document/TranslateProject
2
0
Fork 0
mirror of https://github.com/LCTT/TranslateProject.git synced 2025-01-28 23:20:10 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'LCTT/master'

Browse Source
This commit is contained in:
Xingyu.Wang 2018-12-03 16:54:49 +08:00
commit 4cd96254ab
6 changed files with 899 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

93
sources/talk/20181130 3 emerging tipping points in open source.md Normal file
View File

@ -0,0 +1,93 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: subject: (3 emerging tipping points in open source)
[#]: via: (https://opensource.com/article/18/11/3-new-tipping-points-open-source)
[#]: author: (Bilgin lbryam https://opensource.com/users/bibryam)
[#]: url: ( )
3 emerging tipping points in open source
======
Understand the factors advancing the open source model's evolution.
![](https://opensource.com/sites/default/files/styles/image-full-size/public/uploads/balance_tipping_seesaw_building.jpg?itok=Lu17pIYG)
Over the last two decades, open source has been expanding into all aspects of technology—from software to [hardware][1]; from small, disruptive startups to large, boring enterprises; from open standards to open [patents][2].
As movements evolve, they reach tipping points—stages that move the model in new directions. Following are three things that I believe are now reaching a tipping point in open source.
### Open for non-coders
As the name suggests, the open source model has mainly been focused on the source code. On the surface, that's probably because open source communities are usually made up of developers working on the source code, and the tools used in open source projects, such as source control systems, issue trackers, mailing list names, chat channel names, etc., all assume that developers are the center of the universe.
This has created big losses because it prevents creative people, designers, document writers, event organizers, community managers, lawyers, accountants, and many others from participating in open source communities. We need and want non-code contributors, but we don't have processes and tools to include them, means to measure their value, nor ways for their peers, the community, or their employers to reward their efforts. As a result, it has been a lose-lose for decades. We can see the implications in all the ugly websites, amateur logos, badly written and formatted documentation, disorganized events, etc., in open source projects.
The good news is that we are getting signals that change is on the way:
* [Linus Torvalds apologized][3] for his "bad behavior." While this wasn't specifically focused on non-coders, it symbolizes making open source a non-hostile place for less-technical contributors.
* The Cloud Native Computing Foundation (CNCF) introduced the [Non-Code Contributor's Guide][4]. In addition to showing the many ways people can contribute to open source projects, it also set a baseline for non-code contributions that other open source projects and foundations will end up following.
* The Apache Software Foundation (ASF) is working in the same direction. We've been holding long discussions, and we will have some concrete output very soon (note that is "ASF soon").
There is a little-known secret that is great news for non-coders and others new to open source: One of the easiest ways to be recognized as part of an established open source project is to do non-coding activities. Nowadays, with complex software stacks and tough competition, there is a pretty high bar for entering a project as a committer. Performing non-coding activities is less popular, and it opens a fast backdoor to open source communities.
![](https://opensource.com/sites/default/files/uploads/opensource_funnels.png)
### Macro acquisitions
Open source may have started in the hacker community as a way of scratching developers' personal itches, but today it is the place where innovation happens. Even the world's largest software companies are transitioning to the model to continue dominating their market.
Here are some good reasons enterprises have become so interested in contributing to open source:
* It multiplies the company's investments through contributions.
* They can benefit from the most recent technology advances and avoid reinventing the wheel.
* It helps spread knowledge of their software and its broader adoption.
* It increases the developer base and hiring pool.
* Internal developers' skills grow by learning from top coders in the field.
* It builds a company's reputation—developers want to work for organizations they can boast about.
* It aids recruitment and retention—developers want to work on exciting projects that affect large groups of people.
* New companies and projects can start faster through the open source networking effect.
Many enterprises are trying to shortcut the process by acquiring open source companies—which leads to even more open source adoption. Building an open source company takes many years of effort done out in the open. Hiring good developers who are willing to work in the open, building a community around a project, and creating a successful business model require delicate effort. Companies that manage to do this are very attractive for investment and acquisition, as they serve as a catalyst to turn the acquirer into an open source company at scale. The number of [successful open source companies][5] that is acquired seems to get bigger every day, and this trend is only getting stronger.
### Micro-funding of open source software
In addition to macro investments through acquisitions of open source companies, there has also been an increase in decentralized [micro-funding of self-sustaining][6] open source projects.
On one end of the spectrum, there are open source projects that are maintained primarily by intrinsically motivated developers. On the other end, large companies are hiring developers to work on open source projects driven by company roadmaps and strategies. That leaves a large number of open source projects that are not exciting enough for accidental contributors nor on enterprise companies' radar.
In recent years, there has been an increase in [platforms for funding and sustaining][7] these open source projects through bug bounties, micro-payments, recurring donations, one-time contributions, subscriptions, etc. These open source funding platforms allow individuals to take responsibility for open source sustainability in their own hands by paying maintainers directly. This enables people to contribute to the open source model through value transfer rather than code contributions.
There are three basic channels for open source contributions:
* Hobbyists contribute to open source projects because of intrinsic motivations rather than monetary value.
* Companies with open source business models (open core, SaaS, support, services, etc.) monetize open source projects directly with regular, planned, and centralized subsidization.
* Independent open source users provide irregular, micro, decentralized subsidization through [OSS funding][7] platforms.
While hobbyists and hackers started the open source movement, it's turned into an enterprise monetization model. Having a model to sustain the remaining open source projects is welcome.
--------------------------------------------------------------------------------
via: https://opensource.com/article/18/11/3-new-tipping-points-open-source
作者:[Bilgin lbryam][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/bibryam
[b]: https://github.com/lujun9972
[1]: https://opensource.com/resources/what-open-hardware
[2]: https://www.redhat.com/en/blog/red-hat-welcomes-milestone-addition-open-invention-network-microsoft-joins-safeguard-linux-patent-attacks
[3]: https://lkml.org/lkml/2018/9/16/167
[4]: https://kubernetes.io/blog/2018/10/04/introducing-the-non-code-contributors-guide/
[5]: http://oss.cash/
[6]: https://opensource.com/article/18/8/open-source-tokenomics
[7]: http://oss.fund/

163
sources/tech/20181105 5 Minimal Web Browsers for Linux.md Normal file
View File

@ -0,0 +1,163 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: subject: (5 Minimal Web Browsers for Linux)
[#]: via: (https://www.linux.com/blog/intro-to-linux/2018/11/5-minimal-web-browsers-linux)
[#]: author: (Jack Wallen https://www.linux.com/users/jlwallen)
[#]: url: ( )
5 Minimal Web Browsers for Linux
======
![](https://www.linux.com/sites/lcom/files/styles/rendered_file/public/minimal.jpg?itok=ifA0Y3pV)
There are so many reasons to enjoy the Linux desktop. One reason I often state up front is the almost unlimited number of choices to be found at almost every conceivable level. From how you interact with the operating system (via a desktop interface), to how daemons run, to what tools you use, you have a multitude of options.
The same thing goes for web browsers. You can use anything from open source favorites, such as [Firefox][1] and [Chromium][2], or closed sourced industry darlings like [Vivaldi][3] and [Chrome][4]. Those options are full-fledged browsers with every possible bell and whistle youll ever need. For some, these feature-rich browsers are perfect for everyday needs.
There are those, however, who prefer using a web browser without all the frills. In fact, there are many reasons why you might prefer a minimal browser over a standard browser. For some, its about browser security, while others look at a web browser as a single-function tool (as opposed to a one-stop shop application). Still others might be running low-powered machines that cannot handle the requirements of, say, Firefox or Chrome. Regardless of the reason, Linux has you covered.
Lets take a look at five of the minimal browsers that can be installed on Linux. Ill be demonstrating these browsers on the Elementary OS platform, but each of these browsers are available to nearly every distribution in the known Linuxverse. Lets dive in.
### GNOME Web
GNOME Web (codename Epiphany, which means [“a usually sudden manifestation or perception of the essential nature or meaning of something”][5]) is the default web browser for Elementary OS, but it can be installed from the standard repositories. (Note, however, that the recommended installation of Epiphany is via Flatpak or Snap). If you choose to install via the standard package manager, issue a command such as sudo apt-get install epiphany-browser -y for successful installation.
Epiphany uses the WebKit rendering engine, which is the same engine used in Apples Safari browser. Couple that rendering engine with the fact that Epiphany has very little in terms of bloat to get in the way, you will enjoy very fast page-rendering speeds. Epiphany development follows strict adherence to the following guidelines:
* Simplicity - Feature bloat and user interface clutter are considered evil.
* Standards compliance - No non-standard features will ever be introduced to the codebase.
* Software freedom - Epiphany will always be released under a license that respects freedom.
* Human interface - Epiphany follows the [GNOME Human Interface Guidelines][6].
* Minimal preferences - Preferences are only added when they make sense and after careful consideration.
* Target audience - Non-technical users are the primary target audience (which helps to define the types of features that are included).
GNOME Web is as clean and simple a web browser as youll find (Figure 1).
![GNOME Web][8]
Figure 1: The GNOME Web browser displaying a minimal amount of preferences for the user.
[Used with permission][9]
The GNOME Web manifesto reads:
A web browser is more than an application: it is a way of thinking, a way of seeing the world. Epiphany's principles are simplicity, standards compliance, and software freedom.
### Netsurf
The [Netsurf][10] minimal web browser opens almost faster than you can release the mouse button. Netsurf uses its own layout and rendering engine (designed completely from scratch), which is rather hit and miss in its rendering (Figure 2).
![](https://www.linux.com/sites/lcom/files/styles/rendered_file/public/minimalbrowsers_2.jpg?itok=KhGhIKlj)
Although you might find Netsurf to suffer from rendering issues on certain sites, understand the Hubbub HTML parser is following the work-in-progress HTML5 specification, so there will be issues popup now and then. To ease those rendering headaches, Netsurf does include HTTPS support, web page thumbnailing, URL completion, scale view, bookmarks, full-screen mode, keyboard shorts, and no particular GUI toolkit requirements. That last bit is important, especially when you switch from one desktop to another.
For those curious as to the requirements for Netsurf, the browser can run on a machine as slow as a 30Mhz ARM 6 computer with 16MB of RAM. Thats impressive, by todays standard.
### QupZilla
If youre looking for a minimal browser that uses the Qt Framework and the QtWebKit rendering engine, [QupZilla][11] might be exactly what youre looking for. QupZilla does include all the standard features and functions youd expect from a web browser, such as bookmarks, history, sidebar, tabs, RSS feeds, ad blocking, flash blocking, and CA Certificates management. Even with those features, QupZilla still manages to remain a very fast lightweight web browser. Other features include: Fast startup, speed dial homepage, built-in screenshot tool, browser themes, and more.
One feature that should appeal to average users is that QupZilla has a more standard preferences tools than found in many lightweight browsers (Figure 3). So, if going too far outside the lines isnt your style, but you still want something lighter weight, QupZilla is the browser for you.
![QupZilla][13]
Figure 3: The QupZilla preferences tool.
[Used with permission][9]
### Otter Browser
Otter Browser is a free, open source attempt to recreate the closed-source offerings found in the Opera Browser. Otter Browser uses the WebKit rendering engine and has an interface that should be immediately familiar with any user. Although lightweight, Otter Browser does include full-blown features such as:
* Passwords manager
* Add-on manager
* Content blocking
* Spell checking
* Customizable GUI
* URL completion
* Speed dial (Figure 4)
* Bookmarks and various related features
* Mouse gestures
* User style sheets
* Built-in Note tool
![Otter][15]
Figure 4: The Otter Browser Speed Dial tab.
[Used with permission][9]
Otter Browser can be run on nearly any Linux distribution from an [AppImage][16], so theres no installation required. Just download the AppImage file, give the file executable permissions (with the command chmod u+x otter-browser-*.AppImage), and then launch the app with the command ./otter-browser*.AppImage.
Otter Browser does an outstanding job of rendering websites and could function as your go-to minimal browser with ease.
### Lynx
Lets get really minimal. When I first started using Linux, back in 97, one of the web browsers I often turned to was a text-only take on the app called [Lynx][17]. It should come as no surprise that Lynx is still around and available for installation from the standard repositories. As you might expect, Lynx works from the terminal window and doesnt display pretty pictures or render much in the way of advanced features (Figure 5). In fact, Lynx is as bare-bones a browser as you will find available. Because of how bare-bones this web browser is, its not recommended for everyone. But if you happen to have a gui-less web server and you have a need to be able to read the occasional website, Lynx can be a real lifesaver.
![Lynx][19]
Figure 5: The Lynx browser rendering the Linux.com page.
[Used with permission][9]
I have also found Lynx an invaluable tool when troubleshooting certain aspects of a website (or if some feature on a website is preventing me from viewing the content in a regular browser). Another good reason to use Lynx is when you only want to view the content (and not the extraneous elements).
### Plenty More Where This Came From
There are plenty more minimal browsers than this. But the list presented here should get you started down the path of minimalism. One (or more) of these browsers are sure to fill that need, whether youre running it on a low-powered machine or not.
Learn more about Linux through the free ["Introduction to Linux" ][20]course from The Linux Foundation and edX.
--------------------------------------------------------------------------------
via: https://www.linux.com/blog/intro-to-linux/2018/11/5-minimal-web-browsers-linux
作者:[Jack Wallen][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.linux.com/users/jlwallen
[b]: https://github.com/lujun9972
[1]: https://www.mozilla.org/en-US/firefox/new/
[2]: https://www.chromium.org/
[3]: https://vivaldi.com/
[4]: https://www.google.com/chrome/
[5]: https://www.merriam-webster.com/dictionary/epiphany
[6]: https://developer.gnome.org/hig/stable/
[7]: /files/images/minimalbrowsers1jpg
[8]: https://www.linux.com/sites/lcom/files/styles/rendered_file/public/minimalbrowsers_1.jpg?itok=Q7wZLF8B (GNOME Web)
[9]: /licenses/category/used-permission
[10]: https://www.netsurf-browser.org/
[11]: https://qupzilla.com/
[12]: /files/images/minimalbrowsers3jpg
[13]: https://www.linux.com/sites/lcom/files/styles/rendered_file/public/minimalbrowsers_3.jpg?itok=O8iMALWO (QupZilla)
[14]: /files/images/minimalbrowsers4jpg
[15]: https://www.linux.com/sites/lcom/files/styles/rendered_file/public/minimalbrowsers_4.jpg?itok=5bCa0z-e (Otter)
[16]: https://sourceforge.net/projects/otter-browser/files/
[17]: https://lynx.browser.org/
[18]: /files/images/minimalbrowsers5jpg
[19]: https://www.linux.com/sites/lcom/files/styles/rendered_file/public/minimalbrowsers_5.jpg?itok=p_Lmiuxh (Lynx)
[20]: https://training.linuxfoundation.org/linux-courses/system-administration-training/introduction-to-linux

79
sources/tech/20181127 Bio-Linux- A stable, portable scientific research Linux distribution.md Normal file
View File

@ -0,0 +1,79 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: subject: (Bio-Linux: A stable, portable scientific research Linux distribution)
[#]: via: (https://opensource.com/article/18/11/bio-linux)
[#]: author: (Matt Calverley https://opensource.com/users/mattcalverley)
[#]: url: ( )
Bio-Linux: A stable, portable scientific research Linux distribution
======
Linux distro's integrated software approach offers powerful bioinformatic data analysis with a familiar look and feel.
![](https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/LIFE_science.png?itok=WDKARWGV)
Bio-Linux was introduced and detailed in a [Nature Biotechnology paper in July 2006][1]. The distribution was a group effort by the Natural Environment Research Council in the UK. As the creators and authors point out, the analysis demands of high-throughput “-omic” (genomic, proteomic, metabolomic) science has necessitated the development of integrated computing solutions to analyze the resultant mountains of experimental data.
From this need, Bio-Linux was born. The distribution, [according to its creators][2], serves as a “free bioinformatics workstation platform that can be installed on anything from a laptop to a large server.” The current distro version, Bio-Linux 8, is built on an Ubuntu 14.04 LTS base. Thus, the general look and feel of Bio-Linux is similar to that of Ubuntu.
In my own work as a research immunologist, I can attest to both the need for and success of the integrated software approach in Bio-Linux's design and development. Bio-Linux functions as a true turnkey solution to data pipeline requirements of modern science. As the website mentions, Bio-Linux includes [more than 250 pre-installed software packages][3], many of which are specific to the requirements of bioinformatic data analysis.
The power of this approach becomes immediately evident when you try to duplicate the software installation process under another operating system. Integrating all software components and installing all required dependencies is immensely time-consuming, and in some instances is not even possible outside of the Linux operating system. The Bio-Linux distro provides a portable, stable, integrated environment with pre-installed software sufficient to begin a vast array of bioinformatic analysis tasks.
By now youre probably saying, “Im sold—how do I get this amazing distro?”
Im glad you asked. I'll start by saying that there is excellent documentation on the Bio-Linux website. This [documentation][4] covers both installation instructions and a very thorough overview of using the distro.
The distro can be installed and run locally, run off a CD/DVD or USB, installed on a server, or run out of a virtual machine environment. To begin the installation process for local installation, [download the disk image or ISO][5] for the Bio-Linux distro. The disk image is a 3.3GB file, and depending on your internet download speed, this may be a good time to get a cup of coffee or take a nice nap.
Once the ISO has been downloaded, the Bio-Linux developers recommend using [UNetBootin][6], a freely available cross-platform software package used to make bootable USBs. There is a link provided for UNetBootin on the Bio-Linux website. I can attest to the effectiveness of UNetBootin in both Mac and Linux operating systems.
On Unix family operating systems (Mac OS and Linux), it is also possible to make a bootable USB from the command line using the `dd `command:
```
sudo umount “USB location”
sudo dd bs=4M if=”ISO location” of =”USB location” conv=fdatasync
```
Regardless of the method you use, this might be another good time for a coffee break.
At this point in my installation, UNetBootin appeared to freeze at the `squashfs` file transfer during bootable USB creation. However, a quick check of the Ubuntu disks application confirmed that the file was still being written to the USB. In other words, be patient—it takes quite some time to make the bootable USB.
Once youve had your coffee and you have a finished USB in hand, you are ready to use Bio-Linux. As the Bio-Linux website points out, if you are trying to use a bootable USB with a Mac computer (particularly newer hardware versions), you may not be able to boot from the USB. There are workarounds, but they involve configuring the system for dual boot. Likewise, on Windows-based machines, it may be necessary to make changes to the boot order and possibly the secure boot settings for the machine from within BIOS.
From this point, how you use the distro is up to you. You can run the distro from the USB to test it. You can install the distro to your computer. You can even follow the instructions on the Bio-Linux website to make a VM instance of the distro or run it on a server. Regardless of how you use it, you have a high-powered bioinformatic data analysis workstation at your disposal.
Maybe you have a professional need for such a workstation, but even if you never use Bio-Linux as a professional researcher, it could provide a great resource for biology teaching professionals at all levels to introduce students to modern bioinformatics principles. For the price of a laptop and a USB, every school can have an in silico teaching resource to complement classroom lessons in the “-omics” age. Your only limitations are your creativity and the performance of your hardware.
### More on Linux
As an open source operating system with strong community support, the Linux kernel shares many of the strengths common to other successful open source software endeavors. Linux tends to be both stable and amenable to customization. It is also fairly hardware-agnostic, capable of running alongside other operating systems on a wide array of hardware configurations. In fact, installing Linux is a common method of regaining usability from dated hardware that is incapable of running other modern operating systems. Linux is also highly portable and can be run from any bootable external storage device, such as a USB drive, without the need to permanently install the operating system.
It is this combination of stability, customizability, and portability that initially drew me to Linux. Each Linux operating system variant is referred to as a distribution (or distro), and it seems as though there is a Linux distribution for every imaginable computing scenario or desire. The options can actually be rather intimidating, and I suspect they may often discourage people from trying Linux.
“How many different distributions can there possibly be?” you might wonder. If you have a few minutes, or even a few hours, have a look at [DistroWatch.com][7]. As its name implies, this site is devoted to the cataloging of all things Linux distribution-related. For visual learners, there is an amazing [Linux family tree][8] that really puts it into perspective.
While [entire books][9] are devoted to the topic of Linux distributions, the differences often depend on what software is included in the base installation, how the software is managed, and graphical differences affecting the “look and feel” of the distribution. Certainly, there are also subtleties of hardware compatibility, speed, and stability.
--------------------------------------------------------------------------------
via: https://opensource.com/article/18/11/bio-linux
作者:[Matt Calverley][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/mattcalverley
[b]: https://github.com/lujun9972
[1]: https://www.nature.com/articles/nbt0706-801
[2]: http://environmentalomics.org/bio-linux/
[3]: http://environmentalomics.org/bio-linux-software-list/
[4]: http://nebc.nerc.ac.uk/downloads/courses/Bio-Linux/bl8_latest.pdf
[5]: http://environmentalomics.org/bio-linux-download/
[6]: https://unetbootin.github.io/
[7]: https://distrowatch.com/
[8]: https://distrowatch.com/images/other/distro-family-tree.png
[9]: https://www.amazon.com/Introducing-Linux-Distros-Dieguez-Castro/dp/1484213939

127
sources/tech/20181128 Arch-Audit - A Tool To Check Vulnerable Packages In Arch Linux.md Normal file
View File

@ -0,0 +1,127 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: subject: (Arch-Audit : A Tool To Check Vulnerable Packages In Arch Linux)
[#]: via: (https://www.2daygeek.com/arch-audit-a-tool-to-check-vulnerable-packages-in-arch-linux/)
[#]: author: (Prakash Subramanian https://www.2daygeek.com/author/prakash/)
[#]: url: ( )
Arch-Audit : A Tool To Check Vulnerable Packages In Arch Linux
======
We have to make the system up-to date to minimize the downtime and issues.
Its one of the routine task for Linux administrator to patch the system once in a month or 60 days once or 90 days at maximum.
It would be sufficient schedule and we cant do it this less than a month as its involve multiple activities and environments.
Basically infrastructure comes with Test, Development, QA a.k.a Staging & Prod environments.
Initially we will deploy the patches in the Test environment and corresponding team will be monitoring the system a week then they will give a status report like good or bad.
If its success then we will move forward to other environments. If everything is good then finally we will patch production servers.
Many of the organization has prepare to patch entire system. i mean full system update. It is a general patching schedule for a typical infrastructure.
In some of the infrastructure they may have only production environment so, we should not prepare for the full system update instead we can go with security patch to make the system more stable and secure.
Since Arch Linux and its derivatives distributions are fall under rolling release can be considered to be always up-to-date, as it uses the latest versions of software packages from the upstream.
In some cases if you want to update security patch alone then you have to use arch-audit tool to identify and fix the security patches.
### What is a Vulnerability?
A vulnerability is a security weakness in a software program or hardware components (firmware). Its a flaw that can leave it open to attack.
To mitigate this we need to patch accordingly like for application/hardware it could be a code changes or config changes or parameter changes.
### What is Arch-Audit Tool?
[Arch-audit][1] is a tool like pkg-audit for Arch Linux system. It Uses data collected by the awesome Arch Security Team. It wont scan and find the vulnerable packages on your system like **yum security check-update & yum updateinfo list available** and it will simply parse the <https://security.archlinux.org/> page and display the results in terminal. So, it would show the accurate data.
The Arch Security Team is a group of volunteers whose goal is to track security issues with Arch Linux packages. All issues are tracked on the Arch Linux security tracker.
The team was formerly known as the Arch CVE Monitoring Team. The mission of the Arch Security Team is to contribute to the improvement of the security of Arch Linux.
### How to Install arch-audit tool in Arch Linux
The arch-audit tool is available in community repository so you can use the Pacman Package Manager to install it.
```
$ sudo pacman -S arch-audit
```
Run the `arch-audit` tool to find the open vulnerable packages on Arch based distributions.
```
$ arch-audit
Package cairo is affected by CVE-2017-7475. Low risk!
Package exiv2 is affected by CVE-2017-11592, CVE-2017-11591, CVE-2017-11553, CVE-2017-17725, CVE-2017-17724, CVE-2017-17723, CVE-2017-17722. Medium risk!
Package libtiff is affected by CVE-2018-18661, CVE-2018-18557, CVE-2017-9935, CVE-2017-11613. High risk!. Update to 4.0.10-1!
Package openssl is affected by CVE-2018-0735, CVE-2018-0734. Low risk!
Package openssl-1.0 is affected by CVE-2018-5407, CVE-2018-0734. Low risk!
Package patch is affected by CVE-2018-6952, CVE-2018-1000156. High risk!. Update to 2.7.6-7!
Package pcre is affected by CVE-2017-11164. Low risk!
Package systemd is affected by CVE-2018-6954, CVE-2018-15688, CVE-2018-15687, CVE-2018-15686. Critical risk!. Update to 239.300-1!
Package unzip is affected by CVE-2018-1000035. Medium risk!
Package webkit2gtk is affected by CVE-2018-4372. Critical risk!. Update to 2.22.4-1!
```
The above result shows the vulnerability risk status as well such as Low, Medium and Critical.
To Show only vulnerable package names and their versions.
```
$ arch-audit -q
cairo
exiv2
libtiff>=4.0.10-1
openssl
openssl-1.0
patch>=2.7.6-7
pcre
systemd>=239.300-1
unzip
webkit2gtk>=2.22.4-1
```
To show only packages that have already been fixed.
```
$ arch-audit --upgradable --quiet
libtiff>=4.0.10-1
patch>=2.7.6-7
systemd>=239.300-1
webkit2gtk>=2.22.4-1
```
To cross check the above results, im going to test one of the package which is listed above in <https://www.archlinux.org/packages/> to confirm whether the vulnerability is still open or fixed it. Yes, its fixed and published the updated package in repository on yesterday.
![][3]
To print only package names and associated CVEs alone.
```
$ arch-audit -uf "%n|%c"
libtiff|CVE-2018-18661,CVE-2018-18557,CVE-2017-9935,CVE-2017-11613
patch|CVE-2018-6952,CVE-2018-1000156
systemd|CVE-2018-6954,CVE-2018-15688,CVE-2018-15687,CVE-2018-15686
webkit2gtk|CVE-2018-4372
```
--------------------------------------------------------------------------------
via: https://www.2daygeek.com/arch-audit-a-tool-to-check-vulnerable-packages-in-arch-linux/
作者:[Prakash Subramanian][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.2daygeek.com/author/prakash/
[b]: https://github.com/lujun9972
[1]: https://github.com/ilpianista/arch-audit
[2]: data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7
[3]: https://www.2daygeek.com/wp-content/uploads/2018/11/A-Tool-To-Check-Vulnerable-Packages-In-Arch-Linux.png

93
sources/tech/20181129 4 open source Markdown editors.md Normal file
View File

@ -0,0 +1,93 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: subject: (4 open source Markdown editors)
[#]: via: (https://opensource.com/article/18/11/markdown-editors)
[#]: author: (Scott Nesbitt https://opensource.com/users/scottnesbitt)
[#]: url: ( )
4 open source Markdown editors
======
If you're looking for an easy way to format Markdown text, these editors may fit your needs.
![](https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/osdc-docdish-typewriterkeys.png?itok=IeQWevaV)
I do most of my writing in a text editor and format it with [Markdown][1]—articles, essays, blog posts, and much more. I'm not the only one, either. Not only do countless people write with Markdown, but there are also more than a few publishing tools built around it.
Who'd have thought that a simple way to format web documents created by John Gruber and the late Aaron Schwartz would become so popular?
While most of my writing takes place in a text editor, I can understand the appeal of a dedicated Markdown editor. You get quick access to formatting, you can easily convert your documents to other formats, and you can get an instant preview.
If you're thinking about going Markdown and are looking for a dedicated editor, here are four open source options for your writing pleasure.
### Ghostwriter
[Ghostwriter][2] ranks in the top three of the dedicated Markdown editors I've used or tried. And I've used or tried a few!
![](https://opensource.com/sites/default/files/uploads/markdown-editors_ghostwriter.png)
As an editor, Ghostwriter is pretty much a blank canvas. Start typing and adding formatting by hand. If you don't want to do that, or are just learning Markdown and don't know what to add, you can select certain formatting from Ghostwriter's Format menu.
Admittedly, it's just basic formatting—lists, character formatting, and indenting. You'll have to add headings, code, and the like by hand. But the Task List option is interesting. I know a few people who create their to-do lists in Markdown, and this option makes creating and maintaining one much easier.
What sets Ghostwriter apart from other Markdown editors is its range of export options. You can choose the Markdown processor you want to use, including [Sundown][3], [Pandoc][4], or [Discount][5]. With a couple of clicks, you can convert what you're writing to HTML5, ODT, EPUB, LaTeX, PDF, or a Word document.
### Abricotine
If you like your Markdown editors simple, you'll like [Abricotine][6]. But don't let its simplicity fool you; Abricotine packs quite a punch.
![](https://opensource.com/sites/default/files/uploads/markdown-editors_abricotine.png)
Like any other editor, you can enter formatting by hand or use the Format or Insert menus. Abricotine also has a menu for inserting a [GitHub Flavored Markdown][7] table. There are 16 pre-packaged table formats, and you can add rows or columns as you need them. If the tables are looking a bit messy, you can pretty them up by pressing Ctrl+Shift+B.
Abricotine can automatically display images, links, and math. You can turn all that off if you want to. The editor is, however, limited to exporting documents as HTML.
### Mark Text
Like Abricotine, [Mark Text][8] is a simple Markdown editor that might surprise you. It has a few features you might not expect and does quite a good job of handling documents formatted with Markdown.
![](https://opensource.com/sites/default/files/uploads/markdown-editors_marktext.png)
Mark Text stays out of your way. There are no menus or toolbars. You get to the commands and functions by clicking the stacked menu in the top-left corner of the editor window. It's just you and your words.
The editor's default mode is a semi-WYSIWYG view, although you can change that to see the formatting code you've added to your writing. As for that formatting, Mark Text supports GitHub Flavored Markdown, so you can add tables and formatted blocks of code with syntax highlighting. In its default view, the editor displays any images in your document.
While Mark Text lacks Ghostwriter's range of export options, you can save your files as HTML or PDF. The output doesn't look too bad, either.
### Remarkable
[Remarkable][9] lies somewhere between Ghostwriter and Abricotine or Mark Text. It has that two-paned interface, but with a slightly more modern look. And it has a few useful features.
![](https://opensource.com/sites/default/files/uploads/markdown-editors_remarkable.png)
The first thing you notice about Remarkable is its [Material Design][10]-inspired look and feel. It's not for everyone, and I'll be honest: It took me a little while to get used to it. Once you do, it's easy to use.
You get quick access to formatting from the toolbar and the menus. You can also change the preview pane's style using one of 11 built-in Cascading Style Sheets or by creating one of your own.
Remarkable's export options are limited—you can export your work only as HTML or PDF files. You can, however, copy an entire document or a selected portion as HTML, which you can paste into another document or editor.
Do you have a favorite dedicated Markdown editor? Why not share it by leaving a comment?
--------------------------------------------------------------------------------
via: https://opensource.com/article/18/11/markdown-editors
作者:[Scott Nesbitt][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/scottnesbitt
[b]: https://github.com/lujun9972
[1]: https://en.wikipedia.org/wiki/Markdown
[2]: https://wereturtle.github.io/ghostwriter/
[3]: https://github.com/vmg/sundown
[4]: https://pandoc.org
[5]: https://www.pell.portland.or.us/~orc/Code/discount/
[6]: http://abricotine.brrd.fr/
[7]: https://guides.github.com/features/mastering-markdown/
[8]: https://marktext.github.io/website/
[9]: https://remarkableapp.github.io/
[10]: https://en.wikipedia.org/wiki/Material_Design

344
sources/tech/20181130 Some Alternatives To ‘top- Command line Utility You Might Want To Know.md Normal file
View File

@ -0,0 +1,344 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: subject: (Some Alternatives To top Command line Utility You Might Want To Know)
[#]: via: (https://www.ostechnix.com/some-alternatives-to-top-command-line-utility-you-might-want-to-know/)
[#]: author: (SK https://www.ostechnix.com/author/sk/)
[#]: url: ( )
Some Alternatives To top Command line Utility You Might Want To Know
======
![](https://www.ostechnix.com/wp-content/uploads/2018/11/Alternatives-To-Top-Command-720x340.png)
Every now and then, I see a lot of open source programs, tools, and utilities are being added to GitHub and GitLab by developers across the world. Some of those programs are new and some of them are just alternative programs to the most popular and widely used existing Linux programs. In this tutorial, we are going to discuss about some good alternatives to [**top**][1], the command line task manager program. Read on.
### Alternatives To top Command line Utility
As of writing this guide, I am aware of the following 6 alternatives to Top program, namely:
1. Htop
2. Vtop
3. Gtop
4. Gotop
5. Ptop
6. Hegemon
I will keep updating this list if I come across any similar utilities in the days to come. Bookmark this guide if youre interested to know about such utilities.
#### 1\. Htop
The **htop** is a popular, open source and cross-platform interactive process manager. It is my favorite system activity monitor tool. htop is an enhanced version of the classic top program. It is originally developed for Linux, but the developer extended its support to other Unix-like operating systems such as FreeBSD and Mac OS X. htop is free open source, and ncurses-based utility released under GPLv2.
Compared to the classic top command, it has the following few advantages.
* htop starts faster than top program.
* htop allows us to scroll horizontally and vertically to view all processes and full command lines.
* There is no need to type the PID to kill a process in htop. But in top, you need to type the PID to kill the process.
* There is no need to type PID to change the priority of a process, but in top command, you do.
* We can kill multiple processes at once in htop.
* In top program you are subject to a delay for each unassigned key you press. It is especially annoying when multi-key escape sequences are triggered by accident.
**Installing htop**
htop is available in the default repositories of most Linux distributions.
On Arch-based systems, run the following command to install htop.
```
$ sudo pacman -S htop
```
On Debian-based systems:
```
$ sudo apt install htop
```
On RPM-based systems:
```
$ sudo dnf install htop
```
Or,
```
$ sudo yum install htop
```
On openSUSE:
```
$ sudo zypper in htop
```
**Usage**
When you htop command without any arguments, you will see the following screen.
```
$ htop
```
![](https://www.ostechnix.com/wp-content/uploads/2018/11/htop-command-1.png)
As you can see, htop task manager shows total memory and swap usage, total number of tasks, system average load and system uptime on the top. On the bottom side, just like top command, it displays the list of processes in multiple columns. Each column displays details such as pid, user, priority, nice value, virtual memory usage, cpu usage, memory usage by each process etc. You can read about these parameters in the top command tutorial linked in the first paragraph.
Unlike top command, htop allows you to perform each operation with a dedicated function key. Here is the list of shortcut keys to interact with htop.
* **F1, h, ?** Open help section.
* **F2, S(Shift+s)** Go to the setup section, where you can configure the meters displayed at the top of the screen, set various display options, choose among color schemes, and select which columns are displayed, in which order etc.
* **F3, /** Search the command lines of all the displayed processes.
* **F4, \** Filter processes. Just type the part of the process name and you will see only the processes that matches the name. Press F4 again and hit ESC key to cancel filtering.
* **F5, t** Switch between tree view and default view. Press + to view the sub-tree.
* **F6, <, >** Sort the processes by PID, USER, PRIORITY, NICE value, CPU usage, MEMORY usage etc.
* **F7, ]** Increase the selected processs priority.
* **F8, [** Decrease the selected processs priority.
* **F9, k** Kill the processes. Use the UP/DOWN arrows to choose the process and press F9 or k to kill it.
* **F10, q** Exit htop.
All shortcuts keys are given at the bottom of the htop interface.
Please note that some of these function keys might be assigned to various Terminal operations. For example, when I hit the F2 key, it didnt go to htop setup section. Instead it displayed the option to set the title to my Terminal window. In such cases, you might need to other keys given along with the function keys.
Apart from the above mentioned keys, there are few more keys available to perform different functions. For example,
* Press **u** to show processes owned by a user.
* **Shift+m** will sort the processes by memory usage.
* **Shift+p** Sort the processes by processor usage.
* **Shit+t** Sort the processes by time.
* **CTRL+l** Refresh screen.
htop can do everything using the shortcut keys without having to mention any options when launching it. However, you can use some flags when starting it.
For example, to start htop displaying only processes owned by given user, run:
```
$ htop -u <username>
```
Change the Output Refresh Interval:
```
$ htop -d 10
```
As you can see, htop usage is incredibly easier than the usage of top command.
Refer htop man pages to know more about the available options and functionalities.
```
$ man htop
```
Also, refer the project home page and HitHub repository.
+ [htop website](http://hisham.hm/htop/)
+ [htop GitHub Repository](https://github.com/hishamhm/htop)
#### 2\. Vtop
**Vtop** is yet another alternative to good-old top utility. It is a free and open source, command-line system activity monitor written in **NodeJS** and released under MIT. It uses unicode braille characters to draw CPU and Memory charts, helping you to visualize spikes.
Make sure you have NodeJS installed on your system. If not installed yet, refer the following guide.
Once node installed, run the following command to install Vtop.
```
$ npm install -g vtop
```
After installing Vtop, simply run vtop to start monitoring.
```
$ vtop
```
Sample output:
![][3]
As you can see, Vtop interface is little bit different than top and htop programs. It displays each details in a separate box layout. You will see all shortcuts keys to interact with Vtop at the bottom.
Here is the list of shortcuts:
* **dd** Kill the processes.
* **UP** arrow or **k** Move up.
* **DOWN** arrow or **j** Move down.
* **Left** arrow or or **h** to Zoom the graphs in.
* **Right** arrow or **l** Zoom the graphs out.
* **g** Jump to top of the process list.
* **SHIFT+g** Jump to end of the process list.
* **c** Sort processes by CPU usage.
* **m** Sort processes by memory usage.
For more details, refer the following Vtop resources.
+ [Vtop website](http://parall.ax/vtop)
+ [Vtop GitHub Repository](https://github.com/MrRio/vtop)
#### 3\. Gtop
Gtop is same as Vtop system activity monitor. It is also written in NodeJS and released under MIT license.
To install it, run:
```
$ npm install gtop -g
```
Start gtop using command:
```
$ gtop
```
Sample output:
![](https://www.ostechnix.com/wp-content/uploads/2018/11/gtop.png)
I noticed Gtop interface is very nice. It showed each elements with different set of colors which is eye-pleasing.
Keyboard shortcuts:
* **p** Sort processes by process Id.
* **c** Sort processes by CPU usage.
* **m** Sort processes by Memory usage.
* **q** or **ctrl+c** Quit Gtop.
For more details, visit Gtop GitHub page.
+ [Gtop GitHub Repository](https://github.com/aksakalli/gtop)
#### 4\. Gotop
As the name says, **Gotop** is a TUI graphical activity monitor, written in **Go** programming language. It is completely free, open source and inspired by **gtop** and **vtop** programs which we mentioned in the previous sections. We already have written about it a while ago. If youre interested to learn about it, please visit the following link.
+ [Gotop Yet Another TUI Graphical Activity Monitor, Written In Go
](https://www.ostechnix.com/manage-python-packages-using-pip/)
#### 5\. Ptop
Some of you might not like programs written in NodeJS and Go. If youre one of them, there is another process monitor program named **Ptop** , which is written in **Python** programming language. It is free, open source system activity monitor, released under MIT license.
Ptop is compatible with both Python2.x and Python3.x, so you can easily install it using **Pip** , a package manager to install programs developed in Python. If you havent installed Pip yet, refer the following link.
+ [How To Manage Python Packages Using Pip](https://www.ostechnix.com/manage-python-packages-using-pip/)
After installing Pip, run the following command to install ptop.
```
$ pip install ptop
```
Or, you can compile from source as shown below.
```
$ git clone https://github.com/darxtrix/ptop
$ cd ptop/
$ pip install -r requirements.txt # install requirements
$ sudo python setup.py install
```
To update Ptop, run:
```
$ pip install --upgrade ptop
```
Even if you dont update, Ptop will prompt you if youd like to update to the latest version when launch it for the first time.
Now, let us run ptop and see what happens.
```
$ ptop
```
Here you go!
![](https://www.ostechnix.com/wp-content/uploads/2018/11/ptop-1.png)
Here is the list of shortcuts keys to interact with ptop:
* **Ctrl+k** Kill the process.
* **Ctrl+n** Sort processes by memory usage.
* **Ctrl+t** Sort processes by process lifetime.
* **Ctrl+r** Reset the stats.
* **Ctrl+f** Filter a specific process information. Just type process name and you will see its details only.
* **Ctrl+l** View the information of a selected process.
* **g** Go to the top of the process list.
* **Ctrl+q** Quit Ptop.
Ptop has a feature to change the theme. If you want a pretty output of Ptop, you could use any one of the available themes. Currently the following themes are supported:
* colorful
* elegant
* simple
* dark
* light
To set a theme, for example colorful, simply run:
```
$ ptop -t colorful
```
To view help section, use **-h** :
```
$ ptop -h
```
For more details, refer the projects GitHub page.
+ [Ptop Github Repository](https://github.com/darxtrix/ptop)
#### 6\. Hegemon
**Hegemon** is another system activity monitor application written in **Rust** programming language. If youre fan of programs written in Rust, hegemon might be a good choice. We have published a brief review about Hegemon a while ago. Please visit the following link to know more about this tool.
[Hegemon A Modular System Monitor Application Written In Rust](https://www.ostechnix.com/hegemon-a-modular-system-monitor-application-written-in-rust/)
### Conclusion
You know now six alternatives to Top program. I wont claim these programs are better than or best replacement for top program. But it is always nice to know some alternatives. I use htop mostly to monitor the processes. Now is your turn. Have you used any tools listed here? Great! Which is your favorite tool and why? Please share your experience in the comment section below.
More good stuffs to come. Stay tuned!
Cheers!
--------------------------------------------------------------------------------
via: https://www.ostechnix.com/some-alternatives-to-top-command-line-utility-you-might-want-to-know/
作者:[SK][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.ostechnix.com/author/sk/
[b]: https://github.com/lujun9972
[1]: https://www.ostechnix.com/the-top-command-tutorial-with-examples-for-beginners/
[2]: data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7
[3]: http://www.ostechnix.com/wp-content/uploads/2018/11/vtop.png