document/TranslateProject
2
0
Fork 0
mirror of https://github.com/LCTT/TranslateProject.git synced 2024-12-29 21:41:00 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #11 from LCTT/master

Browse Source 
Update from LCTT
This commit is contained in:
chen ni 2019-06-27 10:37:56 +08:00 committed by GitHub
commit 08c1c4cbba
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 820 additions and 308 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

94
sources/talk/20190626 Juniper-s Mist adds WiFi 6, AI-based cloud services to enterprise edge.md Normal file
View File

@ -0,0 +1,94 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Junipers Mist adds WiFi 6, AI-based cloud services to enterprise edge)
[#]: via: (https://www.networkworld.com/article/3405123/juniper-s-mist-adds-wifi-6-ai-based-cloud-services-to-enterprise-edge.html)
[#]: author: (Michael Cooney https://www.networkworld.com/author/Michael-Cooney/)
Junipers Mist adds WiFi 6, AI-based cloud services to enterprise edge
======
Mist, a Juniper Networks company, has rolled out an artificial-intelligence, cloud-based appliance and a WIFI 6 access point aimed at helping users roll out smart, high-density wireless networks.
![Getty Images][1]
Mist, now a Juniper Networks company, has rolled out an artificial-intelligence, cloud-based appliance and a WiFi 6 access point that together aim at helping users deploy smart, high-density wireless networks.
Leading the rollout is the Mist Edge appliance that extends Mists cloud services to the branch and lets enterprises manage the distributed Wi-Fi infrastructure from a central location. 
**More about 802.11ax (Wi-Fi 6)**
* [Why 802.11ax is the next big thing in wireless][2]
* [FAQ: 802.11ax Wi-Fi][3]
* [Wi-Fi 6 (802.11ax) is coming to a router near you][4]
* [Wi-Fi 6 with OFDMA opens a world of new wireless possibilities][5]
* [802.11ax preview: Access points and routers that support Wi-Fi 6 are on tap][6]
The Mist Edge device features the companys artificial-intelligence engine that helps automate tasks such as adjusting Wi-Fi signal strength and troubleshooting.  According to Mist, some other potential use cases for Mist Edge include:
* Seamless roaming for large campus networks through on-premises tunnel termination of traffic to/from access points.
* Extending virtual LANs (VLANs) to distributed branches and telecommuters to replace remote virtual private network (VPN) technology.
* Dynamic traffic segmentation for IoT devices.
* The ability to split tunneling to keep guest access and corporate traffic separate.
The company says a software-only version of Mist Edge will be available in the future. 
[Mists][7] strength is its AI-based wireless platform which makes Wi-Fi more predictable, reliable and measurable. Mist is also unique in how it has delivered applications via cloud microservices and containers which could be attractive to enterprise users looking to reduce wireless operational costs, experts say. 
Mists cloud-based system brings patented dynamic packet capture and machine learning technology to automatically identify, adapt and fix network issues, Gartner wrote in a recent Magic Quadrant report. The Mist system is delivered and managed via cloud services.
“Mist's AI-driven Wi-Fi provides guest access, network management, policy applications and a virtual network assistant as well as analytics, IoT segmentation, and behavioral analysis at scale,” Gartner stated.  “Mist offers a new and unique approach to high-accuracy location services through a cloud-based machine-learning engine that uses Wi-Fi and Bluetooth Low Energy (BLE)-based signals from its multielement directional-antenna access points. The same platform can be used for Real Time Location System (RTLS) usage scenarios, static or zonal applications, and engagement use cases like wayfinding and proximity notifications.”
Juniper bought Mist in March for $405 million for this AI-based WIFI technology.  For Juniper the Mist buy was significant as it had depended on agreements with partners such as Aerohive and Aruba to deliver wireless, according to Gartner. 
Mist, too, has partners and recently announced joint product development with VMware that integrates Mist WLAN technology and VMwares VeloCloud-based NSX SD-WAN.
“Mist has focused on large enterprises and has won some very well known brands,” said Chris Depuy, technology analyst with the 650 Group.  “The [Mist/Juniper] combination is a good fit because both product lines are focusing on larger enterprises and over time, we expect Mist AI will be used to benefit the entire Juniper campus portfolio.”
The other part of the companys rollout is a WiFi 6 (802.11ax) access point, the Mist AP43, a cloud-managed WiFi 6 access point with integrated support for Mists AI automation and manageability.
“The new access point gets Juniper to 802.11ax on the same time frame as other major competitors like Cisco,” said Depuy. “Juniper could not address customers who were upgrading wireless and wired at the same time without Mist. With 802.11ax, we expect new switches to be necessary because 1 GB isnt fast enough to support these new APs. Thus, Juniper can now upgrade customers to 802.11ax and MultiGig switches instead of bringing in another vendor. “
WiFi 6 is designed for high-density public or private environments. But it also will be beneficial in internet of things (IoT) deployments, and in offices that use bandwidth-hogging applications like videoconferencing. Products promising WIFI 6 support have been rolling out across the industry with [HPE][8], [Cisco][9], [Arista][10] and others recently tossing their hats into the ring.
The enterprise WLAN is now dominated by the 802.11ac standard, which makes up 86.4% of dependent access point (AP) shipments and 93.1% of enterprise WLAN dependent AP revenues. The next iteration of the standard, 802.11ax or WiFi 6, will increase in the market throughout the rest of 2019 and into 2020. In the consumer WLAN market, the 802.11ac standard accounted for 58.0% of shipments and 79.2% of revenue in 1Q19, according to IDCs most recent [Worldwide Quarterly WLAN Tracker][11] report.
"The WLAN market continues to see steady, moderate growth as enterprises invest in wireless connectivity to support the continued demand for access technology," said [Brandon Butler][12], senior research analyst, Network Infrastructure at IDC in the report. "Meanwhile, the coming Wi-Fi 6 standard will be a major driver of growth in the WLAN market in the coming years, especially in the advanced enterprise segments of the market."
The AP43 lists at $1,585.
Mist also announced a strategic relationship with ForeScout to automate management and security control of Wi-Fi client and Internet of Things (IoT) devices.  The Juniper and Forescout mashup lets customers monitor and profile devices and mobile clients including smartphones, tablets, laptops, robots and IoT devices (HVAC systems, security devices, displays, sensors, lights) based on their network traffic patterns. Then if anomalous or threatening behavior is observed, customers can launch trouble tickets, remediate software on devices as needed or quarantine devices.
Join the Network World communities on [Facebook][13] and [LinkedIn][14] to comment on topics that are top of mind.
--------------------------------------------------------------------------------
via: https://www.networkworld.com/article/3405123/juniper-s-mist-adds-wifi-6-ai-based-cloud-services-to-enterprise-edge.html
作者:[Michael Cooney][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.networkworld.com/author/Michael-Cooney/
[b]: https://github.com/lujun9972
[1]: https://images.idgesg.net/images/article/2019/02/wifi_cloud_wireless-100787113-large.jpg
[2]: https://www.networkworld.com/article/3215907/mobile-wireless/why-80211ax-is-the-next-big-thing-in-wi-fi.html
[3]: https://%20https//www.networkworld.com/article/3048196/mobile-wireless/faq-802-11ax-wi-fi.html
[4]: https://www.networkworld.com/article/3311921/mobile-wireless/wi-fi-6-is-coming-to-a-router-near-you.html
[5]: https://www.networkworld.com/article/3332018/wi-fi/wi-fi-6-with-ofdma-opens-a-world-of-new-wireless-possibilities.html
[6]: https://www.networkworld.com/article/3309439/mobile-wireless/80211ax-preview-access-points-and-routers-that-support-the-wi-fi-6-protocol-on-tap.html
[7]: https://www.networkworld.com/article/3089038/why-one-cisco-shop-is-willing-to-give-wifi-startup-mist-a-shot.html
[8]: https://www.arubanetworks.com/products/networking/802-11ax/
[9]: https://www.networkworld.com/article/3391919/cisco-goes-all-in-on-wifi-6.html
[10]: https://www.networkworld.com/article/3400905/new-switches-wi-fi-gear-to-advance-aristas-campus-architecture.html
[11]: http://www.idc.com/tracker/showproductinfo.jsp?prod_id=262
[12]: https://www.idc.com/getdoc.jsp?containerId=PRF005027
[13]: https://www.facebook.com/NetworkWorld/
[14]: https://www.linkedin.com/company/network-world

78
sources/talk/20190626 Where are all the IoT experts going to come from.md Normal file
View File

@ -0,0 +1,78 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Where are all the IoT experts going to come from?)
[#]: via: (https://www.networkworld.com/article/3404489/where-are-all-the-iot-experts-going-to-come-from.html)
[#]: author: (Fredric Paul https://www.networkworld.com/author/Fredric-Paul/)
Where are all the IoT experts going to come from?
======
The fast growth of the internet of things (IoT) is creating a need to train cross-functional experts who can combine traditional networking and infrastructure expertise with database and reporting skills.
![Kevin \(CC0\)][1]
If the internet of things (IoT) is going to fulfill its enormous promise, its going to need legions of smart, skilled, _trained_ workers to make everything happen. And right now, its not entirely clear where those people are going to come from.
Thats why I was interested in trading emails with Keith Flynn, senior director of product management, R&D at asset-optimization software company [AspenTech][2], who says that when dealing with the slew of new technologies that fall under the IoT umbrella, you need people who can understand how to configure the technology and interpret the data. Flynn sees a growing need for existing educational institutions to house IoT-specific programs, as well as an opportunity for new IoT-focused private colleges, offering a well -ounded curriculum
“In the future,” Flynn told me, “IoT projects will differ tremendously from the general data management and automation projects of today. … The future requires a more holistic set of skills and cross-trading capabilities so that were all speaking the same language.”
**[ Also read:  [20 hot jobs ambitious IT pros should shoot for][3] ]**
With the IoT growing 30% a year, Flynn added, rather than a few specific skills, “everything from traditional deployment skills, like networking and infrastructure, to database and reporting skills and, frankly, even basic data science, need to be understood together and used together.”
### Calling all IoT consultants
“The first big opportunity for IoT-educated people is in the consulting field,” Flynn predicted. “As consulting companies adapt or die to the industry trends … having IoT-trained people on staff will help position them for IoT projects and make a claim in the new line of business: IoT consulting.”
The problem is especially acute for startups and smaller companies. “The bigger the organization, the more likely they have a means to hire different people across different lines of skillsets,” Flynn said. “But for smaller organizations and smaller IoT projects, you need someone who can do both.”
Both? Or _everything?_ The IoT “requires a combination of all knowledge and skillsets,” Flynn said, noting that “many of the skills arent new, theyve just never been grouped together or taught together before.”
**[ [Looking to upgrade your career in tech? This comprehensive online course teaches you how.][4] ]**
### The IoT expert of the future
True IoT expertise starts with foundational instrumentation and electrical skills, Flynn said, which can help workers implement new wireless transmitters and boost technology for better battery life and power consumption.
“IT skills, like networking, IP addressing, subnet masks, cellular and satellite are also pivotal IoT needs,” Flynn said. He also sees a need for database management skills and cloud management and security expertise, “especially as things like [advanced process control] APC and sending sensor data directly to databases and data lakes become the norm.”
### Where will IoT experts come from?
Flynn said standardized formal education courses would be the best way to make sure that graduates or certificate holders have the right set of skills. He even laid out a sample curriculum: “Start in chronological order with the basics like [Electrical & Instrumentation] E&I and measurement. Then teach networking, and then database administration and cloud courses should follow that. This degree could even be looped into an existing engineering course, and it would probably take two years … to complete the IoT component.”
While corporate training could also play role, “thats easier said than done,” Flynn warned. “Those trainings will need to be organization-specific efforts and pushes.”
Of course, there are already [plenty of online IoT training courses and certificate programs][5]. But, ultimately, the responsibility lies with the workers themselves.
“Upskilling is incredibly important in this world as tech continues to transform industries,” Flynn said. “If that upskilling push doesnt come from your employer, then online courses and certifications would be an excellent way to do that for yourself. We just need those courses to be created. ... I could even see organizations partnering with higher-education institutions that offer these courses to give their employees better access to it. Of course, the challenge with an IoT program is that it will need to constantly evolve to keep up with new advancements in tech.”
**[ For more on IoT, see [tips for securing IoT on your network][6], our list of [the most powerful internet of things companies][7] and learn about the [industrial internet of things][8]. | Get regularly scheduled insights by [signing up for Network World newsletters][9]. ]**
Join the Network World communities on [Facebook][10] and [LinkedIn][11] to comment on topics that are top of mind.
--------------------------------------------------------------------------------
via: https://www.networkworld.com/article/3404489/where-are-all-the-iot-experts-going-to-come-from.html
作者:[Fredric Paul][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.networkworld.com/author/Fredric-Paul/
[b]: https://github.com/lujun9972
[1]: https://images.idgesg.net/images/article/2018/07/programmer_certification-skills_code_devops_glasses_student_by-kevin-unsplash-100764315-large.jpg
[2]: https://www.aspentech.com/
[3]: https://www.networkworld.com/article/3276025/careers/20-hot-jobs-ambitious-it-pros-should-shoot-for.html
[4]: https://pluralsight.pxf.io/c/321564/424552/7490?u=https%3A%2F%2Fwww.pluralsight.com%2Fpaths%2Fupgrading-your-technology-career
[5]: https://www.google.com/search?client=firefox-b-1-d&q=iot+training
[6]: https://www.networkworld.com/article/3254185/internet-of-things/tips-for-securing-iot-on-your-network.html#nww-fsb
[7]: https://www.networkworld.com/article/2287045/internet-of-things/wireless-153629-10-most-powerful-internet-of-things-companies.html#nww-fsb
[8]: https://www.networkworld.com/article/3243928/internet-of-things/what-is-the-industrial-iot-and-why-the-stakes-are-so-high.html#nww-fsb
[9]: https://www.networkworld.com/newsletters/signup.html#nww-fsb
[10]: https://www.facebook.com/NetworkWorld/
[11]: https://www.linkedin.com/company/network-world

2
sources/tech/20190618 A beginner-s guide to Linux permissions.md
View File

@ -1,5 +1,5 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: translator: (qfzy1233)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )

307
sources/tech/20190621 Three Ways to Lock and Unlock User Account in Linux.md
View File

@ -1,307 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: (heguagnzhi)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Three Ways to Lock and Unlock User Account in Linux)
[#]: via: (https://www.2daygeek.com/lock-unlock-disable-enable-user-account-linux/)
[#]: author: (Magesh Maruthamuthu https://www.2daygeek.com/author/magesh/)
Three Ways to Lock and Unlock User Account in Linux
======
If password policy had already implemented in your organization, then you no need to look for this options.
However, if you had set up lock period for 24 hours, in this case you might need to unlock the users account manually.
This tutorial will help you to manually lock and unlock users account in Linux.
This can be done using the following two Linux Commands in three ways.
* **`passwd:`**The passwd command is used to update users authentication tokens. This task is achieved by calling the Linux-PAM and Libuser API
* **`usermod:`**The usermod command is used to modify/update given users account information. It used to add a user to a specific group, etc.,
To exprement this, we are choosing `daygeek` user account. Lets see, how to do step by step.
Make a note, you have to use corresponding user account which you need to lock or unlock instead of ours.
You can check the given user account is available or not in system by using `id Command`. Yes, my account is available in the system.
```
# id daygeek
uid=2240(daygeek) gid=2243(daygeek) groups=2243(daygeek),2244(ladmin)
```
### Method-1: How To Lock, Unlock and Check Status of the Given User Account in Linux Using passwd Command?
The passwd command is one of the frequently used command by Linux administrator very often.
It used to update users authentication tokens in the `/etc/shadow` file.
Run the passwd command with the `-l` switch to lock the given user account.
```
# passwd -l daygeek
Locking password for user daygeek.
passwd: Success
```
You can check the locked account status either passwd command or grep the given user name from /etc/shadow file.
Checking the user account locked status using passwd command.
```
# passwd -S daygeek
or
# passwd --status daygeek
daygeek LK 2019-05-30 7 90 7 -1 (Password locked.)
```
This will output a short information about the status of the password for a given account.
* **`LK:`**` ` Password locked
* **`NP:`**` ` No password
* **`PS:`**` ` Password set
Checking the locked user account status using `/etc/shadow` file. Two exclamation mark will be added in front of the password, if the account is already locked.
```
# grep daygeek /etc/shadow
daygeek:!!$6$tGvVUhEY$PIkpI43HPaEoRrNJSRpM3H0YWOsqTqXCxtER6rak5PMaAoyQohrXNB0YoFCmAuh406n8XOvBBldvMy9trmIV00:18047:7:90:7:::
```
Run the passwd command with the `-u` switch to unlock the given user account.
```
# passwd -u daygeek
Unlocking password for user daygeek.
passwd: Success
```
### Method-2: How To Lock, Unlock and Check Status of the Given User Account in Linux Using usermod Command?
Even, the usermod command also frequently used by Linux administrator very often.
The usermod command is used to modify/update given users account information. It used to add a user to a specific group, etc.,
Run the usermod command with the `-L` switch to lock the given user account.
```
# usermod --lock daygeek
or
# usermod -L daygeek
```
You can check the locked account status either passwd command or grep the given user name from /etc/shadow file.
Checking the user account locked status using passwd command.
```
# passwd -S daygeek
or
# passwd --status daygeek
daygeek LK 2019-05-30 7 90 7 -1 (Password locked.)
```
This will output a short information about the status of the password for a given account.
* **`LK:`**` ` Password locked
* **`NP:`**` ` No password
* **`PS:`**` ` Password set
Checking the locked user account status using /etc/shadow file. Two exclamation mark will be added in front of the password, if the account is already locked.
```
# grep daygeek /etc/shadow
daygeek:!!$6$tGvVUhEY$PIkpI43HPaEoRrNJSRpM3H0YWOsqTqXCxtER6rak5PMaAoyQohrXNB0YoFCmAuh406n8XOvBBldvMy9trmIV00:18047:7:90:7:::
```
Run the usermod command with the `-U` switch to unlock the given user account.
```
# usermod --unlock daygeek
or
# usermod -U daygeek
```
### Method-3: How To Disable, Enable SSH Access To the Given User Account in Linux Using usermod Command?
Even, the usermod command also frequently used by Linux administrator very often.
The usermod command is used to modify/update given users account information. It used to add a user to a specific group, etc.,
Alternativly this can be done by assigning the `nologin` shell to the given user. To do so, run the below command.
```
# usermod -s /sbin/nologin daygeek
```
You can check the locked user account details by greping the given user name from /etc/passwd file.
```
# grep daygeek /etc/passwd
daygeek:x:2240:2243::/home/daygeek:/sbin/nologin
```
We can enable the user ssh access by assigning back to the old shell.
```
# usermod -s /bin/bash daygeek
```
### How To Lock, Unlock and Check Status of Multiple User Account in Linux Using Shell Script?
If you would like to lock/unlock more than one account then you need to look for script.
Yes, we can write a small shell script to perform this. To do so, use the following shell script.
Create The Users list. Each user should be in separate line.
```
$ cat user-lists.txt
u1
u2
u3
u4
u5
```
Use the following shell script to lock multiple users account in Linux.
```
# user-lock.sh
#!/bin/bash
for user in `cat user-lists.txt`
do
passwd -l $user
done
```
Set an executable permission to `user-lock.sh` file.
```
# chmod + user-lock.sh
```
Finally run the script to achieve this.
```
# sh user-lock.sh
Locking password for user u1.
passwd: Success
Locking password for user u2.
passwd: Success
Locking password for user u3.
passwd: Success
Locking password for user u4.
passwd: Success
Locking password for user u5.
passwd: Success
```
Use the following shell script to check locked users account in Linux.
```
# vi user-lock-status.sh
#!/bin/bash
for user in `cat user-lists.txt`
do
passwd -S $user
done
```
Set an executable permission to `user-lock-status.sh` file.
```
# chmod + user-lock-status.sh
```
Finally run the script to achieve this.
```
# sh user-lock-status.sh
u1 LK 2019-06-10 0 99999 7 -1 (Password locked.)
u2 LK 2019-06-10 0 99999 7 -1 (Password locked.)
u3 LK 2019-06-10 0 99999 7 -1 (Password locked.)
u4 LK 2019-06-10 0 99999 7 -1 (Password locked.)
u5 LK 2019-06-10 0 99999 7 -1 (Password locked.)
```
Use the following shell script to unlock multiple users account in Linux.
```
# user-unlock.sh
#!/bin/bash
for user in `cat user-lists.txt`
do
passwd -u $user
done
```
Set an executable permission to `user-unlock.sh` file.
```
# chmod + user-unlock.sh
```
Finally run the script to achieve this.
```
# sh user-unlock.sh
Unlocking password for user u1.
passwd: Success
Unlocking password for user u2.
passwd: Success
Unlocking password for user u3.
passwd: Success
Unlocking password for user u4.
passwd: Success
Unlocking password for user u5.
passwd: Success
```
Run the same shell script `user-lock-status.sh` to check these locked user accounts got unlocked in Linux.
```
# sh user-lock-status.sh
u1 PS 2019-06-10 0 99999 7 -1 (Password set, SHA512 crypt.)
u2 PS 2019-06-10 0 99999 7 -1 (Password set, SHA512 crypt.)
u3 PS 2019-06-10 0 99999 7 -1 (Password set, SHA512 crypt.)
u4 PS 2019-06-10 0 99999 7 -1 (Password set, SHA512 crypt.)
u5 PS 2019-06-10 0 99999 7 -1 (Password set, SHA512 crypt.)
```
--------------------------------------------------------------------------------
via: https://www.2daygeek.com/lock-unlock-disable-enable-user-account-linux/
作者:[Magesh Maruthamuthu][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.2daygeek.com/author/magesh/
[b]: https://github.com/lujun9972

105
sources/tech/20190626 4 open source Android apps for writers.md Normal file
View File

@ -0,0 +1,105 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (4 open source Android apps for writers)
[#]: via: (https://opensource.com/article/19/6/android-apps-writers)
[#]: author: (Scott Nesbitt https://opensource.com/users/scottnesbitt/users/tiwarinitish86)
4 open source Android apps for writers
======
Get some writing work done on your mobile device with these four apps.
![Hands holding a mobile phone with open on the screen][1]
While I'm of two minds when it comes to smartphones and tablets, I have to admit they can be useful. Not just for keeping in touch with people or using the web but also to do some work when I'm away from my computer.
For me, that work is _writing_—articles, [blog posts][2], essays for my [weekly letter][3], e-book chapters, and more. I've tried many (probably too many!) writing apps for Android over the years. Some of them were good. Others fell flat.
Here are four of my favorite open source Android apps for writers. You might find them as useful as I do.
### Markor
If you're a writer, you need to write with something. A good choice for that job is [Markor][4], a simple, flexible Markdown editor.
All you need to do is fire up Markor, create a new document, and start typing. You can add Markdown formatting by hand or by clicking a button on the toolbar. When it comes to writing, Markor has no frills. It's just you and your words, as it should be.
![Markor app][5]
The app automatically saves your work to your phone or tablet's filesystem. If you sync your phone with a service like [Nextcloud][6], you can set up Markor to save your work in a folder the Nextcloud mobile app uses. That way, you don't need to shuffle files around manually.
Markor has a few other useful features. One of those is a simple preview. Another is a task list, which uses the same format as [Todo.txt][7] (a popular to-do list manager). When you're researching a writing project, you can create a list of bookmarks. You can also export what you're writing as an HTML or a PDF file.
### Orgzly
Some writers swear by outlines. Others hate them with a passion, finding outlines restricting. I'm in the former camp. On my laptop, I do most of my outlining using [Emacs][8] and [Org mode][9]. Bringing the Org mode experience to my phone or tablet is easy using [Orgzly][10].
Don't let the fact that Orgzly uses Org mode's format turn you off. You don't need to be an Emacs guru, or even an Emacs user, to benefit from it.
Create a new _notebook_ (the label Orgzly gives an outline) and add items to it. In addition to a title, you can add tags and notes to each item in your outline. Since outlines are fluid, you can move items up, down, and around. If you need to, you can also sync your notebooks with your service or tool of choice.
![Orgzly app][11]
Orgzly takes a bit of getting used to. Once you do, Orgzly's a great app for creating not only outlines but also notes and [task lists][12].
### Carnet
Notes are the lifeblood of any writer. They're a record of thoughts on a subject. They're snippets and rough drafts. They're research and quotes. And a lot more.
You can use Markor or Orgzly to take notes, but they're not for everyone. If you're one of those people, you'll want to check out [Carnet][13].
Unlike some note-taking apps, Carnet lets you add formatting to your notes. You can change the size, color, and alignment of fonts and add character formatting. You can also insert images into a note. When you finish, you can sync the note either with [Carnet's online service][14] or with Nextcloud.
![Carnet app][15]
The way Carnet displays notes reminds me of Google Keep's layout—as tiles, which you can color, that display a note's title and its first few lines. That's not a bad thing—you can see what a note is about with a glance.
### Anysoft Keyboard
When I write on a phone or tablet, I usually use a folding Bluetooth keyboard. It's a lot faster and easier than typing with an onscreen keyboard. But there are times when I don't have my physical keyboard with me. The stock Android keyboard? It really doesn't do it for me. Instead, I use [Anysoft Keyboard][16].
Why? I prefer the layout and spacing. On top of that, it has several keyboard themes to choose from. Some are compact, while others space the keys out a bit more widely. Don't use QWERTY? Not a problem. Anysoft Keyboard also supports the [Dvorak][17], [Colemak][18], [Workman][19], and [Halmak][20] layouts.
![Anysoft Keyboard][21]
While I'm more of a poly-not than a polyglot, I know more than a couple of people will find Anysoft Keyboard's [language support][22] to be a boon when they're writing in a language other than English.
Have an open source Android app that you find indispensable when writing? Feel free to share it by leaving a comment.
About 10 years ago, when I got my first mobile phone, I hardly knew anything about its operating...
--------------------------------------------------------------------------------
via: https://opensource.com/article/19/6/android-apps-writers
作者:[Scott Nesbitt][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/scottnesbitt/users/tiwarinitish86
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/rh_003588_01_rd3os.combacktoschoolserieshe_rh_041x_0.png?itok=tfg6_I78 (Hands holding a mobile phone with open on the screen)
[2]: https://scottnesbitt.online
[3]: https://buttondown.email/weeklymusings
[4]: https://gsantner.net/project/markor.html
[5]: https://opensource.com/sites/default/files/uploads/markor-app.png (Markor app)
[6]: https://opensource.com/article/19/5/mobile-apps-nextcloud
[7]: http://todotxt.org/
[8]: https://www.gnu.org/software/emacs/
[9]: https://opensource.com/article/19/1/productivity-tool-org-mode
[10]: http://www.orgzly.com/
[11]: https://opensource.com/sites/default/files/uploads/orgzly.png (Orgzly app)
[12]: https://opensource.com/article/17/4/emacs-extensions-organization
[13]: https://f-droid.org/en/packages/com.spisoft.quicknote/
[14]: https://carnet.live/index.php/login
[15]: https://opensource.com/sites/default/files/uploads/carnet.png (Carnet app)
[16]: https://anysoftkeyboard.github.io/
[17]: https://en.wikipedia.org/wiki/Dvorak_Simplified_Keyboard
[18]: https://en.wikipedia.org/wiki/Colemak
[19]: https://en.wikipedia.org/wiki/Keyboard_layout#Workman
[20]: https://github.com/MadRabbit/halmak
[21]: https://opensource.com/sites/default/files/uploads/anysoft.png (Anysoft Keyboard)
[22]: https://anysoftkeyboard.github.io/languages/

98
sources/tech/20190626 How a trip to China inspired Endless OS and teaching kids to hack.md Normal file
View File

@ -0,0 +1,98 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (How a trip to China inspired Endless OS and teaching kids to hack)
[#]: via: (https://opensource.com/article/19/6/endless-digital-literacy)
[#]: author: (Don Watkins https://opensource.com/users/don-watkins)
How a trip to China inspired Endless OS and teaching kids to hack
======
Matt Dalio, Endless OS founder and CEO, opens up on how his company is
expanding digital literacy to all corners of the world.
![Digital literacy.][1]
Last year, I decided to try out [Endless OS][2], a lightweight, Linux-based operating system developed to power inexpensive computers for developing markets. I wrote about [installing and setting it up][3]. Endless OS is unique because it uses a read-only root file system managed by OSTree and Flatpak, but the Endless company is unique for its approach to education.
Late last year, Endless announced the [Hack][4], a $299 laptop manufactured by Asus that encourages kids to code, and most recently the company revealed [The Third Terminal][5], a group of video games designed to get kids coding while they're having fun. Since I'm so involved in teaching kids to code, I wanted to learn more about [Endless Studios][6], the company behind Endless OS, The Third Terminal, [The Endless Mission][7], a sandbox-style game created in partnership with E-Line Media, and other ventures targeted at expanding digital literacy and agency among children around the world.
I reached out to [Matt Dalio][8], Endless' founder, CEO, and chief of product and founder of the China Care Foundation, to ask about Endless and his charitable work supporting orphaned children with special needs in China.
**Don Watkins**: What encouraged you to be a social entrepreneur?
**Matt Dalio**: The most impactful chapter of my life was when I lived in China at age 11. I became interested in social entrepreneurship after spending a summer in an orphanage in China when I was 16.
That one summer quickly evolved into a decade of traveling to China to support orphanages in need, resulting in the founding of the [China Care Foundation][9]. It has since raised $14 million to provide surgery, foster placement, and adoption grants for thousands of special needs children.
A decade later, my two worlds of technology and emerging markets merged when I realized that billions of people would get smartphones within the decade. I also saw that computers, the work and study tool that we run our productive lives with, weren't going to spread nearly as quickly.
I started by creating Endless OS, which is focused on democratizing our most powerful technology tools the way smartphones have done for our mobile technology. We solved cost and connectivity barriers and put internet connectivity within reach worldwide. We were building the best platform for youth in emerging markets. It became clear that, as we did that, we were actually building the best technology education platform for kids there as well as in the US.
We then grew our product vision further to use games and our operating system to teach kids to code, enabling digital literacy that spans from children who have nothing to kids who are fortunate enough to have access to the latest in technology and want to understand how to shape it.
My goal through all of this is to help unlock discovery so every kid can realize the joy of creation. Our most recent launch at Endless Studios of our coding education games ties all of this together with games focused on digital literacy for kids in the US and the rest of the world.
All of that started with China, decades ago at age 11. It's all one long story.
**DW**: How did your experience founding the China Care Foundation at the age of 16 change you?
**MD**: The biggest thing that I discovered in building China Care was the needs of underserved communities. The need of a child becomes truly palpable when you are holding her in your arms. I also discovered that I had the capability to do something about it. At 16, I was just a normal kid, but I happened to realize that I could get a child life-changing surgery by merely raising $500 for her. My actions could impact lives. That has stuck with me. Today at Endless, I am focused on using technology to improve lives at scale. Helping these kids guided me to my life purpose. I found my mission.
**DW**: How did the fact that 3 billion people in the world did not have a computer animate your vision?
**MD**: When I was in India in 2010, smartphones had not yet arrived, but it became quickly obvious that they would. Billions of people were about to be connected to the internet. While this rapidly came to fruition, my secondary discovery was that people there also wanted computers. In the developed world, we get our work done with computers. It is our productivity tool. Without a computer, children and adults do not have access to education and the modern economy. I spent months in the field researching this, and it became obvious that there was still a need for computers. People still wanted them.
I remember a conversation I had in a tea shop in Bangladesh. It was a strange place to ask for life advice, but I did. After hours of talking to this new friend, asking, "Should I do this… should I leave everything and devote my life to this?" he begged me, "Do this, for my country…for my people. Please." I had dozens of conversations like this, and those sent me on my course. Our vision at Endless has continued to expand and to encompass educational technology everywhere, but it all started there.
**DW**: Why Linux and why desktop/laptop computers, rather than smartphones?
**MD**: I began Endless without any appreciation for open source software. Today, I believe with every fiber of my being that the desktop _must_ be open source. It is where we do our real work. Despite still accounting for half of web traffic and there being twice as many computers as there were when the smartphone was launched, and despite the fact that our office buildings and schools are full of people using their PCs, the big technology companies have stopped investing in the PC.
As I look at what we are doing at Endless in international internet access and in coding education, none of it would be possible if we didn't have an open source OS. Although it would have been a lot easier to build upon the standard platforms, we have to touch code at the core of the OS to really solve the problems we have. We are a case study of why it is so important to have an open source operating system. The PC must be protected from the decisions of a few companies.
Finally, as for why PCs, I challenge you to give up your computer for a month and then ask the same question. Can you do that? Question answered.
**DW**: What is the vision of Endless and The Third Terminal? How do you see the games helping children become better coders?
**MD**: Most of the engineers we were interviewing at Endless learned to code in the same way—by hacking their video games. For them, this was much more fun than playing them. The crucial insight from this was, "What if you could build video games in which everything were hackable?"
This was the catalyst for launching Endless Studios, which is now working with almost a dozen global game studios that are all developing games that teach kids to code. We are first and foremost, a game company. These games are built by gamers. It just so happens that creation is a game mechanic that kids love. I believe that code is the greatest creation tool—the ultimate Minecraft.
We are beginning with our first set of games on [thethirdterminal.com][10]. You'll see our games expand into something much bigger soon. We cannot wait to share it with you.
**DW**: Can you tell me more about Hack computers?
**MD**: Hack is a platform that integrates Endless OS into a coding platform. Coding takes place in an operating system because the tools of coding are built upon that operating system. We have harnessed this to expose children to the real tools that real engineers use in a safe environment. We have partnered with Asus to build the Hack PC as a solid, full-featured computer. My Hack laptop is the only laptop I use.
**DW**: What software comes on Hack computers?
**MD**: Hack comes with hundreds of apps. We have everything from Chrome, Steam, Spotify, and Skype to WhatsApp, a full office suite, and tons of games. Most importantly, we have a full developer suite and an array of coding education pathways. Again, I have everything I need in Hack. It's my only laptop today.
**DW**: What is the importance of building digital agency around the world?
**MD**: If our children are going to grow up and be prepared for the future, they had better know how to use the technology that is affecting every corner of our world. We must prepare them. If they do not start early, they will be digitally illiterate. It is as simple as that. Endless wants our children to be able to shape their technology, rather than being shaped by it.
--------------------------------------------------------------------------------
via: https://opensource.com/article/19/6/endless-digital-literacy
作者:[Don Watkins][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/don-watkins
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/OSDC_EDU_DigitalLiteracy_520x292.png?itok=ktHMrse6 (Digital literacy.)
[2]: https://endlessos.com/
[3]: https://opensource.com/article/18/2/meet-endless-os-lightweight-linux
[4]: https://hack-computer.com/
[5]: https://www.thethirdterminal.com/home
[6]: https://endlessnetwork.com/
[7]: https://theendlessmission.com/
[8]: https://www.linkedin.com/in/mattdalio/
[9]: https://www.chinacare.org/
[10]: http://www.thethirdterminal.com/home

139
sources/tech/20190626 Tracking down library injections on Linux.md Normal file
View File

@ -0,0 +1,139 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Tracking down library injections on Linux)
[#]: via: (https://www.networkworld.com/article/3404621/tracking-down-library-injections-on-linux.html)
[#]: author: (Sandra Henry-Stocker https://www.networkworld.com/author/Sandra-Henry_Stocker/)
Tracking down library injections on Linux
======
Library injections are less common on Linux than they are on Windows, but they're still a problem. Here's a look at how they work and how to identify them.
![Sandra Henry-Stocker][1]
While not nearly commonly seen on Linux systems, library (shared object files on Linux) injections are still a serious threat. On interviewing Jaime Blasco from AT&T's Alien Labs, I've become more aware of how easily some of these attacks are conducted.
In this post, I'll cover one method of attack and some ways that it can be detected. I'll also provide some links that will provide more details on both attack methods and detection tools. First, a little background.
**[ Two-Minute Linux Tips: [Learn how to master a host of Linux commands in these 2-minute video tutorials][2] ]**
### Shared library vulnerability
Both DLL and .so files are shared library files that allow code (and sometimes data) to be shared by various processes. Commonly used code might be put into one of these files so that it can be reused rather than rewritten many times over for each process that requires it. This also facilitates management of commonly used code.
Linux processes often make use of many of these shared libraries. The **ldd** (display shared object dependencies) command can display these for any program file. Here are some examples:
```
$ ldd /bin/date
linux-vdso.so.1 (0x00007ffc5f179000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f02bea15000)
/lib64/ld-linux-x86-64.so.2 (0x00007f02bec3a000)
$ ldd /bin/netstat
linux-vdso.so.1 (0x00007ffcb67cd000)
libselinux.so.1 => /lib/x86_64-linux-gnu/libselinux.so.1 (0x00007f45e5d7b000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f45e5b90000)
libpcre.so.3 => /lib/x86_64-linux-gnu/libpcre.so.3 (0x00007f45e5b1c000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f45e5b16000)
/lib64/ld-linux-x86-64.so.2 (0x00007f45e5dec000)
libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f45e5af5000)
```
The **linux-vdso.so.1** file (which may have a different name on some systems) is one that the kernel automatically maps into the address space of every process. Its job is to find and locate other shared libraries that the process requires.
One way that this library-loading mechanism is exploited is through the use of an environment variable called **LD_PRELOAD**. As Jaime Blasco explains in his research, "LD_PRELOAD is the easiest and most popular way to load a shared library in a process at startup. This environmental variable can be configured with a path to the shared library to be loaded before any other shared object."
To illustrate how easily this is done, I created an extremely simple shared library and assigned it to my (formerly non-existent) LD_PRELOAD environment variable. Then I used the **ldd** command to see how this would affect a commonly used Linux command.
**[ [Prepare to become a Certified Information Security Systems Professional with this comprehensive online course from PluralSight. Now offering a 10-day free trial!][3] ]**
```
$ export LD_PRELOAD=/home/shs/shownum.so
$ ldd /bin/date
linux-vdso.so.1 (0x00007ffe005ce000)
/home/shs/shownum.so (0x00007f1e6b65f000) <== there it is
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f1e6b458000)
/lib64/ld-linux-x86-64.so.2 (0x00007f1e6b682000)
```
Note that doing nothing more than assigning my new library to LD_PRELOAD now affects any process that I run.
Since the libraries specified by the LD_PRELOAD setting are the first to load (following linux-vdso.so.1), those libraries could significantly change a process. They could, for example, redirect system calls to their own resources or make unexpected changes in how the process being run behaves.
### The osquery tool can detect library injections
The **osquery** tool (downloadable from [osquery.io][4] is a tool that provides a very unique way of looking at Linux systems. It basically represents the operating system as a high-performance relational database. And, as you probably suspect, that means it can be queried and SQL tables created that provide details on such things as:
* Running processes
* Loaded kernel modules
* Open network connections
One kernel table that provides information on running processes is called **process_envs**. It provides details on environment variables used by various processes. With a fairly complicated query provided by Jaime Blasco, you can get osquery to identify processes that are using LD_PRELOAD.
Note that this query pulls data from the **process_envs** table. The attack ID (T1055) is a reference to [Mitre's explanation of the attack method][5]:
```
SELECT process_envs.pid as source_process_id, process_envs.key as environment_variable_key, process_envs.value as environment_variable_value, processes.name as source_process, processes.path as file_path, processes.cmdline as source_process_commandline, processes.cwd as current_working_directory, 'T1055' as event_attack_id, 'Process Injection' as event_attack_technique, 'Defense Evasion, Privilege Escalation' as event_attack_tactic FROM process_envs join processes USING (pid) WHERE key = 'LD_PRELOAD';
```
Note that the LD_PRELOAD environment variable is at times used legitimately. Various security monitoring tools, for example, could use it, as might developers while they are troubleshooting, debugging or doing performance analysis. However, its use is still quite uncommon and should be viewed with some suspicion.
It's also worth noting that osquery can be used interactively or be run as a daemon (osqueryd) for scheduled queries. See the reference at the bottom of this post for more on this.
You might also be able to locate use of LD_PRELOAD by examining users' environment settings. If LD_PRELOAD is configured in a user account, you might determine that with a command like this (after asssuming the individual's identity):
```
$ env | grep PRELOAD
LD_PRELOAD=/home/username/userlib.so
```
If you've not previously heard of osquery, don't take it too hard. It's now in the process of becoming a more popular tool. Just last week, in fact, the Linux Foundation announced its intention to support the osquery commmunity with a brand-new [osquery foundation][6].
#### Wrap-up
While library injection remains a serious threat, it's helpful to know that some excellent tools are available to help detect its use on your systems.
#### Additional resources
Links to important references and tools:
* [Hunting for Linux library injection with osquery][7] from AT&amp;T Cybersecurity
* [Linux: How's My Memory?][8] from TrustedSec
* [Download site for osquery][4]
* [osquery schema][9]
* [osqueryd (osquery deamon)][10]
* [Mitre's attack framework][11]
* [New osquery foundation announced][6]
Join the Network World communities on [Facebook][12] and [LinkedIn][13] to comment on topics that are top of mind.
--------------------------------------------------------------------------------
via: https://www.networkworld.com/article/3404621/tracking-down-library-injections-on-linux.html
作者:[Sandra Henry-Stocker][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.networkworld.com/author/Sandra-Henry_Stocker/
[b]: https://github.com/lujun9972
[1]: https://images.idgesg.net/images/article/2019/06/dll-injection-100800196-large.jpg
[2]: https://www.youtube.com/playlist?list=PL7D2RMSmRO9J8OTpjFECi8DJiTQdd4hua
[3]: https://pluralsight.pxf.io/c/321564/424552/7490?u=https%3A%2F%2Fwww.pluralsight.com%2Fpaths%2Fcertified-information-systems-security-professional-cisspr
[4]: https://osquery.io/
[5]: https://attack.mitre.org/techniques/T1055/
[6]: https://www.linuxfoundation.org/press-release/2019/06/the-linux-foundation-announces-intent-to-form-new-foundation-to-support-osquery-community/
[7]: https://www.alienvault.com/blogs/labs-research/hunting-for-linux-library-injection-with-osquery
[8]: https://www.trustedsec.com/2018/09/linux-hows-my-memory/
[9]: https://osquery.io/schema/3.3.2
[10]: https://osquery.readthedocs.io/en/stable/deployment/configuration/#schedule
[11]: https://attack.mitre.org/
[12]: https://www.facebook.com/NetworkWorld/
[13]: https://www.linkedin.com/company/network-world

305
translated/tech/20190621 Three Ways to Lock and Unlock User Account in Linux.md Normal file
View File

@ -0,0 +1,305 @@
[#]: collector: (lujun9972)
[#]: translator: (heguagnzhi)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Three Ways to Lock and Unlock User Account in Linux)
[#]: via: (https://www.2daygeek.com/lock-unlock-disable-enable-user-account-linux/)
[#]: author: (Magesh Maruthamuthu https://www.2daygeek.com/author/magesh/)
在Linux中锁定和解锁用户帐户的三种方法
======
如果密码策略已经在你的组织中实施了,你无需看这篇文章了。
但是在这种情况下如果你设置了24小时的锁定期你需要手动解锁用户帐户。
本教程将帮助你在Linux中手动锁定和解锁用户帐户。
这可以通过三种方式使用以下两个 Linux 命令来完成。
* **`passwd:`** passwd 命令用于更新用户的身份验证令牌。这个任务是通过调用 Linux-PAM 和 Libuser API 来实现。
* **`usermod:`** usermod 命令用于修改/更新给定用户的帐户信息。它用于将用户添加到特定的组中,等等其他功能,
为了说明这一点,我们选择 `daygeek` 用户帐户。让我们看看,怎么一步步来实现的。
请注意,你必须使用你需要锁定或解锁的用户的帐户,而不是我们自己的帐户。
您可以使用 `id Command` 检查给定的用户帐户在系统中是否可用。是的,我的帐户在系统中是可用的。
```
# id daygeek
uid=2240(daygeek) gid=2243(daygeek) groups=2243(daygeek),2244(ladmin)
```
### 方法1: 如何使用 passwd 命令锁定、解锁和检查 Linux 中给定用户帐户的状态?
passwd 命令是 Linux 管理员经常使用的命令之一。
它用于更新 `/etc/shadow` 文件中用户的身份验证令牌。
使用 `-l` 开关运行 passwd 命令,锁定给定的用户帐户。
```
# passwd -l daygeek
Locking password for user daygeek.
passwd: Success
```
你可以通过 passwd 命令或从 /etc/shadow 文件中获取给定用户名来检查锁定的帐户状态。
使用 passwd 命令检查用户帐户锁定状态。
```
# passwd -S daygeek
or
# passwd --status daygeek
daygeek LK 2019-05-30 7 90 7 -1 (Password locked.)
```
将输出给定帐户密码状态的简短信息。
* **`LK:`**` ` 密码锁定
* **`NP:`**` ` 没有密码
* **`PS:`**` ` 密码设置
使用 `/etc/shadow` 文件检查锁定的用户帐户状态。如果帐户已被锁定,密码前面将添加两个感叹号。
```
# grep daygeek /etc/shadow
daygeek:!!$6$tGvVUhEY$PIkpI43HPaEoRrNJSRpM3H0YWOsqTqXCxtER6rak5PMaAoyQohrXNB0YoFCmAuh406n8XOvBBldvMy9trmIV00:18047:7:90:7:::
```
使用 `-u` 开关运行 passwd 命令,解锁给定的用户帐户。
```
# passwd -u daygeek
Unlocking password for user daygeek.
passwd: Success
```
### 方法2:如何使用 usermod 命令在 Linux 中锁定、解锁和检查给定用户帐户的状态?
甚至usermod 命令也经常被 Linux 管理员使用。
usermod 命令用于修改/更新给定用户的帐户信息。它用于将用户添加到特定的组中,等等。,
使用 `-L` 开关运行 usermod 命令,锁定给定的用户帐户。
```
# usermod --lock daygeek
or
# usermod -L daygeek
```
你可以通过 passwd 命令或从 /etc/shadow 文件中获取给定用户名来检查锁定的帐户状态。
使用 passwd 命令检查用户帐户锁定状态。
```
# passwd -S daygeek
or
# passwd --status daygeek
daygeek LK 2019-05-30 7 90 7 -1 (Password locked.)
```
这将输出给定帐户密码状态的简短信息。
* **`LK:`**` ` Password locked
* **`NP:`**` ` No password
* **`PS:`**` ` Password set
使用 /etc/shadow 文件检查锁定的用户帐户状态。如果帐户已被锁定,密码前面将添加两个感叹号。
```
# grep daygeek /etc/shadow
daygeek:!!$6$tGvVUhEY$PIkpI43HPaEoRrNJSRpM3H0YWOsqTqXCxtER6rak5PMaAoyQohrXNB0YoFCmAuh406n8XOvBBldvMy9trmIV00:18047:7:90:7:::
```
使用 `-U` 开关运行 usermod 命令以解锁给定的用户帐户。
```
# usermod --unlock daygeek
or
# usermod -U daygeek
```
###方法-3:如何在 Linux 中使用 usermod 命令禁用、启用对给定用户帐户的 SSH 访问?
甚至usermod 命令也是经常被 Linux 管理员使用的命令。
usermod 命令用于修改/更新给定用户的帐户信息。它用于将用户添加到特定的组中,等等。,
或者,这可以通过将 `nologin` shell 分配给给定用户来完成。为此,可以运行以下命令。
```
# usermod -s /sbin/nologin daygeek
```
You can check the locked user account details by greping the given user name from /etc/passwd file.
你可以通过从 /etc/passwd 文件中给定用户名来检查锁定的用户帐户详细信息。
```
# grep daygeek /etc/passwd
daygeek:x:2240:2243::/home/daygeek:/sbin/nologin
```
我们可以通过分配回原来的 shell 来启用用户 ssh 访问。
```
# usermod -s /bin/bash daygeek
```
###如何使用 shell 脚本锁定、解锁和检查 Linux 中多个用户帐户的状态?
如果你想锁定/解锁多个帐户,那么你需要寻找脚本。
是的,我们可以编写一个小的 shell 脚本来执行这个操作。为此,请使用以下 shell 脚本。
创建用户列表。每个用户信息在单独的行中。
```
$ cat user-lists.txt
u1
u2
u3
u4
u5
```
使用以下 shell 脚本锁定 Linux中 的多个用户帐户。
```
# user-lock.sh
#!/bin/bash
for user in `cat user-lists.txt`
do
passwd -l $user
done
```
将`user-lock.sh` 文件设置为可执行权限 。
```
# chmod + user-lock.sh
```
最后运行脚本来实现这一点。
```
# sh user-lock.sh
Locking password for user u1.
passwd: Success
Locking password for user u2.
passwd: Success
Locking password for user u3.
passwd: Success
Locking password for user u4.
passwd: Success
Locking password for user u5.
passwd: Success
```
使用以下 shell 脚本检查锁定的用户帐户。
```
# vi user-lock-status.sh
#!/bin/bash
for user in `cat user-lists.txt`
do
passwd -S $user
done
```
设置 `user-lock-status.sh` 可执行权限。
```
# chmod + user-lock-status.sh
```
最后运行脚本来实现这一点。
```
# sh user-lock-status.sh
u1 LK 2019-06-10 0 99999 7 -1 (Password locked.)
u2 LK 2019-06-10 0 99999 7 -1 (Password locked.)
u3 LK 2019-06-10 0 99999 7 -1 (Password locked.)
u4 LK 2019-06-10 0 99999 7 -1 (Password locked.)
u5 LK 2019-06-10 0 99999 7 -1 (Password locked.)
```
使用下面的 shell 脚本来解锁多个用户。
```
# user-unlock.sh
#!/bin/bash
for user in `cat user-lists.txt`
do
passwd -u $user
done
```
设置 `user-unlock.sh` 可执行权限。
```
# chmod + user-unlock.sh
```
最后运行脚本来实现这一点。
```
# sh user-unlock.sh
Unlocking password for user u1.
passwd: Success
Unlocking password for user u2.
passwd: Success
Unlocking password for user u3.
passwd: Success
Unlocking password for user u4.
passwd: Success
Unlocking password for user u5.
passwd: Success
```
运行相同的 shell 脚本 `user-lock-status.sh` ,检查这些锁定的用户帐户在 Linux 中是否被解锁。
```
# sh user-lock-status.sh
u1 PS 2019-06-10 0 99999 7 -1 (Password set, SHA512 crypt.)
u2 PS 2019-06-10 0 99999 7 -1 (Password set, SHA512 crypt.)
u3 PS 2019-06-10 0 99999 7 -1 (Password set, SHA512 crypt.)
u4 PS 2019-06-10 0 99999 7 -1 (Password set, SHA512 crypt.)
u5 PS 2019-06-10 0 99999 7 -1 (Password set, SHA512 crypt.)
```
--------------------------------------------------------------------------------
via: https://www.2daygeek.com/lock-unlock-disable-enable-user-account-linux/
作者:[Magesh Maruthamuthu][a]
选题:[lujun9972][b]
译者:[heguangzhi](https://github.com/heguangzhi)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.2daygeek.com/author/magesh/
[b]: https://github.com/lujun9972