mirror of
https://github.com/LCTT/TranslateProject.git
synced 2025-03-12 01:40:10 +08:00
Merge remote-tracking branch 'LCTT/master'
This commit is contained in:
Xingyu Wang
commit
2992cbf736
@ -1,32 +1,34 @@
|
||||
[#]: collector: (lujun9972)
|
||||
[#]: translator: (geekpi)
|
||||
[#]: reviewer: ( )
|
||||
[#]: publisher: ( )
|
||||
[#]: url: ( )
|
||||
[#]: reviewer: (wxy)
|
||||
[#]: publisher: (wxy)
|
||||
[#]: url: (https://linux.cn/article-11584-1.html)
|
||||
[#]: subject: (How to add a user to your Linux desktop)
|
||||
[#]: via: (https://opensource.com/article/19/11/add-user-gui-linux)
|
||||
[#]: author: (Alan Formy-Duval https://opensource.com/users/alanfdoss)
|
||||
|
||||
如何在 Linux 桌面添加用户
|
||||
======
|
||||
无论是在安装中还是在桌面中,通过图形界面管理用户都非常容易。
|
||||
|
||||
> 无论是在安装过程中还是在桌面中,通过图形界面管理用户都非常容易。
|
||||
|
||||
![Team of people around the world][1]
|
||||
|
||||
添加用户是你在一个新系统上要做的第一件事。而且,你通常需要在计算机的整个生命周期中管理用户。
|
||||
|
||||
我的关于 [**useradd** 命令][2]文章提供了更深入的对 Linux 的用户管理的了解。useradd 是一个命令行工具,但是你也可以在 Linux 上以图形方式管理用户。这就是本文的主题。
|
||||
我的关于 [useradd 命令][2]文章提供了更深入的对 Linux 的用户管理的了解。`useradd` 是一个命令行工具,但是你也可以在 Linux 上以图形方式管理用户。这就是本文的主题。
|
||||
|
||||
### 在 Linux 安装过程中添加用户
|
||||
|
||||
大多数 Linux 发行版都提供了在安装过程中创建用户的步骤。例如,Fedora 30 安装程序 Anaconda 创建标准的 _root_ 用户和另一个本地用户帐户。在安装过程中进入“配置”页面时,单击“用户设置”下的“用户创建”。
|
||||
大多数 Linux 发行版都提供了在安装过程中创建用户的步骤。例如,Fedora 30 安装程序 Anaconda 创建标准的 `root` 用户和另一个本地用户帐户。在安装过程中进入“配置”页面时,单击“用户设置”下的“用户创建”。
|
||||
|
||||
![Fedora Anaconda Installer - Add a user][3]
|
||||
|
||||
在用户创建页面上,输入用户的详细信息:**全名**、**用户名**和**密码**。你还可以选择是否使用户成为管理员。
|
||||
在用户创建页面上,输入用户的详细信息:全名、用户名和密码。你还可以选择是否使用户成为管理员。
|
||||
|
||||
![Create a user during installation][4]
|
||||
|
||||
点击**高级**按钮打开**高级用户配置**页面。如果需要除默认设置以外的其他设置,那么可以在此处指定主目录的路径以及用户和组 ID。你也可以输入用户所属的其他组。
|
||||
点击“高级”按钮打开“高级用户配置”页面。如果需要除默认设置以外的其他设置,那么可以在此处指定主目录的路径以及用户和组 ID。你也可以输入用户所属的其他组。
|
||||
|
||||
![Advanced user configuration][5]
|
||||
|
||||
@ -36,13 +38,13 @@
|
||||
|
||||
许多 Linux 发行版都使用 GNOME 桌面。以下截图来自 Red Hat Enterprise Linux 8.0,但是在其他发行版(如 Fedora、Ubuntu 或 Debian)中,该过程相似。
|
||||
|
||||
首先打开“设置”。然后打开**详细**,选择**用户**,单击**解锁**,然后输入密码(除非你已经以 root 用户登录)。这样将用“添加用户”按钮代替“解锁”按钮。
|
||||
首先打开“设置”。然后打开“详细”,选择“用户”,单击“解锁”,然后输入密码(除非你已经以 root 用户登录)。这样将用“添加用户”按钮代替“解锁”按钮。
|
||||
|
||||
![GNOME user settings][6]
|
||||
|
||||
现在,你可以通过单击**添加用户**,然后选择帐户**类型**然后输入**用户名**和**密码**来添加用户。
|
||||
现在,你可以通过单击“添加用户”,然后选择“帐户类型”然后输入“用户名”和“密码”来添加用户。
|
||||
|
||||
在下面的截图中,已经输入了用户名,设置保留为默认设置。我不必输入**用户名**,因为它是在我在“全名”字段中输入时自动创建的。如果你不喜欢自动补全,你仍然可以对其进行修改。
|
||||
在下面的截图中,已经输入了用户名,设置保留为默认设置。我不必输入“用户名”,因为它是在我在“全名”字段中输入时自动创建的。如果你不喜欢自动补全,你仍然可以对其进行修改。
|
||||
|
||||
![GNOME settings - add user][7]
|
||||
|
||||
@ -69,7 +71,7 @@ via: https://opensource.com/article/19/11/add-user-gui-linux
|
||||
作者:[Alan Formy-Duval][a]
|
||||
选题:[lujun9972][b]
|
||||
译者:[geekpi](https://github.com/geekpi)
|
||||
校对:[校对者ID](https://github.com/校对者ID)
|
||||
校对:[wxy](https://github.com/wxy)
|
||||
|
||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
|
||||
|
||||
82
published/20191114 Red Hat Responds to Zombieload v2.md
Normal file
82
published/20191114 Red Hat Responds to Zombieload v2.md
Normal file
@ -0,0 +1,82 @@
|
||||
[#]: collector: (lujun9972)
|
||||
[#]: translator: (wxy)
|
||||
[#]: reviewer: (wxy)
|
||||
[#]: publisher: (wxy)
|
||||
[#]: url: (https://linux.cn/article-11583-1.html)
|
||||
[#]: subject: (Red Hat Responds to Zombieload v2)
|
||||
[#]: via: (https://www.networkworld.com/article/3453596/red-hat-responds-to-zombieload-v2.html)
|
||||
[#]: author: (Sandra Henry-Stocker https://www.networkworld.com/author/Sandra-Henry_Stocker/)
|
||||
|
||||
红帽对 Zombieload v2 缺陷的应对
|
||||
======
|
||||
|
||||
|
||||
> 红帽呼吁更新 Linux 软件,以解决可能导致数据盗用的英特尔处理器缺陷。
|
||||
|
||||
前两天公开的三个“常见漏洞和披露”(CVE)跟踪的是某些英特尔处理器中的三个漏洞,如果利用这些漏洞,可能会使敏感数据面临风险。
|
||||
|
||||
在报告的缺陷中,新发现的英特尔处理器缺陷是今年早些时候发现的 Zombieload 攻击的变种,并且仅会影响英特尔的 Cascade Lake 芯片。
|
||||
|
||||
红帽强烈建议,所有的红帽系统即使不认为其配置构成直接威胁,也要对其进行更新,并且红帽正在向其客户和企业 IT 社区提供资源。
|
||||
|
||||
这三个 CVE 是:
|
||||
|
||||
* CVE-2018-12207:页面大小更改时的机器检查错误
|
||||
* CVE-2019-11135:TSX异步中止
|
||||
* CVE-2019-0155 和 CVE-2019-0154:i915 图形驱动程序
|
||||
|
||||
### CVE-2018-12207
|
||||
|
||||
红帽将该漏洞评为重要。此漏洞可能使本地和非特权的攻击者绕过安全控制并导致系统范围的拒绝服务。
|
||||
|
||||
硬件缺陷是在英特尔微处理器中发现的,并且与指令翻译后备缓冲区(ITLB)有关。它缓存从虚拟地址到物理地址的转换,旨在提高性能。但是,在缓存页面更改后,使缓存的条目无效的延迟可能导致处理器使用无效的地址转换,从而导致机器检查错误异常并使系统进入挂起状态。
|
||||
|
||||
攻击者可以制作这种情况来关闭系统。
|
||||
|
||||
### CVE-2019-11135
|
||||
|
||||
红帽将此漏洞评为中级。这个事务同步扩展(TSX)异步中止是一个微体系结构数据采样(MDS)缺陷。使用定制代码的本地攻击者可以利用此漏洞从处理器以及支持同时多线程(SMT)和 TSX 的处理器上的缓存内容中收集信息。
|
||||
|
||||
### CVE-2019-0155,CVE-2019-0154
|
||||
|
||||
红帽将 CVE-2019-0155 漏洞评为重要,将 CVE-2019-0154 漏洞评为中级。这两个缺陷都与 i915 图形驱动程序有关。
|
||||
|
||||
CVE-2019-0155 允许攻击者绕过常规的内存安全限制,从而允许对应该受到限制的特权内存进行写访问。
|
||||
|
||||
当图形处理单元(GPU)处于低功耗模式时,CVE-2019-0154 可能允许本地攻击者创建无效的系统状态,从而导致系统无法访问。
|
||||
|
||||
唯一受 CVE-2019-0154 影响的的显卡在 i915 内核模块上受到影响。`lsmod` 命令可用于指示该漏洞。 如下所示的任何输出(即以 i915 开头)都表明该系统易受攻击:
|
||||
|
||||
```
|
||||
$ lsmod | grep ^i915
|
||||
i915 2248704 10
|
||||
```
|
||||
|
||||
### 更多资源
|
||||
|
||||
红帽在以下链接中向其客户和其他人提供了详细信息和进一步的说明:
|
||||
|
||||
- <https://access.redhat.com/security/vulnerabilities/ifu-page-mce>
|
||||
- <https://access.redhat.com/solutions/tsx-asynchronousabort>
|
||||
- <https://access.redhat.com/solutions/i915-graphics>
|
||||
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
via: https://www.networkworld.com/article/3453596/red-hat-responds-to-zombieload-v2.html
|
||||
|
||||
作者:[Sandra Henry-Stocker][a]
|
||||
选题:[lujun9972][b]
|
||||
译者:[wxy](https://github.com/wxy)
|
||||
校对:[wxy](https://github.com/wxy)
|
||||
|
||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
|
||||
|
||||
[a]: https://www.networkworld.com/author/Sandra-Henry_Stocker/
|
||||
[b]: https://github.com/lujun9972
|
||||
[1]: https://www.networkworld.com/newsletters/signup.html
|
||||
[2]: https://www.networkworld.com/article/3440100/take-the-intelligent-route-with-consumption-based-storage.html?utm_source=IDG&utm_medium=promotions&utm_campaign=HPE20773&utm_content=sidebar ( Take the Intelligent Route with Consumption-Based Storage)
|
||||
[3]: https://access.redhat.com/solutions/tsx-asynchronousabort%20
|
||||
[4]: https://access.redhat.com/solutions/i915-graphics
|
||||
[5]: https://www.facebook.com/NetworkWorld/
|
||||
[6]: https://www.linkedin.com/company/network-world
|
||||
@ -1,96 +0,0 @@
|
||||
[#]: collector: (lujun9972)
|
||||
[#]: translator: ( )
|
||||
[#]: reviewer: ( )
|
||||
[#]: publisher: ( )
|
||||
[#]: url: ( )
|
||||
[#]: subject: (Red Hat Responds to Zombieload v2)
|
||||
[#]: via: (https://www.networkworld.com/article/3453596/red-hat-responds-to-zombieload-v2.html)
|
||||
[#]: author: (Sandra Henry-Stocker https://www.networkworld.com/author/Sandra-Henry_Stocker/)
|
||||
|
||||
Red Hat Responds to Zombieload v2
|
||||
======
|
||||
Red Hat calls for updating Linux software to address Intel processor flaws that can lead to data-theft exploits
|
||||
Stephen Lawson/IDG
|
||||
|
||||
Three Common Vulnerabilities and Exposures (CVEs) opened yesterday track three flaws in certain Intel processors, which, if exploited, can put sensitive data at risk.
|
||||
|
||||
Of the flaws reported, the newly discovered Intel processor flaw is a variant of the Zombieload attack discovered earlier this year and is only known to affect Intel’s Cascade Lake chips.
|
||||
|
||||
[[Get regularly scheduled insights by signing up for Network World newsletters.]][1]
|
||||
|
||||
Red Hat strongly suggests that all Red Hat systems be updated even if they do not believe their configuration poses a direct threat, and it is providing resources to their customers and to the enterprise IT community.
|
||||
|
||||
[][2]
|
||||
|
||||
BrandPost Sponsored by HPE
|
||||
|
||||
[Take the Intelligent Route with Consumption-Based Storage][2]
|
||||
|
||||
Combine the agility and economics of HPE storage with HPE GreenLake and run your IT department with efficiency.
|
||||
|
||||
The three CVEs are:
|
||||
|
||||
* CVE-2018-12207 - Machine Check Error on Page Size Change
|
||||
* CVE-2019-11135 - TSX Asynchronous Abort
|
||||
* CVE-2019-0155 and CVE-2019-0154 - i915 graphics driver
|
||||
|
||||
|
||||
|
||||
### CVE-2018-12207
|
||||
|
||||
Red Hat rates this vulnerability as important. It is a vulnerability that could allow a local and unprivileged attacker to bypass security controls and cause a system-wide denial of service.
|
||||
|
||||
The hardware flaw was found in Intel microprocessors and is related to the Instruction Translation Lookaside Buffer (ITLB). It caches translations from virtual to physical addresses and is intended to improve performance. However, a delay in invalidating cached entries after cache page changes could lead to a processor using an invalid address translation causing a machine check error exception and moving the system into a hang state.
|
||||
|
||||
This kind of scenario could be crafted by an attacker to take a system down.
|
||||
|
||||
### CVE-2019-11135
|
||||
|
||||
Red Hat rates this vulnerability as moderate. This Transactional Synchronization Extensions (TSX) Asynchronous Abort is a Microarchitectural Data Sampling (MDS) flaw. A local attacker using custom code could use this flaw to gather information from cache contents on the processor and processors that support simultaneous multithreading (SMT) and TSX.
|
||||
|
||||
### CVE-2019-0155, CVE-2019-0154
|
||||
|
||||
Red Hat rates the **CVE-2019-0155** flaw as important and the CVE-2019-0154 as moderate. Both flaws are related to the i915 graphics driver.
|
||||
|
||||
CVE-2019-0155 allows allows an attacker to bypass conventional memory security restrictions, allowing write access to privileged memory that ought to be restricted.
|
||||
|
||||
CVE-2019-0154 could allow an local attacker to create an invalid system state when the Graphics Processing Unit (GPU) is in low power mode, leading to the system becoming inaccessible.
|
||||
|
||||
The only affected graphics card affected by CVE-2019-0154 is on the **i915** kernel module. The **lsmod** command can be used to indicate vulnerability. Any output like that shown below (i.e., starting with i915) indicates that this system is vulnerable:
|
||||
|
||||
```
|
||||
$ lsmod | grep ^i915
|
||||
i915 2248704 10
|
||||
```
|
||||
|
||||
### Additional resources
|
||||
|
||||
Red Hat has provided details and further instructions to its customers and others in the following links:
|
||||
|
||||
<https://access.redhat.com/security/vulnerabilities/ifu-page-mce>
|
||||
|
||||
[https://access.redhat.com/solutions/tsx-asynchronousabort][3] [][4]
|
||||
|
||||
<https://access.redhat.com/solutions/i915-graphics>
|
||||
|
||||
Join the Network World communities on [Facebook][5] and [LinkedIn][6] to comment on topics that are top of mind.
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
via: https://www.networkworld.com/article/3453596/red-hat-responds-to-zombieload-v2.html
|
||||
|
||||
作者:[Sandra Henry-Stocker][a]
|
||||
选题:[lujun9972][b]
|
||||
译者:[译者ID](https://github.com/译者ID)
|
||||
校对:[校对者ID](https://github.com/校对者ID)
|
||||
|
||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
|
||||
|
||||
[a]: https://www.networkworld.com/author/Sandra-Henry_Stocker/
|
||||
[b]: https://github.com/lujun9972
|
||||
[1]: https://www.networkworld.com/newsletters/signup.html
|
||||
[2]: https://www.networkworld.com/article/3440100/take-the-intelligent-route-with-consumption-based-storage.html?utm_source=IDG&utm_medium=promotions&utm_campaign=HPE20773&utm_content=sidebar ( Take the Intelligent Route with Consumption-Based Storage)
|
||||
[3]: https://access.redhat.com/solutions/tsx-asynchronousabort%20
|
||||
[4]: https://access.redhat.com/solutions/i915-graphics
|
||||
[5]: https://www.facebook.com/NetworkWorld/
|
||||
[6]: https://www.linkedin.com/company/network-world
|
||||
Loading…
Reference in New Issue
Block a user