GA tracker so that IP anonymisation is set to _true_. Thus, our users IP address will not be tracked by Google Analytics, which will give users a sense of privacy.
**Opt-out:** At times, users may not want their browsing data to be tracked. GA allows for this too, and hence has the option to enable users to completely opt out of GA tracking.
```
...
optOut() {
window[ga-disable-UA-139883813-1] = true;
}
...
```
_optOut()_ is a custom function which disables GA tracking from the window. We can employ this function using event binding on a button/check box, which allows users to opt out of GA tracking.
We have looked at what makes integrating Google Analytics into single page applications tricky and explored a way to work around this. We also saw how we can track page views in single page applications as well as touched upon tracking users interactions with the application, such as button clicks, social media engagements, etc.
Finally, we examined opportunities offered by GA to ensure user privacy, especially when their identity isnt critical to our applications analytics, to the extent of allowing users to entirely opt out of Google Analytics tracking. Since there is much more that can be done, youre encouraged to keep exploring and keep playing around with the methods offered by GA.
--------------------------------------------------------------------------------
via: https://opensourceforu.com/2019/10/all-that-you-can-do-with-google-analytics-and-more/
作者:[Ashwin Sathian][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensourceforu.com/author/ashwin-sathian/
[b]: https://github.com/lujun9972
[1]: https://i0.wp.com/opensourceforu.com/wp-content/uploads/2019/10/Analytics-illustration.jpg?resize=696%2C396&ssl=1 (Analytics illustration)
[2]: https://i0.wp.com/opensourceforu.com/wp-content/uploads/2019/10/Analytics-illustration.jpg?fit=900%2C512&ssl=1

161
sources/tech/20191005 Use GameHub to Manage All Your Linux Games in One Place.md Normal file
View File

@ -0,0 +1,161 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Use GameHub to Manage All Your Linux Games in One Place)
[#]: via: (https://itsfoss.com/gamehub/)
[#]: author: (Ankush Das https://itsfoss.com/author/ankush/)
Use GameHub to Manage All Your Linux Games in One Place
======
How do you [play games on Linux][1]? Let me guess. Either you install games from the software center or from Steam or from GOG or Humble Bundle etc, right? But, how do you plan to manage all your games from multiple launchers and clients? Well, that sounds like a hassle to me which is why I was delighted when I come across [GameHub][2].
GameHub is a desktop application for Linux distributions that lets you manage “All your games in one place”. That sounds interesting, isnt it? Let me share more details about it.
![][3]
### GameHub Features to manage Linux games from different sources at one place
Lets see all the features that make GameHub one of the [essential Linux applications][4], specially for gamers.
#### Steam, GOG &amp; Humble Bundle Support
![][5]
It supports Steam, [GOG][6], and [Humble Bundle][7] account integration. You can sign in to your account to see manager your library from within GameHub.
For my usage, I have a lot of games on Steam and a couple on Humble Bundle. I cant speak for all but it is safe to assume that these are the major platforms one would want to have.
#### Native Game Support
![][8]
There are several [websites where you can find and download Linux games][9]. You can also add native Linux games by downloading their installers or add the executable file.
Unfortunately, theres no easy way of finding out games for Linux from within GameHub at the moment. So, you will have to download them separately and add it to the GameHub as shown in the image above.
#### Emulator Support
With emulators, you can [play retro games on Linux][10]. As you can observe in the image above, you also get the ability to add emulators (and import emulated images).
You can see [RetroArch][11] listed already but you can also add custom emulators as per your requirements.
#### User Interface
![Gamehub Appearance Option][12]
Of course, the user experience matters. Hence, it is important to take a look at its user interface and what it offers.
To me, I felt it very easy to use and the presence of a dark theme is a bonus.
#### Controller Support
If you are comfortable using a controller with your Linux system to play games you can easily add it, enable or disable it from the settings.
#### Multiple Data Providers
Just because it fetches the information (or metadata) of your games, it needs a source for that. You can see all the sources listed in the image below.
![Data Providers Gamehub][13]
You dont have to do anything here but if you are using anything else other than steam as your platform, you can generate an [API key for IDGB.][14]
I shall recommend you to do that only if you observe a prompt/notice within GameHub or if you have some games that do not have any description/pictures/stats on GameHub.
#### Compatibility Layer
![][15]
Do you have a game that does not support Linux?
You do not have to worry. GameHub offers multiple compatibility layers like Wine/Proton which you can use to get the game installed in order to make it playable.
We cant be really sure on what works for you so you have to test it yourself for that matter. Nevertheless, it is an important feature that could come handy for a lot of gamers.
### How Do You Manage Your Games in GameHub?
You get the option to add Steam/GOG/Humble Bundle account right after you launch it.
For Steam, you need to have the Steam client installed on your Linux distro. Once, you have it, you can easily link the games to GameHub.
![][16]
For GOG &amp; Humble Bundle, you can directly sign in using your credentials to get your games organized in GameHub.
If you are adding an emulated image or a native installer, you can always do that by clicking on the “**+**” button that you observe in the top-right corner of the window.
### How Do You Install Games?
For Steam games, it automatically launches the Steam client to download/install (I wish if this was possible without launching Steam!)
![][17]
But, for GOG/Humble Bundle, you can directly start downloading to install the games after signing in. If necessary, you can utilize the compatibility layer for non-native Linux games.
In either case, if you want to install an emulated game or a native game just add the installer or import the emulated image. Theres nothing more to it.
### GameHub: How do you install it?
![][18]
To start with, you can just search for it in your software center or app center. It is available in the **Pop!_Shop**. So, it can be found in most of the official repositories.
If you dont find it there, you can always add the repository and install it via terminal by typing these commands:
```
sudo add-apt-repository ppa:tkashkin/gamehub
sudo apt update
sudo apt install com.github.tkashkin.gamehub
```
In case you encounter “**add-apt-repository command not found**” error, you can take a look at our article to help fix [add-apt-repository not found error.][19]
There are also AppImage and Flatpak versions available. You can find installation instructions for other Linux distros on its [official webpage][2].
Also, you have the option to download pre-release packages from its [GitHub page][20].
[GameHub][2]
**Wrapping Up**
GameHub is a pretty neat application as a unified library for all your games. The user interface is intuitive and so are the options.
Have you had the chance it test it out before? If yes, let us know your experience in the comments down below.
Also, feel free to tell us about some of your favorite tools/applications similar to this which you would want us to try.
--------------------------------------------------------------------------------
via: https://itsfoss.com/gamehub/
作者:[Ankush Das][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://itsfoss.com/author/ankush/
[b]: https://github.com/lujun9972
[1]: https://itsfoss.com/linux-gaming-guide/
[2]: https://tkashkin.tk/projects/gamehub/
[3]: https://i2.wp.com/itsfoss.com/wp-content/uploads/2019/10/gamehub-home-1.png?ssl=1
[4]: https://itsfoss.com/essential-linux-applications/
[5]: https://i1.wp.com/itsfoss.com/wp-content/uploads/2019/10/gamehub-platform-support.png?ssl=1
[6]: https://www.gog.com/
[7]: https://www.humblebundle.com/monthly?partner=itsfoss
[8]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2019/10/gamehub-native-installers.png?ssl=1
[9]: https://itsfoss.com/download-linux-games/
[10]: https://itsfoss.com/play-retro-games-linux/
[11]: https://www.retroarch.com/
[12]: https://i2.wp.com/itsfoss.com/wp-content/uploads/2019/10/gamehub-appearance.png?ssl=1
[13]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2019/10/data-providers-gamehub.png?ssl=1
[14]: https://www.igdb.com/api
[15]: https://i2.wp.com/itsfoss.com/wp-content/uploads/2019/10/gamehub-windows-game.png?fit=800%2C569&ssl=1
[16]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2019/10/gamehub-library.png?ssl=1
[17]: https://i2.wp.com/itsfoss.com/wp-content/uploads/2019/10/gamehub-compatibility-layer.png?ssl=1
[18]: https://i1.wp.com/itsfoss.com/wp-content/uploads/2019/10/gamehub-install.jpg?ssl=1
[19]: https://itsfoss.com/add-apt-repository-command-not-found/
[20]: https://github.com/tkashkin/GameHub/releases

605
translated/tech/20140510 Managing Digital Files (e.g., Photographs) in Files and Folders.md
View File

@ -1,605 +0,0 @@
数码文件与文件夹收纳术(以照片为例)
======
更新 2014-05-14:增加了一些具体实例
更新 2015-03-16:根据照片的 GPS 坐标过滤图片
更新 2016-08-29:以新的 `filetags--filter` (LCTT译注文件标签过滤器)替换已经过时的 `show-sel.sh` 脚本LCTT译注show-sel 为 show firmware System Event Log records 即硬件系统事件及日志显示)
更新 2017-08-28: geeqier 视频缩略图的邮件评论
更新 2018-03-06:增加了zum Konzept von Julian Kahnert 的链接
更新 2018-05-06:增加了作者在 2018 Linuxtage Graz 大会上演讲的视频
更新 2018-06-05:关于 metadata 的邮件回复
更新 2019-07-09:关于在文件名中避免使用系谱和字符的邮件回复
每当度假或去哪游玩时我就会化身为一个富有激情的摄影师。所以,过去的几年中我积累了许多的 [JPEG][1] 文件。这篇文章中我会介绍我是如何避免[vendor lock-in][2]LCTT译注vendor lock-in 供应商锁定,原为经济学术语,这里引申为避免过于依赖某一服务平台)造成受限于那些临时性的解决方案及数据丢失。相反,我更倾向于使用那些可以让我投入时间和精力打理并能长久使用的解决方案。
这一(相当长的)攻略 **并不仅仅适用于图像文件** :我将进一步阐述像是文件夹结构,文件的命名规则,等等许多领域的事情。因此,这些规范适用于我所能接触到的所有类型的文件。
在我开始传授我的方法之前,我们应该先就我将要介绍方法的达成一个共识,那就是我们是否有相同的需求。如果你对[raw 图像格式][3]十分推崇,将照片存储在云端或其他你信赖的地方(对我而言可能不会),那么你可能不会认同这篇文章将要描述的方式了。请根据你的情况来灵活做出选择。
### 我的需求
对于 **将照片(或视频)从我的数码相机中导出到电脑里**,我仅仅将 SD 卡茶道我的电脑里并调用 fetch-workflow 软件。这一步也完成了 **图像软件的预处理** 适用于我提出的文件命名规范(下文会具体论述)同时也可以将图片旋转至正常的方向(而不是横着)。
这些文件将会被存入到我的摄影收藏文件夹 `$HOME/tmp/digicam/`。 在这一文件夹中我希望能完成以下的操作 **浏览图像和视频文件** 以便于 **整理排序/删除,重命名,添加/移除标签,以及将一系列相关的文件移动到相应的文件夹中**
在完成这些以后,我将会**浏览包含图像/电影文件集的文件夹**。在极少数情况下,我希望**在独立的图像处理工具**中打开一个图像文件,比如[GIMP][4]。如果仅是为了**旋转JPEG文件**我想找到一个快速的方法不需要图像处理工具这是旋转JPEG图像[无损的方式][5]。
我的数码相机支持用[GPS][6]坐标标记图像。因此,我需要一个方法来**可视化GPS坐标的单个文件以及一组文件**显示我走过的路径。
我想安利的另一个好功能是:假设你在威尼斯度假时拍了几百张照片。每一个都很漂亮所以你每张都舍不得删除。另一方面你可能想要一组更小的照片送给家里的朋友。而且为了不让他们过于嫉妒他们可能只希望看到20多张照片。因此我希望能够**定义并显示一组特定的照片**。
就独立性和**避免锁定效应**而言,我不想使用那种一旦公司停止产品或服务就无法使用的工具。出于同样的原因,由于我是一个注重隐私的人,**我不想使用任何基于云的服务**。为了让自己对新的可能性保持开放的心态,我不希望仅在一个特定的操作系统平台上倾注全部的精力。**基本的东西必须在任何平台上可用**(查看、导航、……)。但是**全套需求必须在GNU/Linux上运行**且我选择Debian GNU/Linux。
在我传授当前针对上述大量需求的解决方案之前,我必须解释一下我的一般文件夹结构和文件命名约定,我也使用它来命名数码照片。但首先,你必须认清一个重要的事实:
#### iPhoto, Picasa, 诸如此类应被认为是有害的
管理照片集合的软件工具确实提供了相当酷的功能。他们提供了一个良好的用户界面,并试图为你提供各种需求的舒适的工作流程。
这些软件的功能和我的个人需求之间的差异很大。它们几乎对所有东西都使用专有的存储格式:图像文件、元数据等等。这是一个大问题,当你打算在几年内换一个不同的软件。相信我:总有一天你会因为多种原因而改变。
如果你现在正打算更换 相应的工具你将会意识到iPhoto或Picasa确实分别存储原始图像文件和你对它们所做的所有操作。旋转图像向图像文件添加描述标签裁剪等等如果你不能导出并重新导入到新工具那么**所有的东西都将永远丢失**。而无损的进行转换和迁移几乎是不可能的。
我不想在一个会锁住我工作的工具上投入任何精力。**我也拒绝把自己绑定在任何专有工具上**。我是一个过来人,希望你们吸取我的经验。
这就是我在文件名中保留时间戳、图像描述或标记的原因。文件名是永久性的除非我手动更改它们。当我把照片备份或复制到u盘或其他操作系统时它们不会丢失。每个人都能读懂。任何未来的系统都能够处理它们。
### 我的文件命名规范
这里有一个我在 [2018 Linuxtage Graz 大会][44]上给出的[演讲][45],其中详细阐述了我的在本文中提到的想法和工作流程。
我所有的文件都与一个特定的日期或时间有关,根据所采用的[ISO 8601][7]规范,我采用的是**日期-标记**或**时间-标记**
带有日期戳和两个标签的示例文件名:`2014-05-09 42号项目的预算 -- 金融公司.csv`
带有时间戳(甚至包括可选秒)和两个标签的示例文件名:`2014-05-09T22.19.58 Susan展示她的新鞋子 -- 家庭衣物.jpg`
由于冒号不适用于Windows[文件系统NTFS][8]所以我必须使用已采用的ISO时间戳。因此我用点代替冒号以便将小时与分钟区别开来。
如果是**时间或持续的一段时间**,我会将两个日期或时间戳用两个负号分开:`2014-05-09—2014-05-13爵士音乐节Graz—folder 旅游音乐.pdf`。
文件名中的时间/日期戳的优点是,除非我手动更改它们,否则它们保持不变。当通过某些不处理这些元数据的软件进行处理时,包含在文件内容本身中的元数据(如[Exif][9])往往会丢失。此外,使用这样的日期/时间戳启动文件名可以确保文件按时间顺序显示,而不是按字母顺序显示。字母表是一种[完全人工的排序顺序][10],对于用户定位文件通常不太实用。
当我想将**tags**关联到文件名时,我将它们放在原始文件名和[文件名扩展名][11]之间,中间用空格、两个减号和一个额外的空格分隔"`--`"。我的标签是小写的英文单词,不包含空格或特殊字符。有时,我可能会使用`quantifiedself`或`usergenerated`等连接词。我[倾向于选择一般类别][12]而不是太过具体的描述标签。我用这一方式在Twitter [hashtags][13]上重用标记、文件名、文件夹名、书签、诸如此类的博客条目等等。
标签作为文件名的一部分有几个优点。通过使用常用的桌面搜索引擎,你可以在标签的帮助下定位文件。文件名称中的标签不能因为在不同的存储介质上复制而丢失。当系统使用与文件名不同的存储位置如:元数据数据库、[dot-files][14]、[备用数据流][15]等,通常会发生这种情况
当然,在一般的文件和文件夹名称中,**请避免使用特殊字符**umlauts冒号等。尤其是在不同操作系统平台之间同步文件时。
我的**文件夹名命名约定**与文件的相应规范相同。
注意:由于[Memacs][17]的[filenametimestamp][16]-module的聪明之处所有带有日期/时间戳的文件和文件夹都在同一时间/天出现在我的组织模式日历(agenda)上。这样,我就能很好地了解当天发生了什么,包括我拍的所有照片。
### 我的一般文件夹结构
在本节中,我将描述主文件夹中最重要的文件夹。注意:这可能在将来的被移动到一个独立的页面。或许不是。让我们等着瞧:-)
很多东西只有在一定的时间内才会引起人们的兴趣。这些内容包括快速浏览其内容的下载、解压缩文件以检查包含的文件、一些有趣的小内容等等。对于**临时的东西**,我有 `$HOME/tmp/ ` 子层次结构。新照片放在`$HOME/tmp/digicam/`中。我从CD、DVD或USB记忆棒临时复制的东西放在`$HOME/tmp/fromcd/`中。每当软件工具需要用户文件夹层次结构中的临时数据时,我就使用` $HOME/tmp/Tools/ `作为起点。我经常使用的文件夹是`$HOME/tmp/2del/`:`2del`的意思是“随时可以删除”。例如,我所有的浏览器都使用这个文件夹作为默认的下载文件夹。如果我需要在机器上腾出空间,我首先查看这个`2del`-文件夹,用于删除内容。
与上面描述的临时文件相比,我当然也想将文件**保存更长的时间**。这些文件被移动到我的`$HOME/archive/`子层次结构中。它有几个子文件夹备份,web /下载我想保留,二进制文件我要存档,索引文件的可移动媒体(CD, DVD,记忆棒、外部硬盘驱动器),和一个文件夹用来存档(和寻找一个合适的的目标文件夹)在不久的将来。有时,我太忙或没有耐心的时候将文件妥善整理。是的,那就是我,我甚至有一个名为`现在不要整理我`的文件夹。这对你而言是否很怪?:-)
我的归档中最重要的子层次结构是 `$HOME/archive/events_memories/ `及其子文件夹` 2014/ `、` 2013/ `、` 2012/ `等等。正如你可能已经猜到的,每个年份有一个**子文件夹**。其中每个文件中都有单个文件和文件夹。这些文件是根据我在前一节中描述的文件名约定命名的。文件夹名称符合“YYYY-MM-DD”[ISO 8601][7] 日期标签开头,后面跟着一个具有描述性的名称,如`$HOME/archive/events_memories/2014/2014-05-08 Business marathon with /`。在这些与日期相关的文件夹中,我保存着各种与特定事件相关的文件:照片、(扫描的)pdf文件、文本文件等等。
对于**共享数据**,我设置一个`$HOME/share/`子层次结构。这是我的Dropbox文件夹我用各种各样的方法(比如[unison][18])来分享数据。我也在我的设备之间共享数据:家里的Mac Mini家里的GNU/Linux笔记本Android手机root-server(我的个人云)工作时的windows笔记本。我不想在这里详细说明我的同步设置。如果你想了解相关的设置可以参考另一篇相关的文章。:-)
在我的` $HOME/ templates_tags / `子层次结构中,我保存了各种**模板文件** ([LaTeX][19] 脚本,…),剪辑和**logos**,等等。
我的**Org-mode**文件,主要是保存在`$ HOME /org/`。我练习保持记忆,并没有解释我有多喜欢 [Emacs/Org-mode][20]以及这我从中获益多少。你可能读过或听过我详细描述我用它做的很棒的事情。具体可以在我的博客上查找[我的' emacs '标签][21]在twitter上查找[hashtag ' #orgmode '][22]。
以上就是我最重要的文件夹子层次结构设置方式。
### 我的工作流程
Tataaaa在你了解了我的文件夹结构和文件名约定之后下面是我当前的工作流程和工具我使用它们来满足我前面描述的需求。
请注意,**你必须知道你在做什么**。我这里的示例及文件夹路径和更多只**适用我的机器或我的设置的文件夹路径**。你必须采用**相应的路径、文件名等**来满足你的需求!
#### 工作流程:将文件从SD卡移动到笔记本电脑旋转人像图像并重命名文件
当我想把数据从我的数码相机移到我的GNU/Linux笔记本上时我拿出它的mini sd存储卡把它放在我的笔记本上。然后它会自动挂载在` /media/digicam `上。
然后,调用[getdigicamdata]。它做了如下几件事:它将文件从SD卡移动到一个临时文件夹中进行处理。原始文件名会转换为小写字符。使用[jhead][24]旋转所有人像照片。同样使用jhead我从Exif头时间戳生成文件名称时间戳。使用[date2name][25]我将时间戳添加到电影文件中。处理完所有这些文件后它们将被移动到新的digicam文件的目标文件夹:$HOME/tmp/digicam/tmp/~。
#### 工作流程:文件夹索引、查看、重命名、删除图像文件
为了快速浏览我的图像和电影文件我更喜欢在GNU/Linux上使用[geeqie][26]。这是一个相当轻量级的图像浏览器,它具有其他文件浏览器所缺少的一大优势:我可以通过键盘快捷方式调用的外部脚本/工具。通过这种方式,我可以通过任意的外部命令扩展图像浏览器的特性。
基本的图像管理功能是内置在geeqie:索引我的文件夹层次结构,在窗口模式或全屏查看图像(快捷键' f ')重命名文件名删除文件显示Exif元数据(快捷键` Ctrl-e `)。
在OS X上我使用[Xee][27]。与geeqie不同它不能通过外部命令进行扩展。不过基本的导航、查看和重命名功能也是可用的。
#### 工作流:添加和删除标签
我创建了一个名为[filetags][28]的Python脚本用于向单个文件以及一组文件添加和删除标记。
对于数码照片,我使用标签,例如,`specialL`用于我认为适合桌面背景的风景图片,`specialP`用于我想展示给其他人的人像照片,`sel`用于筛选,等等。
##### 使用geeqie初始设置文件标签
向geeqie添加文件标签是一个手动步骤:`编辑>首选项>配置编辑器…`然后创建一个带有`New`的附加条目。在这里,你可以定义一个新的桌面文件,如下所示:
add-tags.desktop
```
[Desktop Entry]
Name=filetags
GenericName=filetags
Comment=
Exec=/home/vk/src/misc/vk-filetags-interactive-adding-wrapper-with-gnome-terminal.sh %F
Icon=
Terminal=true
Type=Application
Categories=Application;Graphics;
hidden=false
MimeType=image/*;video/*;image/mpo;image/thm
Categories=X-Geeqie;
```
包装器脚本的`vk-filetags-interactive-adding-wrapper-with-gnome-terminal.sh `是必须的,因为我想要弹出一个新的终端,以便添加标签到我的文件:
vk-filetags-interactive-adding-wrapper-with-gnome-terminal.sh
```
#!/bin/sh
/usr/bin/gnome-terminal \
--geometry=85x15+330+5 \
--tab-with-profile=big \
--hide-menubar \
-x /home/vk/src/filetags/filetags.py --interactive "${@}"
#end
```
在geeqie中你可以在` Edit > Preferences > Preferences…>键盘`。我将`t`与`filetags`命令相关联。
标签脚本还能够从单个文件或一组文件中删除标记。它基本上使用与上面相同的方法。唯一的区别是文件标签脚本额外的`--remove`参数:
remove-tags.desktop
```
[Desktop Entry]
Name=filetags-remove
GenericName=filetags-remove
Comment=
Exec=/home/vk/src/misc/vk-filetags-interactive-removing-wrapper-with-gnome-terminal.sh %F
Icon=
Terminal=true
Type=Application
Categories=Application;Graphics;
hidden=false
MimeType=image/*;video/*;image/mpo;image/thm
Categories=X-Geeqie;
```
vk-filetags-interactive-removing-wrapper-with-gnome-terminal.sh
```
#!/bin/sh
/usr/bin/gnome-terminal \
--geometry=85x15+330+5 \
--tab-with-profile=big \
--hide-menubar \
-x /home/vk/src/filetags/filetags.py --interactive --remove "${@}"
#end
```
为了删除标签,我为`T`参数创建了一个键盘快捷方式。
##### 在geeqie中使用文件标签
当我在geeqie文件浏览器中浏览图像文件时我选择要标记的文件(一到多个)并按`t`。然后,一个小窗口弹出,要求我提供一个或多个标签。在 ` Return ` 命令确认后,这些标签被添加到文件名中。
删除标签也是一样:选择多个文件,按下`T`,输入要删除的标签,然后用`Return`确认。就是这样。几乎没有[更简单的方法来添加或删除标签到文件][29]。
#### 工作流:使用appendfilename重命名高级文件
##### 不使用 appendfilename
重命名一组大型文件可能是一个冗长乏味的过程。对于`2014-04-20T17.09.11_p1100386.jpg`这样的原始文件名,在文件名中添加描述的过程相当烦人。你将按`Ctrl-r`(重命名)在geeqie打开文件重命名对话框。默认情况下原始名称(没有文件扩展名的文件名称)被标记。因此,如果不希望删除/覆盖文件名(但要追加),则必须按下光标键` <right> `。然后,光标放在基本名称和扩展名之间。输入你的描述(不要忘记初始空格字符),并用`Return`进行确认。
##### 在 geeqie 使中用 appendfilename
使用[appendfilename][30],我的过程得到了简化,可以获得将文本附加到文件名的最佳用户体验:当我在geeqie中按下` a ` (append)时,会弹出一个对话框窗口,询问文本。在`Return`确认后,输入的文本将放置在时间戳和可选标记之间。
例如,当我在`2014-04-20T17.09.11_p1100386.jpg`上按下`a`,然后在`Graz`中键入`Pick-nick in Graz`时,文件名变为`2014-04-20T17.09.11_p1100386 Pick-nick in Graz.jpg`。当我再次按下`a`并输入`with Susan`时,文件名变为`2014-04-20T17.09.11_p1100386 Pick-nick in Graz with Susan.jpg`。当文件名也获得标记时,附加的文本将附加在标记分隔符之前。
这样,我就不必担心覆盖时间戳或标记。重命名的过程对我来说变得更加有趣!
最好的部分是:当我想要将相同的文本添加到多个选定的文件中时也可以使用appendfilename。
##### 使用 geeqie 初始 appendfilename
添加一个额外的编辑器到geeqie: ` Edit > Preferences > Configure editor…>New`。然后输入桌面文件定义:
appendfilename.desktop
```
[Desktop Entry]
Name=appendfilename
GenericName=appendfilename
Comment=
Exec=/home/vk/src/misc/vk-appendfilename-interactive-wrapper-with-gnome-terminal.sh %F
Icon=
Terminal=true
Type=Application
Categories=Application;Graphics;
hidden=false
MimeType=image/*;video/*;image/mpo;image/thm
Categories=X-Geeqie;
```
同样,我也使用了一个包装脚本,它将为我打开一个新的终端:
vk-appendfilename-interactive-wrapper-with-gnome-terminal.sh
```
#!/bin/sh
/usr/bin/gnome-terminal \
--geometry=90x5+330+5 \
--tab-with-profile=big \
--hide-menubar \
-x /home/vk/src/appendfilename/appendfilename.py "${@}"
#end
```
#### 工作流程:播放电影文件
在GNU/Linux上我使用[mplayer][31]回放视频文件。由于geeqie本身不播放电影文件所以我必须创建一个设置以便在mplayer中打开电影文件。
##### 在geeqie中初始化mplayer的设置
我已经使用[xdg-open][32]将电影文件扩展名关联到mplayer。因此我只需要为geeqie创建一个通用的“open”命令使用xdg-open打开任何文件及其关联的应用程序。
再次访问` Edit > Preferences > Configure editor…`在geeqie中添加`open`的条目:
open.desktop
```
[Desktop Entry]
Name=open
GenericName=open
Comment=
Exec=/usr/bin/xdg-open %F
Icon=
Terminal=true
Type=Application
hidden=false
NOMimeType=*;
MimeType=image/*;video/*
Categories=X-Geeqie;
```
当你将快捷方式`o`(见上文)与geeqie关联时你就能够打开与其关联的应用程序的视频文件(和其他文件)。
##### 使用xdg-open打开电影文件(和其他文件)
在上面的设置过程之后当你的geeqie光标位于文件上方时你只需按下`o`即可。就是如此简洁。
#### 工作流:在外部图像编辑器中打开
我不太希望能够在GIMP中快速编辑图像文件。因此我添加了一个快捷方式`g`并将其与外部编辑器“GNU图像处理程序”(GIMP)关联起来geeqie已经默认创建了该程序
这样,只需按下`g`就可以打开GIMP中的当前图像。
#### 工作流程:移动到存档文件夹
现在我已经在我的文件名中添加了注释,我想将单个文件移动到`$HOME/archive/events_memories/2014/`,或者将一组文件移动到这个文件夹中的新文件夹中,如`$HOME/archive/events_memories/2014/2014-05-08 business marathon after show - party`。
通常的方法是选择一个或多个文件,并将它们移动到具有快捷方式`Ctrl-m`的文件夹中。
何等繁复无趣之至!
因此,我(再次)编写了一个Python脚本它为我完成了这项工作:[move2archive][33](简而言之:` m2a `需要一个或多个文件作为命令行参数。然后,出现一个对话框,我可以在其中输入一个可选文件夹名。当我不输入任何东西,但按`Return`,文件被移动到相应年份的文件夹。当我输入一个类似`business marathon after show - party`的文件夹名称时,第一个图像文件的日期戳被附加到该文件夹(`$HOME/archive/events_memories/2014/2014-05-08 business marathon after show - party`),得到的文件夹是(`$HOME/archive/events_memories/2014/2014-05-08 Business-Marathon After-Show-Party`),并移动文件。
我在geeqie中再一次选择一个或多个文件按`m`(移动),或者只按`Return`(没有特殊的子文件夹),或者输入一个描述性文本,这是要创建的子文件夹的名称(可选不带日期戳)。
**没有一个图像管理工具像我的geeqie一样通过快捷键快速且有趣的使用 appendfilename和move2archive完成工作。**
##### 在 geeqie 里初始化 m2a 的相关设置
同样向geeqie添加`m2a`是一个手动步骤:“编辑>首选项>配置编辑器……”然后创建一个带有“New”的附加条目。在这里你可以定义一个新的桌面文件如下所示:
m2a.desktop
```
[Desktop Entry]
Name=move2archive
GenericName=move2archive
Comment=Moving one or more files to my archive folder
Exec=/home/vk/src/misc/vk-m2a-interactive-wrapper-with-gnome-terminal.sh %F
Icon=
Terminal=true
Type=Application
Categories=Application;Graphics;
hidden=false
MimeType=image/*;video/*;image/mpo;image/thm
Categories=X-Geeqie;
```
包装器脚本的`vk-m2a-interactive-wrapper-with-gnome-terminal.sh `是必要的,因为我想要弹出一个新的终端窗口,以便我的文件进入我指定的目标文件夹:
vk-m2a-interactive-wrapper-with-gnome-terminal.sh
```
#!/bin/sh
/usr/bin/gnome-terminal \
--geometry=157x56+330+5 \
--tab-with-profile=big \
--hide-menubar \
-x /home/vk/src/m2a/m2a.py --pauseonexit "${@}"
#end
```
在geeqie中你可以在`Edit > Preferences > Preferences ... > Keyboard`将`m`与`m2a`命令相关联。
#### 工作流程:旋转图像(无损)
通常,我的数码相机会自动将人像照片标记为人像照片。然而,在某些特定的情况下(比如从主题上方拍照),我的相机会出错。在那些**罕见的情况下**,我必须手动修正方向。
你必须知道JPEG文件格式是一种有损格式应该只用于照片而不是计算机生成的东西如屏幕截图或图表。以傻瓜方式旋转JPEG图像文件通常会解压/可视化图像文件,旋转生成新的图像,然后重新编码结果。这将导致生成的图像[比原始图像质量差得多][5]。
因此你应该使用无损方法来旋转JPEG图像文件。
再一次我添加了一个“外部编辑器”到geeqie:`Edit > Preferences > Configure Editors ... > New`。在这里,我添加了两个条目:一个用于旋转270度(即逆时针旋转90度),另一个用于使用[exiftran][34]旋转90度(逆时针旋转90度):
rotate-270.desktop
```
[Desktop Entry]
Version=1.0
Type=Application
Name=Losslessly rotate JPEG image counterclockwise
# call the helper script
TryExec=exiftran
Exec=exiftran -p -2 -i -g %f
# Desktop files that are usable only in Geeqie should be marked like this:
Categories=X-Geeqie;
OnlyShowIn=X-Geeqie;
# Show in menu "Edit/Orientation"
X-Geeqie-Menu-Path=EditMenu/OrientationMenu
MimeType=image/jpeg;
```
rotate-90.desktop
```
[Desktop Entry]
Version=1.0
Type=Application
Name=Losslessly rotate JPEG image clockwise
# call the helper script
TryExec=exiftran
Exec=exiftran -p -9 -i -g %f
# Desktop files that are usable only in Geeqie should be marked like this:
Categories=X-Geeqie;
OnlyShowIn=X-Geeqie;
# Show in menu "Edit/Orientation"
X-Geeqie-Menu-Path=EditMenu/OrientationMenu
# It can be made verbose
# X-Geeqie-Verbose=true
MimeType=image/jpeg;
```
我为“[”(逆时针方向)和“]”(逆时针方向)创建了geeqie快捷键。
#### 工作流程:可视化GPS坐标
我的数码相机有一个GPS传感器它在JPEG文件的Exif元数据中存储当前的地理位置。位置数据以[WGS 84][35]格式存储如“47,58,26.73;16、23、55.51”(纬度;经度)。这一方式可读性较差,从我所期望的意义上讲:要么是地图要么是位置名称。因此我向geeqie添加了一些功能这样我就可以在[OpenStreetMap][36]上看到单个图像文件的位置: `Edit > Preferences > Configure Editors ... > New`
photolocation.desktop
```
[Desktop Entry]
Name=vkphotolocation
GenericName=vkphotolocation
Comment=
Exec=/home/vk/src/misc/vkphotolocation.sh %F
Icon=
Terminal=true
Type=Application
Categories=Application;Graphics;
hidden=false
MimeType=image/bmp;image/gif;image/jpeg;image/jpg;image/pjpeg;image/png;image/tiff;image/x-bmp;image/x-gray;image/x-icb;image/x-ico;image/x-png;image/x-portable-anymap;image/x-portable-bitmap;image/x-portable-graymap;image/x-portable-pixmap;image/x-xbitmap;image/x-xpixmap;image/x-pcx;image/svg+xml;image/svg+xml-compressed;image/vnd.wap.wbmp;
```
这就调用了我的名为`vkphotolocation.sh`的包装脚本,它使用[ExifTool][37]让[Marble][38]能够读取和可视化的适当格式并提取坐标:
vkphotolocation.sh
```
#!/bin/sh
IMAGEFILE="${1}"
IMAGEFILEBASENAME=`basename ${IMAGEFILE}`
COORDINATES=`exiftool -c %.6f "${IMAGEFILE}" | awk '/GPS Position/ { print $4 " " $6 }'`
if [ "x${COORDINATES}" = "x" ]; then
zenity --info --title="${IMAGEFILEBASENAME}" --text="No GPS-location found in the image file."
else
/usr/bin/marble --latlon "${COORDINATES}" --distance 0.5
fi
#end
```
映射到键盘快捷键“G”我可以快速地得到**单个图像文件的映射位置位置**。
当我想将多个JPEG图像文件的**位置可视化为路径**时,我使用[GpsPrune][39]。我无法派生出GpsPrune将一组文件作为命令行参数的方法。正因为如此我必须手动启动GpsPrune`选择一组文件或一个文件夹>添加照片`。
通过这种方式我可以为OpenStreetMap地图上的每个JPEG位置获得一个点(如果配置为这样)。通过单击这样一个点,我可以得到相应图像的详细信息。
如果你恰好在国外拍摄照片可视化GPS位置对**在文件名中添加描述**大有帮助!
#### 工作流程:根据GPS坐标过滤照片
这并非我的工作流程。为了完整起见,我列出该工作流对应工具的特性。我想做的就是从一大堆图片中寻找那些在一定区域内(范围或点+距离)的照片。
到目前为止,我只找到了[DigiKam][40],它能够[根据矩形区域进行过滤][41]。如果你知道其他工具,请将其添加到下面的评论或写一封电子邮件。
#### 工作流:显示给定集合的子集
如上面的需求所述,我希望能够在一个文件夹中定义一组子文件,以便将这个小集合呈现给其他人。
工作流程非常简单:我向选择的文件添加一个标记(通过` t ` /filetags)。为此,我使用标记`sel`它是“selection”的缩写。在标记了一组文件之后我可以按下` s `,它与一个脚本相关联,该脚本只显示标记为` sel `的文件。
当然,这也适用于任何标签或标签组合。因此,用同样的方法,你可以得到一个适当的概述,你的婚礼上的所有照片都标记着“教堂”和“戒指”。
很棒的功能,不是吗?:-)
##### 根据标签和geeqie初始设置文件标签
你必须定义一个额外的“外部编辑器”:`Edit > Preferences > Configure Editors ... > New`:
filter-tags.desktop
```
[Desktop Entry]
Name=filetag-filter
GenericName=filetag-filter
Comment=
Exec=/home/vk/src/misc/vk-filetag-filter-wrapper-with-gnome-terminal.sh
Icon=
Terminal=true
Type=Application
Categories=Application;Graphics;
hidden=false
MimeType=image/*;video/*;image/mpo;image/thm
Categories=X-Geeqie;
```
再次调用我编写的包装脚本:
vk-filetag-filter-wrapper-with-gnome-terminal.sh
```
#!/bin/sh
/usr/bin/gnome-terminal \
--geometry=85x15+330+5 \
--hide-menubar \
-x /home/vk/src/filetags/filetags.py --filter
#end
```
带参数`--filter`的`filetags`基本上完成的是:用户被要求输入一个或多个标签。然后,当前文件夹中所有匹配的文件都能使用[符号链接][42]都链接到` $HOME/.filetags_tagfilter/ `。然后启动一个新的geeqie实例显示链接的文件。
在退出这个新的geeqie实例之后你将从该实例调用了选择过程中看到旧的geeqie实例。
#### 用一个真实的案例来总结
Wow, 这是一篇很长的博客文章。难怪你可能已经忘了之前的概述。总结一下我在geeqie(扩展了标准功能集)中可以做的事情,我有一个很酷的总结:
快捷功能 `m` m2a `o` 打开(针对非图像文件) `a` 在文件名里添加字段 `t` 文件标签(添加) `T` 文件标签(删除) `s` 文件标签(排序) `g` gimp `G` 显示GPS信息 `[` 无损的逆时针旋转 `]` 无损的顺时针旋转 `Ctrl-e` EXIF图像信息 `f` 全屏显示
一些针对文件名的(包括它的路径)及我用来操作组件的示例:
```
/this/is/a/folder/2014-04-20T17.09 Pick-nick in Graz -- food graz.jpg
[ m2a ] [ date2name ] [ appendfilename ] [filetags]
```
在示例中,我按照以下步骤将照片从相机保存到存档:我将SD存储卡放入计算机的SD卡读卡器中。然后我运行[getdigicamdata.sh][23]。完成之后我在geeqie中打开`$HOME/tmp/digicam/tmp/`。我浏览了一下照片,把那些不成功的删除了。如果有一个图像的方向错误,我用`[`or`]`纠正它。
在第二步中,我向我认为值得评论的文件添加描述(` a `)。每当我想添加标签时,我也这样做:我快速地标记所有应该共享标签的文件(` Ctrl ` \+鼠标点击),并使用[filetags][28] (` t `)进行标记。
要组合来自给定事件的文件我选中相应的文件将它们移动到年度归档文件夹中的“event-folder”,并通过在[move2archive][33] (`m `)中键入事件描述,其余的(非特殊的文件夹)由move2archive (`m `)直接移动到年度归档中,而不需要声明事件描述。
为了完成我的工作流程我删除了SD卡上的所有文件把它从操作系统上弹出然后把它放回我的数码相机里。
以上。
因为这种工作流程几乎不需要任何开销,所以评论、标记和归档照片不再是一项乏味的工作。
### 最后
所以,这是一个详细描述我关于照片和电影的工作流程的叙述。你可能已经发现了我可能感兴趣的其他东西。所以请不要犹豫,请使用下面的链接留下评论或电子邮件。
我也希望得到反馈,如果我的工作流程适用于你。并且:如果你已经发布了你的工作流程或者找到了其他人工作流程的描述,也请留下评论!
及时行乐,莫让错误的工具或低效的方法浪费了我们的人生!
### 其他工具
阅读关于[本文中关于 gThumb 的部分][43].
当你觉得你以上文中所叙述的符合你的需求时,请根据相关的建议来选择对应的工具。
--------------------------------------------------------------------------------
via: http://karl-voit.at/managing-digital-photographs/
作者:[Karl Voit][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:http://karl-voit.at
[1]:https://en.wikipedia.org/wiki/Jpeg
[2]:http://en.wikipedia.org/wiki/Vendor_lock-in
[3]:https://en.wikipedia.org/wiki/Raw_image_format
[4]:http://www.gimp.org/
[5]:http://petapixel.com/2012/08/14/why-you-should-always-rotate-original-jpeg-photos-losslessly/
[6]:https://en.wikipedia.org/wiki/Gps
[7]:https://en.wikipedia.org/wiki/Iso_date
[8]:https://en.wikipedia.org/wiki/Ntfs
[9]:https://en.wikipedia.org/wiki/Exif
[10]:http://www.isisinform.com/reinventing-knowledge-the-medieval-controversy-of-alphabetical-order/
[11]:https://en.wikipedia.org/wiki/File_name_extension
[12]:http://karl-voit.at/tagstore/en/papers.shtml
[13]:https://en.wikipedia.org/wiki/Hashtag
[14]:https://en.wikipedia.org/wiki/Dot-file
[15]:https://en.wikipedia.org/wiki/NTFS#Alternate_data_streams_.28ADS.29
[16]:https://github.com/novoid/Memacs/blob/master/docs/memacs_filenametimestamps.org
[17]:https://github.com/novoid/Memacs
[18]:http://www.cis.upenn.edu/~bcpierce/unison/
[19]:https://github.com/novoid/LaTeX-KOMA-template
[20]:http://orgmode.org/
[21]:http://karl-voit.at/tags/emacs
[22]:https://twitter.com/search?q%3D%2523orgmode&src%3Dtypd
[23]:https://github.com/novoid/getdigicamdata.sh
[24]:http://www.sentex.net/%3Ccode%3Emwandel/jhead/
[25]:https://github.com/novoid/date2name
[26]:http://geeqie.sourceforge.net/
[27]:http://xee.c3.cx/
[28]:https://github.com/novoid/filetag
[29]:http://karl-voit.at/tagstore/
[30]:https://github.com/novoid/appendfilename
[31]:http://www.mplayerhq.hu
[32]:https://wiki.archlinux.org/index.php/xdg-open
[33]:https://github.com/novoid/move2archive
[34]:http://manpages.ubuntu.com/manpages/raring/man1/exiftran.1.html
[35]:https://en.wikipedia.org/wiki/WGS84#A_new_World_Geodetic_System:_WGS_84
[36]:http://www.openstreetmap.org/
[37]:http://www.sno.phy.queensu.ca/~phil/exiftool/
[38]:http://userbase.kde.org/Marble/Tracking
[39]:http://activityworkshop.net/software/gpsprune/
[40]:https://en.wikipedia.org/wiki/DigiKam
[41]:https://docs.kde.org/development/en/extragear-graphics/digikam/using-kapp.html#idp7659904
[42]:https://en.wikipedia.org/wiki/Symbolic_link
[43]:http://karl-voit.at/2017/02/19/gthumb
[44]:https://glt18.linuxtage.at
[45]:https://glt18-programm.linuxtage.at/events/321.html